optee: add property no-map to secure reserved memory

OP-TEE reserved memory node must set property "no-map" to prevent Linux kernel from mapping secure memory unless what non-secure world speculative accesses of the CPU can violate the memory firmware configuration. Fixes: 6ccb05eae01b ("image: fdt: copy possible optee nodes to a loaded devicetree") Signed-off-by: Etienne Carriere <etienne.carriere@st.com> Signed-off-by: Patrice Chotard <patrice.chotard@st.com>
author: Etienne Carriere <etienne.carriere@st.com> 2020-09-10 10:50:01 +0200
committer: Simon Glass <sjg@chromium.org> 2020-09-22 12:54:13 -0600
commit: 3e15c315f97401f394ae83ed17fbef72b765222a (patch)
tree: 16e9439baf66cfffbd711526382c1507ee0f4568 /lib/optee
parent: 6613ed1e0708263baea3395cbf39f68fffa33358 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/optee/optee.c b/lib/optee/optee.c
index 963c2ff430..9e6606568f 100644
--- a/lib/optee/optee.c
+++ b/lib/optee/optee.c
@@ -192,7 +192,7 @@ int optee_copy_fdt_nodes(const void *old_blob, void *new_blob)
 				ret = fdtdec_add_reserved_memory(new_blob,
 								 nodename,
 								 &carveout,
-								 NULL, false);
+								 NULL, true);
 				free(oldname);
 
 				if (ret < 0)
author	Etienne Carriere <etienne.carriere@st.com>	2020-09-10 10:50:01 +0200
committer	Simon Glass <sjg@chromium.org>	2020-09-22 12:54:13 -0600
commit	3e15c315f97401f394ae83ed17fbef72b765222a (patch)
tree	16e9439baf66cfffbd711526382c1507ee0f4568 /lib/optee
parent	6613ed1e0708263baea3395cbf39f68fffa33358 (diff)