From 3eb8cd6093caba886c0a2f9285131aca86a617f5 Mon Sep 17 00:00:00 2001 From: Manish V Badarkhe Date: Tue, 21 Feb 2023 12:28:33 +0000 Subject: [PATCH 1/4] Revert "feat(bl31): aarch64: RESET_TO_BL31_WITH_PARAMS" Adopted RESET_TO_BL31_WITH_PARAMS functionality in RESET_TO_BL31 in the subsequent patches hence reverted this patch. This reverts commit 25844ff728e4a0e5430ba2032457aba7b780a701. Change-Id: Ia0bfa22fc45754f15c82638662dde93f604992c3 Signed-off-by: Manish V Badarkhe --- Makefile | 2 -- bl31/aarch64/bl31_entrypoint.S | 4 +--- make_helpers/defaults.mk | 3 --- 3 files changed, 1 insertion(+), 8 deletions(-) diff --git a/Makefile b/Makefile index a69bfbb3b..d4132630b 100644 --- a/Makefile +++ b/Makefile @@ -1094,7 +1094,6 @@ $(eval $(call assert_booleans,\ PROGRAMMABLE_RESET_ADDRESS \ PSCI_EXTENDED_STATE_ID \ RESET_TO_BL31 \ - RESET_TO_BL31_WITH_PARAMS \ SAVE_KEYS \ SEPARATE_CODE_AND_RODATA \ SEPARATE_BL2_NOLOAD_REGION \ @@ -1236,7 +1235,6 @@ $(eval $(call add_defines,\ PSCI_EXTENDED_STATE_ID \ RAS_EXTENSION \ RESET_TO_BL31 \ - RESET_TO_BL31_WITH_PARAMS \ SEPARATE_CODE_AND_RODATA \ SEPARATE_BL2_NOLOAD_REGION \ SEPARATE_NOBITS_REGION \ diff --git a/bl31/aarch64/bl31_entrypoint.S b/bl31/aarch64/bl31_entrypoint.S index b0c46dc7b..ed058648f 100644 --- a/bl31/aarch64/bl31_entrypoint.S +++ b/bl31/aarch64/bl31_entrypoint.S @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2013-2021, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -67,7 +67,6 @@ func bl31_entrypoint _exception_vectors=runtime_exceptions \ _pie_fixup_size=BL31_LIMIT - BL31_BASE -#if !RESET_TO_BL31_WITH_PARAMS /* --------------------------------------------------------------------- * For RESET_TO_BL31 systems, BL31 is the first bootloader to run so * there's no argument to relay from a previous bootloader. Zero the @@ -78,7 +77,6 @@ func bl31_entrypoint mov x21, 0 mov x22, 0 mov x23, 0 -#endif /* RESET_TO_BL31_WITH_PARAMS */ #endif /* RESET_TO_BL31 */ /* -------------------------------------------------------------------- diff --git a/make_helpers/defaults.mk b/make_helpers/defaults.mk index a66123a7d..771cef13c 100644 --- a/make_helpers/defaults.mk +++ b/make_helpers/defaults.mk @@ -261,9 +261,6 @@ RAS_EXTENSION := 0 # By default, BL1 acts as the reset handler, not BL31 RESET_TO_BL31 := 0 -# By default, clear the input registers when RESET_TO_BL31 is enabled -RESET_TO_BL31_WITH_PARAMS := 0 - # For Chain of Trust SAVE_KEYS := 0 From 5025546c08c51257f49d5fec7e291c03324ee165 Mon Sep 17 00:00:00 2001 From: Manish V Badarkhe Date: Tue, 21 Feb 2023 12:30:13 +0000 Subject: [PATCH 2/4] Revert "docs(bl31): aarch64: RESET_TO_BL31_WITH_PARAMS" Adopted RESET_TO_BL31_WITH_PARAMS functionality in RESET_TO_BL31 in the subsequent patches hence reverted this patch. This reverts commit ac4ac38c5443afdef38e38e9247c96359de3a2ea. Change-Id: I5fb8eaea47d0fd6d0171260c6d834ec8de588fad Signed-off-by: Manish V Badarkhe --- docs/design/reset-design.rst | 17 +++++------------ docs/getting_started/build-options.rst | 5 ----- 2 files changed, 5 insertions(+), 17 deletions(-) diff --git a/docs/design/reset-design.rst b/docs/design/reset-design.rst index 666ee4f0d..7b10c956c 100644 --- a/docs/design/reset-design.rst +++ b/docs/design/reset-design.rst @@ -141,26 +141,19 @@ CPU executes a modified BL31 initialization, as described below. Platform initialization ~~~~~~~~~~~~~~~~~~~~~~~ -In this configuration, when the CPU resets to BL31 there should be no parameters -that can be passed in registers by previous boot stages. Instead, the platform -code in BL31 needs to know, or be able to determine, the location of the BL32 -(if required) and BL33 images and provide this information in response to the +In this configuration, when the CPU resets to BL31 there are no parameters that +can be passed in registers by previous boot stages. Instead, the platform code +in BL31 needs to know, or be able to determine, the location of the BL32 (if +required) and BL33 images and provide this information in response to the ``bl31_plat_get_next_image_ep_info()`` function. -.. note:: - Some platforms that configure ``RESET_TO_BL31`` might still be able to - receive parameters in registers depending on their actual boot sequence. On - those occasions, and in addition to ``RESET_TO_BL31``, these platforms should - set ``RESET_TO_BL31_WITH_PARAMS`` to avoid the input registers from being - zeroed before entering BL31. - Additionally, platform software is responsible for carrying out any security initialisation, for example programming a TrustZone address space controller. This might be done by the Trusted Boot Firmware or by platform code in BL31. -------------- -*Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved.* +*Copyright (c) 2015-2019, Arm Limited and Contributors. All rights reserved.