From patchwork Mon Dec 15 23:09:47 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Greg Bellows X-Patchwork-Id: 42303 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-ee0-f70.google.com (mail-ee0-f70.google.com [74.125.83.70]) by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id 6FB6726C6C for ; Mon, 15 Dec 2014 23:16:12 +0000 (UTC) Received: by mail-ee0-f70.google.com with SMTP id b57sf8200021eek.9 for ; Mon, 15 Dec 2014 15:16:11 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:delivered-to:from:to:date :message-id:in-reply-to:references:cc:subject:precedence:list-id :list-unsubscribe:list-archive:list-post:list-help:list-subscribe :errors-to:sender:x-original-sender :x-original-authentication-results:mailing-list; bh=CjYLxMyHETnCn3XEHYBBfiNx+8a113QXdteDAamf+oE=; b=B/Wwf8GHf3/sDxBh3Ed60LbGwgsMDnyI3g2IseVN9+UwsZnbvaqzdbNosBodQmAENR EVlwvMk1quIsKInpFOxbCjpSu98JPcg/Fd2xThsqRtf9Wf45L1sfK5xvzeJ7omtixT9z 8JSrCBqyK9EziyIR6BUhfZ3ZaHZYQFksWnM3jnIWJgzfz8CoS6fBdRajgX4bUG2dHNdb kl3HINmny+RXyHb9uxl6sRd9RikwlYjgtS3dokF0jgQ/ANCvs04Du4GFe3SOyY+qAqNn ibAYOGafvH52QnMRYEZlnL0Xsmjcte9T0LZUVYGKTESyt+V0JMtZeDAdNVACDV+S6yKX AwJQ== X-Gm-Message-State: ALoCoQl1lsMKARt6wX3Y3Bt8F33Gx59pqckHZydu+Uq939lM11thsr8fbnHoCCd7LZgijFFBRZXu X-Received: by 10.152.2.40 with SMTP id 8mr20795lar.7.1418685371680; Mon, 15 Dec 2014 15:16:11 -0800 (PST) MIME-Version: 1.0 X-BeenThere: patchwork-forward@linaro.org Received: by 10.152.43.137 with SMTP id w9ls340601lal.5.gmail; Mon, 15 Dec 2014 15:16:11 -0800 (PST) X-Received: by 10.112.73.97 with SMTP id k1mr1189568lbv.78.1418685371381; Mon, 15 Dec 2014 15:16:11 -0800 (PST) Received: from mail-la0-f48.google.com (mail-la0-f48.google.com. [209.85.215.48]) by mx.google.com with ESMTPS id ac4si2910706lbc.111.2014.12.15.15.16.11 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 15 Dec 2014 15:16:11 -0800 (PST) Received-SPF: pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.215.48 as permitted sender) client-ip=209.85.215.48; Received: by mail-la0-f48.google.com with SMTP id gf13so10132617lab.21 for ; Mon, 15 Dec 2014 15:16:11 -0800 (PST) X-Received: by 10.152.23.38 with SMTP id j6mr25090330laf.81.1418685371247; Mon, 15 Dec 2014 15:16:11 -0800 (PST) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patch@linaro.org Received: by 10.112.142.69 with SMTP id ru5csp867100lbb; Mon, 15 Dec 2014 15:16:10 -0800 (PST) X-Received: by 10.140.21.167 with SMTP id 36mr56074235qgl.25.1418685369714; Mon, 15 Dec 2014 15:16:09 -0800 (PST) Received: from lists.gnu.org (lists.gnu.org. [2001:4830:134:3::11]) by mx.google.com with ESMTPS id 79si12434620qgj.60.2014.12.15.15.16.09 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Mon, 15 Dec 2014 15:16:09 -0800 (PST) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) client-ip=2001:4830:134:3::11; Received: from localhost ([::1]:42361 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Y0es4-0003yN-EV for patch@linaro.org; Mon, 15 Dec 2014 18:16:08 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:36035) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Y0emX-0003kE-Ip for qemu-devel@nongnu.org; Mon, 15 Dec 2014 18:10:31 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Y0emR-0000h3-HA for qemu-devel@nongnu.org; Mon, 15 Dec 2014 18:10:25 -0500 Received: from mail-pd0-f170.google.com ([209.85.192.170]:63554) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Y0emR-0000gr-Bw