From: Albert ARIBAUD <albert.u.boot@aribaud.net>
To: u-boot@lists.denx.de
Subject: [U-Boot] [PATCH 1/6] ARM: add secure monitor handler to switch to non-secure state
Date: Thu, 23 May 2013 12:52:19 +0200 [thread overview]
Message-ID: <20130523125219.3522d2fb@lilith> (raw)
In-Reply-To: <1367846270-1827-2-git-send-email-andre.przywara@linaro.org>
Hi Andre,
On Mon, 6 May 2013 15:17:45 +0200, Andre Przywara
<andre.przywara@linaro.org> wrote:
> A prerequisite for using virtualization is to be in HYP mode, which
> requires the CPU to be in non-secure state.
> Introduce a monitor handler routine which switches the CPU to
> non-secure state by setting the NS and associated bits.
> According to the ARM ARM this should not be done in SVC mode, so we
ARM *TRM*, I suspect. Also, as there are a lot of ARM TRMs, if there is
a more precise reference, please provide it.
> have to setup a SMC handler for this. We reuse the current vector
> table for this and make sure that we only access the MVBAR register
> if the CPU supports the security extension and only if we
> configured the board to use it, since boards entering u-boot already
> in non-secure mode would crash on accessing MVBAR otherwise.
>
> Signed-off-by: Andre Przywara <andre.przywara@linaro.org>
> ---
> arch/arm/cpu/armv7/start.S | 31 ++++++++++++++++++++++++++++---
> 1 file changed, 28 insertions(+), 3 deletions(-)
>
> diff --git a/arch/arm/cpu/armv7/start.S b/arch/arm/cpu/armv7/start.S
> index e9e57e6..da48b36 100644
> --- a/arch/arm/cpu/armv7/start.S
> +++ b/arch/arm/cpu/armv7/start.S
> @@ -155,6 +155,13 @@ reset:
> /* Set vector address in CP15 VBAR register */
> ldr r0, =_start
> mcr p15, 0, r0, c12, c0, 0 @Set VBAR
> +
> +#ifdef CONFIG_ARMV7_VIRT
> + mrc p15, 0, r1, c0, c1, 1 @ check for security extension
> + ands r1, r1, #0x30
> + mcrne p15, 0, r0, c12, c0, 1 @ Set secure monitor MVBAR
> +#endif
> +
> #endif
>
> /* the mask ROM code should have PLL and others stable */
> @@ -257,6 +264,12 @@ ENTRY(c_runtime_cpu_setup)
> ldr r0, =_start
> mcr p15, 0, r0, c12, c0, 0 @Set VBAR
>
> +#ifdef CONFIG_ARMV7_VIRT
> + mrc p15, 0, r1, c0, c1, 1 @ check for security extension
> + ands r1, r1, #0x30
> + mcrne p15, 0, r0, c12, c0, 1 @ Set secure monitor MVBAR
> +#endif
> +
> bx lr
>
> ENDPROC(c_runtime_cpu_setup)
> @@ -490,11 +503,23 @@ undefined_instruction:
> bad_save_user_regs
> bl do_undefined_instruction
>
> +/*
> + * software interrupt aka. secure monitor handler
> + * This is executed on a "smc" instruction, we use a "smc #0" to switch
> + * to non-secure state
> + */
> .align 5
> software_interrupt:
> - get_bad_stack_swi
> - bad_save_user_regs
> - bl do_software_interrupt
> + mrc p15, 0, r1, c1, c1, 0 @ read SCR
> + bic r1, r1, #0x07f
> + orr r1, r1, #0x31 @ enable NS, AW, FW
> +
> + mrc p15, 0, r0, c12, c0, 0 @ save secure copy of VBAR
> + mcr p15, 0, r1, c1, c1, 0 @ write SCR, switch to non-sec
> + isb
> + mcr p15, 0, r0, c12, c0, 0 @ write non-secure copy of VBAR
> +
> + movs pc, lr
>
> .align 5
> prefetch_abort:
Amicalement,
--
Albert.
next prev parent reply other threads:[~2013-05-23 10:52 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-05-06 13:17 [U-Boot] [PATCH 0/6] ARMv7: Add HYP mode switching support Andre Przywara
2013-05-06 13:17 ` [U-Boot] [PATCH 1/6] ARM: add secure monitor handler to switch to non-secure state Andre Przywara
2013-05-23 10:52 ` Albert ARIBAUD [this message]
2013-05-23 12:14 ` Marc Zyngier
2013-05-23 12:34 ` Albert ARIBAUD
2013-05-23 12:40 ` Albert ARIBAUD
2013-05-23 12:41 ` Albert ARIBAUD
2013-05-23 13:00 ` Peter Maydell
2013-05-23 14:08 ` Albert ARIBAUD
2013-05-23 14:47 ` Albert ARIBAUD
2013-05-26 22:42 ` Andre Przywara
2013-05-31 1:02 ` Christoffer Dall
2013-05-31 9:23 ` Andre Przywara
2013-05-31 17:21 ` Albert ARIBAUD
2013-05-31 23:50 ` Christoffer Dall
2013-06-01 10:06 ` Albert ARIBAUD
2013-06-01 10:11 ` Albert ARIBAUD
2013-05-06 13:17 ` [U-Boot] [PATCH 2/6] ARM: add assembly routine " Andre Przywara
2013-05-31 3:04 ` Christoffer Dall
2013-05-31 9:26 ` Andre Przywara
2013-05-31 23:50 ` Christoffer Dall
2013-05-06 13:17 ` [U-Boot] [PATCH 3/6] ARM: switch to non-secure state during bootm execution Andre Przywara
2013-05-31 5:10 ` Christoffer Dall
2013-05-31 9:30 ` Andre Przywara
2013-05-31 23:50 ` Christoffer Dall
2013-05-06 13:17 ` [U-Boot] [PATCH 4/6] ARM: add SMP support for non-secure switch Andre Przywara
2013-05-31 5:32 ` Christoffer Dall
2013-05-31 9:32 ` Andre Przywara
2013-05-31 23:51 ` Christoffer Dall
2013-06-07 11:00 ` TigerLiu at viatech.com.cn
2013-05-06 13:17 ` [U-Boot] [PATCH 5/6] ARM: extend non-secure switch to also go into HYP mode Andre Przywara
2013-05-09 18:56 ` Tom Rini
2013-05-31 5:43 ` Christoffer Dall
2013-05-31 9:34 ` Andre Przywara
2013-05-31 23:51 ` Christoffer Dall
2013-05-06 13:17 ` [U-Boot] [PATCH 6/6] ARM: VExpress: enable ARMv7 virt support for VExpress A15 Andre Przywara
2013-05-23 10:52 ` [U-Boot] [PATCH 0/6] ARMv7: Add HYP mode switching support Albert ARIBAUD
2013-05-26 22:51 ` Andre Przywara
2013-05-31 6:11 ` Christoffer Dall
2013-05-31 6:36 ` Andre Przywara
2013-05-31 23:49 ` Christoffer Dall
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130523125219.3522d2fb@lilith \
--to=albert.u.boot@aribaud.net \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.