From e0b36f265d52fa3652820a0e5188f0482b12cc54 Mon Sep 17 00:00:00 2001 From: Christoffer Dall Date: Mon, 4 Apr 2011 12:35:13 +0200 Subject: Makefile and path changes --- Makefile | 8 ++++++++ model.lds.S | 36 ++++++++++++++++++------------------ 2 files changed, 26 insertions(+), 18 deletions(-) diff --git a/Makefile b/Makefile index 31443c8..4b9535d 100644 --- a/Makefile +++ b/Makefile @@ -30,9 +30,15 @@ LD = $(CROSS_COMPILE)ld all: $(IMAGE) +src_kernel: + cd ../linux-kvm-arm; make -j4 uImage + clean: rm -f $(IMAGE) boot.o model.lds +$(KERNEL): src_kernel ../linux-kvm-arm/arch/arm/boot/uImage + cp ../linux-kvm-arm/arch/arm/boot/uImage $(KERNEL) + $(IMAGE): boot.o model.lds $(KERNEL) $(FILESYSTEM) $(LD) -o $@ --script=model.lds @@ -41,3 +47,5 @@ boot.o: $(BOOTLOADER) model.lds: $(LD_SCRIPT) $(CC) $(CPPFLAGS) -E -P -C -o $@ $< + +.PHONY: all clean src_kernel diff --git a/model.lds.S b/model.lds.S index 816c338..789bafa 100644 --- a/model.lds.S +++ b/model.lds.S @@ -14,33 +14,33 @@ TARGET(binary) INPUT(./boot.o) INPUT(./uImage) #ifdef USE_INITRD -INPUT(./filesystem.cpio.gz) + INPUT(./filesystem.cpio.gz) #endif -#ifdef MACH_MPS -PHYS_OFFSET = 0x10000000; -#elif defined (VEXPRESS) + + + PHYS_OFFSET = 0x80000000; -#else -PHYS_OFFSET = 0x70000000; -#endif + + + SECTIONS { - . = PHYS_OFFSET; - .text : { boot.o } + . = PHYS_OFFSET; + .text : { boot.o } - . = PHYS_OFFSET + 0x8000 - 0x40; - kernel = . + 0x40; - .kernel : { ./uImage } + . = PHYS_OFFSET + 0x8000 - 0x40; + kernel = . + 0x40; + .kernel : { ./uImage } - . = PHYS_OFFSET + 0x00800000; - filesystem = .; + . = PHYS_OFFSET + 0x00800000; + filesystem = .; #ifdef USE_INITRD - .filesystem : { ./filesystem.cpio.gz } - fs_size = . - filesystem; + .filesystem : { ./filesystem.cpio.gz } + fs_size = . - filesystem; #endif - .data : { *(.data) } - .bss : { *(.bss) } + .data : { *(.data) } + .bss : { *(.bss) } } -- cgit v1.2.3 From c0e5e07d53ccdaf8b79c20cccb7751f07c7fbf2e Mon Sep 17 00:00:00 2001 From: Christoffer Dall Date: Thu, 17 Mar 2011 03:08:01 +0100 Subject: NFS boot support for A15 without initrd --- Makefile | 6 +++--- boot.S | 20 ++++++++++++++------ 2 files changed, 17 insertions(+), 9 deletions(-) diff --git a/Makefile b/Makefile index 4b9535d..8aa4ab9 100644 --- a/Makefile +++ b/Makefile @@ -6,7 +6,7 @@ # found in the LICENSE.txt file. CPPFLAGS += -DSMP -CPPFLAGS += -DUSE_INITRD +#CPPFLAGS += -DUSE_INITRD #CPPFLAGS += -DTHUMB2_KERNEL CPPFLAGS += -march=armv7-a CPPFLAGS += -DVEXPRESS @@ -39,13 +39,13 @@ clean: $(KERNEL): src_kernel ../linux-kvm-arm/arch/arm/boot/uImage cp ../linux-kvm-arm/arch/arm/boot/uImage $(KERNEL) -$(IMAGE): boot.o model.lds $(KERNEL) $(FILESYSTEM) +$(IMAGE): boot.o model.lds $(KERNEL) $(FILESYSTEM) Makefile $(LD) -o $@ --script=model.lds boot.o: $(BOOTLOADER) $(CC) $(CPPFLAGS) -c -o $@ $< -model.lds: $(LD_SCRIPT) +model.lds: $(LD_SCRIPT) Makefile $(CC) $(CPPFLAGS) -E -P -C -o $@ $< .PHONY: all clean src_kernel diff --git a/boot.S b/boot.S index 867290b..abd5d6b 100644 --- a/boot.S +++ b/boot.S @@ -44,10 +44,10 @@ _start: mov pc, r1 @ branch to the given address #endif + @ @ UART initialisation (38400 8N1) @ -2: #ifdef MACH_MPS ldr r0, =0x1f005000 @ UART3 base (MPS) #elif defined (VEXPRESS) @@ -91,14 +91,22 @@ atags: .long 0x54410009 #ifdef MACH_MPS .asciz "rdinit=/bin/sh console=ttyAMA3 mem=4M earlyprintk" -#elif defined(USE_INITRD) -#ifdef VEXPRESS - .asciz "console=ttyAMA0 mem=512M mem=512M@0x880000000 earlyprintk" -#else - .asciz "console=ttyAMA0 mem=256M earlyprintk" +#elif defined(VEXPRESS) + +#ifdef USE_INITRD + .asciz "console=ttyAMA0 mem=512M mem=512M@0x880000000 earlyprintk ip=192.168.27.200::192.168.27.1:255.255.255.0:angstrom:eth0:off" +#else /* VEXPRESS && !USE_INITRD */ + .asciz "console=ttyAMA0 mem=512M mem=512M@0x880000000 earlyprintk root=/dev/nfs nfsroot=192.168.27.93:/srv/nfs_root,tcp rw ip=dhcp nfsrootdebug" #endif + +#else /* ! VEXPRESS && ! MACH_MPS */ + +#ifdef USE_INITRD + .asciz "console=ttyAMA0 mem=256M earlyprintk" #else .asciz "root=/dev/nfs nfsroot=10.1.77.43:/work/debootstrap/arm ip=dhcp console=ttyAMA0 mem=256M earlyprintk" +#endif + #endif .align 2 1: -- cgit v1.2.3 From ad9313fd6ab96257b7ae865effae95afa970bb92 Mon Sep 17 00:00:00 2001 From: Christoffer Dall Date: Thu, 17 Mar 2011 04:53:15 +0100 Subject: First attempt to change to non-secure mode - buggy Warning: This doesn't yet work. --- Makefile | 16 +++++++++------- boot.S | 7 +++++++ model.lds.S | 5 +++++ monitor.S | 31 +++++++++++++++++++++++++++++++ 4 files changed, 52 insertions(+), 7 deletions(-) create mode 100644 monitor.S diff --git a/Makefile b/Makefile index 8aa4ab9..1306c66 100644 --- a/Makefile +++ b/Makefile @@ -16,6 +16,7 @@ CPPFLAGS += -DVEXPRESS #CPPFLAGS += -march=armv7-m #CPPFLAGS += -mthumb -Wa,-mthumb -Wa,-mimplicit-it=always +MONITOR = monitor.S BOOTLOADER = boot.S KERNEL = uImage FILESYSTEM = filesystem.cpio.gz @@ -30,22 +31,23 @@ LD = $(CROSS_COMPILE)ld all: $(IMAGE) -src_kernel: - cd ../linux-kvm-arm; make -j4 uImage - clean: - rm -f $(IMAGE) boot.o model.lds + rm -f $(IMAGE) boot.o model.lds monitor.o uImage -$(KERNEL): src_kernel ../linux-kvm-arm/arch/arm/boot/uImage +$(KERNEL): ../linux-kvm-arm/arch/arm/boot/zImage + cd ../linux-kvm-arm; make -j4 uImage cp ../linux-kvm-arm/arch/arm/boot/uImage $(KERNEL) -$(IMAGE): boot.o model.lds $(KERNEL) $(FILESYSTEM) Makefile +$(IMAGE): boot.o monitor.o model.lds $(KERNEL) $(FILESYSTEM) Makefile $(LD) -o $@ --script=model.lds boot.o: $(BOOTLOADER) $(CC) $(CPPFLAGS) -c -o $@ $< +monitor.o: $(MONITOR) + $(CC) $(CPPFLAGS) -c -o $@ $< + model.lds: $(LD_SCRIPT) Makefile $(CC) $(CPPFLAGS) -E -P -C -o $@ $< -.PHONY: all clean src_kernel +.PHONY: all clean diff --git a/boot.S b/boot.S index abd5d6b..60425e3 100644 --- a/boot.S +++ b/boot.S @@ -44,6 +44,13 @@ _start: mov pc, r1 @ branch to the given address #endif + @ + @ Hypervisor / TrustZone initialization + @ +2: + mov r0, #0 + mcr p15, 0, r0, c12, c0, 1 @ Monitor vector base address + smc #0 @ Change to NS-mode @ @ UART initialisation (38400 8N1) diff --git a/model.lds.S b/model.lds.S index 789bafa..dcf2860 100644 --- a/model.lds.S +++ b/model.lds.S @@ -11,6 +11,7 @@ OUTPUT_FORMAT("elf32-littlearm") OUTPUT_ARCH(arm) TARGET(binary) +INPUT(./monitor.o) INPUT(./boot.o) INPUT(./uImage) #ifdef USE_INITRD @@ -27,6 +28,10 @@ PHYS_OFFSET = 0x80000000; SECTIONS { + . = 0x0; + monitor = .; + .monitor : { monitor.o } + . = PHYS_OFFSET; .text : { boot.o } diff --git a/monitor.S b/monitor.S new file mode 100644 index 0000000..4747e70 --- /dev/null +++ b/monitor.S @@ -0,0 +1,31 @@ +/* + * monitor.S - simple monitor code to switch to NS state before executing kernel + * + * Copyright (C) 2011 Columbia University. All rights reserved. + * Christoffer Dall + * + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE.txt file. + */ + +#.syntax unified + .section monitor, "x" + + .word 0 + .word 0 + b 1f + .word 0 + .word 0 + .word 0 + .word 0 + .word 0 + + @ + @ Secure Monitor Call + @ +1: + mrc p15, 0, r0, c1, c1, 0 @ Secure configuration register + bic r0, r0, #0x7f + orr r0, r0, #0x31 + mcr p15, 0, r0, c1, c1, 0 + movs pc, lr -- cgit v1.2.3 From fc5362f4bc94a7693579635be0cf2ab8d697630a Mon Sep 17 00:00:00 2001 From: Christoffer Dall Date: Thu, 17 Mar 2011 09:17:56 +0100 Subject: Fix change to non-secure mode Use 0xf0000000 instead of 0x0 as the monitor base address. --- boot.S | 2 +- model.lds.S | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/boot.S b/boot.S index 60425e3..b71f197 100644 --- a/boot.S +++ b/boot.S @@ -48,7 +48,7 @@ _start: @ Hypervisor / TrustZone initialization @ 2: - mov r0, #0 + mov r0, #0xf0000000 mcr p15, 0, r0, c12, c0, 1 @ Monitor vector base address smc #0 @ Change to NS-mode diff --git a/model.lds.S b/model.lds.S index dcf2860..4769480 100644 --- a/model.lds.S +++ b/model.lds.S @@ -22,16 +22,13 @@ INPUT(./uImage) PHYS_OFFSET = 0x80000000; +MON_OFFSET = 0xf0000000; SECTIONS { - . = 0x0; - monitor = .; - .monitor : { monitor.o } - . = PHYS_OFFSET; .text : { boot.o } @@ -48,4 +45,7 @@ SECTIONS .data : { *(.data) } .bss : { *(.bss) } + + . = MON_OFFSET; + .monitor : { monitor.o } } -- cgit v1.2.3 From 824cce012a9d8d9bf4a4a32b4d01284d175e3499 Mon Sep 17 00:00:00 2001 From: Christoffer Dall Date: Thu, 7 Apr 2011 03:21:48 +0200 Subject: First shot at SMC hypervisor API SMC API is this: - r7: monitor call number - r0-r3: arguments - r0-r1: return value - r4-r11: preserved SMC Permissions: - All calls except switching to non-secure mode, requires VTTBR.VMID == 0, otherwise the calls are essentially no-ops. SMC API numbers are this: - 0xffffffff: Switch to non-secure mode, SCR is: 0x31 (controlled by hypervisor to let SMC pass through hyp mode) - 0xfffffff0: Read HTTBR (same order as mrrc r0,r1) - 0xfffffff1: Write HTTBR (same order as mcrr r0,r1) - 0xfffffff2: Read HTCR - 0xfffffff3: Write HTCR - 0xfffffff4: Read HMAIR0 - 0xfffffff5: Write HMAIR0 - 0xfffffff6: Read HMAIR1 - 0xfffffff7: Write HMAIR1 - 0xfffffff8: Read HSCTLR - 0xfffffff9: Write HSCTLR --- boot.S | 5 ++++ monitor.S | 89 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 94 insertions(+) diff --git a/boot.S b/boot.S index b71f197..7b3e0d4 100644 --- a/boot.S +++ b/boot.S @@ -50,6 +50,11 @@ _start: 2: mov r0, #0xf0000000 mcr p15, 0, r0, c12, c0, 1 @ Monitor vector base address + mov r7, #0xffffffff + smc #0 @ Change to NS-mode + + @TEST + mov r7, #0xfffffff0 smc #0 @ Change to NS-mode @ diff --git a/monitor.S b/monitor.S index 4747e70..6233e14 100644 --- a/monitor.S +++ b/monitor.S @@ -24,8 +24,97 @@ @ Secure Monitor Call @ 1: + cmp r7, #0xffffffff + beq _non_sec + + @ Check smc number and VMID + bic r12, r7, #0xf + cmp