[U-Boot] [PATCH 04/11] spl: imx: Add optional lds to keep SPL entirely in on-chip RAM
Trent Piepho
tpiepho at impinj.com
Mon Jul 16 17:32:57 UTC 2018
On Sat, 2018-07-14 at 00:11 +0000, Henry Beberman wrote:
> From: Henry Beberman <henry.beberman at microsoft.com>
>
> This patch is part of the i.MX Windows 10 IoT Core boot flow.
>
> It adds a modified linker script for SPL to keep all segments in
> on-chip ram. This is to harden the device against potential leaks of
> device secrets by keeping them out of DRAM.
>
> Additionally if CONFIG_SYS_SPL_MALLOC_START is defined, it will
> override the CONFIG_SPL_SYS_MALLOC_SIMPLE and allocate space in DRAM
> instead of on-chip ram. This patch prevents the definition of those
> values for i.MX6 and i.MX7 SPL if CONFIG_OPTEE_SPL_BOOT is selected.
Is booting SPL from entirely from SRAM only useful in concert with
OPTEE?
For instance, if I'm building a device that doesn't use OPTEE and yet
want it to be secure, would I want to keep the SPL entirely in SRAM?
More information about the U-Boot
mailing list