mirror of
				https://source.denx.de/u-boot/u-boot.git
				synced 2025-10-24 22:11:26 +02:00 
			
		
		
		
	The current non-sec switching code suffers from one major issue: it cannot run in secure RAM, as a large part of u-boot still needs to be run while we're switched to non-secure. This patch reworks the whole HYP/non-secure strategy by: - making sure the secure code is the *last* thing u-boot executes before entering the payload - performing an exception return from secure mode directly into the payload - allowing the code to be dynamically relocated to secure RAM before switching to non-secure. This involves quite a bit of horrible code, specially as u-boot relocation is quite primitive. Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> Acked-by: Ian Campbell <ijc@hellion.org.uk>
		
			
				
	
	
		
			27 lines
		
	
	
		
			640 B
		
	
	
	
		
			C
		
	
	
	
	
	
			
		
		
	
	
			27 lines
		
	
	
		
			640 B
		
	
	
	
		
			C
		
	
	
	
	
	
| #ifndef __ASM_SECURE_H
 | |
| #define __ASM_SECURE_H
 | |
| 
 | |
| #include <config.h>
 | |
| 
 | |
| #ifdef CONFIG_ARMV7_SECURE_BASE
 | |
| /*
 | |
|  * Warning, horror ahead.
 | |
|  *
 | |
|  * The target code lives in our "secure ram", but u-boot doesn't know
 | |
|  * that, and has blindly added reloc_off to every relocation
 | |
|  * entry. Gahh. Do the opposite conversion. This hack also prevents
 | |
|  * GCC from generating code veeners, which u-boot doesn't relocate at
 | |
|  * all...
 | |
|  */
 | |
| #define secure_ram_addr(_fn) ({						\
 | |
| 			DECLARE_GLOBAL_DATA_PTR;			\
 | |
| 			void *__fn = _fn;				\
 | |
| 			typeof(_fn) *__tmp = (__fn - gd->reloc_off);	\
 | |
| 			__tmp;						\
 | |
| 		})
 | |
| #else
 | |
| #define secure_ram_addr(_fn)	(_fn)
 | |
| #endif
 | |
| 
 | |
| #endif
 |