r12, #0xfffffff0 + movnes pc, lr + and r12, r7, #0xf + cmp r12, #0x9 + movgts pc, lr + + @ Check the VMID is 0 + mrrc p15, 6, r12, r13, c2 + lsr r13, r13, #16 + and r13, r13, #0xff + cmp r13, #0 + movnes pc, lr + + @ Jump to the right function + and r12, r7, #0xf + adr r13, _hyp_funcs + add r13, r13, r12, lsl #2 + ldr pc, [r13] + + @ + @ Jump table for the SMC hypervisor API calls + @ +_hyp_funcs: + .long _read_httbr + .long _write_httbr + .long _read_htcr + .long _write_htcr + .long _read_hmair0 + .long _write_hmair0 + .long _read_hmair1 + .long _write_hmair1 + .long _read_hsctlr + .long _write_hsctlr + + @ + @ Switch to non-secure mode + @ +_non_sec: mrc p15, 0, r0, c1, c1, 0 @ Secure configuration register bic r0, r0, #0x7f orr r0, r0, #0x31 mcr p15, 0, r0, c1, c1, 0 movs pc, lr + + @ + @ Read/Write HTTBR + @ +_read_httbr: + mrrc p15, 4, r0, r1, c2 + movs pc, lr +_write_httbr: + mcrr p15, 4, r0, r1, c2 + movs pc, lr + + @ + @ Read/Write HTCR + @ +_read_htcr: + mrc p15, 4, r0, c2, c0, 2 + movs pc, lr +_write_htcr: + mcr p15, 4, r0, c2, c0, 2 + movs pc, lr + + @ + @ Read/Write HMAIR0/1 + @ +_read_hmair0: + mrc p15, 4, r0, c10, c2, 0 + movs pc, lr +_write_hmair0: + mcr p15, 4, r0, c10, c2, 0 + movs pc, lr +_read_hmair1: + mrc p15, 4, r0, c10, c2, 1 + movs pc, lr +_write_hmair1: + mcr p15, 4, r0, c10, c2, 1 + movs pc, lr + + @ + @ Read/Write HSCTLR + @ +_read_hsctlr: + mrc p15, 4, r0, c1, c0, 0 + movs pc, lr +_write_hsctlr: + mcr p15, 4, r0, c1, c0, 0 + movs pc, lr -- cgit v1.2.3 From df1598690436a98c602ad9b7352a37e3c9ffa2e7 Mon Sep 17 00:00:00 2001 From: Christoffer Dall Date: Mon, 18 Apr 2011 10:54:07 +0200 Subject: Add more built files to .gitignore --- .gitignore | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.gitignore b/.gitignore index 04d0c55..05aa345 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,6 @@ filesystem.cpio.gz linux-system.axf uImage +model.lds +*.o +*.swp -- cgit v1.2.3 From 71049a0834ec48d4eb0f03efc34fbd2ae3d1a362 Mon Sep 17 00:00:00 2001 From: Christoffer Dall Date: Tue, 19 Apr 2011 05:58:08 +0200 Subject: Remove API test code --- boot.S | 3 --- 1 file changed, 3 deletions(-) diff --git a/boot.S b/boot.S index 7b3e0d4..e5cbd6b 100644 --- a/boot.S +++ b/boot.S @@ -53,9 +53,6 @@ _start: mov r7, #0xffffffff smc #0 @ Change to NS-mode - @TEST - mov r7, #0xfffffff0 - smc #0 @ Change to NS-mode @ @ UART initialisation (38400 8N1) -- cgit v1.2.3 From 446e06a134c48a549746e56ec7965b1d8a473940 Mon Sep 17 00:00:00 2001 From: Christoffer Dall Date: Tue, 19 Apr 2011 05:58:21 +0200 Subject: Init GIC priority mask field to 0x80 in secure mode --- boot.S | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/boot.S b/boot.S index e5cbd6b..78ca6ff 100644 --- a/boot.S +++ b/boot.S @@ -48,6 +48,12 @@ _start: @ Hypervisor / TrustZone initialization @ 2: + @ Set GIC priority mask bit [7] = 1 + ldr r0, =0x2c002000 @ CPU GIC base + mov r1, #0x80 + str r1, [r0, #0x4] @ GIC ICCPMR + + @ Change to NS-mode mov r0, #0xf0000000 mcr p15, 0, r0, c12, c0, 1 @ Monitor vector base address mov r7, #0xffffffff -- cgit v1.2.3 From f6a4aa162284a89ea25dd6c3dc7398efb8c5bc6e Mon Sep 17 00:00:00 2001 From: Christoffer Dall Date: Sat, 23 Apr 2011 12:26:30 +0200 Subject: