[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-arm] [Qemu-devel] [PATCH 0/4] virt: provide secure-only RAM an

From: Peter Maydell
Subject: Re: [Qemu-arm] [Qemu-devel] [PATCH 0/4] virt: provide secure-only RAM and first flash
Date: Thu, 25 Feb 2016 16:47:16 +0000

Ping? Review appreciated especially for the loader.c change...

-- PMM

On 12 February 2016 at 14:45, Peter Maydell <address@hidden> wrote:
> This patchset adds some more secure-only devices to the virt board:
>  (1) a 16MB secure-only RAM
>  (2) the first flash device is secure-only
> The second of these is strictly speaking a breaking change, but I don't
> expect it in practice to break anybody:
>  (a) there's not much use of the secure support in virt yet
>  (b) anything booting a rom image from that flash if TZ is enabled
>   will be booting it in Secure mode anyway so will be able to access
>   the code -- the only thing that would stop working would be if the
>   guest flipped to NS and still expected to be able to access the flash
> The second flash device remains NS-accessible (with the expectation that
> it will be used for NS UEFI environment variable storage).
> In particular, the ATF+OPTEE+UEFI+Linux stack still works fine with
> these changes.
> NOTE: to get the -bios option to correctly load to the secure-only
> flash I had to implement a new function in loader.c. load_image_mr()
> is just like load_image_targphys() except that it requests loading
> to a MemoryRegion rather than a physaddr. I think we can also use this
> to clean up the Sparc cg3 and tcx display devices, which currently take
> a qdev property which is "the address I'm going to be mapped at"
> purely so they can use load_image_targphys() to load their ROMs.
> I have to say I found the loader.c code a bit confusing (it has some
> support for "load image to MR" already, but it seems to be tangled
> up with the fw_cfg and PC option rom support); review of that
> patch in particular appreciated.
> thanks
> -- PMM
> Peter Maydell (4):
>   hw/arm/virt: Provide a secure-only RAM if booting in Secure mode
>   loader: Add load_image_mr() to load ROM image to a MemoryRegion
>   hw/arm/virt: Load bios image to MemoryRegion, not physaddr
>   hw/arm/virt: Make first flash device Secure-only if booting secure
>  hw/arm/virt.c         | 118 
> ++++++++++++++++++++++++++++++++++++++------------
>  hw/core/loader.c      |  35 +++++++++++++--
>  include/hw/arm/virt.h |   1 +
>  include/hw/loader.h   |  18 +++++++-
>  4 files changed, 138 insertions(+), 34 deletions(-)

reply via email to

[Prev in Thread] Current Thread [Next in Thread]