All of lore.kernel.org
 help / color / mirror / Atom feed
From: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
To: u-boot@lists.denx.de
Subject: [U-Boot] [PATCH] ARM: rmobile: Convert to bootm_size
Date: Tue, 27 Nov 2018 19:31:24 +0100	[thread overview]
Message-ID: <CAAh8qsw54aMo9KKA2hRMEajzO_MwhJfAq-MUFw6qg56BH2ceqA@mail.gmail.com> (raw)
In-Reply-To: <93b1f711-86ec-3b12-195f-6e447c1425ad@gmail.com>

On Tue, Nov 27, 2018 at 4:47 PM Marek Vasut <marek.vasut@gmail.com> wrote:
>
> On 11/27/2018 04:26 PM, Simon Goldschmidt wrote:
> > On 27.11.2018 14:09, Marek Vasut wrote:
> >> On 11/27/2018 01:33 PM, Simon Goldschmidt wrote:
> >>> On Tue, Nov 27, 2018 at 1:25 PM Marek Vasut <marek.vasut@gmail.com>
> >>> wrote:
> >>>> On 11/27/2018 08:03 AM, Simon Goldschmidt wrote:
> >>>>> On Tue, Nov 27, 2018 at 1:11 AM Marek Vasut <marek.vasut@gmail.com>
> >>>>> wrote:
> >>>>>> Convert all Renesas R-Car boards to bootm_size of 256 MiB and drop
> >>>>>> both
> >>>>>> fdt_high and initrd_high. This change implies that the FDT and initrd
> >>>>>> will always be copied into the first 256 MiB of RAM instead of being
> >>>>>> used in place, which can cause various kinds of inobvious problems.
> >>>>>>
> >>>>>> The simpler problems include FDT or initrd being overwritten or being
> >>>>>> used from unaligned addresses, especially on ARM64. The overhead of
> >>>>>> copying the FDT to aligned location is negligible and these problems
> >>>>>> go away, so the benefit is significant.
> >>>>>>
> >>>>>> Regarding alignment problems with fitImage. The alignment of DT
> >>>>>> properties
> >>>>>> is always 32 bits, which implies that the alignment of the "data"
> >>>>>> property
> >>>>>> in fitImage is also 32 bits. The /incbin/ syntax plays no role
> >>>>>> here. The
> >>>>>> kernel expects all elements, including DT and initrd, to be
> >>>>>> aligned to
> >>>>>> 64 bits on ARM64, thus using them in place may not be possible.
> >>>>>> Using the
> >>>>>> bootm_size assures correct alignment, again with negligible overhead.
> >>>>> In my opinion, all of these raw addresses defined in scripts or config
> >>>>> should be removed: They are probably vulnerable to overwriting
> >>>>> themselves as they only provide an address, not a range.
> >>>> This is not an address, it's size. And this one at least assures that
> >>>> the first 256 MiB are reserved for the kernel/FDT/initrd during
> >>>> bootm time.
> >>> Sorry I did not express myself clear enough. I meant that "fdt_high"
> >>> and "initrd_high" are bad because they contain an address only, not a
> >>> range. The 'bootm_size' thing is much better!
> >> Well the fdt_high and intrd_high can also contain a special ~0 value,
> >> which says "use the fdt/initrd in place", which is dangerous.
> >>
> >>>>> Just out of curiosity: is it required to put fdt and initrd into the
> >>>>> first 256 MiB or is this just some 'random' limit to ensure we use lmb
> >>>>> but don't overwrite U-Boot (text, heap, stack, etc)? Because if so, my
> >>>>> series to fix the recent CVE issues improves lmb to not overwrite
> >>>>> U-Boot and other reserved addresses and you might be able to remove
> >>>>> 'bootm_size', too. The improved lmb code would just allocate an
> >>>>> aligned address somewhere in the available RAM.
> >>>> It's just the first 256 MiB from the beginning, so there's enough space
> >>>> between that and U-Boot on all these boards.
> >>> Of course. I wanted to know if it would be good enough if U-Boot would
> >>> just put it somewhere without overwriting things or do you really need
> >>> them in the first 256 MiB? Because the revised lmb code would make
> >>> sure there's nothing overwritten, so there would be no need to trim at
> >>> 256 MiB.
> >> You can put them anywhere, you just need to meet the alignment
> >> requirements. Can the new LMB code help somehow with that ? And if so,
> >> how ?
> >
> > My additions to the LMB code should only ensure nothing gets overwritten
> > so you don't have to limit boom_size to 256MiB (but use the complete RAM
> > when bootm_size is not set).
> > Alignment does not change but should already be OK with LMB as you use it?
>
> If I can use the entire RAM (except U-Boot and fitImage), that'd be
> nice. What change do I need to do ?

I don't know yet, sorry. I basically asked this question to find out
about the usage of 'bootm_size'. It's not really documented and I
couldn't find out it's full meaning yet. Because e.g. it is set to 16
MiB for socfpga gen5, which sounds a little low...

From reading the code, doesn't it already work when leaving out
'bootm_size'? (And leaving out 'bootm_mapsize' as well and not
defining CONFIG_SYS_BOOTMAPSZ?)

But I don't really know, finding that out and making it work is one of
my goals for that series I'm working on. The series started with
allowing all subitems in a FIT to be uncompressed but I found some
issues there and it grows...

Regards,
Simon

  reply	other threads:[~2018-11-27 18:31 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-11-27  0:10 [U-Boot] [PATCH] ARM: rmobile: Convert to bootm_size Marek Vasut
2018-11-27  7:03 ` Simon Goldschmidt
2018-11-27 12:20   ` Marek Vasut
2018-11-27 12:33     ` Simon Goldschmidt
2018-11-27 13:09       ` Marek Vasut
2018-11-27 15:26         ` Simon Goldschmidt
2018-11-27 15:47           ` Marek Vasut
2018-11-27 18:31             ` Simon Goldschmidt [this message]
2018-11-27 19:06               ` Marek Vasut
2018-11-28  1:31               ` Tom Rini
2018-11-28  8:46                 ` Simon Goldschmidt
2018-11-28 12:19                   ` Tom Rini
2018-11-28 20:55                     ` Simon Goldschmidt
2019-03-05 18:42                       ` Eugeniu Rosca
2019-03-05 18:56                         ` Marek Vasut
2019-03-05 22:28                           ` Eugeniu Rosca
2019-03-05 22:57                             ` Marek Vasut
2018-11-28  1:23   ` Tom Rini
2018-11-27 12:17 ` Tom Rini

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAAh8qsw54aMo9KKA2hRMEajzO_MwhJfAq-MUFw6qg56BH2ceqA@mail.gmail.com \
    --to=simon.k.r.goldschmidt@gmail.com \
    --cc=u-boot@lists.denx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.