ARM: Add an empty secure stack section
Until now we've been using memory beyond psci_text_end as stack space
for the secure monitor or PSCI implementation, even if space was not
allocated for it.
This was partially fixed in ("ARM: allocate extra space for PSCI stack
in secure section during link phase"). However, calculating stack space
from psci_text_end in one place, while allocating the space in another
is error prone.
This patch adds a separate empty secure stack section, with space for
CONFIG_ARMV7_PSCI_NR_CPUS stacks, each 1 KB. There's also
__secure_stack_start and __secure_stack_end symbols. The linker script
handles calculating the correct VMAs for the stack section. For
platforms that relocate/copy the secure monitor before using it, the
space is not allocated in the executable, saving space.
For platforms that do not define CONFIG_ARMV7_PSCI_NR_CPUS, a whole page
of stack space for 4 CPUs is allocated, matching the previous behavior.
Signed-off-by: Chen-Yu Tsai <wens@csie.org>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
diff --git a/arch/arm/cpu/u-boot.lds b/arch/arm/cpu/u-boot.lds
index ba17778..002706a 100644
--- a/arch/arm/cpu/u-boot.lds
+++ b/arch/arm/cpu/u-boot.lds
@@ -8,6 +8,7 @@
*/
#include <config.h>
+#include <asm/psci.h>
OUTPUT_FORMAT("elf32-littlearm", "elf32-littlearm", "elf32-littlearm")
OUTPUT_ARCH(arm)
@@ -68,18 +69,31 @@
*(._secure.text)
}
- . = LOADADDR(.__secure_start) +
- SIZEOF(.__secure_start) +
- SIZEOF(.secure_text);
-
+ .secure_stack ALIGN(ADDR(.secure_text) + SIZEOF(.secure_text),
+ CONSTANT(COMMONPAGESIZE)) (NOLOAD) :
#ifdef __ARMV7_PSCI_STACK_IN_RAM
- /* Align to page boundary and skip 2 pages */
- . = (. & ~ 0xfff) + 0x2000;
-#undef __ARMV7_PSCI_STACK_IN_RAM
+ AT(ADDR(.secure_stack))
+#else
+ AT(LOADADDR(.secure_text) + SIZEOF(.secure_text))
+#endif
+ {
+ KEEP(*(.__secure_stack_start))
+
+ /* Skip addreses for stack */
+ . = . + CONFIG_ARMV7_PSCI_NR_CPUS * ARM_PSCI_STACK_SIZE;
+
+ /* Align end of stack section to page boundary */
+ . = ALIGN(CONSTANT(COMMONPAGESIZE));
+
+ KEEP(*(.__secure_stack_end))
+ }
+
+#ifndef __ARMV7_PSCI_STACK_IN_RAM
+ /* Reset VMA but don't allocate space if we have secure SRAM */
+ . = LOADADDR(.secure_stack);
#endif
- __secure_end_lma = .;
- .__secure_end : AT(__secure_end_lma) {
+ .__secure_end : AT(ADDR(.__secure_end)) {
*(.__secure_end)
LONG(0x1d1071c); /* Must output something to reset LMA */
}
diff --git a/arch/arm/include/asm/armv7.h b/arch/arm/include/asm/armv7.h
index 423fc70..a20702e 100644
--- a/arch/arm/include/asm/armv7.h
+++ b/arch/arm/include/asm/armv7.h
@@ -126,6 +126,8 @@
extern char __secure_start[];
extern char __secure_end[];
+extern char __secure_stack_start[];
+extern char __secure_stack_end[];
#endif /* CONFIG_ARMV7_NONSEC */
diff --git a/arch/arm/include/asm/psci.h b/arch/arm/include/asm/psci.h
index bc5edda..dab5769 100644
--- a/arch/arm/include/asm/psci.h
+++ b/arch/arm/include/asm/psci.h
@@ -47,6 +47,10 @@
#define ARM_PSCI_0_2_FN_SYSTEM_OFF ARM_PSCI_0_2_FN(8)
#define ARM_PSCI_0_2_FN_SYSTEM_RESET ARM_PSCI_0_2_FN(9)
+/* 1KB stack per core */
+#define ARM_PSCI_STACK_SHIFT 10
+#define ARM_PSCI_STACK_SIZE (1 << ARM_PSCI_STACK_SHIFT)
+
#ifndef __ASSEMBLY__
#include <asm/types.h>
diff --git a/arch/arm/lib/sections.c b/arch/arm/lib/sections.c
index 6a94522..952e8ae 100644
--- a/arch/arm/lib/sections.c
+++ b/arch/arm/lib/sections.c
@@ -27,6 +27,8 @@
char __rel_dyn_end[0] __attribute__((section(".__rel_dyn_end")));
char __secure_start[0] __attribute__((section(".__secure_start")));
char __secure_end[0] __attribute__((section(".__secure_end")));
+char __secure_stack_start[0] __attribute__((section(".__secure_stack_start")));
+char __secure_stack_end[0] __attribute__((section(".__secure_stack_end")));
char __efi_runtime_start[0] __attribute__((section(".__efi_runtime_start")));
char __efi_runtime_stop[0] __attribute__((section(".__efi_runtime_stop")));
char __efi_runtime_rel_start[0] __attribute__((section(".__efi_runtime_rel_start")));