Merge "fix(ras): trap "RAS error record" accesses only for NS" into integration
diff --git a/Makefile b/Makefile
index afa417b..6d15e27 100644
--- a/Makefile
+++ b/Makefile
@@ -1051,7 +1051,7 @@
ENCRYPT_BL31 \
ENCRYPT_BL32 \
ERRATA_SPECULATIVE_AT \
- RAS_TRAP_LOWER_EL_ERR_ACCESS \
+ RAS_TRAP_NS_ERR_REC_ACCESS \
COT_DESC_IN_DTB \
USE_SP804_TIMER \
PSA_FWU_SUPPORT \
@@ -1191,7 +1191,7 @@
BL2_INV_DCACHE \
USE_SPINLOCK_CAS \
ERRATA_SPECULATIVE_AT \
- RAS_TRAP_LOWER_EL_ERR_ACCESS \
+ RAS_TRAP_NS_ERR_REC_ACCESS \
COT_DESC_IN_DTB \
USE_SP804_TIMER \
ENABLE_FEAT_RNG \
diff --git a/docs/components/ras.rst b/docs/components/ras.rst
index 02207d8..b435349 100644
--- a/docs/components/ras.rst
+++ b/docs/components/ras.rst
@@ -30,8 +30,8 @@
The build option ``RAS_EXTENSION`` when set to ``1`` includes the RAS in run
time firmware; ``EL3_EXCEPTION_HANDLING`` and ``HANDLE_EA_EL3_FIRST`` must also
-be set ``1``. ``RAS_TRAP_LOWER_EL_ERR_ACCESS`` controls the access to the RAS
-error record registers from lower ELs.
+be set ``1``. ``RAS_TRAP_NS_ERR_REC_ACCESS`` controls the access to the RAS
+error record registers from Non-secure.
.. _ras-figure:
diff --git a/docs/getting_started/build-options.rst b/docs/getting_started/build-options.rst
index cca76c6..5980050 100644
--- a/docs/getting_started/build-options.rst
+++ b/docs/getting_started/build-options.rst
@@ -987,7 +987,7 @@
implement this workaround due to the behaviour of the errata mentioned
in new SDEN document which will get published soon.
-- ``RAS_TRAP_LOWER_EL_ERR_ACCESS``: This flag enables/disables the SCR_EL3.TERR
+- ``RAS_TRAP_NS_ERR_REC_ACCESS``: This flag enables/disables the SCR_EL3.TERR
bit, to trap access to the RAS ERR and RAS ERX registers from lower ELs.
This flag is disabled by default.
diff --git a/lib/el3_runtime/aarch64/context_mgmt.c b/lib/el3_runtime/aarch64/context_mgmt.c
index d88bea7..8213cbe 100644
--- a/lib/el3_runtime/aarch64/context_mgmt.c
+++ b/lib/el3_runtime/aarch64/context_mgmt.c
@@ -206,6 +206,17 @@
/* Allow access to Allocation Tags when MTE is implemented. */
scr_el3 |= SCR_ATA_BIT;
+#if RAS_TRAP_NS_ERR_REC_ACCESS
+ /*
+ * SCR_EL3.TERR: Trap Error record accesses. Accesses to the RAS ERR
+ * and RAS ERX registers from EL1 and EL2(from any security state)
+ * are trapped to EL3.
+ * Set here to trap only for NS EL1/EL2
+ *
+ */
+ scr_el3 |= SCR_TERR_BIT;
+#endif
+
#ifdef IMAGE_BL31
/*
* SCR_EL3.IRQ, SCR_EL3.FIQ: Enable the physical FIQ and IRQ routing as
@@ -306,14 +317,6 @@
scr_el3 |= SCR_TRNDR_BIT;
#endif
-#if RAS_TRAP_LOWER_EL_ERR_ACCESS
- /*
- * SCR_EL3.TERR: Trap Error record accesses. Accesses to the RAS ERR
- * and RAS ERX registers from EL1 and EL2 are trapped to EL3.
- */
- scr_el3 |= SCR_TERR_BIT;
-#endif
-
#if !HANDLE_EA_EL3_FIRST
/*
* SCR_EL3.EA: Do not route External Abort and SError Interrupt External
diff --git a/make_helpers/defaults.mk b/make_helpers/defaults.mk
index 5e73120..65ceb7f 100644
--- a/make_helpers/defaults.mk
+++ b/make_helpers/defaults.mk
@@ -413,8 +413,8 @@
# Select workaround for AT speculative behaviour.
ERRATA_SPECULATIVE_AT := 0
-# Trap RAS error record access from lower EL
-RAS_TRAP_LOWER_EL_ERR_ACCESS := 0
+# Trap RAS error record access from Non secure
+RAS_TRAP_NS_ERR_REC_ACCESS := 0
# Build option to create cot descriptors using fconf
COT_DESC_IN_DTB := 0