From: Jan Kiszka <[email protected]> U-Boot places its PSCI EL3 code somewhere in the top 1 MB, and Jailhouse so far overwrote this during enabling - because it was not secured. This slipped through widely unnoticed as long as no one tried physical CPU offline/online after Jailhouse ran. But since we implemented Spectre mitigation, we started to query the firmware - and crashed. Avoid this by keeping some safe gap to the firmware, reducing the hypervisor memory by 1M, just like on the Jetson TK1.
Fixes: MiniDebConf 2019 live demo Signed-off-by: Jan Kiszka <[email protected]> --- Changes in v2: - it turned out that the previous 320K wasn't enough - align with TK1 configs/arm/orangepi0.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configs/arm/orangepi0.c b/configs/arm/orangepi0.c index e45c8d62..5b52f60a 100644 --- a/configs/arm/orangepi0.c +++ b/configs/arm/orangepi0.c @@ -28,7 +28,7 @@ struct { .flags = JAILHOUSE_SYS_VIRTUAL_DEBUG_CONSOLE, .hypervisor_memory = { .phys_start = 0x4f800000, - .size = 0x800000, + .size = 0x800000 - 0x100000, /* -1MB (PSCI) */ }, .debug_console = { .address = 0x01c28000, -- 2.16.4 -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jailhouse-dev/69ac2d7f-2b2f-22a5-9189-f28a9dc8dede%40siemens.com. For more options, visit https://groups.google.com/d/optout.
