This patchset adds some more secure-only devices to the virt board: (1) a 16MB secure-only RAM (2) the first flash device is secure-only
The second of these is strictly speaking a breaking change, but I don't expect it in practice to break anybody: (a) there's not much use of the secure support in virt yet (b) anything booting a rom image from that flash if TZ is enabled will be booting it in Secure mode anyway so will be able to access the code -- the only thing that would stop working would be if the guest flipped to NS and still expected to be able to access the flash The second flash device remains NS-accessible (with the expectation that it will be used for NS UEFI environment variable storage). In particular, the ATF+OPTEE+UEFI+Linux stack still works fine with these changes. NOTE: to get the -bios option to correctly load to the secure-only flash I had to implement a new function in loader.c. load_image_mr() is just like load_image_targphys() except that it requests loading to a MemoryRegion rather than a physaddr. I think we can also use this to clean up the Sparc cg3 and tcx display devices, which currently take a qdev property which is "the address I'm going to be mapped at" purely so they can use load_image_targphys() to load their ROMs. I have to say I found the loader.c code a bit confusing (it has some support for "load image to MR" already, but it seems to be tangled up with the fw_cfg and PC option rom support); review of that patch in particular appreciated. thanks -- PMM Peter Maydell (4): hw/arm/virt: Provide a secure-only RAM if booting in Secure mode loader: Add load_image_mr() to load ROM image to a MemoryRegion hw/arm/virt: Load bios image to MemoryRegion, not physaddr hw/arm/virt: Make first flash device Secure-only if booting secure hw/arm/virt.c | 118 ++++++++++++++++++++++++++++++++++++++------------ hw/core/loader.c | 35 +++++++++++++-- include/hw/arm/virt.h | 1 + include/hw/loader.h | 18 +++++++- 4 files changed, 138 insertions(+), 34 deletions(-) -- 1.9.1
