From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:56416)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <serge.fdrv@gmail.com>) id 1Wn9SW-0007nc-Bm
	for qemu-devel@nongnu.org; Wed, 21 May 2014 12:33:44 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <serge.fdrv@gmail.com>) id 1Wn9SP-00049h-QA
	for qemu-devel@nongnu.org; Wed, 21 May 2014 12:33:40 -0400
Received: from mail-lb0-x236.google.com ([2a00:1450:4010:c04::236]:62437)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <serge.fdrv@gmail.com>) id 1Wn9SP-000491-Ak
	for qemu-devel@nongnu.org; Wed, 21 May 2014 12:33:33 -0400
Received: by mail-lb0-f182.google.com with SMTP id z11so1794659lbi.27
	for <qemu-devel@nongnu.org>; Wed, 21 May 2014 09:33:31 -0700 (PDT)
Message-ID: <537CD559.80203@gmail.com>
Date: Wed, 21 May 2014 20:33:29 +0400
From: Sergey Fedorov <serge.fdrv@gmail.com>
MIME-Version: 1.0
References: <1399997768-32014-1-git-send-email-aggelerf@ethz.ch>	<1399997768-32014-2-git-send-email-aggelerf@ethz.ch>	<CAFEAcA_zqs8GY1LgNw9YoYqGoJhADqS8ke_BYD02=XLT1ChSeg@mail.gmail.com>
	<537CD0E3.2090006@codeaurora.org>
In-Reply-To: <537CD0E3.2090006@codeaurora.org>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH v2 01/23] target-arm: add new CPU feature
 for Security Extensions
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Christopher Covington <cov@codeaurora.org>, Peter Maydell <peter.maydell@linaro.org>
Cc: "Edgar E. Iglesias" <edgar.iglesias@gmail.com>, Fabian Aggeler <aggelerf@ethz.ch>, Sergey Fedorov <s.fedorov@samsung.com>, Svetlana Fedoseeva <s.fedoseeva@samsung.com>, QEMU Developers <qemu-devel@nongnu.org>

On 21.05.2014 20:14, Christopher Covington wrote:
> Hi Peter,
>
> On 05/21/2014 10:46 AM, Peter Maydell wrote:
>> On 13 May 2014 17:15, Fabian Aggeler <aggelerf@ethz.ch> wrote:
>>> From: Svetlana Fedoseeva <s.fedoseeva@samsung.com>
>>>
>>> Define Security Extensions CPU feature. Set that feature for relevant CPUs.
>> This is potentially tricky because it means that CPUs which we were
>> previously implementing without TZ now boot up with TZ and in
>> Secure mode; I think this is probably the right thing but we'll need
>> to check that we don't break guests which were really expecting
>> to run in NS.
>>
>> (Also I'm not sure what the semantics of -kernel should be for
>> TZ-supporting CPUs -- boot the kernel in S or NS ?)
> While Linux works in secure mode, non-secure hypervisor mode is required for
> KVM to work in the guest.
>
> "[Entry] in HYP mode ... is the recommended boot method ...."
>
> http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/Documentation/arm/Booting#n183
>
> Christopher
>

AFAIK, in real hardware this switch to non-secure state is actually done
by bootloader. Why don't implement this in Qemu bootloader stub so far?

Regards,
Sergey Fedorov.