Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
adam.huang
Arm Trusted Firmware
Commits
336ece6a
Unverified
Commit
336ece6a
authored
Apr 18, 2018
by
Dimitris Papastamos
Committed by
GitHub
Apr 18, 2018
Browse files
Merge pull request #1357 from antonio-nino-diaz-arm/an/fix-misra
Fix some MISRA defects in SPM code
parents
bedf6f0b
b3323cd6
Changes
6
Show whitespace changes
Inline
Side-by-side
include/common/runtime_svc.h
View file @
336ece6a
...
...
@@ -102,15 +102,15 @@ CASSERT(RT_SVC_DESC_HANDLE == __builtin_offsetof(rt_svc_desc_t, handle), \
* oen is used to access an entry in the 'rt_svc_descs_indices' array. The entry
* contains the index of the service descriptor in the 'rt_svc_descs' array.
*/
#define get_unique_oen(oen, call_type)
((oen & FUNCID_OEN_MASK) |
\
((call_type
& FUNCID_
TYPE
_MASK) \
<< FUNCID_OEN_WIDTH))
#define get_unique_oen(oen, call_type)
\
(((uint32_t)(oen)
& FUNCID_
OEN
_MASK)
|
\
(((uint32_t)(call_type) & FUNCID_TYPE_MASK)
<< FUNCID_OEN_WIDTH))
/*
* This macro generates the unique owning entity number from the SMC Function
* ID.
This unique oen is used to access an entry in the
*
'rt_svc_descs_indices'
array to invoke the corresponding runtime service
*
handler during SMC
handling.
* ID. This unique oen is used to access an entry in the
'rt_svc_descs_indices'
* array to invoke the corresponding runtime service
handler during SMC
* handling.
*/
#define get_unique_oen_from_smc_fid(fid) \
get_unique_oen(((fid) >> FUNCID_OEN_SHIFT), \
...
...
include/lib/aarch64/arch.h
View file @
336ece6a
...
...
@@ -442,10 +442,10 @@
#define GET_M32(mode) (((mode) >> MODE32_SHIFT) & MODE32_MASK)
#define SPSR_64(el, sp, daif) \
(MODE_RW_64 << MODE_RW_SHIFT |
\
((el) & MODE_EL_MASK) << MODE_EL_SHIFT | \
((sp) & MODE_SP_MASK) << MODE_SP_SHIFT | \
((daif) & SPSR_DAIF_MASK) << SPSR_DAIF_SHIFT)
(
(MODE_RW_64 << MODE_RW_SHIFT
)
| \
((
(
el) & MODE_EL_MASK) << MODE_EL_SHIFT
)
| \
((
(
sp) & MODE_SP_MASK) << MODE_SP_SHIFT
)
| \
((
(
daif) & SPSR_DAIF_MASK) << SPSR_DAIF_SHIFT)
)
#define SPSR_MODE32(mode, isa, endian, aif) \
((MODE_RW_32 << MODE_RW_SHIFT) | \
...
...
include/lib/smccc.h
View file @
336ece6a
...
...
@@ -76,8 +76,8 @@
#define SMC_FROM_SECURE (U(0) << 0)
#define SMC_FROM_NON_SECURE (U(1) << 0)
#define is_caller_non_secure(_f) (
!!
(_f & SMC_FROM_NON_SECURE))
#define is_caller_secure(_f) (!
(
is_caller_non_secure(_f))
)
#define is_caller_non_secure(_f) (
(
(_f
)
& SMC_FROM_NON_SECURE)
!= U(0)
)
#define is_caller_secure(_f) (!is_caller_non_secure(_f))
/* The macro below is used to identify a Standard Service SMC call */
#define is_std_svc_call(_fid) ((((_fid) >> FUNCID_OEN_SHIFT) & \
...
...
include/lib/xlat_tables/xlat_tables_v2.h
View file @
336ece6a
...
...
@@ -299,7 +299,7 @@ int mmap_remove_dynamic_region_ctx(xlat_ctx_t *ctx,
* executing.
*/
int
change_mem_attributes
(
xlat_ctx_t
*
ctx
,
uintptr_t
base_va
,
size_t
size
,
mmap_attr
_t
attr
);
uint32
_t
attr
);
/*
* Query the memory attributes of a memory page in a set of translation tables.
...
...
@@ -317,7 +317,7 @@ int change_mem_attributes(xlat_ctx_t *ctx, uintptr_t base_va, size_t size,
* Output parameter where to store the attributes of the targeted memory page.
