xref: /rk3399_ARM-atf/bl31/aarch64/ea_delegate.S (revision f906a44e9ea9ccefaab2a9d40bb2cb3f354609c8) 
1/*
2 * Copyright (c) 2018-2019, ARM Limited and Contributors. All rights reserved.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 */
6
7
8#include <assert_macros.S>
9#include <asm_macros.S>
10#include <assert_macros.S>
11#include <bl31/ea_handle.h>
12#include <context.h>
13#include <lib/extensions/ras_arch.h>
14
15
16	.globl	handle_lower_el_ea_esb
17	.globl	enter_lower_el_sync_ea
18	.globl	enter_lower_el_async_ea
19
20
21/*
22 * Function to delegate External Aborts synchronized by ESB instruction at EL3
23 * vector entry. This function assumes GP registers x0-x29 have been saved, and
24 * are available for use. It delegates the handling of the EA to platform
25 * handler, and returns only upon successfully handling the EA; otherwise
26 * panics. On return from this function, the original exception handler is
27 * expected to resume.
28 */
29func handle_lower_el_ea_esb
30	mov	x0, #ERROR_EA_ESB
31	mrs	x1, DISR_EL1
32	b	ea_proceed
33endfunc handle_lower_el_ea_esb
34
35
36/*
37 * This function forms the tail end of Synchronous Exception entry from lower
38 * EL, and expects to handle only Synchronous External Aborts from lower EL. If
39 * any other kind of exception is detected, then this function reports unhandled
40 * exception.
41 *
42 * Since it's part of exception vector, this function doesn't expect any GP
43 * registers to have been saved. It delegates the handling of the EA to platform
44 * handler, and upon successfully handling the EA, exits EL3; otherwise panics.
45 */
46func enter_lower_el_sync_ea
47	/*
48	 * Explicitly save x30 so as to free up a register and to enable
49	 * branching.
50	 */
51	str	x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR]
52
53	mrs	x30, esr_el3
54	ubfx	x30, x30, #ESR_EC_SHIFT, #ESR_EC_LENGTH
55
56	/* Check for I/D aborts from lower EL */
57	cmp	x30, #EC_IABORT_LOWER_EL
58	b.eq	1f
59
60	cmp	x30, #EC_DABORT_LOWER_EL
61	b.ne	2f
62
631:
64	/* Test for EA bit in the instruction syndrome */
65	mrs	x30, esr_el3
66	tbz	x30, #ESR_ISS_EABORT_EA_BIT, 2f
67
68	/* Save GP registers */
69	bl	save_gp_registers
70
71	/*
72	 * If Secure Cycle Counter is not disabled in MDCR_EL3
73	 * when ARMv8.5-PMU is implemented, save PMCR_EL0 and
74	 * disable all event counters and cycle counter.
75	 */
76	bl	save_pmcr_disable_pmu
77
78	/* Save ARMv8.3-PAuth registers and load firmware key */
79#if CTX_INCLUDE_PAUTH_REGS
80	bl	pauth_context_save
81#endif
82#if ENABLE_PAUTH
83	bl	pauth_load_bl_apiakey
84#endif
85
86	/* Setup exception class and syndrome arguments for platform handler */
87	mov	x0, #ERROR_EA_SYNC
88	mrs	x1, esr_el3
89	adr	x30, el3_exit
90	b	delegate_sync_ea
91
922:
93	/* Synchronous exceptions other than the above are assumed to be EA */
94	ldr	x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR]
95	no_ret	report_unhandled_exception
96endfunc enter_lower_el_sync_ea
97
98
99/*
100 * This function handles SErrors from lower ELs.
101 *
102 * Since it's part of exception vector, this function doesn't expect any GP
103 * registers to have been saved. It delegates the handling of the EA to platform
104 * handler, and upon successfully handling the EA, exits EL3; otherwise panics.
105 */
106func enter_lower_el_async_ea
107	/*
108	 * Explicitly save x30 so as to free up a register and to enable
109	 * branching
110	 */
111	str	x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR]
112
113	/* Save GP registers */
114	bl	save_gp_registers
115
116	/*
117	 * If Secure Cycle Counter is not disabled in MDCR_EL3
118	 * when ARMv8.5-PMU is implemented, save PMCR_EL0 and
119	 * disable all event counters and cycle counter.
120	 */
121	bl	save_pmcr_disable_pmu
122
123	/* Save ARMv8.3-PAuth registers and load firmware key */
124#if CTX_INCLUDE_PAUTH_REGS
125	bl	pauth_context_save
126#endif
127#if ENABLE_PAUTH
128	bl	pauth_load_bl_apiakey
129#endif
130
131	/* Setup exception class and syndrome arguments for platform handler */
132	mov	x0, #ERROR_EA_ASYNC
133	mrs	x1, esr_el3
134	adr	x30, el3_exit
135	b	delegate_async_ea
136endfunc enter_lower_el_async_ea
137
138
139/*
140 * Prelude for Synchronous External Abort handling. This function assumes that
141 * all GP registers have been saved by the caller.
142 *
143 * x0: EA reason
144 * x1: EA syndrome
145 */
146func delegate_sync_ea
147#if RAS_EXTENSION
148	/*
149	 * Check for Uncontainable error type. If so, route to the platform
150	 * fatal error handler rather than the generic EA one.
