From patchwork Wed Jun 13 22:16:43 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mark Kettenis X-Patchwork-Id: 929109 X-Patchwork-Delegate: agraf@suse.de Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=openbsd.org Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 415h1r6FV4z9ryk for ; Thu, 14 Jun 2018 08:17:04 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 83EB0C21DE8; Wed, 13 Jun 2018 22:17:01 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id B70F1C21C27; Wed, 13 Jun 2018 22:16:58 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 7C635C21C27; Wed, 13 Jun 2018 22:16:57 +0000 (UTC) Received: from lb3-smtp-cloud8.xs4all.net (lb3-smtp-cloud8.xs4all.net [194.109.24.29]) by lists.denx.de (Postfix) with ESMTPS id 2C7DFC21BE5 for ; Wed, 13 Jun 2018 22:16:57 +0000 (UTC) Received: from barber.sibelius.xs4all.nl ([83.163.83.176]) by smtp-cloud8.xs4all.net with ESMTP id TE4UfTDsWtZGaTE4WfYq93; Thu, 14 Jun 2018 00:16:57 +0200 From: Mark Kettenis To: u-boot@lists.denx.de Date: Thu, 14 Jun 2018 00:16:43 +0200 Message-Id: <20180613221645.12992-2-kettenis@openbsd.org> X-Mailer: git-send-email 2.16.2 In-Reply-To: <20180613221645.12992-1-kettenis@openbsd.org> References: <20180613221645.12992-1-kettenis@openbsd.org> X-CMAE-Envelope: MS4wfGAdm6jBkJpmkgF7XmpaJV3/bwV16dbWdo5KboDPwkSPEfXSa5b7i5XsyaeKQ2muwugf4uLxWbkLEg2C2CWyL4QyZahuKemTUdLk9PN0bDkDIiOXZHSm 7NY8TgcTsR3pfF0vb/7VftMA8kX8iK3YCvFi45+GQ9Vdc5B+Dvn7JqzzrG5ugazQ6qgG3b27NFVJbHcjz2NBWdJoq+crjH22Vgnxur33AdQz0Ni+e6ezlLb0 VfG8W2A2Q62NICFaVO1mAzzikMjLtRAGtExMFahHbCTHDhNpZ8CJ3+jXOIDK+wvgKanDjpbLaEUIn/80zBdLUSVcHmWmU5gL0sRBwzXfHgT6JRiH+uO7Otx5 KEpoJ0Pq Cc: marc.zyngier@arm.com, xypron.glpk@gmx.de, Mark Kettenis , agraf@suse.de, andre.przywara@arm.com Subject: [U-Boot] [PATCH v2 1/3] ARM: HYP/non-sec: migrate stack X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The current code that switches into HYP mode doesn't bother to set up a stack for HYP mode. This doesn't work for EFI applications as they expect a usable stack. Fix this by migrating the stack pointer from SP_svc to SP_hyp while in Monitor mode. This restores the stack pointer when we drop into HYP mode. Signed-off-by: Mark Kettenis --- arch/arm/cpu/armv7/nonsec_virt.S | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/arch/arm/cpu/armv7/nonsec_virt.S b/arch/arm/cpu/armv7/nonsec_virt.S index 56bdba1d38..a7764c1458 100644 --- a/arch/arm/cpu/armv7/nonsec_virt.S +++ b/arch/arm/cpu/armv7/nonsec_virt.S @@ -52,9 +52,9 @@ _secure_monitor: bl psci_stack_setup @ Configure the PSCI backend - push {r0, r1, r2, ip} + push {r0, r1, r2, r3, ip} bl psci_arch_init - pop {r0, r1, r2, ip} + pop {r0, r1, r2, r3, ip} #endif #ifdef CONFIG_ARM_ERRATA_773022 @@ -80,6 +80,8 @@ _secure_monitor: #ifdef CONFIG_ARMV7_VIRT orreq r5, r5, #0x100 @ allow HVC instruction moveq r6, #HYP_MODE @ Enter the kernel as HYP + mrseq r3, sp_svc + msreq sp_hyp, r3 @ migrate SP #endif mcr p15, 0, r5, c1, c1, 0 @ write SCR (with NS bit set) From patchwork Wed Jun 13 22:16:44 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mark Kettenis X-Patchwork-Id: 929110 X-Patchwork-Delegate: agraf@suse.de Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=openbsd.org Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 