[U-Boot] [PATCH v4 06/10] ARM: HYP/non-sec: allow relocation to secure RAM

Marc Zyngier marc.zyngier at arm.com
Wed May 7 08:51:37 CEST 2014 

On Fri, May 02 2014 at  9:30:05 pm BST, Jon Loeliger <loeliger at gmail.com> wrote:

Hi Jon,

> I finally have all this working for me on an A9 system too!

Awesome! Ship it! ;-)

> However, there were a few things that I had to change a bit.
> For example, by CPUs will always come out of reset at 0x0
> and I do not have the ability to set their first-fetch address to
> anything else.  To accommodate this, I need to ensure that
> the _monitor_vectors are loaded at address 0x0, and that
> the first entry in the exception vector (for reset) jumped to
> some notion of "secure_reset code".  So I changed this code:
>
>
>> diff --git a/arch/arm/cpu/armv7/nonsec_virt.S
>> b/arch/arm/cpu/armv7/nonsec_virt.S
>> index b5c946f..2a43e3c 100644
>> --- a/arch/arm/cpu/armv7/nonsec_virt.S
>> +++ b/arch/arm/cpu/armv7/nonsec_virt.S
>> @@ -10,10 +10,13 @@
>  > #include <linux/linkage.h>
>  > #include <asm/gic.h>
>  > #include <asm/armv7.h>
>> +#include <asm/proc-armv/ptrace.h>
>>
>>  .arch_extension sec
>>  .arch_extension virt
>>
>> +       .pushsection ._secure.text, "ax"
>> +
>>        .align  5
>>  /* the vector table for secure state and HYP mode */
>>  _monitor_vectors:
>> @@ -22,51 +25,86 @@ _monitor_vectors:
>>        adr pc, _secure_monitor
>>        .word 0
>>        .word 0
>> -       adr pc, _hyp_trap
>> +       .word 0
>>        .word 0
>>         .word 0
>>
>> +.macro is_cpu_virt_capable     tmp
>> +       mrc     p15, 0, \tmp, c0, c1, 1         @ read ID_PFR1
>> +       and     \tmp, \tmp, #CPUID_ARM_VIRT_MASK        @ mask virtualization bits
>> +       cmp     \tmp, #(1 << CPUID_ARM_VIRT_SHIFT)
>> +.endm
>
> So that it did this too:
>
> @@ -20,15 +20,23 @@
>         .align  5
>  /* the vector table for secure state and HYP mode */
>  _monitor_vectors:
> -       .word 0 /* reset */
> -       .word 0 /* undef */
> -       adr pc, _secure_monitor
> +       ldr pc, _secure_reset   /* reset */
> +       .word 0                 /* undef */
> +       adr pc, _secure_monitor /* SMC */
>         .word 0
>         .word 0
>         .word 0
>         .word 0
>         .word 0
>
> +
> +_secure_reset:
> +#ifdef CONFIG_SECURE_MONITOR_RESET_FUNCTION
> +       .word CONFIG_SECURE_MONITOR_RESET_FUNCTION
> +#else
> +       .word 0
> +#endif
> +
>  .macro is_cpu_virt_capable     tmp
>
> That enabled me to define CONFIG_SECURE_MONITOR_RESET_FUNCTION
> in my config header file:
>
> /*
>  * With the Secure Monitor at 0x0, its reset vector must also
>  * then point off to the correct "out-of-reset entry function."
>  */
> #define CONFIG_SECURE_MONITOR_RESET_FUNCTION    _myplatform_cpu_entry
> #define CONFIG_ARMV7_SECURE_BASE    0x0
>
> That _myplatform_cpu_entry corresponds to your sunxi_cpu_entry code.

Yup, makes sense. Nit-pick: make the _secure_reset a weak symbol that
your platform code will overload, just like the rest of the PSCI
stuff. Saves the #ifdef horror; ;-)

> So, yeah, I know that isn't a proper patch and all. :-) I'm just
> sending you more information to ponder for this patch series!  If you
> would like to generalize your patch this way, please feel free to do
> so.  If not, I can send a proper patch after this hits mainline or so.

My prefered way would be indeed to have a proper patch on top of this to
handle the "coming out of reset" case. You'll get proper credit for the
idea! :-)

Thanks,

	M.
-- 
Without deviation from the norm, progress is not possible.

More information about the U-Boot mailing list