From: "Edgar E. Iglesias" <edgar.iglesias@gmail.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: Peter Maydell <peter.maydell@linaro.org>,
Peter Crosthwaite <peter.crosthwaite@xilinx.com>,
Laszlo Ersek <lersek@redhat.com>,
QEMU Developers <qemu-devel@nongnu.org>,
Gerd Hoffmann <kraxel@redhat.com>
Subject: Re: [Qemu-devel] [RFC PATCH 0/3] pflash_cfi01: allow reading/writing it only in secure mode
Date: Fri, 10 Apr 2015 09:30:15 +1000 [thread overview]
Message-ID: <20150409233015.GA28944@toto> (raw)
In-Reply-To: <5526A87E.3000407@redhat.com>
On Thu, Apr 09, 2015 at 06:27:42PM +0200, Paolo Bonzini wrote:
>
>
> On 09/04/2015 18:10, Laszlo Ersek wrote:
> > In OVMF, the reset vector and the SEC phase code run from (read-only)
> > flash. SEC decompresses everything else to RAM. Also, SEC does not
> > access read-write flash (the varstore) at all.
> >
> > The above is a specialty of OVMF. In ArmVirtualizationQemu (aka AAVMF),
> > two further module types run from flash, after SEC: PEI_CORE, and some
> > PEIMs (ie. the PEI phase comes into the picture). During PEI, read-only
> > access to the varstore should be supported.
>
> Read-only access should always be fine (though with a tweak to these
> patches, and slower---because it exits to QEMU---if another CPU is
> looking at the flash in MMIO mode). The problem is execution.
>
> But on x86 flash should never be accessed by multiple CPUs at the same
> time, unless all of them know that the flash is in ROM mode.
>
> As I understand it, on ARM secure (EL3) and non-secure (EL<3) modes have
> effectively different address spaces. Therefore, one EL3 CPU could put
> the flash in MMIO mode for programming, while another EL1 CPU could be
> reading from the flash in ROM mode. In QEMU, this could be implemented
> with two memory regions and per-CPU address spaces. These patches
> should not get in the way, but they would not be useful.
Right, that matches my understanding.
Thanks,
Edgar
next prev parent reply other threads:[~2015-04-09 23:32 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-04-09 12:20 [Qemu-devel] [RFC PATCH 0/3] pflash_cfi01: allow reading/writing it only in secure mode Paolo Bonzini
2015-04-09 12:20 ` [Qemu-devel] [PATCH 1/3] pflash_cfi01: change big-endian property to BIT type Paolo Bonzini
2015-04-09 12:20 ` [Qemu-devel] [PATCH 2/3] pflash_cfi01: change to new-style MMIO accessors Paolo Bonzini
2015-04-09 12:20 ` [Qemu-devel] [PATCH 3/3] pflash_cfi01: add secure property Paolo Bonzini
2015-04-09 12:47 ` [Qemu-devel] [RFC PATCH 0/3] pflash_cfi01: allow reading/writing it only in secure mode Peter Maydell
2015-04-09 13:06 ` Paolo Bonzini
2015-04-09 13:12 ` Peter Maydell
2015-04-09 13:58 ` Edgar E. Iglesias
2015-04-09 14:43 ` Paolo Bonzini
2015-04-09 16:10 ` Laszlo Ersek
2015-04-09 16:27 ` Paolo Bonzini
2015-04-09 23:30 ` Edgar E. Iglesias [this message]
2015-04-10 9:54 ` Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150409233015.GA28944@toto \
--to=edgar.iglesias@gmail.com \
--cc=kraxel@redhat.com \
--cc=lersek@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peter.crosthwaite@xilinx.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.