1. 15 Feb, 2017 1 commit
    • dp-arm's avatar
      Disable secure self-hosted debug via MDCR_EL3/SDCR · 85e93ba0
      dp-arm authored
      
      
      Trusted Firmware currently has no support for secure self-hosted
      debug.  To avoid unexpected exceptions, disable software debug
      exceptions, other than software breakpoint instruction exceptions,
      from all exception levels in secure state.  This applies to both
      AArch32 and AArch64 EL3 initialization.
      
      Change-Id: Id097e54a6bbcd0ca6a2be930df5d860d8d09e777
      Signed-off-by: default avatardp-arm <dimitris.papastamos@arm.com>
      85e93ba0
  2. 02 Feb, 2017 1 commit
    • dp-arm's avatar
      PMF: Fixup PMF constants · 888037e5
      dp-arm authored
      
      
      `PMF_ARM_TIF_IMPL_ID` should be set to 0x41.  The code already left
      shifts it by 24 bit positions so this was overflowing.
      
      This fixes a build error with GCC 6.2 when
      `ENABLE_RUNTIME_INSTRUMENTATION` is set.
      
      Change-Id: I4c99d48ea7ce3d76e9edd1325b1979994db2c0fb
      Signed-off-by: default avatardp-arm <dimitris.papastamos@arm.com>
      888037e5
  3. 30 Jan, 2017 2 commits
    • Jeenu Viswambharan's avatar
      Report errata workaround status to console · 10bcd761
      Jeenu Viswambharan authored
      
      
      The errata reporting policy is as follows:
      
        - If an errata workaround is enabled:
      
          - If it applies (i.e. the CPU is affected by the errata), an INFO
            message is printed, confirming that the errata workaround has been
            applied.
      
          - If it does not apply, a VERBOSE message is printed, confirming
            that the errata workaround has been skipped.
      
        - If an errata workaround is not enabled, but would have applied had
          it been, a WARN message is printed, alerting that errata workaround
          is missing.
      
      The CPU errata messages are printed by both BL1 (primary CPU only) and
      runtime firmware on debug builds, once for each CPU/errata combination.
      
      Relevant output from Juno r1 console when ARM Trusted Firmware is built
      with PLAT=juno LOG_LEVEL=50 DEBUG=1:
      
        VERBOSE: BL1: cortex_a57: errata workaround for 806969 was not applied
        VERBOSE: BL1: cortex_a57: errata workaround for 813420 was not applied
        INFO:    BL1: cortex_a57: errata workaround for disable_ldnp_overread was applied
        WARNING: BL1: cortex_a57: errata workaround for 826974 was missing!
        WARNING: BL1: cortex_a57: errata workaround for 826977 was missing!
        WARNING: BL1: cortex_a57: errata workaround for 828024 was missing!
        WARNING: BL1: cortex_a57: errata workaround for 829520 was missing!
        WARNING: BL1: cortex_a57: errata workaround for 833471 was missing!
        ...
        VERBOSE: BL31: cortex_a57: errata workaround for 806969 was not applied
        VERBOSE: BL31: cortex_a57: errata workaround for 813420 was not applied
        INFO:    BL31: cortex_a57: errata workaround for disable_ldnp_overread was applied
        WARNING: BL31: cortex_a57: errata workaround for 826974 was missing!
        WARNING: BL31: cortex_a57: errata workaround for 826977 was missing!
        WARNING: BL31: cortex_a57: errata workaround for 828024 was missing!
        WARNING: BL31: cortex_a57: errata workaround for 829520 was missing!
        WARNING: BL31: cortex_a57: errata workaround for 833471 was missing!
        ...
        VERBOSE: BL31: cortex_a53: errata workaround for 826319 was not applied
        INFO:    BL31: cortex_a53: errata workaround for disable_non_temporal_hint was applied
      
      Also update documentation.
      
      Change-Id: Iccf059d3348adb876ca121cdf5207bdbbacf2aba
      Signed-off-by: default avatarJeenu Viswambharan <jeenu.viswambharan@arm.com>
      10bcd761
    • Jeenu Viswambharan's avatar
      Allow spin locks to be defined from assembly · b38bc68b
      Jeenu Viswambharan authored
      
      
      At present, spin locks can only defined from C files. Add some macros
      such that they can be defined from assembly files too.
      
