qemu-arm
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-arm] [PATCH v2 4/5] arm: boot: Add secure_board_setup flag

From: Peter Maydell
Subject: Re: [Qemu-arm] [PATCH v2 4/5] arm: boot: Add secure_board_setup flag
Date: Fri, 30 Oct 2015 21:14:38 +0000 
On 30 October 2015 at 20:59, Peter Crosthwaite
<address@hidden> wrote:
> On Fri, Oct 30, 2015 at 1:49 PM, Peter Maydell <address@hidden> wrote:
>> I thought you were planning to have the generic code do the
>> S->NS transition; but I guess it works better in the board
>> code (we have to go up into Monitor and back down again, right?)
>>
>
> Yes I had to change my mind on this one. The issue was that ARM arch
> doesn't guarantee a NS switch by simply modding SCR.NS inline and I
> wanted to follow this convention. The recommended way is via eret
> (presumably from monitor mode?). So to implement this for highbank I
> do a dummy SMC after the SCR.NS switch (from secure EL1). This can't
> be done generically as board-setup may or may-not install a functional
> monitor.
>
>> Is it an error for the board to set secure_board_setup if
>> the CPU doesn't have EL3? (if so, worth mentioning in this
>> comment; maybe assert?)
>>
>
> I don't like assert, as has_el3 is in theory is user modifiable (via
> either -cpu transplants or directly via -global). I think it is an
> error_exit().

The other question is what happens on a board like this if
the user says -enable-kvm -cpu cortex-a15 ? Does that get us
a CPU without the EL3 property? (I forget...) In any case it
shouldn't be an error unless the board genuinely can't work
with KVM at all, and if we're using KVM then the board
blob definitely won't be running in Secure (and can't flip
to Monitor mode either).

thanks
-- PMM
reply via email to
[Prev in Thread] Current Thread [Next in Thread]