[U-Boot] [PATCH v4 1/2] Reserve secure memory
Joakim Tjernlund
Joakim.Tjernlund at infinera.com
Mon Nov 16 18:11:22 CET 2015
On Mon, 2015-11-16 at 08:34 -0800, York Sun wrote:
> Secure memory is at the end of memory, separated and reserved
> from OS, tracked by gd->secure_ram. Secure memory can host
> MMU tables, security monitor, etc.
Don't see the difference with pram here?
Also, do you really wan't to hide the memory from Linux or will
a resv map do? You get a lot of small TLB maps if memory is non power of 2
Jocke
>
> Signed-off-by: York Sun <yorksun at freescale.com>
>
> ---
>
> Changes in v4: None
> Changes in v3:
> Put ifdef around secure_ram
> Move defining CONFIG_SYS_MEM_RESERVE_SECURE to patch 2/2
>
> Changes in v2:
> Do not use CONFIG_SYS_MEM_TOP_HIDE mechanism
>
> Changes in v1:
> Initial patch.
> Depends on http://patchwork.ozlabs.org/patch/540248/
>
> README | 8 ++++++++
> common/board_f.c | 9 +++++++++
> include/asm-generic/global_data.h | 4 ++++
> 3 files changed, 21 insertions(+)
>
> diff --git a/README b/README
> index ef8d437..61cbc82 100644
> --- a/README
> +++ b/README
> @@ -3881,6 +3881,14 @@ Configuration Settings:
> Scratch address used by the alternate memory test
> You only need to set this if address zero isn't writeable
>
> +- CONFIG_SYS_MEM_RESERVE_SECURE
> + If defined, the size of CONFIG_SYS_MEM_RESERVE_SECURE memory
> + is substracted from total RAM and won't be reported to OS.
> + This memory can be used as secure memory. A variable
> + gd->secure_ram is used to track the location. In systems
> + the RAM base is not zero, or RAM is divided into banks,
> + this variable needs to be recalcuated to get the address.
> +
> - CONFIG_SYS_MEM_TOP_HIDE (PPC only):
> If CONFIG_SYS_MEM_TOP_HIDE is defined in the board config header,
> this specified memory area will get subtracted from the top
> diff --git a/common/board_f.c b/common/board_f.c
> index 725eb18..8061105 100644
> --- a/common/board_f.c
> +++ b/common/board_f.c
> @@ -323,6 +323,15 @@ static int setup_dest_addr(void)
> * Ram is setup, size stored in gd !!
> */
> debug("Ram size: %08lX\n", (ulong)gd->ram_size);
> +#ifdef CONFIG_SYS_MEM_RESERVE_SECURE
> + /* Reserve memory for secure MMU tables, and/or security monitor */
> + gd->ram_size -= CONFIG_SYS_MEM_RESERVE_SECURE;
> + /*
> + * Record secure memory location. Need recalcuate if memory splits
> + * into banks, or the ram base is not zero.
> + */
> + gd->secure_ram = gd->ram_size;
> +#endif
> #if defined(CONFIG_SYS_MEM_TOP_HIDE)
> /*
> * Subtract specified amount of memory to hide so that it won't
> diff --git a/include/asm-generic/global_data.h b/include/asm-generic/global_data.h
> index d0383f3..8cdafd6 100644
> --- a/include/asm-generic/global_data.h
> +++ b/include/asm-generic/global_data.h
> @@ -58,6 +58,10 @@ typedef struct global_data {
>
> unsigned long relocaddr; /* Start address of U-Boot in RAM */
> phys_size_t ram_size; /* RAM size */
> +#ifdef CONFIG_SYS_MEM_RESERVE_SECURE
> + /* Secure memory addr. LSB is a flag for "secured". */
> + phys_addr_t secure_ram;
> +#endif
> unsigned long mon_len; /* monitor len */
> unsigned long irq_sp; /* irq stack pointer */
> unsigned long start_addr_sp; /* start_addr_stackpointer */
More information about the U-Boot
mailing list