Djam/arm-trusted-firmware
1
0
Fork 0
mirror of https://github.com/ARM-software/arm-trusted-firmware.git synced 2025-04-18 02:24:18 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge "refactor(cpufeat): refactor arch feature build options" into integration

Browse source
This commit is contained in:
Mark Dykes 2023-09-18 16:29:12 +02:00 committed by TrustedFirmware Code Review
commit 57b557d038
4 changed files with 411 additions and 275 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

213
Makefile
View file

@ -150,69 +150,6 @@ PYTHON ?= python3
# Variables for use with documentation build using Sphinx tool # Variables for use with documentation build using Sphinx tool
DOCS_PATH ?= docs DOCS_PATH ?= docs
################################################################################
# Process BRANCH_PROTECTION value and set
# Pointer Authentication and Branch Target Identification flags
################################################################################
ifeq (${BRANCH_PROTECTION},0)
# Default value turns off all types of branch protection
BP_OPTION := none
else ifneq (${ARCH},aarch64)
$(error BRANCH_PROTECTION requires AArch64)
else ifeq (${BRANCH_PROTECTION},1)
# Enables all types of branch protection features
BP_OPTION := standard
ENABLE_BTI := 1
ENABLE_PAUTH := 1
else ifeq (${BRANCH_PROTECTION},2)
# Return address signing to its standard level
BP_OPTION := pac-ret
ENABLE_PAUTH := 1
else ifeq (${BRANCH_PROTECTION},3)
# Extend the signing to include leaf functions
BP_OPTION := pac-ret+leaf
ENABLE_PAUTH := 1
else ifeq (${BRANCH_PROTECTION},4)
# Turn on branch target identification mechanism
BP_OPTION := bti
ENABLE_BTI := 1
else
$(error Unknown BRANCH_PROTECTION value ${BRANCH_PROTECTION})
endif #(BRANCH_PROTECTION)
################################################################################
# RME dependent flags configuration
################################################################################
# FEAT_RME
ifeq (${ENABLE_RME},1)
# RME doesn't support PIE
ifneq (${ENABLE_PIE},0)
$(error ENABLE_RME does not support PIE)
endif
# RME doesn't support BRBE
ifneq (${ENABLE_BRBE_FOR_NS},0)
$(error ENABLE_RME does not support BRBE.)
endif
# RME requires AARCH64
ifneq (${ARCH},aarch64)
$(error ENABLE_RME requires AArch64)
endif
# RME requires el2 context to be saved for now.
CTX_INCLUDE_EL2_REGS := 1
CTX_INCLUDE_AARCH32_REGS := 0
ARM_ARCH_MAJOR := 8
ARM_ARCH_MINOR := 5
ENABLE_FEAT_ECV = 1
ENABLE_FEAT_FGT = 1
CTX_INCLUDE_PAUTH_REGS := 1
# RME enables CSV2_2 extension by default.
ENABLE_FEAT_CSV2_2 = 1
endif #(FEAT_RME)
################################################################################ ################################################################################
# Compiler Configuration based on ARCH_MAJOR and ARCH_MINOR flags # Compiler Configuration based on ARCH_MAJOR and ARCH_MINOR flags
################################################################################ ################################################################################
@ -228,39 +165,6 @@ endif #(ARM_ARCH_MAJOR)
################################################################################ ################################################################################
arch-features = ${ARM_ARCH_FEATURE} arch-features = ${ARM_ARCH_FEATURE}
####################################################
# Enable required options for Memory Stack Tagging.
####################################################
# Memory tagging is supported in architecture Armv8.5-A AArch64 and onwards
ifeq ($(ARCH), aarch64)
# Check if revision is greater than or equal to 8.5
ifeq "8.5" "$(word 1, $(sort 8.5 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))"
mem_tag_arch_support = yes
endif
endif #(ARCH=aarch64)
