On 07/30/2015 05:04 AM, Thierry Reding wrote:
On Wed, Jul 29, 2015 at 01:47:58PM -0600, Stephen Warren wrote:
From: Stephen Warren swarren@nvidia.com
Additionally, ARM64 devices typically run a secure monitor in EL3 and U-Boot in EL2, and set up some secure RAM carve-outs to contain the EL3 code and data. These carve-outs are located at the top of 32-bit address space. Restrict U-Boot's RAM usage to well below the location of those carve-outs. Ideally, we would the secure monitor would inform U-Boot of exactly which RAM it could use at run-time. However, I'm not sure how to do that at present (and even if such a mechanism does exist, it would likely not be generic across all forms of secure monitor).
0xe0000000-0xffffffff is 512 MiB, surely a secure monitor can live with less than that!
I'm sure it does. However, it's a nice round number and leaves plenty of space for arbitrary expansion of the secure monitor, secure OS, other security-related carve-outs, (video regions, LP0 resume firmware, etc.) There's still plenty of space left for U-Boot after that.