From patchwork Mon Dec 15 18:51:14 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Greg Bellows X-Patchwork-Id: 42285 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-wg0-f70.google.com (mail-wg0-f70.google.com [74.125.82.70]) by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id 4B4032456A for ; Mon, 15 Dec 2014 18:59:22 +0000 (UTC) Received: by mail-wg0-f70.google.com with SMTP id b13sf7647331wgh.5 for ; Mon, 15 Dec 2014 10:59:21 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:delivered-to:from:to:date :message-id:in-reply-to:references:cc:subject:precedence:list-id :list-unsubscribe:list-archive:list-post:list-help:list-subscribe :errors-to:sender:x-original-sender :x-original-authentication-results:mailing-list; bh=/sgAvp4tp3N2AHytGrgQ9e8MNkwTCeq7pvSkQu/EzCM=; b=R+e4Evn16vea4rIrCxbS19QEwXWdTTLytIy/ZEOFnnsoaoYIUfGwHPnH0x+1u9F5fJ KRM6UTsx8Pfks1pjFY/ns9pkdb0YHTSX4WALbXhMh8uTGkA0Jvu+qFmFskfmLfcV3dpt q1t1yD35AoJVR1V+1EnC6edbeIc+mcKagBzL7T4O1JCincaCIQsLn7uXCm27miWmUgyM avXWLhUBp/3QzStxAE3JJnJCw4+3shbIk2Z1eMqy67vM56c5zhMuPThUO+4sHraZJ2Ra At4olfgDFeVe0xbgTIEHYt+Jz8jiQx1dWoY5gWbhhKMQUMQmW3xFUfAejrFXdkns7EV4 smxA== X-Gm-Message-State: ALoCoQkF81BboMq8G+Napq9vKfA57h0AzyXVycqKLHesJpgyNrGz8wRH2PKQRHONvmD5EwcGUlS3 X-Received: by 10.152.44.195 with SMTP id g3mr4956099lam.2.1418669961505; Mon, 15 Dec 2014 10:59:21 -0800 (PST) MIME-Version: 1.0 X-BeenThere: patchwork-forward@linaro.org Received: by 10.152.120.39 with SMTP id kz7ls570860lab.25.gmail; Mon, 15 Dec 2014 10:59:21 -0800 (PST) X-Received: by 10.112.169.67 with SMTP id ac3mr14275547lbc.83.1418669961368; Mon, 15 Dec 2014 10:59:21 -0800 (PST) Received: from mail-lb0-f170.google.com (mail-lb0-f170.google.com. [209.85.217.170]) by mx.google.com with ESMTPS id xz9si11276810lbb.126.2014.12.15.10.59.21 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 15 Dec 2014 10:59:21 -0800 (PST) Received-SPF: pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.217.170 as permitted sender) client-ip=209.85.217.170; Received: by mail-lb0-f170.google.com with SMTP id 10so9731408lbg.29 for ; Mon, 15 Dec 2014 10:59:21 -0800 (PST) X-Received: by 10.112.141.42 with SMTP id rl10mr31673469lbb.98.1418669961199; Mon, 15 Dec 2014 10:59:21 -0800 (PST) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patch@linaro.org Received: by 10.112.142.69 with SMTP id ru5csp810277lbb; Mon, 15 Dec 2014 10:59:20 -0800 (PST) X-Received: by 10.224.89.70 with SMTP id d6mr6940432qam.76.1418669959752; Mon, 15 Dec 2014 10:59:19 -0800 (PST) Received: from lists.gnu.org (lists.gnu.org. [2001:4830:134:3::11]) by mx.google.com with ESMTPS id p5si11616304qcf.39.2014.12.15.10.59.19 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Mon, 15 Dec 2014 10:59:19 -0800 (PST) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) client-ip=2001:4830:134:3::11; Received: from localhost ([::1]:41509 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Y0arW-0004KQ-Tp for patch@linaro.org; Mon, 15 Dec 2014 13:59:18 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:38328) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Y0akK-0000it-H1 for qemu-devel@nongnu.org; Mon, 15 Dec 2014 13:51:58 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Y0akE-0005wY-Jq for qemu-devel@nongnu.org; Mon, 15 Dec 2014 13:51:52 -0500 Received: from mail-pa0-f49.google.com ([209.85.220.49]:61818) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Y0akE-0005wR-Df