Add SEC phase implementation for Cadence CSP platform configured with
a single Cortex-A53 processor and GIC-500.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Scott Telford <stelford@cadence.com>
---
CadencePkg/Sec/AArch64/Arch.c | 25 +++
CadencePkg/Sec/AArch64/ArmCortexA5xHelper.S | 27 +++
CadencePkg/Sec/AArch64/Helper.S | 93 ++++++++
CadencePkg/Sec/AArch64/SecEntryPoint.S | 139 ++++++++++++
CadencePkg/Sec/Sec.c | 335 ++++++++++++++++++++++++++++
CadencePkg/Sec/Sec.inf | 85 +++++++
CadencePkg/Sec/SecInternal.h | 105 +++++++++
7 files changed, 809 insertions(+)
create mode 100644 CadencePkg/Sec/AArch64/Arch.c
create mode 100644 CadencePkg/Sec/AArch64/ArmCortexA5xHelper.S
create mode 100644 CadencePkg/Sec/AArch64/Helper.S
create mode 100644 CadencePkg/Sec/AArch64/SecEntryPoint.S
create mode 100644 CadencePkg/Sec/Sec.c
create mode 100644 CadencePkg/Sec/Sec.inf
create mode 100644 CadencePkg/Sec/SecInternal.h
diff --git a/CadencePkg/Sec/AArch64/Arch.c b/CadencePkg/Sec/AArch64/Arch.c
new file mode 100644
index 0000000..6e7d58e
--- /dev/null
+++ b/CadencePkg/Sec/AArch64/Arch.c
@@ -0,0 +1,25 @@
+/** @file
+*
+* Copyright (c) 2013, ARM Limited. All rights reserved.
+*
+* This program and the accompanying materials
+* are licensed and made available under the terms and conditions of the BSD License
+* which accompanies this distribution. The full text of the license may be found at
+* http://opensource.org/licenses/bsd-license.php
+*
+* THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+* WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+*
+**/
+
+#include <Chipset/AArch64.h>
+
+VOID
+EFIAPI
+ArmSecArchTrustzoneInit (
+ VOID
+ )
+{
+ // Do not trap any access to Floating Point and Advanced SIMD in EL3.
+ ArmWriteCptr (0);
+}
diff --git a/CadencePkg/Sec/AArch64/ArmCortexA5xHelper.S b/CadencePkg/Sec/AArch64/ArmCortexA5xHelper.S
new file mode 100644
index 0000000..531de63
--- /dev/null
+++ b/CadencePkg/Sec/AArch64/ArmCortexA5xHelper.S
@@ -0,0 +1,27 @@
+#------------------------------------------------------------------------------
+#
+# Copyright (c) 2013 - 2014, ARM Limited. All rights reserved.
+#
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD Licese
+# which accompanies this distribution. The full text of the license may be foun at
+# http://opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+#------------------------------------------------------------------------------
+
+#include <AsmMacroIoLibV8.h>
+
+ASM_FUNC(ArmReadCpuExCr)
+ mrs x0, S3_1_c15_c2_1
+ ret
+
+ASM_FUNC(ArmWriteCpuExCr)
+ msr S3_1_c15_c2_1, x0
+ dsb sy
+ isb
+ ret
+
+ASM_FUNCTION_REMOVE_IF_UNREFERENCED
diff --git a/CadencePkg/Sec/AArch64/Helper.S b/CadencePkg/Sec/AArch64/Helper.S
new file mode 100644
index 0000000..3b58e12
--- /dev/null
+++ b/CadencePkg/Sec/AArch64/Helper.S
@@ -0,0 +1,93 @@
+#========================================================================================
+# Copyright (c) 2011-2014, ARM Limited. All rights reserved.
+#
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http:#opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+#=======================================================================================
+
+#include <AsmMacroIoLibV8.h>
+#include <Chipset/AArch64.h>
+
+#start of the code section
+.text
+.align 3
+
+GCC_ASM_EXPORT(SwitchToNSExceptionLevel1)
+GCC_ASM_EXPORT(enter_monitor_mode)
+GCC_ASM_EXPORT(return_from_exception)
+GCC_ASM_EXPORT(copy_cpsr_into_spsr)
+GCC_ASM_EXPORT(set_non_secure_mode)
+
+// Switch from EL3 to NS-EL1
+ASM_PFX(SwitchToNSExceptionLevel1):
+ // Now setup our EL1. Controlled by EL2 config on Model
+ mrs x0, hcr_el2 // Read EL2 Hypervisor configuration Register
+ orr x0, x0, #(1 << 31) // Set EL1 to be 64bit
+
+ // Send all interrupts to their respective Exception levels for EL2
+ and x0, x0, #~(ARM_HCR_FMO | ARM_HCR_IMO | ARM_HCR_AMO) // Disable virtual FIQ, IRQ, SError and Abort
+ msr hcr_el2, x0 // Write back our settings
+
+ msr cptr_el2, xzr // Disable copro traps to EL2
+
+ msr sctlr_el2, xzr
+
+ // Enable architected timer access
+ mrs x0, cnthctl_el2
+ orr x0, x0, #3 // Enable EL1 access to timers
+ msr cnthctl_el2, x0
+
+ mrs x0, cntkctl_el1
+ orr x0, x0, #3 // EL0 access to counters
+ msr cntkctl_el1, x0
+
+ // Set ID regs
+ mrs x0, midr_el1
+ mrs x1, mpidr_el1
+ msr vpidr_el2, x0
+ msr vmpidr_el2, x1
+
+ ret
+
+
+// EL3 on AArch64 is Secure/monitor so this funtion is reduced vs ARMv7
+// we don't need a mode switch, just setup the Arguments and jump.
+// x0: Monitor World EntryPoint
+// x1: MpId
+// x2: SecBootMode
+// x3: Secure Monitor mode stack
+ASM_PFX(enter_monitor_mode):
+ mov x4, x0 // Swap EntryPoint and MpId registers
+ mov x0, x1
+ mov x1, x2
+ mov x2, x3
+ br x4
+
+// Put the address in correct ELR_ELx and do a eret.
+// We may need to do some config before we change to another Mode.
+ASM_PFX(return_from_exception):
+ msr elr_el3, x0
+ eret
+
+// For AArch64 we need to construct the spsr we want from individual bits and pieces.
+ASM_PFX(copy_cpsr_into_spsr):
+ mrs x0, CurrentEl // Get the current exception level we are running at.
+ mrs x1, SPSel // Which Stack are we using
+ orr x0, x0, x1
+ mrs x1, daif // Which interrupts are enabled
+ orr x0, x0, x1
+ msr spsr_el3, x0 // Write to spsr
+ ret
+
+// Get this from platform file.