*/
int
get_mem_attributes
(
const
xlat_ctx_t
*
ctx
,
uintptr_t
base_va
,
mmap_attr
_t
*
attributes
);
uint32
_t
*
attributes
);
#endif
/*__ASSEMBLY__*/
#endif
/* __XLAT_TABLES_V2_H__ */
lib/xlat_tables_v2/xlat_tables_internal.c
View file @
336ece6a
...
...
@@ -115,7 +115,7 @@ static uint64_t *xlat_table_get_empty(xlat_ctx_t *ctx)
/*
* Returns a block/page table descriptor for the given level and attributes.
*/
static
uint64_t
xlat_desc
(
const
xlat_ctx_t
*
ctx
,
mmap_attr
_t
attr
,
static
uint64_t
xlat_desc
(
const
xlat_ctx_t
*
ctx
,
uint32
_t
attr
,
unsigned
long
long
addr_pa
,
int
level
)
{
uint64_t
desc
;
...
...
@@ -561,7 +561,8 @@ static uintptr_t xlat_tables_map_region(xlat_ctx_t *ctx, mmap_region_t *mm,
if
(
action
==
ACTION_WRITE_BLOCK_ENTRY
)
{
table_base
[
table_idx
]
=
xlat_desc
(
ctx
,
mm
->
attr
,
table_idx_pa
,
level
);
xlat_desc
(
ctx
,
(
uint32_t
)
mm
->
attr
,
table_idx_pa
,
level
);
}
else
if
(
action
==
ACTION_CREATE_NEW_TABLE
)
{
...
...
@@ -1427,7 +1428,7 @@ static uint64_t *find_xlat_table_entry(uintptr_t virtual_addr,
static
int
get_mem_attributes_internal
(
const
xlat_ctx_t
*
ctx
,
uintptr_t
base_va
,
mmap_attr
_t
*
attributes
,
uint64_t
**
table_entry
,
uint32
_t
*
attributes
,
uint64_t
**
table_entry
,
unsigned
long
long
*
addr_pa
,
int
*
table_level
)
{
uint64_t
*
entry
;
...
...
@@ -1518,7 +1519,7 @@ static int get_mem_attributes_internal(const xlat_ctx_t *ctx, uintptr_t base_va,
int
get_mem_attributes
(
const
xlat_ctx_t
*
ctx
,
uintptr_t
base_va
,
mmap_attr
_t
*
attributes
)
uint32
_t
*
attributes
)
{
return
get_mem_attributes_internal
(
ctx
,
base_va
,
attributes
,
NULL
,
NULL
,
NULL
);
...
...
@@ -1528,7 +1529,7 @@ int get_mem_attributes(const xlat_ctx_t *ctx, uintptr_t base_va,
int
change_mem_attributes
(
xlat_ctx_t
*
ctx
,
uintptr_t
base_va
,
size_t
size
,
mmap_attr
_t
attr
)
uint32
_t
attr
)
{
/* Note: This implementation isn't optimized. */
...
...
@@ -1625,7 +1626,7 @@ int change_mem_attributes(xlat_ctx_t *ctx,
for
(
int
i
=
0
;
i
<
pages_count
;
++
i
)
{
mmap_attr
_t
old_attr
,
new_attr
;
uint32
_t
old_attr
,
new_attr
;
uint64_t
*
entry
;
int
level
;
unsigned
long
long
addr_pa
;
...
...
services/std_svc/spm/spm_main.c
View file @
336ece6a
...
...
@@ -35,7 +35,7 @@ static secure_partition_context_t sp_ctx;
* Replace the S-EL1 re-entry information with S-EL0 re-entry
* information
******************************************************************************/
void
spm_setup_next_eret_into_sel0
(
cpu_context_t
*
secure_context
)
static
void
spm_setup_next_eret_into_sel0
(
const
cpu_context_t
*
secure_context
)
{
assert
(
secure_context
==
cm_get_context
(
SECURE
));
...
...
@@ -83,14 +83,14 @@ static uint64_t spm_synchronous_sp_entry(secure_partition_context_t *sp_ctx_ptr)
* as the generic smc entry routine should have saved those.
