From 1d2706dbaf98634aa1eecc65e52b54acf330df3d Mon Sep 17 00:00:00 2001 From: Boyan Karatotev Date: Mon, 6 Mar 2023 14:45:15 +0000 Subject: [PATCH 1/4] chore(pauth): remove redundant pauth_disable_el3() call Both bl2_main and bl2_run_next_image call pauth_disable_el3. However, bl2_main is the only caller of bl2_run_next_image so it doesn't need to call it Signed-off-by: Boyan Karatotev Change-Id: I91769b2994ad643d2259c211936dbac4ef010d25 --- bl2/aarch64/bl2_run_next_image.S | 9 --------- lib/extensions/pauth/pauth_helpers.S | 2 +- 2 files changed, 1 insertion(+), 10 deletions(-) diff --git a/bl2/aarch64/bl2_run_next_image.S b/bl2/aarch64/bl2_run_next_image.S index f0a8be87a..1431a5fef 100644 --- a/bl2/aarch64/bl2_run_next_image.S +++ b/bl2/aarch64/bl2_run_next_image.S @@ -24,15 +24,6 @@ func bl2_run_next_image tlbi alle3 bl bl2_el3_plat_prepare_exit -#if ENABLE_PAUTH - /* --------------------------------------------- - * Disable pointer authentication before jumping - * to next boot image. - * --------------------------------------------- - */ - bl pauth_disable_el3 -#endif /* ENABLE_PAUTH */ - ldp x0, x1, [x20, #ENTRY_POINT_INFO_PC_OFFSET] msr elr_el3, x0 msr spsr_el3, x1 diff --git a/lib/extensions/pauth/pauth_helpers.S b/lib/extensions/pauth/pauth_helpers.S index d483c7df7..fb5fa9788 100644 --- a/lib/extensions/pauth/pauth_helpers.S +++ b/lib/extensions/pauth/pauth_helpers.S @@ -45,7 +45,7 @@ func pauth_init_enable_el1 endfunc pauth_init_enable_el1 /* ------------------------------------------------------------- - * Disable pointer authentication in EL3 + * Disable pointer authentication in EL1 * ------------------------------------------------------------- */ func pauth_disable_el1 From 6c42a736277f5a82bbea5a8a8b9e08f12e9c0653 Mon Sep 17 00:00:00 2001 From: Boyan Karatotev Date: Tue, 14 Mar 2023 18:07:34 +0000 Subject: [PATCH 2/4] chore(docs): remove control register setup section It hasn't been updated since 2017 and the documentation around that bit of code is fairly good so it is redundant to be there. Signed-off-by: Boyan Karatotev Change-Id: Idee4523e97cb6039fae1efae35eda2b45e8f7345 --- docs/design/firmware-design.rst | 57 --------------------------------- 1 file changed, 57 deletions(-) diff --git a/docs/design/firmware-design.rst b/docs/design/firmware-design.rst index 97f355045..c53bb72f4 100644 --- a/docs/design/firmware-design.rst +++ b/docs/design/firmware-design.rst @@ -245,63 +245,6 @@ BL1 performs minimal architectural initialization as follows. specific reset handler function (see the section: "CPU specific operations framework"). -- Control register setup (for AArch64) - - - ``SCTLR_EL3``. Instruction cache is enabled by setting the ``SCTLR_EL3.I`` - bit. Alignment and stack alignment checking is enabled by setting the - ``SCTLR_EL3.A`` and ``SCTLR_EL3.SA`` bits. Exception endianness is set to - little-endian by clearing the ``SCTLR_EL3.EE`` bit. - - - ``SCR_EL3``. The register width of the next lower exception level is set - to AArch64 by setting the ``SCR.RW`` bit. The ``SCR.EA`` bit is set to trap - both External Aborts and SError Interrupts in EL3. The ``SCR.SIF`` bit is - also set to disable instruction fetches from Non-secure memory when in - secure state. - - - ``CPTR_EL3``. Accesses to the ``CPACR_EL1`` register from EL1 or EL2, or the - ``CPTR_EL2`` register from EL2 are configured to not trap to EL3 by - clearing the ``CPTR_EL3.TCPAC`` bit. Access to the trace functionality is - configured not to trap to EL3 by clearing the ``CPTR_EL3.TTA`` bit. - Instructions that access the registers associated with Floating Point - and Advanced SIMD execution are configured to not trap to EL3 by - clearing the ``CPTR_EL3.TFP`` bit. - - - ``DAIF``. The SError interrupt is enabled by clearing the SError interrupt - mask bit. - - - ``MDCR_EL3``. The trap controls, ``MDCR_EL3.TDOSA``, ``MDCR_EL3.TDA`` and - ``MDCR_EL3.TPM``, are set so that accesses to the registers they control - do not trap to EL3. AArch64 Secure self-hosted debug is disabled by - setting the ``MDCR_EL3.SDD`` bit. Also ``MDCR_EL3.SPD32`` is set to - disable AArch32 Secure self-hosted privileged debug from S-EL1. - -- Control register setup (for AArch32) - - - ``SCTLR``. Instruction cache is enabled by setting the ``SCTLR.I`` bit. - Alignment checking is enabled by setting the ``SCTLR.A`` bit. - Exception