[U-Boot] [PATCH v3 2/7] ARM: add secure monitor handler to switch to non-secure state

[Andre Przywara <andre.przywara@linaro.org>]

On 07/30/2013 12:02 AM, Christoffer Dall wrote:
> n Wed, Jul 10, 2013 at 01:54:14AM +0200, Andre Przywara wrote:
>> A prerequisite for using virtualization is to be in HYP mode, which
>> requires the CPU to be in non-secure state first.
>> Add new file in arch/arm/cpu/armv7 to hold a monitor handler routine
>> which switches the CPU to non-secure state by setting the NS and
>> associated bits.
>> According to the ARM architecture reference manual this should not be
>> done in SVC mode, so we have to setup a SMC handler for this.
>> We create a new vector table to avoid interference with other boards.
>> The MVBAR register will be programmed later just before the smc call.
>>
>> Signed-off-by: Andre Przywara <andre.przywara@linaro.org>
>> ---
>>   arch/arm/cpu/armv7/Makefile      |  4 +++
>>   arch/arm/cpu/armv7/nonsec_virt.S | 54 ++++++++++++++++++++++++++++++++++++++++
>>   2 files changed, 58 insertions(+)
>>   create mode 100644 arch/arm/cpu/armv7/nonsec_virt.S
>>
>> diff --git a/arch/arm/cpu/armv7/Makefile b/arch/arm/cpu/armv7/Makefile
>> index 7a8c2d0..5d75077 100644
>> --- a/arch/arm/cpu/armv7/Makefile
>> +++ b/arch/arm/cpu/armv7/Makefile
>> @@ -36,6 +36,10 @@ ifneq ($(CONFIG_AM33XX)$(CONFIG_OMAP44XX)$(CONFIG_OMAP54XX)$(CONFIG_TEGRA)$(CONF
>>   SOBJS	+= lowlevel_init.o
>>   endif
>>
>> +ifneq ($(CONFIG_ARMV7_NONSEC),)
>> +SOBJS   += nonsec_virt.o
>> +endif
>> +
>>   SRCS	:= $(START:.o=.S) $(COBJS:.o=.c)
>>   OBJS	:= $(addprefix $(obj),$(COBJS) $(SOBJS))
>>   START	:= $(addprefix $(obj),$(START))
>> diff --git a/arch/arm/cpu/armv7/nonsec_virt.S b/arch/arm/cpu/armv7/nonsec_virt.S
>> new file mode 100644
>> index 0000000..68a6b38
>> --- /dev/null
>> +++ b/arch/arm/cpu/armv7/nonsec_virt.S
>> @@ -0,0 +1,54 @@
>> +/*
>> + * code for switching cores into non-secure state
>> + *
>> + * Copyright (c) 2013	Andre Przywara <andre.przywara@linaro.org>
>> + *
>> + * See file CREDITS for list of people who contributed to this
>> + * project.
>> + *
>> + * This program is free software; you can redistribute it and/or
>> + * modify it under the terms of the GNU General Public License as
>> + * published by the Free Software Foundation; either version 2 of
>> + * the License, or (at your option) any later version.
>> + *
>> + * This program is distributed in the hope that it will be useful,
>> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
>> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.	 See the
>> + * GNU General Public License for more details.
>> + *
>> + * You should have received a copy of the GNU General Public License
>> + * along with this program; if not, write to the Free Software
>> + * Foundation, Inc., 59 Temple Place, Suite 330, Boston,
>> + * MA 02111-1307 USA
>> + */
>> +
>> +#include <config.h>
>> +
>> +/* the vector table for secure state */
>> +_monitor_vectors:
>> +	.word 0	/* reset */
>> +	.word 0 /* undef */
>> +	adr pc, _secure_monitor
>> +	.word 0
>> +	.word 0
>> +	.word 0
>> +	.word 0
>> +	.word 0
>> +	.word 0	/* pad */
>> +
>> +/*
>> + * software interrupt aka. secure monitor handler
>
> a software interrupt is not aka. a secure monitor handler, this is
> misleading, it's just the smc handler.

I agree, but I wanted to stick to the u-boot nomenclature which uses 
"software interrupt" for that exception in arch/arm/cpu/armv7/start.S.
So I used both names to make it more clear to the u-boot reader.
If I make a newer version, I will fix it in there.

Regards,
Andre.

>
>> + * This is executed on a "smc" instruction, we use a "smc #0" to switch
>> + * to non-secure state.
>> + * We use only r0 and r1 here, due to constraints in the caller.
>> + */
>> +	.align	5
>> +_secure_monitor:
>> +	mrc	p15, 0, r1, c1, c1, 0		@ read SCR
>> +	bic	r1, r1, #0x4e			@ clear IRQ, FIQ, EA, nET bits
>> +	orr	r1, r1, #0x31			@ enable NS, AW, FW bits
>> +
>> +	mcr	p15, 0, r1, c1, c1, 0		@ write SCR (with NS bit set)
>> +
>> +	movs	pc, lr				@ return to non-secure SVC
>> +
>> --
>> 1.7.12.1
>>