[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH 0/4] virt: provide secure-only RAM and first fla

From: Ard Biesheuvel
Subject: Re: [Qemu-devel] [PATCH 0/4] virt: provide secure-only RAM and first flash
Date: Tue, 8 Mar 2016 19:16:02 +0700

On 8 March 2016 at 19:14, Paolo Bonzini <address@hidden> wrote:
> On 08/03/2016 13:13, Ard Biesheuvel wrote:
>> > As far as this QEMU port is concerned, having some flash in secure and
>> > some in non-secure is going to be useful regardless, and 64 MB is
>> > plenty for both the code and the data. So if users of the Trustzone
>> > port (which is disjoint from the KVM port in any case) can tolerate
>> > having the code and the variables in the same pflash file, I could
>> > simply move the code into the second flash, and we could reserve the
>> > first flash for secure (so it sits at physical address 0x0
>> Uhm, actually, the code is not even in the flash to begin with. So
>> having the second bank be non-secure only makes perfect sense imo
> Interesting, where is the code?

The UEFI code is loaded into DRAM by the secure firmware, and
relocated and executed from there.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]