1 /* 2 * Copyright (c) 2013-2025, Arm Limited and Contributors. All rights reserved. 3 * 4 * SPDX-License-Identifier: BSD-3-Clause 5 */ 6 7 #include <assert.h> 8 #include <stddef.h> 9 10 #include <arch.h> 11 #include <arch_helpers.h> 12 #include <common/bl_common.h> 13 #include <common/debug.h> 14 #include <context.h> 15 #include <lib/el3_runtime/context_mgmt.h> 16 #include <lib/el3_runtime/cpu_data.h> 17 #include <lib/el3_runtime/pubsub_events.h> 18 #include <lib/pmf/pmf.h> 19 #include <lib/runtime_instr.h> 20 #include <plat/common/platform.h> 21 22 #include "psci_private.h" 23 24 /******************************************************************************* 25 * This function does generic and platform specific operations after a wake-up 26 * from standby/retention states at multiple power levels. 27 ******************************************************************************/ 28 static void psci_cpu_suspend_to_standby_finish(unsigned int end_pwrlvl, 29 psci_power_state_t *state_info) 30 { 31 /* 32 * Plat. management: Allow the platform to do operations 33 * on waking up from retention. 34 */ 35 psci_plat_pm_ops->pwr_domain_suspend_finish(state_info); 36 37 /* This loses its meaning when not suspending, reset so it's correct for OFF */ 38 psci_set_suspend_pwrlvl(PLAT_MAX_PWR_LVL); 39 } 40 41 /******************************************************************************* 42 * This function does generic and platform specific suspend to power down 43 * operations. 44 ******************************************************************************/ 45 static void psci_suspend_to_pwrdown_start(unsigned int end_pwrlvl, 46 unsigned int max_off_lvl, 47 const entry_point_info_t *ep, 48 const psci_power_state_t *state_info) 49 { 50 PUBLISH_EVENT(psci_suspend_pwrdown_start); 51 52 #if PSCI_OS_INIT_MODE 53 #ifdef PLAT_MAX_CPU_SUSPEND_PWR_LVL 54 end_pwrlvl = PLAT_MAX_CPU_SUSPEND_PWR_LVL; 55 #else 56 end_pwrlvl = PLAT_MAX_PWR_LVL; 57 #endif 58 #endif 59 60 /* Save PSCI target power level for the suspend finisher handler */ 61 psci_set_suspend_pwrlvl(end_pwrlvl); 62 63 /* 64 * Flush the target power level as it might be accessed on power up with 65 * Data cache disabled. 66 */ 67 psci_flush_cpu_data(psci_svc_cpu_data.target_pwrlvl); 68 69 /* 70 * Call the cpu suspend handler registered by the Secure Payload 71 * Dispatcher to let it do any book-keeping. If the handler encounters an 72 * error, it's expected to assert within 73 */ 74 if ((psci_spd_pm != NULL) && (psci_spd_pm->svc_suspend != NULL)) 75 psci_spd_pm->svc_suspend(max_off_lvl); 76 77 #if !HW_ASSISTED_COHERENCY 78 /* 79 * Plat. management: Allow the platform to perform any early 80 * actions required to power down the CPU. This might be useful for 81 * HW_ASSISTED_COHERENCY = 0 platforms that can safely perform these 82 * actions with data caches enabled. 83 */ 84 if (psci_plat_pm_ops->pwr_domain_suspend_pwrdown_early != NULL) 85 psci_plat_pm_ops->pwr_domain_suspend_pwrdown_early(state_info); 86 #endif 87 88 /* 89 * Store the re-entry information for the non-secure world. 90 */ 91 cm_init_my_context(ep); 92 93 /* 94 * Arch. management. Initiate power down sequence. 95 */ 96 psci_pwrdown_cpu_start(max_off_lvl); 97 } 98 99 /******************************************************************************* 100 * Top level handler which is called when a cpu wants to suspend its execution. 101 * It is assumed that along with suspending the cpu power domain, power domains 102 * at higher levels until the target power level will be suspended as well. It 103 * coordinates with the platform to negotiate the target state for each of 104 * the power domain level till the target power domain level. It then performs 105 * generic, architectural, platform setup and state management required to 106 * suspend that power domain level and power domain levels below it. 107 * e.g. For a cpu that's to be suspended, it could mean programming the 108 * power controller whereas for a cluster that's to be suspended, it will call 109 * the platform specific code which will disable coherency at the interconnect 110 * level if the cpu is the last in the cluster and also the program the power 111 * controller. 112 * 113 * All the required parameter checks are performed at the beginning and after 114 * the state transition has been done, no further error is expected and it is 115 * not possible to undo any of the actions taken beyond that point. 116 ******************************************************************************/ 117 int psci_cpu_suspend_start(unsigned int idx, 118 const entry_point_info_t *ep, 119 unsigned int end_pwrlvl, 120 psci_power_state_t *state_info, 121 unsigned int is_power_down_state) 122 { 123 int rc = PSCI_E_SUCCESS; 124 unsigned int parent_nodes[PLAT_MAX_PWR_LVL] = {0}; 125 unsigned int max_off_lvl = 0; 126 #if FEAT_PABANDON 127 cpu_context_t *ctx = cm_get_context(NON_SECURE); 128 cpu_context_t old_ctx; 129 #endif 130 131 /* 132 * This function must only be called on platforms where the 133 * CPU_SUSPEND platform hooks have been implemented. 134 */ 135 assert((psci_plat_pm_ops->pwr_domain_suspend != NULL) && 136 (psci_plat_pm_ops->pwr_domain_suspend_finish != NULL)); 137 138 /* Get the parent nodes */ 139 psci_get_parent_pwr_domain_nodes(idx, end_pwrlvl, parent_nodes); 140 141 /* 142 * This function acquires the lock corresponding to each power 143 * level so that by the time all locks are taken, the system topology 144 * is snapshot and state management can be done safely. 145 */ 146 psci_acquire_pwr_domain_locks(end_pwrlvl, parent_nodes); 147 148 /* 149 * We check if there are any pending interrupts after the delay 150 * introduced by lock contention to increase the chances of early 151 * detection that a wake-up interrupt has fired. 152 */ 153 if (read_isr_el1() != 0U) { 154 goto exit; 155 } 156 157 #if PSCI_OS_INIT_MODE 158 if (psci_suspend_mode == OS_INIT) { 159 /* 160 * This function validates the requested state info for 161 * OS-initiated mode. 162 */ 163 rc = psci_validate_state_coordination(idx, end_pwrlvl, state_info); 164 if (rc != PSCI_E_SUCCESS) { 165 goto exit; 166 } 167 } else { 168 #endif 169 /* 170 * This function is passed the requested state info and 171 * it returns the negotiated state info for each power level upto 172 * the end level specified. 173 */ 174 psci_do_state_coordination(idx, end_pwrlvl, state_info); 175 #if PSCI_OS_INIT_MODE 176 } 177 #endif 178 179 #if PSCI_OS_INIT_MODE 180 if (psci_plat_pm_ops->pwr_domain_validate_suspend != NULL) { 181 rc = psci_plat_pm_ops->pwr_domain_validate_suspend(state_info); 182 if (rc != PSCI_E_SUCCESS) { 183 goto exit; 184 } 185 } 186 #endif 187 188 /* Update the target state in the power domain nodes */ 189 psci_set_target_local_pwr_states(idx, end_pwrlvl, state_info); 190 191 #if ENABLE_PSCI_STAT 192 /* Update the last cpu for each level till end_pwrlvl */ 193 psci_stats_update_pwr_down(idx, end_pwrlvl, state_info); 194 #endif 195 196 if (is_power_down_state != 0U) { 197 /* 198 * WHen CTX_INCLUDE_EL2_REGS is usnet, we're probably runnig 199 * with some SPD that assumes the core is going off so it 200 * doesn't bother saving NS's context. Do that here until we 201 * figure out a way to make this coherent. 202 */ 203 #if FEAT_PABANDON 204 #if !CTX_INCLUDE_EL2_REGS 205 cm_el1_sysregs_context_save(NON_SECURE); 206 #endif 207 /* 208 * when the core wakes it expects its context to already be in 209 * place so we must overwrite it before powerdown. But if 210 * powerdown never happens we want the old context. Save it in 211 * case we wake up. EL2/El1 will not be touched by PSCI so don't 212 * copy */ 213 memcpy(&ctx->gpregs_ctx, &old_ctx.gpregs_ctx, sizeof(gp_regs_t)); 214 memcpy(&ctx->el3state_ctx, &old_ctx.el3state_ctx, sizeof(el3_state_t)); 215 #if DYNAMIC_WORKAROUND_CVE_2018_3639 216 memcpy(&ctx->cve_2018_3639_ctx, &old_ctx.cve_2018_3639_ctx, sizeof(cve_2018_3639_t)); 217 #endif 218 #if ERRATA_SPECULATIVE_AT 219 memcpy(&ctx->errata_speculative_at_ctx, &old_ctx.errata_speculative_at_ctx, sizeof(errata_speculative_at_t)); 220 #endif 221 #if CTX_INCLUDE_PAUTH_REGS 222 memcpy(&ctx->pauth_ctx, &old_ctx.pauth_ctx, sizeof(pauth_t)); 223 #endif 224 #endif 225 max_off_lvl = psci_find_max_off_lvl(state_info); 226 psci_suspend_to_pwrdown_start(end_pwrlvl, max_off_lvl, ep, state_info); 227 } 228 229 /* 230 * Plat. management: Allow the platform to perform the 231 * necessary actions to turn off this cpu e.g. set the 232 * platform defined mailbox with the psci entrypoint, 233 * program the power controller etc. 234 */ 235 236 psci_plat_pm_ops->pwr_domain_suspend(state_info); 237 238 #if ENABLE_PSCI_STAT 239 plat_psci_stat_accounting_start(state_info); 240 #endif 241 242 /* 243 * Release the locks corresponding to each power level in the 244 * reverse order to which they were acquired. 245 */ 246 psci_release_pwr_domain_locks(end_pwrlvl, parent_nodes); 247 248 #if ENABLE_RUNTIME_INSTRUMENTATION 249 /* 250 * Update the timestamp with cache off. We assume this 251 * timestamp can only be read from the current CPU and the 252 * timestamp cache line will be flushed before return to 253 * normal world on wakeup. 254 */ 255 PMF_CAPTURE_TIMESTAMP(rt_instr_svc, 256 RT_INSTR_ENTER_HW_LOW_PWR, 257 PMF_NO_CACHE_MAINT); 258 #endif 259 260 if (is_power_down_state != 0U) { 261 if (psci_plat_pm_ops->pwr_domain_pwr_down != NULL) { 262 /* This function may not return */ 263 psci_plat_pm_ops->pwr_domain_pwr_down(state_info); 264 } 265 266 psci_pwrdown_cpu_end_wakeup(max_off_lvl); 267 } else { 268 /* 269 * We will reach here if only retention/standby states have been 270 * requested at multiple power levels. This means that the cpu 271 * context will be preserved. 272 */ 273 wfi(); 274 } 275 276 #if ENABLE_RUNTIME_INSTRUMENTATION 277 PMF_CAPTURE_TIMESTAMP(rt_instr_svc, 278 RT_INSTR_EXIT_HW_LOW_PWR, 279 PMF_NO_CACHE_MAINT); 280 #endif 281 282 psci_acquire_pwr_domain_locks(end_pwrlvl, parent_nodes); 283 /* 284 * Find out which retention states this CPU has exited from until the 285 * 'end_pwrlvl'. The exit retention state could be deeper than the entry 286 * state as a result of state coordination amongst other CPUs post wfi. 287 */ 288 psci_get_target_local_pwr_states(idx, end_pwrlvl, state_info); 289 290 #if ENABLE_PSCI_STAT 291 plat_psci_stat_accounting_stop(state_info); 292 psci_stats_update_pwr_up(idx, end_pwrlvl, state_info); 293 #endif 294 295 /* 296 * Waking up means we've retained all context. Call the finishers to put 297 * the system back to a usable state. 298 */ 299 if (is_power_down_state != 0U) { 300 #if FEAT_PABANDON 301 psci_cpu_suspend_to_powerdown_finish(idx, max_off_lvl, state_info); 302 303 /* we overwrote context ourselves, put it back */ 304 memcpy(&ctx->gpregs_ctx, &old_ctx.gpregs_ctx, sizeof(gp_regs_t)); 305 memcpy(&ctx->el3state_ctx, &old_ctx.el3state_ctx, sizeof(el3_state_t)); 306 #if DYNAMIC_WORKAROUND_CVE_2018_3639 307 memcpy(&ctx->cve_2018_3639_ctx, &old_ctx.cve_2018_3639_ctx, sizeof(cve_2018_3639_t)); 308 #endif 309 #if ERRATA_SPECULATIVE_AT 310 memcpy(&ctx->errata_speculative_at_ctx, &old_ctx.errata_speculative_at_ctx, sizeof(errata_speculative_at_t)); 311 #endif 312 #if CTX_INCLUDE_PAUTH_REGS 313 memcpy(&ctx->pauth_ctx, &old_ctx.pauth_ctx, sizeof(pauth_t)); 314 #endif 315 #if !CTX_INCLUDE_EL2_REGS 316 cm_el1_sysregs_context_restore(NON_SECURE); 317 #endif 318 #endif 319 } else { 320 psci_cpu_suspend_to_standby_finish(end_pwrlvl, state_info); 321 } 322 323 /* 324 * Set the requested and target state of this CPU and all the higher 325 * power domain levels for this CPU to run. 326 */ 327 psci_set_pwr_domains_to_run(idx, end_pwrlvl); 328 329 exit: 330 psci_release_pwr_domain_locks(end_pwrlvl, parent_nodes); 331 332 return rc; 333 } 334 335 /******************************************************************************* 336 * The following functions finish an earlier suspend request. They 337 * are called by the common finisher routine in psci_common.c. The `state_info` 338 * is the psci_power_state from which this CPU has woken up from. 339 ******************************************************************************/ 340 void psci_cpu_suspend_to_powerdown_finish(unsigned int cpu_idx, unsigned int max_off_lvl, const psci_power_state_t *state_info) 341 { 342 unsigned int counter_freq; 343 344 /* Ensure we have been woken up from a suspended state */ 345 assert((psci_get_aff_info_state() == AFF_STATE_ON) && 346 (is_local_state_off( 347 state_info->pwr_domain_state[PSCI_CPU_PWR_LVL]) != 0)); 348 349 /* 350 * Plat. management: Perform the platform specific actions 351 * before we change the state of the cpu e.g. enabling the 352 * gic or zeroing the mailbox register. If anything goes 353 * wrong then assert as there is no way to recover from this 354 * situation. 355 */ 356 psci_plat_pm_ops->pwr_domain_suspend_finish(state_info); 357 358 #if !(HW_ASSISTED_COHERENCY || WARMBOOT_ENABLE_DCACHE_EARLY) 359 /* Arch. management: Enable the data cache, stack memory maintenance. */ 360 psci_do_pwrup_cache_maintenance(); 361 #endif 362 363 /* Re-init the cntfrq_el0 register */ 364 counter_freq = plat_get_syscnt_freq2(); 365 write_cntfrq_el0(counter_freq); 366 367 #if ENABLE_PAUTH 368 /* Store APIAKey_EL1 key */ 369 set_cpu_data(apiakey[0], read_apiakeylo_el1()); 370 set_cpu_data(apiakey[1], read_apiakeyhi_el1()); 371 #endif /* ENABLE_PAUTH */ 372 373 /* 374 * Call the cpu suspend finish handler registered by the Secure Payload 375 * Dispatcher to let it do any bookeeping. If the handler encounters an 376 * error, it's expected to assert within 377 */ 378 if ((psci_spd_pm != NULL) && (psci_spd_pm->svc_suspend_finish != NULL)) { 379 psci_spd_pm->svc_suspend_finish(max_off_lvl); 380 } 381 382 /* This loses its meaning when not suspending, reset so it's correct for OFF */ 383 psci_set_suspend_pwrlvl(PLAT_MAX_PWR_LVL); 384 385 PUBLISH_EVENT(psci_suspend_pwrdown_finish); 386 } 387