From: Mark Kettenis <mark.kettenis@xs4all.nl>
To: u-boot@lists.denx.de
Subject: [U-Boot] [PATCH 1/3] ARM: HYP/non-sec: save and restore stack
Date: Wed, 13 Jun 2018 16:55:01 +0200 (CEST) [thread overview]
Message-ID: <2459ce99c2600d5c@bloch.sibelius.xs4all.nl> (raw)
In-Reply-To: <d46bd5aa-8fb9-5035-0796-5264f888e067@suse.de> (message from Alexander Graf on Tue, 12 Jun 2018 22:32:38 +0200)
> From: Alexander Graf <agraf@suse.de>
> Date: Tue, 12 Jun 2018 22:32:38 +0200
>
> On 12.06.18 22:17, Mark Kettenis wrote:
> >> From: Alexander Graf <agraf@suse.de>
> >> Date: Tue, 12 Jun 2018 20:46:02 +0200
> >>
> >> On 12.06.18 19:27, Mark Kettenis wrote:
> >>> The current code that switches into HYP mode doesn't bother to set
> >>> up a stack for HYP mode. This doesn't work for EFI applications
> >>> as they expect a usable stack. Fix this by saving the stack
> >>> pointer before switching and use it to set SP_hyp from monitor.
> >>> This restores the stack pointer when we drop into HYP mode.
> >>>
> >>> Signed-off-by: Mark Kettenis <kettenis@openbsd.org>
> >>
> >> Can we be sure that the stack in MON is usable from HYP?
> >
> > I think so. It is the stack that U-Boot sets up for itself in normal
> > memory. As far as I can tell arm64 re-uses this stack when dropping
> > down into EL2 as well.
>
> Well, the question is whether it's secure or non-secure memory. Usually
> the DRAM controller can be configured to have a window of RAM only
> available to secure and I'd certainly hope that at least the U-Boot
> parts that are preserved in EL3 live in such a secured area :)
The U-Boot PSCI implementation ends up in a special memory region and
uses a separate stack in that same region. Whether that memory region
is marked as secure in hardware depends on board-specific code. On
the i.MX7D board I'm playing with it ends up in on on-chip RAM but I'm
not sure the current U-Boot code actually marks that region as secure.
In principle the PSCI code is all that is preserved for MON/EL3. My
diffs really don't change how that works. The code is already there
and it already works (I assume) when booting Linux kernels in
non-secure mode the traditional (non-EFI) way.
next prev parent reply other threads:[~2018-06-13 14:55 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-06-12 17:27 [U-Boot] [PATCH 0/3] efi_loader: ARM: add support for ARMV7_NONSEC=y Mark Kettenis
2018-06-12 17:27 ` [U-Boot] [PATCH 1/3] ARM: HYP/non-sec: save and restore stack Mark Kettenis
2018-06-12 18:46 ` Alexander Graf
2018-06-12 20:17 ` Mark Kettenis
2018-06-12 20:32 ` Alexander Graf
2018-06-13 14:55 ` Mark Kettenis [this message]
2018-06-12 17:27 ` [U-Boot] [PATCH 2/3] efi_loader: ARM: run EFI payloads non-secure Mark Kettenis
2018-06-12 18:49 ` Alexander Graf
2018-06-12 17:27 ` [U-Boot] [PATCH 3/3] Revert "efi_loader: no support for ARMV7_NONSEC=y" Mark Kettenis
2018-06-12 18:00 ` [U-Boot] [PATCH 0/3] efi_loader: ARM: add support for ARMV7_NONSEC=y Heinrich Schuchardt
2018-06-12 20:36 ` Mark Kettenis
2018-06-13 22:20 ` Mark Kettenis
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2459ce99c2600d5c@bloch.sibelius.xs4all.nl \
--to=mark.kettenis@xs4all.nl \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.