1 /* 2 * Copyright (c) 2013-2024, Arm Limited and Contributors. All rights reserved. 3 * Copyright (c) 2022, NVIDIA Corporation. All rights reserved. 4 * 5 * SPDX-License-Identifier: BSD-3-Clause 6 */ 7 8 #include <assert.h> 9 #include <stdbool.h> 10 #include <string.h> 11 12 #include <platform_def.h> 13 14 #include <arch.h> 15 #include <arch_helpers.h> 16 #include <arch_features.h> 17 #include <bl31/interrupt_mgmt.h> 18 #include <common/bl_common.h> 19 #include <common/debug.h> 20 #include <context.h> 21 #include <drivers/arm/gicv3.h> 22 #include <lib/cpus/cpu_ops.h> 23 #include <lib/cpus/errata.h> 24 #include <lib/el3_runtime/context_mgmt.h> 25 #include <lib/el3_runtime/cpu_data.h> 26 #include <lib/el3_runtime/pubsub_events.h> 27 #include <lib/extensions/amu.h> 28 #include <lib/extensions/brbe.h> 29 #include <lib/extensions/debug_v8p9.h> 30 #include <lib/extensions/fgt2.h> 31 #include <lib/extensions/mpam.h> 32 #include <lib/extensions/pmuv3.h> 33 #include <lib/extensions/sme.h> 34 #include <lib/extensions/spe.h> 35 #include <lib/extensions/sve.h> 36 #include <lib/extensions/sys_reg_trace.h> 37 #include <lib/extensions/trbe.h> 38 #include <lib/extensions/trf.h> 39 #include <lib/utils.h> 40 41 #if ENABLE_FEAT_TWED 42 /* Make sure delay value fits within the range(0-15) */ 43 CASSERT(((TWED_DELAY & ~SCR_TWEDEL_MASK) == 0U), assert_twed_delay_value_check); 44 #endif /* ENABLE_FEAT_TWED */ 45 46 per_world_context_t per_world_context[CPU_DATA_CONTEXT_NUM]; 47 static bool has_secure_perworld_init; 48 49 static void manage_extensions_common(cpu_context_t *ctx); 50 static void manage_extensions_nonsecure(cpu_context_t *ctx); 51 static void manage_extensions_secure(cpu_context_t *ctx); 52 static void manage_extensions_secure_per_world(void); 53 54 static void setup_el1_context(cpu_context_t *ctx, const struct entry_point_info *ep) 55 { 56 u_register_t sctlr_elx, actlr_elx; 57 58 /* 59 * Initialise SCTLR_EL1 to the reset value corresponding to the target 60 * execution state setting all fields rather than relying on the hw. 61 * Some fields have architecturally UNKNOWN reset values and these are 62 * set to zero. 63 * 64 * SCTLR.EE: Endianness is taken from the entrypoint attributes. 65 * 66 * SCTLR.M, SCTLR.C and SCTLR.I: These fields must be zero (as 67 * required by PSCI specification) 68 */ 69 sctlr_elx = (EP_GET_EE(ep->h.attr) != 0U) ? SCTLR_EE_BIT : 0UL; 70 if (GET_RW(ep->spsr) == MODE_RW_64) { 71 sctlr_elx |= SCTLR_EL1_RES1; 72 } else { 73 /* 74 * If the target execution state is AArch32 then the following 75 * fields need to be set. 76 * 77 * SCTRL_EL1.nTWE: Set to one so that EL0 execution of WFE 78 * instructions are not trapped to EL1. 79 * 80 * SCTLR_EL1.nTWI: Set to one so that EL0 execution of WFI 81 * instructions are not trapped to EL1. 82 * 83 * SCTLR_EL1.CP15BEN: Set to one to enable EL0 execution of the 84 * CP15DMB, CP15DSB, and CP15ISB instructions. 85 */ 86 sctlr_elx |= SCTLR_AARCH32_EL1_RES1 | SCTLR_CP15BEN_BIT 87 | SCTLR_NTWI_BIT | SCTLR_NTWE_BIT; 88 } 89 90 #if ERRATA_A75_764081 91 /* 92 * If workaround of errata 764081 for Cortex-A75 is used then set 93 * SCTLR_EL1.IESB to enable Implicit Error Synchronization Barrier. 94 */ 95 sctlr_elx |= SCTLR_IESB_BIT; 96 #endif 97 98 /* Store the initialised SCTLR_EL1 value in the cpu_context */ 99 #if (ERRATA_SPECULATIVE_AT) 100 write_ctx_reg(get_errata_speculative_at_ctx(ctx), CTX_ERRATA_SPEC_AT_SCTLR_EL1, sctlr_elx); 101 #else 102 write_el1_ctx_common(get_el1_sysregs_ctx(ctx), sctlr_el1, sctlr_elx); 103 #endif /* ERRATA_SPECULATIVE_AT */ 104 105 /* 106 * Base the context ACTLR_EL1 on the current value, as it is 107 * implementation defined. The context restore process will write 108 * the value from the context to the actual register and can cause 109 * problems for processor cores that don't expect certain bits to 110 * be zero. 111 */ 112 actlr_elx = read_actlr_el1(); 113 write_el1_ctx_common(get_el1_sysregs_ctx(ctx), actlr_el1, actlr_elx); 114 } 115 116 /****************************************************************************** 117 * This function performs initializations that are specific to SECURE state 118 * and updates the cpu context specified by 'ctx'. 119 *****************************************************************************/ 120 static void setup_secure_context(cpu_context_t *ctx, const struct entry_point_info *ep) 121 { 122 u_register_t scr_el3; 123 el3_state_t *state; 124 125 state = get_el3state_ctx(ctx); 126 scr_el3 = read_ctx_reg(state, CTX_SCR_EL3); 127 128 #if defined(IMAGE_BL31) && !defined(SPD_spmd) 129 /* 130 * SCR_EL3.IRQ, SCR_EL3.FIQ: Enable the physical FIQ and IRQ routing as 131 * indicated by the interrupt routing model for BL31. 132 */ 133 scr_el3 |= get_scr_el3_from_routing_model(SECURE); 134 #endif 135 136 /* Allow access to Allocation Tags when FEAT_MTE2 is implemented and enabled. */ 137 if (is_feat_mte2_supported()) { 138 scr_el3 |= SCR_ATA_BIT; 139 } 140 141 write_ctx_reg(state, CTX_SCR_EL3, scr_el3); 142 143 /* 144 * Initialize EL1 context registers unless SPMC is running 145 * at S-EL2. 146 */ 147 #if !SPMD_SPM_AT_SEL2 148 setup_el1_context(ctx, ep); 149 #endif 150 151 manage_extensions_secure(ctx); 152 153 /** 154 * manage_extensions_secure_per_world api has to be executed once, 155 * as the registers getting initialised, maintain constant value across 156 * all the cpus for the secure world. 157 * Henceforth, this check ensures that the registers are initialised once 158 * and avoids re-initialization from multiple cores. 159 */ 160 if (!has_secure_perworld_init) { 161 manage_extensions_secure_per_world(); 162 } 163 164 } 165 166 #if ENABLE_RME 167 /****************************************************************************** 168 * This function performs initializations that are specific to REALM state 169 * and updates the cpu context specified by 'ctx'. 170 *****************************************************************************/ 171 static void setup_realm_context(cpu_context_t *ctx, const struct entry_point_info *ep) 172 { 173 u_register_t scr_el3; 174 el3_state_t *state; 175 176 state = get_el3state_ctx(ctx); 177 scr_el3 = read_ctx_reg(state, CTX_SCR_EL3); 178 179 scr_el3 |= SCR_NS_BIT | SCR_NSE_BIT; 180 181 /* CSV2 version 2 and above */ 182 if (is_feat_csv2_2_supported()) { 183 /* Enable access to the SCXTNUM_ELx registers. */ 184 scr_el3 |= SCR_EnSCXT_BIT; 185 } 186 187 write_ctx_reg(state, CTX_SCR_EL3, scr_el3); 188 } 189 #endif /* ENABLE_RME */ 190 191 /****************************************************************************** 192 * This function performs initializations that are specific to NON-SECURE state 193 * and updates the cpu context specified by 'ctx'. 194 *****************************************************************************/ 195 static void setup_ns_context(cpu_context_t *ctx, const struct entry_point_info *ep) 196 { 197 u_register_t scr_el3; 198 el3_state_t *state; 199 200 state = get_el3state_ctx(ctx); 201 scr_el3 = read_ctx_reg(state, CTX_SCR_EL3); 202 203 /* SCR_NS: Set the NS bit */ 204 scr_el3 |= SCR_NS_BIT; 205 206 /* Allow access to Allocation Tags when FEAT_MTE2 is implemented and enabled. */ 207 if (is_feat_mte2_supported()) { 208 scr_el3 |= SCR_ATA_BIT; 209 } 210 211 #if !CTX_INCLUDE_PAUTH_REGS 212 /* 213 * Pointer Authentication feature, if present, is always enabled by default 214 * for Non secure lower exception levels. We do not have an explicit 215 * flag to set it. 216 * CTX_INCLUDE_PAUTH_REGS flag, is explicitly used to enable for lower 217 * exception levels of secure and realm worlds. 218 * 219 * To prevent the leakage between the worlds during world switch, 220 * we enable it only for the non-secure world. 221 * 222 * If the Secure/realm world wants to use pointer authentication, 223 * CTX_INCLUDE_PAUTH_REGS must be explicitly set to 1, in which case 224 * it will be enabled globally for all the contexts. 225 * 226 * SCR_EL3.API: Set to one to not trap any PAuth instructions at ELs 227 * other than EL3 228 * 229 * SCR_EL3.APK: Set to one to not trap any PAuth key values at ELs other 230 * than EL3 231 */ 232 scr_el3 |= SCR_API_BIT | SCR_APK_BIT; 233 234 #endif /* CTX_INCLUDE_PAUTH_REGS */ 235 236 #if HANDLE_EA_EL3_FIRST_NS 237 /* SCR_EL3.EA: Route External Abort and SError Interrupt to EL3. */ 238 scr_el3 |= SCR_EA_BIT; 239 #endif 240 241 #if RAS_TRAP_NS_ERR_REC_ACCESS 242 /* 243 * SCR_EL3.TERR: Trap Error record accesses. Accesses to the RAS ERR 244 * and RAS ERX registers from EL1 and EL2(from any security state) 245 * are trapped to EL3. 