Hi,
it crossed my mind, if you do not need more than half of the memory (512 MiB) inside Linux, you can easily assign the second memory bank to the non-secure guest without further adaptions. Here is a patch:
diff --git a/repos/base-hw/include/spec/imx53/drivers/trustzone.h b/repos/base-hw/include/spec/imx53/drivers/trustzone.h index 8a65fea02..0f8d51b4c 100644 --- a/repos/base-hw/include/spec/imx53/drivers/trustzone.h +++ b/repos/base-hw/include/spec/imx53/drivers/trustzone.h @@ -28,8 +28,8 @@ namespace Trustzone */ SECURE_RAM_BASE = Imx53::RAM_BANK_0_BASE, SECURE_RAM_SIZE = 256 * 1024 * 1024,
256NONSECURE_RAM_BASE = Imx53::RAM_BANK_0_BASE + SECURE_RAM_SIZE,RAM_BANK_0_BASENONSECURE_RAM_SIZE = 256 * 1024 * 1024,
256NONSECURE_RAM_BASE = Imx53::RAM_BANK_1_BASE,Imx53NONSECURE_RAM_SIZE = 512 * 1024 * 1024,}; }
Please keep in mind to *not* increase the secure ram area. It needs to be protected by the M4IF TrustZone aware IP core, which is somehow limited in its configuration of secure address ranges.
Regards Stefan
Hi, Thank you Stefan, It works for me now!