- 14 Oct, 2016 1 commit
-
-
Soby Mathew authored
The values of CP15BEN, nTWI & nTWE bits in SCTLR_EL1 are architecturally unknown if EL3 is AARCH64 whereas they reset to 1 if EL3 is AArch32. This might be a compatibility break for legacy AArch32 normal world software if these bits are not set to 1 when EL3 is AArch64. This patch enables the CP15BEN, nTWI and nTWE bits in the SCTLR_EL1 if the lower non-secure EL is AArch32. This unifies the SCTLR settings for lower non-secure EL in AArch32 mode for both AArch64 and AArch32 builds of Trusted Firmware. Fixes ARM-software/tf-issues#428 Change-Id: I3152d1580e4869c0ea745c5bd9da765f9c254947 Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
- 18 Jul, 2016 2 commits
-
-
Soby Mathew authored
This patch moves the PSCI services and BL31 frameworks like context management and per-cpu data into new library components `PSCI` and `el3_runtime` respectively. This enables PSCI to be built independently from BL31. A new `psci_lib.mk` makefile is introduced which adds the relevant PSCI library sources and gets included by `bl31.mk`. Other changes which are done as part of this patch are: * The runtime services framework is now moved to the `common/` folder to enable reuse. * The `asm_macros.S` and `assert_macros.S` helpers are moved to architecture specific folder. * The `plat_psci_common.c` is moved from the `plat/common/aarch64/` folder to `plat/common` folder. The original file location now has a stub which just includes the file from new location to maintain platform compatibility. Most of the changes wouldn't affect platform builds as they just involve changes to the generic bl1.mk and bl31.mk makefiles. NOTE: THE `plat_psci_common.c` FILE HAS MOVED LOCATION AND THE STUB FILE AT THE ORIGINAL LOCATION IS NOW DEPRECATED. PLATFORMS SHOULD MODIFY THEIR MAKEFILES TO INCLUDE THE FILE FROM THE NEW LOCATION. Change-Id: I6bd87d5b59424995c6a65ef8076d4fda91ad5e86
-
Soby Mathew authored
This patch reworks type usage in generic code, drivers and ARM platform files to make it more portable. The major changes done with respect to type usage are as listed below: * Use uintptr_t for storing address instead of uint64_t or unsigned long. * Review usage of unsigned long as it can no longer be assumed to be 64 bit. * Use u_register_t for register values whose width varies depending on whether AArch64 or AArch32. * Use generic C types where-ever possible. In addition to the above changes, this patch also modifies format specifiers in print invocations so that they are AArch64/AArch32 agnostic. Only files related to upcoming feature development have been reworked. Change-Id: I9f8c78347c5a52ba7027ff389791f1dad63ee5f8
-
- 18 Apr, 2016 1 commit
-
-
Soren Brinkmann authored
Signed-off-by: Soren Brinkmann <soren.brinkmann@xilinx.com>
-
- 30 Mar, 2016 1 commit
-
-
Gerald Lejeune authored
Asynchronous abort exceptions generated by the platform during cold boot are not taken in EL3 unless SCR_EL3.EA is set. Therefore EA bit is set along with RES1 bits in early BL1 and BL31 architecture initialisation. Further write accesses to SCR_EL3 preserve these bits during cold boot. A build flag controls SCR_EL3.EA value to keep asynchronous abort exceptions being trapped by EL3 after cold boot or not. For further reference SError Interrupts are also known as asynchronous external aborts. On Cortex-A53 revisions below r0p2, asynchronous abort exceptions are taken in EL3 whatever the SCR_EL3.EA value is. Fixes arm-software/tf-issues#368 Signed-off-by: Gerald Lejeune <gerald.lejeune@st.com>
-
- 09 Dec, 2015 2 commits
-
-
Yatharth Kochar authored
The upcoming Firmware Update feature needs transitioning across Secure/Normal worlds to complete the FWU process and hence requires context management code to perform this task. Currently context management code is part of BL31 stage only. This patch moves the code from (include)/bl31 to (include)/common. Some function declarations/definitions and macros have also moved to different files to help code sharing. Change-Id: I3858b08aecdb76d390765ab2b099f457873f7b0c
-
Sandrine Bailleux authored
In the situation that EL1 is selected as the exception level for the next image upon BL31 exit for a processor that supports EL2, the context management code must configure all essential EL2 register state to ensure correct execution of EL1. VTTBR_EL2 should be part of this set of EL2 registers because: - The ARMv8-A architecture does not define a reset value for this register. - Cache maintenance operations depend on VTTBR_EL2.VMID even when non-secure EL1&0 stage 2 address translation are disabled. This patch initializes the VTTBR_EL2 register to 0 when bypassing EL2 to address this issue. Note that this bug has not yet manifested itself on FVP or Juno because VTTBR_EL2.VMID resets to 0 on the Cortex-A53 and Cortex-A57. Change-Id: I58ce2d16a71687126f437577a506d93cb5eecf33