      Change-Id: I64f0c214062f5c15b3c8b412c7f25c908e87d970
      Signed-off-by: default avatarJeenu Viswambharan <jeenu.viswambharan@arm.com>
      b38bc68b
  4. 26 Jan, 2017 1 commit
    • David Cunado's avatar
      Resolve build errors flagged by GCC 6.2 · 9edac047
      David Cunado authored
      
      
      With GCC 6.2 compiler, more C undefined behaviour is being flagged as
      warnings, which result in build errors in ARM TF build.
      
      The specific issue that this patch resolves is the use of (1 << 31),
      which is predominantly used in case statements, where 1 is represented
      as a signed int. When shifted to msb the behaviour is undefined.
      
      The resolution is to specify 1 as an unsigned int using a convenience
      macro ULL(). A duplicate macro MAKE_ULL() is replaced.
      
      Fixes ARM-software/tf-issues#438
      
      Change-Id: I08e3053bbcf4c022ee2be33a75bd0056da4073e1
      Signed-off-by: default avatarDavid Cunado <david.cunado@arm.com>
      9edac047
  5. 24 Jan, 2017 2 commits
  6. 23 Jan, 2017 2 commits
    • Masahiro Yamada's avatar
      Use #ifdef for IMAGE_BL* instead of #if · 3d8256b2
      Masahiro Yamada authored
      
      
      One nasty part of ATF is some of boolean macros are always defined
      as 1 or 0, and the rest of them are only defined under certain
      conditions.
      
      For the former group, "#if FOO" or "#if !FOO" must be used because
      "#ifdef FOO" is always true.  (Options passed by $(call add_define,)
      are the cases.)
      
      For the latter, "#ifdef FOO" or "#ifndef FOO" should be used because
      checking the value of an undefined macro is strange.
      
      Here, IMAGE_BL* is handled by make_helpers/build_macro.mk like
      follows:
      
        $(eval IMAGE := IMAGE_BL$(call uppercase,$(3)))
      
        $(OBJ): $(2)
                @echo "  CC      $$<"
                $$(Q)$$(CC) $$(TF_CFLAGS) $$(CFLAGS) -D$(IMAGE) -c $$< -o $$@
      
      This means, IMAGE_BL* is defined when building the corresponding
      image, but *undefined* for the other images.
      
      So, IMAGE_BL* belongs to the latter group where we should use #ifdef
      or #ifndef.
      Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      3d8256b2
    • Haojian Zhuang's avatar
      drivers: add designware emmc driver · 5dbdb7da
      Haojian Zhuang authored
      
      
      Support Designware eMMC driver. It's based on both IO block
      and eMMC driver.
      Signed-off-by: default avatarHaojian Zhuang <haojian.zhuang@linaro.org>
      5dbdb7da
  7. 19 Jan, 2017 1 commit
    • Antonio Nino Diaz's avatar
      Fix declarations of cache maintenance functions · c8d64c54
      Antonio Nino Diaz authored
      Fix the parameter type of the maintenance functions of data cache.
      
      Add missing declarations for AArch32 versions of dcsw_op_louis and
      dcsw_op_all to match the AAch64 ones.
      
      Change-Id: I4226e8ea4f8b2b5bc2972992c83de659ee0da52c
      c8d64c54
  8. 18 Jan, 2017 2 commits
    • Masahiro Yamada's avatar
      Move BL_COHERENT_RAM_BASE/END defines to common_def.h · 47497053
      Masahiro Yamada authored
      
      
      We have lots of duplicated defines (and comment blocks too).
      Move them to include/plat/common/common_def.h.
      
      While we are here, suffix the end address with _END instead of
      _LIMIT.  The _END is a better fit to indicate the linker-derived
      real end address.
      Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      47497053
    • Masahiro Yamada's avatar
      Use *_END instead of *_LIMIT for linker derived end addresses · ecdc898d
      Masahiro Yamada authored
      
      
      The usage of _LIMIT seems odd here, so rename as follows:
        BL_CODE_LIMIT     --> BL_CODE_END
        BL_RO_DATA_LIMIT  --> BL_RO_DATA_END
        BL1_CODE_LIMIT    --> BL1_CODE_END
        BL1_RO_DATA_LIMIT --> BL1_RO_DATA_END
      
      Basically, we want to use _LIMIT and _END properly as follows:
        *_SIZE + *_MAX_SIZE = *_LIMIT
        *_SIZE + *_SIZE     = *_END
      
      The _LIMIT is generally defined by platform_def.h to indicate the
      platform-dependent memory constraint.  So, its typical usage is
        ASSERT(. <= BL31_LIMIT, "BL31 image has exceeded its limit.")
      in a linker script.
      
