diff options
| author | Dan Handley <dan.handley@arm.com> | 2016-07-28 14:38:03 +0100 |
|---|---|---|
| committer | Dan Handley <dan.handley@arm.com> | 2016-08-17 17:01:12 +0100 |
| commit | ad4494dc38a39d06a31ef3386829ef1af79db39a (patch) | |
| tree | 83c827f84fef23d9934c6e630331b62ab9dc2038 /common | |
| parent | 50990186aa0e775a4f15935d90db9c16eda7228a (diff) | |
Remove dcache invalidation after image authentication
At the end of successful image authentication in load_auth_image(),
the data cache for the virtual address range corresponding to the
image is invalidated (by a call to inv_dcache_range()). The intent
seems to be to ensure the data caches do not contain any sensitive
data used during authentication, which subsequent code can read.
However, this same address range is already flushed (cleaned and
invalidated by a call to flush_dcache_range()) at the end of
load_image(), and the subsequent invalidate has no functional
effect.
This patch removes the redundant call to inv_dcache_range(). It
also moves the flush_dcache_range() call from the end of load_image()
to the end of load_auth_image(), so the image data will remain in
the caches during authentication, improving performance.
This also improves the comments that explain the rationale for
calling flush_dcache_range() after image loading/authentication.
Change-Id: I14f17ad2935075ef6f3d1327361c5088bfb2d284
Diffstat (limited to 'common')
| -rw-r--r-- | common/bl_common.c | 18 |
1 files changed, 12 insertions, 6 deletions
diff --git a/common/bl_common.c b/common/bl_common.c index be56256b..6dcd4c18 100644 --- a/common/bl_common.c +++ b/common/bl_common.c @@ -321,12 +321,16 @@ int load_image(meminfo_t *mem_layout, (void *) image_base, image_size); } +#if !TRUSTED_BOARD_BOOT /* * File has been successfully loaded. - * Flush the image in Trusted SRAM so that the next exception level can - * see it. + * Flush the image to main memory so that it can be executed later by + * any CPU, regardless of cache and MMU state. + * When TBB is enabled the image is flushed later, after image + * authentication. */ flush_dcache_range(image_base, image_size); +#endif /* TRUSTED_BOARD_BOOT */ INFO("Image id=%u loaded at address %p, size = 0x%zx\n", image_id, (void *) image_base, image_size); @@ -388,10 +392,12 @@ int load_auth_image(meminfo_t *mem_layout, image_data->image_size); return -EAUTH; } - - /* After working with data, invalidate the data cache */ - inv_dcache_range(image_data->image_base, - (size_t)image_data->image_size); + /* + * File has been successfully loaded and authenticated. + * Flush the image to main memory so that it can be executed later by + * any CPU, regardless of cache and MMU state. + */ + flush_dcache_range(image_data->image_base, image_data->image_size); #endif /* TRUSTED_BOARD_BOOT */ return 0; |