From patchwork Thu Dec 11 23:29:24 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Greg Bellows X-Patchwork-Id: 42165 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-wi0-f197.google.com (mail-wi0-f197.google.com [209.85.212.197]) by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id 0D07426666 for ; Thu, 11 Dec 2014 23:33:32 +0000 (UTC) Received: by mail-wi0-f197.google.com with SMTP id l15sf464588wiw.4 for ; Thu, 11 Dec 2014 15:33:31 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:delivered-to:from:to:date :message-id:in-reply-to:references:cc:subject:precedence:list-id :list-unsubscribe:list-archive:list-post:list-help:list-subscribe :errors-to:sender:x-original-sender :x-original-authentication-results:mailing-list; bh=hhE2Zi3xXdUlfb42nzyEOC1H9NrYUwUoX647+UXuQL8=; b=HEQuKf6EcAO1KuLBk0JZGxl7eZuCtaBR/XXO7NZxJcVlUTbTDAKyyxKFO/q4cwbCiy fGNetu/wMGA1/uadMyp1Mu4V54dWSJ63+S9tavW5IFIJ2/NioOk+53GrDHVhjtvwA6v0 aRiOEYYLvcLLnkdkvVDxpCcjoZwGX6zjzLkHeaKRRNWx074VsGTe0i1UZ+yjDUfL9kxG gOEC7ZbwWUy1dtuOJt1E95VaCOWG1XHOlLk/E1mXMMjWYGqUlSrcQHQ5KBx1xE9tpvrq UPr/dNQdzUaMOwwUabdZ80AJIa5nnFhlJom0dgoFRLRqAaSTCQSrv713Tc8jUEj2vVCp 7maw== X-Gm-Message-State: ALoCoQkzice/EHPQJOH1uOZn9xBJ0rJpKfNliroXbF2wigNEPOXJ+4ZgJnxjz5UAtz3X8fRmhUo3 X-Received: by 10.112.14.2 with SMTP id l2mr2066532lbc.5.1418340811268; Thu, 11 Dec 2014 15:33:31 -0800 (PST) MIME-Version: 1.0 X-BeenThere: patchwork-forward@linaro.org Received: by 10.152.204.104 with SMTP id kx8ls362934lac.82.gmail; Thu, 11 Dec 2014 15:33:31 -0800 (PST) X-Received: by 10.152.26.201 with SMTP id n9mr5805289lag.50.1418340811121; Thu, 11 Dec 2014 15:33:31 -0800 (PST) Received: from mail-la0-f53.google.com (mail-la0-f53.google.com. [209.85.215.53]) by mx.google.com with ESMTPS id ss9si2717822lbb.89.2014.12.11.15.33.31 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 11 Dec 2014 15:33:31 -0800 (PST) Received-SPF: pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.215.53 as permitted sender) client-ip=209.85.215.53; Received: by mail-la0-f53.google.com with SMTP id gm9so5303431lab.12 for ; Thu, 11 Dec 2014 15:33:31 -0800 (PST) X-Received: by 10.112.189.10 with SMTP id ge10mr12273741lbc.23.1418340811009; Thu, 11 Dec 2014 15:33:31 -0800 (PST) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patch@linaro.org Received: by 10.112.142.69 with SMTP id ru5csp686532lbb; Thu, 11 Dec 2014 15:33:30 -0800 (PST) X-Received: by 10.224.25.79 with SMTP id y15mr25339254qab.78.1418340809500; Thu, 11 Dec 2014 15:33:29 -0800 (PST) Received: from lists.gnu.org (lists.gnu.org. [2001:4830:134:3::11]) by mx.google.com with ESMTPS id e34si2114705qge.99.2014.12.11.15.33.28 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Thu, 11 Dec 2014 15:33:29 -0800 (PST) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) client-ip=2001:4830:134:3::11; Received: from localhost ([::1]:54660 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XzDEe-0000wJ-E5 for patch@linaro.org; Thu, 11 Dec 2014 18:33:28 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:57527) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XzDBL-00041w-AE for qemu-devel@nongnu.org; Thu, 11 Dec 2014 18:30:09 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XzDBF-0000wj-ER for qemu-devel@nongnu.org; Thu, 11 Dec 2014 18:30:03 -0500 Received: from mail-pa0-f44.google.com ([209.85.220.44]:40239) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XzDBF-0000vt-9J for qemu-devel@nongnu.org; Thu, 11 Dec 2014 18:29:57 -0500 Received: by mail-pa0-f44.google.com with SMTP id et14so6062247pad.3 for ; Thu, 11 Dec 2014 15:29:56 -0800 (PST) X-Received: by 10.68.57.199 with SMTP id k7mr21433786pbq.25.1418340596547; Thu, 11 Dec 2014 15:29:56 -0800 (PST) Received: from gbellows-linaro.qualcomm.com (rrcs-67-52-129-61.west.biz.rr.com. [67.52.129.61]) by mx.google.com with ESMTPSA id ip1sm2362908pbc.0.2014.12.11.15.29.55 for (version=TLSv1.1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 11 Dec 2014 15:29:55 -0800 (PST) From: Greg Bellows To: qemu-devel@nongnu.org, serge.fdrv@gmail.com, edgar.iglesias@gmail.com, aggelerf@ethz.ch, peter.maydell@linaro.org Date: Thu, 11 Dec 2014 17:29:24 -0600 Message-Id: <1418340569-30519-11-git-send-email-greg.bellows@linaro.org> X-Mailer: git-send-email 1.8.3.2 In-Reply-To: <1418340569-30519-1-git-send-email-greg.bellows@linaro.org> References: <1418340569-30519-1-git-send-email-greg.bellows@linaro.org> X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.85.220.44 Cc: Greg Bellows Subject: [Qemu-devel] [PATCH v2 10/15] target-arm: Add arm_boot_info secure_boot control X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: , List-Help: , List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org X-Removed-Original-Auth: Dkim didn't pass. X-Original-Sender: greg.bellows@linaro.org X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.215.53 as permitted sender) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org X-Google-Group-Id: 836684582541 Adds the secure_boot boolean field to the arm_boot_info descriptor. This fields is used to indicate whether Linux should boot into secure or non-secure state if the ARM EL3 feature is enabled. The default is to leave the CPU in an unaltered reset state. On EL3 enabled systems, the reset state is secure and can be overridden by setting the added field to false. Signed-off-by: Greg Bellows --- hw/arm/boot.c | 10 ++++++++++ include/hw/arm/arm.h | 4 ++++ 2 files changed, 14 insertions(+) diff --git a/hw/arm/boot.c b/hw/arm/boot.c index e6a3c5b..7ec33f3 100644 --- a/hw/arm/boot.c +++ b/hw/arm/boot.c @@ -457,6 +457,16 @@ static void do_cpu_reset(void *opaque) env->thumb = info->entry & 1; } } else { + /* If we are booting Linux then we need to check whether we are + * booting into secure or non-secure state and adjust the state + * accordingly. Out of reset, ARM is defined to be in secure state + * (SCR.NS = 0), we change that here is non-secure boot has been + * requested. + */ + if (arm_feature(env, ARM_FEATURE_EL3) && !info->secure_boot) { + env->cp15.scr_el3 |= SCR_NS; + } + if (CPU(cpu) == first_cpu) { if (env->aarch64) { env->pc = info->loader_start; diff --git a/include/hw/arm/arm.h b/include/hw/arm/arm.h index cefc9e6..6659562 100644 --- a/include/hw/arm/arm.h +++ b/include/hw/arm/arm.h @@ -37,6 +37,10 @@ struct arm_boot_info { hwaddr gic_cpu_if_addr; int nb_cpus; int board_id; + /* ARM machines that support security extensions use this field to control + * whether Linux is booted as securei(true) or non-secure(false). + */ + bool secure_boot; int (*atag_board)(const struct arm_boot_info *info, void *p); /* multicore boards that use the default secondary core boot functions * can ignore these two function calls. If the default functions won't