Message ID | 1447691693-20318-2-git-send-email-yorksun@freescale.com |
---|---|
State | Superseded |
Delegated to: | York Sun |
Headers | show |
On Mon, 2015-11-16 at 08:34 -0800, York Sun wrote: > Secure memory is at the end of memory, separated and reserved > from OS, tracked by gd->secure_ram. Secure memory can host > MMU tables, security monitor, etc. Don't see the difference with pram here? Also, do you really wan't to hide the memory from Linux or will a resv map do? You get a lot of small TLB maps if memory is non power of 2 Jocke > > Signed-off-by: York Sun <yorksun@freescale.com> > > --- > > Changes in v4: None > Changes in v3: > Put ifdef around secure_ram > Move defining CONFIG_SYS_MEM_RESERVE_SECURE to patch 2/2 > > Changes in v2: > Do not use CONFIG_SYS_MEM_TOP_HIDE mechanism > > Changes in v1: > Initial patch. > Depends on http://patchwork.ozlabs.org/patch/540248/ > > README | 8 ++++++++ > common/board_f.c | 9 +++++++++ > include/asm-generic/global_data.h | 4 ++++ > 3 files changed, 21 insertions(+) > > diff --git a/README b/README > index ef8d437..61cbc82 100644 > --- a/README > +++ b/README > @@ -3881,6 +3881,14 @@ Configuration Settings: > Scratch address used by the alternate memory test > You only need to set this if address zero isn't writeable > > +- CONFIG_SYS_MEM_RESERVE_SECURE > + If defined, the size of CONFIG_SYS_MEM_RESERVE_SECURE memory > + is substracted from total RAM and won't be reported to OS. > + This memory can be used as secure memory. A variable > + gd->secure_ram is used to track the location. In systems > + the RAM base is not zero, or RAM is divided into banks, > + this variable needs to be recalcuated to get the address. > + > - CONFIG_SYS_MEM_TOP_HIDE (PPC only): > If CONFIG_SYS_MEM_TOP_HIDE is defined in the board config header, > this specified memory area will get subtracted from the top > diff --git a/common/board_f.c b/common/board_f.c > index 725eb18..8061105 100644 > --- a/common/board_f.c > +++ b/common/board_f.c > @@ -323,6 +323,15 @@ static int setup_dest_addr(void) > * Ram is setup, size stored in gd !! > */ > debug("Ram size: %08lX\n", (ulong)gd->ram_size); > +#ifdef CONFIG_SYS_MEM_RESERVE_SECURE > + /* Reserve memory for secure MMU tables, and/or security monitor */ > + gd->ram_size -= CONFIG_SYS_MEM_RESERVE_SECURE; > + /* > + * Record secure memory location. Need recalcuate if memory splits > + * into banks, or the ram base is not zero. > + */ > + gd->secure_ram = gd->ram_size; > +#endif > #if defined(CONFIG_SYS_MEM_TOP_HIDE) > /* > * Subtract specified amount of memory to hide so that it won't > diff --git a/include/asm-generic/global_data.h b/include/asm-generic/global_data.h > index d0383f3..8cdafd6 100644 > --- a/include/asm-generic/global_data.h > +++ b/include/asm-generic/global_data.h > @@ -58,6 +58,10 @@ typedef struct global_data { > > unsigned long relocaddr; /* Start address of U-Boot in RAM */ > phys_size_t ram_size; /* RAM size */ > +#ifdef CONFIG_SYS_MEM_RESERVE_SECURE > + /* Secure memory addr. LSB is a flag for "secured". */ > + phys_addr_t secure_ram; > +#endif > unsigned long mon_len; /* monitor len */ > unsigned long irq_sp; /* irq stack pointer */ > unsigned long start_addr_sp; /* start_addr_stackpointer */