+ASM_PFX(set_non_secure_mode):
+ msr spsr_el3, x0
+ ret
+
+ASM_FUNCTION_REMOVE_IF_UNREFERENCED
diff --git a/CadencePkg/Sec/AArch64/SecEntryPoint.S b/CadencePkg/Sec/AArch64/SecEntryPoint.S
new file mode 100644
index 0000000..06bea3c
--- /dev/null
+++ b/CadencePkg/Sec/AArch64/SecEntryPoint.S
@@ -0,0 +1,139 @@
+//
+// Copyright (c) 2011-2014, ARM Limited. All rights reserved.
+//
+// This program and the accompanying materials
+// are licensed and made available under the terms and conditions of the BSD License
+// which accompanies this distribution. The full text of the license may be found at
+// http://opensource.org/licenses/bsd-license.php
+//
+// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+//
+//
+
+#include <AutoGen.h>
+#include <AsmMacroIoLibV8.h>
+#include "SecInternal.h"
+
+.text
+.align 3
+
+GCC_ASM_IMPORT(CEntryPoint)
+GCC_ASM_IMPORT(ArmPlatformIsPrimaryCore)
+GCC_ASM_IMPORT(ArmPlatformGetCorePosition)
+GCC_ASM_IMPORT(ArmPlatformSecBootAction)
+GCC_ASM_IMPORT(ArmPlatformSecBootMemoryInit)
+GCC_ASM_IMPORT(ArmDisableInterrupts)
+GCC_ASM_IMPORT(ArmDisableCachesAndMmu)
+GCC_ASM_IMPORT(ArmReadMpidr)
+GCC_ASM_IMPORT(ArmCallWFE)
+GCC_ASM_EXPORT(_ModuleEntryPoint)
+
+StartupAddr: .8byte ASM_PFX(CEntryPoint)
+
+ASM_PFX(_ModuleEntryPoint):
+
+// NOTE: We could be booting from EL3, EL2 or EL1. Need to correctly detect
+// and configure the system accordingly. EL2 is default if possible.
+// If we started in EL3 we need to switch and run at EL2.
+// If we are running at EL2 stay in EL2
+// If we are starting at EL1 stay in EL1.
+
+// Sec only runs in EL3. Othewise we jump to PEI without changing anything.
+// If Sec runs we change to EL2 before switching to PEI.
+
+// Which EL are we running at? Every EL needs some level of setup...
+ EL1_OR_EL2_OR_EL3(x0)
+1:// If we are at EL1 or EL2 leave SEC for PEI.
+2:b ASM_PFX(JumpToPEI)
+ // If we are at EL3 we need to configure it and switch to EL2
+3:b ASM_PFX(MainEntryPoint)
+
+ASM_PFX(MainEntryPoint):
+ // First ensure all interrupts are disabled
+ bl ASM_PFX(ArmDisableInterrupts)
+
+ // Ensure that the MMU and caches are off
+ bl ASM_PFX(ArmDisableCachesAndMmu)
+
+ // By default, we are doing a cold boot
+ mov x10, #ARM_SEC_COLD_BOOT
+
+ // Jump to Platform Specific Boot Action function
+ bl ASM_PFX(ArmPlatformSecBootAction)
+
+_IdentifyCpu:
+ // Identify CPU ID
+ bl ASM_PFX(ArmReadMpidr)
+ // Keep a copy of the MpId register value
+ mov x5, x0
+
+ // Is it the Primary Core ?
+ bl ASM_PFX(ArmPlatformIsPrimaryCore)
+ cmp x0, #1
+ // Only the primary core initialize the memory (SMC)
+ b.eq _InitMem
+
+_WaitInitMem:
+ // If we are not doing a cold boot in this case we should assume the Initial Memory to be already initialized
+ // Otherwise we have to wait the Primary Core to finish the initialization
+ cmp x10, #ARM_SEC_COLD_BOOT
+ b.ne _SetupSecondaryCoreStack
+
+ // Wait for the primary core to initialize the initial memory (event: BOOT_MEM_INIT)
+ bl ASM_PFX(ArmCallWFE)
+ // Now the Init Mem is initialized, we setup the secondary core stacks
+ b _SetupSecondaryCoreStack
+
+_InitMem:
+ // If we are not doing a cold boot in this case we should assume the Initial Memory to be already initialized
+ cmp x10, #ARM_SEC_COLD_BOOT
+ b.ne _SetupPrimaryCoreStack
+
+ // Initialize Init Boot Memory
+ bl ASM_PFX(ArmPlatformSecBootMemoryInit)
+
+_SetupPrimaryCoreStack:
+ // Get the top of the primary stacks (and the base of the secondary stacks)
+ MOV32 (x1, FixedPcdGet32(PcdCPUCoresSecStackBase))
+ MOV32 (x2, FixedPcdGet32(PcdCPUCoreSecPrimaryStackSize))
+ add x1, x1, x2
+
+ mov sp, x1
+ b _PrepareArguments
+
+_SetupSecondaryCoreStack:
+ // Get the top of the primary stacks (and the base of the secondary stacks)
+ MOV32 (x1, FixedPcdGet32(PcdCPUCoresSecStackBase))
+ MOV32 (x2, FixedPcdGet32(PcdCPUCoreSecPrimaryStackSize))
+ add x6, x1, x2
+
+ // Get the Core Position
+ mov x0, x5
+ bl ASM_PFX(ArmPlatformGetCorePosition)
+ // The stack starts at the top of the stack region. Add '1' to the Core Position to get the top of the stack
+ add x0, x0, #1
+
+ // StackOffset = CorePos * StackSize
+ MOV32 (x2, FixedPcdGet32(PcdCPUCoreSecSecondaryStackSize))
+ mul x0, x0, x2
+ // SP = StackBase + StackOffset
+ add sp, x6, x0
+
+_PrepareArguments:
+ // Move sec startup address into a data register
+ // Ensure we're jumping to FV version of the code (not boot remapped alias)
+ ldr x3, StartupAddr
+
+ // Jump to SEC C code
+ // r0 = mp_id
+ // r1 = Boot Mode
+ mov x0, x5
+ mov x1, x10
+ blr x3
+
+ ret
+
+ASM_PFX(JumpToPEI):
+ MOV32 (x0, FixedPcdGet32(PcdFvBaseAddress))
+ blr x0
diff --git a/CadencePkg/Sec/Sec.c b/CadencePkg/Sec/Sec.c
new file mode 100644
index 0000000..5b0244e
--- /dev/null
+++ b/CadencePkg/Sec/Sec.c
@@ -0,0 +1,335 @@
+/** @file
+* Main file supporting the SEC Phase on ARM Platforms
+*
+* Copyright (c) 2011-2014, ARM Limited. All rights reserved.
