aboutsummaryrefslogtreecommitdiff
path: root/bl1
diff options
context:
space:
mode:
authorVikram Kanigiri <vikram.kanigiri@arm.com>2015-07-23 11:16:28 +0100
committerVikram Kanigiri <vikram.kanigiri@arm.com>2015-09-02 13:48:45 +0100
commita2f8b16650ab3d80864c0edfa205c2c8dd012b8d (patch)
tree5dcb8b750a49b4aef85310dc6cef818d309363ac /bl1
parente04723e21362c322b7725662871153dadb9d3167 (diff)
downloadtrusted-firmware-a-a2f8b16650ab3d80864c0edfa205c2c8dd012b8d.tar.gz
Ensure BL2 security state is secure
BL2 loads secure runtime code(BL3-1, BL3-2) and hence it has to run in secure world otherwise BL3-1/BL3-2 have to execute from non-secure memory. Hence, This patch removes the change_security_state() call in bl1_run_bl2() and replaces it with an assert to confirm the BL2 as secure. Fixes ARM-software/tf-issues#314 Change-Id: I611b83f5c4090e58a76a2e950b0d797b46df3c29
Diffstat (limited to 'bl1')
-rw-r--r--bl1/bl1_main.c8
1 files changed, 5 insertions, 3 deletions
diff --git a/bl1/bl1_main.c b/bl1/bl1_main.c
index e3225319b3..dad64e259f 100644
--- a/bl1/bl1_main.c
+++ b/bl1/bl1_main.c
@@ -44,14 +44,16 @@
******************************************************************************/
static void __dead2 bl1_run_bl2(entry_point_info_t *bl2_ep)
{
+ /* Check bl2 security state is expected as secure */
+ assert(GET_SECURITY_STATE(bl2_ep->h.attr) == SECURE);
+ /* Check NS Bit is also set as secure */
+ assert(!(read_scr_el3() & SCR_NS_BIT));
+
bl1_arch_next_el_setup();
/* Tell next EL what we want done */
bl2_ep->args.arg0 = RUN_IMAGE;
- if (GET_SECURITY_STATE(bl2_ep->h.attr) == NON_SECURE)
- change_security_state(GET_SECURITY_STATE(bl2_ep->h.attr));
-
write_spsr_el3(bl2_ep->spsr);
write_elr_el3(bl2_ep->pc);