[U-Boot] [PATCH v2 04/11] ARM: allocate extra space for PSCI stack in secure section during link phase

Marc Zyngier marc.zyngier at arm.com
Thu May 26 18:51:12 CEST 2016


On 26/05/16 15:01, Chen-Yu Tsai wrote:
> The PSCI implementation expects at most 2 pages worth of space reserved
> at the end of the secure section for its stacks. If PSCI is relocated to
> secure SRAM, then everything is fine. If no secure SRAM is available,
> and PSCI remains in main memory, the reserved memory space doesn't cover
> the space used by the stack.
> 
> If one accesses PSCI after Linux has fully booted, the memory that should
> have been reserved for the PSCI stacks may have been used by the kernel
> or userspace, and would be corrupted. Observed after effects include the
> system hanging or telinit core dumping when trying to reboot. It seems
> the init process gets hit the most on my test bed.
> 
> This fix allocates the space used by the PSCI stacks in the secure
> section by skipping pages in the linker script, but only when there is
> no secure SRAM, to avoid bloating the binary.
> 
> This fix is only a stop gap. It would be better to rework the stack
> allocation mechanism, maybe with proper usage of CONFIG_ macros and an
> explicit symbol.
> 
> Signed-off-by: Chen-Yu Tsai <wens at csie.org>
> 
> squash! ARM: allocate extra space for PSCI stack in secure section during link phase
> ---
>  arch/arm/cpu/u-boot.lds | 7 +++++++
>  1 file changed, 7 insertions(+)
> 
> diff --git a/arch/arm/cpu/u-boot.lds b/arch/arm/cpu/u-boot.lds
> index cfab8b041234..0770f8c878d1 100644
> --- a/arch/arm/cpu/u-boot.lds
> +++ b/arch/arm/cpu/u-boot.lds
> @@ -50,6 +50,7 @@ SECTIONS
>  
>  #ifndef CONFIG_ARMV7_SECURE_BASE
>  #define CONFIG_ARMV7_SECURE_BASE
> +#define __ARMV7_ALLOCATE_SECURE_STACK

ALLOCATE_SECURE_STACK is a bit of a misnomer, because nothing is secure
at all there (it is in RAM).

Something like PSCI_RAM_STACK would be more accurate.

>  #endif
>  
>  	.__secure_start : {
> @@ -67,6 +68,12 @@ SECTIONS
>  		SIZEOF(.__secure_start) +
>  		SIZEOF(.secure_text);
>  
> +#ifdef __ARMV7_ALLOCATE_SECURE_STACK
> +	/* Align to page boundary and skip 2 pages */
> +	. = (. & ~ 0xfff) + 0x2000;
> +#undef __ARMV7_ALLOCATE_SECURE_STACK
> +#endif
> +
>  	__secure_end_lma = .;
>  	.__secure_end : AT(__secure_end_lma) {
>  		*(.__secure_end)
> 

Thanks,

	M.
-- 
Jazz is not dead. It just smells funny...


More information about the U-Boot mailing list