qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH v2 10/15] target-arm: Add arm_boot_info secure_b


From: Peter Maydell
Subject: Re: [Qemu-devel] [PATCH v2 10/15] target-arm: Add arm_boot_info secure_boot control
Date: Mon, 15 Dec 2014 17:04:56 +0000

On 11 December 2014 at 23:29, Greg Bellows <address@hidden> wrote:
> Adds the secure_boot boolean field to the arm_boot_info descriptor.  This
> fields is used to indicate whether Linux should boot into secure or non-secure
> state if the ARM EL3 feature is enabled.  The default is to leave the CPU in 
> an
> unaltered reset state.  On EL3 enabled systems, the reset state is secure and
> can be overridden by setting the added field to false.
>
> Signed-off-by: Greg Bellows <address@hidden>
> ---
>  hw/arm/boot.c        | 10 ++++++++++
>  include/hw/arm/arm.h |  4 ++++
>  2 files changed, 14 insertions(+)
>
> diff --git a/hw/arm/boot.c b/hw/arm/boot.c
> index e6a3c5b..7ec33f3 100644
> --- a/hw/arm/boot.c
> +++ b/hw/arm/boot.c
> @@ -457,6 +457,16 @@ static void do_cpu_reset(void *opaque)
>                  env->thumb = info->entry & 1;
>              }
>          } else {
> +            /* If we are booting Linux then we need to check whether we are
> +             * booting into secure or non-secure state and adjust the state
> +             * accordingly.  Out of reset, ARM is defined to be in secure 
> state
> +             * (SCR.NS = 0), we change that here is non-secure boot has been

typo: "if"

> +             * requested.
> +             */
> +            if (arm_feature(env, ARM_FEATURE_EL3) && !info->secure_boot) {
> +                env->cp15.scr_el3 |= SCR_NS;
> +            }
> +
>              if (CPU(cpu) == first_cpu) {
>                  if (env->aarch64) {
>                      env->pc = info->loader_start;
> diff --git a/include/hw/arm/arm.h b/include/hw/arm/arm.h
> index cefc9e6..6659562 100644
> --- a/include/hw/arm/arm.h
> +++ b/include/hw/arm/arm.h
> @@ -37,6 +37,10 @@ struct arm_boot_info {
>      hwaddr gic_cpu_if_addr;
>      int nb_cpus;
>      int board_id;
> +    /* ARM machines that support security extensions use this field to 
> control

Strictly, this should say "the Security Extensions".

> +     * whether Linux is booted as securei(true) or non-secure(false).

Typo: "secure".

> +     */
> +    bool secure_boot;
>      int (*atag_board)(const struct arm_boot_info *info, void *p);
>      /* multicore boards that use the default secondary core boot functions
>       * can ignore these two function calls. If the default functions won't
> --
> 1.8.3.2

thanks
-- PMM



reply via email to

[Prev in Thread] Current Thread [Next in Thread]