246 * Set here to trap only for NS EL1/EL2 247 * 248 */ 249 scr_el3 |= SCR_TERR_BIT; 250 #endif 251 252 /* CSV2 version 2 and above */ 253 if (is_feat_csv2_2_supported()) { 254 /* Enable access to the SCXTNUM_ELx registers. */ 255 scr_el3 |= SCR_EnSCXT_BIT; 256 } 257 258 #ifdef IMAGE_BL31 259 /* 260 * SCR_EL3.IRQ, SCR_EL3.FIQ: Enable the physical FIQ and IRQ routing as 261 * indicated by the interrupt routing model for BL31. 262 */ 263 scr_el3 |= get_scr_el3_from_routing_model(NON_SECURE); 264 #endif 265 write_ctx_reg(state, CTX_SCR_EL3, scr_el3); 266 267 /* Initialize EL1 context registers */ 268 setup_el1_context(ctx, ep); 269 270 /* Initialize EL2 context registers */ 271 #if CTX_INCLUDE_EL2_REGS 272 273 /* 274 * Initialize SCTLR_EL2 context register with reset value. 275 */ 276 write_el2_ctx_common(get_el2_sysregs_ctx(ctx), sctlr_el2, SCTLR_EL2_RES1); 277 278 if (is_feat_hcx_supported()) { 279 /* 280 * Initialize register HCRX_EL2 with its init value. 281 * As the value of HCRX_EL2 is UNKNOWN on reset, there is a 282 * chance that this can lead to unexpected behavior in lower 283 * ELs that have not been updated since the introduction of 284 * this feature if not properly initialized, especially when 285 * it comes to those bits that enable/disable traps. 286 */ 287 write_el2_ctx_hcx(get_el2_sysregs_ctx(ctx), hcrx_el2, 288 HCRX_EL2_INIT_VAL); 289 } 290 291 if (is_feat_fgt_supported()) { 292 /* 293 * Initialize HFG*_EL2 registers with a default value so legacy 294 * systems unaware of FEAT_FGT do not get trapped due to their lack 295 * of initialization for this feature. 296 */ 297 write_el2_ctx_fgt(get_el2_sysregs_ctx(ctx), hfgitr_el2, 298 HFGITR_EL2_INIT_VAL); 299 write_el2_ctx_fgt(get_el2_sysregs_ctx(ctx), hfgrtr_el2, 300 HFGRTR_EL2_INIT_VAL); 301 write_el2_ctx_fgt(get_el2_sysregs_ctx(ctx), hfgwtr_el2, 302 HFGWTR_EL2_INIT_VAL); 303 } 304 305 #endif /* CTX_INCLUDE_EL2_REGS */ 306 307 manage_extensions_nonsecure(ctx); 308 } 309 310 /******************************************************************************* 311 * The following function performs initialization of the cpu_context 'ctx' 312 * for first use that is common to all security states, and sets the 313 * initial entrypoint state as specified by the entry_point_info structure. 314 * 315 * The EE and ST attributes are used to configure the endianness and secure 316 * timer availability for the new execution context. 317 ******************************************************************************/ 318 static void setup_context_common(cpu_context_t *ctx, const entry_point_info_t *ep) 319 { 320 u_register_t scr_el3; 321 u_register_t mdcr_el3; 322 el3_state_t *state; 323 gp_regs_t *gp_regs; 324 325 state = get_el3state_ctx(ctx); 326 327 /* Clear any residual register values from the context */ 328 zeromem(ctx, sizeof(*ctx)); 329 330 /* 331 * The lower-EL context is zeroed so that no stale values leak to a world. 332 * It is assumed that an all-zero lower-EL context is good enough for it 333 * to boot correctly. However, there are very few registers where this 334 * is not true and some values need to be recreated. 335 */ 336 #if CTX_INCLUDE_EL2_REGS 337 el2_sysregs_t *el2_ctx = get_el2_sysregs_ctx(ctx); 338 339 /* 340 * These bits are set in the gicv3 driver. Losing them (especially the 341 * SRE bit) is problematic for all worlds. Henceforth recreate them. 342 */ 343 u_register_t icc_sre_el2_val = ICC_SRE_DIB_BIT | ICC_SRE_DFB_BIT | 344 ICC_SRE_EN_BIT | ICC_SRE_SRE_BIT; 345 write_el2_ctx_common(el2_ctx, icc_sre_el2, icc_sre_el2_val); 346 347 /* 348 * The actlr_el2 register can be initialized in platform's reset handler 349 * and it may contain access control bits (e.g. CLUSTERPMUEN bit). 350 */ 351 write_el2_ctx_common(el2_ctx, actlr_el2, read_actlr_el2()); 352 #endif /* CTX_INCLUDE_EL2_REGS */ 353 354 /* Start with a clean SCR_EL3 copy as all relevant values are set */ 355 scr_el3 = SCR_RESET_VAL; 356 357 /* 358 * SCR_EL3.TWE: Set to zero so that execution of WFE instructions at 359 * EL2, EL1 and EL0 are not trapped to EL3. 360 * 361 * SCR_EL3.TWI: Set to zero so that execution of WFI instructions at 362 * EL2, EL1 and EL0 are not trapped to EL3. 363 * 364 * SCR_EL3.SMD: Set to zero to enable SMC calls at EL1 and above, from 365 * both Security states and both Execution states. 366 * 367 * SCR_EL3.SIF: Set to one to disable secure instruction execution from 368 * Non-secure memory. 369 */ 370 scr_el3 &= ~(SCR_TWE_BIT | SCR_TWI_BIT | SCR_SMD_BIT); 371 372 scr_el3 |= SCR_SIF_BIT; 373 374 /* 375 * SCR_EL3.RW: Set the execution state, AArch32 or AArch64, for next 376 * Exception level as specified by SPSR. 377 */ 378 if (GET_RW(ep->spsr) == MODE_RW_64) { 379 scr_el3 |= SCR_RW_BIT; 380 } 381 382 /* 383 * SCR_EL3.ST: Traps Secure EL1 accesses to the Counter-timer Physical 384 * Secure timer registers to EL3, from AArch64 state only, if specified 385 * by the entrypoint attributes. If SEL2 is present and enabled, the ST 386 * bit always behaves as 1 (i.e. secure physical timer register access 387 * is not trapped) 388 */ 389 if (EP_GET_ST(ep->h.attr) != 0U) { 390 scr_el3 |= SCR_ST_BIT; 391 } 392 393 /* 394 * If FEAT_HCX is enabled, enable access to HCRX_EL2 by setting 395 * SCR_EL3.HXEn. 396 */ 397 if (is_feat_hcx_supported()) { 398 scr_el3 |= SCR_HXEn_BIT; 399 } 400 401 /* 402 * If FEAT_RNG_TRAP is enabled, all reads of the RNDR and RNDRRS 403 * registers are trapped to EL3. 404 */ 405 #if ENABLE_FEAT_RNG_TRAP 406 scr_el3 |= SCR_TRNDR_BIT; 407 #endif 408 409 #if FAULT_INJECTION_SUPPORT 410 /* Enable fault injection from lower ELs */ 411 scr_el3 |= SCR_FIEN_BIT; 412 #endif 413 414 #if CTX_INCLUDE_PAUTH_REGS 415 /* 416 * Enable Pointer Authentication globally for all the worlds. 417 * 418 * SCR_EL3.API: Set to one to not trap any PAuth instructions at ELs 419 * other than EL3 420 * 421 * SCR_EL3.APK: Set to one to not trap any PAuth key values at ELs other 422 * than EL3 423 */ 424 scr_el3 |= SCR_API_BIT | SCR_APK_BIT; 425 #endif /* CTX_INCLUDE_PAUTH_REGS */ 426 427 /* 428 * SCR_EL3.TCR2EN: Enable access to TCR2_ELx for AArch64 if present. 429 */ 430 if (is_feat_tcr2_supported() && (GET_RW(ep->spsr) == MODE_RW_64)) { 431 scr_el3 |= SCR_TCR2EN_BIT; 432 } 433 434 /* 435 * SCR_EL3.PIEN: Enable permission indirection and overlay 436 * registers for AArch64 if present. 437 */ 438 if (is_feat_sxpie_supported() || is_feat_sxpoe_supported()) { 439 scr_el3 |= SCR_PIEN_BIT; 440 } 441 442 /* 443 * SCR_EL3.GCSEn: Enable GCS registers for AArch64 if present. 444 */ 445 if ((is_feat_gcs_supported()) && (GET_RW(ep->spsr) == MODE_RW_64)) { 446 scr_el3 |= SCR_GCSEn_BIT; 447 } 448 449 /* 450 * SCR_EL3.HCE: Enable HVC instructions if next execution state is 451 * AArch64 and next EL is EL2, or if next execution state is AArch32 and 452 * next mode is Hyp. 453 * SCR_EL3.FGTEn: Enable Fine Grained Virtualization Traps under the 454 * same conditions as HVC instructions and when the processor supports 455 * ARMv8.6-FGT. 456 * SCR_EL3.ECVEn: Enable Enhanced Counter Virtualization (ECV) 457 * CNTPOFF_EL2 register under the same conditions as HVC instructions 458 * and when the processor supports ECV. 459 */ 460 if (((GET_RW(ep->spsr) == MODE_RW_64) && (GET_EL(ep->spsr) == MODE_EL2)) 461 || ((GET_RW(ep->spsr) != MODE_RW_64) 462 && (GET_M32(ep->spsr) == MODE32_hyp))) { 463 scr_el3 |= SCR_HCE_BIT; 464 465 if (is_feat_fgt_supported()) { 466 scr_el3 |= SCR_FGTEN_BIT; 467 } 468 469 if (is_feat_ecv_supported()) { 470 scr_el3 |= SCR_ECVEN_BIT; 471 } 472 } 473 474 /* Enable WFE trap delay in SCR_EL3 if supported and configured */ 475 if (is_feat_twed_supported()) { 476 /* Set delay in SCR_EL3 */ 477 scr_el3 &= ~(SCR_TWEDEL_MASK << SCR_TWEDEL_SHIFT); 478 scr_el3 |= ((TWED_DELAY & SCR_TWEDEL_MASK) 479 << SCR_TWEDEL_SHIFT); 480 481 /* Enable WFE delay */ 482 scr_el3 |= SCR_TWEDEn_BIT; 483 } 484 485 #if IMAGE_BL31 && defined(SPD_spmd) && SPMD_SPM_AT_SEL2 486 /* Enable S-EL2 if FEAT_SEL2 is implemented for all the contexts. */ 487 if (is_feat_sel2_supported()) { 488 scr_el3 |= SCR_EEL2_BIT; 489 } 490 #endif /* (IMAGE_BL31 && defined(SPD_spmd) && SPMD_SPM_AT_SEL2) */ 491 492 /* 493 * Populate EL3 state so that we've the right context 494 * before doing ERET 495 */ 496 write_ctx_reg(state, CTX_SCR_EL3, scr_el3); 497 write_ctx_reg(state, CTX_ELR_EL3, ep->pc); 498 write_ctx_reg(state, CTX_SPSR_EL3, ep->spsr); 499 500 /* Start with a clean MDCR_EL3 copy as all relevant values are set */ 501 mdcr_el3 = MDCR_EL3_RESET_VAL; 502 503 /* --------------------------------------------------------------------- 504 * Initialise MDCR_EL3, setting all fields rather than relying on hw. 505 * Some fields are architecturally UNKNOWN on reset. 506 * 507 * MDCR_EL3.SDD: Set to one to disable AArch64 Secure self-hosted debug. 508 * Debug exceptions, other than Breakpoint Instruction exceptions, are 509 * disabled from all ELs in Secure state. 510 * 511 * MDCR_EL3.SPD32: Set to 0b10 to disable AArch32 Secure self-hosted 512 * privileged debug from S-EL1. 513 * 514 * MDCR_EL3.TDOSA: Set to zero so that EL2 and EL2 System register 515 * access to the powerdown debug registers do not trap to EL3. 516 * 517 * MDCR_EL3.TDA: Set to zero to allow EL0, EL1 and EL2 access to the 518 * debug registers, other than those registers that are controlled by 519 * MDCR_EL3.TDOSA. 520 */ 521 mdcr_el3 |= ((MDCR_SDD_BIT | MDCR_SPD32(MDCR_SPD32_DISABLE)) 522 & ~(MDCR_TDA_BIT | MDCR_TDOSA_BIT)) ; 523 write_ctx_reg(state, CTX_MDCR_EL3, mdcr_el3); 524 525 /* 526 * Configure MDCR_EL3 register as applicable for each world 527 * (NS/Secure/Realm) context. 528 */ 529 manage_extensions_common(ctx); 530 531 /* 532 * Store the X0-X7 value from the entrypoint into the context 533 * Use memcpy as we are in control of the layout of the structures 534 */ 535 gp_regs = get_gpregs_ctx(ctx); 536 memcpy(gp_regs, (void *)&ep->args, sizeof(aapcs64_params_t)); 537 } 538 539 /******************************************************************************* 540 * Context management library initialization routine. This library is used by 541 * runtime services to share pointers to 'cpu_context' structures for secure 542 * non-secure and realm states. Management of the structures and their associated 543 * memory is not done by the context management library e.g. the PSCI service 544 * manages the cpu context used for entry from and exit to the non-secure state. 545 * The Secure payload dispatcher service manages the context(s) corresponding to 546 * the secure state. It also uses this library to get access to the non-secure 547 * state cpu context pointers. 548 * Lastly, this library provides the API to make SP_EL3 point to the cpu context 549 * which will be used for programming an entry into a lower EL. The same context 550 * will be used to save state upon exception entry from that EL. 551 ******************************************************************************/ 552 void __init cm_init(void) 553 { 554 /* 555 * The context management library has only global data to initialize, but 556 * that will be done when the BSS is zeroed out. 557 */ 558 } 559 560 /******************************************************************************* 561 * This is the high-level function used to initialize the cpu_context 'ctx' for 562 * first use. It performs initializations that are common to all security states 563 * and initializations specific to the security state specified in 'ep' 564 ******************************************************************************/ 565 void cm_setup_context(cpu_context_t *ctx, const entry_point_info_t *ep) 566 { 567 unsigned int security_state; 568 569 assert(ctx != NULL); 570 571 /* 572 * Perform initializations that are common 573 * to all security states 574 */ 575 setup_context_common(ctx, ep); 576 577 security_state = GET_SECURITY_STATE(ep->h.attr); 578 579 /* Perform security state specific initializations */ 580 switch (security_state) { 581 case SECURE: 582 setup_secure_context(ctx, ep); 583 break; 584 #if ENABLE_RME 585 case REALM: 586 setup_realm_context(ctx, ep); 587 break; 588 #endif 589 case NON_SECURE: 590 setup_ns_context(ctx, ep); 591 break; 592 default: 593 ERROR("Invalid security state\n"); 594 panic(); 595 break; 596 } 597 } 598 599 /******************************************************************************* 600 * Enable architecture extensions for EL3 execution. This function only updates 601 * registers in-place which are expected to either never change or be 602 * overwritten by el3_exit. 603 ******************************************************************************/ 604 #if IMAGE_BL31 605 void cm_manage_extensions_el3(void) 606 { 607 if (is_feat_amu_supported()) { 608 amu_init_el3(); 609 } 610 611 if (is_feat_sme_supported()) { 612 sme_init_el3(); 613 } 614 615 pmuv3_init_el3(); 616 } 617 #endif /* IMAGE_BL31 */ 618 619 /****************************************************************************** 620 * Function to initialise the registers with the RESET values in the context 621 * memory, which are maintained per world. 622 ******************************************************************************/ 623 #if IMAGE_BL31 624 void cm_el3_arch_init_per_world(per_world_context_t *per_world_ctx) 625 { 626 /* 627 * Initialise CPTR_EL3, setting all fields rather than relying on hw. 628 * 629 * CPTR_EL3.TFP: Set to zero so that accesses to the V- or Z- registers 630 * by Advanced SIMD, floating-point or SVE instructions (if 631 * implemented) do not trap to EL3. 632 * 633 * CPTR_EL3.TCPAC: Set to zero so that accesses to CPACR_EL1, 634 * CPTR_EL2,CPACR, or HCPTR do not trap to EL3. 635 */ 636 uint64_t cptr_el3 = CPTR_EL3_RESET_VAL & ~(TCPAC_BIT | TFP_BIT); 637 638 per_world_ctx->ctx_cptr_el3 = cptr_el3; 639 640 /* 641 * Initialize MPAM3_EL3 to its default reset value 642 * 643 * MPAM3_EL3_RESET_VAL sets the MPAM3_EL3.TRAPLOWER bit that forces 644 * all lower ELn MPAM3_EL3 register access to, trap to EL3 645 */ 646 647 per_world_ctx->ctx_mpam3_el3 = MPAM3_EL3_RESET_VAL; 648 } 649 #endif /* IMAGE_BL31 */ 650 651 /******************************************************************************* 652 * Initialise per_world_context for Non-Secure world. 653 * This function enables the architecture extensions, which have same value 654 * across the cores for the non-secure world. 655 ******************************************************************************/ 656 #if IMAGE_BL31 657 void manage_extensions_nonsecure_per_world(void) 658 { 659 cm_el3_arch_init_per_world(&per_world_context[CPU_CONTEXT_NS]); 660 661 if (is_feat_sme_supported()) { 662 sme_enable_per_world(&per_world_context[CPU_CONTEXT_NS]); 663 } 664 665 if (is_feat_sve_supported()) { 666 sve_enable_per_world(&per_world_context[CPU_CONTEXT_NS]); 667 } 668 669 if (is_feat_amu_supported()) { 670 amu_enable_per_world(&per_world_context[CPU_CONTEXT_NS]); 671 } 672 673 if (is_feat_sys_reg_trace_supported()) { 674 sys_reg_trace_enable_per_world(&per_world_context[CPU_CONTEXT_NS]); 675 } 676 677 if (is_feat_mpam_supported()) { 678 mpam_enable_per_world(&per_world_context[CPU_CONTEXT_NS]); 679 } 680 } 681 #endif /* IMAGE_BL31 */ 682 683 /******************************************************************************* 684 * Initialise per_world_context for Secure world. 685 * This function enables the architecture extensions, which have same value 686 * across the cores for the secure world. 687 ******************************************************************************/ 688 static void manage_extensions_secure_per_world(void) 689 { 690 #if IMAGE_BL31 691 cm_el3_arch_init_per_world(&per_world_context[CPU_CONTEXT_SECURE]); 692 693 if (is_feat_sme_supported()) { 694 695 if (ENABLE_SME_FOR_SWD) { 696 /* 697 * Enable SME, SVE, FPU/SIMD in secure context, SPM must ensure 698 * SME, SVE, and FPU/SIMD context properly managed. 699 */ 700 sme_enable_per_world(&per_world_context[CPU_CONTEXT_SECURE]); 701 } else { 702 /* 703 * Disable SME, SVE, FPU/SIMD in secure context so non-secure 704 * world can safely use the associated registers. 705 */ 706 sme_disable_per_world(&per_world_context[CPU_CONTEXT_SECURE]); 707 } 708 } 709 if (is_feat_sve_supported()) { 710 if (ENABLE_SVE_FOR_SWD) { 711 /* 712 * Enable SVE and FPU in secure context, SPM must ensure 713 * that the SVE and FPU register contexts are properly managed. 714 */ 715 sve_enable_per_world(&per_world_context[CPU_CONTEXT_SECURE]); 716 } else { 717 /* 718 * Disable SVE and FPU in secure context so non-secure world 719 * can safely use them. 720 */ 721 sve_disable_per_world(&per_world_context[CPU_CONTEXT_SECURE]); 722 } 723 } 724 725 /* NS can access this but Secure shouldn't */ 726 if (is_feat_sys_reg_trace_supported()) { 727 sys_reg_trace_disable_per_world(&per_world_context[CPU_CONTEXT_SECURE]); 728 } 729 730 has_secure_perworld_init = true; 731 #endif /* IMAGE_BL31 */ 732 } 733 734 /******************************************************************************* 735 * Enable architecture extensions on first entry to Non-secure world only 736 * and disable for secure world. 737 * 738 * NOTE: Arch features which have been provided with the capability of getting 739 * enabled only for non-secure world and being disabled for secure world are 740 * grouped here, as the MDCR_EL3 context value remains same across the worlds. 741 ******************************************************************************/ 742 static void manage_extensions_common(cpu_context_t *ctx) 743 { 744 #if IMAGE_BL31 745 if (is_feat_spe_supported()) { 746 /* 747 * Enable FEAT_SPE for Non-Secure and prohibit for Secure state. 748 */ 749 spe_enable(ctx); 750 } 751 752 if (is_feat_trbe_supported()) { 753 /* 754 * Enable FEAT_TRBE for Non-Secure and prohibit for Secure and 755 * Realm state. 756 */ 757 trbe_enable(ctx); 758 } 759 760 if (is_feat_trf_supported()) { 761 /* 762 * Enable FEAT_TRF for Non-Secure and prohibit for Secure state. 763 */ 764 trf_enable(ctx); 765 } 766 767 if (is_feat_brbe_supported()) { 768 /* 769 * Enable FEAT_BRBE for Non-Secure and prohibit for Secure state. 770 */ 771 brbe_enable(ctx); 772 } 773 #endif /* IMAGE_BL31 */ 774 } 775 776 /******************************************************************************* 777 * Enable architecture extensions on first entry to Non-secure world. 778 ******************************************************************************/ 779 static void manage_extensions_nonsecure(cpu_context_t *ctx) 780 { 781 #if IMAGE_BL31 782 if (is_feat_amu_supported()) { 783 amu_enable(ctx); 784 } 785 786 if (is_feat_sme_supported()) { 787 sme_enable(ctx); 788 } 789 790 if (is_feat_fgt2_supported()) { 791 fgt2_enable(ctx); 792 } 793 794 if (is_feat_debugv8p9_supported()) { 795 debugv8p9_extended_bp_wp_enable(ctx); 796 } 797 798 pmuv3_enable(ctx); 799 #endif /* IMAGE_BL31 */ 800 } 801 802 /* TODO: move to lib/extensions/pauth when it has been ported to FEAT_STATE */ 803 static __unused void enable_pauth_el2(void) 804 { 805 u_register_t hcr_el2 = read_hcr_el2(); 806 /* 807 * For Armv8.3 pointer authentication feature, disable traps to EL2 when 808 * accessing key registers or using pointer authentication instructions 809 * from lower ELs. 810 */ 811 hcr_el2 |= (HCR_API_BIT | HCR_APK_BIT); 812 813 write_hcr_el2(hcr_el2); 814 } 815 816 #if INIT_UNUSED_NS_EL2 817 /******************************************************************************* 818 * Enable architecture extensions in-place at EL2 on first entry to Non-secure 819 * world when EL2 is empty and unused. 820 ******************************************************************************/ 821 static void manage_extensions_nonsecure_el2_unused(void) 822 { 823 #if IMAGE_BL31 824 if (is_feat_spe_supported()) { 825 spe_init_el2_unused(); 826 } 827 828 if (is_feat_amu_supported()) { 829 amu_init_el2_unused(); 830 } 831 832 if (is_feat_mpam_supported()) { 833 mpam_init_el2_unused(); 834 } 835 836 if (is_feat_trbe_supported()) { 837 trbe_init_el2_unused(); 838 } 839 840 if (is_feat_sys_reg_trace_supported()) { 841 sys_reg_trace_init_el2_unused(); 842 } 843 844 if (is_feat_trf_supported()) { 845 trf_init_el2_unused(); 846 } 847 848 pmuv3_init_el2_unused(); 849 850 if (is_feat_sve_supported()) { 851 sve_init_el2_unused(); 852 } 853 854 if (is_feat_sme_supported()) { 855 sme_init_el2_unused(); 856 } 857 858 #if ENABLE_PAUTH 859 enable_pauth_el2(); 860 #endif /* ENABLE_PAUTH */ 861 #endif /* IMAGE_BL31 */ 862 } 863 #endif /* INIT_UNUSED_NS_EL2 */ 864 865 /******************************************************************************* 866 * Enable architecture extensions on first entry to Secure world. 867 ******************************************************************************/ 868 static void manage_extensions_secure(cpu_context_t *ctx) 869 { 870 #if IMAGE_BL31 871 if (is_feat_sme_supported()) { 872 if (ENABLE_SME_FOR_SWD) { 873 /* 874 * Enable SME, SVE, FPU/SIMD in secure context, secure manager 875 * must ensure SME, SVE, and FPU/SIMD context properly managed. 876 */ 877 sme_init_el3(); 878 sme_enable(ctx); 879 } else { 880 /* 881 * Disable SME, SVE, FPU/SIMD in secure context so non-secure 882 * world can safely use the associated registers. 883 */ 884 sme_disable(ctx); 885 } 886 } 887 #endif /* IMAGE_BL31 */ 888 } 889 890 #if !IMAGE_BL1 891 /******************************************************************************* 892 * The following function initializes the cpu_context for a CPU specified by 893 * its `cpu_idx` for first use, and sets the initial entrypoint state as 894 * specified by the entry_point_info structure. 895 ******************************************************************************/ 896 void cm_init_context_by_index(unsigned int cpu_idx, 897 const entry_point_info_t *ep) 898 { 899 cpu_context_t *ctx; 900 ctx = cm_get_context_by_index(cpu_idx, GET_SECURITY_STATE(ep->h.attr)); 901 cm_setup_context(ctx, ep); 902 } 903 #endif /* !IMAGE_BL1 */ 904 905 /******************************************************************************* 906 * The following function initializes the cpu_context for the current CPU 907 * for first use, and sets the initial entrypoint state as specified by the 908 * entry_point_info structure. 909 ******************************************************************************/ 910 void cm_init_my_context(const entry_point_info_t *ep) 911 { 912 cpu_context_t *ctx; 913 ctx = cm_get_context(GET_SECURITY_STATE(ep->h.attr)); 914 cm_setup_context(ctx, ep); 915 } 916 917 /* EL2 present but unused, need to disable safely. SCTLR_EL2 can be ignored */ 918 static void init_nonsecure_el2_unused(cpu_context_t *ctx) 919 { 920 #if INIT_UNUSED_NS_EL2 921 u_register_t hcr_el2 = HCR_RESET_VAL; 922 u_register_t mdcr_el2; 923 u_register_t scr_el3; 924 925 scr_el3 = read_ctx_reg(get_el3state_ctx(ctx), CTX_SCR_EL3); 926 927 /* Set EL2 register width: Set HCR_EL2.RW to match SCR_EL3.RW */ 928 if ((scr_el3 & SCR_RW_BIT) != 0U) { 929 hcr_el2 |= HCR_RW_BIT; 930 } 931 932 write_hcr_el2(hcr_el2); 933 934 /* 935 * Initialise CPTR_EL2 setting all fields rather than relying on the hw. 936 * All fields have architecturally UNKNOWN reset values. 937 */ 938 write_cptr_el2(CPTR_EL2_RESET_VAL); 939 940 /* 941 * Initialise CNTHCTL_EL2. All fields are architecturally UNKNOWN on 942 * reset and are set to zero except for field(s) listed below. 943 * 944 * CNTHCTL_EL2.EL1PTEN: Set to one to disable traps to Hyp mode of 945 * Non-secure EL0 and EL1 accesses to the physical timer registers. 946 * 947 * CNTHCTL_EL2.EL1PCTEN: Set to one to disable traps to Hyp mode of 948 * Non-secure EL0 and EL1 accesses to the physical counter registers. 949 */ 950 write_cnthctl_el2(CNTHCTL_RESET_VAL | EL1PCEN_BIT | EL1PCTEN_BIT); 951 952 /* 953 * Initialise CNTVOFF_EL2 to zero as it resets to an architecturally 954 * UNKNOWN value. 955 */ 956 write_cntvoff_el2(0); 957 958 /* 959 * Set VPIDR_EL2 and VMPIDR_EL2 to match MIDR_EL1 and MPIDR_EL1 960 * respectively. 961 */ 962 write_vpidr_el2(read_midr_el1()); 963 write_vmpidr_el2(read_mpidr_el1()); 964 965 /* 966 * Initialise VTTBR_EL2. All fields are architecturally UNKNOWN on reset. 967 * 968 * VTTBR_EL2.VMID: Set to zero. Even though EL1&0 stage 2 address 969 * translation is disabled, cache maintenance operations depend on the 970 * VMID. 971 * 972 * VTTBR_EL2.BADDR: Set to zero as EL1&0 stage 2 address translation is 973 * disabled. 974 */ 975 write_vttbr_el2(VTTBR_RESET_VAL & 976 ~((VTTBR_VMID_MASK << VTTBR_VMID_SHIFT) | 977 (VTTBR_BADDR_MASK << VTTBR_BADDR_SHIFT))); 978 979 /* 980 * Initialise MDCR_EL2, setting all fields rather than relying on hw. 981 * Some fields are architecturally UNKNOWN on reset. 982 * 983 * MDCR_EL2.TDRA: Set to zero so that Non-secure EL0 and EL1 System 984 * register accesses to the Debug ROM registers are not trapped to EL2. 985 * 986 * MDCR_EL2.TDOSA: Set to zero so that Non-secure EL1 System register 987 * accesses to the powerdown debug registers are not trapped to EL2. 988 * 989 * MDCR_EL2.TDA: Set to zero so that System register accesses to the 990 * debug registers do not trap to EL2. 991 * 992 * MDCR_EL2.TDE: Set to zero so that debug exceptions are not routed to 993 * EL2. 994 */ 995 mdcr_el2 = MDCR_EL2_RESET_VAL & 996 ~(MDCR_EL2_TDRA_BIT | MDCR_EL2_TDOSA_BIT | MDCR_EL2_TDA_BIT | 997 MDCR_EL2_TDE_BIT); 998 999 write_mdcr_el2(mdcr_el2); 1000 1001 /* 1002 * Initialise HSTR_EL2. All fields are architecturally UNKNOWN on reset. 1003 * 1004 * HSTR_EL2.T<n>: Set all these fields to zero so that Non-secure EL0 or 1005 * EL1 accesses to System registers do not trap to EL2. 1006 */ 1007 write_hstr_el2(HSTR_EL2_RESET_VAL & ~(HSTR_EL2_T_MASK)); 1008 1009 /* 1010 * Initialise CNTHP_CTL_EL2. All fields are architecturally UNKNOWN on 1011 * reset. 1012 * 1013 * CNTHP_CTL_EL2:ENABLE: Set to zero to disable the EL2 physical timer 1014 * and prevent timer interrupts. 1015 */ 1016 write_cnthp_ctl_el2(CNTHP_CTL_RESET_VAL & ~(CNTHP_CTL_ENABLE_BIT)); 1017 1018 manage_extensions_nonsecure_el2_unused(); 1019 #endif /* INIT_UNUSED_NS_EL2 */ 1020 } 1021 1022 /******************************************************************************* 1023 * Prepare the CPU system registers for first entry into realm, secure, or 1024 * normal world. 1025 * 1026 * If execution is requested to EL2 or hyp mode, SCTLR_EL2 is initialized 1027 * If execution is requested to non-secure EL1 or svc mode, and the CPU supports 1028 * EL2 then EL2 is disabled by configuring all necessary EL2 registers. 1029 * For all entries, the EL1 registers are initialized from the cpu_context 1030 ******************************************************************************/ 1031 void cm_prepare_el3_exit(uint32_t security_state) 1032 { 1033 u_register_t sctlr_el2, scr_el3; 1034 cpu_context_t *ctx = cm_get_context(security_state); 1035 1036 assert(ctx != NULL); 1037 1038 if (security_state == NON_SECURE) { 1039 uint64_t el2_implemented = el_implemented(2); 1040 1041 scr_el3 = read_ctx_reg(get_el3state_ctx(ctx), 1042 CTX_SCR_EL3); 1043 1044 if (el2_implemented != EL_IMPL_NONE) { 1045 1046 /* 1047 * If context is not being used for EL2, initialize 1048 * HCRX_EL2 with its init value here. 1049 */ 1050 if (is_feat_hcx_supported()) { 1051 write_hcrx_el2(HCRX_EL2_INIT_VAL); 1052 } 1053 1054 /* 1055 * Initialize Fine-grained trap registers introduced 1056 * by FEAT_FGT so all traps are initially disabled when 1057 * switching to EL2 or a lower EL, preventing undesired 1058 * behavior. 1059 */ 1060 if (is_feat_fgt_supported()) { 1061 /* 1062 * Initialize HFG*_EL2 registers with a default 1063 * value so legacy systems unaware of FEAT_FGT 1064 * do not get trapped due to their lack of 1065 * initialization for this feature. 1066 */ 1067 write_hfgitr_el2(HFGITR_EL2_INIT_VAL); 1068 write_hfgrtr_el2(HFGRTR_EL2_INIT_VAL); 1069 write_hfgwtr_el2(HFGWTR_EL2_INIT_VAL); 1070 } 1071 1072 /* Condition to ensure EL2 is being used. */ 1073 if ((scr_el3 & SCR_HCE_BIT) != 0U) { 1074 /* Initialize SCTLR_EL2 register with reset value. */ 1075 sctlr_el2 = SCTLR_EL2_RES1; 1076 #if ERRATA_A75_764081 1077 /* 1078 * If workaround of errata 764081 for Cortex-A75 1079 * is used then set SCTLR_EL2.IESB to enable 1080 * Implicit Error Synchronization Barrier. 1081 */ 1082 sctlr_el2 |= SCTLR_IESB_BIT; 1083 #endif 1084 write_sctlr_el2(sctlr_el2); 1085 } else { 1086 /* 1087 * (scr_el3 & SCR_HCE_BIT==0) 1088 * EL2 implemented but unused. 1089 */ 1090 init_nonsecure_el2_unused(ctx); 1091 } 1092 } 1093 } 1094 cm_el1_sysregs_context_restore(security_state); 1095 cm_set_next_eret_context(security_state); 1096 } 1097 1098 #if CTX_INCLUDE_EL2_REGS 1099 1100 static void el2_sysregs_context_save_fgt(el2_sysregs_t *ctx) 1101 { 1102 write_el2_ctx_fgt(ctx, hdfgrtr_el2, read_hdfgrtr_el2()); 1103 if (is_feat_amu_supported()) { 1104 write_el2_ctx_fgt(ctx, hafgrtr_el2, read_hafgrtr_el2()); 1105 } 1106 write_el2_ctx_fgt(ctx, hdfgwtr_el2, read_hdfgwtr_el2()); 1107 write_el2_ctx_fgt(ctx, hfgitr_el2, read_hfgitr_el2()); 1108 write_el2_ctx_fgt(ctx, hfgrtr_el2, read_hfgrtr_el2()); 1109 write_el2_ctx_fgt(ctx, hfgwtr_el2, read_hfgwtr_el2()); 1110 } 1111 1112 static void el2_sysregs_context_restore_fgt(el2_sysregs_t *ctx) 1113 { 1114 write_hdfgrtr_el2(read_el2_ctx_fgt(ctx, hdfgrtr_el2)); 1115 if (is_feat_amu_supported()) { 1116 write_hafgrtr_el2(read_el2_ctx_fgt(ctx, hafgrtr_el2)); 1117 } 1118 write_hdfgwtr_el2(read_el2_ctx_fgt(ctx, hdfgwtr_el2)); 1119 write_hfgitr_el2(read_el2_ctx_fgt(ctx, hfgitr_el2)); 1120 write_hfgrtr_el2(read_el2_ctx_fgt(ctx, hfgrtr_el2)); 1121 write_hfgwtr_el2(read_el2_ctx_fgt(ctx, hfgwtr_el2)); 1122 } 1123 1124 static void el2_sysregs_context_save_fgt2(el2_sysregs_t *ctx) 1125 { 1126 write_el2_ctx_fgt2(ctx, hdfgrtr2_el2, read_hdfgrtr2_el2()); 1127 write_el2_ctx_fgt2(ctx, hdfgwtr2_el2, read_hdfgwtr2_el2()); 1128 write_el2_ctx_fgt2(ctx, hfgitr2_el2, read_hfgitr2_el2()); 1129 write_el2_ctx_fgt2(ctx, hfgrtr2_el2, read_hfgrtr2_el2()); 1130 write_el2_ctx_fgt2(ctx, hfgwtr2_el2, read_hfgwtr2_el2()); 1131 } 1132 1133 static void el2_sysregs_context_restore_fgt2(el2_sysregs_t *ctx) 1134 { 1135 write_hdfgrtr2_el2(read_el2_ctx_fgt2(ctx, hdfgrtr2_el2)); 1136 write_hdfgwtr2_el2(read_el2_ctx_fgt2(ctx, hdfgwtr2_el2)); 1137 write_hfgitr2_el2(read_el2_ctx_fgt2(ctx, hfgitr2_el2)); 1138 write_hfgrtr2_el2(read_el2_ctx_fgt2(ctx, hfgrtr2_el2)); 1139 write_hfgwtr2_el2(read_el2_ctx_fgt2(ctx, hfgwtr2_el2)); 1140 } 1141 1142 static void el2_sysregs_context_save_mpam(el2_sysregs_t *ctx) 1143 { 1144 u_register_t mpam_idr = read_mpamidr_el1(); 1145 1146 write_el2_ctx_mpam(ctx, mpam2_el2, read_mpam2_el2()); 1147 1148 /* 1149 * The context registers that we intend to save would be part of the 1150 * PE's system register frame only if MPAMIDR_EL1.HAS_HCR == 1. 1151 */ 1152 if ((mpam_idr & MPAMIDR_HAS_HCR_BIT) == 0U) { 1153 return; 1154 } 1155 1156 /* 1157 * MPAMHCR_EL2, MPAMVPMV_EL2 and MPAMVPM0_EL2 are always present if 1158 * MPAMIDR_HAS_HCR_BIT == 1. 1159 */ 1160 write_el2_ctx_mpam(ctx, mpamhcr_el2, read_mpamhcr_el2()); 1161 write_el2_ctx_mpam(ctx, mpamvpm0_el2, read_mpamvpm0_el2()); 1162 write_el2_ctx_mpam(ctx, mpamvpmv_el2, read_mpamvpmv_el2()); 1163 1164 /* 1165 * The number of MPAMVPM registers is implementation defined, their 1166 * number is stored in the MPAMIDR_EL1 register. 1167 */ 1168 switch ((mpam_idr >> MPAMIDR_EL1_VPMR_MAX_SHIFT) & MPAMIDR_EL1_VPMR_MAX_MASK) { 1169 case 7: 1170 write_el2_ctx_mpam(ctx, mpamvpm7_el2, read_mpamvpm7_el2()); 1171 __fallthrough; 1172 case 6: 1173 write_el2_ctx_mpam(ctx, mpamvpm6_el2, read_mpamvpm6_el2()); 1174 __fallthrough; 1175 case 5: 1176 write_el2_ctx_mpam(ctx, mpamvpm5_el2, read_mpamvpm5_el2()); 1177 __fallthrough; 1178 case 4: 1179 write_el2_ctx_mpam(ctx, mpamvpm4_el2, read_mpamvpm4_el2()); 1180 __fallthrough; 1181 case 3: 1182 write_el2_ctx_mpam(ctx, mpamvpm3_el2, read_mpamvpm3_el2()); 1183 __fallthrough; 1184 case 2: 1185 write_el2_ctx_mpam(ctx, mpamvpm2_el2, read_mpamvpm2_el2()); 1186 __fallthrough; 1187 case 1: 1188 write_el2_ctx_mpam(ctx, mpamvpm1_el2, read_mpamvpm1_el2()); 1189 break; 1190 } 1191 } 1192 1193 static void el2_sysregs_context_restore_mpam(el2_sysregs_t *ctx) 1194 { 1195 u_register_t mpam_idr = read_mpamidr_el1(); 1196 1197 write_mpam2_el2(read_el2_ctx_mpam(ctx, mpam2_el2)); 1198 1199 if ((mpam_idr & MPAMIDR_HAS_HCR_BIT) == 0U) { 1200 return; 1201 } 1202 1203 write_mpamhcr_el2(read_el2_ctx_mpam(ctx, mpamhcr_el2)); 1204 write_mpamvpm0_el2(read_el2_ctx_mpam(ctx, mpamvpm0_el2)); 1205 write_mpamvpmv_el2(read_el2_ctx_mpam(ctx, mpamvpmv_el2)); 1206 1207 switch ((mpam_idr >> MPAMIDR_EL1_VPMR_MAX_SHIFT) & MPAMIDR_EL1_VPMR_MAX_MASK) { 1208 case 7: 1209 write_mpamvpm7_el2(read_el2_ctx_mpam(ctx, mpamvpm7_el2)); 1210 __fallthrough; 1211 case 6: 1212 write_mpamvpm6_el2(read_el2_ctx_mpam(ctx, mpamvpm6_el2)); 1213 __fallthrough; 1214 case 5: 1215 write_mpamvpm5_el2(read_el2_ctx_mpam(ctx, mpamvpm5_el2)); 1216 __fallthrough; 1217 case 4: 1218 write_mpamvpm4_el2(read_el2_ctx_mpam(ctx, mpamvpm4_el2)); 1219 __fallthrough; 1220 case 3: 1221 write_mpamvpm3_el2(read_el2_ctx_mpam(ctx, mpamvpm3_el2)); 1222 __fallthrough; 1223 case 2: 1224 write_mpamvpm2_el2(read_el2_ctx_mpam(ctx, mpamvpm2_el2)); 1225 __fallthrough; 1226 case 1: 1227 write_mpamvpm1_el2(read_el2_ctx_mpam(ctx, mpamvpm1_el2)); 1228 break; 1229 } 1230 } 1231 1232 /* --------------------------------------------------------------------------- 1233 * The following registers are not added: 1234 * ICH_AP0R<n>_EL2 1235 * ICH_AP1R<n>_EL2 1236 * ICH_LR<n>_EL2 1237 * 1238 * NOTE: For a system with S-EL2 present but not enabled, accessing 1239 * ICC_SRE_EL2 is undefined from EL3. To workaround this change the 1240 * SCR_EL3.NS = 1 before accessing this register. 1241 * --------------------------------------------------------------------------- 1242 */ 1243 static void el2_sysregs_context_save_gic(el2_sysregs_t *ctx) 1244 { 1245 #if defined(SPD_spmd) && SPMD_SPM_AT_SEL2 1246 write_el2_ctx_common(ctx, icc_sre_el2, read_icc_sre_el2()); 1247 #else 1248 u_register_t scr_el3 = read_scr_el3(); 1249 write_scr_el3(scr_el3 | SCR_NS_BIT); 1250 isb(); 1251 1252 write_el2_ctx_common(ctx, icc_sre_el2, read_icc_sre_el2()); 1253 1254 write_scr_el3(scr_el3); 1255 isb(); 1256 #endif 1257 write_el2_ctx_common(ctx, ich_hcr_el2, read_ich_hcr_el2()); 1258 write_el2_ctx_common(ctx, ich_vmcr_el2, read_ich_vmcr_el2()); 1259 } 1260 1261 static void el2_sysregs_context_restore_gic(el2_sysregs_t *ctx) 1262 { 1263 #if defined(SPD_spmd) && SPMD_SPM_AT_SEL2 1264 write_icc_sre_el2(read_el2_ctx_common(ctx, icc_sre_el2)); 1265 #else 1266 u_register_t scr_el3 = read_scr_el3(); 1267 write_scr_el3(scr_el3 | SCR_NS_BIT); 1268 isb(); 1269 1270 write_icc_sre_el2(read_el2_ctx_common(ctx, icc_sre_el2)); 1271 1272 write_scr_el3(scr_el3); 1273 isb(); 1274 #endif 1275 write_ich_hcr_el2(read_el2_ctx_common(ctx, ich_hcr_el2)); 1276 write_ich_vmcr_el2(read_el2_ctx_common(ctx, ich_vmcr_el2)); 1277 } 1278 1279 /* ----------------------------------------------------- 1280 * The following registers are not added: 1281 * AMEVCNTVOFF0<n>_EL2 1282 * AMEVCNTVOFF1<n>_EL2 1283 * ----------------------------------------------------- 1284 */ 1285 static void el2_sysregs_context_save_common(el2_sysregs_t *ctx) 1286 { 1287 write_el2_ctx_common(ctx, actlr_el2, read_actlr_el2()); 1288 write_el2_ctx_common(ctx, afsr0_el2, read_afsr0_el2()); 1289 write_el2_ctx_common(ctx, afsr1_el2, read_afsr1_el2()); 1290 write_el2_ctx_common(ctx, amair_el2, read_amair_el2()); 1291 write_el2_ctx_common(ctx, cnthctl_el2, read_cnthctl_el2()); 1292 write_el2_ctx_common(ctx, cntvoff_el2, read_cntvoff_el2()); 1293 write_el2_ctx_common(ctx, cptr_el2, read_cptr_el2()); 1294 if (CTX_INCLUDE_AARCH32_REGS) { 1295 write_el2_ctx_common(ctx, dbgvcr32_el2, read_dbgvcr32_el2()); 1296 } 1297 write_el2_ctx_common(ctx, elr_el2, read_elr_el2()); 1298 write_el2_ctx_common(ctx, esr_el2, read_esr_el2()); 1299 write_el2_ctx_common(ctx, far_el2, read_far_el2()); 1300 write_el2_ctx_common(ctx, hacr_el2, read_hacr_el2()); 1301 write_el2_ctx_common(ctx, hcr_el2, read_hcr_el2()); 1302 write_el2_ctx_common(ctx, hpfar_el2, read_hpfar_el2()); 1303 write_el2_ctx_common(ctx, hstr_el2, read_hstr_el2()); 1304 write_el2_ctx_common(ctx, mair_el2, read_mair_el2()); 1305 write_el2_ctx_common(ctx, mdcr_el2, read_mdcr_el2()); 1306 write_el2_ctx_common(ctx, sctlr_el2, read_sctlr_el2()); 1307 write_el2_ctx_common(ctx, spsr_el2, read_spsr_el2()); 1308 write_el2_ctx_common(ctx, sp_el2, read_sp_el2()); 1309 write_el2_ctx_common(ctx, tcr_el2, read_tcr_el2()); 1310 write_el2_ctx_common(ctx, tpidr_el2, read_tpidr_el2()); 1311 write_el2_ctx_common(ctx, ttbr0_el2, read_ttbr0_el2()); 1312 write_el2_ctx_common(ctx, vbar_el2, read_vbar_el2()); 1313 write_el2_ctx_common(ctx, vmpidr_el2, read_vmpidr_el2()); 1314 write_el2_ctx_common(ctx, vpidr_el2, read_vpidr_el2()); 1315 write_el2_ctx_common(ctx, vtcr_el2, read_vtcr_el2()); 1316 write_el2_ctx_common(ctx, vttbr_el2, read_vttbr_el2()); 1317 } 1318 1319 static void el2_sysregs_context_restore_common(el2_sysregs_t *ctx) 1320 { 1321 write_actlr_el2(read_el2_ctx_common(ctx, actlr_el2)); 1322 write_afsr0_el2(read_el2_ctx_common(ctx, afsr0_el2)); 1323 write_afsr1_el2(read_el2_ctx_common(ctx, afsr1_el2)); 1324 write_amair_el2(read_el2_ctx_common(ctx, amair_el2)); 1325 write_cnthctl_el2(read_el2_ctx_common(ctx, cnthctl_el2)); 1326 write_cntvoff_el2(read_el2_ctx_common(ctx, cntvoff_el2)); 1327 write_cptr_el2(read_el2_ctx_common(ctx, cptr_el2)); 1328 if (CTX_INCLUDE_AARCH32_REGS) { 1329 write_dbgvcr32_el2(read_el2_ctx_common(ctx, dbgvcr32_el2)); 1330 } 1331 write_elr_el2(read_el2_ctx_common(ctx, elr_el2)); 1332 write_esr_el2(read_el2_ctx_common(ctx, esr_el2)); 1333 write_far_el2(read_el2_ctx_common(ctx, far_el2)); 1334 write_hacr_el2(read_el2_ctx_common(ctx, hacr_el2)); 1335 write_hcr_el2(read_el2_ctx_common(ctx, hcr_el2)); 1336 write_hpfar_el2(read_el2_ctx_common(ctx, hpfar_el2)); 1337 write_hstr_el2(read_el2_ctx_common(ctx, hstr_el2)); 1338 write_mair_el2(read_el2_ctx_common(ctx, mair_el2)); 1339 write_mdcr_el2(read_el2_ctx_common(ctx, mdcr_el2)); 1340 write_sctlr_el2(read_el2_ctx_common(ctx, sctlr_el2)); 1341 write_spsr_el2(read_el2_ctx_common(ctx, spsr_el2)); 1342 write_sp_el2(read_el2_ctx_common(ctx, sp_el2)); 1343 write_tcr_el2(read_el2_ctx_common(ctx, tcr_el2)); 1344 write_tpidr_el2(read_el2_ctx_common(ctx, tpidr_el2)); 1345 write_ttbr0_el2(read_el2_ctx_common(ctx, ttbr0_el2)); 1346 write_vbar_el2(read_el2_ctx_common(ctx, vbar_el2)); 1347 write_vmpidr_el2(read_el2_ctx_common(ctx, vmpidr_el2)); 1348 write_vpidr_el2(read_el2_ctx_common(ctx, vpidr_el2)); 1349 write_vtcr_el2(read_el2_ctx_common(ctx, vtcr_el2)); 1350 write_vttbr_el2(read_el2_ctx_common(ctx, vttbr_el2)); 1351 } 1352 1353 /******************************************************************************* 1354 * Save EL2 sysreg context 1355 ******************************************************************************/ 1356 void cm_el2_sysregs_context_save(uint32_t security_state) 1357 { 1358 cpu_context_t *ctx; 1359 el2_sysregs_t *el2_sysregs_ctx; 1360 1361 ctx = cm_get_context(security_state); 1362 assert(ctx != NULL); 1363 1364 el2_sysregs_ctx = get_el2_sysregs_ctx(ctx); 1365 1366 el2_sysregs_context_save_common(el2_sysregs_ctx); 1367 el2_sysregs_context_save_gic(el2_sysregs_ctx); 1368 1369 if (is_feat_mte2_supported()) { 1370 write_el2_ctx_mte2(el2_sysregs_ctx, tfsr_el2, read_tfsr_el2()); 1371 } 1372 1373 if (is_feat_mpam_supported()) { 1374 el2_sysregs_context_save_mpam(el2_sysregs_ctx); 1375 } 1376 1377 if (is_feat_fgt_supported()) { 1378 el2_sysregs_context_save_fgt(el2_sysregs_ctx); 1379 } 1380 1381 if (is_feat_fgt2_supported()) { 1382 el2_sysregs_context_save_fgt2(el2_sysregs_ctx); 1383 } 1384 1385 if (is_feat_ecv_v2_supported()) { 1386 write_el2_ctx_ecv(el2_sysregs_ctx, cntpoff_el2, read_cntpoff_el2()); 1387 } 1388 1389 if (is_feat_vhe_supported()) { 1390 write_el2_ctx_vhe(el2_sysregs_ctx, contextidr_el2, 1391 read_contextidr_el2()); 1392 write_el2_ctx_vhe(el2_sysregs_ctx, ttbr1_el2, read_ttbr1_el2()); 1393 } 1394 1395 if (is_feat_ras_supported()) { 1396 write_el2_ctx_ras(el2_sysregs_ctx, vdisr_el2, read_vdisr_el2()); 1397 write_el2_ctx_ras(el2_sysregs_ctx, vsesr_el2, read_vsesr_el2()); 1398 } 1399 1400 if (is_feat_nv2_supported()) { 1401 write_el2_ctx_neve(el2_sysregs_ctx, vncr_el2, read_vncr_el2()); 1402 } 1403 1404 if (is_feat_trf_supported()) { 1405 write_el2_ctx_trf(el2_sysregs_ctx, trfcr_el2, read_trfcr_el2()); 1406 } 1407 1408 if (is_feat_csv2_2_supported()) { 1409 write_el2_ctx_csv2_2(el2_sysregs_ctx, scxtnum_el2, 1410 read_scxtnum_el2()); 1411 } 1412 1413 if (is_feat_hcx_supported()) { 1414 write_el2_ctx_hcx(el2_sysregs_ctx, hcrx_el2, read_hcrx_el2()); 1415 } 1416 1417 if (is_feat_tcr2_supported()) { 1418 write_el2_ctx_tcr2(el2_sysregs_ctx, tcr2_el2, read_tcr2_el2()); 1419 } 1420 1421 if (is_feat_sxpie_supported()) { 1422 write_el2_ctx_sxpie(el2_sysregs_ctx, pire0_el2, read_pire0_el2()); 1423 write_el2_ctx_sxpie(el2_sysregs_ctx, pir_el2, read_pir_el2()); 1424 } 1425 1426 if (is_feat_sxpoe_supported()) { 1427 write_el2_ctx_sxpoe(el2_sysregs_ctx, por_el2, read_por_el2()); 1428 } 1429 1430 if (is_feat_s2pie_supported()) { 1431 write_el2_ctx_s2pie(el2_sysregs_ctx, s2pir_el2, read_s2pir_el2()); 1432 } 1433 1434 if (is_feat_gcs_supported()) { 1435 write_el2_ctx_gcs(el2_sysregs_ctx, gcscr_el2, read_gcscr_el2()); 1436 write_el2_ctx_gcs(el2_sysregs_ctx, gcspr_el2, read_gcspr_el2()); 1437 } 1438 } 1439 1440 /******************************************************************************* 1441 * Restore EL2 sysreg context 1442 ******************************************************************************/ 1443 void cm_el2_sysregs_context_restore(uint32_t security_state) 1444 { 1445 cpu_context_t *ctx; 1446 el2_sysregs_t *el2_sysregs_ctx; 1447 1448 ctx = cm_get_context(security_state); 1449 assert(ctx != NULL); 1450 1451 el2_sysregs_ctx = get_el2_sysregs_ctx(ctx); 1452 1453 el2_sysregs_context_restore_common(el2_sysregs_ctx); 1454 el2_sysregs_context_restore_gic(el2_sysregs_ctx); 1455 1456 if (is_feat_mte2_supported()) { 1457 write_tfsr_el2(read_el2_ctx_mte2(el2_sysregs_ctx, tfsr_el2)); 1458 } 1459 1460 if (is_feat_mpam_supported()) { 1461 el2_sysregs_context_restore_mpam(el2_sysregs_ctx); 1462 } 1463 1464 if (is_feat_fgt_supported()) { 1465 el2_sysregs_context_restore_fgt(el2_sysregs_ctx); 1466 } 1467 1468 if (is_feat_fgt2_supported()) { 1469 el2_sysregs_context_restore_fgt2(el2_sysregs_ctx); 1470 } 1471 1472 if (is_feat_ecv_v2_supported()) { 1473 write_cntpoff_el2(read_el2_ctx_ecv(el2_sysregs_ctx, cntpoff_el2)); 1474 } 1475 1476 if (is_feat_vhe_supported()) { 1477 write_contextidr_el2(read_el2_ctx_vhe(el2_sysregs_ctx, 1478 contextidr_el2)); 1479 write_ttbr1_el2(read_el2_ctx_vhe(el2_sysregs_ctx, ttbr1_el2)); 1480 } 1481 1482 if (is_feat_ras_supported()) { 1483 write_vdisr_el2(read_el2_ctx_ras(el2_sysregs_ctx, vdisr_el2)); 1484 write_vsesr_el2(read_el2_ctx_ras(el2_sysregs_ctx, vsesr_el2)); 1485 } 1486 1487 if (is_feat_nv2_supported()) { 1488 write_vncr_el2(read_el2_ctx_neve(el2_sysregs_ctx, vncr_el2)); 1489 } 1490 1491 if (is_feat_trf_supported()) { 1492 write_trfcr_el2(read_el2_ctx_trf(el2_sysregs_ctx, trfcr_el2)); 1493 } 1494 1495 if (is_feat_csv2_2_supported()) { 1496 write_scxtnum_el2(read_el2_ctx_csv2_2(el2_sysregs_ctx, 1497 scxtnum_el2)); 1498 } 1499 1500 if (is_feat_hcx_supported()) { 1501 write_hcrx_el2(read_el2_ctx_hcx(el2_sysregs_ctx, hcrx_el2)); 1502 } 1503 1504 if (is_feat_tcr2_supported()) { 1505 write_tcr2_el2(read_el2_ctx_tcr2(el2_sysregs_ctx, tcr2_el2)); 1506 } 1507 1508 if (is_feat_sxpie_supported()) { 1509 write_pire0_el2(read_el2_ctx_sxpie(el2_sysregs_ctx, pire0_el2)); 1510 write_pir_el2(read_el2_ctx_sxpie(el2_sysregs_ctx, pir_el2)); 1511 } 1512 1513 if (is_feat_sxpoe_supported()) { 1514 write_por_el2(read_el2_ctx_sxpoe(el2_sysregs_ctx, por_el2)); 1515 } 1516 1517 if (is_feat_s2pie_supported()) { 1518 write_s2pir_el2(read_el2_ctx_s2pie(el2_sysregs_ctx, s2pir_el2)); 1519 } 1520 1521 if (is_feat_gcs_supported()) { 1522 write_gcscr_el2(read_el2_ctx_gcs(el2_sysregs_ctx, gcscr_el2)); 1523 write_gcspr_el2(read_el2_ctx_gcs(el2_sysregs_ctx, gcspr_el2)); 1524 } 1525 } 1526 #endif /* CTX_INCLUDE_EL2_REGS */ 1527 1528 #if IMAGE_BL31 1529 /********************************************************************************* 1530 * This function allows Architecture features asymmetry among cores. 1531 * TF-A assumes that all the cores in the platform has architecture feature parity 1532 * and hence the context is setup on different core (e.g. primary sets up the 1533 * context for secondary cores).This assumption may not be true for systems where 1534 * cores are not conforming to same Arch version or there is CPU Erratum which 1535 * requires certain feature to be be disabled only on a given core. 1536 * 1537 * This function is called on secondary cores to override any disparity in context 1538 * setup by primary, this would be called during warmboot path. 1539 *********************************************************************************/ 1540 void cm_handle_asymmetric_features(void) 1541 { 1542 #if ENABLE_SPE_FOR_NS == FEAT_STATE_CHECK_ASYMMETRIC 1543 cpu_context_t *spe_ctx = cm_get_context(NON_SECURE); 1544 1545 assert(spe_ctx != NULL); 1546 1547 if (is_feat_spe_supported()) { 1548 spe_enable(spe_ctx); 1549 } else { 1550 spe_disable(spe_ctx); 1551 } 1552 #endif 1553 #if ERRATA_A520_2938996 || ERRATA_X4_2726228 1554 cpu_context_t *trbe_ctx = cm_get_context(NON_SECURE); 1555 1556 assert(trbe_ctx != NULL); 1557 1558 if (check_if_affected_core() == ERRATA_APPLIES) { 1559 if (is_feat_trbe_supported()) { 1560 trbe_disable(trbe_ctx); 1561 } 1562 } 1563 #endif 1564 } 1565 #endif 1566 1567 /******************************************************************************* 1568 * This function is used to exit to Non-secure world. If CTX_INCLUDE_EL2_REGS 1569 * is enabled, it restores EL1 and EL2 sysreg contexts instead of directly 1570 * updating EL1 and EL2 registers. Otherwise, it calls the generic 1571 * cm_prepare_el3_exit function. 1572 ******************************************************************************/ 1573 void cm_prepare_el3_exit_ns(void) 1574 { 1575 #if IMAGE_BL31 1576 /* 1577 * Check and handle Architecture feature asymmetry among cores. 1578 * 1579 * In warmboot path secondary cores context is initialized on core which 1580 * did CPU_ON SMC call, if there is feature asymmetry in these cores handle 1581 * it in this function call. 1582 * For Symmetric cores this is an empty function. 1583 */ 1584 cm_handle_asymmetric_features(); 1585 #endif 1586 1587 #if CTX_INCLUDE_EL2_REGS 1588 #if ENABLE_ASSERTIONS 1589 cpu_context_t *ctx = cm_get_context(NON_SECURE); 1590 assert(ctx != NULL); 1591 1592 /* Assert that EL2 is used. */ 1593 u_register_t scr_el3 = read_ctx_reg(get_el3state_ctx(ctx), CTX_SCR_EL3); 1594 assert(((scr_el3 & SCR_HCE_BIT) != 0UL) && 1595 (el_implemented(2U) != EL_IMPL_NONE)); 1596 #endif /* ENABLE_ASSERTIONS */ 1597 1598 /* Restore EL2 and EL1 sysreg contexts */ 1599 cm_el2_sysregs_context_restore(NON_SECURE); 1600 cm_el1_sysregs_context_restore(NON_SECURE); 1601 cm_set_next_eret_context(NON_SECURE); 1602 #else 1603 cm_prepare_el3_exit(NON_SECURE); 1604 #endif /* CTX_INCLUDE_EL2_REGS */ 1605 } 1606 1607 static void el1_sysregs_context_save(el1_sysregs_t *ctx) 1608 { 1609 write_el1_ctx_common(ctx, spsr_el1, read_spsr_el1()); 1610 write_el1_ctx_common(ctx, elr_el1, read_elr_el1()); 1611 1612 #if (!ERRATA_SPECULATIVE_AT) 1613 write_el1_ctx_common(ctx, sctlr_el1, read_sctlr_el1()); 1614 write_el1_ctx_common(ctx, tcr_el1, read_tcr_el1()); 1615 #endif /* (!ERRATA_SPECULATIVE_AT) */ 1616 1617 write_el1_ctx_common(ctx, cpacr_el1, read_cpacr_el1()); 1618 write_el1_ctx_common(ctx, csselr_el1, read_csselr_el1()); 1619 write_el1_ctx_common(ctx, sp_el1, read_sp_el1()); 1620 write_el1_ctx_common(ctx, esr_el1, read_esr_el1()); 1621 write_el1_ctx_common(ctx, ttbr0_el1, read_ttbr0_el1()); 1622 write_el1_ctx_common(ctx, ttbr1_el1, read_ttbr1_el1()); 1623 write_el1_ctx_common(ctx, mair_el1, read_mair_el1()); 1624 write_el1_ctx_common(ctx, amair_el1, read_amair_el1()); 1625 write_el1_ctx_common(ctx, actlr_el1, read_actlr_el1()); 1626 write_el1_ctx_common(ctx, tpidr_el1, read_tpidr_el1()); 1627 write_el1_ctx_common(ctx, tpidr_el0, read_tpidr_el0()); 1628 write_el1_ctx_common(ctx, tpidrro_el0, read_tpidrro_el0()); 1629 write_el1_ctx_common(ctx, par_el1, read_par_el1()); 1630 write_el1_ctx_common(ctx, far_el1, read_far_el1()); 1631 write_el1_ctx_common(ctx, afsr0_el1, read_afsr0_el1()); 1632 write_el1_ctx_common(ctx, afsr1_el1, read_afsr1_el1()); 1633 write_el1_ctx_common(ctx, contextidr_el1, read_contextidr_el1()); 1634 write_el1_ctx_common(ctx, vbar_el1, read_vbar_el1()); 1635 write_el1_ctx_common(ctx, mdccint_el1, read_mdccint_el1()); 1636 write_el1_ctx_common(ctx, mdscr_el1, read_mdscr_el1()); 1637 1638 if (CTX_INCLUDE_AARCH32_REGS) { 1639 /* Save Aarch32 registers */ 1640 write_el1_ctx_aarch32(ctx, spsr_abt, read_spsr_abt()); 1641 write_el1_ctx_aarch32(ctx, spsr_und, read_spsr_und()); 1642 write_el1_ctx_aarch32(ctx, spsr_irq, read_spsr_irq()); 1643 write_el1_ctx_aarch32(ctx, spsr_fiq, read_spsr_fiq()); 1644 write_el1_ctx_aarch32(ctx, dacr32_el2, read_dacr32_el2()); 1645 write_el1_ctx_aarch32(ctx, ifsr32_el2, read_ifsr32_el2()); 1646 } 1647 1648 if (NS_TIMER_SWITCH) { 1649 /* Save NS Timer registers */ 1650 write_el1_ctx_arch_timer(ctx, cntp_ctl_el0, read_cntp_ctl_el0()); 1651 write_el1_ctx_arch_timer(ctx, cntp_cval_el0, read_cntp_cval_el0()); 1652 write_el1_ctx_arch_timer(ctx, cntv_ctl_el0, read_cntv_ctl_el0()); 1653 write_el1_ctx_arch_timer(ctx, cntv_cval_el0, read_cntv_cval_el0()); 1654 write_el1_ctx_arch_timer(ctx, cntkctl_el1, read_cntkctl_el1()); 1655 } 1656 1657 if (is_feat_mte2_supported()) { 1658 write_el1_ctx_mte2(ctx, tfsre0_el1, read_tfsre0_el1()); 1659 write_el1_ctx_mte2(ctx, tfsr_el1, read_tfsr_el1()); 1660 write_el1_ctx_mte2(ctx, rgsr_el1, read_rgsr_el1()); 1661 write_el1_ctx_mte2(ctx, gcr_el1, read_gcr_el1()); 1662 } 1663 1664 if (is_feat_ras_supported()) { 1665 write_el1_ctx_ras(ctx, disr_el1, read_disr_el1()); 1666 } 1667 1668 if (is_feat_s1pie_supported()) { 1669 write_el1_ctx_s1pie(ctx, pire0_el1, read_pire0_el1()); 1670 write_el1_ctx_s1pie(ctx, pir_el1, read_pir_el1()); 1671 } 1672 1673 if (is_feat_s1poe_supported()) { 1674 write_el1_ctx_s1poe(ctx, por_el1, read_por_el1()); 1675 } 1676 1677 if (is_feat_s2poe_supported()) { 1678 write_el1_ctx_s2poe(ctx, s2por_el1, read_s2por_el1()); 1679 } 1680 1681 if (is_feat_tcr2_supported()) { 1682 write_el1_ctx_tcr2(ctx, tcr2_el1, read_tcr2_el1()); 1683 } 1684 1685 if (is_feat_trf_supported()) { 1686 write_el1_ctx_trf(ctx, trfcr_el1, read_trfcr_el1()); 1687 } 1688 1689 if (is_feat_csv2_2_supported()) { 1690 write_el1_ctx_csv2_2(ctx, scxtnum_el0, read_scxtnum_el0()); 1691 write_el1_ctx_csv2_2(ctx, scxtnum_el1, read_scxtnum_el1()); 1692 } 1693 1694 if (is_feat_gcs_supported()) { 1695 write_el1_ctx_gcs(ctx, gcscr_el1, read_gcscr_el1()); 1696 write_el1_ctx_gcs(ctx, gcscre0_el1, read_gcscre0_el1()); 1697 write_el1_ctx_gcs(ctx, gcspr_el1, read_gcspr_el1()); 1698 write_el1_ctx_gcs(ctx, gcspr_el0, read_gcspr_el0()); 1699 } 1700 } 1701 1702 static void el1_sysregs_context_restore(el1_sysregs_t *ctx) 1703 { 1704 write_spsr_el1(read_el1_ctx_common(ctx, spsr_el1)); 1705 write_elr_el1(read_el1_ctx_common(ctx, elr_el1)); 1706 1707 #if (!ERRATA_SPECULATIVE_AT) 1708 write_sctlr_el1(read_el1_ctx_common(ctx, sctlr_el1)); 1709 write_tcr_el1(read_el1_ctx_common(ctx, tcr_el1)); 1710 #endif /* (!ERRATA_SPECULATIVE_AT) */ 1711 1712 write_cpacr_el1(read_el1_ctx_common(ctx, cpacr_el1)); 1713 write_csselr_el1(read_el1_ctx_common(ctx, csselr_el1)); 1714 write_sp_el1(read_el1_ctx_common(ctx, sp_el1)); 1715 write_esr_el1(read_el1_ctx_common(ctx, esr_el1)); 1716 write_ttbr0_el1(read_el1_ctx_common(ctx, ttbr0_el1)); 1717 write_ttbr1_el1(read_el1_ctx_common(ctx, ttbr1_el1)); 1718 write_mair_el1(read_el1_ctx_common(ctx, mair_el1)); 1719 write_amair_el1(read_el1_ctx_common(ctx, amair_el1)); 1720 write_actlr_el1(read_el1_ctx_common(ctx, actlr_el1)); 1721 write_tpidr_el1(read_el1_ctx_common(ctx, tpidr_el1)); 1722 write_tpidr_el0(read_el1_ctx_common(ctx, tpidr_el0)); 1723 write_tpidrro_el0(read_el1_ctx_common(ctx, tpidrro_el0)); 1724 write_par_el1(read_el1_ctx_common(ctx, par_el1)); 1725 write_far_el1(read_el1_ctx_common(ctx, far_el1)); 1726 write_afsr0_el1(read_el1_ctx_common(ctx, afsr0_el1)); 1727 write_afsr1_el1(read_el1_ctx_common(ctx, afsr1_el1)); 1728 write_contextidr_el1(read_el1_ctx_common(ctx, contextidr_el1)); 1729 write_vbar_el1(read_el1_ctx_common(ctx, vbar_el1)); 1730 write_mdccint_el1(read_el1_ctx_common(ctx, mdccint_el1)); 1731 write_mdscr_el1(read_el1_ctx_common(ctx, mdscr_el1)); 1732 1733 if (CTX_INCLUDE_AARCH32_REGS) { 1734 /* Restore Aarch32 registers */ 1735 write_spsr_abt(read_el1_ctx_aarch32(ctx, spsr_abt)); 1736 write_spsr_und(read_el1_ctx_aarch32(ctx, spsr_und)); 1737 write_spsr_irq(read_el1_ctx_aarch32(ctx, spsr_irq)); 1738 write_spsr_fiq(read_el1_ctx_aarch32(ctx, spsr_fiq)); 1739 write_dacr32_el2(read_el1_ctx_aarch32(ctx, dacr32_el2)); 1740 write_ifsr32_el2(read_el1_ctx_aarch32(ctx, ifsr32_el2)); 1741 } 1742 1743 if (NS_TIMER_SWITCH) { 1744 /* Restore NS Timer registers */ 1745 write_cntp_ctl_el0(read_el1_ctx_arch_timer(ctx, cntp_ctl_el0)); 1746 write_cntp_cval_el0(read_el1_ctx_arch_timer(ctx, cntp_cval_el0)); 1747 write_cntv_ctl_el0(read_el1_ctx_arch_timer(ctx, cntv_ctl_el0)); 1748 write_cntv_cval_el0(read_el1_ctx_arch_timer(ctx, cntv_cval_el0)); 1749 write_cntkctl_el1(read_el1_ctx_arch_timer(ctx, cntkctl_el1)); 1750 } 1751 1752 if (is_feat_mte2_supported()) { 1753 write_tfsre0_el1(read_el1_ctx_mte2(ctx, tfsre0_el1)); 1754 write_tfsr_el1(read_el1_ctx_mte2(ctx, tfsr_el1)); 1755 write_rgsr_el1(read_el1_ctx_mte2(ctx, rgsr_el1)); 1756 write_gcr_el1(read_el1_ctx_mte2(ctx, gcr_el1)); 1757 } 1758 1759 if (is_feat_ras_supported()) { 1760 write_disr_el1(read_el1_ctx_ras(ctx, disr_el1)); 1761 } 1762 1763 if (is_feat_s1pie_supported()) { 1764 write_pire0_el1(read_el1_ctx_s1pie(ctx, pire0_el1)); 1765 write_pir_el1(read_el1_ctx_s1pie(ctx, pir_el1)); 1766 } 1767 1768 if (is_feat_s1poe_supported()) { 1769 write_por_el1(read_el1_ctx_s1poe(ctx, por_el1)); 1770 } 1771 1772 if (is_feat_s2poe_supported()) { 1773 write_s2por_el1(read_el1_ctx_s2poe(ctx, s2por_el1)); 1774 } 1775 1776 if (is_feat_tcr2_supported()) { 1777 write_tcr2_el1(read_el1_ctx_tcr2(ctx, tcr2_el1)); 1778 } 1779 1780 if (is_feat_trf_supported()) { 1781 write_trfcr_el1(read_el1_ctx_trf(ctx, trfcr_el1)); 1782 } 1783 1784 if (is_feat_csv2_2_supported()) { 1785 write_scxtnum_el0(read_el1_ctx_csv2_2(ctx, scxtnum_el0)); 1786 write_scxtnum_el1(read_el1_ctx_csv2_2(ctx, scxtnum_el1)); 1787 } 1788 1789 if (is_feat_gcs_supported()) { 1790 write_gcscr_el1(read_el1_ctx_gcs(ctx, gcscr_el1)); 1791 write_gcscre0_el1(read_el1_ctx_gcs(ctx, gcscre0_el1)); 1792 write_gcspr_el1(read_el1_ctx_gcs(ctx, gcspr_el1)); 1793 write_gcspr_el0(read_el1_ctx_gcs(ctx, gcspr_el0)); 1794 } 1795 } 1796 1797 /******************************************************************************* 1798 * The next four functions are used by runtime services to save and restore 1799 * EL1 context on the 'cpu_context' structure for the specified security 1800 * state. 1801 ******************************************************************************/ 1802 void cm_el1_sysregs_context_save(uint32_t security_state) 1803 { 1804 cpu_context_t *ctx; 1805 1806 ctx = cm_get_context(security_state); 1807 assert(ctx != NULL); 1808 1809 el1_sysregs_context_save(get_el1_sysregs_ctx(ctx)); 1810 1811 #if IMAGE_BL31 1812 if (security_state == SECURE) 1813 PUBLISH_EVENT(cm_exited_secure_world); 1814 else 1815 PUBLISH_EVENT(cm_exited_normal_world); 1816 #endif 1817 } 1818 1819 void cm_el1_sysregs_context_restore(uint32_t security_state) 1820 { 1821 cpu_context_t *ctx; 1822 1823 ctx = cm_get_context(security_state); 1824 assert(ctx != NULL); 1825 1826 el1_sysregs_context_restore(get_el1_sysregs_ctx(ctx)); 1827 1828 #if IMAGE_BL31 1829 if (security_state == SECURE) 1830 PUBLISH_EVENT(cm_entering_secure_world); 1831 else 1832 PUBLISH_EVENT(cm_entering_normal_world); 1833 #endif 1834 } 1835 1836 /******************************************************************************* 1837 * This function populates ELR_EL3 member of 'cpu_context' pertaining to the 1838 * given security state with the given entrypoint 1839 ******************************************************************************/ 1840 void cm_set_elr_el3(uint32_t security_state, uintptr_t entrypoint) 1841 { 1842 cpu_context_t *ctx; 1843 el3_state_t *state; 1844 1845 ctx = cm_get_context(security_state); 1846 assert(ctx != NULL); 1847 1848 /* Populate EL3 state so that ERET jumps to the correct entry */ 1849 state = get_el3state_ctx(ctx); 1850 write_ctx_reg(state, CTX_ELR_EL3, entrypoint); 1851 } 1852 1853 /******************************************************************************* 1854 * This function populates ELR_EL3 and SPSR_EL3 members of 'cpu_context' 1855 * pertaining to the given security state 1856 ******************************************************************************/ 1857 void cm_set_elr_spsr_el3(uint32_t security_state, 1858 uintptr_t entrypoint, uint32_t spsr) 1859 { 1860 cpu_context_t *ctx; 1861 el3_state_t *state; 1862 1863 ctx = cm_get_context(security_state); 1864 assert(ctx != NULL); 1865 1866 /* Populate EL3 state so that ERET jumps to the correct entry */ 1867 state = get_el3state_ctx(ctx); 1868 write_ctx_reg(state, CTX_ELR_EL3, entrypoint); 1869 write_ctx_reg(state, CTX_SPSR_EL3, spsr); 1870 } 1871 1872 /******************************************************************************* 1873 * This function updates a single bit in the SCR_EL3 member of the 'cpu_context' 1874 * pertaining to the given security state using the value and bit position 1875 * specified in the parameters. It preserves all other bits. 1876 ******************************************************************************/ 1877 void cm_write_scr_el3_bit(uint32_t security_state, 1878 uint32_t bit_pos, 1879 uint32_t value) 1880 { 1881 cpu_context_t *ctx; 1882 el3_state_t *state; 1883 u_register_t scr_el3; 1884 1885 ctx = cm_get_context(security_state); 1886 assert(ctx != NULL); 1887 1888 /* Ensure that the bit position is a valid one */ 1889 assert(((1UL << bit_pos) & SCR_VALID_BIT_MASK) != 0U); 1890 1891 /* Ensure that the 'value' is only a bit wide */ 1892 assert(value <= 1U); 1893 1894 /* 1895 * Get the SCR_EL3 value from the cpu context, clear the desired bit 1896 * and set it to its new value. 1897 */ 1898 state = get_el3state_ctx(ctx); 1899 scr_el3 = read_ctx_reg(state, CTX_SCR_EL3); 1900 scr_el3 &= ~(1UL << bit_pos); 1901 scr_el3 |= (u_register_t)value << bit_pos; 1902 write_ctx_reg(state, CTX_SCR_EL3, scr_el3); 1903 } 1904 1905 /******************************************************************************* 1906 * This function retrieves SCR_EL3 member of 'cpu_context' pertaining to the 1907 * given security state. 1908 ******************************************************************************/ 1909 u_register_t cm_get_scr_el3(uint32_t security_state) 1910 { 1911 cpu_context_t *ctx; 1912 el3_state_t *state; 1913 1914 ctx = cm_get_context(security_state); 1915 assert(ctx != NULL); 1916 1917 /* Populate EL3 state so that ERET jumps to the correct entry */ 1918 state = get_el3state_ctx(ctx); 1919 return read_ctx_reg(state, CTX_SCR_EL3); 1920 } 1921 1922 /******************************************************************************* 1923 * This function is used to program the context that's used for exception 1924 * return. This initializes the SP_EL3 to a pointer to a 'cpu_context' set for 1925 * the required security state 1926 ******************************************************************************/ 1927 void cm_set_next_eret_context(uint32_t security_state) 1928 { 1929 cpu_context_t *ctx; 1930 1931 ctx = cm_get_context(security_state); 1932 assert(ctx != NULL); 1933 1934 cm_set_next_context(ctx); 1935 } 1936