AArch32: Add `TRUSTED_BOARD_BOOT` support
This patch adds `TRUSTED_BOARD_BOOT` support for AArch32 mode.
To build this patch the "mbedtls/include/mbedtls/bignum.h"
needs to be modified to remove `#define MBEDTLS_HAVE_UDBL`
when `MBEDTLS_HAVE_INT32` is defined. This is a workaround
for "https://github.com/ARMmbed/mbedtls/issues/708"
NOTE: TBBR support on Juno AArch32 is not currently supported.
Change-Id: I86d80e30b9139adc4d9663f112801ece42deafcf
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
Co-Authored-By: Yatharth Kochar <yatharth.kochar@arm.com>
diff --git a/bl1/aarch32/bl1_entrypoint.S b/bl1/aarch32/bl1_entrypoint.S
index e3d915f..39ebcf7 100644
--- a/bl1/aarch32/bl1_entrypoint.S
+++ b/bl1/aarch32/bl1_entrypoint.S
@@ -71,9 +71,21 @@
*/
/*
- * MMU needs to be disabled because both BL1 and BL2 execute
+ * Get the smc_context for next BL image,
+ * program the gp/system registers and save it in `r4`.
+ */
+ bl smc_get_next_ctx
+ mov r4, r0
+
+ /* Only turn-off MMU if going to secure world */
+ ldr r5, [r4, #SMC_CTX_SCR]
+ tst r5, #SCR_NS_BIT
+ bne skip_mmu_off
+
+ /*
+ * MMU needs to be disabled because both BL1 and BL2/BL2U execute
* in PL1, and therefore share the same address space.
- * BL2 will initialize the address space according to its
+ * BL2/BL2U will initialize the address space according to its
* own requirement.
*/
bl disable_mmu_icache_secure
@@ -81,11 +93,8 @@
dsb sy
isb
- /*
- * Get the smc_context for next BL image,
- * program the gp/system registers and exit
- * secure monitor mode
- */
- bl smc_get_next_ctx
+skip_mmu_off:
+ /* Restore smc_context from `r4` and exit secure monitor mode. */
+ mov r0, r4
monitor_exit
endfunc bl1_entrypoint