* .. |Default reset code flow| image:: ../resources/diagrams/default_reset_code.png .. |Reset code flow with programmable reset address| image:: ../resources/diagrams/reset_code_no_boot_type_check.png diff --git a/docs/getting_started/build-options.rst b/docs/getting_started/build-options.rst index a285d31c3..490b0b356 100644 --- a/docs/getting_started/build-options.rst +++ b/docs/getting_started/build-options.rst @@ -742,11 +742,6 @@ Common build options entrypoint) or 1 (CPU reset to BL31 entrypoint). The default value is 0. -- ``RESET_TO_BL31_WITH_PARAMS``: If ``RESET_TO_BL31`` has been enabled, setting - this additional option guarantees that the input registers are not cleared - therefore allowing parameters to be passed to the BL31 entrypoint. - The default value is 0. - - ``RESET_TO_SP_MIN``: SP_MIN is the minimal AArch32 Secure Payload provided in TF-A. This flag configures SP_MIN entrypoint as the CPU reset vector instead of the BL1 entrypoint. It can take the value 0 (CPU reset to BL1 From 3e14df6f63303adb134d525b373ec7f08c1b1dc6 Mon Sep 17 00:00:00 2001 From: Manish V Badarkhe Date: Tue, 21 Feb 2023 11:13:34 +0000 Subject: [PATCH 3/4] fix(bl31): avoid clearing of argument registers in RESET_TO_BL31 case It was assumed that BL31 is the first bootloader to run so there's no argument to relay from a previous bootloader in RESET_TO_BL31 case, however this is not true for every platform with a non-TF-A bootloader that might get executed before BL31 while compiling in RESET_TO_BL31 feature. Thus, by avoiding zeroing registers, the arguments passed from the previous bootloader to BL31 are preserved. Change-Id: I7bb66a10d1fd551ba3fd59a7a38ab5bde3197f72 Signed-off-by: Manish V Badarkhe --- bl31/aarch64/bl31_entrypoint.S | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/bl31/aarch64/bl31_entrypoint.S b/bl31/aarch64/bl31_entrypoint.S index ed058648f..dfb14e924 100644 --- a/bl31/aarch64/bl31_entrypoint.S +++ b/bl31/aarch64/bl31_entrypoint.S @@ -66,17 +66,6 @@ func bl31_entrypoint _init_c_runtime=1 \ _exception_vectors=runtime_exceptions \ _pie_fixup_size=BL31_LIMIT - BL31_BASE - - /* --------------------------------------------------------------------- - * For RESET_TO_BL31 systems, BL31 is the first bootloader to run so - * there's no argument to relay from a previous bootloader. Zero the - * arguments passed to the platform layer to reflect that. - * --------------------------------------------------------------------- - */ - mov x20, 0 - mov x21, 0 - mov x22, 0 - mov x23, 0 #endif /* RESET_TO_BL31 */ /* -------------------------------------------------------------------- From d2baffbc0324778f466c13b8e689f9953fea17e6 Mon Sep 17 00:00:00 2001 From: Manish V Badarkhe Date: Tue, 21 Feb 2023 12:35:09 +0000 Subject: [PATCH 4/4] docs: update RESET_TO_BL31 documentation The documentation has been updated to explicitly mention that with RESET_TO_BL31, the platform can receive parameters based on their actual boot sequence. Change-Id: Ib482fb89e528ec836ff7ee175cac59dd2da2898b Signed-off-by: Manish V Badarkhe --- docs/design/reset-design.rst | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/docs/design/reset-design.rst b/docs/design/reset-design.rst index 7b10c956c..f8c5a4341 100644 --- a/docs/design/reset-design.rst +++ b/docs/design/reset-design.rst @@ -141,19 +141,27 @@ CPU executes a modified BL31 initialization, as described below. Platform initialization ~~~~~~~~~~~~~~~~~~~~~~~ -In this configuration, when the CPU resets to BL31 there are no parameters that -can be passed in registers by previous boot stages. Instead, the platform code -in BL31 needs to know, or be able to determine, the location of the BL32 (if -required) and BL33 images and provide this information in response to the -``bl31_plat_get_next_image_ep_info()`` function. +In this configuration, since the CPU resets to BL31, no parameters are expected +to be passed to BL31 (see notes below for clarification). +Instead, the platform code in BL31 needs to know, or be able to determine, the +location of the BL32 (if required) and BL33 images and provide this information +in response to the ``bl31_plat_get_next_image_ep_info()`` function. Additionally, platform software is responsible for carrying out any security initialisation, for example programming a TrustZone address space controller. This might be done by the Trusted Boot Firmware or by platform code in BL31. +.. note:: + Even though RESET_TO_BL31 is designed such that BL31 is the reset BL image, + some platforms may wish to pass some arguments to BL31 as per the defined + contract between BL31 and previous bootloaders. Previous bootloaders can + pass arguments through registers x0 through x3. BL31 will preserve them and + propagate them to platform code, which will handle these arguments in an + IMPDEF manner. + -------------- -*Copyright (c) 2015-2019, Arm Limited and Contributors. All rights reserved.* +*Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.* .. |Default reset code flow| image:: ../resources/diagrams/default_reset_code.png .. |Reset code flow with programmable reset address| image:: ../resources/diagrams/reset_code_no_boot_type_check.png