Set interrupts to be non-secure --- boot.S | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/boot.S b/boot.S index 78ca6ff..3e5f33e 100644 --- a/boot.S +++ b/boot.S @@ -48,6 +48,18 @@ _start: @ Hypervisor / TrustZone initialization @ 2: + @ Set all interrupts to be non-secure + ldr r0, =0x2c001000 @ Dist GIC base + ldr r1, [r0, #0x04] @ Type Register + and r1, r1, #0x1f + add r2, r0, #0x080 @ Security Register 0 + mvn r3, #0 +3: str r3, [r2] + sub r1, r1, #1 + add r2, r2, #4 @ Next security register + cmp r1, #-1 + bne 3b + @ Set GIC priority mask bit [7] = 1 ldr r0, =0x2c002000 @ CPU GIC base mov r1, #0x80 -- cgit v1.2.3 From caf2b243c4e2dad98a375d455764d9859e6bee5e Mon Sep 17 00:00:00 2001 From: Christoffer Dall Date: Sat, 23 Apr 2011 12:26:45 +0200 Subject: Allow co-processor access from non-secure mode --- boot.S | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/boot.S b/boot.S index 3e5f33e..1a906d7 100644 --- a/boot.S +++ b/boot.S @@ -65,6 +65,12 @@ _start: mov r1, #0x80 str r1, [r0, #0x4] @ GIC ICCPMR + @ Set NSACR to allow coprocessor access from non-secure + mrc p15, 0, r0, c1, c1, 2 + ldr r1, =0x3fff + orr r0, r0, r1 + mcr p15, 0, r0, c1, c1, 2 + @ Change to NS-mode mov r0, #0xf0000000 mcr p15, 0, r0, c12, c0, 1 @ Monitor vector base address -- cgit v1.2.3 From dd754be958f3da4908ad0e89d1a6b863024964bf Mon Sep 17 00:00:00 2001 From: Christoffer Dall Date: Sun, 1 May 2011 17:34:31 +0200 Subject: Add functionality to initialize the Hyp_SP and HVBAR These registers must also be initialized by a hypervisor for it to run code in HYP mode. --- monitor.S | 31 ++++++++++++++++++++++++++++--- 1 file changed, 28 insertions(+), 3 deletions(-) diff --git a/monitor.S b/monitor.S index 6233e14..fd2742e 100644 --- a/monitor.S +++ b/monitor.S @@ -32,7 +32,7 @@ cmp r12, #0xfffffff0 movnes pc, lr and r12, r7, #0xf - cmp r12, #0x9 + cmp r12, #0xd movgts pc, lr @ Check the VMID is 0 @@ -62,14 +62,19 @@ _hyp_funcs: .long _write_hmair1 .long _read_hsctlr .long _write_hsctlr + .long _read_hypsp + .long _write_hypsp + .long _read_hvbar + .long _write_hvbar @ @ Switch to non-secure mode @ _non_sec: mrc p15, 0, r0, c1, c1, 0 @ Secure configuration register - bic r0, r0, #0x7f - orr r0, r0, #0x31 + bic r0, r0, #0x07f + ldr r13, =0x131 + orr r0, r0, r13 mcr p15, 0, r0, c1, c1, 0 movs pc, lr @@ -118,3 +123,23 @@ _read_hsctlr: _write_hsctlr: mcr p15, 4, r0, c1, c0, 0 movs pc, lr + + @ + @ Read/Write hyp sp + @ +_read_hypsp: + mov r0, sp + movs pc, lr +_write_hypsp: + mov sp, r0 + movs pc, lr + + @ + @ Read/Write HVBAR + @ +_read_hvbar: + mrc p15, 4, r0, c12, c0, 0 + movs pc, lr +_write_hvbar: + mcr p15, 4, r0, c12, c0, 0 + movs pc, lr -- cgit v1.2.3 From 224f381d00cc19e7f999a0f9018856a8d2bae988 Mon Sep 17 00:00:00 2001 From: Christoffer Dall Date: Thu, 5 May 2011 00:55:04 +0200 Subject: Make variable for kernel source location --- Makefile | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 1306c66..784f8cd 100644 --- a/Makefile +++ b/Makefile @@ -18,6 +18,7 @@ CPPFLAGS += -DVEXPRESS MONITOR = monitor.S BOOTLOADER = boot.S +KERNEL_SRC = ../linux-kvm-arm KERNEL = uImage FILESYSTEM = filesystem.cpio.gz @@ -35,8 +36,8 @@ clean: rm -f $(IMAGE) boot.o model.lds monitor.o