Will Deacon writes ("Re: ARM processor mode, kernel startup, Hyp / secure state"):
From discussions that I've been having with the technical architects at ARM and various bootloader people, it looks like we have two scenarios [this is reiterating a lot of what you've said but I think it's important]:
Right.
After the system has taken care of whatever secure initialisation was required, it moves into HYP mode. At this point there are two things that can happen:
1.0: HYP mode boot loader (uboot, UEFI) runs and installs Linux at the same privilege level 1.1: Raw Linux boots, and detects HYP mode 1.2: Sets up basic init, with HVC trampoline for installing KVM/Xen later 1.3: Switch to SVC mode 1.4: Continue booting Linux as normal
Since we have discovered that this approach will work fine with existing kernels, even ones which are completely unaware of Hyp mode, I think this is the right approach. It can be implemented by boot loaders etc. right away.
Ian.