[PATCH 1/4] lib: optee: Avoid CONFIG_TZDRAM_* in optee_verify_bootm_image()
Tom Rini
trini at konsulko.com
Wed Oct 6 00:01:51 CEST 2021
On Tue, Sep 07, 2021 at 12:07:06PM -0500, Alexandru Gagniuc wrote:
> The configs TZDRAM_BASE and TZDRAM_SIZE are expected to describe the
> memory allocated to the OPTEE region. according to according to commit
> c5a6e8bd00cc ("optee: Add optee_verify_bootm_image()"). The TZDRAM is
> with some limitations, described by "/reserved-memory" nodes in the
> devicetree.
>
> Consequently TZDRAM_BASE and TZDRAM_SIZE can point to imaginary
> regions which have nothing to do with actual DRAM. They are not used
> to configure the hardware or set up the Trust Zone Controller (TZC)
> for OP-TEE -- the devicetree values are used instead.
>
> When a valid OP-TEE image does not fall within the region described by
> these configs, u-boot will refuse to load it. In fact, it mostly
> serves to cause "bootm" to reject perfectly good OP-TEE images.
>
> Ironically, someone has to correctly configure the devicetree for
> TZDRAM, then go back and enter the same information in Kconfig for
> "bootm". To remedy this, do not use TZDRAM_BASE and TZDRAM_SIZE in the
> verification of OPTEE images.
>
> Signed-off-by: Alexandru Gagniuc <mr.nuke.me at gmail.com>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20211005/24a403c2/attachment.sig>
More information about the U-Boot
mailing list