uImage $(KERNEL): ../linux-kvm-arm/arch/arm/boot/zImage - cd ../linux-kvm-arm; make -j4 uImage - cp ../linux-kvm-arm/arch/arm/boot/uImage $(KERNEL) + cd $(KERNEL_SRC); make -j4 uImage + cp $(KERNEL_SRC)/arch/arm/boot/uImage $(KERNEL) $(IMAGE): boot.o monitor.o model.lds $(KERNEL) $(FILESYSTEM) Makefile $(LD) -o $@ --script=model.lds -- cgit v1.2.3 From 0d619da1d390944350535acee9d0c1a49b887a29 Mon Sep 17 00:00:00 2001 From: Christoffer Dall Date: Thu, 5 May 2011 08:54:10 +0200 Subject: Change the Hyp API to prepare for simpler version Move the writing of the HVBAR to the top, so we can simply strip off the rest afterwards. --- monitor.S | 23 +++++++++++------------ 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/monitor.S b/monitor.S index fd2742e..0c17017 100644 --- a/monitor.S +++ b/monitor.S @@ -52,6 +52,7 @@ @ Jump table for the SMC hypervisor API calls @ _hyp_funcs: + .long _write_hvbar .long _read_httbr .long _write_httbr .long _read_htcr @@ -64,8 +65,6 @@ _hyp_funcs: .long _write_hsctlr .long _read_hypsp .long _write_hypsp - .long _read_hvbar - .long _write_hvbar @ @ Switch to non-secure mode @@ -78,6 +77,16 @@ _non_sec: mcr p15, 0, r0, c1, c1, 0 movs pc, lr + @ + @ Read/Write HVBAR + @ +_read_hvbar: + mrc p15, 4, r0, c12, c0, 0 + movs pc, lr +_write_hvbar: + mcr p15, 4, r0, c12, c0, 0 + movs pc, lr + @ @ Read/Write HTTBR @ @@ -133,13 +142,3 @@ _read_hypsp: _write_hypsp: mov sp, r0 movs pc, lr - - @ - @ Read/Write HVBAR - @ -_read_hvbar: - mrc p15, 4, r0, c12, c0, 0 - movs pc, lr -_write_hvbar: - mcr p15, 4, r0, c12, c0, 0 - movs pc, lr -- cgit v1.2.3 From 91fe082326b74c6e88cd9a84e865c9f8b1f5258c Mon Sep 17 00:00:00 2001 From: Christoffer Dall Date: Fri, 6 May 2011 15:59:37 +0200 Subject: Conditionally set CROSS_COMPILE and use sec. ext. Only set CROSS_COMPILE if it's not already set in the environment and set it to arm-unknown-eabi- per default. Set "arch_extension sec" in boot.S code to allow newer compilers to accept the smc #0 instruction. --- Makefile | 2 +- boot.S | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 784f8cd..6dc9912 100644 --- a/Makefile +++ b/Makefile @@ -25,7 +25,7 @@ FILESYSTEM = filesystem.cpio.gz IMAGE = linux-system.axf LD_SCRIPT = model.lds.S -CROSS_COMPILE = arm-none-linux-gnueabi- +CROSS_COMPILE ?= arm-unknown-eabi- CC = $(CROSS_COMPILE)gcc LD = $(CROSS_COMPILE)ld diff --git a/boot.S b/boot.S index 1a906d7..1c803ac 100644 --- a/boot.S +++ b/boot.S @@ -8,6 +8,7 @@ */ .syntax unified + .arch_extension sec .text .globl _start -- cgit v1.2.3 From 366e6705e3c57ae49a2912a8016a308ffc1840c3 Mon Sep 17 00:00:00 2001 From: Christoffer Dall Date: Sun, 8 May 2011 14:54:26 +0200 Subject: Use simpler monitor-hypervisor API This API allows only setting the HVBAR and switching to non-secure mode: The non-secure privileged mode needs only write access to the HVBAR to configure its own hypervisor state, given that the MMU is disabled in Hyp mode. All callers can switch to non-secure mode, but setting the HVBAR requires VTTBR.VMID==0, otherwise the call simply returns. Overall API convention: - r7 == 0xfffffff0 - r0 the new HVBAR value - r4-r11 are preserved --- monitor.S | 73 +-------------------------------------------------------------- 1 file changed, 1 insertion(+), 72 deletions(-) diff --git a/monitor.S b/monitor.S index 0c17017..b301eae 100644 --- a/monitor.S +++ b/monitor.S @@ -32,7 +32,7 @@ cmp r12, #0xfffffff0 movnes pc, lr and r12, r7, #0xf - cmp r12, #0xd + cmp r12, #0x0 movgts pc, lr @ Check the VMID is 0 @@ -53,18 +53,6 @@ @ _hyp_funcs: .long _write_hvbar - .long _read_httbr - .long _write_httbr - .long _read_htcr - .long _write_htcr - .long _read_hmair0 - .long _write_hmair0 - .long _read_hmair1 - .long _write_hmair1 - .long _read_hsctlr - .long _write_hsctlr - .long _read_hypsp - .long _write_hypsp @ @ Switch to non-secure mode @@ -80,65 +68,6 @@ _non_sec: @ @ Read/Write HVBAR @ -_read_hvbar: - mrc p15, 4, r0, c12, c0, 0 - movs pc, lr _write_hvbar: mcr p15, 4, r0, c12, c0, 0 movs pc, lr - - @ - @ Read/Write HTTBR - @ -_read_httbr: - mrrc p15, 4, r0, r1, c2 - movs pc, lr -_write_httbr: - mcrr p15, 4, r0, r1, c2 - movs pc, lr - - @ - @ Read/Write HTCR - @ -_read_htcr: - mrc p15, 4, r0, c2, c0, 2 - movs pc, lr -_write_htcr: - mcr p15, 4, r0, c2, c0, 2 - movs pc, lr - - @ - @ Read/Write HMAIR0/1 - @ -_read_hmair0: - mrc p15, 4, r0, c10, c2, 0 - movs pc, lr -_write_hmair0: - mcr p15, 4, r0, c10, c2, 0 - movs pc, lr -_read_hmair1: - mrc p15, 4, r0, c10, c2, 1 - movs pc, lr -_write_hmair1: - mcr p15, 4, r0, c10, c2, 1 - movs pc, lr - - @ - @ Read/Write HSCTLR - @ -_read_hsctlr: - mrc p15, 4, r0, c1, c0, 0 - movs pc, lr -_write_hsctlr: - mcr p15, 4, r0, c1, c0, 0 - movs pc, lr - - @ - @ Read/Write hyp sp - @ -_read_hypsp: - mov r0, sp - movs pc, lr -_write_hypsp: - mov sp, r0 - movs pc, lr -- cgit v1.2.3 From d489b9de2299863e19895cd49b81e308f6e63ef9 Mon Sep 17 00:00:00 2001 From: Christoffer Dall Date: Wed, 11 May 2011 14:20:24 +0200 Subject: Use monitor stack to avoid caller-save Use callee-save by implementing a small stack space in the monitor instead. --- monitor.S | 37 +++++++++++++++++++++++++------------ 1 file changed, 25 insertions(+), 12 deletions(-) diff --git a/monitor.S b/monitor.S index b301eae..052ab1e 100644 --- a/monitor.S +++ b/monitor.S @@ -24,6 +24,9 @@ @ Secure Monitor Call @ 1: + ldr sp, =_monitor_stack + push {r11, r12} + cmp r7, #0xffffffff beq _non_sec @@ -33,20 +36,22 @@ movnes pc, lr and r12, r7, #0xf cmp r12, #0x0 + popgt {r11, r12} movgts pc, lr @ Check the VMID is 0 - mrrc p15, 6, r12, r13, c2 - lsr r13, r13, #16 - and r13, r13, #0xff - cmp r13, #0 + mrrc p15, 6, r12, r11, c2 + lsr r11, r11, #16 + and r11, r11, #0xff + cmp r11, #0 + popne {r11, r12} movnes pc, lr @ Jump to the right function and r12, r7, #0xf - adr r13, _hyp_funcs - add r13, r13, r12, lsl #2 - ldr pc, [r13] + adr r11, _hyp_funcs + add r11, r11, r12, lsl #2 + ldr pc, [r11] @ @ Jump table for the SMC hypervisor API calls @@ -58,11 +63,12 @@ _hyp_funcs: @ Switch to non-secure mode @ _non_sec: - mrc p15, 0, r0, c1, c1, 0 @ Secure configuration register - bic r0, r0, #0x07f - ldr r13, =0x131 - orr r0, r0, r13 - mcr p15, 0, r0, c1, c1, 0 + mrc p15, 0, r12, c1, c1, 0 @ Secure configuration register + bic r12, r12, #0x07f + ldr r11, =0x131 + orr r12, r12, r11 + mcr p15, 0, r12, c1, c1, 0 + pop {r11, r12} movs pc, lr @ @@ -70,4 +76,11 @@ _non_sec: @ _write_hvbar: mcr p15, 4, r0, c12, c0, 