for qemu-devel@nongnu.org; Mon, 15 Dec 2014 13:51:46 -0500 Received: by mail-pa0-f49.google.com with SMTP id eu11so12329356pac.36 for ; Mon, 15 Dec 2014 10:51:45 -0800 (PST) X-Received: by 10.68.208.65 with SMTP id mc1mr53499522pbc.111.1418669505583; Mon, 15 Dec 2014 10:51:45 -0800 (PST) Received: from gbellows-linaro.qualcomm.com (rrcs-67-52-129-61.west.biz.rr.com. [67.52.129.61]) by mx.google.com with ESMTPSA id bq7sm9972513pdb.50.2014.12.15.10.51.43 for (version=TLSv1.1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 15 Dec 2014 10:51:44 -0800 (PST) From: Greg Bellows To: qemu-devel@nongnu.org, serge.fdrv@gmail.com, edgar.iglesias@gmail.com, aggelerf@ethz.ch, peter.maydell@linaro.org Date: Mon, 15 Dec 2014 12:51:14 -0600 Message-Id: <1418669479-23908-11-git-send-email-greg.bellows@linaro.org> X-Mailer: git-send-email 1.8.3.2 In-Reply-To: <1418669479-23908-1-git-send-email-greg.bellows@linaro.org> References: <1418669479-23908-1-git-send-email-greg.bellows@linaro.org> X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.85.220.49 Cc: Greg Bellows Subject: [Qemu-devel] [PATCH v3 10/15] target-arm: Add arm_boot_info secure_boot control X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: , List-Help: , List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org X-Removed-Original-Auth: Dkim didn't pass. X-Original-Sender: greg.bellows@linaro.org X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.217.170 as permitted sender) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org X-Google-Group-Id: 836684582541 Adds the secure_boot boolean field to the arm_boot_info descriptor. This fields is used to indicate whether Linux should boot into secure or non-secure state if the ARM EL3 feature is enabled. The default is to leave the CPU in an unaltered reset state. On EL3 enabled systems, the reset state is secure and can be overridden by setting the added field to false. Signed-off-by: Greg Bellows Reviewed-by: Peter Maydell --- v2 -> v3 - Fixed typos --- hw/arm/boot.c | 10 ++++++++++ include/hw/arm/arm.h | 4 ++++ 2 files changed, 14 insertions(+) diff --git a/hw/arm/boot.c b/hw/arm/boot.c index e6a3c5b..c8d1d4e 100644 --- a/hw/arm/boot.c +++ b/hw/arm/boot.c @@ -457,6 +457,16 @@ static void do_cpu_reset(void *opaque) env->thumb = info->entry & 1; } } else { + /* If we are booting Linux then we need to check whether we are + * booting into secure or non-secure state and adjust the state + * accordingly. Out of reset, ARM is defined to be in secure state + * (SCR.NS = 0), we change that here if non-secure boot has been + * requested. + */ + if (arm_feature(env, ARM_FEATURE_EL3) && !info->secure_boot) { + env->cp15.scr_el3 |= SCR_NS; + } + if (CPU(cpu) == first_cpu) { if (env->aarch64) { env->pc = info->loader_start; diff --git a/include/hw/arm/arm.h b/include/hw/arm/arm.h index cefc9e6..e5a5d8c 100644 --- a/include/hw/arm/arm.h +++ b/include/hw/arm/arm.h @@ -37,6 +37,10 @@ struct arm_boot_info { hwaddr gic_cpu_if_addr; int nb_cpus; int board_id; + /* ARM machines that support the ARM Security Extensions use this field to + * control whether Linux is booted as secure(true) or non-secure(false). + */ + bool secure_boot; int (*atag_board)(const struct arm_boot_info *info, void *p); /* multicore boards that use the default secondary core boot functions * can ignore these two function calls. If the default functions won't