feat(context-mgmt): introduce EL3/root context
* This patch adds root context procedure to restore/configure
the registers, which are of importance during EL3 execution.
* EL3/Root context is a simple restore operation that overwrites
the following bits: (MDCR_EL3.SDD, SCR_EL3.{EA, SIF}, PMCR_EL0.DP
PSTATE.DIT) while the execution is in EL3.
* It ensures EL3 world maintains its own settings distinct
from other worlds (NS/Realm/SWd). With this in place, the EL3
system register settings is no longer influenced by settings of
incoming worlds. This allows the EL3/Root world to access features
for its own execution at EL3 (eg: Pauth).
* It should be invoked at cold and warm boot entry paths and also
at all the possible exception handlers routing to EL3 at runtime.
Cold and warm boot paths are handled by including setup_el3_context
function in "el3_entrypoint_common" macro, which gets invoked in
both the entry paths.
* At runtime, el3_context is setup at the stage, while we get prepared
to enter into EL3 via "prepare_el3_entry" routine.
Change-Id: I5c090978c54a53bc1c119d1bc5fa77cd8813cdc2
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
diff --git a/bl31/aarch64/runtime_exceptions.S b/bl31/aarch64/runtime_exceptions.S
index e47b082..7423805 100644
--- a/bl31/aarch64/runtime_exceptions.S
+++ b/bl31/aarch64/runtime_exceptions.S
@@ -229,7 +229,6 @@
save_x30
apply_at_speculative_wa
sync_and_handle_pending_serror
- unmask_async_ea
handle_sync_exception
end_vector_entry sync_exception_aarch64
@@ -237,7 +236,6 @@
save_x30
apply_at_speculative_wa
sync_and_handle_pending_serror
- unmask_async_ea
b handle_interrupt_exception
end_vector_entry irq_aarch64
@@ -245,7 +243,6 @@
save_x30
apply_at_speculative_wa
sync_and_handle_pending_serror
- unmask_async_ea
b handle_interrupt_exception
end_vector_entry fiq_aarch64
@@ -258,7 +255,6 @@
save_x30
apply_at_speculative_wa
sync_and_handle_pending_serror
- unmask_async_ea
b handle_lower_el_async_ea
#else
b report_unhandled_exception
@@ -279,7 +275,6 @@
save_x30
apply_at_speculative_wa
sync_and_handle_pending_serror
- unmask_async_ea
handle_sync_exception
end_vector_entry sync_exception_aarch32
@@ -287,7 +282,6 @@
save_x30
apply_at_speculative_wa
sync_and_handle_pending_serror
- unmask_async_ea
b handle_interrupt_exception
end_vector_entry irq_aarch32
@@ -295,7 +289,6 @@
save_x30
apply_at_speculative_wa
sync_and_handle_pending_serror
- unmask_async_ea
b handle_interrupt_exception
end_vector_entry fiq_aarch32
@@ -308,7 +301,6 @@
save_x30
apply_at_speculative_wa
sync_and_handle_pending_serror
- unmask_async_ea
b handle_lower_el_async_ea
#else
b report_unhandled_exception
diff --git a/include/arch/aarch64/el3_common_macros.S b/include/arch/aarch64/el3_common_macros.S
index 60c5a0c..1666e3b 100644
--- a/include/arch/aarch64/el3_common_macros.S
+++ b/include/arch/aarch64/el3_common_macros.S
@@ -59,24 +59,18 @@
* zero here but are updated ahead of transitioning to a lower EL in the
* function cm_init_context_common().
*
- * SCR_EL3.SIF: Set to one to disable instruction fetches from
- * Non-secure memory.
- *
- * SCR_EL3.EA: Set to one to route External Aborts and SError Interrupts
- * to EL3 when executing at any EL.
- *
* SCR_EL3.EEL2: Set to one if S-EL2 is present and enabled.
*
* NOTE: Modifying EEL2 bit along with EA bit ensures that we mitigate
* against ERRATA_V2_3099206.
* ---------------------------------------------------------------------
*/
- mov_imm x0, (SCR_RESET_VAL | SCR_EA_BIT | SCR_SIF_BIT)
+ mov_imm x0, SCR_RESET_VAL
#if IMAGE_BL31 && defined(SPD_spmd) && SPMD_SPM_AT_SEL2
- mrs x1, id_aa64pfr0_el1
- and x1, x1, #(ID_AA64PFR0_SEL2_MASK << ID_AA64PFR0_SEL2_SHIFT)
- cbz x1, 1f
- orr x0, x0, #SCR_EEL2_BIT
+ mrs x1, id_aa64pfr0_el1
+ and x1, x1, #(ID_AA64PFR0_SEL2_MASK << ID_AA64PFR0_SEL2_SHIFT)
+ cbz x1, 1f
+ orr x0, x0, #SCR_EEL2_BIT
#endif
1:
msr scr_el3, x0
@@ -84,22 +78,11 @@
/* ---------------------------------------------------------------------
* Initialise MDCR_EL3, setting all fields rather than relying on hw.
* Some fields are architecturally UNKNOWN on reset.
- *
- * MDCR_EL3.SDD: Set to one to disable AArch64 Secure self-hosted debug.
- * Debug exceptions, other than Breakpoint Instruction exceptions, are
- * disabled from all ELs in Secure state.
*/
- mov_imm x0, (MDCR_EL3_RESET_VAL | MDCR_SDD_BIT)
+ mov_imm x0, MDCR_EL3_RESET_VAL
msr mdcr_el3, x0
/* ---------------------------------------------------------------------
- * Enable External Aborts and SError Interrupts now that the exception
- * vectors have been setup.