# Currently, these options are enabled only for clang and armclang compiler.
ifeq (${SUPPORT_STACK_MEMTAG},yes)
ifdef mem_tag_arch_support
# Check for armclang and clang compilers
ifneq ( ,$(filter $(notdir $(CC)),armclang clang))
# Add "memtag" architecture feature modifier if not specified
ifeq ( ,$(findstring memtag,$(arch-features)))
arch-features := $(arch-features)+memtag
endif # memtag
ifeq ($(notdir $(CC)),armclang)
TF_CFLAGS += -mmemtag-stack
else ifeq ($(notdir $(CC)),clang)
TF_CFLAGS += -fsanitize=memtag
endif # armclang
endif
else
$(error "Error: stack memory tagging is not supported for \
architecture ${ARCH},armv${ARM_ARCH_MAJOR}.${ARM_ARCH_MINOR}-a")
endif #(mem_tag_arch_support)
endif #(SUPPORT_STACK_MEMTAG)
# Set the compiler's architecture feature modifiers # Set the compiler's architecture feature modifiers
ifneq ($(arch-features), none) ifneq ($(arch-features), none)
# Strip "none+" from arch-features # Strip "none+" from arch-features
@ -334,10 +238,6 @@ endif #(AARCH32_INSTRUCTION_SET)
TF_CFLAGS_aarch32 += -mno-unaligned-access TF_CFLAGS_aarch32 += -mno-unaligned-access
TF_CFLAGS_aarch64 += -mgeneral-regs-only -mstrict-align TF_CFLAGS_aarch64 += -mgeneral-regs-only -mstrict-align
ifneq (${BP_OPTION},none)
TF_CFLAGS_aarch64 += -mbranch-protection=${BP_OPTION}
endif #(BP_OPTION)
ASFLAGS += $(march-directive) ASFLAGS += $(march-directive)
############################################################################## ##############################################################################
@ -500,6 +400,14 @@ DTC_FLAGS += -I dts -O dtb
DTC_CPPFLAGS += -P -nostdinc -Iinclude -Ifdts -undef \ DTC_CPPFLAGS += -P -nostdinc -Iinclude -Ifdts -undef \
-x assembler-with-cpp $(DEFINES) -x assembler-with-cpp $(DEFINES)
################################################################################
# Setup ARCH_MAJOR/MINOR before parsing arch_features.
################################################################################
ifeq (${ENABLE_RME},1)
ARM_ARCH_MAJOR := 8
ARM_ARCH_MINOR := 6
endif
################################################################################ ################################################################################
# Common sources and include directories # Common sources and include directories
################################################################################ ################################################################################
@ -519,13 +427,6 @@ BL_COMMON_SOURCES += common/bl_common.c \
plat/common/${ARCH}/platform_helpers.S \ plat/common/${ARCH}/platform_helpers.S \
${COMPILER_RT_SRCS} ${COMPILER_RT_SRCS}
# Pointer Authentication sources
ifeq (${ENABLE_PAUTH}, 1)
# arm/common/aarch64/arm_pauth.c contains a sample platform hook to complete the
# Pauth support. As it's not secure, it must be reimplemented for real platforms
BL_COMMON_SOURCES += lib/extensions/pauth/pauth_helpers.S
endif
ifeq ($(notdir $(CC)),armclang) ifeq ($(notdir $(CC)),armclang)
BL_COMMON_SOURCES += lib/${ARCH}/armclang_printf.S BL_COMMON_SOURCES += lib/${ARCH}/armclang_printf.S
endif endif
@ -543,6 +444,104 @@ INCLUDES += -Iinclude \
include common/backtrace/backtrace.mk include common/backtrace/backtrace.mk
################################################################################
# Process BRANCH_PROTECTION value and set
# Pointer Authentication and Branch Target Identification flags
################################################################################
ifeq (${BRANCH_PROTECTION},0)
# Default value turns off all types of branch protection
BP_OPTION := none
else ifneq (${ARCH},aarch64)
$(error BRANCH_PROTECTION requires AArch64)
else ifeq (${BRANCH_PROTECTION},1)
# Enables all types of branch protection features
BP_OPTION := standard
ENABLE_BTI := 1
ENABLE_PAUTH := 1
else ifeq (${BRANCH_PROTECTION},2)
# Return address signing to its standard level
BP_OPTION := pac-ret
ENABLE_PAUTH := 1
else ifeq (${BRANCH_PROTECTION},3)
# Extend the signing to include leaf functions
BP_OPTION := pac-ret+leaf
ENABLE_PAUTH := 1
else ifeq (${BRANCH_PROTECTION},4)
# Turn on branch target identification mechanism
BP_OPTION := bti
ENABLE_BTI := 1
else
$(error Unknown BRANCH_PROTECTION value ${BRANCH_PROTECTION})
endif #(BRANCH_PROTECTION)
ifeq ($(ENABLE_PAUTH),1)
CTX_INCLUDE_PAUTH_REGS := 1
endif
ifneq (${BP_OPTION},none)
TF_CFLAGS_aarch64 += -mbranch-protection=${BP_OPTION}
endif #(BP_OPTION)
# Pointer Authentication sources
ifeq (${ENABLE_PAUTH}, 1)
