[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [RFC PATCH 0/3] pflash_cfi01: allow reading/writing it
From: |
Paolo Bonzini |
Subject: |
Re: [Qemu-devel] [RFC PATCH 0/3] pflash_cfi01: allow reading/writing it only in secure mode |
Date: |
Thu, 09 Apr 2015 16:43:41 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 |
On 09/04/2015 15:58, Edgar E. Iglesias wrote:
> Hi Paulo,
>
> How would this work with XIP off the romd region?
> Without s/ns address spaces, CPUs in NS state will be able to execute
> and access data while in ROMD state won't they?
Good point! In fact, even with S/NS address spaces, the ROMD state is
global across all CPUs, so if one CPU does a secure write all other CPUs
would fail to access the ROM in non-secure mode. Even if I modified
pflash_mem_read to return ROM contents, it would fail to execute.
This works for UEFI because the reset vector is the only executable code
in the flash. The actual firmware volumes are compressed.
> I may be missing something...
You may also be missing (I didn't say it) that this is for x86 not ARM. :->
Paolo
- [Qemu-devel] [RFC PATCH 0/3] pflash_cfi01: allow reading/writing it only in secure mode, Paolo Bonzini, 2015/04/09
- [Qemu-devel] [PATCH 1/3] pflash_cfi01: change big-endian property to BIT type, Paolo Bonzini, 2015/04/09
- [Qemu-devel] [PATCH 3/3] pflash_cfi01: add secure property, Paolo Bonzini, 2015/04/09
- [Qemu-devel] [PATCH 2/3] pflash_cfi01: change to new-style MMIO accessors, Paolo Bonzini, 2015/04/09
- Re: [Qemu-devel] [RFC PATCH 0/3] pflash_cfi01: allow reading/writing it only in secure mode, Peter Maydell, 2015/04/09
- Re: [Qemu-devel] [RFC PATCH 0/3] pflash_cfi01: allow reading/writing it only in secure mode, Paolo Bonzini, 2015/04/09
- Re: [Qemu-devel] [RFC PATCH 0/3] pflash_cfi01: allow reading/writing it only in secure mode, Peter Maydell, 2015/04/09
- Re: [Qemu-devel] [RFC PATCH 0/3] pflash_cfi01: allow reading/writing it only in secure mode, Edgar E. Iglesias, 2015/04/09
- Re: [Qemu-devel] [RFC PATCH 0/3] pflash_cfi01: allow reading/writing it only in secure mode,
Paolo Bonzini <=
- Re: [Qemu-devel] [RFC PATCH 0/3] pflash_cfi01: allow reading/writing it only in secure mode, Laszlo Ersek, 2015/04/09
- Re: [Qemu-devel] [RFC PATCH 0/3] pflash_cfi01: allow reading/writing it only in secure mode, Paolo Bonzini, 2015/04/09
- Re: [Qemu-devel] [RFC PATCH 0/3] pflash_cfi01: allow reading/writing it only in secure mode, Edgar E. Iglesias, 2015/04/09
- Re: [Qemu-devel] [RFC PATCH 0/3] pflash_cfi01: allow reading/writing it only in secure mode, Peter Maydell, 2015/04/10