[U-Boot] [PATCH 6/8] ARMv8: PSCI: Fixup the device tree for PSCI v0.2

Mark Rutland mark.rutland at arm.com
Wed Sep 3 17:25:06 CEST 2014


On Tue, Sep 02, 2014 at 04:21:24PM +0100, Stuart Yoder wrote:
> > > The idea here is that if there is no PSCI specific (most likely secure)
> > > memory allocated in the system, the macro "CONFIG_ARMV8_SECURE_BASE"
> > > will not be defined. In this case the PSCI vector table and its support
> > > code will be in DDR and will be protected from Linux using memreserve.
> > 
> > Sure, this will prevent the OS from explicitly modifying this memory.
> > 
> > However, the OS will still map the memory. This renders the protection
> > incomplete due to the possibility of mismatched attributes and/or
> > unexpected cache hits resulting in nasty coherency problems. We are
> > likely to get away with this most of the time (if the kernel and U-Boot
> > use the same attributes), but it would be very easy to blow things up
> > accidentally.
> > 
> > The only way to prevent that is to completely remove a portion of the
> > memory from the view of the OS, such that it doesn't map the memory at
> > all.
> 
> Can't this be done by simply removing that secure portion of memory
> from the memory advertised in the memory node of the device tree passed
> to the non-secure OS?  ...should prevent the OS from mapping the memory.

Yes, removing such memory entirely from the memory nodes would work.

The only caveat (I believe) is that it would be necessary to remove such
memory in 2MB naturally-aligned chunks due to the way Linux maps memory.

I intend to at some point decouple the Linux linear mapping from the
text mapping, so that Linux can address meemory below it. So it's vital
to remove the memory enitrely from the view of the kernel rather than
just loading the kernel 2MB higher.

Mark.


More information about the U-Boot mailing list