# arm/common/aarch64/arm_pauth.c contains a sample platform hook to complete the
# Pauth support. As it's not secure, it must be reimplemented for real platforms
BL_COMMON_SOURCES += lib/extensions/pauth/pauth_helpers.S
endif
####################################################
# Enable required options for Memory Stack Tagging.
####################################################
# Currently, these options are enabled only for clang and armclang compiler.
ifeq (${SUPPORT_STACK_MEMTAG},yes)
ifdef mem_tag_arch_support
# Check for armclang and clang compilers
ifneq ( ,$(filter $(notdir $(CC)),armclang clang))
# Add "memtag" architecture feature modifier if not specified
ifeq ( ,$(findstring memtag,$(arch-features)))
arch-features := $(arch-features)+memtag
endif # memtag
ifeq ($(notdir $(CC)),armclang)
TF_CFLAGS += -mmemtag-stack
else ifeq ($(notdir $(CC)),clang)
TF_CFLAGS += -fsanitize=memtag
endif # armclang
endif
else
$(error "Error: stack memory tagging is not supported for \
architecture ${ARCH},armv${ARM_ARCH_MAJOR}.${ARM_ARCH_MINOR}-a")
endif #(mem_tag_arch_support)
endif #(SUPPORT_STACK_MEMTAG)
################################################################################
# RME dependent flags configuration, Enable optional features for RME.
################################################################################
# FEAT_RME
ifeq (${ENABLE_RME},1)
# RME doesn't support PIE
ifneq (${ENABLE_PIE},0)
$(error ENABLE_RME does not support PIE)
endif
# RME doesn't support BRBE
ifneq (${ENABLE_BRBE_FOR_NS},0)
$(error ENABLE_RME does not support BRBE.)
endif
# RME requires AARCH64
ifneq (${ARCH},aarch64)
$(error ENABLE_RME requires AArch64)
endif
# RME requires el2 context to be saved for now.
CTX_INCLUDE_EL2_REGS := 1
CTX_INCLUDE_AARCH32_REGS := 0
CTX_INCLUDE_PAUTH_REGS := 1
# RME enables CSV2_2 extension by default.
ENABLE_FEAT_CSV2_2 = 1
endif #(FEAT_RME)
################################################################################ ################################################################################
# Generic definitions # Generic definitions
################################################################################ ################################################################################

9
docs/porting-guide.rst
View file

@ -3463,6 +3463,15 @@ build system.
to ``no``. If any of the options ``EL3_PAYLOAD_BASE`` or ``PRELOADED_BL33_BASE`` to ``no``. If any of the options ``EL3_PAYLOAD_BASE`` or ``PRELOADED_BL33_BASE``
are used, this flag will be set to ``no`` automatically. are used, this flag will be set to ``no`` automatically.
- **ARM_ARCH_MAJOR and ARM_ARCH_MINOR**
By default, ARM_ARCH_MAJOR.ARM_ARCH_MINOR is set to 8.0 in ``defaults.mk``,
if the platform makefile/build defines or uses the correct ARM_ARCH_MAJOR and
ARM_ARCH_MINOR then mandatory Architectural features available for that Arch
version will be enabled by default and any optional Arch feature supported by
the Architecture and available in TF-A can be enabled from platform specific
makefile. Look up to ``arch_features.mk`` for details pertaining to mandatory
and optional Arch specific features.
Platform include paths Platform include paths
---------------------- ----------------------

307
make_helpers/arch_features.mk
View file

@ -1,41 +1,324 @@
# #
# Copyright (c) 2022, Arm Limited. All rights reserved. # Copyright (c) 2022-2023, Arm Limited. All rights reserved.
# #
# SPDX-License-Identifier: BSD-3-Clause # SPDX-License-Identifier: BSD-3-Clause
# #
# This file lists all the checks related to the Architectural Feature # This file lists all of the architectural features, and initializes
# Enablement flags, based on the Architectural version. # and enables them based on the configured architecture version.
# This file follows the following format:
# - By default disable any mandatory features.
# - Then Enable mandatory feature if applicable to an Arch Version.
# - Disable or enable any optional feature this would be enabled/disabled if needed by platform.
#
################################################################################
# Set mandatory features by default to zero.
################################################################################
#
#----
# 8.1
#----
# Flag to enable access to Privileged Access Never bit of PSTATE.
ENABLE_FEAT_PAN := 0
# Flag to enable Virtualization Host Extensions.
ENABLE_FEAT_VHE := 0
#----
# 8.2
#----
# Enable RAS Support.
ENABLE_FEAT_RAS := 0
#----
# 8.3
#----
# Flag to enable Pointer Authentication. Internal flag not meant for
# direct setting. Use BRANCH_PROTECTION to enable PAUTH.
ENABLE_PAUTH := 0
# Include pointer authentication (ARMv8.3-PAuth) registers in cpu context. This
# must be set to 1 if the platform wants to use this feature in the Secure
# world. It is not necessary for use in the Non-secure world.
CTX_INCLUDE_PAUTH_REGS := 0
#----
# 8.4
#----
# Flag to enable Secure EL-2 feature.
ENABLE_FEAT_SEL2 := 0
# Include nested virtualization control (Armv8.4-NV) registers in cpu context.
# This must be set to 1 if architecture implements Nested Virtualization
# Extension and platform wants to use this feature in the Secure world.
CTX_INCLUDE_NEVE_REGS := 0
# By default, disable trace filter control register access to lower non-secure
# exception levels, i.e. NS-EL2, or NS-EL1 if NS-EL2 is implemented, but
# trace filter control register access is unused if FEAT_TRF is implemented.
ENABLE_TRF_FOR_NS := 0
# Flag to enable Data Independent Timing instructions.
ENABLE_FEAT_DIT := 0
#----
# 8.5
#----
# Flag to enable access to the Random Number Generator registers.
ENABLE_FEAT_RNG := 0
# Flag to enable Speculation Barrier Instruction.
ENABLE_FEAT_SB := 0
# Flag to enable Branch Target Identification.
# Internal flag not meant for direct setting.
# Use BRANCH_PROTECTION to enable BTI.
ENABLE_BTI := 0
#----
# 8.6
#----
# Flag to enable access to the CNTPOFF_EL2 register.
ENABLE_FEAT_ECV := 0
# Flag to enable access to the HDFGRTR_EL2 register.
ENABLE_FEAT_FGT := 0
#----
# 8.7
#----
# Flag to enable access to the HCRX_EL2 register by setting SCR_EL3.HXEn.
ENABLE_FEAT_HCX := 0
#----
# 8.9
#----
# Flag to enable access to TCR2 (FEAT_TCR2).
ENABLE_FEAT_TCR2 := 0
#
################################################################################
# Enable Mandatory features based on Arch versions.
################################################################################
#
# Enable the features which are mandatory from ARCH version 8.1 and upwards. # Enable the features which are mandatory from ARCH version 8.1 and upwards.
ifeq "8.1" "$(word 1, $(sort 8.1 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))" ifeq "8.1" "$(word 1, $(sort 8.1 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))"
ENABLE_FEAT_PAN = 1 ENABLE_FEAT_PAN := 1
ENABLE_FEAT_VHE = 1 ENABLE_FEAT_VHE := 1
endif endif
# Enable the features which are mandatory from ARCH version 8.2 and upwards. # Enable the features which are mandatory from ARCH version 8.2 and upwards.
ifeq "8.2" "$(word 1, $(sort 8.2 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))" ifeq "8.2" "$(word 1, $(sort 8.2 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))"
ENABLE_FEAT_RAS = 1 ENABLE_FEAT_RAS := 1
endif endif
# Enable the features which are mandatory from ARCH version 8.4 and upwards. # Enable the features which are mandatory from ARCH version 8.4 and upwards.
ifeq "8.4" "$(word 1, $(sort 8.4 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))" ifeq "8.4" "$(word 1, $(sort 8.4 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))"
ENABLE_FEAT_DIT = 1 ENABLE_FEAT_SEL2 := 1
ENABLE_FEAT_SEL2 = 1 CTX_INCLUDE_NEVE_REGS := 1
ENABLE_TRF_FOR_NS := 1
ENABLE_FEAT_DIT := 1
endif endif
# Enable the features which are mandatory from ARCH version 8.5 and upwards. # Enable the features which are mandatory from ARCH version 8.5 and upwards.
