Commit
8bc347e2ec17 "ARM: bootm: Allow booting in secure mode on hyp capable
systems" added the capability to select nonsec vs sec mode boot via an
environment var.
There is a subtle gotcha with this functionality, which is that the PSCI nodes
are still created in the fdt (via armv7_update_dt->fdt_psci) even when booting
in secure mode. Which means that if the kernel is PSCI aware then it will fail
to boot because it will try and do PSCI from secure world, which won't work.
This likely didn't get noticed before because the original purpose was to
support booting the legacy linux-sunxi kernels which don't understand PSCI.
To fix expose boot_nonsec (renaming with armv7_ prefix) outside of bootm.c and
use from the virt-dt code.
As well as avoiding the creation of the PSCI nodes we should also avoid
reserving the secure RAM, so do so.
Signed-off-by: Ian Campbell <ijc@hellion.org.uk>
Cc: Hans de Goede <hdegoede@redhat.com>
Cc: Albert ARIBAUD <albert.u.boot@aribaud.net>
Cc: Tom Rini <trini@ti.com>
Acked-by: Hans de Goede <hdegoede@redhat.com>
int armv7_update_dt(void *fdt)
{
+ if (!armv7_boot_nonsec())
+ return 0;
#ifndef CONFIG_ARMV7_SECURE_BASE
/* secure code lives in RAM, keep it alive */
fdt_add_mem_rsv(fdt, (unsigned long)__secure_start,
int armv7_init_nonsec(void);
int armv7_update_dt(void *fdt);
+bool armv7_boot_nonsec(void);
/* defined in assembly file */
unsigned int _nonsec_init(void);
}
#if defined(CONFIG_ARMV7_NONSEC) || defined(CONFIG_ARMV7_VIRT)
-static bool boot_nonsec(void)
+bool armv7_boot_nonsec(void)
{
char *s = getenv("bootm_boot_mode");
#ifdef CONFIG_ARMV7_BOOT_SEC_DEFAULT
if (!fake) {
#if defined(CONFIG_ARMV7_NONSEC) || defined(CONFIG_ARMV7_VIRT)
- if (boot_nonsec()) {
+ if (armv7_boot_nonsec()) {
armv7_init_nonsec();
secure_ram_addr(_do_nonsec_entry)(kernel_entry,
0, machid, r2);