151	 */
152	ubfx    x2, x1, #EABORT_SET_SHIFT, #EABORT_SET_WIDTH
153	cmp     x2, #ERROR_STATUS_SET_UC
154	b.ne    1f
155
156	/* Check fault status code */
157	ubfx    x3, x1, #EABORT_DFSC_SHIFT, #EABORT_DFSC_WIDTH
158	cmp     x3, #SYNC_EA_FSC
159	b.ne    1f
160
161	no_ret  plat_handle_uncontainable_ea
1621:
163#endif
164
165	b       ea_proceed
166endfunc delegate_sync_ea
167
168
169/*
170 * Prelude for Asynchronous External Abort handling. This function assumes that
171 * all GP registers have been saved by the caller.
172 *
173 * x0: EA reason
174 * x1: EA syndrome
175 */
176func delegate_async_ea
177#if RAS_EXTENSION
178	/*
179	 * Check for Implementation Defined Syndrome. If so, skip checking
180	 * Uncontainable error type from the syndrome as the format is unknown.
181	 */
182	tbnz	x1, #SERROR_IDS_BIT, 1f
183
184	/*
185	 * Check for Uncontainable error type. If so, route to the platform
186	 * fatal error handler rather than the generic EA one.
187	 */
188	ubfx	x2, x1, #EABORT_AET_SHIFT, #EABORT_AET_WIDTH
189	cmp	x2, #ERROR_STATUS_UET_UC
190	b.ne	1f
191
192	/* Check DFSC for SError type */
193	ubfx	x3, x1, #EABORT_DFSC_SHIFT, #EABORT_DFSC_WIDTH
194	cmp	x3, #DFSC_SERROR
195	b.ne	1f
196
197	no_ret	plat_handle_uncontainable_ea
1981:
199#endif
200
201	b	ea_proceed
202endfunc delegate_async_ea
203
204
205/*
206 * Delegate External Abort handling to platform's EA handler. This function
207 * assumes that all GP registers have been saved by the caller.
208 *
209 * x0: EA reason
210 * x1: EA syndrome
211 */
212func ea_proceed
213	/*
214	 * If the ESR loaded earlier is not zero, we were processing an EA
215	 * already, and this is a double fault.
216	 */
217	ldr	x5, [sp, #CTX_EL3STATE_OFFSET + CTX_ESR_EL3]
218	cbz	x5, 1f
219	no_ret	plat_handle_double_fault
220
2211:
222	/* Save EL3 state */
223	mrs	x2, spsr_el3
224	mrs	x3, elr_el3
225	stp	x2, x3, [sp, #CTX_EL3STATE_OFFSET + CTX_SPSR_EL3]
226
227	/*
228	 * Save ESR as handling might involve lower ELs, and returning back to
229	 * EL3 from there would trample the original ESR.
230	 */
231	mrs	x4, scr_el3
232	mrs	x5, esr_el3
233	stp	x4, x5, [sp, #CTX_EL3STATE_OFFSET + CTX_SCR_EL3]
234
235	/*
236	 * Setup rest of arguments, and call platform External Abort handler.
237	 *
238	 * x0: EA reason (already in place)
239	 * x1: Exception syndrome (already in place).
240	 * x2: Cookie (unused for now).
241	 * x3: Context pointer.
242	 * x4: Flags (security state from SCR for now).
243	 */
244	mov	x2, xzr
245	mov	x3, sp
246	ubfx	x4, x4, #0, #1
247
248	/* Switch to runtime stack */
249	ldr	x5, [sp, #CTX_EL3STATE_OFFSET + CTX_RUNTIME_SP]
250	msr	spsel, #0
251	mov	sp, x5
252
253	mov	x29, x30
254#if ENABLE_ASSERTIONS
255	/* Stash the stack pointer */
256	mov	x28, sp
257#endif
258	bl	plat_ea_handler
259
260#if ENABLE_ASSERTIONS
261	/*
262	 * Error handling flows might involve long jumps; so upon returning from
263	 * the platform error handler, validate that the we've completely
264	 * unwound the stack.
265	 */
266	mov	x27, sp
267	cmp	x28, x27
268	ASM_ASSERT(eq)
269#endif
270
271	/* Make SP point to context */
272	msr	spsel, #1
273
274	/* Restore EL3 state and ESR */
275	ldp	x1, x2, [sp, #CTX_EL3STATE_OFFSET + CTX_SPSR_EL3]
276	msr	spsr_el3, x1
277	msr	elr_el3, x2
278
279	/* Restore ESR_EL3 and SCR_EL3 */
280	ldp	x3, x4, [sp, #CTX_EL3STATE_OFFSET + CTX_SCR_EL3]
281	msr	scr_el3, x3
282	msr	esr_el3, x4
283
284#if ENABLE_ASSERTIONS
285	cmp	x4, xzr
286	ASM_ASSERT(ne)
287#endif
288
289	/* Clear ESR storage */
290	str	xzr, [sp, #CTX_EL3STATE_OFFSET + CTX_ESR_EL3]
291
292	ret	x29
293endfunc ea_proceed
294