ifeq "8.5" "$(word 1, $(sort 8.5 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))" ifeq "8.5" "$(word 1, $(sort 8.5 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))"
ENABLE_FEAT_SB = 1 ENABLE_FEAT_RNG := 1
ENABLE_FEAT_SB := 1
# Enable Memory tagging, Branch Target Identification for aarch64 only.
ifeq ($(ARCH), aarch64)
mem_tag_arch_support := yes
endif #(ARCH=aarch64)
endif endif
# Enable the features which are mandatory from ARCH version 8.6 and upwards. # Enable the features which are mandatory from ARCH version 8.6 and upwards.
ifeq "8.6" "$(word 1, $(sort 8.6 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))" ifeq "8.6" "$(word 1, $(sort 8.6 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))"
ENABLE_FEAT_FGT = 1 ENABLE_FEAT_ECV := 1
ENABLE_FEAT_ECV = 1 ENABLE_FEAT_FGT := 1
endif endif
# Enable the features which are mandatory from ARCH version 8.7 and upwards. # Enable the features which are mandatory from ARCH version 8.7 and upwards.
ifeq "8.7" "$(word 1, $(sort 8.7 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))" ifeq "8.7" "$(word 1, $(sort 8.7 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))"
ENABLE_FEAT_HCX = 1 ENABLE_FEAT_HCX := 1
endif endif
# Enable the features which are mandatory from ARCH version 8.9 and upwards.
ifeq "8.9" "$(word 1, $(sort 8.9 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))"
ENABLE_FEAT_TCR2 := 1
endif
#
################################################################################
# Optional Features defaulted to 0 or 2, if they are not enabled from
# build option. Can also be disabled or enabled by platform if needed.
################################################################################
#
#----
# 8.0
#----
# Flag to enable CSV2_2 extension.
ENABLE_FEAT_CSV2_2 ?= 0
# By default, disable access of trace system registers from NS lower
# ELs i.e. NS-EL2, or NS-EL1 if NS-EL2 implemented but unused if
# system register trace is implemented. This feature is available if
# trace unit such as ETMv4.x, This feature is OPTIONAL and is only
# permitted in Armv8 implementations.
ENABLE_SYS_REG_TRACE_FOR_NS ?= 0
#----
# 8.2
#----
# Build option to enable/disable the Statistical Profiling Extension,
# keep it enabled by default for AArch64.
ifeq (${ARCH},aarch64)
ENABLE_SPE_FOR_NS ?= 2
else ifeq (${ARCH},aarch32)
ifdef ENABLE_SPE_FOR_NS
$(error ENABLE_SPE_FOR_NS is not supported for AArch32)
else
ENABLE_SPE_FOR_NS := 0
endif
endif
# Enable SVE for non-secure world by default.
ifeq (${ARCH},aarch64)
ENABLE_SVE_FOR_NS ?= 2
# SVE is only supported on AArch64 so disable it on AArch32.
else ifeq (${ARCH},aarch32)
ifdef ENABLE_SVE_FOR_NS
$(error ENABLE_SVE_FOR_NS is not supported for AArch32)
