fix(cpus): avoid SME related loss of context on powerdown
Travis' and Gelas' TRMs tell us to disable SME (set PSTATE.{ZA, SM} to
0) when we're attempting to power down. What they don't tell us is that
if this isn't done, the powerdown request will be rejected. On the
CPU_OFF path that's not a problem - we can force SVCR to 0 and be
certain the core will power off.
On the suspend to powerdown path, however, we cannot do this. The TRM
also tells us that the sequence could also be aborted on eg. GIC
interrupts. If this were to happen when we have overwritten SVCR to 0,
upon a return to the caller they would experience a loss of context. We
know that at least Linux may call into PSCI with SVCR != 0. One option
is to save the entire SME context which would be quite expensive just to
work around. Another option is to downgrade the request to a normal
suspend when SME was left on. This option is better as this is expected
to happen rarely enough to ignore the wasted power and we don't want to
burden the generic (correct) path with needless context management.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: I698fa8490ebf51461f6aa8bba84f9827c5c46ad4
diff --git a/lib/psci/psci_common.c b/lib/psci/psci_common.c
index 4da7a90..4bb23af 100644
--- a/lib/psci/psci_common.c
+++ b/lib/psci/psci_common.c
@@ -1206,6 +1206,18 @@
******************************************************************************/
void __dead2 psci_pwrdown_cpu_end_terminal(void)
{
+#if ERRATA_SME_POWER_DOWN
+ /*
+ * force SME off to not get power down rejected. Getting here is
+ * terminal so we don't care if we lose context because of another
+ * wakeup
+ */
+ if (is_feat_sme_supported()) {
+ write_svcr(0);
+ isb();
+ }
+#endif /* ERRATA_SME_POWER_DOWN */
+
/*
* Execute a wfi which, in most cases, will allow the power controller
* to physically power down this cpu. Under some circumstances that may