-
- 24 Nov, 2015 1 commit
-
-
Soby Mathew authored
This patch changes the build time behaviour when using deprecated API within Trusted Firmware. Previously the use of deprecated APIs would only trigger a build warning (which was always treated as a build error), when WARN_DEPRECATED = 1. Now, the use of deprecated C declarations will always trigger a build time warning. Whether this warning is treated as error or not is determined by the build flag ERROR_DEPRECATED which is disabled by default. When the build flag ERROR_DEPRECATED=1, the invocation of deprecated API or inclusion of deprecated headers will result in a build error. Also the deprecated context management helpers in context_mgmt.c are now conditionally compiled depending on the value of ERROR_DEPRECATED flag so that the APIs themselves do not result in a build error when the ERROR_DEPRECATED flag is set. NOTE: Build systems that use the macro WARN_DEPRECATED must migrate to using ERROR_DEPRECATED, otherwise deprecated API usage will no longer trigger a build error. Change-Id: I843bceef6bde979af7e9b51dddf861035ec7965a
-
- 13 Aug, 2015 1 commit
-
-
Soby Mathew authored
This patch introduces new platform APIs and context management helper APIs to support the new topology framework based on linear core position. This framework will be introduced in the follwoing patch and it removes the assumption that the MPIDR based affinity levels map directly to levels in a power domain tree. The new platforms APIs and context management helpers based on core position are as described below: * plat_my_core_pos() and plat_core_pos_by_mpidr() These 2 new mandatory platform APIs are meant to replace the existing 'platform_get_core_pos()' API. The 'plat_my_core_pos()' API returns the linear index of the calling core and 'plat_core_pos_by_mpidr()' returns the linear index of a core specified by its MPIDR. The latter API will also validate the MPIDR passed as an argument and will return an error code (-1) if an invalid MPIDR is passed as the argument. This enables the caller to safely convert an MPIDR of another core to its linear index without querying the PSCI topology tree e.g. during a call to PSCI CPU_ON. Since the 'plat_core_pos_by_mpidr()' API verifies an MPIDR, which is always platform specific, it is no longer possible to maintain a default implementation of this API. Also it might not be possible for a platform port to verify an MPIDR before the C runtime has been setup or the topology has been initialized. This would prevent 'plat_core_pos_by_mpidr()' from being callable prior to topology setup. As a result, the generic Trusted Firmware code does not call this API before the topology setup has been done. The 'plat_my_core_pos' API should be able to run without a C runtime. Since this API needs to return a core position which is equal to the one returned by 'plat_core_pos_by_mpidr()' API for the corresponding MPIDR, this too cannot have default implementation and is a mandatory API for platform ports. These APIs will be implemented by the ARM reference platform ports later in the patch stack. * plat_get_my_stack() and plat_set_my_stack() These APIs are the stack management APIs which set/return stack addresses appropriate for the calling core. These replace the 'platform_get_stack()' and 'platform_set_stack()' APIs. A default weak MP version and a global UP version of these APIs are provided for the platforms. * Context management helpers based on linear core position A set of new context management(CM) helpers viz cm_get_context_by_index(), cm_set_context_by_index(), cm_init_my_context() and cm_init_context_by_index() are defined which are meant to replace the old helpers which took MPIDR as argument. The old CM helpers are implemented based on the new helpers to allow for code consolidation and will be deprecated once the switch to the new framework is done. Change-Id: I89758632b370c2812973a4b2efdd9b81a41f9b69
-
- 16 Sep, 2014 1 commit
-
-
Jens Wiklander authored
Initializes SCTLR_EL1 based on MODE_RW bit in SPSR for the entry point. The RES1 bits for SCTLR_EL1 differs for Aarch64 and Aarch32 mode.