      On the other hand, _END is used to indicate the end address of the
      compiled image, i.e. we do not know it until the image is linked.
      
      Here, all of these macros belong to the latter, so should be
      suffixed with _END.
      Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      ecdc898d
  9. 16 Jan, 2017 1 commit
  10. 12 Jan, 2017 1 commit
  11. 10 Jan, 2017 1 commit
  12. 30 Dec, 2016 1 commit
    • dp-arm's avatar
      fiptool: Add support for operating on binary blobs using the UUID · fcab6bbe
      dp-arm authored
      
      
      Previously, fiptool only understood a fixed set of images as
      specified in tbbr_config.c.  It preserved unknown images during
      the update, unpack and remove operations but it was not possible to
      explicitly refer to one of those unknown images.
      
      Add a new --blob option to create/update/unpack/remove images that
      are not known at compile time.  This is accomplished by specifying
      the UUID and filename pair as shown below:
      
      $ ./fiptool create --blob uuid=01234567-89ab-cdef-0123-456789abcdef,file=foo.bin fip.bin
      $ ./fiptool info fip.bin
      01234567-89ab-cdef-0123-456789abcdef: offset=0x60, size=0x1AA68
      
      Fixes ARM-software/tf-issues#420
      
      Change-Id: Iaac2504b9a4252289c09e73d29645cbe240f3a82
      Signed-off-by: default avatardp-arm <dimitris.papastamos@arm.com>
      fcab6bbe
  13. 23 Dec, 2016 1 commit
    • Douglas Raillard's avatar
      Abort preempted TSP STD SMC after PSCI CPU suspend · 3df6012a
      Douglas Raillard authored
      
      
      Standard SMC requests that are handled in the secure-world by the Secure
      Payload can be preempted by interrupts that must be handled in the
      normal world. When the TSP is preempted the secure context is stored and
      control is passed to the normal world to handle the non-secure
      interrupt. Once completed the preempted secure context is restored. When
      restoring the preempted context, the dispatcher assumes that the TSP
      preempted context is still stored as the SECURE context by the context
      management library.
      
      However, PSCI power management operations causes synchronous entry into
      TSP. This overwrites the preempted SECURE context in the context
      management library. When restoring back the SECURE context, the Secure
      Payload crashes because this context is not the preempted context
      anymore.
      
      This patch avoids corruption of the preempted SECURE context by aborting
      any preempted SMC during PSCI power management calls. The
      abort_std_smc_entry hook of the TSP is called when aborting the SMC
      request.
      
      It also exposes this feature as a FAST SMC callable from normal world to
      abort preempted SMC with FID TSP_FID_ABORT.
      
      Change-Id: I7a70347e9293f47d87b5de20484b4ffefb56b770
      Signed-off-by: default avatarDouglas Raillard <douglas.raillard@arm.com>
      3df6012a
  14. 20 Dec, 2016 2 commits
  15. 19 Dec, 2016 1 commit
  16. 15 Dec, 2016 4 commits
    • Jeenu Viswambharan's avatar
      Add provision to extend CPU operations at more levels · 5dd9dbb5
      Jeenu Viswambharan authored
      
      
      Various CPU drivers in ARM Trusted Firmware register functions to handle
      power-down operations. At present, separate functions are registered to
      power down individual cores and clusters.
      
      This scheme operates on the basis of core and cluster, and doesn't cater
      for extending the hierarchy for power-down operations. For example,
      future CPUs might support multiple threads which might need powering
      down individually.
      
      This patch therefore reworks the CPU operations framework to allow for
      registering power down handlers on specific level basis. Henceforth:
      
        - Generic code invokes CPU power down operations by the level
          required.
      
        - CPU drivers explicitly mention CPU_NO_RESET_FUNC when the CPU has no
          reset function.
      
        - CPU drivers register power down handlers as a list: a mandatory
          handler for level 0, and optional handlers for higher levels.
      
      All existing CPU drivers are adapted to the new CPU operations framework
      without needing any functional changes within.
      
      Also update firmware design guide.
      
      Change-Id: I1826842d37a9e60a9e85fdcee7b4b8f6bc1ad043
      Signed-off-by: default avatarJeenu Viswambharan <jeenu.viswambharan@arm.com>
      5dd9dbb5
    • dp-arm's avatar
      tbbr: Fix updating of Non-Trusted NV counter · d35dee23
      dp-arm authored
      
      
      The previous code required that a certificate be signed with the ROT
      key before the platform's NV counter could be updated with the value
      in the certificate.  This implies that the Non-Trusted NV counter was
      not being updated for Non-Trusted content certificates, as they cannot
      be signed with the ROT key in the TBBR CoT scheme.
      
