[U-Boot] Non-secure switch in U-boot

Shabbir Khan shabbirkhank at gmail.com
Fri Jun 13 06:51:19 CEST 2014


Hi Tim,

Thanks for reply.
Yes. FSBL is encrypted and is used to start u-boot.
My problem is, by default since cortex-a9 is trustzone compliant it boots
in secure state, but i want to switch dynamically to non-secure state by
calling smc #0 in start.S of my u-boot. Since I have successfully set up
the vector table, MVBAR register and by writing to cp15 SCR, i am able to
enter into Normal world. Once normal state is entered, stack pointer points
to 0x0, and when i tried to boot it goes to ABT(abort) mode.

I want to boot my linux in Non-secure world at the end, that's why, first i
am trying at u-boot level.



Best Regards
Shabbir





On Thu, Jun 12, 2014 at 8:18 AM, <Thomas.Betker at rohde-schwarz.com> wrote:

> Hello Shabir:
>
> > I am working on Xilinx's zynq zc702 board on which i am trying to boot
> > U-boot in Non-secure state, but unfortunately i am not making it boot,
> > through ARM DS-5 debugger, i traced the code flow, once booting process
> > enters into NS world abort is taking place. Do i need to set up any
> stacks
> > for NS world ? How it retrieves secure contents and continue booting
> from
> > where secure boot lefts?
> >
> > Please me help i got strucked with this problem.
>
> I am missing some details here. I am assuming that you use Xilinx' FSBL,
> which in turn starts u-boot (from SD card). Your FSBL is encrypted (as
> required for secure boot), and u-boot may or may not be encrypted. Is all
> this correct?
>
> As far as I know, u-boot shouldn't see any difference between secure and
> non-secure boot then; the binary that is run after decryption is the same
> as the unencrypted binary.
>
> My guess would be that either your FSBL is not encrypted, or something
> else went wrong when generating and installing the boot image.
>
> Best regards,
> Thomas Betker
>


More information about the U-Boot mailing list