Merge pull request #1202 from antonio-nino-diaz-arm/an/spm-secondary-cores

SPM: Allow secondary CPUs to use the Secure Partition

Merge pull request #1202 from antonio-nino-diaz-arm/an/spm-secondary-cores
SPM: Allow secondary CPUs to use the Secure Partition
77796fb7 · davidcunado-arm · GitHub · 6ef96ab4 · a43c85db · 77796fb7
Unverified Commit 77796fb7 authored Jan 08, 2018 by davidcunado-arm Committed by GitHub Jan 08, 2018
--- a/services/std_svc/spm/spm_main.c
+++ b/services/std_svc/spm/spm_main.c
@@ -29,7 +29,6 @@ static spinlock_t mem_attr_smc_lock;
 * Secure Partition context information.
 ******************************************************************************/
 static secure_partition_context_t sp_ctx;
-unsigned int sp_init_in_progress;
 /*******************************************************************************
 * Replace the S-EL1 re-entry information with S-EL0 re-entry
@@ -125,13 +124,20 @@ int32_t spm_init(void)
 	cm_init_my_context(secure_partition_ep_info);
 	secure_partition_setup();
+	/*
+	 * Make all CPUs use the same secure context.
+	 */
+	for (unsigned int i = 0; i < PLATFORM_CORE_COUNT; i++) {
+		cm_set_context_by_index(i, &sp_ctx.cpu_ctx, SECURE);
+	}
 	/*
 	 * Arrange for an entry into the secure partition.
 	 */
-	sp_init_in_progress = 1;
+	sp_ctx.sp_init_in_progress = 1;
 	rc = spm_synchronous_sp_entry(&sp_ctx);
 	assert(rc == 0);
-	sp_init_in_progress = 0;
+	sp_ctx.sp_init_in_progress = 0;
 	VERBOSE("SP_MEMORY_ATTRIBUTES_SET_AARCH64 availability has been revoked\n");
 	return rc;
@@ -358,7 +364,7 @@ uint64_t spm_smc_handler(uint32_t smc_fid,
 			cm_el1_sysregs_context_save(SECURE);
 			spm_setup_next_eret_into_sel0(handle);
-			if (sp_init_in_progress) {
+			if (sp_ctx.sp_init_in_progress) {
 				/*
 				 * SPM reports completion. The SPM must have
 				 * initiated the original request through a
@@ -370,6 +376,9 @@ uint64_t spm_smc_handler(uint32_t smc_fid,
 				assert(0);
 			}
+			/* Release the Secure Partition context */
+			spin_unlock(&sp_ctx.lock);
 			/*
 			 * This is the result from the Secure partition of an
 			 * earlier request. Copy the result into the non-secure
@@ -391,7 +400,7 @@ uint64_t spm_smc_handler(uint32_t smc_fid,
 		case SP_MEMORY_ATTRIBUTES_GET_AARCH64:
 			INFO("Received SP_MEMORY_ATTRIBUTES_GET_AARCH64 SMC\n");
-			if (!sp_init_in_progress) {
+			if (!sp_ctx.sp_init_in_progress) {
 				WARN("SP_MEMORY_ATTRIBUTES_GET_AARCH64 is available at boot time only\n");
 				SMC_RET1(handle, SPM_NOT_SUPPORTED);
 			}
@@ -400,7 +409,7 @@ uint64_t spm_smc_handler(uint32_t smc_fid,
 		case SP_MEMORY_ATTRIBUTES_SET_AARCH64:
 			INFO("Received SP_MEMORY_ATTRIBUTES_SET_AARCH64 SMC\n");
-			if (!sp_init_in_progress) {
+			if (!sp_ctx.sp_init_in_progress) {
 				WARN("SP_MEMORY_ATTRIBUTES_SET_AARCH64 is available at boot time only\n");
 				SMC_RET1(handle, SPM_NOT_SUPPORTED);
 			}
@@ -443,6 +452,9 @@ uint64_t spm_smc_handler(uint32_t smc_fid,
 			/* Save the Normal world context */
 			cm_el1_sysregs_context_save(NON_SECURE);
+			/* Lock the Secure Partition context. */
+			spin_lock(&sp_ctx.lock);
 			/*
 			 * Restore the secure world context and prepare for
 			 * entry in S-EL0

--- a/services/std_svc/spm/spm_private.h
+++ b/services/std_svc/spm/spm_private.h
@@ -32,6 +32,7 @@
 #ifndef __ASSEMBLY__
+#include <spinlock.h>
 #include <stdint.h>
 #include <xlat_tables_v2.h>
@@ -43,6 +44,8 @@ struct entry_point_info;
 typedef struct secure_partition_context {
 	uint64_t c_rt_ctx;
 	cpu_context_t cpu_ctx;
+	unsigned int sp_init_in_progress;
+	spinlock_t lock;
 } secure_partition_context_t;
 uint64_t spm_secure_partition_enter(uint64_t *c_rt_ctx);