      The code is reworked to only allow updating the platform's Trusted NV
      counter when a certificate protected by the Trusted NV counter is
      signed with the ROT key.
      
      Content certificates protected by the Non-Trusted NV counter are
      allowed to update the platform's Non-Trusted NV counter, assuming
      that the certificate value is higher than the platform's value.
      
      A new optional platform API has been introduced, named
      plat_set_nv_ctr2().  Platforms may choose to implement it and perform
      additional checks based on the authentication image descriptor before
      modifying the NV counters.  A default weak implementation is available
      that just calls into plat_set_nv_ctr().
      
      Fixes ARM-software/tf-issues#426
      
      Change-Id: I4fc978fd28a3007bc0cef972ff1f69ad0413b79c
      Signed-off-by: default avatardp-arm <dimitris.papastamos@arm.com>
      d35dee23
    • Jeenu Viswambharan's avatar
      Introduce ARM platform APIs for GICv3 Redistributor · d17b953a
      Jeenu Viswambharan authored
      
      
      As with other ARM platform GIC APIs, these directly invoke the GICv3
      driver APIs for Redistributor power management.
      
      For the sake of uniform GIC API, empty stubs are placed for those GIC
      drivers that lack Redistributor component.
      
      Change-Id: Iad0d760d4dbca790998f7768cda621ff3b15a864
      Signed-off-by: default avatarJeenu Viswambharan <jeenu.viswambharan@arm.com>
      d17b953a
    • Jeenu Viswambharan's avatar
      GICv3: Introduce power management APIs for Redistributor · d780699b
      Jeenu Viswambharan authored
      
      
      Some GICv3 implementations have provision for power management
      operations at Redistributor level. This patch introduces and provides
      place-holders for Redistributor power management. The default
      implementations are empty stubs, but are weakly bound so as to enable
      implementation-specific drivers to override them.
      
      Change-Id: I4fec1358693d3603ca5dce242a2f7f0e730516d8
      Signed-off-by: default avatarJeenu Viswambharan <jeenu.viswambharan@arm.com>
      d780699b
  17. 14 Dec, 2016 3 commits
  18. 13 Dec, 2016 3 commits
    • Antonio Nino Diaz's avatar
      ARM platforms: Replace address space size defines · e60e74bd
      Antonio Nino Diaz authored
      
      
      The now deprecated ADDR_SPACE_SIZE has been replaced by the two
      defines PLAT_PHY_ADDR_SPACE_SIZE and PLAT_VIRT_ADDR_SPACE_SIZE.
      
      Change-Id: I027a2f02f47ab2f679b8979a6dbfb0f08270a1a4
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      e60e74bd
    • Antonio Nino Diaz's avatar
      Add PLAT_xxx_ADDR_SPACE_SIZE definitions · 0029624f
      Antonio Nino Diaz authored
      
      
      Added the definitions `PLAT_PHY_ADDR_SPACE_SIZE` and
      `PLAT_VIRT_ADDR_SPACE_SIZE` which specify respectively the physical
      and virtual address space size a platform can use.
      
      `ADDR_SPACE_SIZE` is now deprecated. To maintain compatibility, if any
      of the previous defines aren't present, the value of `ADDR_SPACE_SIZE`
      will be used instead.
      
      For AArch64, register ID_AA64MMFR0_EL1 is checked to calculate the
      max PA supported by the hardware and to verify that the previously
      mentioned definition is valid. For AArch32, a 40 bit physical
      address space is considered.
      
      Added asserts to check for overflows.
      
      Porting guide updated.
      
      Change-Id: Ie8ce1da5967993f0c94dbd4eb9841fc03d5ef8d6
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      0029624f
    • Antonio Nino Diaz's avatar
      Assert correct granularity when mapping a PA · d3d6c6e3
      Antonio Nino Diaz authored
      
      
      Each translation table level entry can only map a given virtual
      address onto physical addresses of the same granularity. For example,
      with the current configuration, a level 2 entry maps blocks of 2 MB,
      so the physical address must be aligned to 2 MB. If the address is not
      aligned, the MMU will just ignore the lower bits.
      
      This patch adds an assertion to make sure that physical addresses are
      always aligned to the correct boundary.
      