else
ENABLE_SVE_FOR_NS := 0
endif
endif
#----
# 8.4
#----
# Feature flags for supporting Activity monitor extensions.
ENABLE_FEAT_AMU ?= 0
ENABLE_AMU_AUXILIARY_COUNTERS ?= 0
ENABLE_AMU_FCONF ?= 0
AMU_RESTRICT_COUNTERS ?= 0
# Build option to enable MPAM for lower ELs.
ENABLE_MPAM_FOR_LOWER_ELS ?= 0
#----
# 8.5
#----
# Flag to enable support for EL3 trapping of reads of the RNDR and RNDRRS
# registers, by setting SCR_EL3.TRNDR.
ENABLE_FEAT_RNG_TRAP ?= 0
# Include Memory Tagging Extension registers in cpu context. This must be set
# to 1 if the platform wants to use this feature in the Secure world and MTE is
# enabled at ELX.
CTX_INCLUDE_MTE_REGS ?= 0
#----
# 8.6
#----
# Flag to enable AMUv1p1 extension.
ENABLE_FEAT_AMUv1p1 ?= 0
# Flag to enable delayed trapping of WFE instruction (FEAT_TWED).
ENABLE_FEAT_TWED ?= 0
# In v8.6+ platforms with delayed trapping of WFE being supported
# via FEAT_TWED, this flag takes the delay value to be set in the
# SCR_EL3.TWEDEL(4bit) field, when FEAT_TWED is implemented.
# By default it takes 0, and need to be updated by the platforms.
TWED_DELAY ?= 0
# Disable MTPMU if FEAT_MTPMU is supported.
DISABLE_MTPMU ?= 0
#----
# 8.9
#----
# Flag to enable NoTagAccess memory region attribute for stage 2 of translation.
ENABLE_FEAT_MTE_PERM ?= 0
# Flag to enable access to Stage 2 Permission Indirection (FEAT_S2PIE).
ENABLE_FEAT_S2PIE ?= 0
# Flag to enable access to Stage 1 Permission Indirection (FEAT_S1PIE).
ENABLE_FEAT_S1PIE ?= 0
# Flag to enable access to Stage 2 Permission Overlay (FEAT_S2POE).
ENABLE_FEAT_S2POE ?= 0
# Flag to enable access to Stage 1 Permission Overlay (FEAT_S1POE).
ENABLE_FEAT_S1POE ?= 0
#----
# 9.0
#----
# Flag to enable Realm Management Extension (FEAT_RME).
ENABLE_RME ?= 0
# Scalable Matrix Extension for non-secure world.
ENABLE_SME_FOR_NS ?= 0
# Scalable Vector Extension for secure world.
ENABLE_SVE_FOR_SWD ?= 0
# By default, disable access of trace buffer control registers from NS
# lower ELs i.e. NS-EL2, or NS-EL1 if NS-EL2 implemented but unused
# if FEAT_TRBE is implemented.
# Note FEAT_TRBE is only supported on AArch64 - therefore do not enable in
# AArch32.
ifeq (${ARCH},aarch64)
ENABLE_TRBE_FOR_NS ?= 0
else ifeq (${ARCH},aarch32)
ifdef ENABLE_TRBE_FOR_NS
$(error ENABLE_TRBE_FOR_NS is not supported for AArch32)
else
ENABLE_TRBE_FOR_NS := 0
endif
endif
#----
# 9.2
#----
# Scalable Matrix Extension version 2 for non-secure world.
ENABLE_SME2_FOR_NS ?= 0
# Scalable Matrix Extension for secure world.
ENABLE_SME_FOR_SWD ?= 0
# By default, disable access to branch record buffer control registers from NS
# lower ELs i.e. NS-EL2, or NS-EL1 if NS-EL2 implemented but unused
# if FEAT_BRBE is implemented.
ENABLE_BRBE_FOR_NS ?= 0
#----
#9.4
#----
# Flag to enable access to Guarded Control Stack (FEAT_GCS).
ENABLE_FEAT_GCS ?= 0

157
make_helpers/defaults.mk
View file

@ -63,16 +63,6 @@ CTX_INCLUDE_AARCH32_REGS := 1
# Include FP registers in cpu context # Include FP registers in cpu context
CTX_INCLUDE_FPREGS := 0 CTX_INCLUDE_FPREGS := 0
# Include pointer authentication (ARMv8.3-PAuth) registers in cpu context. This
# must be set to 1 if the platform wants to use this feature in the Secure
# world. It is not needed to use it in the Non-secure world.
CTX_INCLUDE_PAUTH_REGS := 0
# Include Nested virtualization control (Armv8.4-NV) registers in cpu context.
# This must be set to 1 if architecture implements Nested Virtualization
# Extension and platform wants to use this feature in the Secure world
CTX_INCLUDE_NEVE_REGS := 0
# Debug build # Debug build
DEBUG := 0 DEBUG := 0
@ -85,17 +75,10 @@ DEFAULT_PLAT := fvp
# Disable the generation of the binary image (ELF only). # Disable the generation of the binary image (ELF only).
DISABLE_BIN_GENERATION := 0 DISABLE_BIN_GENERATION := 0
# Disable MTPMU if FEAT_MTPMU is supported. Default is 0 to keep backwards
# compatibility.
DISABLE_MTPMU := 0
# Enable capability to disable authentication dynamically. Only meant for # Enable capability to disable authentication dynamically. Only meant for
# development platforms. # development platforms.
DYN_DISABLE_AUTH := 0 DYN_DISABLE_AUTH := 0
# Build option to enable MPAM for lower ELs
ENABLE_MPAM_FOR_LOWER_ELS := 0
# Enable the Maximum Power Mitigation Mechanism on supporting cores. # Enable the Maximum Power Mitigation Mechanism on supporting cores.
