| Message ID | 1418340569-30519-11-git-send-email-greg.bellows@linaro.org |
|---|---|
| State | New |
| Headers | show |
On 11 December 2014 at 23:29, Greg Bellows <greg.bellows@linaro.org> wrote: > Adds the secure_boot boolean field to the arm_boot_info descriptor. This > fields is used to indicate whether Linux should boot into secure or non-secure > state if the ARM EL3 feature is enabled. The default is to leave the CPU in an > unaltered reset state. On EL3 enabled systems, the reset state is secure and > can be overridden by setting the added field to false. > > Signed-off-by: Greg Bellows <greg.bellows@linaro.org> > --- > hw/arm/boot.c | 10 ++++++++++ > include/hw/arm/arm.h | 4 ++++ > 2 files changed, 14 insertions(+) > > diff --git a/hw/arm/boot.c b/hw/arm/boot.c > index e6a3c5b..7ec33f3 100644 > --- a/hw/arm/boot.c > +++ b/hw/arm/boot.c > @@ -457,6 +457,16 @@ static void do_cpu_reset(void *opaque) > env->thumb = info->entry & 1; > } > } else { > + /* If we are booting Linux then we need to check whether we are > + * booting into secure or non-secure state and adjust the state > + * accordingly. Out of reset, ARM is defined to be in secure state > + * (SCR.NS = 0), we change that here is non-secure boot has been typo: "if" > + * requested. > + */ > + if (arm_feature(env, ARM_FEATURE_EL3) && !info->secure_boot) { > + env->cp15.scr_el3 |= SCR_NS; > + } > + > if (CPU(cpu) == first_cpu) { > if (env->aarch64) { > env->pc = info->loader_start; > diff --git a/include/hw/arm/arm.h b/include/hw/arm/arm.h > index cefc9e6..6659562 100644 > --- a/include/hw/arm/arm.h > +++ b/include/hw/arm/arm.h > @@ -37,6 +37,10 @@ struct arm_boot_info { > hwaddr gic_cpu_if_addr; > int nb_cpus; > int board_id; > + /* ARM machines that support security extensions use this field to control Strictly, this should say "the Security Extensions". > + * whether Linux is booted as securei(true) or non-secure(false). Typo: "secure". > + */ > + bool secure_boot; > int (*atag_board)(const struct arm_boot_info *info, void *p); > /* multicore boards that use the default secondary core boot functions > * can ignore these two function calls. If the default functions won't > -- > 1.8.3.2 thanks -- PMM
On 15 December 2014 at 11:04, Peter Maydell <peter.maydell@linaro.org> wrote: > > On 11 December 2014 at 23:29, Greg Bellows <greg.bellows@linaro.org> > wrote: > > Adds the secure_boot boolean field to the arm_boot_info descriptor. This > > fields is used to indicate whether Linux should boot into secure or > non-secure > > state if the ARM EL3 feature is enabled. The default is to leave the > CPU in an > > unaltered reset state. On EL3 enabled systems, the reset state is > secure and > > can be overridden by setting the added field to false. > > > > Signed-off-by: Greg Bellows <greg.bellows@linaro.org> > > --- > > hw/arm/boot.c | 10 ++++++++++ > > include/hw/arm/arm.h | 4 ++++ > > 2 files changed, 14 insertions(+) > > > > diff --git a/hw/arm/boot.c b/hw/arm/boot.c > > index e6a3c5b..7ec33f3 100644 > > --- a/hw/arm/boot.c > > +++ b/hw/arm/boot.c > > @@ -457,6 +457,16 @@ static void do_cpu_reset(void *opaque) > > env->thumb = info->entry & 1; > > } > > } else { > > + /* If we are booting Linux then we need to check whether we > are > > + * booting into secure or non-secure state and adjust the > state > > + * accordingly. Out of reset, ARM is defined to be in > secure state > > + * (SCR.NS = 0), we change that here is non-secure boot has > been > > typo: "if" > > > + * requested. > > + */ > > + if (arm_feature(env, ARM_FEATURE_EL3) && > !info->secure_boot) { > > + env->cp15.scr_el3 |= SCR_NS; > > + } > > + > > if (CPU(cpu) == first_cpu) { > > if (env->aarch64) { > > env->pc = info->loader_start; > > diff --git a/include/hw/arm/arm.h b/include/hw/arm/arm.h > > index cefc9e6..6659562 100644 > > --- a/include/hw/arm/arm.h > > +++ b/include/hw/arm/arm.h > > @@ -37,6 +37,10 @@ struct arm_boot_info { > > hwaddr gic_cpu_if_addr; > > int nb_cpus; > > int board_id; > > + /* ARM machines that support security extensions use this field to > control > > Strictly, this should say "the Security Extensions". > > > + * whether Linux is booted as securei(true) or non-secure(false). > > Typo: "secure". > > > + */ > > + bool secure_boot; > > int (*atag_board)(const struct arm_boot_info *info, void *p); > > /* multicore boards that use the default secondary core boot > functions > > * can ignore these two function calls. If the default functions > won't > > -- > > 1.8.3.2 > > All typos fixed. > thanks > -- PMM >
diff --git a/hw/arm/boot.c b/hw/arm/boot.c index e6a3c5b..7ec33f3 100644 --- a/hw/arm/boot.c +++ b/hw/arm/boot.c @@ -457,6 +457,16 @@ static void do_cpu_reset(void *opaque) env->thumb = info->entry & 1; } } else { + /* If we are booting Linux then we need to check whether we are + * booting into secure or non-secure state and adjust the state + * accordingly. Out of reset, ARM is defined to be in secure state + * (SCR.NS = 0), we change that here is non-secure boot has been + * requested. + */ + if (arm_feature(env, ARM_FEATURE_EL3) && !info->secure_boot) { + env->cp15.scr_el3 |= SCR_NS; + } + if (CPU(cpu) == first_cpu) { if (env->aarch64) { env->pc = info->loader_start; diff --git a/include/hw/arm/arm.h b/include/hw/arm/arm.h index cefc9e6..6659562 100644 --- a/include/hw/arm/arm.h +++ b/include/hw/arm/arm.h @@ -37,6 +37,10 @@ struct arm_boot_info { hwaddr gic_cpu_if_addr; int nb_cpus; int board_id; + /* ARM machines that support security extensions use this field to control + * whether Linux is booted as securei(true) or non-secure(false). + */ + bool secure_boot; int (*atag_board)(const struct arm_boot_info *info, void *p); /* multicore boards that use the default secondary core boot functions * can ignore these two function calls. If the default functions won't
Adds the secure_boot boolean field to the arm_boot_info descriptor. This fields is used to indicate whether Linux should boot into secure or non-secure state if the ARM EL3 feature is enabled. The default is to leave the CPU in an unaltered reset state. On EL3 enabled systems, the reset state is secure and can be overridden by setting the added field to false. Signed-off-by: Greg Bellows <greg.bellows@linaro.org> --- hw/arm/boot.c | 10 ++++++++++ include/hw/arm/arm.h | 4 ++++ 2 files changed, 14 insertions(+)