On 21.05.2014 20:14, Christopher Covington wrote: > Hi Peter, > > On 05/21/2014 10:46 AM, Peter Maydell wrote: >> On 13 May 2014 17:15, Fabian Aggeler <aggel...@ethz.ch> wrote: >>> From: Svetlana Fedoseeva <s.fedose...@samsung.com> >>> >>> Define Security Extensions CPU feature. Set that feature for relevant CPUs. >> This is potentially tricky because it means that CPUs which we were >> previously implementing without TZ now boot up with TZ and in >> Secure mode; I think this is probably the right thing but we'll need >> to check that we don't break guests which were really expecting >> to run in NS. >> >> (Also I'm not sure what the semantics of -kernel should be for >> TZ-supporting CPUs -- boot the kernel in S or NS ?) > While Linux works in secure mode, non-secure hypervisor mode is required for > KVM to work in the guest. > > "[Entry] in HYP mode ... is the recommended boot method ...." > > http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/Documentation/arm/Booting#n183 > > Christopher >
AFAIK, in real hardware this switch to non-secure state is actually done by bootloader. Why don't implement this in Qemu bootloader stub so far? Regards, Sergey Fedorov.