-
- 02 Sep, 2014 1 commit
-
-
Soby Mathew authored
This patch resets the value of CNTVOFF_EL2 before exit to EL1 on warm boot. This needs to be done if only the Trusted Firmware exits to EL1 instead of EL2, otherwise the hypervisor would be responsible for this. Fixes ARM-software/tf-issues#240 Change-Id: I79d54831356cf3215bcf1f251c373bd8f89db0e0
-
- 31 Jul, 2014 1 commit
-
-
Soby Mathew authored
This patch further optimizes the EL3 register state stored in cpu_context. The 2 registers which are removed from cpu_context are: * cntfrq_el0 is the system timer register which is writable only in EL3 and it can be programmed during cold/warm boot. Hence it need not be saved to cpu_context. * cptr_el3 controls access to Trace, Floating-point, and Advanced SIMD functionality and it is programmed every time during cold and warm boot. The current BL3-1 implementation does not need to modify the access controls during normal execution and hence they are expected to remain static. Fixes ARM-software/tf-issues#197 Change-Id: I599ceee3b73a7dcfd37069fd41b60e3d397a7b18
-
- 28 Jul, 2014 1 commit
-
-
Juan Castillo authored
Assert a valid security state using the macro sec_state_is_valid(). Replace assert() with panic() in those cases that might arise because of runtime errors and not programming errors. Replace panic() with assert() in those cases that might arise because of programming errors. Fixes ARM-software/tf-issues#96 Change-Id: I51e9ef0439fd5ff5e0edfef49050b69804bf14d5
-
- 24 Jun, 2014 1 commit
-
-
Juan Castillo authored
Exclude stdlib files because they do not follow kernel code style. Fixes ARM-software/tf-issues#73 Change-Id: I4cfafa38ab436f5ab22c277cb38f884346a267ab
-
- 23 Jun, 2014 1 commit
-
-
Andrew Thoelke authored
Consolidate all BL3-1 CPU context initialization for cold boot, PSCI and SPDs into two functions: * The first uses entry_point_info to initialize the relevant cpu_context for first entry into a lower exception level on a CPU * The second populates the EL1 and EL2 system registers as needed from the cpu_context to ensure correct entry into the lower EL This patch alters the way that BL3-1 determines which exception level is used when first entering EL1 or EL2 during cold boot - this is now fully determined by the SPSR value in the entry_point_info for BL3-3, as set up by the platform code in BL2 (or otherwise provided to BL3-1). In the situation that EL1 (or svc mode) is selected for a processor that supports EL2, the context management code will now configure all essential EL2 register state to ensure correct execution of EL1. This allows the platform code to run non-secure EL1 payloads directly without requiring a small EL2 stub or OS loader. Change-Id: If9fbb2417e82d2226e47568203d5a369f39d3b0f
-
- 16 Jun, 2014 2 commits
-
-
Andrew Thoelke authored
Moving the context pointers for each CPU into the per-cpu data allows for much more efficient access to the contexts for the current CPU. Change-Id: Id784e210d63cbdcddb44ac1591617ce668dbc29f
-
Andrew Thoelke authored
This patch prepares the per-cpu pointer cache for wider use by: * renaming the structure to cpu_data and placing in new header * providing accessors for this CPU, or other CPUs * splitting the initialization of the TPIDR pointer from the initialization of the cpu_data content * moving the crash stack initialization to a crash stack function * setting the TPIDR pointer very early during boot Change-Id: Icef9004ff88f8eb241d48c14be3158087d7e49a3
-
- 11 Jun, 2014 2 commits
-
-
Andrew Thoelke authored
This patch makes the console crash dump of processor register state optional based on the CRASH_REPORTING make variable. This defaults to only being enabled for DEBUG builds. This can be overridden by setting a different value in the platform makefile or on the make command line. Change-Id: Icfa1b2d7ff0145cf0a85e8ad732f9cee7e7e993f
-
Andrew Thoelke authored
All callers of cm_get_context() pass the calling CPU MPIDR to the function. Providing a specialised version for the current CPU results in a reduction in code size and better readability. The current function has been renamed to cm_get_context_by_mpidr() and the existing name is now used for the current-CPU version. The same treatment has been done to cm_set_context(), although only both forms are used at present in the PSCI and TSPD code. Change-Id: I91cb0c2f7bfcb950a045dbd9ff7595751c0c0ffb
-
- 23 May, 2014 1 commit
-
-
Dan Handley authored
Previously, platform.h contained many declarations and definitions used for different purposes. This file has been split so that: * Platform definitions used by common code that must be defined by the platform are now in platform_def.h. The exact include path is exported through $PLAT_INCLUDES in the platform makefile. * Platform definitions specific to the FVP platform are now in /plat/fvp/fvp_def.h. * Platform API declarations specific to the FVP platform are now in /plat/fvp/fvp_private.h. * The remaining platform API declarations that must be ported by each platform are still in platform.h but this file has been moved to /include/plat/common since this can be shared by all platforms. Change-Id: Ieb3bb22fbab3ee8027413c6b39a783534aee474a
-
- 22 May, 2014 2 commits
-
-
Achin Gupta authored
