From fc7dca72ba656e5f147487b20f9f0fb6eb39e115 Mon Sep 17 00:00:00 2001
From: Boyan Karatotev <boyan.karatotev@arm.com>
Date: Mon, 16 Dec 2024 16:23:26 +0000
Subject: [PATCH] refactor(cm): change owning security state when a feature is
 disabled

SPE and TRBE don't have an outright EL3 disable, there are only
constraints on what's allowed. Since we only enable them for NS at the
moment, we want NS to own the buffers even when the feature should be
"disabled" for a world. This means that when we're running in NS
everything is as normal but when running in S/RL then tracing is
prohibited (since the buffers are owned by NS). This allows us to fiddle
with context a bit more without having to context switch registers.

Change-Id: Ie1dc7c00e4cf9bcc746f02ae43633acca32d3758
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
---
 include/arch/aarch64/arch.h | 10 +++++++---
 lib/extensions/brbe/brbe.c  |  4 ++--
 lib/extensions/spe/spe.c    |  9 +++++----
 lib/extensions/trbe/trbe.c  | 13 +++++--------
 4 files changed, 19 insertions(+), 17 deletions(-)

diff --git a/include/arch/aarch64/arch.h b/include/arch/aarch64/arch.h
index 3a7e2ebd9..fefee4a19 100644
--- a/include/arch/aarch64/arch.h
+++ b/include/arch/aarch64/arch.h
@@ -654,15 +654,18 @@
 
 /* MDCR_EL3 definitions */
 #define MDCR_EBWE_BIT		(ULL(1) << 43)
-#define MDCR_E3BREC		(ULL(1) << 38)
-#define MDCR_E3BREW		(ULL(1) << 37)
+#define MDCR_E3BREC_BIT		(ULL(1) << 38)
+#define MDCR_E3BREW_BIT		(ULL(1) << 37)
 #define MDCR_EnPMSN_BIT		(ULL(1) << 36)
 #define MDCR_MPMX_BIT		(ULL(1) << 35)
 #define MDCR_MCCD_BIT		(ULL(1) << 34)
 #define MDCR_SBRBE_SHIFT	U(32)
-#define MDCR_SBRBE_MASK		ULL(0x3)
+#define MDCR_SBRBE(x)		((x) << MDCR_SBRBE_SHIFT)
+#define MDCR_SBRBE_ALL		ULL(0x3)
+#define MDCR_SBRBE_NS		ULL(0x1)
 #define MDCR_NSTB(x)		((x) << 24)
 #define MDCR_NSTB_EL1		ULL(0x3)
+#define MDCR_NSTB_EL3		ULL(0x2)
 #define MDCR_NSTBE_BIT		(ULL(1) << 26)
 #define MDCR_MTPME_BIT		(ULL(1) << 28)
 #define MDCR_TDCC_BIT		(ULL(1) << 27)
@@ -679,6 +682,7 @@
 #define MDCR_SPD32_ENABLE	ULL(0x3)
 #define MDCR_NSPB(x)		((x) << 12)
 #define MDCR_NSPB_EL1		ULL(0x3)
+#define MDCR_NSPB_EL3		ULL(0x2)
 #define MDCR_NSPBE_BIT		(ULL(1) << 11)
 #define MDCR_TDOSA_BIT		(ULL(1) << 10)
 #define MDCR_TDA_BIT		(ULL(1) << 9)
diff --git a/lib/extensions/brbe/brbe.c b/lib/extensions/brbe/brbe.c
index fef664783..f95165433 100644
--- a/lib/extensions/brbe/brbe.c
+++ b/lib/extensions/brbe/brbe.c
@@ -22,7 +22,7 @@ void brbe_enable(cpu_context_t *ctx)
 	 * MDCR_EL3.{E3BREW, E3BREC} = 0b00
 	 * Branch recording at EL3 is disabled
 	 */
-	mdcr_el3_val &= ~((MDCR_SBRBE_MASK << MDCR_SBRBE_SHIFT) | MDCR_E3BREW | MDCR_E3BREC);
-	mdcr_el3_val |= (0x1UL << MDCR_SBRBE_SHIFT);
+	mdcr_el3_val &= ~((MDCR_SBRBE(MDCR_SBRBE_ALL)) | MDCR_E3BREW_BIT | MDCR_E3BREC_BIT);
+	mdcr_el3_val |= (MDCR_SBRBE(MDCR_SBRBE_NS));
 	write_ctx_reg(state, CTX_MDCR_EL3, mdcr_el3_val);
 }
diff --git a/lib/extensions/spe/spe.c b/lib/extensions/spe/spe.c
index a8d42ab77..8edba0049 100644
--- a/lib/extensions/spe/spe.c
+++ b/lib/extensions/spe/spe.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2017-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2025, Arm Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -42,10 +42,10 @@ void spe_disable(cpu_context_t *ctx)
 	u_register_t mdcr_el3_val = read_ctx_reg(state, CTX_MDCR_EL3);
 
 	/*
-	 * MDCR_EL3.NSPB: Clear these bits to disable SPE feature, as it was enabled
-	 * for Non-secure state only. After clearing these bits Secure state owns
+	 * MDCR_EL3.NSPB: set to 0x2. After, Non-Secure state owns
 	 * the Profiling Buffer and accesses to Statistical Profiling and Profiling
-	 * Buffer control registers at EL2 and EL1 generate Trap exceptions to EL3
+	 * Buffer control registers at EL2 and EL1 generate Trap exceptions to EL3.
+	 * Profiling is disabled in Secure and Realm states.
 	 *
 	 * MDCR_EL3.NSPBE: Don't care as it was cleared during spe_enable and setting
 	 * this to 1 does not make sense as NSPBE{1} and NSPB{0b0x} is RESERVED.
@@ -54,6 +54,7 @@ void spe_disable(cpu_context_t *ctx)
 	 * from EL2/EL1 to EL3.
 	 */
 	mdcr_el3_val &= ~(MDCR_NSPB(MDCR_NSPB_EL1) | MDCR_EnPMSN_BIT);
+	mdcr_el3_val |= MDCR_NSPB(MDCR_NSPB_EL3);
 	write_ctx_reg(state, CTX_MDCR_EL3, mdcr_el3_val);
 }
 
diff --git a/lib/extensions/trbe/trbe.c b/lib/extensions/trbe/trbe.c
index 8775e40cc..d8eb4c29b 100644
--- a/lib/extensions/trbe/trbe.c
+++ b/lib/extensions/trbe/trbe.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2021-2024, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2025, Arm Limited. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -35,16 +35,13 @@ void trbe_disable(cpu_context_t *ctx)
 	u_register_t mdcr_el3_val = read_ctx_reg(state, CTX_MDCR_EL3);
 
 	/*
-	 * MDCR_EL3.NSTBE = 0b0
-	 *  Trace Buffer owning Security state is secure state. If FEAT_RME
-	 *  is not implemented, this field is RES0.
-	 *
-	 * MDCR_EL3.NSTB = 0b00
-	 *  Clear these bits to disable access of trace buffer control registers
-	 *  from lower ELs in any security state.
+	 * MDCR_EL3.{NSTBE,NSTB} = 0b0, 0b10
+	 *  Disable access of trace buffer control registers from lower ELs in
+	 *  any security state. Non-secure owns the buffer.
 	 */
 	mdcr_el3_val &= ~(MDCR_NSTB(MDCR_NSTB_EL1));
 	mdcr_el3_val &= ~(MDCR_NSTBE_BIT);
+	mdcr_el3_val |= MDCR_NSTB(MDCR_NSTB_EL3);
 	write_ctx_reg(state, CTX_MDCR_EL3, mdcr_el3_val);
 }