MA-16203 Load boot/dtbo image to fixed memory

Only limited heap memory is available on imx8q platforms due to some memory is reserved for m4 image. Commit cd67414 will free avb verify data and thus help decrease the heap memory consumption. But when the device is locked, avb will try to verify one slot first, it will continue to verify another if the first slot returns failure. Function load_full_partition() will alloc memory to load boot/dtbo images from heap (which is a big and continuous memory region), this memory will be freed if the first slot returns verify failure. but because part of the continous memory region will be used in following verify process, even total available memory is enough, u-boot can't find a continous memory region to load the boot/dtbo image for another slot and will return error "Failed to allocate memory". Instead, this commit use fixed memory region start from 96MB offset of CONFIG_FASTBOOT_BUF_ADDR to load the boot/dtbo images. Test: slot verify and A/B slot switch. Change-Id: Ifc83bed5a6be37196c0fd109d942eaf9b07b6a74 Signed-off-by: Ji Luo <ji.luo@nxp.com>
author: Ji Luo <ji.luo@nxp.com> 2019-12-30 22:19:16 +0800
committer: Ji Luo <ji.luo@nxp.com> 2020-01-02 12:07:16 +0800
commit: 30ac5c4931e992fba5aef84ebbe321dfec24f24d (patch)
tree: 6e5bfaecd29d90f47c3974fe7e46b2653aced2ff /lib
parent: dc2f051a864f396de69f36b64d909778b03fbdd3 (diff)
1 files changed, 27 insertions, 8 deletions
diff --git a/lib/avb/libavb/avb_slot_verify.c b/lib/avb/libavb/avb_slot_verify.c
index f682007a5e..0f09c21790 100644
--- a/lib/avb/libavb/avb_slot_verify.c
+++ b/lib/avb/libavb/avb_slot_verify.c
@@ -47,6 +47,22 @@
 /* Maximum size of a vbmeta image - 64 KiB. */
 #define VBMETA_MAX_SIZE (64 * 1024)
 
+/* Set the image load addr start from 96MB offset of CONFIG_FASTBOOT_BUF_ADDR */
+#define PARTITION_LOAD_ADDR_START (CONFIG_FASTBOOT_BUF_ADDR + (96 * 1024 * 1024))
+
+/* Load dtbo/boot partition to fixed address instead of heap memory. */
+static void *image_addr_top = (void *)PARTITION_LOAD_ADDR_START;
+static void *alloc_partition_addr(int size)
+{
+  void *ptr = image_addr_top;
+  image_addr_top = image_addr_top + ROUND(size, ARCH_DMA_MINALIGN);
+  return ptr;
+}
+static void free_partition_addr(int size)
+{
+  image_addr_top = (void *)(image_addr_top - ROUND(size, ARCH_DMA_MINALIGN));
+}
+
 /* Helper function to see if we should continue with verification in
  * allow_verification_error=true mode if something goes wrong. See the
  * comments for the avb_slot_verify() function for more information.
@@ -111,7 +127,7 @@ static AvbSlotVerifyResult load_full_partition(AvbOps* ops,
 
   /* Allocate and copy the partition. */
   if (!*out_image_preloaded) {
-    *out_image_buf = avb_malloc(image_size);
+    *out_image_buf = (void *)alloc_partition_addr(image_size);
     if (*out_image_buf == NULL) {
       return AVB_SLOT_VERIFY_RESULT_ERROR_OOM;
     }
@@ -412,8 +428,10 @@ out:
   }
 
 fail:
+  /* Now the image_buf is not allocated by malloc(), we should not free.
+   * Instead, we should reset the image_addr_top.*/
   if (image_buf != NULL && !image_preloaded) {
-    avb_free(image_buf);
+    free_partition_addr(image_size);
   }
   return ret;
 }
@@ -425,6 +443,7 @@ static AvbSlotVerifyResult load_requested_partitions(
     AvbSlotVerifyData* slot_data) {
   AvbSlotVerifyResult ret;
   uint8_t* image_buf = NULL;
+    uint64_t image_size;
   bool image_preloaded = false;
   size_t n;
 
@@ -437,7 +456,6 @@ static AvbSlotVerifyResult load_requested_partitions(
   for (n = 0; requested_partitions[n] != NULL; n++) {
     char part_name[AVB_PART_NAME_MAX_SIZE];
     AvbIOResult io_ret;
-    uint64_t image_size;
     AvbPartitionData* loaded_partition;
 
     if (!avb_str_concat(part_name,
@@ -491,9 +509,10 @@ static AvbSlotVerifyResult load_requested_partitions(
   ret = AVB_SLOT_VERIFY_RESULT_OK;
 
 out:
-  /* Free the current buffer if any. */
+  /* Now the image_buf is not allocated by malloc(), we should not free.
+   * Instead, we should reset the image_addr_top.*/
   if (image_buf != NULL && !image_preloaded) {
-    avb_free(image_buf);
+    free_partition_addr(image_size);
   }
   /* Buffers that are already saved in slot_data will be handled by the caller
    * even on failure. */
@@ -1338,10 +1357,10 @@ void avb_slot_verify_data_free(AvbSlotVerifyData* data) {
       if (loaded_partition->partition_name != NULL) {
         avb_free(loaded_partition->partition_name);
       }
-      if (loaded_partition->data != NULL && !loaded_partition->preloaded) {
-        avb_free(loaded_partition->data);
-      }
     }
+    /* partition data is not loaded to heap memory, so we just reset the
+     * image_addr_top here. */
+    image_addr_top = (void *)PARTITION_LOAD_ADDR_START;
     avb_free(data->loaded_partitions);
   }
   avb_free(data);
author	Ji Luo <ji.luo@nxp.com>	2019-12-30 22:19:16 +0800
committer	Ji Luo <ji.luo@nxp.com>	2020-01-02 12:07:16 +0800
commit	30ac5c4931e992fba5aef84ebbe321dfec24f24d (patch)
tree	6e5bfaecd29d90f47c3974fe7e46b2653aced2ff /lib
parent	dc2f051a864f396de69f36b64d909778b03fbdd3 (diff)