ENABLE_MPMM := 0 ENABLE_MPMM := 0
@ -111,9 +94,6 @@ ENABLE_PMF := 0
# Flag to enable PSCI STATs functionality # Flag to enable PSCI STATs functionality
ENABLE_PSCI_STAT := 0 ENABLE_PSCI_STAT := 0
# Flag to enable Realm Management Extension (FEAT_RME)
ENABLE_RME := 0
# Flag to enable runtime instrumentation using PMF # Flag to enable runtime instrumentation using PMF
ENABLE_RUNTIME_INSTRUMENTATION := 0 ENABLE_RUNTIME_INSTRUMENTATION := 0
@ -123,77 +103,6 @@ ENABLE_STACK_PROTECTOR := 0
# Flag to enable exception handling in EL3 # Flag to enable exception handling in EL3
EL3_EXCEPTION_HANDLING := 0 EL3_EXCEPTION_HANDLING := 0
# Flag to enable Branch Target Identification.
# Internal flag not meant for direct setting.
# Use BRANCH_PROTECTION to enable BTI.
ENABLE_BTI := 0
# Flag to enable Pointer Authentication.
# Internal flag not meant for direct setting.
# Use BRANCH_PROTECTION to enable PAUTH.
ENABLE_PAUTH := 0
# Flag to enable AMUv1p1 extension.
ENABLE_FEAT_AMUv1p1 := 0
# Flag to enable CSV2_2 extension.
ENABLE_FEAT_CSV2_2 := 0
# Flag to enable access to the HCRX_EL2 register by setting SCR_EL3.HXEn.
ENABLE_FEAT_HCX := 0
# Flag to enable access to the HDFGRTR_EL2 register
ENABLE_FEAT_FGT := 0
# Flag to enable access to the CNTPOFF_EL2 register
ENABLE_FEAT_ECV := 0
# Flag to enable use of the DIT feature.
ENABLE_FEAT_DIT := 0
# Flag to enable access to Privileged Access Never bit of PSTATE.
ENABLE_FEAT_PAN := 0
# Flag to enable access to the Random Number Generator registers
ENABLE_FEAT_RNG := 0
# Flag to enable support for EL3 trapping of reads of the RNDR and RNDRRS
# registers, by setting SCR_EL3.TRNDR.
ENABLE_FEAT_RNG_TRAP := 0
# Flag to enable Speculation Barrier Instruction
ENABLE_FEAT_SB := 0
# Flag to enable Secure EL-2 feature.
ENABLE_FEAT_SEL2 := 0
# Flag to enable Virtualization Host Extensions
ENABLE_FEAT_VHE := 0
# Flag to enable delayed trapping of WFE instruction (FEAT_TWED)
ENABLE_FEAT_TWED := 0
# Flag to enable access to TCR2 (FEAT_TCR2)
ENABLE_FEAT_TCR2 := 0
# Flag to enable access to Stage 2 Permission Indirection (FEAT_S2PIE)
ENABLE_FEAT_S2PIE := 0
# Flag to enable access to Stage 1 Permission Indirection (FEAT_S1PIE)
ENABLE_FEAT_S1PIE := 0
# Flag to enable access to Stage 2 Permission Overlay (FEAT_S2POE)
ENABLE_FEAT_S2POE := 0
# Flag to enable access to Stage 1 Permission Overlay (FEAT_S1POE)
ENABLE_FEAT_S1POE := 0
# Flag to enable access to Guarded Control Stack (FEAT_GCS)
ENABLE_FEAT_GCS := 0
# Flag to enable NoTagAccess memory region attribute for stage 2 of translation.
ENABLE_FEAT_MTE_PERM := 0
# By default BL31 encryption disabled # By default BL31 encryption disabled
ENCRYPT_BL31 := 0 ENCRYPT_BL31 := 0
@ -279,8 +188,7 @@ PSCI_EXTENDED_STATE_ID := 0
# Enable PSCI OS-initiated mode support # Enable PSCI OS-initiated mode support
PSCI_OS_INIT_MODE := 0 PSCI_OS_INIT_MODE := 0
# Enable RAS Support # Enable RAS Firmware First Handling Support
ENABLE_FEAT_RAS := 0
RAS_FFH_SUPPORT := 0 RAS_FFH_SUPPORT := 0
# By default, BL1 acts as the reset handler, not BL31 # By default, BL1 acts as the reset handler, not BL31
@ -379,40 +287,9 @@ V := 0
# platforms). # platforms).
WARMBOOT_ENABLE_DCACHE_EARLY := 0 WARMBOOT_ENABLE_DCACHE_EARLY := 0
# Build option to enable/disable the Statistical Profiling Extensions
ENABLE_SPE_FOR_NS := 2
# SPE is only supported on AArch64 so disable it on AArch32.
ifeq (${ARCH},aarch32)
override ENABLE_SPE_FOR_NS := 0
endif
# Include Memory Tagging Extension registers in cpu context. This must be set
# to 1 if the platform wants to use this feature in the Secure world and MTE is
# enabled at ELX.
CTX_INCLUDE_MTE_REGS := 0
ENABLE_FEAT_AMU := 0
ENABLE_AMU_AUXILIARY_COUNTERS := 0
ENABLE_AMU_FCONF := 0
AMU_RESTRICT_COUNTERS := 0
# Enable SVE for non-secure world by default
ENABLE_SVE_FOR_NS := 2
# SVE is only supported on AArch64 so disable it on AArch32.
ifeq (${ARCH},aarch32)
override ENABLE_SVE_FOR_NS := 0
endif
ENABLE_SVE_FOR_SWD := 0
# Default SVE vector length to maximum architected value # Default SVE vector length to maximum architected value
SVE_VECTOR_LEN := 2048 SVE_VECTOR_LEN := 2048
# SME defaults to disabled
ENABLE_SME_FOR_NS := 0
ENABLE_SME_FOR_SWD := 0
ENABLE_SME2_FOR_NS := 0
SANITIZE_UB := off SANITIZE_UB := off
# For ARMv8.1 (AArch64) platforms, enabling this option selects the spinlock # For ARMv8.1 (AArch64) platforms, enabling this option selects the spinlock
@ -467,38 +344,6 @@ NR_OF_IMAGES_IN_FW_BANK := 1
# Disable Firmware update support by default # Disable Firmware update support by default
PSA_FWU_SUPPORT := 0 PSA_FWU_SUPPORT := 0
# By default, disable access of trace buffer control registers from NS
# lower ELs i.e. NS-EL2, or NS-EL1 if NS-EL2 implemented but unused
# if FEAT_TRBE is implemented.
# Note FEAT_TRBE is only supported on AArch64 - therefore do not enable in
# AArch32.
ifneq (${ARCH},aarch32)
ENABLE_TRBE_FOR_NS := 0
else
override ENABLE_TRBE_FOR_NS := 0
endif
# By default, disable access to branch record buffer control registers from NS
# lower ELs i.e. NS-EL2, or NS-EL1 if NS-EL2 implemented but unused
# if FEAT_BRBE is implemented.
ENABLE_BRBE_FOR_NS := 0
# By default, disable access of trace system registers from NS lower
# ELs i.e. NS-EL2, or NS-EL1 if NS-EL2 implemented but unused if
# system register trace is implemented.
ENABLE_SYS_REG_TRACE_FOR_NS := 0
# By default, disable trace filter control registers access to NS
# lower ELs, i.e. NS-EL2, or NS-EL1 if NS-EL2 implemented but unused
# if FEAT_TRF is implemented.
ENABLE_TRF_FOR_NS := 0
# In v8.6+ platforms with delayed trapping of WFE being supported
# via FEAT_TWED, this flag takes the delay value to be set in the
# SCR_EL3.TWEDEL(4bit) field, when FEAT_TWED is implemented.
# By default it takes 0, and need to be updated by the platforms.
TWED_DELAY := 0
# By default, disable the mocking of RSS provided services # By default, disable the mocking of RSS provided services
PLAT_RSS_NOT_SUPPORTED := 0 PLAT_RSS_NOT_SUPPORTED := 0