[U-Boot] [PATCH v5 0/3] ARM: Add armv7/Kconfig and allow booting in secure mode on non-secure boot capable systems
Hi Albert,
Here is v5 of my patchset to allow booting in secure mode on non-secure boot capable systems.
Changes in v2: -"ARM: Add arch/arm/cpu/armv7/Kconfig with non-secure and virt options": -Drop all the FIXME-s, use proper CPU_V7 and CPU_V7_HAS_foo checks instead
Changes in v5: -Jump patch-set version to v5 to match the revision level of the patch with the highest revision in the set -"Kconfig: Add EXPERT option" -Add Masahiro Yamada's Acked-by -"ARM: Add arch/arm/cpu/armv7/Kconfig with non-secure and virt options": -Fix the commit message to refer to the right Kconfig option -"ARM: bootm: Allow booting in secure mode on hyp capable systems" -Fix ARMV7_BOOT_SEC_DEFAULT Kconfig help text mixing up secure and non-secure modes
Regards,
Hans
From: Tom Rini trini@ti.com
For similar reasons to why the Linux Kernel has an EXPERT option, we too want an option to allow for tweaking of some options that while normally should remain hidden, may need to be changed in some cases.
Signed-off-by: Tom Rini trini@ti.com Acked-by: Masahiro Yamada yamada.m@jp.panasonic.com Acked-by: Hans de Goede hdegoede@redhat.com Signed-off-by: Hans de Goede hdegoede@redhat.com --- Kconfig | 8 ++++++++ 1 file changed, 8 insertions(+)
diff --git a/Kconfig b/Kconfig index f34f341..405b7a6 100644 --- a/Kconfig +++ b/Kconfig @@ -58,6 +58,14 @@ config CC_OPTIMIZE_FOR_SIZE
endmenu # General setup
+menuconfig EXPERT + bool "Configure standard U-Boot features (expert users)" + help + This option allows certain base U-Boot options and settings + to be disabled or tweaked. This is for specialized + environments which can tolerate a "non-standard" U-Boot. + Only use this if you really know what you are doing. + menu "Boot images"
config SPL_BUILD
Hello Hans,
On Fri, 14 Nov 2014 09:34:29 +0100, Hans de Goede hdegoede@redhat.com wrote:
From: Tom Rini trini@ti.com
For similar reasons to why the Linux Kernel has an EXPERT option, we too want an option to allow for tweaking of some options that while normally should remain hidden, may need to be changed in some cases.
Signed-off-by: Tom Rini trini@ti.com Acked-by: Masahiro Yamada yamada.m@jp.panasonic.com Acked-by: Hans de Goede hdegoede@redhat.com Signed-off-by: Hans de Goede hdegoede@redhat.com
As you're just resending Tom's patch, should it have your own Signed-off-by? No need to post v6 if you think this should be corrected, I would do it when applying.
Amicalement,
Hi,
On 11/14/2014 09:55 AM, Albert ARIBAUD wrote:
Hello Hans,
On Fri, 14 Nov 2014 09:34:29 +0100, Hans de Goede hdegoede@redhat.com wrote:
From: Tom Rini trini@ti.com
For similar reasons to why the Linux Kernel has an EXPERT option, we too want an option to allow for tweaking of some options that while normally should remain hidden, may need to be changed in some cases.
Signed-off-by: Tom Rini trini@ti.com Acked-by: Masahiro Yamada yamada.m@jp.panasonic.com Acked-by: Hans de Goede hdegoede@redhat.com Signed-off-by: Hans de Goede hdegoede@redhat.com
As you're just resending Tom's patch, should it have your own Signed-off-by? No need to post v6 if you think this should be corrected, I would do it when applying.
AFAIK it is normal to add a Signed-off-by when a patch passes through ones hands / tree. But I'm fine with having it removed, either way works for me.
Regards,
Hans
On Fri, Nov 14, 2014 at 09:58:52AM +0100, Hans de Goede wrote:
Hi,
On 11/14/2014 09:55 AM, Albert ARIBAUD wrote:
Hello Hans,
On Fri, 14 Nov 2014 09:34:29 +0100, Hans de Goede hdegoede@redhat.com wrote:
From: Tom Rini trini@ti.com
For similar reasons to why the Linux Kernel has an EXPERT option, we too want an option to allow for tweaking of some options that while normally should remain hidden, may need to be changed in some cases.
