From: Albert ARIBAUD <albert.u.boot@aribaud.net>
To: u-boot@lists.denx.de
Subject: [U-Boot] [PATCH 1/6] ARM: add secure monitor handler to switch to non-secure state
Date: Thu, 23 May 2013 12:52:19 +0200 [thread overview]
Message-ID: <20130523125219.3522d2fb@lilith> (raw)
In-Reply-To: <1367846270-1827-2-git-send-email-andre.przywara@linaro.org>
Hi Andre,
On Mon, 6 May 2013 15:17:45 +0200, Andre Przywara
<andre.przywara@linaro.org> wrote:
> A prerequisite for using virtualization is to be in HYP mode, which
> requires the CPU to be in non-secure state.
> Introduce a monitor handler routine which switches the CPU to
> non-secure state by setting the NS and associated bits.
> According to the ARM ARM this should not be done in SVC mode, so we
ARM *TRM*, I suspect. Also, as there are a lot of ARM TRMs, if there is
a more precise reference, please provide it.
> have to setup a SMC handler for this. We reuse the current vector
> table for this and make sure that we only access the MVBAR register
> if the CPU supports the security extension and only if we
> configured the board to use it, since boards entering u-boot already
> in non-secure mode would crash on accessing MVBAR otherwise.
>
> Signed-off-by: Andre Przywara <andre.przywara@linaro.org>
> ---
> arch/arm/cpu/armv7/start.S | 31 ++++++++++++++++++++++++++++---
> 1 file changed, 28 insertions(+), 3 deletions(-)
>
> diff --git a/arch/arm/cpu/armv7/start.S b/arch/arm/cpu/armv7/start.S
> index e9e57e6..da48b36 100644
> --- a/arch/arm/cpu/armv7/start.S
> +++ b/arch/arm/cpu/armv7/start.S
> @@ -155,6 +155,13 @@ reset:
> /* Set vector address in CP15 VBAR register */
> ldr r0, =_start
> mcr p15, 0, r0, c12, c0, 0 @Set VBAR
> +
> +#ifdef CONFIG_ARMV7_VIRT
> + mrc p15, 0, r1, c0, c1, 1 @ check for security extension
> + ands r1, r1, #0x30
> + mcrne p15, 0, r0, c12, c0, 1 @ Set secure monitor MVBAR
> +#endif
> +
> #endif
>
> /* the mask ROM code should have PLL and others stable */
> @@ -257,6 +264,12 @@ ENTRY(c_runtime_cpu_setup)
> ldr r0, =_start
> mcr p15, 0, r0, c12, c0, 0 @Set VBAR
>
> +#ifdef CONFIG_ARMV7_VIRT
> + mrc p15, 0, r1, c0, c1, 1 @ check for security extension
> + ands r1, r1, #0x30
> + mcrne p15, 0, r0, c12, c0, 1 @ Set secure monitor MVBAR
> +#endif
> +
> bx lr
>
> ENDPROC(c_runtime_cpu_setup)
> @@ -490,11 +503,23 @@ undefined_instruction:
> bad_save_user_regs
> bl do_undefined_instruction
>
> +/*
> + * software interrupt aka. secure monitor handler
> + * This is executed on a "smc" instruction, we use a "smc #0" to switch
> + * to non-secure state
> + */
> .align 5
> software_interrupt:
> - get_bad_stack_swi
> - bad_save_user_regs
> - bl do_software_interrupt
> + mrc p15, 0, r1, c1, c1, 0 @ read SCR
> + bic r1, r1, #0x07f
> + orr r1, r1, #0x31 @ enable NS, AW, FW
> +
> + mrc p15, 0, r0, c12, c0, 0 @ save secure copy of VBAR
> + mcr p15, 0, r1, c1, c1, 0 @ write SCR, switch to non-sec
> + isb
> + mcr p15, 0, r0, c12, c0, 0 @ write non-secure copy of VBAR
> +
> + movs pc, lr
>
> .align 5
> prefetch_abort:
Amicalement,
--
Albert.
next prev parent reply other threads:[~2013-05-23 10:52 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-05-06 13:17 [U-Boot] [PATCH 0/6] ARMv7: Add HYP mode switching support Andre Przywara
2013-05-06 13:17 ` [U-Boot] [PATCH 1/6] ARM: add secure monitor handler to switch to non-secure state Andre Przywara
2013-05-23 10:52 ` Albert ARIBAUD [this message]
2013-05-23 12:14 ` Marc Zyngier
2013-05-23 12:34 ` Albert ARIBAUD
2013-05-23 12:40 ` Albert ARIBAUD
2013-05-23 12:41 ` Albert ARIBAUD
2013-05-23 13:00 ` Peter Maydell
2013-05-23 14:08 ` Albert ARIBAUD
2013-05-23 14:47 ` Albert ARIBAUD
2013-05-26 22:42 ` Andre Przywara
2013-05-31 1:02 ` Christoffer Dall
2013-05-31 9:23 ` Andre Przywara
2013-05-31 17:21 ` Albert ARIBAUD
2013-05-31 23:50 ` Christoffer Dall
2013-06-01 10:06 ` Albert ARIBAUD
2013-06-01 10:11 ` Albert ARIBAUD
2013-05-06 13:17 ` [U-Boot] [PATCH 2/6] ARM: add assembly routine " Andre Przywara
2013-05-31 3:04 ` Christoffer Dall
2013-05-31 9:26 ` Andre Przywara
2013-05-31 23:50 ` Christoffer Dall
2013-05-06 13:17 ` [U-Boot] [PATCH 3/6] ARM: switch to non-secure state during bootm execution Andre Przywara
2013-05-31 5:10 ` Christoffer Dall
2013-05-31 9:30 ` Andre Przywara
2013-05-31 23:50 ` Christoffer Dall
2013-05-06 13:17 ` [U-Boot] [PATCH 4/6] ARM: add SMP support for non-secure switch Andre Przywara
2013-05-31 5:32 ` Christoffer Dall
2013-05-31 9:32 ` Andre Przywara
2013-05-31 23:51 ` Christoffer Dall
2013-06-07 11:00 ` TigerLiu at viatech.com.cn
2013-05-06 13:17 ` [U-Boot] [PATCH 5/6] ARM: extend non-secure switch to also go into HYP mode Andre Przywara
2013-05-09 18:56 ` Tom Rini
2013-05-31 5:43 ` Christoffer Dall
2013-05-31 9:34 ` Andre Przywara
2013-05-31 23:51 ` Christoffer Dall
2013-05-06 13:17 ` [U-Boot] [PATCH 6/6] ARM: VExpress: enable ARMv7 virt support for VExpress A15 Andre Przywara
2013-05-23 10:52 ` [U-Boot] [PATCH 0/6] ARMv7: Add HYP mode switching support Albert ARIBAUD
2013-05-26 22:51 ` Andre Przywara
2013-05-31 6:11 ` Christoffer Dall
2013-05-31 6:36 ` Andre Przywara
2013-05-31 23:49 ` Christoffer Dall
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130523125219.3522d2fb@lilith \
--to=albert.u.boot@aribaud.net \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox