From: daniel.thompson@linaro.org (Daniel Thompson)
To: linux-arm-kernel@lists.infradead.org
Subject: [PATCH] arm: Handle starting up in secure mode
Date: Thu, 27 Aug 2015 17:17:11 +0100 [thread overview]
Message-ID: <55DF3807.40506@linaro.org> (raw)
In-Reply-To: <1440424572-27116-1-git-send-email-cov@codeaurora.org>
On 24/08/15 14:55, Christopher Covington wrote:
> ARM Linux appears to have never been made aware of the ARMv7 security
> extensions. When CONFIG_ARM_SEC_EXT=y, have it probe for its security
> state by checking whether CNTFRQ is writeable and potentially make
> mode changes based on the information. The most features are available
> from hypervisor (HYP) mode, so switch to it possible. Failing that,
> prefer non-secure supervisor (SVC) mode to secure supervisor mode.
If there is no hypervisor mode available what benefit do we get from
transitioning to non-secure mode?
When running in secure mode we retain access to some potentially useful
features such as having access to FIQ.
Daniel.
WARNING: multiple messages have this Message-ID (diff)
From: Daniel Thompson <daniel.thompson@linaro.org>
To: Christopher Covington <cov@codeaurora.org>
Cc: "Russell King" <linux@arm.linux.org.uk>,
"Will Deacon" <will.deacon@arm.com>,
"Mark Rutland" <mark.rutland@arm.com>,
"Nicolas Pitre" <nico@linaro.org>,
"Jon Medhurst (Tixy)" <tixy@linaro.org>,
"Ard Biesheuvel" <ard.biesheuvel@linaro.org>,
"Wang Nan" <wangnan0@huawei.com>,
"Nathan Lynch" <nathan_lynch@mentor.com>,
"Stephen Boyd" <sboyd@codeaurora.org>,
"Yingjoe Chen" <yingjoe.chen@mediatek.com>,
"Masahiro Yamada" <yamada.m@jp.panasonic.com>,
"Gregory CLEMENT" <gregory.clement@free-electrons.com>,
"Arnd Bergmann" <arnd@arndb.de>,
"Uwe Kleine-König" <u.kleine-koenig@pengutronix.de>,
"Kees Cook" <keescook@chromium.org>,
"Florian Fainelli" <f.fainelli@gmail.com>,
"Maxime Coquelin stm32" <mcoquelin.stm32@gmail.com>,
"Linus Walleij" <linus.walleij@linaro.org>,
"Paul Bolle" <pebolle@tiscali.nl>,
linux-arm-kernel@lists.infradead.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] arm: Handle starting up in secure mode
Date: Thu, 27 Aug 2015 17:17:11 +0100 [thread overview]
Message-ID: <55DF3807.40506@linaro.org> (raw)
In-Reply-To: <1440424572-27116-1-git-send-email-cov@codeaurora.org>
On 24/08/15 14:55, Christopher Covington wrote:
> ARM Linux appears to have never been made aware of the ARMv7 security
> extensions. When CONFIG_ARM_SEC_EXT=y, have it probe for its security
> state by checking whether CNTFRQ is writeable and potentially make
> mode changes based on the information. The most features are available
> from hypervisor (HYP) mode, so switch to it possible. Failing that,
> prefer non-secure supervisor (SVC) mode to secure supervisor mode.
If there is no hypervisor mode available what benefit do we get from
transitioning to non-secure mode?
When running in secure mode we retain access to some potentially useful
features such as having access to FIQ.
Daniel.
next prev parent reply other threads:[~2015-08-27 16:17 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-08-24 13:55 [PATCH] arm: Handle starting up in secure mode Christopher Covington
2015-08-24 13:55 ` Christopher Covington
2015-08-26 10:37 ` Ard Biesheuvel
2015-08-26 10:37 ` Ard Biesheuvel
2015-08-26 10:39 ` Dave Martin
2015-08-26 10:39 ` Dave Martin
2015-08-26 10:48 ` Russell King - ARM Linux
2015-08-26 10:48 ` Russell King - ARM Linux
2015-08-26 14:19 ` Christopher Covington
2015-08-26 14:19 ` Christopher Covington
2015-08-27 15:28 ` Dave Martin
2015-08-27 15:28 ` Dave Martin
2015-09-08 13:21 ` Linus Walleij
2015-09-08 13:21 ` Linus Walleij
2015-08-26 10:46 ` Russell King - ARM Linux
2015-08-26 10:46 ` Russell King - ARM Linux
2015-08-27 16:17 ` Daniel Thompson [this message]
2015-08-27 16:17 ` Daniel Thompson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55DF3807.40506@linaro.org \
--to=daniel.thompson@linaro.org \
--cc=linux-arm-kernel@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.