mirror of
https://github.com/ARM-software/arm-trusted-firmware.git
synced 2025-04-17 01:54:22 +00:00
13f4a25251
Patch fc7dca72ba656e5f147487b20f9f0fb6eb39e116 changed the owning
security states of the TRBE and SPE buffers to NS. The thinking was that
this would assist SMCCC feature availability to more easily determine
if the feature is enabled or disabled. However, that only changed bit 0
while the SMCCC feature only looks at bit 1 so this change is redundant.
It was also meant to tighten security but that was done by
73d98e3759 instead.
Annoyingly, FEAT_TRBE has TRBIDR_EL1 which reports that programming is
allowed when the current security state owns the buffer even when the
MDCR_EL3 setting disallows this in practice.
So revert the functional aspect of the patch as it causes linux panics
with ERRATA_A520_2938996. Keep the defines as they are used elsewhere.
Change-Id: I39463d585df89aee44d1996137616da85d678f41
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
72 lines
2.1 KiB
C
72 lines
2.1 KiB
C
/*
|
|
* Copyright (c) 2017-2025, Arm Limited and Contributors. All rights reserved.
|
|
*
|
|
* SPDX-License-Identifier: BSD-3-Clause
|
|
*/
|
|
|
|
#include <stdbool.h>
|
|
|
|
#include <arch.h>
|
|
#include <arch_features.h>
|
|
#include <arch_helpers.h>
|
|
#include <lib/extensions/spe.h>
|
|
|
|
#include <plat/common/platform.h>
|
|
|
|
void spe_enable(cpu_context_t *ctx)
|
|
{
|
|
el3_state_t *state = get_el3state_ctx(ctx);
|
|
u_register_t mdcr_el3_val = read_ctx_reg(state, CTX_MDCR_EL3);
|
|
|
|
/*
|
|
* MDCR_EL3.NSPB (ARM v8.2): SPE enabled in Non-secure state
|
|
* and disabled in secure state. Accesses to SPE registers at
|
|
* S-EL1 generate trap exceptions to EL3.
|
|
*
|
|
* MDCR_EL3.NSPBE: Profiling Buffer uses Non-secure Virtual Addresses.
|
|
* When FEAT_RME is not implemented, this field is RES0.
|
|
*
|
|
* MDCR_EL3.EnPMSN (ARM v8.7): Do not trap access to PMSNEVFR_EL1
|
|
* register at NS-EL1 or NS-EL2 to EL3 if FEAT_SPEv1p2 is implemented.
|
|
* Setting this bit to 1 doesn't have any effect on it when
|
|
* FEAT_SPEv1p2 not implemented.
|
|
*/
|
|
mdcr_el3_val |= MDCR_NSPB(MDCR_NSPB_EL1) | MDCR_EnPMSN_BIT;
|
|
mdcr_el3_val &= ~(MDCR_NSPBE_BIT);
|
|
write_ctx_reg(state, CTX_MDCR_EL3, mdcr_el3_val);
|
|
}
|
|
|
|
void spe_disable(cpu_context_t *ctx)
|
|
{
|
|
el3_state_t *state = get_el3state_ctx(ctx);
|
|
u_register_t mdcr_el3_val = read_ctx_reg(state, CTX_MDCR_EL3);
|
|
|
|
/*
|
|
* MDCR_EL3.{NSPB,NSPBE} = 0b00, 0b0
|
|
* Disable access of profiling buffer control registers from lower ELs
|
|
* in any security state. Secure state owns the buffer.
|
|
*
|
|
* MDCR_EL3.EnPMSN (ARM v8.7): Clear the bit to trap access of PMSNEVFR_EL1
|
|
* from EL2/EL1 to EL3.
|
|
*/
|
|
mdcr_el3_val &= ~(MDCR_NSPB(MDCR_NSPB_EL1) | MDCR_NSPBE_BIT | MDCR_EnPMSN_BIT);
|
|
write_ctx_reg(state, CTX_MDCR_EL3, mdcr_el3_val);
|
|
}
|
|
|
|
void spe_init_el2_unused(void)
|
|
{
|
|
uint64_t v;
|
|
|
|
/*
|
|
* MDCR_EL2.TPMS (ARM v8.2): Do not trap statistical
|
|
* profiling controls to EL2.
|
|
*
|
|
* MDCR_EL2.E2PB (ARM v8.2): SPE enabled in Non-secure
|
|
* state. Accesses to profiling buffer controls at
|
|
* Non-secure EL1 are not trapped to EL2.
|
|
*/
|
|
v = read_mdcr_el2();
|
|
v &= ~MDCR_EL2_TPMS;
|
|
v |= MDCR_EL2_E2PB(MDCR_EL2_E2PB_EL1);
|
|
write_mdcr_el2(v);
|
|
}
|