      Change-Id: I0ab43df71829d45cdbe323301b3053e08ca99c2c
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      d3d6c6e3
  19. 12 Dec, 2016 1 commit
    • Soby Mathew's avatar
      AArch32: Fix the stack alignment issue · 9f3ee61c
      Soby Mathew authored
      
      
      The AArch32 Procedure call Standard mandates that the stack must be aligned
      to 8 byte boundary at external interfaces. This patch does the required
      changes.
      
      This problem was detected when a crash was encountered in
      `psci_print_power_domain_map()` while printing 64 bit values. Aligning
      the stack to 8 byte boundary resolved the problem.
      
      Fixes ARM-Software/tf-issues#437
      
      Change-Id: I517bd8203601bb88e9311bd36d477fb7b3efb292
      Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      9f3ee61c
  20. 07 Dec, 2016 2 commits
    • Soby Mathew's avatar
      Allow ARM Standard platforms to dynamically define PSCI capability · 5486a965
      Soby Mathew authored
      
      
      The capabilities exposed by the PSCI generic layer depends on the hooks
      populated by the platform in `plat_arm_psci_pm_ops`. Currently ARM
      Standard platforms statically define this structure. However, some
      platforms may want to modify the hooks at runtime before registering
      them with the generic layer.
      
      This patch introduces a new ARM platform layer API
      `plat_arm_psci_override_pm_ops` which allows the platform to probe
      the power controller and modify `plat_arm_psci_pm_ops` if required.
      Consequently, 'plat_arm_psci_pm_ops' is no longer qualified as
      `const` on ARM Standard platforms.
      
      Change-Id: I7dbb44b7bd36c20ec14ded5ee45a96816ca2ab9d
      Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      5486a965
    • Soby Mathew's avatar
      Introduce SCP power management abstraction · b12a2b49
      Soby Mathew authored
      
      
      This patch introduces an additional layer of abstraction between
      CSS power management hooks and the SCPI driver. A new set of APIs
      are introduced in order to abstract out power management operations
      from underlying communication mechanism with the SCP.
      
      The SCPI and the associated MHU drivers are moved into a `drivers`
      folder in CSS. The new SCP communication abstraction layer is added
      in the `drivers/scp` folder. The existing CSS power management
      uses the new APIs to reflect this abstraction.
      
      Change-Id: I7d775129fc0558e9703c2724523fb8f0a916838c
      Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      b12a2b49
  21. 05 Dec, 2016 1 commit
    • Jeenu Viswambharan's avatar
      Define and use no_ret macro where no return is expected · a806dad5
      Jeenu Viswambharan authored
      
      
      There are many instances in ARM Trusted Firmware where control is
      transferred to functions from which return isn't expected. Such jumps
      are made using 'bl' instruction to provide the callee with the location
      from which it was jumped to. Additionally, debuggers infer the caller by
      examining where 'lr' register points to. If a 'bl' of the nature
      described above falls at the end of an assembly function, 'lr' will be
      left pointing to a location outside of the function range. This misleads
      the debugger back trace.
      
      This patch defines a 'no_ret' macro to be used when jumping to functions
      from which return isn't expected. The macro ensures to use 'bl'
      instruction for the jump, and also, for debug builds, places a 'nop'
      instruction immediately thereafter (unless instructed otherwise) so as
      to leave 'lr' pointing within the function range.
      
      Change-Id: Ib34c69fc09197cfd57bc06e147cc8252910e01b0
      Co-authored-by: default avatarDouglas Raillard <douglas.raillard@arm.com>
      Signed-off-by: default avatarJeenu Viswambharan <jeenu.viswambharan@arm.com>
      a806dad5
  22. 01 Dec, 2016 3 commits
    • David Cunado's avatar
      Reset EL2 and EL3 configurable controls · 939f66d6
      David Cunado authored
      
      
      This patch resets EL2 and EL3 registers that have architecturally
      UNKNOWN values on reset and that also provide EL2/EL3 configuration
      and trap controls.
      
      Specifically, the EL2 physical timer is disabled to prevent timer
      interrups into EL2 - CNTHP_CTL_EL2 and CNTHP_CTL for AArch64 and AArch32,
      respectively.
      
      Additionally, for AArch64, HSTR_EL2 is reset to avoid unexpected traps of
      non-secure access to certain system registers at EL1 or lower.
      
      For AArch32, the patch also reverts the reset to SDCR which was
      incorrectly added in a previous change.
      
