Hi,
I just got a raspberry pi 2 and I'd like to play with Trustzone.
People on the Raspberry forum http://www.raspberrypi.org/forums/viewtopic.php?p=697474#p697474 explained me how to
get my hand on the boot of the 4 core A7 CPU, and I managed to boot my kernel (at 0x8000) in monitor mode, thus I can
do pretty much whatever I want (by replacing the 'movs pc, lr' by a 'bx lr' at the end of the secure_monitor, cf line 50 at http://pastebin.com/rgGgBuTN).
However, I'm trying to understand the code they gave me, and I noticed some really weird situation:
- If I replace the 'smc #0' instruction line 80 with a 'cps #MON_MODE' followed by the body of the _secure_monitor handler, the boot hangs (see http://pastebin.com/TngpAmt1)
I thought that 'smc' only updated cpsr, sprs and lr. Is an explicit 'smc' instruction is required to successfully initialize a cortex A7 ?
- In the _secure_monitor, if I do not set SCR.NS to 1, I expected to stay in secure mode, but the boot hangs
- However, once I reached my code (0x8000), I can change SCR.NS any way I want.
I'm really not familiar with CPU initialization and SMP context, any help to understand what is happening is welcome !
Best,
Vincent
I think I finally understood what happens and I managed to do exactly what I wanted in the "boot" part of their code.
Just for the record, I added an ISB in the secure monitor, to be sure. And after changing the "non secure only" cp15 registers, I switch back NS to 0. Then, when I exit from the smc call, I am still in SVC secure mode.
I am now able to rewrite this boot sequence in another way, and setup a meaningful secure_monitor instead.
Thanks to your input, it was very helpful.