for qemu-devel@nongnu.org; Mon, 15 Dec 2014 18:10:19 -0500 Received: by mail-pd0-f170.google.com with SMTP id v10so12629633pde.1 for ; Mon, 15 Dec 2014 15:10:18 -0800 (PST) X-Received: by 10.68.65.2 with SMTP id t2mr56240053pbs.39.1418685018861; Mon, 15 Dec 2014 15:10:18 -0800 (PST) Received: from gbellows-linaro.qualcomm.com (rrcs-67-52-129-61.west.biz.rr.com. [67.52.129.61]) by mx.google.com with ESMTPSA id uq15sm10402467pab.8.2014.12.15.15.10.17 for (version=TLSv1.1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 15 Dec 2014 15:10:18 -0800 (PST) From: Greg Bellows To: qemu-devel@nongnu.org, serge.fdrv@gmail.com, edgar.iglesias@gmail.com, aggelerf@ethz.ch, peter.maydell@linaro.org Date: Mon, 15 Dec 2014 17:09:47 -0600 Message-Id: <1418684992-8996-11-git-send-email-greg.bellows@linaro.org> X-Mailer: git-send-email 1.8.3.2 In-Reply-To: <1418684992-8996-1-git-send-email-greg.bellows@linaro.org> References: <1418684992-8996-1-git-send-email-greg.bellows@linaro.org> X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.85.192.170 Cc: Greg Bellows Subject: [Qemu-devel] [PATCH v4 10/15] target-arm: Add arm_boot_info secure_boot control X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: , List-Help: , List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org X-Removed-Original-Auth: Dkim didn't pass. X-Original-Sender: greg.bellows@linaro.org X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.215.48 as permitted sender) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org X-Google-Group-Id: 836684582541 Adds the secure_boot boolean field to the arm_boot_info descriptor. This fields is used to indicate whether Linux should boot into secure or non-secure state if the ARM EL3 feature is enabled. The default is to leave the CPU in an unaltered reset state. On EL3 enabled systems, the reset state is secure and can be overridden by setting the added field to false. Signed-off-by: Greg Bellows Reviewed-by: Peter Maydell --- v2 -> v3 - Fixed typos --- hw/arm/boot.c | 10 ++++++++++ include/hw/arm/arm.h | 4 ++++ 2 files changed, 14 insertions(+) diff --git a/hw/arm/boot.c b/hw/arm/boot.c index e6a3c5b..c8d1d4e 100644 --- a/hw/arm/boot.c +++ b/hw/arm/boot.c @@ -457,6 +457,16 @@ static void do_cpu_reset(void *opaque) env->thumb = info->entry & 1; } } else { + /* If we are booting Linux then we need to check whether we are + * booting into secure or non-secure state and adjust the state + * accordingly. Out of reset, ARM is defined to be in secure state + * (SCR.NS = 0), we change that here if non-secure boot has been + * requested. + */ + if (arm_feature(env, ARM_FEATURE_EL3) && !info->secure_boot) { + env->cp15.scr_el3 |= SCR_NS; + } + if (CPU(cpu) == first_cpu) { if (env->aarch64) { env->pc = info->loader_start; diff --git a/include/hw/arm/arm.h b/include/hw/arm/arm.h index cefc9e6..e5a5d8c 100644 --- a/include/hw/arm/arm.h +++ b/include/hw/arm/arm.h @@ -37,6 +37,10 @@ struct arm_boot_info { hwaddr gic_cpu_if_addr; int nb_cpus; int board_id; + /* ARM machines that support the ARM Security Extensions use this field to + * control whether Linux is booted as secure(true) or non-secure(false). + */ + bool secure_boot; int (*atag_board)(const struct arm_boot_info *info, void *p); /* multicore boards that use the default secondary core boot functions * can ignore these two function calls. If the default functions won't