diff --git a/Makefile b/Makefile index 817b16af2..e80f97c23 100644 --- a/Makefile +++ b/Makefile @@ -1240,6 +1240,7 @@ $(eval $(call assert_booleans,\ CONDITIONAL_CMO \ PSA_CRYPTO \ ENABLE_CONSOLE_GETC \ + INIT_UNUSED_NS_EL2 \ ))) # Numeric_Flags @@ -1432,6 +1433,7 @@ $(eval $(call add_defines,\ ENABLE_SPMD_LP \ PSA_CRYPTO \ ENABLE_CONSOLE_GETC \ + INIT_UNUSED_NS_EL2 \ ))) ifeq (${SANITIZE_UB},trap) diff --git a/docs/getting_started/build-options.rst b/docs/getting_started/build-options.rst index e54b0b941..702070c20 100644 --- a/docs/getting_started/build-options.rst +++ b/docs/getting_started/build-options.rst @@ -677,6 +677,10 @@ Common build options invert this behavior. Lower addresses will be printed at the top and higher addresses at the bottom. +- ``INIT_UNUSED_NS_EL2``: This build flag guards code that disables EL2 + safely in scenario where NS-EL2 is present but unused. This flag is set to 0 + by default. Platforms without NS-EL2 in use must enable this flag. + - ``KEY_ALG``: This build flag enables the user to select the algorithm to be used for generating the PKCS keys and subsequent signing of the certificate. It accepts 5 values: ``rsa``, ``rsa_1_5``, ``ecdsa``, ``ecdsa-brainpool-regular`` diff --git a/lib/el3_runtime/aarch64/context_mgmt.c b/lib/el3_runtime/aarch64/context_mgmt.c index 623189840..fdd1388cb 100644 --- a/lib/el3_runtime/aarch64/context_mgmt.c +++ b/lib/el3_runtime/aarch64/context_mgmt.c @@ -711,6 +711,7 @@ static __unused void enable_pauth_el2(void) write_hcr_el2(hcr_el2); } +#if INIT_UNUSED_NS_EL2 /******************************************************************************* * Enable architecture extensions in-place at EL2 on first entry to Non-secure * world when EL2 is empty and unused. @@ -757,6 +758,7 @@ static void manage_extensions_nonsecure_el2_unused(void) #endif /* ENABLE_PAUTH */ #endif /* IMAGE_BL31 */ } +#endif /* INIT_UNUSED_NS_EL2 */ /******************************************************************************* * Enable architecture extensions on first entry to Secure world. @@ -809,8 +811,9 @@ void cm_init_my_context(const entry_point_info_t *ep) } /* EL2 present but unused, need to disable safely. SCTLR_EL2 can be ignored */ -static __unused void init_nonsecure_el2_unused(cpu_context_t *ctx) +static void init_nonsecure_el2_unused(cpu_context_t *ctx) { +#if INIT_UNUSED_NS_EL2 u_register_t hcr_el2 = HCR_RESET_VAL; u_register_t mdcr_el2; u_register_t scr_el3; @@ -909,6 +912,7 @@ static __unused void init_nonsecure_el2_unused(cpu_context_t *ctx) write_cnthp_ctl_el2(CNTHP_CTL_RESET_VAL & ~(CNTHP_CTL_ENABLE_BIT)); manage_extensions_nonsecure_el2_unused(); +#endif /* INIT_UNUSED_NS_EL2 */ } /******************************************************************************* diff --git a/make_helpers/defaults.mk b/make_helpers/defaults.mk index e02917c8a..f0f157c1f 100644 --- a/make_helpers/defaults.mk +++ b/make_helpers/defaults.mk @@ -367,3 +367,9 @@ PSA_CRYPTO := 0 # Disabled by default because it constitutes an attack vector into TF-A. It # should only be enabled if there is a use case for it. ENABLE_CONSOLE_GETC := 0 + +# Build option to disable EL2 when it is not used. +# Most platforms switch from EL3 to NS-EL2 and hence the unused NS-EL2 +# functions must be enabled by platforms if they require it. +# Disabled by default. +INIT_UNUSED_NS_EL2 := 0