mirror of
https://source.denx.de/u-boot/u-boot.git
synced 2025-11-04 02:11:25 +01:00
f510aeae68
The current non-sec switching code suffers from one major issue: it cannot run in secure RAM, as a large part of u-boot still needs to be run while we're switched to non-secure. This patch reworks the whole HYP/non-secure strategy by: - making sure the secure code is the *last* thing u-boot executes before entering the payload - performing an exception return from secure mode directly into the payload - allowing the code to be dynamically relocated to secure RAM before switching to non-secure. This involves quite a bit of horrible code, specially as u-boot relocation is quite primitive. Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> Acked-by: Ian Campbell <ijc@hellion.org.uk>
27 lines
640 B
C
27 lines
640 B
C
#ifndef __ASM_SECURE_H
|
|
#define __ASM_SECURE_H
|
|
|
|
#include <config.h>
|
|
|
|
#ifdef CONFIG_ARMV7_SECURE_BASE
|
|
/*
|
|
* Warning, horror ahead.
|
|
*
|
|
* The target code lives in our "secure ram", but u-boot doesn't know
|
|
* that, and has blindly added reloc_off to every relocation
|
|
* entry. Gahh. Do the opposite conversion. This hack also prevents
|
|
* GCC from generating code veeners, which u-boot doesn't relocate at
|
|
* all...
|
|
*/
|
|
#define secure_ram_addr(_fn) ({ \
|
|
DECLARE_GLOBAL_DATA_PTR; \
|
|
void *__fn = _fn; \
|
|
typeof(_fn) *__tmp = (__fn - gd->reloc_off); \
|
|
__tmp; \
|
|
})
|
|
#else
|
|
#define secure_ram_addr(_fn) (_fn)
|
|
#endif
|
|
|
|
#endif
|