ifneq ($(CONFIG_SPL_BUILD),y)
obj-$(CONFIG_EFI_LOADER) += sctlr.o
+obj-$(CONFIG_ARMV7_NONSEC) += exception_level.o
endif
ifneq ($(CONFIG_SKIP_LOWLEVEL_INIT),y)
--- /dev/null
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Switch to non-secure mode
+ *
+ * Copyright (c) 2018 Heinrich Schuchardt
+ *
+ * This module contains the ARMv7 specific code required for leaving the
+ * secure mode before booting an operating system.
+ */
+
+#include <common.h>
+#include <bootm.h>
+#include <asm/armv7.h>
+#include <asm/secure.h>
+#include <asm/setjmp.h>
+
+/**
+ * entry_non_secure() - entry point when switching to non-secure mode
+ *
+ * When switching to non-secure mode switch_to_non_secure_mode() calls this
+ * function passing a jump buffer. We use this jump buffer to restore the
+ * original stack and register state.
+ *
+ * @non_secure_jmp: jump buffer for restoring stack and registers
+ */
+static void entry_non_secure(struct jmp_buf_data *non_secure_jmp)
+{
+ dcache_enable();
+ debug("Reached non-secure mode\n");
+
+ /* Restore stack and registers saved in switch_to_non_secure_mode() */
+ longjmp(non_secure_jmp, 1);
+}
+
+/**
+ * switch_to_non_secure_mode() - switch to non-secure mode
+ *
+ * Operating systems may expect to run in non-secure mode. Here we check if
+ * we are running in secure mode and switch to non-secure mode if necessary.
+ */
+void switch_to_non_secure_mode(void)
+{
+ static bool is_nonsec;
+ struct jmp_buf_data non_secure_jmp;
+
+ if (armv7_boot_nonsec() && !is_nonsec) {
+ if (setjmp(&non_secure_jmp))
+ return;
+ dcache_disable(); /* flush cache before switch to HYP */
+ armv7_init_nonsec();
+ is_nonsec = true;
+ secure_ram_addr(_do_nonsec_entry)(entry_non_secure,
+ (uintptr_t)&non_secure_jmp,
+ 0, 0);
+ }
+}
obj-$(CONFIG_ARMV8_SPL_EXCEPTION_VECTORS) += exceptions.o
else
obj-y += exceptions.o
+obj-y += exception_level.o
endif
obj-y += cache.o
obj-y += tlb.o
--- /dev/null
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Switch to non-secure mode
+ *
+ * Copyright (c) 2018 Heinrich Schuchardt
+ *
+ * This module contains the ARMv8 specific code required to adjust the exception
+ * level before booting an operating system.
+ */
+
+#include <common.h>
+#include <bootm.h>
+#include <asm/setjmp.h>
+
+/**
+ * entry_non_secure() - entry point when switching to non-secure mode
+ *
+ * When switching to non-secure mode switch_to_non_secure_mode() calls this
+ * function passing a jump buffer. We use this jump buffer to restore the
+ * original stack and register state.
+ *
+ * @non_secure_jmp: jump buffer for restoring stack and registers
+ */
+static void entry_non_secure(struct jmp_buf_data *non_secure_jmp)
+{
+ dcache_enable();
+ debug("Reached non-secure mode\n");
+
+ /* Restore stack and registers saved in switch_to_non_secure_mode() */
+ longjmp(non_secure_jmp, 1);
+}
+
+/**
+ * switch_to_non_secure_mode() - switch to non-secure mode
+ *
+ * Exception level EL3 is meant to be used by the secure monitor only (ARM
+ * trusted firmware being one embodiment). The operating system shall be
+ * started at exception level EL2. So here we check the exception level
+ * and switch it if necessary.