Signed-off-by: Tom Rini trini@ti.com Acked-by: Masahiro Yamada yamada.m@jp.panasonic.com Acked-by: Hans de Goede hdegoede@redhat.com Signed-off-by: Hans de Goede hdegoede@redhat.com
As you're just resending Tom's patch, should it have your own Signed-off-by? No need to post v6 if you think this should be corrected, I would do it when applying.
AFAIK it is normal to add a Signed-off-by when a patch passes through ones hands / tree. But I'm fine with having it removed, either way works for me.
I don't have a preference either way. We don't add S-o-B lines as often as the kernel does but I don't want to make people worry about that when switching between kernel and u-boot work either.
Hello Tom,
On Thu, 20 Nov 2014 10:43:55 -0500, Tom Rini trini@ti.com wrote:
On Fri, Nov 14, 2014 at 09:58:52AM +0100, Hans de Goede wrote:
Hi,
On 11/14/2014 09:55 AM, Albert ARIBAUD wrote:
Hello Hans,
On Fri, 14 Nov 2014 09:34:29 +0100, Hans de Goede hdegoede@redhat.com wrote:
From: Tom Rini trini@ti.com
For similar reasons to why the Linux Kernel has an EXPERT option, we too want an option to allow for tweaking of some options that while normally should remain hidden, may need to be changed in some cases.
Signed-off-by: Tom Rini trini@ti.com Acked-by: Masahiro Yamada yamada.m@jp.panasonic.com Acked-by: Hans de Goede hdegoede@redhat.com Signed-off-by: Hans de Goede hdegoede@redhat.com
As you're just resending Tom's patch, should it have your own Signed-off-by? No need to post v6 if you think this should be corrected, I would do it when applying.
AFAIK it is normal to add a Signed-off-by when a patch passes through ones hands / tree. But I'm fine with having it removed, either way works for me.
I don't have a preference either way. We don't add S-o-B lines as often as the kernel does but I don't want to make people worry about that when switching between kernel and u-boot work either.
Makes sense -- I had not thought about this kernel/u-boot switching.
-- Tom
Amicalement,
Add arch/arm/cpu/armv7/Kconfig with non-secure and virt options, this is a preparation patch for adding an env variable to choose between secure / non-secure boot on non-secure boot capable systems, specifically this prepares for adding CONFIG_ARMV7_BOOT_SEC_DEFAULT as a proper Kconfig option.
Signed-off-by: Hans de Goede hdegoede@redhat.com -- Changes in v2: -Drop all the FIXME-s, use proper CPU_V7 and CPU_V7_HAS_foo checks instead Changes in v5: -Fix the commit message to refer to the right Kconfig option --- arch/arm/Kconfig | 4 ++++ arch/arm/cpu/armv7/Kconfig | 23 +++++++++++++++++++++++ arch/arm/cpu/armv7/exynos/Kconfig | 2 ++ board/sunxi/Kconfig | 2 ++ include/configs/arndale.h | 2 -- include/configs/sun7i.h | 2 -- include/configs/vexpress_ca15_tc2.h | 2 -- 7 files changed, 31 insertions(+), 6 deletions(-) create mode 100644 arch/arm/cpu/armv7/Kconfig
diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig index 79ccc06..43ace2c 100644 --- a/arch/arm/Kconfig +++ b/arch/arm/Kconfig @@ -410,6 +410,8 @@ config TARGET_INTEGRATORCP_CM946ES config TARGET_VEXPRESS_CA15_TC2 bool "Support vexpress_ca15_tc2" select CPU_V7 + select CPU_V7_HAS_NONSEC + select CPU_V7_HAS_VIRT
config TARGET_VEXPRESS_CA5X2 bool "Support vexpress_ca5x2" @@ -809,6 +811,8 @@ source "arch/arm/cpu/arm926ejs/versatile/Kconfig"
