Changeset a640bc1 in mainline


Ignore:
Timestamp:
2013-01-18T20:06:55Z (11 years ago)
Author:
Jan Vesely <jano.vesely@…>
Branches:
lfn, master, serial, ticket/834-toolchain-update, topic/msim-upgrade, topic/simplify-dev-export
Children:
660e8fa
Parents:
cd8db93
Message:

arm, sec extensions: Add comments and remove use of sec extensions.

Revisit when we want to use this feature. U-boot locks the OS out of
the secure state at boot. This means we cannot change secure exception vector,
thus can only use SMC (secure monitor call) to request uboot/fw provided
functionality.

Location:
kernel/arch/arm32
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • kernel/arch/arm32/include/security_ext.h

    rcd8db93 ra640bc1  
    4040#include <arch/regutils.h>
    4141
     42/** Test whether the current cpu supports security extensions.
     43 * return true if security extensions are supported, false otherwise.
     44 * @note The Processor Feature Register 1 that provides this information
     45 * is available only on armv7+. This function returns false on all\
     46 * older archs.
     47 */
    4248static inline bool sec_ext_is_implemented()
    4349{
     
    4955}
    5056
     57/** Test whether we are running in monitor mode.
     58 * return true, if the current mode is Monitor mode, false otherwise.
     59 * @note this is safe to call even on machines that do not implement monitor
     60 * mode.
     61 */
    5162static inline bool sec_ext_is_monitor_mode()
    5263{
     
    5465}
    5566
     67/** Test whether we are running in a secure state.
     68 * return true if the current state is secure, false otherwise.
     69 *
     70 * @note: This functions will cause undef isntruction trap if we
     71 * are not running in the secure state.
     72 *
     73 * @note: u-boot enables non-secure access to cp 10/11, as well as some other
     74 * features and switches to non-secure state during boot.
     75 * Look for 'secureworld_exit' in arch/arm/cpu/armv7/omap3/board.c.
     76 */
    5677static inline bool sec_ext_is_secure()
    5778{
     
    6081}
    6182
    62 typedef enum {
    63         SECURITY_CALL_ENABLE_CP10_11 = 0xaaaa
    64 } sec_ext_call_t;
    65 
    66 static inline void sec_ext_call(sec_ext_call_t call)
    67 {
    68         asm volatile ("mov r0, %0\nsmc #0" ::"r"(call));
    69 }
    70 
    71 int sec_ext_handle_call(sec_ext_call_t call);
    72 
    7383#endif
    74 
    7584/** @}
    7685 */
    77 

  • kernel/arch/arm32/src/fpu_context.c

    rcd8db93 ra640bc1  
    114114static void (*restore_context)(fpu_context_t *ctx);
    115115
    116 int sec_ext_handle_call(sec_ext_call_t call)
    117 {
    118         printf("Handling secure call %x in %s context (%s mode-%x)\n",
    119                 call, sec_ext_is_secure() ? "secure" : "unsecure",
    120                 sec_ext_is_monitor_mode() ? "monitor" : "other",
    121                 current_status_reg_read());
    122         if (sec_ext_is_monitor_mode() && call == SECURITY_CALL_ENABLE_CP10_11)
    123                 return 1;
    124         return 0;
    125 }
    126 
    127116static int fpu_have_coprocessor_access()
    128117{
     
    162151        return;
    163152#endif
    164         if (sec_ext_is_implemented()) {
    165                 if (!sec_ext_is_monitor_mode()) {
    166                 // TODO enable this when we implement SMC handling
    167                 //      sec_ext_call(SECURITY_CALL_ENABLE_CP10_11);
    168                 } else {
    169                         uint32_t nsacr = NSACR_read();
    170                         nsacr |= (NSACR_CP_FLAG(10) | NSACR_CP_FLAG(11));
    171                         NSACR_write(nsacr);
    172                         smc_coherence(0);
    173                 }
    174         }
    175153
    176154        /* Allow coprocessor access */
Note: See TracChangeset for help on using the changeset viewer.