Merge "fix(xlat): correct attribute retrieval in a RME enabled system" into integration
diff --git a/include/lib/xlat_tables/xlat_tables_defs.h b/include/lib/xlat_tables/xlat_tables_defs.h
index 2d0949b..5434a9a 100644
--- a/include/lib/xlat_tables/xlat_tables_defs.h
+++ b/include/lib/xlat_tables/xlat_tables_defs.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2021, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2024, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -171,8 +171,10 @@
#define SHAREABILITY_SHIFT 8
/* The Access Flag, AF. */
#define ACCESS_FLAG_SHIFT 10
-/* The not global bit, nG. */
+/* The not global bit, nG */
#define NOT_GLOBAL_SHIFT 11
+/* The Non-secure Extension bit, NSE */
+#define NSE_SHIFT 11
/* Contiguous hint bit. */
#define CONT_HINT_SHIFT 52
/* Execute-never bits, XN. */
diff --git a/lib/xlat_tables_v2/xlat_tables_utils.c b/lib/xlat_tables_v2/xlat_tables_utils.c
index f3a53cc..a3b913c 100644
--- a/lib/xlat_tables_v2/xlat_tables_utils.c
+++ b/lib/xlat_tables_v2/xlat_tables_utils.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2021, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2024, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -13,6 +13,7 @@
#include <platform_def.h>
+#include <arch_features.h>
#include <arch_helpers.h>
#include <common/debug.h>
#include <lib/utils_def.h>
@@ -419,10 +420,59 @@
*attributes |= MT_USER;
}
- uint64_t ns_bit = (desc >> NS_SHIFT) & 1U;
+ uint64_t ns_bit = (desc >> NS_SHIFT) & 1ULL;
- if (ns_bit == 1U)
+#if ENABLE_RME
+ uint64_t nse_bit = (desc >> NSE_SHIFT) & 1ULL;
+ uint32_t sec_state = (uint32_t)(ns_bit | (nse_bit << 1ULL));
+
+/*
+ * =========================================================
+ * NSE NS | Output PA space
+ * =========================================================
+ * 0 0 | Secure (if S-EL2 is present, else invalid)
+ * 0 1 | Non-secure
+ * 1 0 | Root
+ * 1 1 | Realm
+ *==========================================================
+ */
+ switch (sec_state) {
+ case 0U:
+ /*
+ * We expect to get Secure mapping on an RME system only if
+ * S-EL2 is enabled.
+ * Hence panic() if we hit the case without EEL2 being enabled.
+ */
+ if ((read_scr_el3() & SCR_EEL2_BIT) == 0ULL) {
+ ERROR("A secure descriptor is not supported when"
+ "FEAT_RME is implemented and FEAT_SEL2 is"
+ "not enabled\n");
+ panic();
+ } else {
+ *attributes |= MT_SECURE;
+ }
+ break;
+ case 1U:
*attributes |= MT_NS;
+ break;
+ case 2U:
+ *attributes |= MT_ROOT;
+ break;
+ case 3U:
+ *attributes |= MT_REALM;
+ break;
+ default:
+ /* unreachable code */
+ assert(false);
+ break;
+ }
+#else /* !ENABLE_RME */
+ if (ns_bit == 1ULL) {
+ *attributes |= MT_NS;
+ } else {
+ *attributes |= MT_SECURE;
+ }
+#endif /* ENABLE_RME */
uint64_t xn_mask = xlat_arch_regime_get_xn_desc(ctx->xlat_regime);