415h2s1GhPz9ryk for ; Thu, 14 Jun 2018 08:17:57 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id CF7DEC21BE5; Wed, 13 Jun 2018 22:17:34 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 68024C21DFB; Wed, 13 Jun 2018 22:17:17 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 39B5BC21DC1; Wed, 13 Jun 2018 22:17:04 +0000 (UTC) Received: from lb2-smtp-cloud8.xs4all.net (lb2-smtp-cloud8.xs4all.net [194.109.24.25]) by lists.denx.de (Postfix) with ESMTPS id D464DC21DA1 for ; Wed, 13 Jun 2018 22:17:00 +0000 (UTC) Received: from barber.sibelius.xs4all.nl ([83.163.83.176]) by smtp-cloud8.xs4all.net with ESMTP id TE4UfTDsWtZGaTE4XfYq9B; Thu, 14 Jun 2018 00:17:00 +0200 From: Mark Kettenis To: u-boot@lists.denx.de Date: Thu, 14 Jun 2018 00:16:44 +0200 Message-Id: <20180613221645.12992-3-kettenis@openbsd.org> X-Mailer: git-send-email 2.16.2 In-Reply-To: <20180613221645.12992-1-kettenis@openbsd.org> References: <20180613221645.12992-1-kettenis@openbsd.org> X-CMAE-Envelope: MS4wfKeJubkik3jfeeMUpFQaPq09QK7v5XLC2Zq+qhHCGjXiqTfLtW3CykYMpKCkekilOG+JO+HlvNsuyjLmCOHU92Yoy3rhU45yvEIqhJM06JJO37HWS2Dz lGbQhlw/sxtVH5nqTjzM2YGZeQAflLRo31AJ/7zb6MEreK7iWx37x/qAzAsqw2rupf5Eu7+qTq7Ulr1rHjnJdXxGlF/Jtet28x/OYmi6sJGbqGxjlxsw0JZ2 pMITWg4z0mGE8IBUQVYXgmI2lZT3CV21GAkDyRoErW2pfS/A4HpCIxivpJT55zPIQXekSMdcT40fjxWxJZVv2OZkI9IripxMBPk+L6VBu/vZbYfXYiQniXYU YGLUGjMW Cc: marc.zyngier@arm.com, xypron.glpk@gmx.de, Mark Kettenis , agraf@suse.de, andre.przywara@arm.com Subject: [U-Boot] [PATCH v2 2/3] efi_loader: ARM: run EFI payloads non-secure X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" If desired (and possible) switch into HYP mode or non-secure SVC mode before calling the entry point of an EFI application. This allows U-Boot to provide a usable PSCI implementation and makes it possible to boot kernels into hypervisor mode using an EFI bootloader. Based on diffs from Heinrich Schuchardt and Alexander Graf. Signed-off-by: Mark Kettenis --- cmd/bootefi.c | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/cmd/bootefi.c b/cmd/bootefi.c index 707d159bac..a5d144d9a4 100644 --- a/cmd/bootefi.c +++ b/cmd/bootefi.c @@ -20,6 +20,11 @@ #include #include +#ifdef CONFIG_ARM +#include +#include +#endif + DECLARE_GLOBAL_DATA_PTR; #define OBJ_LIST_NOT_INITIALIZED 1 @@ -189,6 +194,18 @@ static efi_status_t efi_run_in_el2(EFIAPI efi_status_t (*entry)( } #endif +#ifdef CONFIG_ARMV7_NONSEC +static efi_status_t efi_run_in_hyp(EFIAPI efi_status_t (*entry)( + efi_handle_t image_handle, struct efi_system_table *st), + efi_handle_t image_handle, struct efi_system_table *st) +{ + /* Enable caches again */ + dcache_enable(); + + return efi_do_enter(image_handle, st, entry); +} +#endif + /* Carve out DT reserved memory ranges */ static efi_status_t efi_carve_out_dt_rsv(void *fdt) { @@ -338,6 +355,21 @@ static efi_status_t do_bootefi_exec(void *efi, } #endif +#ifdef CONFIG_ARMV7_NONSEC + if (armv7_boot_nonsec()) { + dcache_disable(); /* flush cache before switch to HYP */ + + armv7_init_nonsec(); + secure_ram_addr(_do_nonsec_entry)(efi_run_in_hyp, + (uintptr_t)entry, + (uintptr_t)loaded_image_info_obj.handle, + (uintptr_t)&systab); + + /* Should