From patchwork Tue Jun 30 13:07:27 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Peter Maydell <peter.maydell@linaro.org>
X-Patchwork-Id: 50473
Return-Path: <patchwork-forward+bncBC6Z756YVMIBBF5JZKWAKGQEWTZM5TI@linaro.org>
X-Original-To: linaro@patches.linaro.org
Delivered-To: linaro@patches.linaro.org
Received: from mail-wg0-f72.google.com (mail-wg0-f72.google.com [74.125.82.72])
 by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id 329F3229DF
 for <linaro@patches.linaro.org>; Tue, 30 Jun 2015 13:07:36 +0000 (UTC)
Received: by wguu7 with SMTP id u7sf3742453wgu.0
 for <linaro@patches.linaro.org>; Tue, 30 Jun 2015 06:07:35 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:mime-version:delivered-to:from:to:cc:subject
 :date:message-id:in-reply-to:references:x-original-sender
 :x-original-authentication-results:precedence:mailing-list:list-id
 :list-post:list-help:list-archive:list-unsubscribe;
 bh=uUodo6x00vPk/4wufgW/qjRf8I0V075O5TyjSRm+XOk=;
 b=MameEoHPaLaD/LV7tIy57g9GQtITtS2V3b6BGV4n6LGpopmH8bujRlZJkzhFxBRanK
 a88qc8cI5zLUobTA0dM5M6COq2/YqUylfUI7hhQp1DjpNrA+2iNPpUtOig3/aRgpiilV
 GjjYmIXuOuk43kMAKEoikw9J+ZhciFVc6eA6Yc0BeBEfJZiRSaxErdLVUTeKKnk30vD5
 8Xtt6VuDLsvqMmdnKHscy+8JJqL87txoiMWdIY6nNbct4GYy0Yavj6zkW/LHR4lrf4pG
 GHV28wkZnysxZHnThTitkLelVXiAnYCeU8yaScGS2U4+y7xMUjXEkWFXbRoluiouPskf
 8D6A==
X-Gm-Message-State: ALoCoQnq/ns3pH6I7DZePd9vEre8Am52dpbOCCD0v/6COBl5jugbL2dVlYccj7Pf+VUOeCxQgsiJ
X-Received: by 10.112.253.135 with SMTP id aa7mr3167577lbd.11.1435669655531; 
 Tue, 30 Jun 2015 06:07:35 -0700 (PDT)
MIME-Version: 1.0
X-BeenThere: patchwork-forward@linaro.org
Received: by 10.152.22.97 with SMTP id c1ls36984laf.66.gmail;
 Tue, 30 Jun 2015 06:07:35 -0700 (PDT)
X-Received: by 10.112.126.42 with SMTP id mv10mr20010153lbb.58.1435669655380; 
 Tue, 30 Jun 2015 06:07:35 -0700 (PDT)
Received: from mail-la0-f54.google.com (mail-la0-f54.google.com.
 [209.85.215.54])
 by mx.google.com with ESMTPS id s1si7631672lae.3.2015.06.30.06.07.35
 for <patchwork-forward@linaro.org>
 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Tue, 30 Jun 2015 06:07:35 -0700 (PDT)
Received-SPF: pass (google.com: domain of
 patch+caf_=patchwork-forward=linaro.org@linaro.org designates
 209.85.215.54 as permitted sender) client-ip=209.85.215.54; 
Received: by lagc2 with SMTP id c2so12578139lag.3
 for <patchwork-forward@linaro.org>;
 Tue, 30 Jun 2015 06:07:35 -0700 (PDT)
X-Received: by 10.152.1.40 with SMTP id 8mr19973923laj.56.1435669655236;
 Tue, 30 Jun 2015 06:07:35 -0700 (PDT)
X-Forwarded-To: patchwork-forward@linaro.org
X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org
Delivered-To: patches@linaro.org
Received: by 10.112.108.230 with SMTP id hn6csp2437182lbb;
 Tue, 30 Jun 2015 06:07:34 -0700 (PDT)
X-Received: by 10.153.8.171 with SMTP id dl11mr19960492lad.77.1435669652506; 
 Tue, 30 Jun 2015 06:07:32 -0700 (PDT)
Received: from mnementh.archaic.org.uk (mnementh.archaic.org.uk.
 [2001:8b0:1d0::1]) by mx.google.com with ESMTPS id
 qa7si38108308lbc.18.2015.06.30.06.07.32 for <patches@linaro.org>
 (version=TLSv1.2 cipher=RC4-SHA bits=128/128);
 Tue, 30 Jun 2015 06:07:32 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of
 pm215@archaic.org.uk designates 2001:8b0:1d0::1 as permitted
 sender) client-ip=2001:8b0:1d0::1; 
Received: from pm215 by mnementh.archaic.org.uk with local (Exim 4.80)
 (envelope-from <pm215@archaic.org.uk>)
 id 1Z9vG5-0000nc-Us; Tue, 30 Jun 2015 14:07:29 +0100
From: Peter Maydell <peter.maydell@linaro.org>
To: qemu-devel@nongnu.org
Cc: patches@linaro.org, Peter Crosthwaite <peter.crosthwaite@xilinx.com>,
 "Edgar E. Iglesias" <edgar.iglesias@xilinx.com>,
 =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Subject: [PATCH 3/5] hw/arm/boot: Configure secure GIC to make IRQs NS if
 booting an NS kernel
Date: Tue, 30 Jun 2015 14:07:27 +0100
Message-Id: <1435669649-3035-4-git-send-email-peter.maydell@linaro.org>
X-Mailer: git-send-email 1.7.10.4
In-Reply-To: <1435669649-3035-1-git-send-email-peter.maydell@linaro.org>
References: <1435669649-3035-1-git-send-email-peter.maydell@linaro.org>
X-Removed-Original-Auth: Dkim didn't pass.
X-Original-Sender: peter.maydell@linaro.org
X-Original-Authentication-Results: mx.google.com; spf=pass (google.com:
 domain of
 patch+caf_=patchwork-forward=linaro.org@linaro.org designates
 209.85.215.54 as permitted sender)
 smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org
Precedence: list
Mailing-list: list patchwork-forward@linaro.org;
 contact patchwork-forward+owners@linaro.org
List-ID: <patchwork-forward.linaro.org>
X-Google-Group-Id: 836684582541
List-Post: <http://groups.google.com/a/linaro.org/group/patchwork-forward/post>, 
 <mailto:patchwork-forward@linaro.org>
List-Help: <http://support.google.com/a/linaro.org/bin/topic.py?topic=25838>, 
 <mailto:patchwork-forward+help@linaro.org>
List-Archive: <http://groups.google.com/a/linaro.org/group/patchwork-forward/>
List-Unsubscribe: <mailto:googlegroups-manage+836684582541+unsubscribe@googlegroups.com>, 
 <http://groups.google.com/a/linaro.org/group/patchwork-forward/subscribe>