+* Copyright (c) 2017, Cadence Design Systems, Inc. All rights reserved.
+*
+* This program and the accompanying materials
+* are licensed and made available under the terms and conditions of the BSD License
+* which accompanies this distribution. The full text of the license may be found at
+* http://opensource.org/licenses/bsd-license.php
+*
+* THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+* WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+*
+**/
+
+#include <Chipset/ArmCortexA5x.h>
+#include <Library/ArmTrustedMonitorLib.h>
+#include <Library/ArmGenericTimerCounterLib.h>
+#include <Library/DebugAgentLib.h>
+#include <Library/IoLib.h>
+#include <Library/PrintLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/SerialPortLib.h>
+#include <Library/ArmGicLib.h>
+#include <Library/ArmPlatformLib.h>
+
+#include "SecInternal.h"
+
+#define SerialPrint(txt) SerialPortWrite ((UINT8*)txt, AsciiStrLen(txt)+1);
+
+#define ARM_GICR_WAKER 0x0014 // GIC Redistributor Wake Register
+#define ARM_GICR_IGROUPR0 0x0080 // GIC Redistributor Int Group Reg 0
+#define ARM_GICR_IGRPMODR0 0x0d00 // GIC Redistributor Int Group Mod Reg 0
+#define ARM_GICR_ICFGR1 0x0c04 // GIC Redistributor Int Config Reg 0
+
+
+VOID
+CEntryPoint (
+ IN UINTN MpId,
+ IN UINTN SecBootMode
+ )
+{
+ CHAR8 Buffer[100];
+ UINTN CharCount;
+ UINTN JumpAddress;
+
+ // Invalidate the data cache. Doesn't have to do the Data cache clean.
+ ArmInvalidateDataCache ();
+
+ // Invalidate Instruction Cache
+ ArmInvalidateInstructionCache ();
+
+ // Invalidate I & D TLBs
+ ArmInvalidateTlb ();
+
+ // CPU specific settings
+ ArmCpuSetup (MpId);
+
+ // Enable Floating Point Coprocessor if supported by the platform
+ if (FixedPcdGet32 (PcdVFPEnabled)) {
+ ArmEnableVFP ();
+ }
+
+ // Initialize peripherals that must be done at the early stage
+ // Example: Some L2 controller, interconnect, clock, DMC, etc
+ ArmPlatformSecInitialize (MpId);
+
+ // Primary CPU clears out the SCU tag RAMs, secondaries wait
+ if (ArmPlatformIsPrimaryCore (MpId) && (SecBootMode == ARM_SEC_COLD_BOOT)) {
+ if (ArmIsMpCore()) {
+ // Signal for the initial memory is configured (event: BOOT_MEM_INIT)
+ ArmCallSEV ();
+ }
+
+ // SEC phase needs to run library constructors by hand. This assumes we are linked against the SerialLib
+ // In non SEC modules the init call is in autogenerated code.
+ SerialPortInitialize ();
+
+ // Start talking
+ if (FixedPcdGetBool (PcdTrustzoneSupport)) {
+ CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Secure firmware (version %s built at %a on %a)\n\r",
+ (CHAR16*)PcdGetPtr(PcdFirmwareVersionString), __TIME__, __DATE__);
+ } else {
+ CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Boot firmware (version %s built at %a on %a)\n\r",
+ (CHAR16*)PcdGetPtr(PcdFirmwareVersionString), __TIME__, __DATE__);
+ }
+ SerialPortWrite ((UINT8 *) Buffer, CharCount);
+
+ // Initialize the Debug Agent for Source Level Debugging
+ InitializeDebugAgent (DEBUG_AGENT_INIT_PREMEM_SEC, NULL, NULL);
+ SaveAndSetDebugTimerInterrupt (TRUE);
+
+ // Enable the GIC distributor and CPU Interface
+ // - no other Interrupts are enabled, doesn't have to worry about the priority.
+ // - all the cores are in secure state, use secure SGI's
+ ArmGicEnableDistributor (PcdGet64(PcdGicDistributorBase));
+ ArmGicEnableInterruptInterface (PcdGet64(PcdGicInterruptInterfaceBase));
+ } else {
+ // Enable the GIC CPU Interface
+ ArmGicEnableInterruptInterface (PcdGet64(PcdGicInterruptInterfaceBase));
+ }
+
+ // Enable Full Access to CoProcessors
+ ArmWriteCpacr (CPACR_CP_FULL_ACCESS);
+
+ // Test if Trustzone is supported on this platform
+ if (FixedPcdGetBool (PcdTrustzoneSupport)) {
+ if (ArmIsMpCore ()) {
+ // Setup SMP in Non Secure world
+ ArmCpuSetupSmpNonSecure (GET_CORE_ID(MpId));
+ }
+
+ // Either we use the Secure Stacks for Secure Monitor (in this case (Base == 0) && (Size == 0))
+ // Or we use separate Secure Monitor stacks (but (Base != 0) && (Size != 0))
+ ASSERT (((PcdGet64(PcdCPUCoresSecMonStackBase) == 0) && (PcdGet32(PcdCPUCoreSecMonStackSize) == 0)) ||
+ ((PcdGet64(PcdCPUCoresSecMonStackBase) != 0) && (PcdGet32(PcdCPUCoreSecMonStackSize) != 0)));
+
+ // Enter Monitor Mode
+ enter_monitor_mode (
+ (UINTN)TrustedWorldInitialization, MpId, SecBootMode,
+ (VOID*) (PcdGet64 (PcdCPUCoresSecMonStackBase) +
+ (PcdGet32 (PcdCPUCoreSecMonStackSize) * (ArmPlatformGetCorePosition (MpId) + 1)))
+ );
+ } else {
+ if (ArmPlatformIsPrimaryCore (MpId)) {
+ SerialPrint ("Trust Zone Configuration is disabled\n\r");
+ }
+
+ // With Trustzone support the transition from Sec to Normal world is done by return_from_exception().
+ // If we want to keep this function call we need to ensure the SVC's SPSR point to the same Program
+ // Status Register as the the current one (CPSR).
+ copy_cpsr_into_spsr ();
+
+ // Call the Platform specific function to execute additional actions if required
+ JumpAddress = PcdGet64 (PcdFvBaseAddress);
+
+ ArmPlatformSecExtraAction (MpId, &JumpAddress);
+
+ NonTrustedWorldTransition (MpId, JumpAddress);
+ }
+ ASSERT (0); // We must never return from the above function
+}
+
+VOID
+TrustedWorldInitialization (
+ IN UINTN MpId,
+ IN UINTN SecBootMode
+ )
+{
+ UINTN JumpAddress;
+
+ //-------------------- Monitor Mode ---------------------
+
+ // Set up Monitor World (Vector Table, etc)
+ ArmSecureMonitorWorldInitialize ();
+
+ // Transfer the interrupt to Non-secure World
+ ArmGicV3SetupNonSecure (MpId, PcdGet64(PcdGicDistributorBase), PcdGet64(PcdGicRedistributorsBase));
+
+ // Initialize platform specific security policy
+ ArmPlatformSecTrustzoneInit (MpId);
+
+ // Setup the Trustzone Chipsets
+ if (SecBootMode == ARM_SEC_COLD_BOOT) {
+ if (ArmPlatformIsPrimaryCore (MpId)) {
+ if (ArmIsMpCore()) {
+ // Signal the secondary core the Security settings is done (event: EVENT_SECURE_INIT)
+ ArmCallSEV ();
+ }
+ } else {
+ // The secondary cores need to wait until the Trustzone chipsets configuration is done
+ // before switching to Non Secure World
+
+ // Wait for the Primary Core to finish the initialization of the Secure World (event: EVENT_SECURE_INIT)
+ ArmCallWFE ();
+ }
+ }
+
+ // Call the Platform specific function to execute additional actions if required
+ JumpAddress = PcdGet64 (PcdFvBaseAddress);
+
+ ArmPlatformSecExtraAction (MpId, &JumpAddress);
+
+ // Initialize architecture specific security policy
+ ArmSecArchTrustzoneInit ();
+
+ // CP15 Secure Configuration Register
+ ArmWriteScr (PcdGet32 (PcdArmScr));
+
+ NonTrustedWorldTransition (MpId, JumpAddress);
+}
+
+VOID
+NonTrustedWorldTransition (
+ IN UINTN MpId,
+ IN UINTN JumpAddress
+ )
+{
+ // If PcdArmNonSecModeTransition is defined then set this specific mode to CPSR before the transition
+ // By not set, the mode for Non Secure World is SVC
+ if (PcdGet32 (PcdArmNonSecModeTransition) != 0) {
+ set_non_secure_mode ((ARM_PROCESSOR_MODE)PcdGet32 (PcdArmNonSecModeTransition));
+ }
+
+ return_from_exception (JumpAddress);
+ //-------------------- Non Secure Mode ---------------------
+
+ // PEI Core should always load and never return
+ ASSERT (FALSE);
+}
+
+/*
+ * This function configures the all interrupts to be Non-secure.
+ *
+ */
+VOID
+EFIAPI
+ArmGicV3SetupNonSecure (
+ IN UINTN MpId,
+ IN INTN GicDistributorBase,
+ IN INTN GicRedistributorsBase
+ )
+{
+ UINTN InterruptId;
+ UINTN Index;
+ UINTN MaxInterrupts;
+ UINT32 WakeR;
+
+ // Set priority Mask so that no interrupts get through to CPU
+ ArmGicV3SetPriorityMask (0);
+
+ // Clear ProcessorSleep bit in GICR_WAKER and wait for ChildrenAsleep to clear
+ WakeR = MmioRead32 (GicRedistributorsBase + ARM_GICR_WAKER);
+ WakeR &= ~(1 << 1);
+ MmioWrite32 (GicRedistributorsBase + ARM_GICR_WAKER, WakeR);
+ do {
+ WakeR = MmioRead32 (GicRedistributorsBase + ARM_GICR_WAKER);
+ } while ((WakeR & (1 << 2)));
+
+ // Set PPIs to Non-secure Group 1 IRQ
+ MmioWrite32 (GicRedistributorsBase + ARM_GICR_SGI_PPI_FRAME_SIZE + ARM_GICR_IGROUPR0, 0xffff0000);
+
+ InterruptId = ArmGicV3AcknowledgeInterrupt();
+ MaxInterrupts = ArmGicGetMaxNumInterrupts (GicDistributorBase);
+
+ // Only try to clear valid interrupts. Ignore spurious interrupts.
+ while ((InterruptId & 0x3FF) < MaxInterrupts) {
+ // Some of the SGI's are still pending, read Ack register and send End of Interrupt Signal
+ ArmGicV3EndOfInterrupt (InterruptId);
+
+ // Next
+ InterruptId = ArmGicV3AcknowledgeInterrupt();
+ }
+
+ // Only the primary core should set the Non Secure bit to the SPIs (Shared Peripheral Interrupt).
+ if (ArmPlatformIsPrimaryCore (MpId)) {
+ // Ensure all GIC interrupts are Non-Secure
+ for (Index = 0; Index < (MaxInterrupts / 32); Index++) {
+ MmioWrite32 (GicDistributorBase + ARM_GIC_ICDISR + (Index * 4), 0xffffffff);
+ }
+ } else {
+ // The secondary cores only set the Non Secure bit to their banked PPIs
+ MmioWrite32 (GicDistributorBase + ARM_GIC_ICDISR, 0xffffffff);
+ }
+
+ // Ensure all interrupts can get through the priority mask
+ ArmGicV3SetPriorityMask (0xff);
+}
+
+//
+// Previously in ArmCpuLib:
+//
+
+VOID
+ArmCpuSetup (
+ IN UINTN MpId
+ )
+{
+ // Check if Architectural Timer frequency is valid number (should not be 0)
+ ASSERT (PcdGet32 (PcdArmArchTimerFreqInHz));
+ ASSERT (ArmIsArchTimerImplemented () != 0);
+
+ // Note: System Counter frequency can only be set in Secure privileged mode,
+ // if security extensions are implemented.
