[U-Boot] [PATCH v5 7/7] efi_loader: Declare secure memory as reserved
Alexander Graf
agraf at suse.de
Mon Oct 17 09:10:59 CEST 2016
On 15.10.16 18:58, york sun wrote:
> On 10/15/2016 03:03 AM, Alexander Graf wrote:
>> Some systems may implemente TrustZone (EL3) in U-Boot. Those systems
>> reserve some memory that U-Boot is aware of as secure.
>>
>> For those systems, mask out that secure memory in the EFI memory map,
>> as it's not usable from EL2 or EL1.
>>
>> Signed-off-by: Alexander Graf <agraf at suse.de>
>>
>> ---
>>
>> v4 -> v5:
>>
>> - Use gd->arch.secure_ram
>> ---
>> lib/efi_loader/efi_memory.c | 15 +++++++++++++++
>> 1 file changed, 15 insertions(+)
>>
>> diff --git a/lib/efi_loader/efi_memory.c b/lib/efi_loader/efi_memory.c
>> index 95aa590..4966e48 100644
>> --- a/lib/efi_loader/efi_memory.c
>> +++ b/lib/efi_loader/efi_memory.c
>> @@ -474,5 +474,20 @@ int efi_memory_init(void)
>> efi_bounce_buffer = (void*)(uintptr_t)efi_bounce_buffer_addr;
>> #endif
>>
>> +#ifdef CONFIG_SYS_MEM_RESERVE_SECURE
>> + /* Declare secure ram as reserved */
>> + if (gd->arch.secure_ram & MEM_RESERVE_SECURE_SECURED) {
>> + uint64_t secure_start = gd->arch.secure_ram;
>> + uint64_t secure_pages = CONFIG_SYS_MEM_RESERVE_SECURE;
>> +
>> + secure_start &= MEM_RESERVE_SECURE_ADDR_MASK;
>> + secure_start &= ~EFI_PAGE_MASK;
>> + secure_pages = (secure_pages + EFI_PAGE_MASK) >> EFI_PAGE_SHIFT;
>> +
>> + efi_add_memory_map(secure_start, secure_pages,
>> + EFI_RESERVED_MEMORY_TYPE, false);
>> + }
>> +#endif
>> +
>> return 0;
>> }
>>
>
> Alex,
>
> Do you see any issue without this patch? The secure memory is not
> visible to OS. gd->ram_size is reduced to hide the secure memory.
We're building the memory map out of gd->bd->bi_dram rather than
ram_size, because it's perfectly reasonable for systems to have memory
holes.
So even if we're adjusting gd->ram_size, the OS will still see secure
memory. In fact, doesn't bootm do that as well?
arch/arm/lib/bootm-fdt.c: ret = fdt_fixup_memory_banks(blob,
start, size, CONFIG_NR_DRAM_BANKS);
On armv7, arch_fixup_fdt() removes the secure memory region from the
edge of a memory bank. But on armv8 I don't see anything like it?
Alex
More information about the U-Boot
mailing list