From ff86e0b4e6c34d28b8642dd8eb9cbdd517bad195 Mon Sep 17 00:00:00 2001
From: Juan Pablo Conde <juanpablo.conde@arm.com>
Date: Tue, 12 Jul 2022 16:40:29 -0400
Subject: [PATCH] feat(rng-trap): add EL3 support for FEAT_RNG_TRAP

FEAT_RNG_TRAP introduces support for EL3 trapping of reads of the
RNDR and RNDRRS registers, which is enabled by setting the
SCR_EL3.TRNDR bit. This patch adds a new build flag
ENABLE_FEAT_RNG_TRAP that enables the feature.
This feature is supported only in AArch64 state from Armv8.5 onwards.

Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
Change-Id: Ia9f17aef3444d3822bf03809036a1f668c9f2d89
---
 Makefile                               |  8 +++++++-
 changelog.yaml                         |  3 +++
 common/feat_detect.c                   | 11 +++++++++++
 docs/getting_started/build-options.rst |  8 +++++++-
 include/arch/aarch64/arch.h            |  7 +++++++
 include/arch/aarch64/arch_features.h   |  7 +++++++
 lib/el3_runtime/aarch64/context_mgmt.c |  8 ++++++++
 make_helpers/defaults.mk               |  4 ++++
 8 files changed, 54 insertions(+), 2 deletions(-)

diff --git a/Makefile b/Makefile
index ee5e2e7a8..8d8facdfb 100644
--- a/Makefile
+++ b/Makefile
@@ -788,11 +788,15 @@ ifeq (${ARCH},aarch32)
         $(error "ENABLE_SVE_FOR_NS cannot be used with ARCH=aarch32")
     endif
 
-    # BRBE is not supported in Aarch32
+    # BRBE is not supported in AArch32
     ifeq (${ENABLE_BRBE_FOR_NS},1)
         $(error "ENABLE_BRBE_FOR_NS cannot be used with ARCH=aarch32")
     endif
 
+    # FEAT_RNG_TRAP is not supported in AArch32
+    ifeq (${ENABLE_FEAT_RNG_TRAP},1)
+        $(error "ENABLE_FEAT_RNG_TRAP cannot be used with ARCH=aarch32")
+    endif
 endif
 
 # Ensure ENABLE_RME is not used with SME
@@ -1073,6 +1077,7 @@ $(eval $(call assert_numerics,\
         ENABLE_FEAT_HCX \
         ENABLE_FEAT_PAN \
         ENABLE_FEAT_RNG \
+        ENABLE_FEAT_RNG_TRAP \
         ENABLE_FEAT_SB \
         ENABLE_FEAT_SEL2 \
         ENABLE_FEAT_VHE \
@@ -1183,6 +1188,7 @@ $(eval $(call add_defines,\
         COT_DESC_IN_DTB \
         USE_SP804_TIMER \
         ENABLE_FEAT_RNG \
+        ENABLE_FEAT_RNG_TRAP \
         ENABLE_FEAT_SB \
         ENABLE_FEAT_DIT \
         NR_OF_FW_BANKS \
diff --git a/changelog.yaml b/changelog.yaml
index c4028c4f9..986d303f4 100644
--- a/changelog.yaml
+++ b/changelog.yaml
@@ -125,6 +125,9 @@ subsections:
       - title: Extended Cache Index (FEAT_CCIDX)
         scope: ccidx
 
+      - title: Trapping support for RNDR/RNDRRS (FEAT_RNG_TRAP)
+        scope: rng-trap
+
   - title: Platforms
 
     subsections:
diff --git a/common/feat_detect.c b/common/feat_detect.c
index be3e20e6f..ee3458865 100644
--- a/common/feat_detect.c
+++ b/common/feat_detect.c
@@ -254,6 +254,16 @@ static void read_feat_trbe(void)
 #endif
 }
 
+/******************************************************************
+ * Feature : FEAT_RNG_TRAP (Trapping support for RNDR/RNDRRS)
+ *****************************************************************/
+static void read_feat_rng_trap(void)
+{
+#if (ENABLE_FEAT_RNG_TRAP == FEAT_STATE_1)
+	feat_detect_panic(is_feat_rng_trap_present(), "RNG_TRAP");
+#endif
+}
+
 /***********************************************************************************
  * TF-A supports many Arm architectural features starting from arch version
  * (8.0 till 8.7+). These features are mostly enabled through build flags. This
@@ -304,6 +314,7 @@ void detect_arch_features(void)
 	read_feat_mte();
 	read_feat_rng();
 	read_feat_bti();
+	read_feat_rng_trap();
 
 	/* v8.6 features */
 	read_feat_amuv1p1();
diff --git a/docs/getting_started/build-options.rst b/docs/getting_started/build-options.rst
index b291d626b..80593a1f9 100644
--- a/docs/getting_started/build-options.rst
+++ b/docs/getting_started/build-options.rst
@@ -313,7 +313,13 @@ Common build options
 -  ``ENABLE_FEAT_RNG``: Numeric value to enable the ``FEAT_RNG`` extension.
    ``FEAT_RNG`` is an optional feature available on Arm v8.5 onwards. This
    flag can take the values 0 to 2, to align with the ``FEATURE_DETECTION``
-   mechanism. Default is ``0``.
+   mechanism. Default value is ``0``.
+
+-  ``ENABLE_FEAT_RNG_TRAP``: Numeric value to enable the ``FEAT_RNG_TRAP``
+   extension. This feature is only supported in AArch64 state. This flag can
+   take values 0 to 2, to align with the ``FEATURE_DETECTION`` mechanism.
+   Default value is ``0``. ``FEAT_RNG_TRAP`` is an optional feature from
+   Armv8.5 onwards.
 
 -  ``ENABLE_FEAT_SB``: Numeric value to enable the ``FEAT_SB`` (Speculation
    Barrier) extension allowing access to ``sb`` instruction. ``FEAT_SB`` is an
diff --git a/include/arch/aarch64/arch.h b/include/arch/aarch64/arch.h
index e55d33fd3..3a2a032fd 100644
--- a/include/arch/aarch64/arch.h
+++ b/include/arch/aarch64/arch.h
@@ -353,6 +353,12 @@
 #define ID_AA64PFR1_EL1_MTE_SHIFT	U(8)
 #define ID_AA64PFR1_EL1_MTE_MASK	ULL(0xf)
 
+#define ID_AA64PFR1_EL1_RNDR_TRAP_SHIFT	U(28)
+#define ID_AA64PFR1_EL1_RNDR_TRAP_MASK	U(0xf)
+
+#define ID_AA64PFR1_EL1_RNG_TRAP_SUPPORTED	ULL(0x1)
+#define ID_AA64PFR1_EL1_RNG_TRAP_NOT_SUPPORTED	ULL(0x0)
+
 /* Memory Tagging Extension is not implemented */
 #define MTE_UNIMPLEMENTED	U(0)
 /* FEAT_MTE: MTE instructions accessible at EL0 are implemented */
@@ -485,6 +491,7 @@
 #define SCR_GPF_BIT		(UL(1) << 48)
 #define SCR_TWEDEL_SHIFT	U(30)
 #define SCR_TWEDEL_MASK		ULL(0xf)
+#define SCR_TRNDR_BIT		(UL(1) << 40)
 #define SCR_HXEn_BIT		(UL(1) << 38)
 #define SCR_ENTP2_SHIFT		U(41)
 #define SCR_ENTP2_BIT		(UL(1) << SCR_ENTP2_SHIFT)
diff --git a/include/arch/aarch64/arch_features.h b/include/arch/aarch64/arch_features.h
index 79a61b5bb..0af5b747d 100644
--- a/include/arch/aarch64/arch_features.h
+++ b/include/arch/aarch64/arch_features.h
@@ -129,6 +129,13 @@ static inline bool is_feat_hcx_present(void)
 		ID_AA64MMFR1_EL1_HCX_MASK) == ID_AA64MMFR1_EL1_HCX_SUPPORTED);
 }
 
+static inline bool is_feat_rng_trap_present(void)
+{
+	return (((read_id_aa64pfr1_el1() >> ID_AA64PFR1_EL1_RNDR_TRAP_SHIFT) &
+			ID_AA64PFR1_EL1_RNDR_TRAP_MASK)
+			== ID_AA64PFR1_EL1_RNG_TRAP_SUPPORTED);
+}
+
 static inline unsigned int get_armv9_2_feat_rme_support(void)
 {
 	/*
diff --git a/lib/el3_runtime/aarch64/context_mgmt.c b/lib/el3_runtime/aarch64/context_mgmt.c
index da610d06b..68aacc1bb 100644
--- a/lib/el3_runtime/aarch64/context_mgmt.c
+++ b/lib/el3_runtime/aarch64/context_mgmt.c
@@ -299,6 +299,14 @@ static void setup_context_common(cpu_context_t *ctx, const entry_point_info_t *e
 	scr_el3 |= SCR_HXEn_BIT;
 #endif
 
+	/*
+	 * If FEAT_RNG_TRAP is enabled, all reads of the RNDR and RNDRRS
+	 * registers are trapped to EL3.
+	 */
+#if ENABLE_FEAT_RNG_TRAP
+	scr_el3 |= SCR_TRNDR_BIT;
+#endif
+
 #if RAS_TRAP_LOWER_EL_ERR_ACCESS
 	/*
 	 * SCR_EL3.TERR: Trap Error record accesses. Accesses to the RAS ERR
diff --git a/make_helpers/defaults.mk b/make_helpers/defaults.mk
index fab6bf6da..42ebd33c4 100644
--- a/make_helpers/defaults.mk
+++ b/make_helpers/defaults.mk
@@ -160,6 +160,10 @@ ENABLE_FEAT_PAN			:= 0
 # Flag to enable access to the Random Number Generator registers
 ENABLE_FEAT_RNG			:= 0
 
+# Flag to enable support for EL3 trapping of reads of the RNDR and RNDRRS
+# registers, by setting SCR_EL3.TRNDR.
+ENABLE_FEAT_RNG_TRAP		:= 0
+
 # Flag to enable Speculation Barrier Instruction
 ENABLE_FEAT_SB			:= 0