From c8e829b7bf6e1c84af8b4b13ee7fce2959c63e0e Mon Sep 17 00:00:00 2001
From: Greg Bellows <greg.bellows@linaro.org>
Date: Mon, 15 Dec 2014 17:09:47 -0600
Subject: target-arm: Add arm_boot_info secure_boot control

Adds the secure_boot boolean field to the arm_boot_info descriptor.  This
fields is used to indicate whether Linux should boot into secure or non-secure
state if the ARM EL3 feature is enabled.  The default is to leave the CPU in an
unaltered reset state.  On EL3 enabled systems, the reset state is secure and
can be overridden by setting the added field to false.

Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1418684992-8996-11-git-send-email-greg.bellows@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 hw/arm/boot.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'hw')

diff --git a/hw/arm/boot.c b/hw/arm/boot.c
index e6a3c5b..c8d1d4e 100644
--- a/hw/arm/boot.c
+++ b/hw/arm/boot.c
@@ -457,6 +457,16 @@ static void do_cpu_reset(void *opaque)
                 env->thumb = info->entry & 1;
             }
         } else {
+            /* If we are booting Linux then we need to check whether we are
+             * booting into secure or non-secure state and adjust the state
+             * accordingly.  Out of reset, ARM is defined to be in secure state
+             * (SCR.NS = 0), we change that here if non-secure boot has been
+             * requested.
+             */
+            if (arm_feature(env, ARM_FEATURE_EL3) && !info->secure_boot) {
+                env->cp15.scr_el3 |= SCR_NS;
+            }
+
             if (CPU(cpu) == first_cpu) {
                 if (env->aarch64) {
                     env->pc = info->loader_start;
-- 
cgit v1.1