>Hi,

>it crossed my mind, if you do not need more than half of the memory
>(512 MiB) inside Linux, you can easily assign the second memory bank
>to the non-secure guest without further adaptions. Here is a patch:

>diff --git a/repos/base-hw/include/spec/imx53/drivers/trustzone.h
>b/repos/base-hw/include/spec/imx53/drivers/trustzone.h
>index 8a65fea02..0f8d51b4c 100644
>--- a/repos/base-hw/include/spec/imx53/drivers/trustzone.h
>+++ b/repos/base-hw/include/spec/imx53/drivers/trustzone.h
>@@ -28,8 +28,8 @@ namespace Trustzone
 >*/
 >  SECURE_RAM_BASE    = Imx53::RAM_BANK_0_BASE,
 >SECURE_RAM_SIZE    = 256 * 1024 * 1024,
>- 256NONSECURE_RAM_BASE = Imx53::RAM_BANK_0_BASE + SECURE_RAM_SIZE,
>- RAM_BANK_0_BASENONSECURE_RAM_SIZE = 256 * 1024 * 1024,
>+ 256NONSECURE_RAM_BASE = Imx53::RAM_BANK_1_BASE,
>+ Imx53NONSECURE_RAM_SIZE = 512 * 1024 * 1024,
> };
> }
 

>Please keep in mind to *not* increase the secure ram area. It needs to
>be protected by the M4IF TrustZone aware IP core, which is somehow
>limited in its configuration of secure address ranges.

>Regards
>Stefan
Hi,
Thank you Stefan, It works for me now!