* osutil: rework TotalSystemMemory to TotalUsableMemory
This commit renames total TotalSystemMemory to TotalUsableMemory
and also changes the code to take the CmaTotal into account. This
is the memory reserved by the "Contiguous Memory Allocator" and
it is not usable for normal processes. This kind of memory is
used e.g. by the framebuffer of the Raspberry Pi or by DSPs on
certain boards.
* secboot: use half the mem for KDF in AddRecoveryKey
Instead of benchmarking the KDF parameters for the recovery key
(which takes some time to run) we can also use defaults for the
KDF parameters. The defaults suggested by Chris are "4 iterations"
and half the usable memory. This commit implements the suggestions.
* secboot: update KDF memory heuristic
After discussing with Chris and Samuele we updated the KDF memory
heuristic so that it takes more parameters in mind. It now
considers the usable memory and substracts a hardcoded 384MB
that is required to have a working system (a bit of a conservative
estiamte) and then takes half of this for the KDF memory.
* osutil,secboot: fix typos
* secboot: add comment about minimum mem
a79c7b8121