On 11/16/2015 09:11 AM, Joakim Tjernlund wrote: > On Mon, 2015-11-16 at 08:34 -0800, York Sun wrote: >> Secure memory is at the end of memory, separated and reserved >> from OS, tracked by gd->secure_ram. Secure memory can host >> MMU tables, security monitor, etc. > > Don't see the difference with pram here? > Also, do you really wan't to hide the memory from Linux or will > a resv map do? You get a lot of small TLB maps if memory is non power of 2 > Jocke, It is different from pram. First, it is at the end of memory, not the top of u-boot memory. The difference is where u-boot runs in memory. Second, the size is much bigger, even this patch doesn't limit the size. In my system, I reserve 2MB memory. Since we already have CONFIG_SYS_MEM_TOP_HIDE, I think it is a good way to reserve big chunk of memory without fragmentation. In my system, the end of usable memory is aligned with 512MB. York
diff --git a/README b/README index ef8d437..61cbc82 100644 --- a/README +++ b/README @@ -3881,6 +3881,14 @@ Configuration Settings: Scratch address used by the alternate memory test You only need to set this if address zero isn't writeable +- CONFIG_SYS_MEM_RESERVE_SECURE + If defined, the size of CONFIG_SYS_MEM_RESERVE_SECURE memory + is substracted from total RAM and won't be reported to OS. + This memory can be used as secure memory. A variable + gd->secure_ram is used to track the location. In systems + the RAM base is not zero, or RAM is divided into banks, + this variable needs to be recalcuated to get the address. + - CONFIG_SYS_MEM_TOP_HIDE (PPC only): If CONFIG_SYS_MEM_TOP_HIDE is defined in the board config header, this specified memory area will get subtracted from the top diff --git a/common/board_f.c b/common/board_f.c index 725eb18..8061105 100644 --- a/common/board_f.c +++ b/common/board_f.c @@ -323,6 +323,15 @@ static int setup_dest_addr(void) * Ram is setup, size stored in gd !! */ debug("Ram size: %08lX\n", (ulong)gd->ram_size); +#ifdef CONFIG_SYS_MEM_RESERVE_SECURE + /* Reserve memory for secure MMU tables, and/or security monitor */ + gd->ram_size -= CONFIG_SYS_MEM_RESERVE_SECURE; + /* + * Record secure memory location. Need recalcuate if memory splits + * into banks, or the ram base is not zero. + */ + gd->secure_ram = gd->ram_size; +#endif #if defined(CONFIG_SYS_MEM_TOP_HIDE) /* * Subtract specified amount of memory to hide so that it won't diff --git a/include/asm-generic/global_data.h b/include/asm-generic/global_data.h index d0383f3..8cdafd6 100644 --- a/include/asm-generic/global_data.h +++ b/include/asm-generic/global_data.h @@ -58,6 +58,10 @@ typedef struct global_data { unsigned long relocaddr; /* Start address of U-Boot in RAM */ phys_size_t ram_size; /* RAM size */ +#ifdef CONFIG_SYS_MEM_RESERVE_SECURE + /* Secure memory addr. LSB is a flag for "secured". */ + phys_addr_t secure_ram; +#endif unsigned long mon_len; /* monitor len */ unsigned long irq_sp; /* irq stack pointer */ unsigned long start_addr_sp; /* start_addr_stackpointer */
Secure memory is at the end of memory, separated and reserved from OS, tracked by gd->secure_ram. Secure memory can host MMU tables, security monitor, etc. Signed-off-by: York Sun <yorksun@freescale.com> --- Changes in v4: None Changes in v3: Put ifdef around secure_ram Move defining CONFIG_SYS_MEM_RESERVE_SECURE to patch 2/2 Changes in v2: Do not use CONFIG_SYS_MEM_TOP_HIDE mechanism Changes in v1: Initial patch. Depends on http://patchwork.ozlabs.org/patch/540248/ README | 8 ++++++++ common/board_f.c | 9 +++++++++ include/asm-generic/global_data.h | 4 ++++ 3 files changed, 21 insertions(+)