0 + pop {r11, r12} movs pc, lr + + .ltorg + + /* A bit of stack space for monitor mode */ + .align 12 +_monitor_stack: -- cgit v1.2.3 From 4d3654275c8953a9695734c6ff5d0629c040c72c Mon Sep 17 00:00:00 2001 From: Marc Zyngier Date: Thu, 17 Nov 2011 16:23:33 +0000 Subject: KVM-A15: boot-wrapper: fix non-secure SMP boot The boot wrapper suffers from a few problems when it comes to setup the secondary CPUs, as only the boot CPU hits the non-secure setup path. Move the non-secure setup to the common path, taking care of only configuring GICD_IGROUPR0 on secondary CPUs. Also set bit 18 in NSACR to allow the SMP bit to be set in the Auxiliary Control Register (A15 specific). Tested on A15 model v6.1.70. Cc: Christopher Dall Cc: Catalin Marinas Signed-off-by: Marc Zyngier --- boot.S | 71 ++++++++++++++++++++++++++++++++++++------------------------------ 1 file changed, 39 insertions(+), 32 deletions(-) diff --git a/boot.S b/boot.S index 1c803ac..6727b99 100644 --- a/boot.S +++ b/boot.S @@ -17,49 +17,26 @@ _start: @ @ CPU initialisation @ - mrc p15, 0, r0, c0, c0, 5 @ MPIDR (ARMv7 only) - and r0, r0, #15 @ CPU number - cmp r0, #0 @ primary CPU? - beq 2f - - @ - @ Secondary CPUs (following the RealView SMP booting protocol) - @ - ldr r1, =filesystem - 0x100 - adr r2, 1f - ldmia r2, {r3 - r7} @ move the code to a location - stmia r1, {r3 - r7} @ less likely to be overridden -#ifdef VEXPRESS - ldr r0, =0x1c010030 @ VE SYS_FLAGS register -#else - ldr r0, =0x10000030 @ RealView SYS_FLAGS register -#endif - mov pc, r1 @ branch to the relocated code -1: -#ifdef VEXPRESS - wfe -#endif - ldr r1, [r0] - cmp r1, #0 - beq 1b - mov pc, r1 @ branch to the given address -#endif + mrc p15, 0, r4, c0, c0, 5 @ MPIDR (ARMv7 only) + and r4, r4, #15 @ CPU number @ @ Hypervisor / TrustZone initialization @ -2: + @ Set all interrupts to be non-secure ldr r0, =0x2c001000 @ Dist GIC base ldr r1, [r0, #0x04] @ Type Register - and r1, r1, #0x1f + cmp r4, #0 + andeq r1, r1, #0x1f + movne r1, #0 add r2, r0, #0x080 @ Security Register 0 mvn r3, #0 -3: str r3, [r2] +2: str r3, [r2] sub r1, r1, #1 add r2, r2, #4 @ Next security register cmp r1, #-1 - bne 3b + bne 2b @ Set GIC priority mask bit [7] = 1 ldr r0, =0x2c002000 @ CPU GIC base @@ -68,7 +45,7 @@ _start: @ Set NSACR to allow coprocessor access from non-secure mrc p15, 0, r0, c1, c1, 2 - ldr r1, =0x3fff + ldr r1, =0x43fff orr r0, r0, r1 mcr p15, 0, r0, c1, c1, 2 @@ -78,7 +55,37 @@ _start: mov r7, #0xffffffff smc #0 @ Change to NS-mode + @ Check CPU nr again + mrc p15, 0, r0, c0, c0, 5 @ MPIDR (ARMv7 only) + and r0, r0, #15 @ CPU number + cmp r0, #0 @ primary CPU? + beq 2f + + @ + @ Secondary CPUs (following the RealView SMP booting protocol) + @ + ldr r1, =filesystem - 0x100 + adr r2, 1f + ldmia r2, {r3 - r7} @ move the code to a location + stmia r1, {r3 - r7} @ less likely to be overridden +#ifdef VEXPRESS + ldr r0, =0x1c010030 @ VE SYS_FLAGS register +#else + ldr r0, =0x10000030 @ RealView SYS_FLAGS register +#endif + mov pc, r1 @ branch to the relocated code +1: +#ifdef VEXPRESS + wfe +#endif + ldr r1, [r0] + cmp r1, #0 + beq 1b + mov pc, r1 @ branch to the given address +#endif + +2: @ @ UART initialisation (38400 8N1) @ -- cgit v1.2.3