source "arch/arm/cpu/armv7/zynq/Kconfig"
+source "arch/arm/cpu/armv7/Kconfig" + source "board/aristainetos/Kconfig" source "board/BuR/kwb/Kconfig" source "board/BuR/tseries/Kconfig" diff --git a/arch/arm/cpu/armv7/Kconfig b/arch/arm/cpu/armv7/Kconfig new file mode 100644 index 0000000..15c5155 --- /dev/null +++ b/arch/arm/cpu/armv7/Kconfig @@ -0,0 +1,23 @@ +if CPU_V7 + +config CPU_V7_HAS_NONSEC + bool + +config CPU_V7_HAS_VIRT + bool + +config ARMV7_NONSEC + boolean "Enable support for booting in non-secure mode" if EXPERT + depends on CPU_V7_HAS_NONSEC + default y + ---help--- + Say Y here to enable support for booting in non-secure / SVC mode. + +config ARMV7_VIRT + boolean "Enable support for hardware virtualization" if EXPERT + depends on CPU_V7_HAS_VIRT && ARMV7_NONSEC + default y + ---help--- + Say Y here to boot in hypervisor (HYP) mode when booting non-secure. + +endif diff --git a/arch/arm/cpu/armv7/exynos/Kconfig b/arch/arm/cpu/armv7/exynos/Kconfig index 090be93..e9a102c 100644 --- a/arch/arm/cpu/armv7/exynos/Kconfig +++ b/arch/arm/cpu/armv7/exynos/Kconfig @@ -26,6 +26,8 @@ config TARGET_ODROID
config TARGET_ARNDALE bool "Exynos5250 Arndale board" + select CPU_V7_HAS_NONSEC + select CPU_V7_HAS_VIRT select SUPPORT_SPL select OF_CONTROL if !SPL_BUILD
diff --git a/board/sunxi/Kconfig b/board/sunxi/Kconfig index c3f865d..7555896 100644 --- a/board/sunxi/Kconfig +++ b/board/sunxi/Kconfig @@ -21,6 +21,8 @@ config MACH_SUN6I config MACH_SUN7I bool "sun7i (Allwinner A20)" select CPU_V7 + select CPU_V7_HAS_NONSEC + select CPU_V7_HAS_VIRT select SUPPORT_SPL
config MACH_SUN8I diff --git a/include/configs/arndale.h b/include/configs/arndale.h index f9ee40f..aa6b631 100644 --- a/include/configs/arndale.h +++ b/include/configs/arndale.h @@ -60,6 +60,4 @@ /* The PERIPHBASE in the CBAR register is wrong on the Arndale, so override it */ #define CONFIG_ARM_GIC_BASE_ADDRESS 0x10480000
-#define CONFIG_ARMV7_VIRT - #endif /* __CONFIG_H */ diff --git a/include/configs/sun7i.h b/include/configs/sun7i.h index ea40790..3629587 100644 --- a/include/configs/sun7i.h +++ b/include/configs/sun7i.h @@ -22,8 +22,6 @@ #define CONFIG_USB_MAX_CONTROLLER_COUNT 2 #endif
-#define CONFIG_ARMV7_VIRT 1 -#define CONFIG_ARMV7_NONSEC 1 #define CONFIG_ARMV7_PSCI 1 #define CONFIG_ARMV7_PSCI_NR_CPUS 2 #define CONFIG_ARMV7_SECURE_BASE SUNXI_SRAM_B_BASE diff --git a/include/configs/vexpress_ca15_tc2.h b/include/configs/vexpress_ca15_tc2.h index 982f4a7..b43afa2 100644 --- a/include/configs/vexpress_ca15_tc2.h +++ b/include/configs/vexpress_ca15_tc2.h @@ -18,6 +18,4 @@ #define CONFIG_SYSFLAGS_ADDR 0x1c010030 #define CONFIG_SMP_PEN_ADDR CONFIG_SYSFLAGS_ADDR
-#define CONFIG_ARMV7_VIRT - #endif
Older Linux kernels will not properly boot in hyp mode, add support for a bootm_boot_mode environment variable, which can be set to "sec" or "nonsec" to force booting in secure or non-secure mode when build with non-sec support.
The default behavior can be selected through CONFIG_ARMV7_BOOT_SEC_DEFAULT, when this is set booting in secure mode is the default. The default setting for this Kconfig option is N, preserving the current behavior of booting in non-secure mode by default when non-secure mode is supported.