- * ---------------------------------------------------------------------
- */
- msr daifclr, #DAIF_ABT_BIT
-
- /* ---------------------------------------------------------------------
* Initialise CPTR_EL3, setting all fields rather than relying on hw.
* All fields are architecturally UNKNOWN on reset.
* ---------------------------------------------------------------------
@@ -107,28 +90,6 @@
mov_imm x0, CPTR_EL3_RESET_VAL
msr cptr_el3, x0
- /*
- * If Data Independent Timing (DIT) functionality is implemented,
- * always enable DIT in EL3.
- * First assert that the FEAT_DIT build flag matches the feature id
- * register value for DIT.
- */
-#if ENABLE_FEAT_DIT
-#if ENABLE_ASSERTIONS || ENABLE_FEAT_DIT > 1
- mrs x0, id_aa64pfr0_el1
- ubfx x0, x0, #ID_AA64PFR0_DIT_SHIFT, #ID_AA64PFR0_DIT_LENGTH
-#if ENABLE_FEAT_DIT > 1
- cbz x0, 1f
-#else
- cmp x0, #DIT_IMPLEMENTED
- ASM_ASSERT(eq)
-#endif
-
-#endif /* ENABLE_ASSERTIONS */
- mov x0, #DIT_BIT
- msr DIT, x0
-1:
-#endif
.endm
/* -----------------------------------------------------------------------------
@@ -270,6 +231,12 @@
el3_arch_init_common
+ /* ---------------------------------------------------------------------
+ * Set the el3 execution context(i.e. root_context).
+ * ---------------------------------------------------------------------
+ */
+ setup_el3_execution_context
+
.if \_secondary_cold_boot
/* -------------------------------------------------------------
* Check if this is a primary or secondary CPU cold boot.
@@ -460,4 +427,68 @@
end:
.endm
+/*-----------------------------------------------------------------------------
+ * Helper macro to configure EL3 registers we care about, while executing
+ * at EL3/Root world. Root world has its own execution environment and
+ * needs to have its settings configured to be independent of other worlds.
+ * -----------------------------------------------------------------------------
+ */
+ .macro setup_el3_execution_context
+
+ /* ---------------------------------------------------------------------
+ * The following registers need to be part of separate root context
+ * as their values are of importance during EL3 execution.
+ * Hence these registers are overwritten to their intital values,
+ * irrespective of whichever world they return from to ensure EL3 has a
+ * consistent execution context throughout the lifetime of TF-A.
+ *
+ * DAIF.A: Enable External Aborts and SError Interrupts at EL3.
+ *
+ * MDCR_EL3.SDD: Set to one to disable AArch64 Secure self-hosted debug.
+ * Debug exceptions, other than Breakpoint Instruction exceptions, are
+ * disabled from all ELs in Secure state.
+ *
+ * SCR_EL3.EA: Set to one to enable SError interrupts at EL3.
+ *
+ * SCR_EL3.SIF: Set to one to disable instruction fetches from
+ * Non-secure memory.
+ *
+ * PMCR_EL0.DP: Set to one so that the cycle counter,
+ * PMCCNTR_EL0 does not count when event counting is prohibited.
+ * Necessary on PMUv3 <= p7 where MDCR_EL3.{SCCD,MCCD} are not
+ * available.
+ *
+ * PSTATE.DIT: Set to one to enable the Data Independent Timing (DIT)
+ * functionality, if implemented in EL3.
+ * ---------------------------------------------------------------------
+ */
+ msr daifclr, #DAIF_ABT_BIT
+
+ mrs x15, mdcr_el3
+ orr x15, x15, #MDCR_SDD_BIT
+ msr mdcr_el3, x15
+
+ mrs x15, scr_el3
+ orr x15, x15, #SCR_EA_BIT
+ orr x15, x15, #SCR_SIF_BIT
+ msr scr_el3, x15
+
+ mrs x15, pmcr_el0
+ orr x15, x15, #PMCR_EL0_DP_BIT
+ msr pmcr_el0, x15
+
+#if ENABLE_FEAT_DIT
+#if ENABLE_FEAT_DIT > 1
+ mrs x15, id_aa64pfr0_el1
+ ubfx x15, x15, #ID_AA64PFR0_DIT_SHIFT, #ID_AA64PFR0_DIT_LENGTH
+ cbz x15, 1f
+#endif
+ mov x15, #DIT_BIT
+ msr DIT, x15
+ 1:
+#endif
+
+ isb
+ .endm
+
#endif /* EL3_COMMON_MACROS_S */
diff --git a/lib/el3_runtime/aarch64/context.S b/lib/el3_runtime/aarch64/context.S
index ab9d4b6..a353a87 100644
--- a/lib/el3_runtime/aarch64/context.S
+++ b/lib/el3_runtime/aarch64/context.S
@@ -400,9 +400,6 @@
/* PMUv3 is presumed to be always present */
mrs x9, pmcr_el0
str x9, [sp, #CTX_EL3STATE_OFFSET + CTX_PMCR_EL0]
- /* Disable cycle counter when event counting is prohibited */
- orr x9, x9, #PMCR_EL0_DP_BIT
- msr pmcr_el0, x9
isb
#if CTX_INCLUDE_PAUTH_REGS
/* ----------------------------------------------------------
@@ -444,12 +441,7 @@
*/
func prepare_el3_entry
save_gp_pmcr_pauth_regs
- enable_serror_at_el3
- /*
- * Set the PSTATE bits not described in the Aarch64.TakeException
- * pseudocode to their default values.
- */
- set_unset_pstate_bits
+ setup_el3_execution_context
ret
endfunc prepare_el3_entry