target-arm: Add arm_boot_info secure_boot control

Adds the secure_boot boolean field to the arm_boot_info descriptor.  This
fields is used to indicate whether Linux should boot into secure or non-secure
state if the ARM EL3 feature is enabled.  The default is to leave the CPU in an
unaltered reset state.  On EL3 enabled systems, the reset state is secure and
can be overridden by setting the added field to false.

Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1418684992-8996-11-git-send-email-greg.bellows@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This commit is contained in:
Greg Bellows 2014-12-15 17:09:47 -06:00 committed by Peter Maydell
parent 51942aee3c
commit c8e829b7bf
2 changed files with 14 additions and 0 deletions

View File

@ -457,6 +457,16 @@ static void do_cpu_reset(void *opaque)
env->thumb = info->entry & 1; env->thumb = info->entry & 1;
} }
} else { } else {
/* If we are booting Linux then we need to check whether we are
* booting into secure or non-secure state and adjust the state
* accordingly. Out of reset, ARM is defined to be in secure state
* (SCR.NS = 0), we change that here if non-secure boot has been
* requested.
*/
if (arm_feature(env, ARM_FEATURE_EL3) && !info->secure_boot) {
env->cp15.scr_el3 |= SCR_NS;
}
if (CPU(cpu) == first_cpu) { if (CPU(cpu) == first_cpu) {
if (env->aarch64) { if (env->aarch64) {
env->pc = info->loader_start; env->pc = info->loader_start;

View File

@ -37,6 +37,10 @@ struct arm_boot_info {
hwaddr gic_cpu_if_addr; hwaddr gic_cpu_if_addr;
int nb_cpus; int nb_cpus;
int board_id; int board_id;
/* ARM machines that support the ARM Security Extensions use this field to
* control whether Linux is booted as secure(true) or non-secure(false).
*/
bool secure_boot;
int (*atag_board)(const struct arm_boot_info *info, void *p); int (*atag_board)(const struct arm_boot_info *info, void *p);
/* multicore boards that use the default secondary core boot functions /* multicore boards that use the default secondary core boot functions
* can ignore these two function calls. If the default functions won't * can ignore these two function calls. If the default functions won't