Re: [PATCH] arm: Handle starting up in secure mode

On Wed, Aug 26, 2015 at 12:39 PM, Dave Martin wrote: > Shouldn't the bootloader or firmware be doing this stuff, and if not, > why not? Firmware yes, bootloader no, or maybe. Bootloaders IMO loads in images, checksum, even public key check or whatever, then sets up the basics and boot them.

Re: [PATCH] arm: Handle starting up in secure mode

On Wed, Aug 26, 2015 at 12:39 PM, Dave Martin wrote: > Shouldn't the bootloader or firmware be doing this stuff, and if not, > why not? Firmware yes, bootloader no, or maybe. Bootloaders IMO loads in images, checksum, even public key check or whatever, then sets up the

Re: [PATCH] arm: Handle starting up in secure mode

On 24/08/15 14:55, Christopher Covington wrote: ARM Linux appears to have never been made aware of the ARMv7 security extensions. When CONFIG_ARM_SEC_EXT=y, have it probe for its security state by checking whether CNTFRQ is writeable and potentially make mode changes based on the information.

Re: [PATCH] arm: Handle starting up in secure mode

On Wed, Aug 26, 2015 at 10:19:39AM -0400, Christopher Covington wrote: > Hi, > > Thank you for the feedback. > > On 08/26/2015 06:48 AM, Russell King - ARM Linux wrote: > > On Wed, Aug 26, 2015 at 11:39:42AM +0100, Dave Martin wrote: > >> On Mon, Aug 24, 2015 at 09:55:26AM -0400, Christopher

Re: [PATCH] arm: Handle starting up in secure mode

On Wed, Aug 26, 2015 at 10:19:39AM -0400, Christopher Covington wrote: Hi, Thank you for the feedback. On 08/26/2015 06:48 AM, Russell King - ARM Linux wrote: On Wed, Aug 26, 2015 at 11:39:42AM +0100, Dave Martin wrote: On Mon, Aug 24, 2015 at 09:55:26AM -0400, Christopher Covington

Re: [PATCH] arm: Handle starting up in secure mode

On 24/08/15 14:55, Christopher Covington wrote: ARM Linux appears to have never been made aware of the ARMv7 security extensions. When CONFIG_ARM_SEC_EXT=y, have it probe for its security state by checking whether CNTFRQ is writeable and potentially make mode changes based on the information.

Re: [PATCH] arm: Handle starting up in secure mode

Hi, Thank you for the feedback. On 08/26/2015 06:48 AM, Russell King - ARM Linux wrote: > On Wed, Aug 26, 2015 at 11:39:42AM +0100, Dave Martin wrote: >> On Mon, Aug 24, 2015 at 09:55:26AM -0400, Christopher Covington wrote: >>> ARM Linux appears to have never been made aware of the ARMv7

Re: [PATCH] arm: Handle starting up in secure mode

On Wed, Aug 26, 2015 at 11:39:42AM +0100, Dave Martin wrote: > On Mon, Aug 24, 2015 at 09:55:26AM -0400, Christopher Covington wrote: > > ARM Linux appears to have never been made aware of the ARMv7 security > > extensions. When CONFIG_ARM_SEC_EXT=y, have it probe for its security > > state by

Re: [PATCH] arm: Handle starting up in secure mode

On Mon, Aug 24, 2015 at 09:55:26AM -0400, Christopher Covington wrote: > +/* > + * ARM Linux has the most features available in hypervisor mode and > + * running in non-secure mode is recommended. Thus, try to get into > + * hypervisor mode if we're not already there, or failing that, try > + * to

Re: [PATCH] arm: Handle starting up in secure mode

On Mon, Aug 24, 2015 at 09:55:26AM -0400, Christopher Covington wrote: > ARM Linux appears to have never been made aware of the ARMv7 security > extensions. When CONFIG_ARM_SEC_EXT=y, have it probe for its security > state by checking whether CNTFRQ is writeable and potentially make > mode changes

Re: [PATCH] arm: Handle starting up in secure mode

On 24 August 2015 at 15:55, Christopher Covington wrote: > ARM Linux appears to have never been made aware of the ARMv7 security > extensions. When CONFIG_ARM_SEC_EXT=y, have it probe for its security > state by checking whether CNTFRQ is writeable and potentially make > mode changes based on the

Re: [PATCH] arm: Handle starting up in secure mode

On 24 August 2015 at 15:55, Christopher Covington c...@codeaurora.org wrote: ARM Linux appears to have never been made aware of the ARMv7 security extensions. When CONFIG_ARM_SEC_EXT=y, have it probe for its security state by checking whether CNTFRQ is writeable and potentially make mode

Re: [PATCH] arm: Handle starting up in secure mode

On Mon, Aug 24, 2015 at 09:55:26AM -0400, Christopher Covington wrote: ARM Linux appears to have never been made aware of the ARMv7 security extensions. When CONFIG_ARM_SEC_EXT=y, have it probe for its security state by checking whether CNTFRQ is writeable and potentially make mode changes

Re: [PATCH] arm: Handle starting up in secure mode

On Wed, Aug 26, 2015 at 11:39:42AM +0100, Dave Martin wrote: On Mon, Aug 24, 2015 at 09:55:26AM -0400, Christopher Covington wrote: ARM Linux appears to have never been made aware of the ARMv7 security extensions. When CONFIG_ARM_SEC_EXT=y, have it probe for its security state by checking

Re: [PATCH] arm: Handle starting up in secure mode

On Mon, Aug 24, 2015 at 09:55:26AM -0400, Christopher Covington wrote: +/* + * ARM Linux has the most features available in hypervisor mode and + * running in non-secure mode is recommended. Thus, try to get into + * hypervisor mode if we're not already there, or failing that, try + * to get

Re: [PATCH] arm: Handle starting up in secure mode

Hi, Thank you for the feedback. On 08/26/2015 06:48 AM, Russell King - ARM Linux wrote: On Wed, Aug 26, 2015 at 11:39:42AM +0100, Dave Martin wrote: On Mon, Aug 24, 2015 at 09:55:26AM -0400, Christopher Covington wrote: ARM Linux appears to have never been made aware of the ARMv7 security

[PATCH] arm: Handle starting up in secure mode

ARM Linux appears to have never been made aware of the ARMv7 security extensions. When CONFIG_ARM_SEC_EXT=y, have it probe for its security state by checking whether CNTFRQ is writeable and potentially make mode changes based on the information. The most features are available from hypervisor

[PATCH] arm: Handle starting up in secure mode

ARM Linux appears to have never been made aware of the ARMv7 security extensions. When CONFIG_ARM_SEC_EXT=y, have it probe for its security state by checking whether CNTFRQ is writeable and potentially make mode changes based on the information. The most features are available from hypervisor