never reach here, efi exits with longjmp */ + while (1) { } + } +#endif + ret = efi_do_enter(loaded_image_info_obj.handle, &systab, entry); exit: From patchwork Wed Jun 13 22:16:45 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mark Kettenis X-Patchwork-Id: 929111 X-Patchwork-Delegate: agraf@suse.de Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=openbsd.org Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 415h3J60mxz9ryk for ; Thu, 14 Jun 2018 08:18:19 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 2AF04C21E0F; Wed, 13 Jun 2018 22:17:18 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 84489C21DFF; Wed, 13 Jun 2018 22:17:09 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 69EBFC21DE8; Wed, 13 Jun 2018 22:17:04 +0000 (UTC) Received: from lb2-smtp-cloud8.xs4all.net (lb2-smtp-cloud8.xs4all.net [194.109.24.25]) by lists.denx.de (Postfix) with ESMTPS id 0A306C21DD4 for ; Wed, 13 Jun 2018 22:17:01 +0000 (UTC) Received: from barber.sibelius.xs4all.nl ([83.163.83.176]) by smtp-cloud8.xs4all.net with ESMTP id TE4UfTDsWtZGaTE4afYq9j; Thu, 14 Jun 2018 00:17:00 +0200 From: Mark Kettenis To: u-boot@lists.denx.de Date: Thu, 14 Jun 2018 00:16:45 +0200 Message-Id: <20180613221645.12992-4-kettenis@openbsd.org> X-Mailer: git-send-email 2.16.2 In-Reply-To: <20180613221645.12992-1-kettenis@openbsd.org> References: <20180613221645.12992-1-kettenis@openbsd.org> X-CMAE-Envelope: MS4wfKeJubkik3jfeeMUpFQaPq09QK7v5XLC2Zq+qhHCGjXiqTfLtW3CykYMpKCkekilOG+JO+HlvNsuyjLmCOHU92Yoy3rhU45yvEIqhJM06JJO37HWS2Dz lGbQhlw/sxtVH5nqTjzM2YGZeQAflLRo31AJ/7zb6MEreK7iWx37x/qAzAsqw2rupf5Eu7+qTq7Ulr1rHjnJdXxGlF/Jtet28x/OYmi6sJGbqGxjlxsw0JZ2 pMITWg4z0mGE8IBUQVYXgmI2lZT3CV21GAkDyRoErW2pfS/A4HpCIxivpJT55zPIQXekSMdcT40fjxWxJZVv2OZkI9IripxMBPk+L6VBu/vZbYfXYiQniXYU YGLUGjMW Cc: marc.zyngier@arm.com, xypron.glpk@gmx.de, Mark Kettenis , agraf@suse.de, andre.przywara@arm.com Subject: [U-Boot] [PATCH v2 3/3] Revert "efi_loader: no support for ARMV7_NONSEC=y" X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This reverts commit c524997acb3d322e1bbd36c06ad02ef589705e7c. Booting ARMv7 in non-secure mode using bootefi works now. Signed-off-by: Mark Kettenis --- doc/README.uefi | 2 -- lib/efi_loader/Kconfig | 2 -- 2 files changed, 4 deletions(-) diff --git a/doc/README.uefi b/doc/README.uefi index d4031ef8e8..6b9759cfed 100644 --- a/doc/README.uefi +++ b/doc/README.uefi @@ -329,8 +329,6 @@ This driver is only available if U-Boot is configured with * persistence * runtime support -* support bootefi booting ARMv7 in non-secure mode (CONFIG_ARMV7_NONSEC=y) - ## Links * [1](http://uefi.org/specifications) diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig index df58e633d1..ce6a09f0b4 100644 --- a/lib/efi_loader/Kconfig +++ b/lib/efi_loader/Kconfig @@ -1,8 +1,6 @@ config EFI_LOADER bool "Support running EFI Applications in U-Boot" depends on (ARM || X86 || RISCV) && OF_LIBFDT - # We do not support bootefi booting ARMv7 in non-secure mode - depends on !ARMV7_NONSEC # We need EFI_STUB_64BIT to be set on x86_64 with EFI_STUB depends on !EFI_STUB || !X86_64 || EFI_STUB_64BIT # We need EFI_STUB_32BIT to be set on x86_32 with EFI_STUB