diff options
| author | Marc Zyngier <marc.zyngier@arm.com> | 2014-07-12 14:24:03 +0100 |
|---|---|---|
| committer | Albert ARIBAUD <albert.u.boot@aribaud.net> | 2014-07-28 17:19:09 +0200 |
| commit | f510aeae689925a660bff14683eef4147785d271 (patch) | |
| tree | c64b78f6ed747616c80e52c7c20e2508fca652f1 /arch/arm/include | |
| parent | bf433afd60ce2ccd1bec3cf14150323be8272ac3 (diff) | |
| download | u-boot-imx-f510aeae689925a660bff14683eef4147785d271.zip u-boot-imx-f510aeae689925a660bff14683eef4147785d271.tar.gz u-boot-imx-f510aeae689925a660bff14683eef4147785d271.tar.bz2 | |
ARM: HYP/non-sec: allow relocation to secure RAM
The current non-sec switching code suffers from one major issue:
it cannot run in secure RAM, as a large part of u-boot still needs
to be run while we're switched to non-secure.
This patch reworks the whole HYP/non-secure strategy by:
- making sure the secure code is the *last* thing u-boot executes
before entering the payload
- performing an exception return from secure mode directly into
the payload
- allowing the code to be dynamically relocated to secure RAM
before switching to non-secure.
This involves quite a bit of horrible code, specially as u-boot
relocation is quite primitive.
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Acked-by: Ian Campbell <ijc@hellion.org.uk>
Diffstat (limited to 'arch/arm/include')
| -rw-r--r-- | arch/arm/include/asm/armv7.h | 10 | ||||
| -rw-r--r-- | arch/arm/include/asm/secure.h | 26 |
2 files changed, 33 insertions, 3 deletions
diff --git a/arch/arm/include/asm/armv7.h b/arch/arm/include/asm/armv7.h index 395444e..11476dd 100644 --- a/arch/arm/include/asm/armv7.h +++ b/arch/arm/include/asm/armv7.h @@ -78,13 +78,17 @@ void v7_outer_cache_inval_range(u32 start, u32 end); #if defined(CONFIG_ARMV7_NONSEC) || defined(CONFIG_ARMV7_VIRT) -int armv7_switch_nonsec(void); -int armv7_switch_hyp(void); +int armv7_init_nonsec(void); /* defined in assembly file */ unsigned int _nonsec_init(void); +void _do_nonsec_entry(void *target_pc, unsigned long r0, + unsigned long r1, unsigned long r2); void _smp_pen(void); -void _switch_to_hyp(void); + +extern char __secure_start[]; +extern char __secure_end[]; + #endif /* CONFIG_ARMV7_NONSEC || CONFIG_ARMV7_VIRT */ #endif /* ! __ASSEMBLY__ */ diff --git a/arch/arm/include/asm/secure.h b/arch/arm/include/asm/secure.h new file mode 100644 index 0000000..effdb18 --- /dev/null +++ b/arch/arm/include/asm/secure.h @@ -0,0 +1,26 @@ +#ifndef __ASM_SECURE_H +#define __ASM_SECURE_H + +#include <config.h> + +#ifdef CONFIG_ARMV7_SECURE_BASE +/* + * Warning, horror ahead. + * + * The target code lives in our "secure ram", but u-boot doesn't know + * that, and has blindly added reloc_off to every relocation + * entry. Gahh. Do the opposite conversion. This hack also prevents + * GCC from generating code veeners, which u-boot doesn't relocate at + * all... + */ +#define secure_ram_addr(_fn) ({ \ + DECLARE_GLOBAL_DATA_PTR; \ + void *__fn = _fn; \ + typeof(_fn) *__tmp = (__fn - gd->reloc_off); \ + __tmp; \ + }) +#else +#define secure_ram_addr(_fn) (_fn) +#endif + +#endif |