Djam/arm-trusted-firmware
1
0
Fork 0
mirror of https://github.com/ARM-software/arm-trusted-firmware.git synced 2025-04-15 09:04:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(ehf): restrict secure world FIQ routing model to SPM_MM

Browse source 
Exception handling framework (EHF) changes the semantics of interrupts,
sync and async external aborts. As far as interrupts are concerned it
changes the routing model of foreign interrupts (FIQs) by changing
SCR_EL3.FIQ to 1 for both non-secure and secure except when SPMD is
used along with Hafnium/SPM at S-EL2 [1].
For NS world it means : G1S and G0 interrupts are routed to EL3
For Secure world it means : G1NS and G0 are routed to EL3

There is no upstream use case utilizing EHF and re-routing EL3
interrupts to the Secure world except when SPM_MM is present.

Modify the FIQ routing model during EHF init just for known use cases,
Always for NS world and for secure world only if SPM_MM is present.

[1]:https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/16047

Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ic292bbe8dd02d560aece5802d79569d868d8500f
This commit is contained in:
Manish Pandey 2023-11-20 12:22:08 +00:00
parent 00f97e4d1c
commit 7671008fcf
2 changed files with 5 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
bl31/ehf.c
View file

@ -478,13 +478,10 @@ void __init ehf_init(void)
/* Route EL3 interrupts when in Non-secure. */
set_interrupt_rm_flag(flags, NON_SECURE);
/*
* Route EL3 interrupts when in secure, only when SPMC is not present
* in S-EL2.
*/
#if !(defined(SPD_spmd) && (SPMD_SPM_AT_SEL2 == 1))
/* Route EL3 interrupts only when SPM_MM present in secure. */
#if SPM_MM
set_interrupt_rm_flag(flags, SECURE);
#endif /* !(defined(SPD_spmd) && (SPMD_SPM_AT_SEL2 == 1)) */
#endif
/* Register handler for EL3 interrupts */
ret = register_interrupt_type_handler(INTR_TYPE_EL3,

4
include/bl31/interrupt_mgmt.h
View file

@ -107,10 +107,10 @@ static inline int32_t validate_ns_interrupt_rm(uint32_t x)
static inline int32_t validate_el3_interrupt_rm(uint32_t x)
{
#if EL3_EXCEPTION_HANDLING && !(defined(SPD_spmd) && (SPMD_SPM_AT_SEL2 == 1))
#if EL3_EXCEPTION_HANDLING && SPM_MM
/*
* With EL3 exception handling, EL3 interrupts are always routed to EL3
* from both Secure and Non-secure, when the SPMC does not live in S-EL2.
* from Non-secure and from secure only if SPM_MM is present.
* Therefore INTR_EL3_VALID_RM1 is the only valid routing model.
*/
if (x == INTR_EL3_VALID_RM1)