From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ian Campbell Date: Wed, 22 Oct 2014 19:55:03 +0100 Subject: [U-Boot] [PATCH v2] ARM: bootm: Allow booting in secure mode on hyp capable systems In-Reply-To: <1413985502-19257-1-git-send-email-hdegoede@redhat.com> References: <1413985502-19257-1-git-send-email-hdegoede@redhat.com> Message-ID: <1414004103.20604.72.camel@hellion.org.uk> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: u-boot@lists.denx.de On Wed, 2014-10-22 at 15:45 +0200, Hans de Goede wrote: > if (!fake) { > #if defined(CONFIG_ARMV7_NONSEC) || defined(CONFIG_ARMV7_VIRT) > - armv7_init_nonsec(); > - secure_ram_addr(_do_nonsec_entry)(kernel_entry, > - 0, machid, r2); > -#else > - kernel_entry(0, machid, r2); > + if (boot_nonsec()) { > + armv7_init_nonsec(); > + secure_ram_addr(_do_nonsec_entry)(kernel_entry, > + 0, machid, r2); > + } > #endif > + kernel_entry(0, machid, r2); There's a subtle different here, which is that this final kernel_entry call used to be in the #else clause, and so emitted for the NONSEC || VIRT case. So if the _do_nonsec_entry call were to fail (not currently possible) and return you'd end up trying again via the sec path. I'm not sure that's a bad thing, but it is a difference so it'd be good to know it was a deliberate choice (or not). Ian.