Signed-off-by: Hans de Goede hdegoede@redhat.com Acked-by: Marc Zyngier marc.zyngier@arm.com Acked-by: Siarhei Siamashka siarhei.siamashka@gmail.com -- Changes in v2: -Allow changing the default boot mode to secure through defining CONFIG_ARMV7_BOOT_SEC_DEFAULT, this is useful for archs which have a Kconfig option for compatibility with older kernels Changes in v3: -Add an else at the end of the #ifdef NONSEC block so that if do_nonsec_entry fails we do not end up re-trying in secure mode Changes in v4: -Add a Kconfig option to select to boot in secure or non-secure mode by default Changes in v5: -Fix ARMV7_BOOT_SEC_DEFAULT Kconfig help text mixing up secure and non-secure modes --- arch/arm/cpu/armv7/Kconfig | 11 +++++++++++ arch/arm/lib/bootm.c | 31 ++++++++++++++++++++++++++----- 2 files changed, 37 insertions(+), 5 deletions(-)
diff --git a/arch/arm/cpu/armv7/Kconfig b/arch/arm/cpu/armv7/Kconfig index 15c5155..61e7c82 100644 --- a/arch/arm/cpu/armv7/Kconfig +++ b/arch/arm/cpu/armv7/Kconfig @@ -13,6 +13,17 @@ config ARMV7_NONSEC ---help--- Say Y here to enable support for booting in non-secure / SVC mode.
+config ARMV7_BOOT_SEC_DEFAULT + boolean "Boot in secure mode by default" if EXPERT + depends on ARMV7_NONSEC + default n + ---help--- + Say Y here to boot in secure mode by default even if non-secure mode + is supported. This option is useful to boot kernels which do not + suppport booting in non-secure mode. Only set this if you need it. + This can be overriden at run-time by setting the bootm_boot_mode env. + variable to "sec" or "nonsec". + config ARMV7_VIRT boolean "Enable support for hardware virtualization" if EXPERT depends on CPU_V7_HAS_VIRT && ARMV7_NONSEC diff --git a/arch/arm/lib/bootm.c b/arch/arm/lib/bootm.c index 4949d57..a7f7c67 100644 --- a/arch/arm/lib/bootm.c +++ b/arch/arm/lib/bootm.c @@ -237,6 +237,26 @@ static void boot_prep_linux(bootm_headers_t *images) } }
+#if defined(CONFIG_ARMV7_NONSEC) || defined(CONFIG_ARMV7_VIRT) +static bool boot_nonsec(void) +{ + char *s = getenv("bootm_boot_mode"); +#ifdef CONFIG_ARMV7_BOOT_SEC_DEFAULT + bool nonsec = false; +#else + bool nonsec = true; +#endif + + if (s && !strcmp(s, "sec")) + nonsec = false; + + if (s && !strcmp(s, "nonsec")) + nonsec = true; + + return nonsec; +} +#endif + /* Subcommand: GO */ static void boot_jump_linux(bootm_headers_t *images, int flag) { @@ -285,12 +305,13 @@ static void boot_jump_linux(bootm_headers_t *images, int flag)
if (!fake) { #if defined(CONFIG_ARMV7_NONSEC) || defined(CONFIG_ARMV7_VIRT) - armv7_init_nonsec(); - secure_ram_addr(_do_nonsec_entry)(kernel_entry, - 0, machid, r2); -#else - kernel_entry(0, machid, r2); + if (boot_nonsec()) { + armv7_init_nonsec(); + secure_ram_addr(_do_nonsec_entry)(kernel_entry, + 0, machid, r2); + } else #endif + kernel_entry(0, machid, r2); } #endif }
Hi Albert,
On 11/14/2014 09:34 AM, Hans de Goede wrote:
Hi Albert,
Here is v5 of my patchset to allow booting in secure mode on non-secure boot capable systems.
Changes in v2: -"ARM: Add arch/arm/cpu/armv7/Kconfig with non-secure and virt options": -Drop all the FIXME-s, use proper CPU_V7 and CPU_V7_HAS_foo checks instead
Changes in v5: -Jump patch-set version to v5 to match the revision level of the patch with the highest revision in the set -"Kconfig: Add EXPERT option" -Add Masahiro Yamada's Acked-by -"ARM: Add arch/arm/cpu/armv7/Kconfig with non-secure and virt options": -Fix the commit message to refer to the right Kconfig option -"ARM: bootm: Allow booting in secure mode on hyp capable systems" -Fix ARMV7_BOOT_SEC_DEFAULT Kconfig help text mixing up secure and non-secure modes
I was wondering what the status of this patch-set is ?
Anything I need to do to get this moving upstream ?
Thanks & Regards,
Hans
participants (3)
-
Albert ARIBAUD -
Hans de Goede -
Tom Rini