******************************************************************************/
static
void
__dead2
spm_synchronous_sp_exit
(
secure_partition_context_t
*
sp_ctx_ptr
,
uint64_t
ret
)
const
secure_partition_context_t
*
sp_ctx_ptr
,
uint64_t
ret
)
{
assert
(
sp_ctx_ptr
!=
NULL
);
/* Save the Secure EL1 system register context */
assert
(
cm_get_context
(
SECURE
)
==
&
sp_ctx_ptr
->
cpu_ctx
);
cm_el1_sysregs_context_save
(
SECURE
);
assert
(
sp_ctx_ptr
->
c_rt_ctx
!=
0
);
assert
(
sp_ctx_ptr
->
c_rt_ctx
!=
0
U
);
spm_secure_partition_exit
(
sp_ctx_ptr
->
c_rt_ctx
,
ret
);
/* Should never reach here */
...
...
@@ -104,7 +104,7 @@ static void __dead2 spm_synchronous_sp_exit(
* used. This function performs a synchronous entry into the Secure partition.
* The SP passes control back to this routine through a SMC.
******************************************************************************/
int32_t
spm_init
(
void
)
static
int32_t
spm_init
(
void
)
{
entry_point_info_t
*
secure_partition_ep_info
;
uint64_t
rc
;
...
...
@@ -116,7 +116,7 @@ int32_t spm_init(void)
* absence is a critical failure.
*/
secure_partition_ep_info
=
bl31_plat_get_next_image_ep_info
(
SECURE
);
assert
(
secure_partition_ep_info
);
assert
(
secure_partition_ep_info
!=
NULL
);
/*
* Initialise the common context and then overlay the S-EL0 specific
...
...
@@ -155,15 +155,15 @@ void spm_init_sp_ep_state(struct entry_point_info *sp_ep_info,
{
uint32_t
ep_attr
;
assert
(
sp_ep_info
);
assert
(
pc
);
assert
(
sp_ctx_ptr
);
assert
(
sp_ep_info
!=
NULL
);
assert
(
pc
!=
0U
);
assert
(
sp_ctx_ptr
!=
NULL
);
cm_set_context
(
&
sp_ctx_ptr
->
cpu_ctx
,
SECURE
);
/* initialise an entrypoint to set up the CPU context */
ep_attr
=
SECURE
|
EP_ST_ENABLE
;
if
(
read_sctlr_el3
()
&
SCTLR_EE_BIT
)
if
(
(
read_sctlr_el3
()
&
SCTLR_EE_BIT
)
!=
0U
)
ep_attr
|=
EP_EE_BIG
;
SET_PARAM_HEAD
(
sp_ep_info
,
PARAM_EP
,
VERSION_1
,
ep_attr
);
...
...
@@ -192,7 +192,7 @@ int32_t spm_setup(void)
* absence is a critical failure.
*/
secure_partition_ep_info
=
bl31_plat_get_next_image_ep_info
(
SECURE
);
if
(
!
secure_partition_ep_info
)
{
if
(
secure_partition_ep_info
==
NULL
)
{
WARN
(
"No SPM provided by BL2 boot loader, Booting device"
" without SPM initialization. SMCs destined for SPM"
" will return SMC_UNK
\n
"
);
...
...
@@ -204,7 +204,7 @@ int32_t spm_setup(void)
* signalling failure initializing the service. We bail out without
* registering any handlers
*/
if
(
!
secure_partition_ep_info
->
pc
)
{
if
(
secure_partition_ep_info
->
pc
==
0U
)
{
return
1
;
}
...
...
@@ -231,9 +231,9 @@ int32_t spm_setup(void)
* The other fields are left as 0 because they are ignored by the function
* change_mem_attributes().
*/
static
mmap_attr_
t
smc_attr_to_mmap_attr
(
unsigned
int
attributes
)
static
unsigned
in
t
smc_attr_to_mmap_attr
(
unsigned
int
attributes
)
{
mmap_attr_
t
tf_attr
=
0
;
unsigned
in
t
tf_attr
=
0
U
;
unsigned
int
access
=
(
attributes
&
SP_MEMORY_ATTRIBUTES_ACCESS_MASK
)
>>
SP_MEMORY_ATTRIBUTES_ACCESS_SHIFT
;
...
...
@@ -262,11 +262,11 @@ static mmap_attr_t smc_attr_to_mmap_attr(unsigned int attributes)
* This function converts attributes from the Trusted Firmware format into the
* SMC interface format.
*/
static
int
smc_mmap_to_smc_attr
(
mmap_attr_
t
attr
)
static
unsigned
int
smc_mmap_to_smc_attr
(
unsigned
in
t
attr
)
{
int
smc_attr
=
0
;
unsigned
int
smc_attr
=
0
U
;
int
data_access
;
unsigned
int
data_access
;
if
((
attr
&
MT_USER
)
==
0
)
{
/* No access from EL0. */
...
...
@@ -283,28 +283,29 @@ static int smc_mmap_to_smc_attr(mmap_attr_t attr)
smc_attr
|=
(
data_access
&
SP_MEMORY_ATTRIBUTES_ACCESS_MASK
)
<<
SP_MEMORY_ATTRIBUTES_ACCESS_SHIFT
;
if
(
attr
&
MT_EXECUTE_NEVER
)
{
if
(
(
attr
&
MT_EXECUTE_NEVER
)
!=
0U
)
{
smc_attr
|=
SP_MEMORY_ATTRIBUTES_NON_EXEC
;
}
return
smc_attr
;
}
static
int
spm_memory_attributes_get_smc_handler
(
uintptr_t
base_va
)
static
int
32_t
spm_memory_attributes_get_smc_handler
(
uintptr_t
base_va
)
{
uint32_t
attributes
;
spin_lock
(
&
mem_attr_smc_lock
);
mmap_attr_t
attributes
;
int
rc
=
get_mem_attributes
(
secure_partition_xlat_ctx_handle
,
base_va
,
&
attributes
);
spin_unlock
(
&
mem_attr_smc_lock
);
/* Convert error codes of get_mem_attributes() into SPM ones. */
assert
(
rc
==
0
||
rc
==
-
EINVAL
);
assert
(
(
rc
==
0
)
||
(
rc
==
-
EINVAL
)
)
;
if
(
rc
==
0
)
{
return
smc_mmap_to_smc_attr
(
attributes
);
return
(
int32_t
)
smc_mmap_to_smc_attr
(
attributes
);
}
else
{
return
SPM_INVALID_PARAMETER
;
}
...
...
@@ -316,7 +317,7 @@ static int spm_memory_attributes_set_smc_handler(u_register_t page_address,
{
uintptr_t
base_va
=
(
uintptr_t
)
page_address
;
size_t
size
=
(
size_t
)
(
pages_count
*
PAGE_SIZE
);
u
nsigned
in
t
attributes
=
(
u
nsigned
in
t
)
smc_attributes
;
u
int32_
t
attributes
=
(
u
int32_
t
)
smc_attributes
;
INFO
(
" Start address : 0x%lx
\n
"
,
base_va
);
INFO
(
" Number of pages: %i (%zi bytes)
\n
"
,
(
int
)
pages_count
,
size
);
...
...
@@ -330,7 +331,7 @@ static int spm_memory_attributes_set_smc_handler(u_register_t page_address,
spin_unlock
(
&
mem_attr_smc_lock
);
/* Convert error codes of change_mem_attributes() into SPM ones. */
assert
(
ret
==
0
||
ret
==
-
EINVAL
);
assert
(
(
ret
==
0
)
||
(
ret
==
-
EINVAL
)
)
;
return
(
ret
==
0
)
?
SPM_SUCCESS
:
SPM_INVALID_PARAMETER
;
}
...
...
@@ -389,7 +390,7 @@ uint64_t spm_smc_handler(uint32_t smc_fid,
/* Get a reference to the non-secure context */
ns_cpu_context
=
cm_get_context
(
NON_SECURE
);
assert
(
ns_cpu_context
);
assert
(
ns_cpu_context
!=
NULL
);
/* Restore non-secure state */
cm_el1_sysregs_context_restore
(
NON_SECURE
);
...
...
@@ -435,17 +436,17 @@ uint64_t spm_smc_handler(uint32_t smc_fid,
uint64_t
comm_size_address
=
x3
;
/* Cookie. Reserved for future use. It must be zero. */
if
(
mm_cookie
!=
0
)
{
if
(
mm_cookie
!=
0
U
)
{
ERROR
(
"MM_COMMUNICATE: cookie is not zero
\n
"
);
SMC_RET1
(
handle
,
SPM_INVALID_PARAMETER
);
}
if
(
comm_buffer_address
==
0
)
{
if
(
comm_buffer_address
==
0
U
)
{
ERROR
(
"MM_COMMUNICATE: comm_buffer_address is zero
\n
"
);
SMC_RET1
(
handle
,
SPM_INVALID_PARAMETER
);
}
if
(
comm_size_address
!=
0
)
{
if
(
comm_size_address
!=
0
U
)
{
VERBOSE
(
"MM_COMMUNICATE: comm_size_address is not 0 as recommended.
\n
"
);
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment