1 /* 2 * Copyright (c) 2013-2026, Arm Limited and Contributors. All rights reserved. 3 * 4 * SPDX-License-Identifier: BSD-3-Clause 5 */ 6 7 #include <assert.h> 8 #include <string.h> 9 10 #include <arch.h> 11 #include <arch_features.h> 12 #include <arch_helpers.h> 13 #include <bl31/bl31.h> 14 #include <bl31/ehf.h> 15 #include <common/bl_common.h> 16 #include <common/build_message.h> 17 #include <common/debug.h> 18 #include <common/feat_detect.h> 19 #include <common/runtime_svc.h> 20 #include <drivers/arm/dsu.h> 21 #include <drivers/arm/gic.h> 22 #include <drivers/console.h> 23 #include <lib/bootmarker_capture.h> 24 #include <lib/el3_runtime/context_debug.h> 25 #include <lib/el3_runtime/context_mgmt.h> 26 #include <lib/extensions/pauth.h> 27 #include <lib/gpt_rme/gpt_rme.h> 28 #include <lib/pmf/pmf.h> 29 #include <lib/runtime_instr.h> 30 #include <lib/xlat_tables/xlat_mmu_helpers.h> 31 #include <plat/common/platform.h> 32 #include <services/std_svc.h> 33 34 #if ENABLE_RUNTIME_INSTRUMENTATION 35 PMF_REGISTER_SERVICE_SMC(rt_instr_svc, PMF_RT_INSTR_SVC_ID, 36 RT_INSTR_TOTAL_IDS, PMF_STORE_ENABLE) 37 #endif 38 39 #if ENABLE_RUNTIME_INSTRUMENTATION 40 PMF_REGISTER_SERVICE(bl_svc, PMF_RT_INSTR_SVC_ID, 41 BL_TOTAL_IDS, PMF_DUMP_ENABLE) 42 #endif 43 44 /******************************************************************************* 45 * This function pointer is used to initialise the BL32 image. It's initialized 46 * by SPD calling bl31_register_bl32_init after setting up all things necessary 47 * for SP execution. In cases where both SPD and SP are absent, or when SPD 48 * finds it impossible to execute SP, this pointer is left as NULL 49 ******************************************************************************/ 50 static int32_t (*bl32_init)(void); 51 52 /***************************************************************************** 53 * Function used to initialise RMM if RME is enabled 54 *****************************************************************************/ 55 #if ENABLE_RME 56 static int32_t (*rmm_init)(void); 57 #endif 58 59 /******************************************************************************* 60 * Variable to indicate whether next image to execute after BL31 is BL33 61 * (non-secure & default) or BL32 (secure). 62 ******************************************************************************/ 63 static uint32_t next_image_type = (uint32_t)NON_SECURE; 64 65 #ifdef SUPPORT_UNKNOWN_MPID 66 /* 67 * Flag to know whether an unsupported MPID has been detected. To avoid having it 68 * landing on the .bss section, it is initialized to a non-zero value, this way 69 * we avoid potential WAW hazards during system bring up. 70 * */ 71 volatile uint32_t unsupported_mpid_flag = 1; 72 #endif 73 74 /* 75 * Implement the ARM Standard Service function to get arguments for a 76 * particular service. 77 */ 78 uintptr_t get_arm_std_svc_args(unsigned int svc_mask) 79 { 80 /* Setup the arguments for PSCI Library */ 81 DEFINE_STATIC_PSCI_LIB_ARGS_V1(psci_args, bl31_warm_entrypoint); 82 83 /* PSCI is the only ARM Standard Service implemented */ 84 assert(svc_mask == PSCI_FID_MASK); 85 86 return (uintptr_t)&psci_args; 87 } 88 89 /******************************************************************************* 90 * Simple function to initialise all BL31 helper libraries. 91 ******************************************************************************/ 92 static void __init bl31_lib_init(void) 93 { 94 cm_init(); 95 } 96 97 /******************************************************************************* 98 * BL31 is responsible for setting up the runtime services for the primary cpu 99 * before passing control to the bootloader or an Operating System. This 100 * function calls runtime_svc_init() which initializes all registered runtime 101 * services. The run time services would setup enough context for the core to 102 * switch to the next exception level. When this function returns, the core will 103 * switch to the programmed exception level via an ERET. 104 ******************************************************************************/ 105 void __no_pauth bl31_main(u_register_t arg0, u_register_t arg1, u_register_t arg2, 106 u_register_t arg3) 107 { 108 unsigned int core_pos = plat_my_core_pos(); 109 110 /* Enable early console if EARLY_CONSOLE flag is enabled */ 111 plat_setup_early_console(); 112 113 /* Perform early platform-specific setup */ 114 bl31_early_platform_setup2(arg0, arg1, arg2, arg3); 115 116 /* Perform late platform-specific setup */ 117 bl31_plat_arch_setup(); 118 119 #if FEATURE_DETECTION 120 /* Detect if features enabled during compilation are supported by PE. */ 121 detect_arch_features(core_pos); 122 #endif /* FEATURE_DETECTION */ 123 124 /* Prints context_memory allocated for all the security states */ 125 report_ctx_memory_usage(); 126 127 /* Init registers that never change for the lifetime of the core. */ 128 cm_manage_extensions_el3(core_pos); 129 130 /* Init per-world context registers */ 131 cm_manage_extensions_per_world(); 132 133 NOTICE("BL31: %s\n", build_version_string); 134 NOTICE("BL31: %s\n", build_message); 135 136 #if ENABLE_RUNTIME_INSTRUMENTATION 137 PMF_CAPTURE_TIMESTAMP(bl_svc, BL31_ENTRY, PMF_CACHE_MAINT); 138 #endif 139 140 #ifdef SUPPORT_UNKNOWN_MPID 141 if (unsupported_mpid_flag == 0) { 142 NOTICE("Unsupported MPID detected!\n"); 143 } 144 #endif 145 146 #if USE_GIC_DRIVER 147 /* 148 * Initialize the GIC driver and this core's GIC interface before fully 149 * setting up the platform. This allows early platform setup to 150 * configure interrupts. 151 */ 152 gic_init(core_pos); 153 gic_pcpu_init(core_pos); 154 gic_cpuif_enable(core_pos); 155 #endif /* USE_GIC_DRIVER */ 156 157 /* Perform platform setup in BL31 */ 158 bl31_platform_setup(); 159 160 #if USE_DSU_DRIVER 161 dsu_driver_init(&plat_dsu_data); 162 #endif 163 164 /* Initialise helper libraries */ 165 bl31_lib_init(); 166 167 #if EL3_EXCEPTION_HANDLING 168 INFO("BL31: Initialising Exception Handling Framework\n"); 169 ehf_init(); 170 #endif 171 172 /* Initialize the runtime services e.g. psci. */ 173 INFO("BL31: Initializing runtime services\n"); 174 runtime_svc_init(); 175 176 /* 177 * All the cold boot actions on the primary cpu are done. We now need to 178 * decide which is the next image and how to execute it. 179 * If the SPD runtime service is present, it would want to pass control 180 * to BL32 first in S-EL1. In that case, SPD would have registered a 181 * function to initialize bl32 where it takes responsibility of entering 182 * S-EL1 and returning control back to bl31_main. Similarly, if RME is 183 * enabled and a function is registered to initialize RMM, control is 184 * transferred to RMM in R-EL2. After RMM initialization, control is 185 * returned back to bl31_main. Once this is done we can prepare entry 186 * into BL33 as normal. 187 */ 188 189 /* 190 * If SPD had registered an init hook, invoke it. 191 */ 192 if (bl32_init != NULL) { 193 INFO("BL31: Initializing BL32\n"); 194 195 console_flush(); 196 int32_t rc = (*bl32_init)(); 197 198 if (rc == 0) { 199 WARN("BL31: BL32 initialization failed\n"); 200 } 201 } 202 203 /* 204 * If RME is enabled and init hook is registered, initialize RMM 205 * in R-EL2. 206 */ 207 #if ENABLE_RME 208 if (rmm_init != NULL) { 209 INFO("BL31: Initializing RMM\n"); 210 211 console_flush(); 212 int32_t rc = (*rmm_init)(); 213 214 if (rc == 0) { 215 WARN("BL31: RMM initialization failed\n"); 216 } 217 } 218 #endif 219 220 /* 221 * We are ready to enter the next EL. Prepare entry into the image 222 * corresponding to the desired security state after the next ERET. 223 */ 224 bl31_prepare_next_image_entry(); 225 226 /* 227 * Perform any platform specific runtime setup prior to cold boot exit 228 * from BL31 229 */ 230 bl31_plat_runtime_setup(); 231 232 #if ENABLE_RUNTIME_INSTRUMENTATION 233 console_flush(); 234 PMF_CAPTURE_TIMESTAMP(bl_svc, BL31_EXIT, PMF_CACHE_MAINT); 235 #endif 236 237 console_flush(); 238 console_switch_state(CONSOLE_FLAG_RUNTIME); 239 } 240 241 void __no_pauth bl31_warmboot(void) 242 { 243 unsigned int core_pos = plat_my_core_pos(); 244 245 #if FEATURE_DETECTION 246 /* Detect if features enabled during compilation are supported by PE. */ 247 detect_arch_features(core_pos); 248 #endif /* FEATURE_DETECTION */ 249 250 /* Init registers that never change for the lifetime of the core. */ 251 cm_manage_extensions_el3(core_pos); 252 253 #if ENABLE_RME 254 /* 255 * At warm boot GPT data structures have already been initialized in RAM 256 * but the sysregs for this CPU need to be initialized. Note that the GPT 257 * accesses are controlled attributes in GPCCR and do not depend on the 258 * SCR_EL3.C bit. 259 */ 260 if (gpt_enable() != 0) { 261 panic(); 262 } 263 #endif 264 265 /* Enable DSU driver for each booting core */ 266 #if USE_DSU_DRIVER 267 dsu_driver_init(&plat_dsu_data); 268 #endif 269 270 psci_warmboot_entrypoint(core_pos); 271 } 272 273 /******************************************************************************* 274 * Accessor functions to help runtime services decide which image should be 275 * executed after BL31. This is BL33 or the non-secure bootloader image by 276 * default but the Secure payload dispatcher could override this by requesting 277 * an entry into BL32 (Secure payload) first. If it does so then it should use 278 * the same API to program an entry into BL33 once BL32 initialisation is 279 * complete. 280 ******************************************************************************/ 281 void bl31_set_next_image_type(uint32_t security_state) 282 { 283 assert(sec_state_is_valid(security_state)); 284 next_image_type = security_state; 285 } 286 287 static uint32_t bl31_get_next_image_type(void) 288 { 289 return next_image_type; 290 } 291 292 /******************************************************************************* 293 * This function programs EL3 registers and performs other setup to enable entry 294 * into the next image after BL31 at the next ERET. 295 ******************************************************************************/ 296 void __init bl31_prepare_next_image_entry(void) 297 { 298 const entry_point_info_t *next_image_info; 299 uint32_t image_type; 300 301 #if CTX_INCLUDE_AARCH32_REGS 302 /* 303 * Ensure that the build flag to save AArch32 system registers in CPU 304 * context is not set for AArch64-only platforms. 305 */ 306 if (el_implemented(1) == EL_IMPL_A64ONLY) { 307 ERROR("EL1 supports AArch64-only. Please set build flag " 308 "CTX_INCLUDE_AARCH32_REGS = 0\n"); 309 panic(); 310 } 311 #endif 312 313 /* Determine which image to execute next */ 314 image_type = bl31_get_next_image_type(); 315 316 /* Program EL3 registers to enable entry into the next EL */ 317 next_image_info = bl31_plat_get_next_image_ep_info(image_type); 318 assert(next_image_info != NULL); 319 assert(image_type == GET_SECURITY_STATE(next_image_info->h.attr)); 320 321 INFO("BL31: Preparing for EL3 exit to %s world\n", 322 (image_type == SECURE) ? "secure" : "normal"); 323 print_entry_point_info(next_image_info); 324 cm_init_my_context(next_image_info); 325 326 /* 327 * If we are entering the Non-secure world, use 328 * 'cm_prepare_el3_exit_ns' to exit. 329 */ 330 if (image_type == NON_SECURE) { 331 cm_prepare_el3_exit_ns(); 332 } else { 333 cm_prepare_el3_exit(image_type); 334 } 335 } 336 337 /******************************************************************************* 338 * This function initializes the pointer to BL32 init function. This is expected 339 * to be called by the SPD after it finishes all its initialization 340 ******************************************************************************/ 341 void bl31_register_bl32_init(int32_t (*func)(void)) 342 { 343 bl32_init = func; 344 } 345 346 #if ENABLE_RME 347 /******************************************************************************* 348 * This function initializes the pointer to RMM init function. This is expected 349 * to be called by the RMMD after it finishes all its initialization 350 ******************************************************************************/ 351 void bl31_register_rmm_init(int32_t (*func)(void)) 352 { 353 rmm_init = func; 354 } 355 #endif 356