rpi4: Reserve resident BL31 region from non-secure world

The GPU firmware loads the armstub8.bin (BL31) image at address 0, the
beginning of DRAM. As this holds the resident PSCI code and the SMP
pens, the non-secure world should better know about this, to avoid
accessing memory owned by TF-A. This is particularly criticial as the
Raspberry Pi 4 does not feature a secure memory controller, so
overwriting code is a very real danger.

Use the newly introduced function to add a node into reserved-memory
node, where non-secure world can check for regions to be excluded from
its mappings.

Reserve the first 512KB of memory for now. We can refine this later if
need be.

Change-Id: I00e55e70c5c02615320d79ff35bc32b805d30770
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
This commit is contained in:
Andre Przywara 2019-07-22 00:04:40 +01:00
parent f67fa69cb6
commit 2b19e2f361
1 changed files with 4 additions and 0 deletions

View File

@ -245,6 +245,10 @@ static void rpi4_prepare_dtb(void)
return;
}
/* Reserve memory used by Trusted Firmware. */
if (fdt_add_reserved_memory(dtb, "atf@0", 0, 0x80000))
WARN("Failed to add reserved memory nodes to DT.\n");
ret = fdt_pack(dtb);
if (ret < 0)
ERROR("Failed to pack Device Tree at %p: error %d\n", dtb, ret);