Merge "refactor(cm): introduce INIT_UNUSED_NS_EL2 macro" into integration

Makefile

@@ -1240,6 +1240,7 @@ $(eval $(call assert_booleans,\
 	CONDITIONAL_CMO \
 	PSA_CRYPTO	\
 	ENABLE_CONSOLE_GETC \
+	INIT_UNUSED_NS_EL2	\
 )))
 
 # Numeric_Flags
@@ -1432,6 +1433,7 @@ $(eval $(call add_defines,\
 	ENABLE_SPMD_LP \
 	PSA_CRYPTO	\
 	ENABLE_CONSOLE_GETC \
+	INIT_UNUSED_NS_EL2	\
 )))
 
 ifeq (${SANITIZE_UB},trap)

docs/getting_started/build-options.rst

@@ -677,6 +677,10 @@ Common build options
    invert this behavior. Lower addresses will be printed at the top and higher
    addresses at the bottom.
 
+-  ``INIT_UNUSED_NS_EL2``: This build flag guards code that disables EL2
+   safely in scenario where NS-EL2 is present but unused. This flag is set to 0
+   by default. Platforms without NS-EL2 in use must enable this flag.
+
 -  ``KEY_ALG``: This build flag enables the user to select the algorithm to be
    used for generating the PKCS keys and subsequent signing of the certificate.
    It accepts 5 values: ``rsa``, ``rsa_1_5``, ``ecdsa``, ``ecdsa-brainpool-regular``

lib/el3_runtime/aarch64/context_mgmt.c

@@ -711,6 +711,7 @@ static __unused void enable_pauth_el2(void)
 	write_hcr_el2(hcr_el2);
 }
 
+#if INIT_UNUSED_NS_EL2
 /*******************************************************************************
  * Enable architecture extensions in-place at EL2 on first entry to Non-secure
  * world when EL2 is empty and unused.
@@ -757,6 +758,7 @@ static void manage_extensions_nonsecure_el2_unused(void)
 #endif /* ENABLE_PAUTH */
 #endif /* IMAGE_BL31 */
 }
+#endif /* INIT_UNUSED_NS_EL2 */
 
 /*******************************************************************************
  * Enable architecture extensions on first entry to Secure world.
@@ -809,8 +811,9 @@ void cm_init_my_context(const entry_point_info_t *ep)
 }
 
 /* EL2 present but unused, need to disable safely. SCTLR_EL2 can be ignored */
-static __unused void init_nonsecure_el2_unused(cpu_context_t *ctx)
+static void init_nonsecure_el2_unused(cpu_context_t *ctx)
 {
+#if INIT_UNUSED_NS_EL2
 	u_register_t hcr_el2 = HCR_RESET_VAL;
 	u_register_t mdcr_el2;
 	u_register_t scr_el3;
@@ -909,6 +912,7 @@ static __unused void init_nonsecure_el2_unused(cpu_context_t *ctx)
 	write_cnthp_ctl_el2(CNTHP_CTL_RESET_VAL & ~(CNTHP_CTL_ENABLE_BIT));
 
 	manage_extensions_nonsecure_el2_unused();
+#endif /* INIT_UNUSED_NS_EL2 */
 }
 
 /*******************************************************************************

make_helpers/defaults.mk

@@ -367,3 +367,9 @@ PSA_CRYPTO			:= 0
 # Disabled by default because it constitutes an attack vector into TF-A. It
 # should only be enabled if there is a use case for it.
 ENABLE_CONSOLE_GETC		:= 0
+
+# Build option to disable EL2 when it is not used.
+# Most platforms switch from EL3 to NS-EL2 and hence the unused NS-EL2
+# functions must be enabled by platforms if they require it.
+# Disabled by default.
+INIT_UNUSED_NS_EL2		:= 0