Merge pull request #383 from vikramkanigiri/vk/tf-issues-314-v1
Ensure BL2 security state is secure
diff --git a/bl1/bl1_main.c b/bl1/bl1_main.c
index e322531..dad64e2 100644
--- a/bl1/bl1_main.c
+++ b/bl1/bl1_main.c
@@ -44,14 +44,16 @@
******************************************************************************/
static void __dead2 bl1_run_bl2(entry_point_info_t *bl2_ep)
{
+ /* Check bl2 security state is expected as secure */
+ assert(GET_SECURITY_STATE(bl2_ep->h.attr) == SECURE);
+ /* Check NS Bit is also set as secure */
+ assert(!(read_scr_el3() & SCR_NS_BIT));
+
bl1_arch_next_el_setup();
/* Tell next EL what we want done */
bl2_ep->args.arg0 = RUN_IMAGE;
- if (GET_SECURITY_STATE(bl2_ep->h.attr) == NON_SECURE)
- change_security_state(GET_SECURITY_STATE(bl2_ep->h.attr));
-
write_spsr_el3(bl2_ep->spsr);
write_elr_el3(bl2_ep->pc);
diff --git a/common/bl_common.c b/common/bl_common.c
index 3088cb0..73c615e 100644
--- a/common/bl_common.c
+++ b/common/bl_common.c
@@ -59,19 +59,6 @@
return (addr & (page_size - 1)) == 0;
}
-void change_security_state(unsigned int target_security_state)
-{
- unsigned long scr = read_scr();
-
- assert(sec_state_is_valid(target_security_state));
- if (target_security_state == SECURE)
- scr &= ~SCR_NS_BIT;
- else
- scr |= SCR_NS_BIT;
-
- write_scr(scr);
-}
-
/******************************************************************************
* Determine whether the memory region delimited by 'addr' and 'size' is free,
* given the extents of free memory.
diff --git a/include/common/bl_common.h b/include/common/bl_common.h
index 66244ca..164377f 100644
--- a/include/common/bl_common.h
+++ b/include/common/bl_common.h
@@ -234,7 +234,6 @@
* Function & variable prototypes
******************************************************************************/
unsigned long page_align(unsigned long, unsigned);
-void change_security_state(unsigned int);
unsigned long image_size(unsigned int image_id);
int load_image(meminfo_t *mem_layout,
unsigned int image_id,