[U-Boot] [PATCH v2] ARM: Disable "DISCARD" for secure section if CONFIG_ARMV7_SECURE_BASE isn't defined

Dongsheng Wang dongsheng.wang at nxp.com
Mon Jan 18 04:02:40 CET 2016 

From: Wang Dongsheng <dongsheng.wang at nxp.com>

"DISCARD" will remove ._secure.text relocate, but PSCI framework
has already used some absolute address those need to relocate.

Use readelf -t -r u-boot show us:
.__secure_start		addr: 601408e4
.__secure_end		addr: 60141460

60141140  00000017 R_ARM_RELATIVE
46	_secure_monitor:
47	#ifdef CONFIG_ARMV7_PSCI
48      ldr     r5, =_psci_vectors

60141194  00000017 R_ARM_RELATIVE
6014119c  00000017 R_ARM_RELATIVE
601411a4  00000017 R_ARM_RELATIVE
601411ac  00000017 R_ARM_RELATIVE
64	_psci_table:
66	.word	psci_cpu_suspend
...
72	.word	psci_migrate

60141344  00000017 R_ARM_RELATIVE
6014145c  00000017 R_ARM_RELATIVE
202	ldr     r5, =psci_text_end

Solutions:
1. Change absolute address to RelAdr.
   Based on LDR (immediate, ARM), we only have 4K offset to jump.
Now PSCI code size is close to 4K size that is LDR limit jump size,
so even if the LDR is based on the current instruction address,
there is also have a risk for RelAdr. If we use two jump steps I
think we can fix this issue, but looks too hack, so give up this way.

2. Enable "DISCARD" only for CONFIG_ARMV7_SECURE_BASE has defined.
   If CONFIG_ARMV7_SECURE_BASE is defined in platform, all of secure
will in the BASE address that is absolute.

Signed-off-by: Wang Dongsheng <dongsheng.wang at nxp.com>

diff --git a/arch/arm/cpu/u-boot.lds b/arch/arm/cpu/u-boot.lds
index d48a905..e148ab7 100644
--- a/arch/arm/cpu/u-boot.lds
+++ b/arch/arm/cpu/u-boot.lds
@@ -14,23 +14,24 @@ OUTPUT_ARCH(arm)
 ENTRY(_start)
 SECTIONS
 {
+#if defined(CONFIG_ARMV7_SECURE_BASE) && defined(CONFIG_ARMV7_NONSEC)
 	/*
-	 * Discard the relocation entries for secure text.
-	 * The secure code is bundled with u-boot image, so there will
-	 * be relocations entries for the secure code, since we use
-	 * "-mword-relocations" to compile and "-pie" to link into the
-	 * final image. We do not need the relocation entries for secure
-	 * code, because secure code will not be relocated, it only needs
-	 * to be copied from loading address to CONFIG_ARMV7_SECURE_BASE,
-	 * which is the linking and running address for secure code.
-	 * If keep the relocation entries in .rel.dyn section,
-	 * "relocation offset + linking address" may locates into an
-	 * address that is reserved by SoC, then will trigger data abort.
+	 * If CONFIG_ARMV7_SECURE_BASE is true, secure code will not
+	 * bundle with u-boot, and code offsets are fixed. Secure zone
+	 * only needs to be copied from the loading address to
+	 * CONFIG_ARMV7_SECURE_BASE, which is the linking and running
+	 * address for secure code.
 	 *
-	 * The reason that move .rel._secure at the beginning, is to
-	 * avoid hole in the final image.
+	 * If CONFIG_ARMV7_SECURE_BASE is undefined, the secure zone will
+	 * be included in u-boot address space, and some absolute address
+	 * were used in secure code. The absolute addresses of the secure
+	 * code also needs to be relocated along with the accompanying u-boot
+	 * code.
+	 *
+	 * So DISCARD is only for CONFIG_ARMV7_SECURE_BASE.
 	 */
 	/DISCARD/ : { *(.rel._secure*) }
+#endif
 	. = 0x00000000;
 
 	. = ALIGN(4);
-- 
2.1.0.27.g96db324

More information about the U-Boot mailing list