This patch introduces a framework for registering interrupts routed to EL3. The interrupt routing model is governed by the SCR_EL3.IRQ and FIQ bits and the security state an interrupt is generated in. The framework recognizes three type of interrupts depending upon which exception level and security state they should be handled in i.e. Secure EL1 interrupts, Non-secure interrupts and EL3 interrupts. It provides an API and macros that allow a runtime service to register an handler for a type of interrupt and specify the routing model. The framework validates the routing model and uses the context management framework to ensure that it is applied to the SCR_EL3 prior to entry into the target security state. It saves the handler in internal data structures. An API is provided to retrieve the handler when an interrupt of a particular type is asserted. Registration is expected to be done once by the primary CPU. The same handler and routing model is used for all CPUs. Support for EL3 interrupts will be added to the framework in the future. A makefile flag has been added to allow the FVP port choose between ARM GIC v2 and v3 support in EL3. The latter version is currently unsupported. A framework for handling interrupts in BL3-1 will be introduced in subsequent patches. The default routing model in the absence of any handlers expects no interrupts to be routed to EL3. Change-Id: Idf7c023b34fcd4800a5980f2bef85e4b5c29e649
-
Achin Gupta authored
This patch adds an API to write to any bit in the SCR_EL3 member of the 'cpu_context' structure of the current CPU for a specified security state. This API will be used in subsequent patches which introduce interrupt management in EL3 to specify the interrupt routing model when execution is not in EL3. It also renames the cm_set_el3_elr() function to cm_set_elr_el3() which is more in line with the system register name being targeted by the API. Change-Id: I310fa7d8f827ad3f350325eca2fb28cb350a85ed
-
- 16 May, 2014 1 commit
-
-
Soby Mathew authored
This patch implements the register reporting when unhandled exceptions are taken in BL3-1. Unhandled exceptions will result in a dump of registers to the console, before halting execution by that CPU. The Crash Stack, previously called the Exception Stack, is used for this activity. This stack is used to preserve the CPU context and runtime stack contents for debugging and analysis. This also introduces the per_cpu_ptr_cache, referenced by tpidr_el3, to provide easy access to some of BL3-1 per-cpu data structures. Initially, this is used to provide a pointer to the Crash stack. panic() now prints the the error file and line number in Debug mode and prints the PC value in release mode. The Exception Stack is renamed to Crash Stack with this patch. The original intention of exception stack is no longer valid since we intend to support several valid exceptions like IRQ and FIQ in the trusted firmware context. This stack is now utilized for dumping and reporting the system state when a crash happens and hence the rename. Fixes ARM-software/tf-issues#79 Improve reporting of unhandled exception Change-Id: I260791dc05536b78547412d147193cdccae7811a
-
- 06 May, 2014 2 commits
-
-
Dan Handley authored
Reduce the number of header files included from other header files as much as possible without splitting the files. Use forward declarations where possible. This allows removal of some unnecessary "#ifndef __ASSEMBLY__" statements. Also, review the .c and .S files for which header files really need including and reorder the #include statements alphabetically. Fixes ARM-software/tf-issues#31 Change-Id: Iec92fb976334c77453e010b60bcf56f3be72bd3e
-
Dan Handley authored
Add tag names to all unnamed structs in header files. This allows forward declaration of structs, which is necessary to reduce header file nesting (to be implemented in a subsequent commit). Also change the typedef names across the codebase to use the _t suffix to be more conformant with the Linux coding style. The coding style actually prefers us not to use typedefs at all but this is considered a step too far for Trusted Firmware. Also change the IO framework structs defintions to use typedef'd structs to be consistent with the rest of the codebase. Change-Id: I722b2c86fc0d92e4da3b15e5cab20373dd26786f
-
- 20 Feb, 2014 1 commit
-
-
Achin Gupta authored
This patch implements a set of handlers in the SPD which are called by the PSCI runtime service upon receiving a power management operation. These handlers in turn pass control to the Secure Payload image if required before returning control to PSCI. This ensures that the Secure Payload has complete visibility of all power transitions in the system and can prepare accordingly. Change-Id: I2d1dba5629b7cf2d53999d39fe807dfcf3f62fe2
-
- 17 Feb, 2014 2 commits
-
-
Jeenu Viswambharan authored
This patch uses the reworked exception handling support to handle runtime service requests through SMCs following the SMC calling convention. This is a giant commit since all the changes are inter-related. It does the following: 1. Replace the old exception handling mechanism with the new one 2. Enforce that SP_EL0 is used C runtime stacks. 3. Ensures that the cold and warm boot paths use the 'cpu_context' structure to program an ERET into the next lower EL. 4. Ensures that SP_EL3 always points to the next 'cpu_context' structure prior to an ERET into the next lower EL 5. Introduces a PSCI SMC handler which completes the use of PSCI as a runtime service Change-Id: I661797f834c0803d2c674d20f504df1b04c2b852 Co-authored-by: Achin Gupta <achin.gupta@arm.com>
-
Achin Gupta authored
This patch adds support for a cpu context management library. This library will be used to: 1. Share pointers to secure and non-secure state cpu contexts between runtime services e.g. PSCI and Secure Payload Dispatcher services 2. Set SP_EL3 to a context structure which will be used for programming an ERET into a lower EL 3. Provide wrapper functions to save and restore EL3 & EL1 state. These functions will in turn use the helper functions in context.S Change-Id: I655eeef83dcd2a0c6f2eb2ac23efab866ac83ca0
-