This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Attempt to set Secure Privileged Mode in armv7 A8 (using am3358 BBB silicon)?

Hello to the ARM experts,

I am relatively new to ARM hardware. Usually I use off the shelf systems (various Linux distros) to set up the BBB, as referent design.

Recently, I have started to dive more deep into the armv7 A8 programming model. And I found confusing areas (I have concrete questions to ask).

Namely, I would like to read the Secure Configuration Register:

http://infocenter.arm.com/help/topic/com.arm.doc.ddi0344k/DDI0344K_cortex_a8_r3p2_trm.pdf#page=133

To access the Secure Configuration Register, read or write CP15 with:

MRC p15, 0, <Rd>, c1, c1, 0 ; Read Secure Configuration Register data

MCR p15, 0, <Rd>, c1, c1, 0 ; Write Secure Configuration Register data

For this purpose, I wrote iny driver, which is presented here:

/*
 *  cp15_spm.c - how to read in Secure Privileged Mode (SPM) Secure Configuration Register data
 */
#include <linux/module.h>	/* Needed by all modules */
#include <linux/kernel.h>	/* Needed for KERN_INFO */
#include <linux/init.h>		/* Needed for the macros */

MODULE_LICENSE("GPL");				///< The license type -- this affects available functionality
MODULE_DESCRIPTION("An armv7 A8 test driver");	///< The description -- see modinfo
MODULE_VERSION("0.01");				///< A version number to inform users

static inline unsigned asm_get_cpsr(void) {
	unsigned long retval;

	__asm ("mrs	r0, cpsr");
	__asm ("bic	r0, r0, #0x1f");
	__asm ("orr	r0, r0, #0x16");
	__asm ("msr	cpsr_c, r0");
	__asm ("mrs     r0, cpsr" : "=r"(retval) );
	return retval;
}

static int read_SPM_registers(void) {
	unsigned int reg_value = 0;

	printk(KERN_INFO "------------------------------------------------\n");
	asm volatile("mrs %0, cpsr" : "=r"(reg_value) );
	printk(KERN_INFO "CPSR/R0 value is: 0x%08x\n", reg_value);
	printk(KERN_INFO "NEW CPSR/R0 value using asm_get_cpsr() is: 0x%08x\n", asm_get_cpsr());
#if 0
	asm(
		"mrs	r0, cpsr\n\t"
		"bic	r0, r0, #0x1f\n\t"
		"orr	r0, r0, #0x16\n\t"
		"msr	cpsr_c, r0\n\t"
	);
	asm volatile("mrs %0, cpsr" : "=r"(reg_value) );
	printk(KERN_INFO "NEW CPSR/R0 value using inline_asm is: 0x%08x\n", reg_value);
#endif
	printk(KERN_INFO "------------------------------------------------\n");

	asm volatile("mrc p15, 0, %0, c1, c1, 0" : "=r"(reg_value) );
	printk(KERN_INFO "Secure Configuration Register data: 0x%08x\n", reg_value);
//	asm volatile("mrc p15, 0, %0, c1, c1, 1" : "=r"(reg_value) );
//	printk(KERN_INFO "Secure Debug Enable Register: 0x%08x\n", reg_value);
	printk(KERN_INFO "\n");

	return 0;
}

static int __init cp15_spm_init(void) {
	printk(KERN_INFO "cp15_Test init\n");
	return read_SPM_registers();
}

static void __exit cp15_spm_exit(void) {
	read_SPM_registers();
	printk(KERN_INFO "cp15_Test exit\n");
}

module_init(cp15_spm_init);
module_exit(cp15_spm_exit);

While reading the first time CPSR register, I got the following value: 0x60000013 (b10011 Supervisor Mode) - I am root/superuser.

I tried to set CPSR mode (LSB 5 bits) to the b10110 Secure Monitor Mode, but it seems that with the above presented code I am NOT able to do that!

