[PATCH 4/4] of: request reserved memory regions so other code can't

Thu Jun 9 01:36:07 PDT 2022

On 09.06.22 10:31, Sascha Hauer wrote:
> On Thu, Jun 09, 2022 at 07:43:42AM +0200, Ahmad Fatoum wrote:
>> From: Rouven Czerwinski <r.czerwinski at pengutronix.de>
>>
>> Add a reserved_mem_read initcall which parses the reserved-memory
>> entries and adds barebox of reserve entries. This avoids e.g. bootm
>> trying to place the kernel into a reserved region.
>>
>> Signed-off-by: Rouven Czerwinski <r.czerwinski at pengutronix.de>
>> Signed-off-by: Ahmad Fatoum <a.fatoum at pengutronix.de>
>> ---
>> Compared with Rouven's v2, rename OF_RESERVE_ENTRY_FLAG_NO_RESERVE
>> to NO_FIXUP and read both /reserved-memory and /memreserve
>> to request memory regions.
>> ---
>>  common/memory.c     | 21 +++++++++++++++++++--
>>  drivers/of/Makefile |  1 +
>>  drivers/of/fdt.c    | 12 ++++++++----
>>  include/of.h        |  2 ++
>>  4 files changed, 30 insertions(+), 6 deletions(-)
>>
>> diff --git a/common/memory.c b/common/memory.c
>> index 95995bb6e310..b40c74bfe97f 100644
>> --- a/common/memory.c
>> +++ b/common/memory.c
>> @@ -12,6 +12,7 @@
>>  #include <asm-generic/memory_layout.h>
>>  #include <asm/sections.h>
>>  #include <malloc.h>
>> +#include <of.h>
>>  
>>  /*
>>   * Begin and End of memory area for malloc(), and current "brk"
>> @@ -53,9 +54,12 @@ void mem_malloc_init(void *start, void *end)
>>  	mem_malloc_initialized = 1;
>>  }
>>  
>> -#if !defined __SANDBOX__
>>  static int mem_malloc_resource(void)
>>  {
>> +	struct of_reserve_map *map;
>> +	int i;
>> +
>> +#if !defined __SANDBOX__
>>  	/*
>>  	 * Normally it's a bug when one of these fails,
>>  	 * but we have some setups where some of these
>> @@ -80,10 +84,23 @@ static int mem_malloc_resource(void)
>>  #ifdef STACK_BASE
>>  	request_sdram_region("stack", STACK_BASE, STACK_SIZE);
>>  #endif
>> +#endif
>> +
>> +	map = of_get_reserve_map();
>> +	if (!map)
>> +		return 0;
>> +
>> +	for (i = 0; i < map->num_entries; i++) {
>> +		const char *name;
>> +
>> +		name = map->runtime_fw & BIT(i) ? "protected code" : "protected data";
>> +		request_sdram_region(name, map->start[i],
>> +				     map->end[i] - map->start[i] + 1);
>> +	}
> 
> Regions for entries that are present up to this point are always requested
> whereas regions for entries that are added later are never requested.
> This only works for you because all regions you are interested in
> (OPTEE, ppa) happen to be registered before this point while all others
> that you can't do a request_sdram_region() on happen to be added after
> this point. That looks quite fragile.

I can't do request_sdram_region before the SDRAM is registered. 

> If you want to protect OPTEE resources then call request_sdram_region()
> from the code instantiating OPTEE. In case of OPTEE this happens too
> early when the resource system is not yet ready, so pick it up in a
> later initcall.

This here is the later initcall doing the requesting?

> 
> Sascha
> 

-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |