From 916832603762847afcf112152473d305f7c502e3 Mon Sep 17 00:00:00 2001
From: Bin Meng <bmeng.cn@gmail.com>
Date: Thu, 31 Jan 2019 08:22:13 -0800
Subject: [PATCH] x86: Don't copy the cpu_call64() function to a hardcoded
 address

Before jumping to 64-bit U-Boot proper, SPL copies the cpu_call64()
function to a hardcoded address 0x3000000. This can have potential
conflicts with application usage. Switch the destination address
to be allocated from the heap to avoid such risk.

Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
---
 arch/x86/cpu/i386/call64.S |  4 ++++
 arch/x86/cpu/i386/cpu.c    | 11 ++++++++---
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/arch/x86/cpu/i386/call64.S b/arch/x86/cpu/i386/call64.S
index 8f86728d42..275063c4af 100644
--- a/arch/x86/cpu/i386/call64.S
+++ b/arch/x86/cpu/i386/call64.S
@@ -79,6 +79,10 @@ lret_target:
 	mov	%eax, %eax		/* Clear bits 63:32 */
 	jmp	*%eax			/* Jump to the 64-bit target */
 
+.globl call64_stub_size
+call64_stub_size:
+	.long	. - cpu_call64
+
 	.data
 	.align	16
 	.globl	gdt64
diff --git a/arch/x86/cpu/i386/cpu.c b/arch/x86/cpu/i386/cpu.c
index af42431f45..e4b551452d 100644
--- a/arch/x86/cpu/i386/cpu.c
+++ b/arch/x86/cpu/i386/cpu.c
@@ -523,18 +523,23 @@ int cpu_jump_to_64bit_uboot(ulong target)
 	typedef void (*func_t)(ulong pgtable, ulong setup_base, ulong target);
 	uint32_t *pgtable;
 	func_t func;
+	char *ptr;
 
 	pgtable = (uint32_t *)PAGETABLE_BASE;
 
 	build_pagetable(pgtable);
 
-	/* TODO(sjg@chromium.org): Find a better place for this */
-	char *ptr = (char *)0x3000000;
+	extern long call64_stub_size;
+	ptr = malloc(call64_stub_size);
+	if (!ptr) {
+		printf("Failed to allocate the cpu_call64 stub\n");
+		return -ENOMEM;
+	}
 	char *gdt = (char *)0x3100000;
 
 	extern char gdt64[];
 
-	memcpy(ptr, cpu_call64, 0x1000);
+	memcpy(ptr, cpu_call64, call64_stub_size);
 	memcpy(gdt, gdt64, 0x100);
 
 	/*
-- 
2.39.5