Commit 604d5da6 authored by danh-arm's avatar danh-arm
Browse files

Merge pull request #383 from vikramkanigiri/vk/tf-issues-314-v1

Ensure BL2 security state is secure
parents 02516ae4 a2f8b166
......@@ -44,14 +44,16 @@
******************************************************************************/
static void __dead2 bl1_run_bl2(entry_point_info_t *bl2_ep)
{
/* Check bl2 security state is expected as secure */
assert(GET_SECURITY_STATE(bl2_ep->h.attr) == SECURE);
/* Check NS Bit is also set as secure */
assert(!(read_scr_el3() & SCR_NS_BIT));
bl1_arch_next_el_setup();
/* Tell next EL what we want done */
bl2_ep->args.arg0 = RUN_IMAGE;
if (GET_SECURITY_STATE(bl2_ep->h.attr) == NON_SECURE)
change_security_state(GET_SECURITY_STATE(bl2_ep->h.attr));
write_spsr_el3(bl2_ep->spsr);
write_elr_el3(bl2_ep->pc);
......
......@@ -59,19 +59,6 @@ static inline unsigned int is_page_aligned (unsigned long addr) {
return (addr & (page_size - 1)) == 0;
}
void change_security_state(unsigned int target_security_state)
{
unsigned long scr = read_scr();
assert(sec_state_is_valid(target_security_state));
if (target_security_state == SECURE)
scr &= ~SCR_NS_BIT;
else
scr |= SCR_NS_BIT;
write_scr(scr);
}
/******************************************************************************
* Determine whether the memory region delimited by 'addr' and 'size' is free,
* given the extents of free memory.
......
......@@ -234,7 +234,6 @@ CASSERT(sizeof(unsigned long) ==
* Function & variable prototypes
******************************************************************************/
unsigned long page_align(unsigned long, unsigned);
void change_security_state(unsigned int);
unsigned long image_size(unsigned int image_id);
int load_image(meminfo_t *mem_layout,
unsigned int image_id,
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment