[U-Boot] [PATCH 6/8] ARMv8: PSCI: Fixup the device tree for PSCI v0.2
Stuart Yoder
stuart.yoder at freescale.com
Tue Sep 2 17:21:24 CEST 2014
> > The idea here is that if there is no PSCI specific (most likely secure)
> > memory allocated in the system, the macro "CONFIG_ARMV8_SECURE_BASE"
> > will not be defined. In this case the PSCI vector table and its support
> > code will be in DDR and will be protected from Linux using memreserve.
>
> Sure, this will prevent the OS from explicitly modifying this memory.
>
> However, the OS will still map the memory. This renders the protection
> incomplete due to the possibility of mismatched attributes and/or
> unexpected cache hits resulting in nasty coherency problems. We are
> likely to get away with this most of the time (if the kernel and U-Boot
> use the same attributes), but it would be very easy to blow things up
> accidentally.
>
> The only way to prevent that is to completely remove a portion of the
> memory from the view of the OS, such that it doesn't map the memory at
> all.
Can't this be done by simply removing that secure portion of memory
from the memory advertised in the memory node of the device tree passed
to the non-secure OS? ...should prevent the OS from mapping the memory.
Stuart
More information about the U-Boot
mailing list