1 /* 2 * Copyright (c) 2022-2025, Arm Limited and Contributors. All rights reserved. 3 * 4 * SPDX-License-Identifier: BSD-3-Clause 5 */ 6 7 #include <assert.h> 8 #include <errno.h> 9 10 #include <lib/el3_runtime/context_mgmt.h> 11 #include <lib/spinlock.h> 12 #include <plat/common/common_def.h> 13 #include <plat/common/platform.h> 14 #include <services/ffa_svc.h> 15 #include "spmc.h" 16 17 #include <platform_def.h> 18 19 /******************************************************************************* 20 * spmc_build_pm_message 21 * 22 * Builds an SPMC to SP direct message request. 23 ******************************************************************************/ 24 static void spmc_build_pm_message(gp_regs_t *gpregs, 25 unsigned long long message, 26 uint8_t pm_msg_type, 27 uint16_t sp_id) 28 { 29 write_ctx_reg(gpregs, CTX_GPREG_X0, FFA_MSG_SEND_DIRECT_REQ_SMC32); 30 write_ctx_reg(gpregs, CTX_GPREG_X1, 31 (FFA_SPMC_ID << FFA_DIRECT_MSG_SOURCE_SHIFT) | 32 sp_id); 33 write_ctx_reg(gpregs, CTX_GPREG_X2, FFA_FWK_MSG_BIT | 34 (pm_msg_type & FFA_FWK_MSG_MASK)); 35 write_ctx_reg(gpregs, CTX_GPREG_X3, message); 36 } 37 38 /******************************************************************************* 39 * This CPU has been turned on. Enter the SP to initialise S-EL0 or S-EL1. 40 ******************************************************************************/ 41 static void spmc_cpu_on_finish_handler(u_register_t unused) 42 { 43 struct secure_partition_desc *sp = spmc_get_current_sp_ctx(); 44 struct sp_exec_ctx *ec; 45 unsigned int linear_id = plat_my_core_pos(); 46 entry_point_info_t sec_ec_ep_info = {0}; 47 uint64_t rc; 48 49 /* Sanity check for a NULL pointer dereference. */ 50 assert(sp != NULL); 51 52 /* Obtain a reference to the SP execution context */ 53 ec = &sp->ec[get_ec_index(sp)]; 54 55 /* 56 * In case of a S-EL0 SP, only initialise the context data structure for 57 * the secure world on this cpu and return. 58 */ 59 if (sp->runtime_el == S_EL0) { 60 /* Assign the context of the SP to this CPU */ 61 cm_set_context(&(ec->cpu_ctx), SECURE); 62 return; 63 } 64 65 /* Initialize entry point information for the SP. */ 66 SET_PARAM_HEAD(&sec_ec_ep_info, PARAM_EP, VERSION_1, 67 SECURE | EP_ST_ENABLE); 68 69 /* 70 * Check if the primary execution context registered an entry point else 71 * bail out early. 72 * TODO: Add support for boot reason in manifest to allow jumping to 73 * entrypoint into the primary execution context. 74 */ 75 if (sp->secondary_ep == 0) { 76 WARN("%s: No secondary ep on core%u\n", __func__, linear_id); 77 return; 78 } 79 80 sec_ec_ep_info.pc = sp->secondary_ep; 81 82 /* 83 * Setup and initialise the SP execution context on this physical cpu. 84 */ 85 spmc_el1_sp_setup(sp, &sec_ec_ep_info); 86 spmc_sp_common_ep_commit(sp, &sec_ec_ep_info); 87 88 /* Obtain a reference to the SP execution context. */ 89 ec = spmc_get_sp_ec(sp); 90 91 /* 92 * TODO: Should we do some PM related state tracking of the SP execution 93 * context here? 94 */ 95 96 /* Update the runtime model and state of the partition. */ 97 ec->rt_model = RT_MODEL_INIT; 98 ec->rt_state = RT_STATE_RUNNING; 99 ec->dir_req_origin_id = INV_SP_ID; 100 101 INFO("SP (0x%x) init start on core%u.\n", sp->sp_id, linear_id); 102 103 rc = spmc_sp_synchronous_entry(ec); 104 if (rc != 0ULL) { 105 ERROR("%s failed (%lu) on CPU%u\n", __func__, rc, linear_id); 106 } 107 108 /* Update the runtime state of the partition. */ 109 ec->rt_state = RT_STATE_WAITING; 110 111 VERBOSE("CPU %u on!\n", linear_id); 112 } 113 /******************************************************************************* 114 * Helper function to send a FF-A power management message to an SP. 115 ******************************************************************************/ 116 static int32_t spmc_send_pm_msg(uint8_t pm_msg_type, 117 unsigned long long psci_event) 118 { 119 struct secure_partition_desc *sp = spmc_get_current_sp_ctx(); 120 struct sp_exec_ctx *ec; 121 gp_regs_t *gpregs_ctx; 122 unsigned int linear_id = plat_my_core_pos(); 123 u_register_t resp; 124 uint64_t rc; 125 126 /* Obtain a reference to the SP execution context. */ 127 ec = spmc_get_sp_ec(sp); 128 129 /* 130 * TODO: Should we do some PM related state tracking of the SP execution 131 * context here? 132 */ 133 134 /* 135 * Build an SPMC to SP direct message request. 136 * Note that x4-x6 should be populated with the original PSCI arguments. 137 */ 138 spmc_build_pm_message(get_gpregs_ctx(&ec->cpu_ctx), 139 psci_event, 140 pm_msg_type, 141 sp->sp_id); 142 143 /* Sanity check partition state. */ 144 assert(ec->rt_state == RT_STATE_WAITING); 145 146 /* Update the runtime model and state of the partition. */ 147 ec->rt_model = RT_MODEL_DIR_REQ; 148 ec->rt_state = RT_STATE_RUNNING; 149 ec->dir_req_origin_id = FFA_SPMC_ID; 150 /* Expect a direct message response from the SP. */ 151 ec->dir_req_funcid = FFA_FNUM_MSG_SEND_DIRECT_REQ; 152 153 rc = spmc_sp_synchronous_entry(ec); 154 if (rc != 0ULL) { 155 ERROR("%s failed (%lu) on CPU%u.\n", __func__, rc, linear_id); 156 assert(false); 157 return -EINVAL; 158 } 159 160 /* 161 * Validate we receive an expected response from the SP. 162 * TODO: We don't currently support aborting an SP in the scenario 163 * where it is misbehaving so assert these conditions are not 164 * met for now. 165 */ 166 gpregs_ctx = get_gpregs_ctx(&ec->cpu_ctx); 167 168 /* Expect a direct message response from the SP. */ 169 resp = read_ctx_reg(gpregs_ctx, CTX_GPREG_X0); 170 if (resp != FFA_MSG_SEND_DIRECT_RESP_SMC32) { 171 ERROR("%s invalid SP response (%lx).\n", __func__, resp); 172 assert(false); 173 return -EINVAL; 174 } 175 176 /* Ensure the sender and receiver are populated correctly. */ 177 resp = read_ctx_reg(gpregs_ctx, CTX_GPREG_X1); 178 if (!(ffa_endpoint_source(resp) == sp->sp_id && 179 ffa_endpoint_destination(resp) == FFA_SPMC_ID)) { 180 ERROR("%s invalid src/dst response (%lx).\n", __func__, resp); 181 assert(false); 182 return -EINVAL; 183 } 184 185 /* Expect a PM message response from the SP. */ 186 resp = read_ctx_reg(gpregs_ctx, CTX_GPREG_X2); 187 if ((resp & FFA_FWK_MSG_BIT) == 0U || 188 ((resp & FFA_FWK_MSG_MASK) != FFA_PM_MSG_PM_RESP)) { 189 ERROR("%s invalid PM response (%lx).\n", __func__, resp); 190 assert(false); 191 return -EINVAL; 192 } 193 194 /* Update the runtime state of the partition. */ 195 ec->rt_state = RT_STATE_WAITING; 196 197 /* Return the status code returned by the SP */ 198 return read_ctx_reg(gpregs_ctx, CTX_GPREG_X3); 199 } 200 201 /******************************************************************************* 202 * spmc_cpu_suspend_finish_handler 203 ******************************************************************************/ 204 static void spmc_cpu_suspend_finish_handler(u_register_t unused, bool abandon) 205 { 206 struct secure_partition_desc *sp = spmc_get_current_sp_ctx(); 207 unsigned int linear_id = plat_my_core_pos(); 208 int32_t rc; 209 210 /* Sanity check for a NULL pointer dereference. */ 211 assert(sp != NULL); 212 213 /* EL3 SPMC is not expected to be used on platforms with pabandon */ 214 assert(!abandon); 215 216 /* 217 * Check if the SP has subscribed for this power management message. 218 * If not then we don't have anything else to do here. 219 */ 220 if ((sp->pwr_mgmt_msgs & FFA_PM_MSG_SUB_CPU_SUSPEND_RESUME) == 0U) { 221 goto exit; 222 } 223 224 rc = spmc_send_pm_msg(FFA_PM_MSG_WB_REQ, FFA_WB_TYPE_NOTS2RAM); 225 if (rc < 0) { 226 ERROR("%s failed (%d) on CPU%u\n", __func__, rc, linear_id); 227 return; 228 } 229 230 exit: 231 VERBOSE("CPU %u resumed!\n", linear_id); 232 } 233 234 /******************************************************************************* 235 * spmc_cpu_suspend_handler 236 ******************************************************************************/ 237 static void spmc_cpu_suspend_handler(u_register_t unused) 238 { 239 struct secure_partition_desc *sp = spmc_get_current_sp_ctx(); 240 unsigned int linear_id = plat_my_core_pos(); 241 int32_t rc; 242 243 /* Sanity check for a NULL pointer dereference. */ 244 assert(sp != NULL); 245 246 /* 247 * Check if the SP has subscribed for this power management message. 248 * If not then we don't have anything else to do here. 249 */ 250 if ((sp->pwr_mgmt_msgs & FFA_PM_MSG_SUB_CPU_SUSPEND) == 0U) { 251 goto exit; 252 } 253 254 rc = spmc_send_pm_msg(FFA_FWK_MSG_PSCI, PSCI_CPU_SUSPEND_AARCH64); 255 if (rc < 0) { 256 ERROR("%s failed (%d) on CPU%u\n", __func__, rc, linear_id); 257 return; 258 } 259 exit: 260 VERBOSE("CPU %u suspend!\n", linear_id); 261 } 262 263 /******************************************************************************* 264 * spmc_cpu_off_handler 265 ******************************************************************************/ 266 static int32_t spmc_cpu_off_handler(u_register_t unused) 267 { 268 struct secure_partition_desc *sp = spmc_get_current_sp_ctx(); 269 unsigned int linear_id = plat_my_core_pos(); 270 int32_t ret = 0; 271 272 /* Sanity check for a NULL pointer dereference. */ 273 assert(sp != NULL); 274 275 /* 276 * Check if the SP has subscribed for this power management message. 277 * If not then we don't have anything else to do here. 278 */ 279 if ((sp->pwr_mgmt_msgs & FFA_PM_MSG_SUB_CPU_OFF) == 0U) { 280 goto exit; 281 } 282 283 ret = spmc_send_pm_msg(FFA_FWK_MSG_PSCI, PSCI_CPU_OFF); 284 if (ret < 0) { 285 ERROR("%s failed (%d) on CPU%u\n", __func__, ret, linear_id); 286 return ret; 287 } 288 289 exit: 290 VERBOSE("CPU %u off!\n", linear_id); 291 return ret; 292 } 293 294 /******************************************************************************* 295 * Structure populated by the SPM Core to perform any bookkeeping before 296 * PSCI executes a power mgmt. operation. 297 ******************************************************************************/ 298 const spd_pm_ops_t spmc_pm = { 299 .svc_on_finish = spmc_cpu_on_finish_handler, 300 .svc_off = spmc_cpu_off_handler, 301 .svc_suspend = spmc_cpu_suspend_handler, 302 .svc_suspend_finish = spmc_cpu_suspend_finish_handler 303 }; 304