If our builtin kernel bootloader is directly booting a kernel in
the NonSecure world, then we must configure the GIC to put all
the IRQs into the NonSecure group. (By default all interrupts
are configured to be Secure on reset, which means that a NonSecure
guest kernel cannot use any of them.) This job would usually
be done by the Secure boot firmware, but our builtin bootloader
is doing the job of firmware.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 hw/arm/boot.c | 39 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)

diff --git a/hw/arm/boot.c b/hw/arm/boot.c
index 1e7fd28..3974499 100644
--- a/hw/arm/boot.c
+++ b/hw/arm/boot.c
@@ -13,6 +13,7 @@
 #include "sysemu/sysemu.h"
 #include "hw/boards.h"
 #include "hw/loader.h"
+#include "hw/intc/arm_gic_common.h"
 #include "elf.h"
 #include "sysemu/device_tree.h"
 #include "qemu/config-file.h"
@@ -557,6 +558,33 @@ static void load_image_to_fw_cfg(FWCfgState *fw_cfg, uint16_t size_key,
     fw_cfg_add_bytes(fw_cfg, data_key, data, size);
 }
 
+static int find_gics(Object *obj, void *opaque)
+{
+    GICState *gic = (GICState *)object_dynamic_cast(obj, TYPE_ARM_GIC_COMMON);
+    bool has_sec_extns;
+
+    if (!gic) {
+        /* Might be a container, traverse it for children */
+        return object_child_foreach(obj, find_gics, opaque);
+    }
+
+    has_sec_extns = object_property_get_bool(obj, "has-security-extensions",
+                                             &error_abort);
+    if (has_sec_extns) {
+        object_property_set_bool(obj, true, "irqs-reset-nonsecure",
+                                 &error_abort);
+    }
+    return 0;
+}
+
+static void reconfigure_gics_nonsecure(void)
+{
+    /* Find every GIC in the system and tell it to reconfigure
+     * itself with interrupts as NonSecure.
+     */
+    object_child_foreach(qdev_get_machine(), find_gics, NULL);
+}
+
 static void arm_load_kernel_notify(Notifier *notifier, void *data)
 {
     CPUState *cs;
@@ -767,6 +795,17 @@ static void arm_load_kernel_notify(Notifier *notifier, void *data)
     }
     info->is_linux = is_linux;
 
+    if (is_linux && arm_feature(&cpu->env, ARM_FEATURE_EL3) &&
+        !info->secure_boot) {
+        /* We're directly booting a kernel into NonSecure. If the system
+         * has a GIC which implements the security extensions then we must
+         * configure it to have all the interrupts be NonSecure (this is
+         * a job that is done by the Secure boot firmware, and boot.c is
+         * a minimalist firmware-and-boot-loader equivalent).
+         */
+        reconfigure_gics_nonsecure();
+    }
+
     for (cs = CPU(cpu); cs; cs = CPU_NEXT(cs)) {
         ARM_CPU(cs)->env.boot_info = info;
     }