      Change-Id: If00eaa23afa7dd36a922265194ccd6223187414f
      Signed-off-by: default avatarDavid Cunado <david.cunado@arm.com>
      939f66d6
    • Qixiang.Xu's avatar
      emmc/sd: for C99 compliance, changed the unsigned char/short bitfield to unsigned int bitfields · 80d4d748
      Qixiang.Xu authored
      
      
      C99 restricts bitfields type is signed and unsigned integer or _Bool.
      See section 6.7.2.1 Structure and union specifiers.
      "A bit-field shall have a type that is a qualified or unqualified version
       of _Bool, signed int, unsigned int, or some other implementation-defined type."
      
      Since the compiler packs bitfields anyways, actual data layout in the structure is unaffected.
      Signed-off-by: default avatarAlex Nemirovsky <alex.nemirovsky@cortina-access.com>
      80d4d748
    • Yatharth Kochar's avatar
      AArch32: Miscellaneous fixes in the AArch32 code · 69d59e0c
      Yatharth Kochar authored
      
      
      This patch makes following miscellaneous fixes:
      * pl011_console.S: Fixed the bit mask used to check if the
        transmit FIFO is full or empty.
      * smcc_macros.S: Added `_fsxc` suffix while updating the SPSR.
        By default the assembler assumes `_fc` suffix which does not
        update all the fields in SPSR. By adding `_fsxc` suffix all
        the fields gets updated.
      * platform_helpers.S: Removed the weak definition for
        `plat_my_core_pos()` as this is a mandatory function which
        needs to be defined by all platforms.
      
      Change-Id: I8302292533c943686fff8d7c749a07132c052a3b
      Signed-off-by: default avatarYatharth Kochar <yatharth.kochar@arm.com>
      69d59e0c
  23. 21 Nov, 2016 1 commit
    • Douglas Raillard's avatar
      Add CFI debug frame information for ASM functions · b91d935f
      Douglas Raillard authored
      
      
      This allows the debugger to print the callstack when there is an
      assembly function in the callstack.
      
      It will work as long as the CFA pointer (frame pointer) location is not
      modified (i.e. x29 is not touched in AArch64 state). It is the case in
      almost all assembly functions, so this patch improves the average
      debugging experience. Call stacks from the debugger should still be
      interpreted with care. In more complex functions, one could use .cfi*
      directives to inform the debugger about the new location of the CFA
      pointer.
      
      Change-Id: I9dabfbc033b45e8528e67f4823c17de7bf02fa24
      Signed-off-by: default avatarDouglas Raillard <douglas.raillard@arm.com>
      b91d935f
  24. 09 Nov, 2016 1 commit
    • David Cunado's avatar
      Reset debug registers MDCR-EL3/SDCR and MDCR_EL2/HDCR · 495f3d3c
      David Cunado authored
      
      
      In order to avoid unexpected traps into EL3/MON mode, this patch
      resets the debug registers, MDCR_EL3 and MDCR_EL2 for AArch64,
      and SDCR and HDCR for AArch32.
      
      MDCR_EL3/SDCR is zero'ed when EL3/MON mode is entered, at the
      start of BL1 and BL31/SMP_MIN.
      
      For MDCR_EL2/HDCR, this patch zero's the bits that are
      architecturally UNKNOWN values on reset. This is done when
      exiting from EL3/MON mode but only on platforms that support
      EL2/HYP mode but choose to exit to EL1/SVC mode.
      
      Fixes ARM-software/tf-issues#430
      
      Change-Id: Idb992232163c072faa08892251b5626ae4c3a5b6
      Signed-off-by: default avatarDavid Cunado <david.cunado@arm.com>
      495f3d3c
  25. 14 Oct, 2016 1 commit
    • Soby Mathew's avatar
      Unify SCTLR initialization for AArch32 normal world · b7b0787d
      Soby Mathew authored
      
      
      The values of CP15BEN, nTWI & nTWE bits in SCTLR_EL1 are architecturally
      unknown if EL3 is AARCH64 whereas they reset to 1 if EL3 is AArch32. This
      might be a compatibility break for legacy AArch32 normal world software if
      these bits are not set to 1 when EL3 is AArch64. This patch enables the
      CP15BEN, nTWI and nTWE bits in the SCTLR_EL1 if the lower non-secure EL is
      AArch32. This unifies the SCTLR settings for lower non-secure EL in AArch32
      mode for both AArch64 and AArch32 builds of Trusted Firmware.
      
      Fixes ARM-software/tf-issues#428
      
      Change-Id: I3152d1580e4869c0ea745c5bd9da765f9c254947
      Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      b7b0787d