Re: [PATCH] arm: Handle starting up in secure mode

From: Russell King - ARM Linux
Date: Wed Aug 26 2015 - 06:49:17 EST


On Wed, Aug 26, 2015 at 11:39:42AM +0100, Dave Martin wrote:
> On Mon, Aug 24, 2015 at 09:55:26AM -0400, Christopher Covington wrote:
> > ARM Linux appears to have never been made aware of the ARMv7 security
> > extensions. When CONFIG_ARM_SEC_EXT=y, have it probe for its security
> > state by checking whether CNTFRQ is writeable and potentially make
> > mode changes based on the information. The most features are available
> > from hypervisor (HYP) mode, so switch to it possible. Failing that,
> > prefer non-secure supervisor (SVC) mode to secure supervisor mode.
>
> Up to now we've steered clear of this, since it's a bit of a fig leaf
> for broken firmware unless Linux actually has some valid use for the
> Security Extensions itself.
>
> Shouldn't the bootloader or firmware be doing this stuff, and if not,
> why not?
>
>
> Some other things that would need to be considered in any case:
>
> * SoC-specific setup of the Non-secure view of the system: This has
> to happen very early, so making it DT aware is going to be hard --
> failing that, we are effectively risking bringing back board files.
> The split in responsibility between firmware/bootloader and kernel
> needs to be clearly defined and (as far as possible) platform-
> independent, otherwise we'll have total chaos.
>
> * Out of reset, generally the CPU state is only fully defined for the
> highest exception level. You probably need to be doing more setup
> than you're currently doing.
>
> * SMP, secondary boot and suspend/resume -- again involving board-
> specific code.
>
> * You need to safely "park" the Secure World before running anything
> in Non-Secure. As a minimum, you would need to quiesce any
> Secure interrupt sources, disable all interrupt traps to Monitor
> mode, and make sure that the Monitor vectors point somewhere
> real, so that executing SMC doesn't send the CPU off into the
> long grass...

Another question is: has this been tested with kexec?

--
FTTC broadband for 0.8mile line: currently at 10.5Mbps down 400kbps up
according to speedtest.net.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/