summaryrefslogtreecommitdiff
path: root/README
diff options
context:
space:
mode:
authorStephen Warren <swarren@nvidia.com>2015-01-19 16:25:52 -0700
committerTom Warren <twarren@nvidia.com>2015-03-04 10:08:57 -0700
commit73c38934daa10b518b20f2d21298fc8a8226843b (patch)
tree68d0f8837373d2fce809f7e38bb4ff89f14558b9 /README
parent026baff755cbab0c8bfc12d78e6966718f5325a5 (diff)
downloadu-boot-73c38934daa10b518b20f2d21298fc8a8226843b.tar.gz
ARM: tegra: support running in non-secure mode
When the CPU is in non-secure (NS) mode (when running U-Boot under a secure monitor), certain actions cannot be taken, since they would need to write to secure-only registers. One example is configuring the ARM architectural timer's CNTFRQ register. We could support this in one of two ways: 1) Compile twice, once for secure mode (in which case anything goes) and once for non-secure mode (in which case certain actions are disabled). This complicates things, since everyone needs to keep track of different U-Boot binaries for different situations. 2) Detect NS mode at run-time, and optionally skip any impossible actions. This has the advantage of a single U-Boot binary working in all cases. (2) is not possible on ARM in general, since there's no architectural way to detect secure-vs-non-secure. However, there is a Tegra-specific way to detect this. This patches uses that feature to detect secure vs. NS mode on Tegra, and uses that to: * Skip the ARM arch timer initialization. * Set/clear an environment variable so that boot scripts can take different action depending on which mode the CPU is in. This might be something like: if CPU is secure: load secure monitor code into RAM. boot secure monitor. secure monitor will restart (a new copy of) U-Boot in NS mode. else: execute normal boot process Signed-off-by: Stephen Warren <swarren@nvidia.com> Signed-off-by: Tom Warren <twarren@nvidia.com>
Diffstat (limited to 'README')
-rw-r--r--README7
1 files changed, 7 insertions, 0 deletions
diff --git a/README b/README
index ba57dc5617..8a4c5a721e 100644
--- a/README
+++ b/README
@@ -621,6 +621,13 @@ The following options need to be configured:
exists, unlike the similar options in the Linux kernel. Do not
set these options unless they apply!
+- Tegra SoC options:
+ CONFIG_TEGRA_SUPPORT_NON_SECURE
+
+ Support executing U-Boot in non-secure (NS) mode. Certain
+ impossible actions will be skipped if the CPU is in NS mode,
+ such as ARM architectural timer initialization.
+
- Driver Model
Driver model is a new framework for devices in U-Boot
introduced in early 2014. U-Boot is being progressively