1 /*
2 * Copyright (c) 2013-2026, Arm Limited and Contributors. All rights reserved.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 */
6
7 #include <assert.h>
8
9 #include <arch.h>
10 #include <arch_helpers.h>
11 #include <arch_features.h>
12 #include <bl1/bl1.h>
13 #include <bl2/bl2.h>
14 #include <common/bl_common.h>
15 #include <common/build_message.h>
16 #include <common/debug.h>
17 #include <drivers/auth/auth_mod.h>
18 #include <drivers/auth/crypto_mod.h>
19 #include <drivers/console.h>
20 #include <drivers/fwu/fwu.h>
21 #include <lib/bootmarker_capture.h>
22 #include <lib/extensions/pauth.h>
23 #include <lib/pmf/pmf.h>
24 #include <plat/common/platform.h>
25
26 #include "bl2_private.h"
27
28 #ifdef __aarch64__
29 #define NEXT_IMAGE "BL31"
30 #else
31 #define NEXT_IMAGE "BL32"
32 #endif
33
34 #if ENABLE_RUNTIME_INSTRUMENTATION
35 PMF_REGISTER_SERVICE(bl_svc, PMF_RT_INSTR_SVC_ID,
36 BL_TOTAL_IDS, PMF_DUMP_ENABLE);
37 #endif
38
39 /*******************************************************************************
40 * The only thing to do in BL2 is to load further images and pass control to
41 * next BL. The memory occupied by BL2 will be reclaimed by BL3x stages.
42 ******************************************************************************/
bl2_main(u_register_t arg0,u_register_t arg1,u_register_t arg2,u_register_t arg3)43 void __no_pauth bl2_main(u_register_t arg0, u_register_t arg1, u_register_t arg2,
44 u_register_t arg3)
45 {
46 entry_point_info_t *next_bl_ep_info;
47
48 /* Enable early console if EARLY_CONSOLE flag is enabled */
49 plat_setup_early_console();
50
51 /* Perform early platform-specific setup */
52 bl2_early_platform_setup2(arg0, arg1, arg2, arg3);
53
54 /* Perform remaining generic architectural setup */
55 bl2_arch_setup();
56
57 /* Perform late platform-specific setup */
58 bl2_plat_arch_setup();
59
60 if (is_feat_pauth_supported()) {
61 #if BL2_RUNS_AT_EL3
62 pauth_init_enable_el3();
63 #else
64 pauth_init_enable_el1();
65 #endif
66 }
67
68 #if ENABLE_RUNTIME_INSTRUMENTATION
69 PMF_CAPTURE_TIMESTAMP(bl_svc, BL2_ENTRY, PMF_CACHE_MAINT);
70 #endif
71
72 NOTICE("BL2: %s\n", build_version_string);
73 NOTICE("BL2: %s\n", build_message);
74
75 #if PSA_FWU_SUPPORT
76 fwu_init();
77 #endif /* PSA_FWU_SUPPORT */
78
79 crypto_mod_init();
80
81 /* Initialize authentication module */
82 auth_mod_init();
83
84 /* Initialize the Measured Boot backend */
85 bl2_plat_mboot_init();
86
87 /* Initialize boot source */
88 bl2_plat_preload_setup();
89
90 #if ENABLE_RUNTIME_INSTRUMENTATION
91 PMF_CAPTURE_TIMESTAMP(bl_svc, BL2_AUTH_START, PMF_CACHE_MAINT);
92 #endif
93
94 if (is_feat_crypto_supported()) {
95 #if BL2_RUNS_AT_EL3
96 disable_fpregs_traps_el3();
97 #endif
98 }
99
100 /* Load the subsequent bootloader images. */
101 next_bl_ep_info = bl2_load_images();
102
103 if (is_feat_crypto_supported()) {
104 #if BL2_RUNS_AT_EL3
105 enable_fpregs_traps_el3();
106 #endif
107 }
108
109 #if ENABLE_RUNTIME_INSTRUMENTATION
110 PMF_CAPTURE_TIMESTAMP(bl_svc, BL2_AUTH_END, PMF_CACHE_MAINT);
111 #endif
112
113
114 /* Teardown the Measured Boot backend */
115 bl2_plat_mboot_finish();
116
117 crypto_mod_finish();
118
119 #if !BL2_RUNS_AT_EL3
120 #ifndef __aarch64__
121 /*
122 * For AArch32 state BL1 and BL2 share the MMU setup.
123 * Given that BL2 does not map BL1 regions, MMU needs
124 * to be disabled in order to go back to BL1.
125 */
126 disable_mmu_icache_secure();
127 #endif /* !__aarch64__ */
128
129 /*
130 * Disable pointer authentication before running next boot image
131 */
132 if (is_feat_pauth_supported()) {
133 pauth_disable_el1();
134 }
135
136 #if ENABLE_RUNTIME_INSTRUMENTATION
137 PMF_CAPTURE_TIMESTAMP(bl_svc, BL2_EXIT, PMF_CACHE_MAINT);
138 #endif
139
140 console_flush();
141
142 /*
143 * Run next BL image via an SMC to BL1. Information on how to pass
144 * control to the BL32 (if present) and BL33 software images will
145 * be passed to next BL image as an argument.
146 */
147 smc(BL1_SMC_RUN_IMAGE, (unsigned long)next_bl_ep_info, 0, 0, 0, 0, 0, 0);
148 #else /* if BL2_RUNS_AT_EL3 */
149
150 NOTICE("BL2: Booting " NEXT_IMAGE "\n");
151 print_entry_point_info(next_bl_ep_info);
152 #if ENABLE_RUNTIME_INSTRUMENTATION
153 PMF_CAPTURE_TIMESTAMP(bl_svc, BL2_EXIT, PMF_CACHE_MAINT);
154 #endif
155 console_flush();
156
157 /*
158 * Disable pointer authentication before running next boot image
159 */
160 if (is_feat_pauth_supported()) {
161 pauth_disable_el3();
162 }
163
164 bl2_run_next_image(next_bl_ep_info);
165 #endif /* BL2_RUNS_AT_EL3 */
166 }
167