+ */
+void switch_to_non_secure_mode(void)
+{
+ struct jmp_buf_data non_secure_jmp;
+
+ /* On AArch64 we need to make sure we call our payload in < EL3 */
+ if (current_el() == 3) {
+ if (setjmp(&non_secure_jmp))
+ return;
+ dcache_disable(); /* flush cache before switch to EL2 */
+
+ /* Move into EL2 and keep running there */
+ armv8_switch_to_el2((uintptr_t)&non_secure_jmp, 0, 0, 0,
+ (uintptr_t)entry_non_secure, ES_TO_AARCH64);
+ }
+}
* Copyright (c) 2016 Alexander Graf
*/
-#include <charset.h>
#include <common.h>
+#include <bootm.h>
+#include <charset.h>
#include <command.h>
#include <dm.h>
#include <efi_loader.h>
#include <asm-generic/unaligned.h>
#include <linux/linkage.h>
-#ifdef CONFIG_ARMV7_NONSEC
-#include <asm/armv7.h>
-#include <asm/secure.h>
-#endif
-
DECLARE_GLOBAL_DATA_PTR;
static struct efi_device_path *bootefi_image_path;
return ret;
}
-#ifdef CONFIG_ARM64
-static efi_status_t efi_run_in_el2(EFIAPI efi_status_t (*entry)(
- efi_handle_t image_handle, struct efi_system_table *st),
- efi_handle_t image_handle, struct efi_system_table *st)
-{
- /* Enable caches again */
- dcache_enable();
-
- return efi_do_enter(image_handle, st, entry);
-}
-#endif
-
-#ifdef CONFIG_ARMV7_NONSEC
-static bool is_nonsec;
-
-static efi_status_t efi_run_in_hyp(EFIAPI efi_status_t (*entry)(
- efi_handle_t image_handle, struct efi_system_table *st),
- efi_handle_t image_handle, struct efi_system_table *st)
-{
- /* Enable caches again */
- dcache_enable();
-
- is_nonsec = true;
-
- return efi_do_enter(image_handle, st, entry);
-}
-#endif
-
/*
* efi_carve_out_dt_rsv() - Carve out DT reserved memory ranges
*
goto err_prepare;
}
-#ifdef CONFIG_ARM64
- /* On AArch64 we need to make sure we call our payload in < EL3 */
- if (current_el() == 3) {
- smp_kick_all_cpus();
- dcache_disable(); /* flush cache before switch to EL2 */
-
- /* Move into EL2 and keep running there */
- armv8_switch_to_el2((ulong)entry,
- (ulong)&image_obj->header,
- (ulong)&systab, 0, (ulong)efi_run_in_el2,
- ES_TO_AARCH64);
-
- /* Should never reach here, efi exits with longjmp */
- while (1) { }
- }
-#endif
-
-#ifdef CONFIG_ARMV7_NONSEC
- if (armv7_boot_nonsec() && !is_nonsec) {
- dcache_disable(); /* flush cache before switch to HYP */
-
- armv7_init_nonsec();
- secure_ram_addr(_do_nonsec_entry)(
- efi_run_in_hyp,
- (uintptr_t)entry,
- (uintptr_t)&image_obj->header,
- (uintptr_t)&systab);
-
- /* Should never reach here, efi exits with longjmp */
- while (1) { }
- }
-#endif
-
ret = efi_do_enter(&image_obj->header, &systab, entry);
err_prepare:
/* Allow unaligned memory access */
allow_unaligned();
+ switch_to_non_secure_mode();
+
/* Initialize EFI drivers */
r = efi_init_obj_list();
if (r != EFI_SUCCESS) {
return buf;
}
+
+/**
+ * switch_to_non_secure_mode() - switch to non-secure mode
+ *
+ * This routine is overridden by architectures requiring this feature.
+ */
+void __weak switch_to_non_secure_mode(void)
+{
+}
+
#else /* USE_HOSTCC */
void memmove_wd(void *to, void *from, size_t len, ulong chunksz)
*/
void board_quiesce_devices(void);
+/**
+ * switch_to_non_secure_mode() - switch to non-secure mode
+ */
+void switch_to_non_secure_mode(void);
+
#endif
projects / oweals / u-boot.git / commitdiff