While executing the following code:

asm volatile("mrc p15, 0, %0, c1, c1, 0" : "=r"(reg_value) );

printk(KERN_INFO "Secure Configuration Register data: 0x%08x\n", reg_value);

I've got the following: Internal error: Oops - undefined instruction: 0 [#1] ARM

The full log from code execution is here:

root@beaglebone:~/projects/LKM# insmod cp15_spm.ko 
[22948.622390] cp15_Test init
[22948.625381] ------------------------------------------------
[22948.631303] CPSR/R0 value is: 0x60000013
[22948.635480] NEW CPSR/R0 value using asm_get_cpsr() is: 0xc0b1b014
[22948.641850] ------------------------------------------------
[22948.647822] Internal error: Oops - undefined instruction: 0 [#1] ARM
[22948.654463] Modules linked in: cp15_spm(O+) tilcdc backlight tda998x drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops drm drm_panel_orientation_quirks cfbfillrect cfbimgblt cfbcopyarea fb font [last unloaded: cp15_spm]
[22948.675841] CPU: 0 PID: 11611 Comm: insmod Tainted: G           O      5.0.15-jumpnow #1
[22948.684290] Hardware name: Generic AM33XX (Flattened Device Tree)
[22948.690670] PC is at read_SPM_registers+0x40/0x70 [cp15_spm]
[22948.696583] LR is at read_SPM_registers+0x40/0x70 [cp15_spm]
[22948.702492] pc : [<bf18f040>]    lr : [<bf18f040>]    psr: 60000013
[22948.709036] sp : de23ddb8  ip : 00000000  fp : c0b0b088
[22948.714491] r10: de088dd8  r9 : 00000000  r8 : 00000000
[22948.719947] r7 : c0b6c6a8  r6 : bf194000  r5 : c0b0b088  r4 : bf190054
[22948.726763] r3 : 52a37879  r2 : 52a37879  r1 : c0b1b014  r0 : 00000030
[22948.733581] Flags: nZCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment none
[22948.741033] Control: 10c5387d  Table: 9cb70019  DAC: 00000051
[22948.747039] Process insmod (pid: 11611, stack limit = 0x58c41661)
[22948.753401] Stack: (0xde23ddb8 to 0xde23e000)
[22948.757953] dda0:                                                       c0b6cee0 c0102dc4
[22948.766498] ddc0: c01ff024 c0169f64 de000080 006000c0 ffffe000 00000000 60000013 0000000c
[22948.775044] dde0: c019ee20 c0165dd8 c0b6c7b0 de000080 006000c0 c017df48 c0b6c7b0 c02440b0
[22948.783589] de00: 60000013 de7a4700 ffffe000 52a37879 bf191000 bf191000 bf191000 de69fcc0
[22948.792132] de20: de088d80 00000002 00000000 c019ee5c 00000002 c0165dd8 c0b6c730 c0b6c730
[22948.800678] de40: bf191000 c0b6d3f4 de088d80 c01a135c bf19100c 00007fff bf191000 c019e240
[22948.809223] de60: bf191048 c019d6b4 bf191214 00000000 bf191154 bf191170 c07047e0 c08b7e08
[22948.817766] de80: c085627c c0b0b088 00000000 c0855e84 00600001 00000000 c08cbc9c c08bfc80
[22948.826310] dea0: 00000000 00000000 00000000 00000000 00000000 00000000 6e72656b 00006c65
[22948.834855] dec0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[22948.843397] dee0: 00000000 00000000 00000000 00000000 00000000 52a37879 7fffffff c0b0b088
[22948.851941] df00: 00000000 00000003 004bfa68 c01011c4 de23c000 0000017b 00000000 c01a181c
[22948.860486] df20: 7fffffff 00000000 00000003 c0163ec0 c0b0b088 e0edf000 0000ffb0 00000000
[22948.869031] df40: e0edf1b2 e0edf3c0 e0edf000 0000ffb0 e0eee880 e0eee690 e0eeb394 00003000
[22948.877575] df60: 00003100 00000000 00000000 00000000 0000157c 0000002b 0000002c 00000017
[22948.886121] df80: 00000015 00000013 00000000 52a37879 00000000 004d3150 00000000 beedfc58
[22948.894664] dfa0: 0000017b c0101000 004d3150 00000000 00000003 004bfa68 00000000 00000000
[22948.903209] dfc0: 004d3150 00000000 beedfc58 0000017b 00000002 00000000 beedfdd8 00000000
[22948.911754] dfe0: beedfc20 beedfc10 004b6b58 b6e810a0 60000010 00000003 00000000 00000000
[22948.920331] [<bf18f040>] (read_SPM_registers [cp15_spm]) from [<c0102dc4>] (do_one_initcall+0x60/0x230)
[22948.930159] [<c0102dc4>] (do_one_initcall) from [<c019ee5c>] (do_init_module+0x64/0x214)
[22948.938615] [<c019ee5c>] (do_init_module) from [<c01a135c>] (load_module+0x22e8/0x2544)
[22948.946979] [<c01a135c>] (load_module) from [<c01a181c>] (sys_finit_module+0xc4/0xdc)
[22948.955160] [<c01a181c>] (sys_finit_module) from [<c0101000>] (ret_fast_syscall+0x0/0x28)
[22948.963700] Exception stack(0xde23dfa8 to 0xde23dff0)
[22948.968977] dfa0:                   004d3150 00000000 00000003 004bfa68 00000000 00000000
[22948.977519] dfc0: 004d3150 00000000 beedfc58 0000017b 00000002 00000000 beedfdd8 00000000
[22948.986060] dfe0: beedfc20 beedfc10 004b6b58 b6e810a0
[22948.991340] Code: e59f002c eb3f988d e1a00004 eb3f988b (ee111f11) 
[22948.997710] ---[ end trace b9732827550e3376 ]---

Broadcast message from systemd-journald@beaglebone (Thu 2019-06-13 18:51:58 UTC):

kernel[1422]: [22948.647822] Internal error: Oops - undefined instruction: 0 [#1] ARM


Broadcast message from systemd-journald@beaglebone (Thu 2019-06-13 18:51:58 UTC):

kernel[1422]: [22948.747039] Process insmod (pid: 11611, stack limit = 0x58c41661)


Broadcast message from systemd-journald@beaglebone (Thu 2019-06-13 18:51:58 UTC):

kernel[1422]: [22948.753401] Stack: (0xde23ddb8 to 0xde23e000)


Broadcast message from systemd-journald@beaglebone (Thu 2019-06-13 18:51:58 UTC):

kernel[1422]: [22948.757953] dda0:                                                       c0b6cee0 c0102dc4


Broadcast message from systemd-journald@beaglebone (Thu 2019-06-13 18:51:58 UTC):

kernel[1422]: [22948.766498] ddc0: c01ff024 c0169f64 de000080 006000c0 ffffe000 00000000 60000013 0000000c


Broadcast message from systemd-journald@beaglebone (Thu 2019-06-13 18:51:58 UTC):

kernel[1422]: [22948.775044] dde0: c019ee20 c0165dd8 c0b6c7b0 de000080 006000c0 c017df48 c0b6c7b0 c02440b0


Broadcast message from systemd-journald@beaglebone (Thu 2019-06-13 18:51:58 UTC):

kernel[1422]: [22948.783589] de00: 60000013 de7a4700 ffffe000 52a37879 bf191000 bf191000 bf191000 de69fcc0


Broadcast message from systemd-journald@beaglebone (Thu 2019-06-13 18:51:58 UTC):

kernel[1422]: [22948.792132] de20: de088d80 00000002 00000000 c019ee5c 00000002 c0165dd8 c0b6c730 c0b6c730


Broadcast message from systemd-journald@beaglebone (Thu 2019-06-13 18:51:58 UTC):

kernel[1422]: [22948.800678] de40: bf191000 c0b6d3f4 de088d80 c01a135c bf19100c 00007fff bf191000 c019e240


Broadcast message from systemd-journald@beaglebone (Thu 2019-06-13 18:51:58 UTC):

kernel[1422]: [22948.809223] de60: bf191048 c019d6b4 bf191214 00000000 bf191154 bf191170 c07047e0 c08b7e08


Broadcast message from systemd-journald@beaglebone (Thu 2019-06-13 18:51:58 UTC):

kernel[1422]: [22948.817766] de80: c085627c c0b0b088 00000000 c0855e84 00600001 00000000 c08cbc9c c08bfc80


Broadcast message from systemd-journald@beaglebone (Thu 2019-06-13 18:51:58 UTC):

kernel[1422]: [22948.826310] dea0: 00000000 00000000 00000000 00000000 00000000 00000000 6e72656b 00006c65


Broadcast message from systemd-journald@beaglebone (Thu 2019-06-13 18:51:58 UTC):

kernel[1422]: [22948.834855] dec0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000


Broadcast message from systemd-journald@beaglebone (Thu 2019-06-13 18:51:58 UTC):

kernel[1422]: [22948.843397] dee0: 00000000 00000000 00000000 00000000 00000000 52a37879 7fffffff c0b0b088


Broadcast message from systemd-journald@beaglebone (Thu 2019-06-13 18:51:58 UTC):

kernel[1422]: [22948.851941] df00: 00000000 00000003 004bfa68 c01011c4 de23c000 0000017b 00000000 c01a181c


Broadcast message from systemd-journald@beaglebone (Thu 2019-06-13 18:51:58 UTC):

kernel[1422]: [22948.860486] df20: 7fffffff 00000000 00000003 c0163ec0 c0b0b088 e0edf000 0000ffb0 00000000


Broadcast message from systemd-journald@beaglebone (Thu 2019-06-13 18:51:58 UTC):

kernel[1422]: [22948.869031] df40: e0edf1b2 e0edf3c0 e0edf000 0000ffb0 e0eee880 e0eee690 e0eeb394 00003000


Broadcast message from systemd-journald@beaglebone (Thu 2019-06-13 18:51:58 UTC):

kernel[1422]: [22948.877575] df60: 00003100 00000000 00000000 00000000 0000157c 0000002b 0000002c 00000017


Broadcast message from systemd-journald@beaglebone (Thu 2019-06-13 18:51:58 UTC):

kernel[1422]: [22948.886121] df80: 00000015 00000013 00000000 52a37879 00000000 004d3150 00000000 beedfc58


Broadcast message from systemd-journald@beaglebone (Thu 2019-06-13 18:51:58 UTC):

kernel[1422]: [22948.894664] dfa0: 0000017b c0101000 004d3150 00000000 00000003 004bfa68 00000000 00000000


Broadcast message from systemd-journald@beaglebone (Thu 2019-06-13 18:51:58 UTC):

kernel[1422]: [22948.903209] dfc0: 004d3150 00000000 beedfc58 0000017b 00000002 00000000 beedfdd8 00000000


Broadcast message from systemd-journald@beaglebone (Thu 2019-06-13 18:51:58 UTC):

kernel[1422]: [22948.911754] dfe0: beedfc20 beedfc10 004b6b58 b6e810a0 60000010 00000003 00000000 00000000


Broadcast message from systemd-journald@beaglebone (Thu 2019-06-13 18:51:58 UTC):

kernel[1422]: [22948.991340] Code: e59f002c eb3f988d e1a00004 eb3f988b (ee111f11)

Segmentation fault
root@beaglebone:~/projects/LKM#

Could you, please, show me the code snippet which switches Supervisor Mode to Secure Monitor Mode (if at all possible)?

Thank you,

_nobody_

Top replies

42Bastian Schick over 4 years ago +1 verified

AFAIK, TI uses secure mode, so you are running in non-secure mode. Only a few SMCs are used.

Parents

+1 42Bastian Schick over 4 years ago

AFAIK, TI uses secure mode, so you are running in non-secure mode. Only a few SMCs are used.
Cancel
Up +1 Down

Cancel

Reply

+1 42Bastian Schick over 4 years ago

AFAIK, TI uses secure mode, so you are running in non-secure mode. Only a few SMCs are used.
Cancel
Up +1 Down

Cancel

Children

0 _nobody_ over 4 years ago in reply to 42Bastian Schick

This is correct. I run in non-secure mode: 0x13 which is Supervisor Mode. Can I switch somehow in Secure Monitor Mode, and how to do it (if possible)?

Does anybody know which modes are used in am3358 (TI sitara), and/or where I can find the Sitara am3358 documentation?

Thank you!
Cancel
Up 0 Down

Cancel