endianness is set to little-endian by clearing the - ``SCTLR.EE`` bit. - - - ``SCR``. The ``SCR.SIF`` bit is set to disable instruction fetches from - Non-secure memory when in secure state. - - - ``CPACR``. Allow execution of Advanced SIMD instructions at PL0 and PL1, - by clearing the ``CPACR.ASEDIS`` bit. Access to the trace functionality - is configured not to trap to undefined mode by clearing the - ``CPACR.TRCDIS`` bit. - - - ``NSACR``. Enable non-secure access to Advanced SIMD functionality and - system register access to implemented trace registers. - - - ``FPEXC``. Enable access to the Advanced SIMD and floating-point - functionality from all Exception levels. - - - ``CPSR.A``. The Asynchronous data abort interrupt is enabled by clearing - the Asynchronous data abort interrupt mask bit. - - - ``SDCR``. The ``SDCR.SPD`` field is set to disable AArch32 Secure - self-hosted privileged debug. - Platform initialization ^^^^^^^^^^^^^^^^^^^^^^^ From a64010e4c675f4476fe0c995762199fc1f218c30 Mon Sep 17 00:00:00 2001 From: Boyan Karatotev Date: Wed, 15 Mar 2023 13:47:20 +0000 Subject: [PATCH 3/4] chore(bl1): remove redundant bl1_arch_next_el_setup bl1_arch_next_el_setup has no references anywhere in TF-A. Remove it as it is redundant Signed-off-by: Boyan Karatotev Change-Id: Ice2997f33c318390883347acdd03dc6755f87ea5 --- bl1/aarch64/bl1_arch_setup.c | 16 ---------------- bl1/bl1_private.h | 1 - plat/arm/board/fvp_r/fvp_r_bl1_arch_setup.c | 16 ---------------- 3 files changed, 33 deletions(-) diff --git a/bl1/aarch64/bl1_arch_setup.c b/bl1/aarch64/bl1_arch_setup.c index 0a1cb304a..f3de53699 100644 --- a/bl1/aarch64/bl1_arch_setup.c +++ b/bl1/aarch64/bl1_arch_setup.c @@ -17,19 +17,3 @@ void bl1_arch_setup(void) /* Set the next EL to be AArch64 */ write_scr_el3(read_scr_el3() | SCR_RW_BIT); } - -/******************************************************************************* - * Set the Secure EL1 required architectural state - ******************************************************************************/ -void bl1_arch_next_el_setup(void) -{ - u_register_t next_sctlr; - - /* Use the same endianness than the current BL */ - next_sctlr = (read_sctlr_el3() & SCTLR_EE_BIT); - - /* Set SCTLR Secure EL1 */ - next_sctlr |= SCTLR_EL1_RES1; - - write_sctlr_el1(next_sctlr); -} diff --git a/bl1/bl1_private.h b/bl1/bl1_private.h index e119ba727..61fb5beed 100644 --- a/bl1/bl1_private.h +++ b/bl1/bl1_private.h @@ -17,7 +17,6 @@ extern entry_point_info_t *bl2_ep_info; * Function prototypes *****************************************/ void bl1_arch_setup(void); -void bl1_arch_next_el_setup(void); void bl1_prepare_next_image(unsigned int image_id); void bl1_run_bl2_in_root(void); diff --git a/plat/arm/board/fvp_r/fvp_r_bl1_arch_setup.c b/plat/arm/board/fvp_r/fvp_r_bl1_arch_setup.c index ae6af6c08..820470bc7 100644 --- a/plat/arm/board/fvp_r/fvp_r_bl1_arch_setup.c +++ b/plat/arm/board/fvp_r/fvp_r_bl1_arch_setup.c @@ -17,19 +17,3 @@ void bl1_arch_setup(void) { /* v8-R64 does not include SCRs. */ } - -/******************************************************************************* - * Set the Secure EL1 required architectural state - ******************************************************************************/ -void bl1_arch_next_el_setup(void) -{ - u_register_t next_sctlr; - - /* Use the same endianness than the current BL */ - next_sctlr = (read_sctlr_el2() & SCTLR_EE_BIT); - - /* Set SCTLR Secure EL1 */ - next_sctlr |= SCTLR_EL1_RES1; - - write_sctlr_el1(next_sctlr); -} From 4fba2e1ff7d8e9386a333fe3624286e1abab35a8 Mon Sep 17 00:00:00 2001 From: Boyan Karatotev Date: Wed, 15 Mar 2023 14:40:54 +0000 Subject: [PATCH 4/4] chore(rme): add make rule for SPD=spmd ENABLE_RME is set then SPD must either be spmd or it should not be set. Add a rule to assert this. Signed-off-by: Boyan Karatotev Change-Id: I0556e7b0e55b04c3a8e4c20c991fbbc30486570c --- Makefile | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/Makefile b/Makefile index 5306ddfe5..d79fa9660 100644 --- a/Makefile +++ b/Makefile @@ -642,6 +642,11 @@ endif ifeq ($(SPMC_AT_EL3),1) $(error SPMC_AT_EL3 and ENABLE_RME cannot both be enabled.) endif +ifneq (${SPD}, none) +ifneq (${SPD}, spmd) + $(error ENABLE_RME is incompatible with SPD=${SPD}. Use SPD=spmd) +endif +endif include services/std_svc/rmmd/rmmd.mk $(warning "RME is an experimental feature") endif