From: Suzuki K Poulose <suzuki.poulose@xxxxxxx> A Realm must ensure that the "RAM" region is set to RIPAS_RAM, before any access is made. This patch makes sure that all memory blocks are marked as RIPAS_RAM. Also, before we relocate the "FDT" and "initrd", make sure the target location is marked too. This happens before we parse the memory blocks. It is OK to do this operation on a given IPA multiple times. So, we don't exclude the inital image areas from the "target" list. Also, this operation doesn't require the host to commit physical memory to back the IPAs yet. It can be done on demand via fault handling. Signed-off-by: Suzuki K Poulose <suzuki.poulose@xxxxxxx> Signed-off-by: Joey Gouly <joey.gouly@xxxxxxx> --- lib/arm/setup.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/lib/arm/setup.c b/lib/arm/setup.c index 36d4d826..7b3dc0b8 100644 --- a/lib/arm/setup.c +++ b/lib/arm/setup.c @@ -181,6 +181,7 @@ static void mem_init(phys_addr_t freemem_start) while (r && r->end != mem.end) r = mem_region_find(r->end); assert(r); + arm_set_memory_protected(r->start, r->end - r->start); /* Ensure our selected freemem range is somewhere in our full range */ assert(freemem_start >= mem.start && freemem->end <= mem.end); @@ -252,6 +253,11 @@ void setup(const void *fdt, phys_addr_t freemem_start) /* Move the FDT to the base of free memory */ fdt_size = fdt_totalsize(fdt); + /* + * Before we touch the memory @freemem, make sure it + * is set to protected for Realms. + */ + arm_set_memory_protected((unsigned long)freemem, fdt_size); ret = fdt_move(fdt, freemem, fdt_size); assert(ret == 0); ret = dt_init(freemem); @@ -263,6 +269,7 @@ void setup(const void *fdt, phys_addr_t freemem_start) assert(ret == 0 || ret == -FDT_ERR_NOTFOUND); if (ret == 0) { initrd = freemem; + arm_set_memory_protected((unsigned long)initrd, initrd_size); memmove(initrd, tmp, initrd_size); freemem += initrd_size; } -- 2.17.1