From: "Edgar E. Iglesias" <edgar.iglesias@gmail.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: Peter Maydell <peter.maydell@linaro.org>,
Peter Crosthwaite <peter.crosthwaite@xilinx.com>,
Laszlo Ersek <lersek@redhat.com>,
QEMU Developers <qemu-devel@nongnu.org>,
Gerd Hoffmann <kraxel@redhat.com>
Subject: Re: [Qemu-devel] [RFC PATCH 0/3] pflash_cfi01: allow reading/writing it only in secure mode
Date: Fri, 10 Apr 2015 09:30:15 +1000 [thread overview]
Message-ID: <20150409233015.GA28944@toto> (raw)
In-Reply-To: <5526A87E.3000407@redhat.com>
On Thu, Apr 09, 2015 at 06:27:42PM +0200, Paolo Bonzini wrote:
>
>
> On 09/04/2015 18:10, Laszlo Ersek wrote:
> > In OVMF, the reset vector and the SEC phase code run from (read-only)
> > flash. SEC decompresses everything else to RAM. Also, SEC does not
> > access read-write flash (the varstore) at all.
> >
> > The above is a specialty of OVMF. In ArmVirtualizationQemu (aka AAVMF),
> > two further module types run from flash, after SEC: PEI_CORE, and some
> > PEIMs (ie. the PEI phase comes into the picture). During PEI, read-only
> > access to the varstore should be supported.
>
> Read-only access should always be fine (though with a tweak to these
> patches, and slower---because it exits to QEMU---if another CPU is
> looking at the flash in MMIO mode). The problem is execution.
>
> But on x86 flash should never be accessed by multiple CPUs at the same
> time, unless all of them know that the flash is in ROM mode.
>
> As I understand it, on ARM secure (EL3) and non-secure (EL<3) modes have
> effectively different address spaces. Therefore, one EL3 CPU could put
> the flash in MMIO mode for programming, while another EL1 CPU could be
> reading from the flash in ROM mode. In QEMU, this could be implemented
> with two memory regions and per-CPU address spaces. These patches
> should not get in the way, but they would not be useful.
Right, that matches my understanding.
Thanks,
Edgar
next prev parent reply other threads:[~2015-04-09 23:32 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-04-09 12:20 [Qemu-devel] [RFC PATCH 0/3] pflash_cfi01: allow reading/writing it only in secure mode Paolo Bonzini
2015-04-09 12:20 ` [Qemu-devel] [PATCH 1/3] pflash_cfi01: change big-endian property to BIT type Paolo Bonzini
2015-04-09 12:20 ` [Qemu-devel] [PATCH 2/3] pflash_cfi01: change to new-style MMIO accessors Paolo Bonzini
2015-04-09 12:20 ` [Qemu-devel] [PATCH 3/3] pflash_cfi01: add secure property Paolo Bonzini
2015-04-09 12:47 ` [Qemu-devel] [RFC PATCH 0/3] pflash_cfi01: allow reading/writing it only in secure mode Peter Maydell
2015-04-09 13:06 ` Paolo Bonzini
2015-04-09 13:12 ` Peter Maydell
2015-04-09 13:58 ` Edgar E. Iglesias
2015-04-09 14:43 ` Paolo Bonzini
2015-04-09 16:10 ` Laszlo Ersek
2015-04-09 16:27 ` Paolo Bonzini
2015-04-09 23:30 ` Edgar E. Iglesias [this message]
2015-04-10 9:54 ` Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150409233015.GA28944@toto \
--to=edgar.iglesias@gmail.com \
--cc=kraxel@redhat.com \
--cc=lersek@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peter.crosthwaite@xilinx.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).