From patchwork Mon May 6 13:17:45 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andre Przywara X-Patchwork-Id: 241647 X-Patchwork-Delegate: albert.aribaud@free.fr Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from theia.denx.de (theia.denx.de [85.214.87.163]) by ozlabs.org (Postfix) with ESMTP id 2DCE62C00F0 for ; Mon, 6 May 2013 23:19:20 +1000 (EST) Received: from localhost (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id 1DD0F4A2CA; Mon, 6 May 2013 15:19:16 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at theia.denx.de Received: from theia.denx.de ([127.0.0.1]) by localhost (theia.denx.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ap24-CO4IF-E; Mon, 6 May 2013 15:19:15 +0200 (CEST) Received: from theia.denx.de (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id 32CA54A2A8; Mon, 6 May 2013 15:19:07 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id E26624A2A0 for ; Mon, 6 May 2013 15:19:04 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at theia.denx.de Received: from theia.denx.de ([127.0.0.1]) by localhost (theia.denx.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kYztHirSbpAY for ; Mon, 6 May 2013 15:19:00 +0200 (CEST) X-policyd-weight: NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 NOT_IN_BL_NJABL=-1.5 (only DNSBL check requested) Received: from mail-oa0-f50.google.com (mail-oa0-f50.google.com [209.85.219.50]) by theia.denx.de (Postfix) with ESMTPS id 049FD4A29F for ; Mon, 6 May 2013 15:18:53 +0200 (CEST) Received: by mail-oa0-f50.google.com with SMTP id l10so1536374oag.37 for ; Mon, 06 May 2013 06:18:52 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:from:to:cc:subject:date:message-id:x-mailer:in-reply-to :references:x-gm-message-state; bh=46LSXsNxY10rB2CCkM1HCMmc5YB/3rAhniy/z6qEB5Y=; b=GuKwGXXA7+L2d59IxQ3Qb/t8p3d/iDyHwAwQqQFGMPHExk+eXhyGsv0UK1f7azC0k1 TNqqOnuvG1W8axsZr8949veYCs5bFWtPUCTz0g7ZcQpa2yEbWF/8SKiHy9Cmuc2exjA9 wL5Hvzee2uSaI6GfR0RqC2UHE5L2NYAo9TZ1r2tdp7cCfi73493AQcuk8C5HpYTJ5fIo 4nLUzcxD9QP7x4LYUZyAGafM6Q+e58/WMxqD7ujgmTH37mjfVtT0NUE4fUwOoI0nBNxM HNh7u4q97ytP4WuMLDr9KsLRObMXVFS7NWgYss05knbfqRGpgGduPc/u3eTS+C1YSRl5 qeQA== X-Received: by 10.182.96.37 with SMTP id dp5mr5395637obb.93.1367846332698; Mon, 06 May 2013 06:18:52 -0700 (PDT) Received: from slackpad.drs.calxeda.com (f053080141.adsl.alicedsl.de. [78.53.80.141]) by mx.google.com with ESMTPSA id x10sm5081475oes.6.2013.05.06.06.18.49 for (version=TLSv1.2 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 06 May 2013 06:18:52 -0700 (PDT) From: Andre Przywara To: trini@ti.com, albert.u.boot@aribaud.net Date: Mon, 6 May 2013 15:17:45 +0200 Message-Id: <1367846270-1827-2-git-send-email-andre.przywara@linaro.org> X-Mailer: git-send-email 1.7.12.1 In-Reply-To: <1367846270-1827-1-git-send-email-andre.przywara@linaro.org> References: <1367846270-1827-1-git-send-email-andre.przywara@linaro.org> X-Gm-Message-State: ALoCoQnyLhqWIjnYW48YX7rCBptFU/XEQnH/iOgduvkqPAty2snhMRRX1pi5dRMTXPE1mJQcCTku Cc: peter.maydell@linaro.org, geoff.levand@linaro.org, cdall@cs.columbia.edu, marc.zyngier@arm.com, agraf@suse.de, u-boot@lists.denx.de, kvmarm@lists.cs.columbia.edu Subject: [U-Boot] [PATCH 1/6] ARM: add secure monitor handler to switch to non-secure state X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.11 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: u-boot-bounces@lists.denx.de Errors-To: u-boot-bounces@lists.denx.de A prerequisite for using virtualization is to be in HYP mode, which requires the CPU to be in non-secure state. Introduce a monitor handler routine which switches the CPU to non-secure state by setting the NS and associated bits. According to the ARM ARM this should not be done in SVC mode, so we have to setup a SMC handler for this. We reuse the current vector table for this and make sure that we only access the MVBAR register if the CPU supports the security extension and only if we configured the board to use it, since boards entering u-boot already in non-secure mode would crash on accessing MVBAR otherwise. Signed-off-by: Andre Przywara --- arch/arm/cpu/armv7/start.S | 31 ++++++++++++++++++++++++++++--- 1 file changed, 28 insertions(+), 3 deletions(-) diff --git a/arch/arm/cpu/armv7/start.S b/arch/arm/cpu/armv7/start.S index e9e57e6..da48b36 100644 --- a/arch/arm/cpu/armv7/start.S +++ b/arch/arm/cpu/armv7/start.S @@ -155,6 +155,13 @@ reset: /* Set vector address in CP15 VBAR register */ ldr r0, =_start mcr p15, 0, r0, c12, c0, 0 @Set VBAR + +#ifdef CONFIG_ARMV7_VIRT + mrc p15, 0, r1, c0, c1, 1 @ check for security extension + ands r1, r1, #0x30 + mcrne p15, 0, r0, c12, c0, 1 @ Set secure monitor MVBAR +#endif + #endif /* the mask ROM code should have PLL and others stable */ @@ -257,6 +264,12 @@ ENTRY(c_runtime_cpu_setup) ldr r0, =_start mcr p15, 0, r0, c12, c0, 0 @Set VBAR +#ifdef CONFIG_ARMV7_VIRT + mrc p15, 0, r1, c0, c1, 1 @ check for security extension + ands r1, r1, #0x30 + mcrne p15, 0, r0, c12, c0, 1 @ Set secure monitor MVBAR +#endif + bx lr ENDPROC(c_runtime_cpu_setup) @@ -490,11 +503,23 @@ undefined_instruction: bad_save_user_regs bl do_undefined_instruction +/* + * software interrupt aka. secure monitor handler + * This is executed on a "smc" instruction, we use a "smc #0" to switch + * to non-secure state + */ .align 5 software_interrupt: - get_bad_stack_swi - bad_save_user_regs - bl do_software_interrupt + mrc p15, 0, r1, c1, c1, 0 @ read SCR + bic r1, r1, #0x07f + orr r1, r1, #0x31 @ enable NS, AW, FW + + mrc p15, 0, r0, c12, c0, 0 @ save secure copy of VBAR + mcr p15, 0, r1, c1, c1, 0 @ write SCR, switch to non-sec + isb + mcr p15, 0, r0, c12, c0, 0 @ write non-secure copy of VBAR + + movs pc, lr .align 5 prefetch_abort: