Prevent RAS register access from lower ELs This patch adds a build config 'RAS_TRAP_LOWER_EL_ERR_ACCESS' to set SCR_EL3.TERR during CPU boot. This bit enables trapping RAS register accesses from EL1 or EL2 to EL3. RAS_TRAP_LOWER_EL_ERR_ACCESS is disabled by default. Signed-off-by: Varun Wadekar <vwadekar@nvidia.com> Change-Id: Ifb0fb0afedea7dd2a29a0b0491a1161ecd241438

commit: 92234858087f859ab8b761f17888f60aabfd68fc [log] [tgz]
author: Varun Wadekar <vwadekar@nvidia.com> Fri Jun 12 10:11:28 2020 -0700
committer: Varun Wadekar <vwadekar@nvidia.com> Fri Jun 12 10:20:11 2020 -0700
tree: 67431f3739b10391c78b582f53c371f3ef41d1c8
parent: 6718842ed3ee6849493fa87dbf66f38af015816b [diff] [blame]
diff --git a/lib/el3_runtime/aarch64/context_mgmt.c b/lib/el3_runtime/aarch64/context_mgmt.c
index 53b4ea3..f4a34bf 100644
--- a/lib/el3_runtime/aarch64/context_mgmt.c
+++ b/lib/el3_runtime/aarch64/context_mgmt.c

@@ -108,6 +108,14 @@
 	if (EP_GET_ST(ep->h.attr) != 0U)
 		scr_el3 |= SCR_ST_BIT;
 
+#if RAS_TRAP_LOWER_EL_ERR_ACCESS
+	/*
+	 * SCR_EL3.TERR: Trap Error record accesses. Accesses to the RAS ERR
+	 * and RAS ERX registers from EL1 and EL2 are trapped to EL3.
+	 */
+	scr_el3 |= SCR_TERR_BIT;
+#endif
+
 #if !HANDLE_EA_EL3_FIRST
 	/*
 	 * SCR_EL3.EA: Do not route External Abort and SError Interrupt External
commit	92234858087f859ab8b761f17888f60aabfd68fc	[log] [tgz]
author	Varun Wadekar <vwadekar@nvidia.com>	Fri Jun 12 10:11:28 2020 -0700
committer	Varun Wadekar <vwadekar@nvidia.com>	Fri Jun 12 10:20:11 2020 -0700
tree	67431f3739b10391c78b582f53c371f3ef41d1c8
parent	6718842ed3ee6849493fa87dbf66f38af015816b [diff] [blame]