+ ArmGenericTimerSetTimerFreq (PcdGet32 (PcdArmArchTimerFreqInHz));
+
+ if (ArmIsMpCore ()) {
+ // Turn on SMP coherency
+ ArmSetCpuExCrBit (A5X_FEATURE_SMP);
+ }
+
+ //
+ // If CPU is CortexA57 r0p0 apply Errata workarounds
+ //
+ if ((ArmReadMidr () & ((ARM_CPU_TYPE_MASK << 4) | ARM_CPU_REV_MASK)) ==
+ ((ARM_CPU_TYPE_A57 << 4) | ARM_CPU_REV(0,0))) {
+
+ // Errata 806969: DisableLoadStoreWB (1ULL << 49)
+ // Errata 813420: Execute Data Cache clean as Data Cache clean/invalidate (ULL << 44)
+ // Errata 814670: disable DMB nullification (1ULL << 58)
+ ArmSetCpuActlrBit ( (1ULL << 49) | (1ULL << 44) | (1ULL << 58) );
+ }
+}
+
+VOID
+ArmCpuSetupSmpNonSecure (
+ IN UINTN MpId
+ )
+{
+}
+
+VOID
+EFIAPI
+ArmSetCpuExCrBit (
+ IN UINT64 Bits
+ )
+{
+ UINT64 Value;
+ Value = ArmReadCpuExCr ();
+ Value |= Bits;
+ ArmWriteCpuExCr (Value);
+}
+
+VOID
+EFIAPI
+ArmUnsetCpuExCrBit (
+ IN UINT64 Bits
+ )
+{
+ UINT64 Value;
+ Value = ArmReadCpuExCr ();
+ Value &= ~Bits;
+ ArmWriteCpuExCr (Value);
+}
diff --git a/CadencePkg/Sec/Sec.inf b/CadencePkg/Sec/Sec.inf
new file mode 100644
index 0000000..cf32f34
--- /dev/null
+++ b/CadencePkg/Sec/Sec.inf
@@ -0,0 +1,85 @@
+#/** @file
+# SEC - Reset vector code that jumps to C and starts the PEI phase
+#
+# (C) Copyright 2015 Hewlett-Packard Development Company, L.P.<BR>
+# Copyright (c) 2011-2013, ARM Limited. All rights reserved.
+# Copyright (c) 2017, Cadence Design Systems, Inc. All rights reserved.
+#
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+#**/
+
+[Defines]
+ INF_VERSION = 1.25
+ BASE_NAME = ArmPlatformSec
+ FILE_GUID = 424b4f2e-ec82-4c57-a188-253060be8a69
+ MODULE_TYPE = SEC
+ VERSION_STRING = 1.0
+
+[Sources]
+ Sec.c
+
+[Sources.AARCH64]
+ AArch64/Arch.c
+ AArch64/Helper.S
+ AArch64/SecEntryPoint.S
+ AArch64/ArmCortexA5xHelper.S | GCC
+
+[Packages]
+ MdePkg/MdePkg.dec
+ MdeModulePkg/MdeModulePkg.dec
+ ArmPkg/ArmPkg.dec
+ ArmPlatformPkg/ArmPlatformPkg.dec
+ CadencePkg/CadenceCspPkg.dec
+
+[LibraryClasses]
+ ArmLib
+ ArmGenericTimerCounterLib
+ ArmPlatformLib
+ ArmPlatformSecLib
+ ArmTrustedMonitorLib
+ BaseLib
+ DebugLib
+ DebugAgentLib
+ IoLib
+ ArmGicLib
+ PcdLib
+ PrintLib
+ SerialPortLib
+
+[Pcd]
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVersionString
+
+[FixedPcd.common]
+
+ gArmTokenSpaceGuid.PcdTrustzoneSupport
+ gArmTokenSpaceGuid.PcdVFPEnabled
+
+ gArmTokenSpaceGuid.PcdArmScr
+ gArmTokenSpaceGuid.PcdArmNonSecModeTransition
+ gArmTokenSpaceGuid.PcdArmArchTimerFreqInHz
+
+ gArmTokenSpaceGuid.PcdSecureFvBaseAddress
+ gArmTokenSpaceGuid.PcdSecureFvSize
+
+ gArmTokenSpaceGuid.PcdFvBaseAddress
+
+ gArmPlatformTokenSpaceGuid.PcdCPUCoresSecStackBase
+ gArmPlatformTokenSpaceGuid.PcdCPUCoreSecPrimaryStackSize
+ gArmPlatformTokenSpaceGuid.PcdCPUCoreSecSecondaryStackSize
+ gArmPlatformTokenSpaceGuid.PcdCPUCoresSecMonStackBase
+ gArmPlatformTokenSpaceGuid.PcdCPUCoreSecMonStackSize
+
+ gArmTokenSpaceGuid.PcdGicInterruptInterfaceBase
+ gArmTokenSpaceGuid.PcdGicDistributorBase
+ gArmTokenSpaceGuid.PcdGicRedistributorsBase
+
+[FixedPcd.ARM]
+ gArmTokenSpaceGuid.PcdArmNsacr
+
diff --git a/CadencePkg/Sec/SecInternal.h b/CadencePkg/Sec/SecInternal.h
new file mode 100644
index 0000000..221eb57
--- /dev/null
+++ b/CadencePkg/Sec/SecInternal.h
@@ -0,0 +1,105 @@
+/** @file
+* Main file supporting the SEC Phase on ARM PLatforms
+*
+* Copyright (c) 2011-2013, ARM Limited. All rights reserved.
+*
+* This program and the accompanying materials
+* are licensed and made available under the terms and conditions of the BSD License
+* which accompanies this distribution. The full text of the license may be found at
+* http://opensource.org/licenses/bsd-license.php
+*
+* THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+* WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+*
+**/
+
+#ifndef __SEC_H__
+#define __SEC_H__
+
+#include <Base.h>
+#include <Library/ArmLib.h>
+#include <Library/ArmPlatformLib.h>
+#include <Library/ArmPlatformSecLib.h>
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+#include <Library/PcdLib.h>
+
+#define IS_ALIGNED(Address, Align) (((UINTN)Address & (Align-1)) == 0)
+
+VOID
+TrustedWorldInitialization (
+ IN UINTN MpId,
+ IN UINTN SecBootMode
+ );
+
+VOID
+NonTrustedWorldTransition (
+ IN UINTN MpId,
+ IN UINTN JumpAddress
+ );
+
+VOID
+ArmGicV3SetupNonSecure (
+ IN UINTN MpId,
+ IN INTN GicDistributorBase,
+ IN INTN GicRedistributorsBase
+);
+
+VOID
+enter_monitor_mode (
+ IN UINTN MonitorEntryPoint,
+ IN UINTN MpId,
+ IN UINTN SecBootMode,
+ IN VOID* MonitorStackBase
+ );
+
+VOID
+return_from_exception (
+ IN UINTN NonSecureBase
+ );
+
+VOID
+copy_cpsr_into_spsr (
+ VOID
+ );
+
+VOID
+set_non_secure_mode (
+ IN ARM_PROCESSOR_MODE Mode
+ );
+
+VOID
+SecCommonExceptionEntry (
+ IN UINT32 Entry,
+ IN UINTN LR
+ );
+
+VOID
+EFIAPI
+ArmSecArchTrustzoneInit (
+ VOID
+ );
+
+VOID
+ArmCpuSetup (
+ IN UINTN MpId
+ );
+
+VOID
+ArmCpuSetupSmpNonSecure (
+ IN UINTN MpId
+ );
+
+VOID
+EFIAPI
+ArmSetCpuExCrBit (
+ IN UINT64 Bits
+);
+
+VOID
+EFIAPI
+ArmUnsetCpuExCrBit (
+ IN UINT64 Bits
+);
+
+#endif
--
2.2.2
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
On Mon, Jun 05, 2017 at 11:50:26AM +0100, Scott Telford wrote:
> Add SEC phase implementation for Cadence CSP platform configured with
> a single Cortex-A53 processor and GIC-500.
