Some boards decided not to run ATF or other secure firmware in EL3, so
they instead run U-Boot there. The uEFI spec doesn't know what EL3 is
though - it only knows about EL2 and EL1. So if we see that we're running
in EL3, let's get into EL2 to make payloads happy.

Signed-off-by: Alexander Graf <ag...@suse.de>

---

v4 -> v5:

  - Remove manual ttbr / tcr copy
  - Regenerate page tables in EL2, getting us non-secured page tables
---
 cmd/bootefi.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/cmd/bootefi.c b/cmd/bootefi.c
index 8714666..32148d7 100644
--- a/cmd/bootefi.c
+++ b/cmd/bootefi.c
@@ -224,6 +224,17 @@ static unsigned long do_bootefi_exec(void *efi, void *fdt)
                return status == EFI_SUCCESS ? 0 : -EINVAL;
        }
 
+#ifdef CONFIG_ARM64
+       /* On AArch64 we need to make sure we call our payload in < EL3 */
+       if (current_el() == 3) {
+               smp_kick_all_cpus();
+               dcache_disable();       /* flush cache before switch to EL2 */
+               armv8_switch_to_el2();
+               /* Enable caches again */
+               dcache_enable();
+       }
+#endif
+
        return entry(&loaded_image_info, &systab);
 }
 
-- 
1.8.5.6

_______________________________________________
U-Boot mailing list
U-Boot@lists.denx.de
http://lists.denx.de/mailman/listinfo/u-boot

Reply via email to