From: Peter Maydell <peter.maydell@linaro.org>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: "Edgar E. Iglesias" <edgar.iglesias@gmail.com>,
Peter Crosthwaite <peter.crosthwaite@xilinx.com>,
Laszlo Ersek <lersek@redhat.com>,
QEMU Developers <qemu-devel@nongnu.org>,
Gerd Hoffmann <kraxel@redhat.com>
Subject: Re: [Qemu-devel] [RFC PATCH 0/3] pflash_cfi01: allow reading/writing it only in secure mode
Date: Thu, 9 Apr 2015 13:47:50 +0100 [thread overview]
Message-ID: <CAFEAcA9WZ5Vx3tRVrykP33+JSq-A=a+-fMRMPR-PJnGaHazmtg@mail.gmail.com> (raw)
In-Reply-To: <1428582043-19080-1-git-send-email-pbonzini@redhat.com>
On 9 April 2015 at 13:20, Paolo Bonzini <pbonzini@redhat.com> wrote:
> This is an example of usage of attributes in a device model. It lets
> you block flash writes unless the CPU is in secure mode. Enabling it
> currently requires a -readconfig file:
>
> [global]
> driver = "cfi.pflash01"
> property = "secure"
> value = "on"
>
> because the driver includes a "."; however, I plan to enable this through
> the command line for the final version of the patches.
Are real flash devices ever wired up like this?
I would expect boards which want to provide secure-mode
only flash to do so by not giving any access at all to
the device from the non-secure address space.
(Supporting multiple AddressSpaces for ARM CPUs is the
next thing on my todo list; as well as partitioning the
flash this would allow secure-mode-only RAM and UARTs,
for instance.)
-- PMM
next prev parent reply other threads:[~2015-04-09 12:48 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-04-09 12:20 [Qemu-devel] [RFC PATCH 0/3] pflash_cfi01: allow reading/writing it only in secure mode Paolo Bonzini
2015-04-09 12:20 ` [Qemu-devel] [PATCH 1/3] pflash_cfi01: change big-endian property to BIT type Paolo Bonzini
2015-04-09 12:20 ` [Qemu-devel] [PATCH 2/3] pflash_cfi01: change to new-style MMIO accessors Paolo Bonzini
2015-04-09 12:20 ` [Qemu-devel] [PATCH 3/3] pflash_cfi01: add secure property Paolo Bonzini
2015-04-09 12:47 ` Peter Maydell [this message]
2015-04-09 13:06 ` [Qemu-devel] [RFC PATCH 0/3] pflash_cfi01: allow reading/writing it only in secure mode Paolo Bonzini
2015-04-09 13:12 ` Peter Maydell
2015-04-09 13:58 ` Edgar E. Iglesias
2015-04-09 14:43 ` Paolo Bonzini
2015-04-09 16:10 ` Laszlo Ersek
2015-04-09 16:27 ` Paolo Bonzini
2015-04-09 23:30 ` Edgar E. Iglesias
2015-04-10 9:54 ` Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAFEAcA9WZ5Vx3tRVrykP33+JSq-A=a+-fMRMPR-PJnGaHazmtg@mail.gmail.com' \
--to=peter.maydell@linaro.org \
--cc=edgar.iglesias@gmail.com \
--cc=kraxel@redhat.com \
--cc=lersek@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peter.crosthwaite@xilinx.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.