This appears to be a localised reinstatement of ArmPlatformPkg/Sec/,
which was deleted by 9a8f6fb40712938ad562e9a9095dc06dff9c1fce, with
bits of ArmCortexA5xLib merged into it.
Firstly, this is probably fine for your use-case, although if this is
a permanenent solution (you will never port ARM Trusted Firmware, and
we expect this platform to be supported upstream indefinitely), it
could be worth considering reintroducing the library.
Secondly, is there a strong reason why ArmCortexA5xLib cannot be used
as is, rather than copied across?
Thirdly, it would be nice if the commit message described explicitly
where this code came from.
/
Leif
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Scott Telford <stelford@cadence.com>
> ---
> CadencePkg/Sec/AArch64/Arch.c | 25 +++
> CadencePkg/Sec/AArch64/ArmCortexA5xHelper.S | 27 +++
> CadencePkg/Sec/AArch64/Helper.S | 93 ++++++++
> CadencePkg/Sec/AArch64/SecEntryPoint.S | 139 ++++++++++++
> CadencePkg/Sec/Sec.c | 335 ++++++++++++++++++++++++++++
> CadencePkg/Sec/Sec.inf | 85 +++++++
> CadencePkg/Sec/SecInternal.h | 105 +++++++++
> 7 files changed, 809 insertions(+)
> create mode 100644 CadencePkg/Sec/AArch64/Arch.c
> create mode 100644 CadencePkg/Sec/AArch64/ArmCortexA5xHelper.S
> create mode 100644 CadencePkg/Sec/AArch64/Helper.S
> create mode 100644 CadencePkg/Sec/AArch64/SecEntryPoint.S
> create mode 100644 CadencePkg/Sec/Sec.c
> create mode 100644 CadencePkg/Sec/Sec.inf
> create mode 100644 CadencePkg/Sec/SecInternal.h
>
> diff --git a/CadencePkg/Sec/AArch64/Arch.c b/CadencePkg/Sec/AArch64/Arch.c
> new file mode 100644
> index 0000000..6e7d58e
> --- /dev/null
> +++ b/CadencePkg/Sec/AArch64/Arch.c
> @@ -0,0 +1,25 @@
> +/** @file
> +*
> +* Copyright (c) 2013, ARM Limited. All rights reserved.
> +*
> +* This program and the accompanying materials
> +* are licensed and made available under the terms and conditions of the BSD License
> +* which accompanies this distribution. The full text of the license may be found at
> +* http://opensource.org/licenses/bsd-license.php
> +*
> +* THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +* WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +*
> +**/
> +
> +#include <Chipset/AArch64.h>
> +
> +VOID
> +EFIAPI
> +ArmSecArchTrustzoneInit (
> + VOID
> + )
> +{
> + // Do not trap any access to Floating Point and Advanced SIMD in EL3.
> + ArmWriteCptr (0);
> +}
> diff --git a/CadencePkg/Sec/AArch64/ArmCortexA5xHelper.S b/CadencePkg/Sec/AArch64/ArmCortexA5xHelper.S
> new file mode 100644
> index 0000000..531de63
> --- /dev/null
> +++ b/CadencePkg/Sec/AArch64/ArmCortexA5xHelper.S
> @@ -0,0 +1,27 @@
> +#------------------------------------------------------------------------------
> +#
> +# Copyright (c) 2013 - 2014, ARM Limited. All rights reserved.
> +#
> +# This program and the accompanying materials
> +# are licensed and made available under the terms and conditions of the BSD Licese
> +# which accompanies this distribution. The full text of the license may be foun at
> +# http://opensource.org/licenses/bsd-license.php
> +#
> +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +#
> +#------------------------------------------------------------------------------
> +
> +#include <AsmMacroIoLibV8.h>
> +
> +ASM_FUNC(ArmReadCpuExCr)
> + mrs x0, S3_1_c15_c2_1
> + ret
> +
> +ASM_FUNC(ArmWriteCpuExCr)
> + msr S3_1_c15_c2_1, x0
> + dsb sy
> + isb
> + ret
> +
> +ASM_FUNCTION_REMOVE_IF_UNREFERENCED
> diff --git a/CadencePkg/Sec/AArch64/Helper.S b/CadencePkg/Sec/AArch64/Helper.S
> new file mode 100644
> index 0000000..3b58e12
> --- /dev/null
> +++ b/CadencePkg/Sec/AArch64/Helper.S
> @@ -0,0 +1,93 @@
> +#========================================================================================
> +# Copyright (c) 2011-2014, ARM Limited. All rights reserved.
> +#
> +# This program and the accompanying materials
> +# are licensed and made available under the terms and conditions of the BSD License
> +# which accompanies this distribution. The full text of the license may be found at
> +# http:#opensource.org/licenses/bsd-license.php
> +#
> +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +#
> +#=======================================================================================
> +
> +#include <AsmMacroIoLibV8.h>
> +#include <Chipset/AArch64.h>
> +
> +#start of the code section
> +.text
> +.align 3
> +
> +GCC_ASM_EXPORT(SwitchToNSExceptionLevel1)
> +GCC_ASM_EXPORT(enter_monitor_mode)
> +GCC_ASM_EXPORT(return_from_exception)
> +GCC_ASM_EXPORT(copy_cpsr_into_spsr)
> +GCC_ASM_EXPORT(set_non_secure_mode)
> +
> +// Switch from EL3 to NS-EL1
> +ASM_PFX(SwitchToNSExceptionLevel1):
> + // Now setup our EL1. Controlled by EL2 config on Model
> + mrs x0, hcr_el2 // Read EL2 Hypervisor configuration Register
> + orr x0, x0, #(1 << 31) // Set EL1 to be 64bit
> +
> + // Send all interrupts to their respective Exception levels for EL2
> + and x0, x0, #~(ARM_HCR_FMO | ARM_HCR_IMO | ARM_HCR_AMO) // Disable virtual FIQ, IRQ, SError and Abort
> + msr hcr_el2, x0 // Write back our settings
> +
> + msr cptr_el2, xzr // Disable copro traps to EL2
> +
> + msr sctlr_el2, xzr
> +
> + // Enable architected timer access
> + mrs x0, cnthctl_el2
> + orr x0, x0, #3 // Enable EL1 access to timers
> + msr cnthctl_el2, x0
> +
> + mrs x0, cntkctl_el1
> + orr x0, x0, #3 // EL0 access to counters
> + msr cntkctl_el1, x0
> +
> + // Set ID regs
> + mrs x0, midr_el1
> + mrs x1, mpidr_el1
> + msr vpidr_el2, x0
> + msr vmpidr_el2, x1
> +
> + ret
> +
> +
> +// EL3 on AArch64 is Secure/monitor so this funtion is reduced vs ARMv7
> +// we don't need a mode switch, just setup the Arguments and jump.
> +// x0: Monitor World EntryPoint
> +// x1: MpId
> +// x2: SecBootMode
> +// x3: Secure Monitor mode stack
> +ASM_PFX(enter_monitor_mode):
> + mov x4, x0 // Swap EntryPoint and MpId registers
> + mov x0, x1
> + mov x1, x2
> + mov x2, x3
> + br x4
> +
> +// Put the address in correct ELR_ELx and do a eret.
> +// We may need to do some config before we change to another Mode.
> +ASM_PFX(return_from_exception):
> + msr elr_el3, x0
> + eret
> +
> +// For AArch64 we need to construct the spsr we want from individual bits and pieces.
> +ASM_PFX(copy_cpsr_into_spsr):
> + mrs x0, CurrentEl // Get the current exception level we are running at.
> + mrs x1, SPSel // Which Stack are we using
> + orr x0, x0, x1
> + mrs x1, daif // Which interrupts are enabled
> + orr x0, x0, x1
> + msr spsr_el3, x0 // Write to spsr
> + ret
> +
> +// Get this from platform file.
> +ASM_PFX(set_non_secure_mode):
> + msr spsr_el3, x0
> + ret
> +
> +ASM_FUNCTION_REMOVE_IF_UNREFERENCED
> diff --git a/CadencePkg/Sec/AArch64/SecEntryPoint.S b/CadencePkg/Sec/AArch64/SecEntryPoint.S
> new file mode 100644
> index 0000000..06bea3c
> --- /dev/null
> +++ b/CadencePkg/Sec/AArch64/SecEntryPoint.S
> @@ -0,0 +1,139 @@
> +//
> +// Copyright (c) 2011-2014, ARM Limited. All rights reserved.
> +//
> +// This program and the accompanying materials
> +// are licensed and made available under the terms and conditions of the BSD License
> +// which accompanies this distribution. The full text of the license may be found at
> +// http://opensource.org/licenses/bsd-license.php
> +//
> +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +//
> +//
> +
> +#include <AutoGen.h>
> +#include <AsmMacroIoLibV8.h>
> +#include "SecInternal.h"
> +
> +.text
> +.align 3
> +
> +GCC_ASM_IMPORT(CEntryPoint)
> +GCC_ASM_IMPORT(ArmPlatformIsPrimaryCore)
> +GCC_ASM_IMPORT(ArmPlatformGetCorePosition)
> +GCC_ASM_IMPORT(ArmPlatformSecBootAction)
> +GCC_ASM_IMPORT(ArmPlatformSecBootMemoryInit)
> +GCC_ASM_IMPORT(ArmDisableInterrupts)
> +GCC_ASM_IMPORT(ArmDisableCachesAndMmu)
> +GCC_ASM_IMPORT(ArmReadMpidr)
> +GCC_ASM_IMPORT(ArmCallWFE)
> +GCC_ASM_EXPORT(_ModuleEntryPoint)
> +
> +StartupAddr: .8byte ASM_PFX(CEntryPoint)
> +
> +ASM_PFX(_ModuleEntryPoint):
> +
> +// NOTE: We could be booting from EL3, EL2 or EL1. Need to correctly detect
> +// and configure the system accordingly. EL2 is default if possible.
> +// If we started in EL3 we need to switch and run at EL2.
> +// If we are running at EL2 stay in EL2
> +// If we are starting at EL1 stay in EL1.
> +
> +// Sec only runs in EL3. Othewise we jump to PEI without changing anything.
> +// If Sec runs we change to EL2 before switching to PEI.
> +
> +// Which EL are we running at? Every EL needs some level of setup...
> + EL1_OR_EL2_OR_EL3(x0)
> +1:// If we are at EL1 or EL2 leave SEC for PEI.
> +2:b ASM_PFX(JumpToPEI)
> + // If we are at EL3 we need to configure it and switch to EL2
> +3:b ASM_PFX(MainEntryPoint)
> +
> +ASM_PFX(MainEntryPoint):
> + // First ensure all interrupts are disabled
> + bl ASM_PFX(ArmDisableInterrupts)
> +
> + // Ensure that the MMU and caches are off
> + bl ASM_PFX(ArmDisableCachesAndMmu)
> +
> + // By default, we are doing a cold boot
> + mov x10, #ARM_SEC_COLD_BOOT
> +
> + // Jump to Platform Specific Boot Action function
> + bl ASM_PFX(ArmPlatformSecBootAction)
> +
> +_IdentifyCpu:
> + // Identify CPU ID
> + bl ASM_PFX(ArmReadMpidr)
> + // Keep a copy of the MpId register value
> + mov x5, x0
> +
> + // Is it the Primary Core ?
> + bl ASM_PFX(ArmPlatformIsPrimaryCore)
> + cmp x0, #1
> + // Only the primary core initialize the memory (SMC)
> + b.eq _InitMem
> +
> +_WaitInitMem:
> + // If we are not doing a cold boot in this case we should assume the Initial Memory to be already initialized
> + // Otherwise we have to wait the Primary Core to finish the initialization
> + cmp x10, #ARM_SEC_COLD_BOOT
> + b.ne _SetupSecondaryCoreStack
> +
> + // Wait for the primary core to initialize the initial memory (event: BOOT_MEM_INIT)
> + bl ASM_PFX(ArmCallWFE)
> + // Now the Init Mem is initialized, we setup the secondary core stacks
> + b _SetupSecondaryCoreStack
> +
> +_InitMem:
> + // If we are not doing a cold boot in this case we should assume the Initial Memory to be already initialized
> + cmp x10, #ARM_SEC_COLD_BOOT
> + b.ne _SetupPrimaryCoreStack
> +
> + // Initialize Init Boot Memory
> + bl ASM_PFX(ArmPlatformSecBootMemoryInit)
> +
> +_SetupPrimaryCoreStack:
> + // Get the top of the primary stacks (and the base of the secondary stacks)
> + MOV32 (x1, FixedPcdGet32(PcdCPUCoresSecStackBase))
> + MOV32 (x2, FixedPcdGet32(PcdCPUCoreSecPrimaryStackSize))
> + add x1, x1, x2
> +
> + mov sp, x1
> + b _PrepareArguments
> +
> +_SetupSecondaryCoreStack:
> + // Get the top of the primary stacks (and the base of the secondary stacks)
> + MOV32 (x1, FixedPcdGet32(PcdCPUCoresSecStackBase))
> + MOV32 (x2, FixedPcdGet32(PcdCPUCoreSecPrimaryStackSize))
> + add x6, x1, x2
> +
> + // Get the Core Position
> + mov x0, x5
> + bl ASM_PFX(ArmPlatformGetCorePosition)
> + // The stack starts at the top of the stack region. Add '1' to the Core Position to get the top of the stack
> + add x0, x0, #1
> +
> + // StackOffset = CorePos * StackSize
> + MOV32 (x2, FixedPcdGet32(PcdCPUCoreSecSecondaryStackSize))
> + mul x0, x0, x2
> + // SP = StackBase + StackOffset
> + add sp, x6, x0
> +
> +_PrepareArguments:
> + // Move sec startup address into a data register
> + // Ensure we're jumping to FV version of the code (not boot remapped alias)
> + ldr x3, StartupAddr
> +
> + // Jump to SEC C code
> + // r0 = mp_id
> + // r1 = Boot Mode
> + mov x0, x5
> + mov x1, x10
> + blr x3
> +
> + ret
> +
> +ASM_PFX(JumpToPEI):
> + MOV32 (x0, FixedPcdGet32(PcdFvBaseAddress))
> + blr x0
> diff --git a/CadencePkg/Sec/Sec.c b/CadencePkg/Sec/Sec.c
> new file mode 100644
> index 0000000..5b0244e
> --- /dev/null
> +++ b/CadencePkg/Sec/Sec.c
> @@ -0,0 +1,335 @@
> +/** @file
> +* Main file supporting the SEC Phase on ARM Platforms
> +*
> +* Copyright (c) 2011-2014, ARM Limited. All rights reserved.
> +* Copyright (c) 2017, Cadence Design Systems, Inc. All rights reserved.
> +*
> +* This program and the accompanying materials
> +* are licensed and made available under the terms and conditions of the BSD License
> +* which accompanies this distribution. The full text of the license may be found at
> +* http://opensource.org/licenses/bsd-license.php
> +*
> +* THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +* WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +*
> +**/
> +
> +#include <Chipset/ArmCortexA5x.h>
> +#include <Library/ArmTrustedMonitorLib.h>
> +#include <Library/ArmGenericTimerCounterLib.h>
> +#include <Library/DebugAgentLib.h>
> +#include <Library/IoLib.h>
> +#include <Library/PrintLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/SerialPortLib.h>
> +#include <Library/ArmGicLib.h>
> +#include <Library/ArmPlatformLib.h>
> +
> +#include "SecInternal.h"
> +
> +#define SerialPrint(txt) SerialPortWrite ((UINT8*)txt, AsciiStrLen(txt)+1);
> +
> +#define ARM_GICR_WAKER 0x0014 // GIC Redistributor Wake Register
> +#define ARM_GICR_IGROUPR0 0x0080 // GIC Redistributor Int Group Reg 0
> +#define ARM_GICR_IGRPMODR0 0x0d00 // GIC Redistributor Int Group Mod Reg 0
> +#define ARM_GICR_ICFGR1 0x0c04 // GIC Redistributor Int Config Reg 0
> +
> +
> +VOID
> +CEntryPoint (
> + IN UINTN MpId,
> + IN UINTN SecBootMode
> + )
> +{
> + CHAR8 Buffer[100];
> + UINTN CharCount;
> + UINTN JumpAddress;
> +
> + // Invalidate the data cache. Doesn't have to do the Data cache clean.
> + ArmInvalidateDataCache ();
> +
> + // Invalidate Instruction Cache
> + ArmInvalidateInstructionCache ();
> +
> + // Invalidate I & D TLBs
> + ArmInvalidateTlb ();
> +
> + // CPU specific settings
> + ArmCpuSetup (MpId);
> +
> + // Enable Floating Point Coprocessor if supported by the platform
> + if (FixedPcdGet32 (PcdVFPEnabled)) {
> + ArmEnableVFP ();
> + }
> +
> + // Initialize peripherals that must be done at the early stage
> + // Example: Some L2 controller, interconnect, clock, DMC, etc
> + ArmPlatformSecInitialize (MpId);
> +
> + // Primary CPU clears out the SCU tag RAMs, secondaries wait
> + if (ArmPlatformIsPrimaryCore (MpId) && (SecBootMode == ARM_SEC_COLD_BOOT)) {
> + if (ArmIsMpCore()) {
> + // Signal for the initial memory is configured (event: BOOT_MEM_INIT)
> + ArmCallSEV ();
> + }
> +
> + // SEC phase needs to run library constructors by hand. This assumes we are linked against the SerialLib
> + // In non SEC modules the init call is in autogenerated code.
> + SerialPortInitialize ();
> +
> + // Start talking
> + if (FixedPcdGetBool (PcdTrustzoneSupport)) {
> + CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Secure firmware (version %s built at %a on %a)\n\r",
> + (CHAR16*)PcdGetPtr(PcdFirmwareVersionString), __TIME__, __DATE__);
> + } else {
> + CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Boot firmware (version %s built at %a on %a)\n\r",
> + (CHAR16*)PcdGetPtr(PcdFirmwareVersionString), __TIME__, __DATE__);
> + }
> + SerialPortWrite ((UINT8 *) Buffer, CharCount);
> +
> + // Initialize the Debug Agent for Source Level Debugging
> + InitializeDebugAgent (DEBUG_AGENT_INIT_PREMEM_SEC, NULL, NULL);
> + SaveAndSetDebugTimerInterrupt (TRUE);
> +
> + // Enable the GIC distributor and CPU Interface
> + // - no other Interrupts are enabled, doesn't have to worry about the priority.
> + // - all the cores are in secure state, use secure SGI's
> + ArmGicEnableDistributor (PcdGet64(PcdGicDistributorBase));
> + ArmGicEnableInterruptInterface (PcdGet64(PcdGicInterruptInterfaceBase));
> + } else {
> + // Enable the GIC CPU Interface
> + ArmGicEnableInterruptInterface (PcdGet64(PcdGicInterruptInterfaceBase));
> + }
> +
> + // Enable Full Access to CoProcessors
> + ArmWriteCpacr (CPACR_CP_FULL_ACCESS);
> +
> + // Test if Trustzone is supported on this platform
> + if (FixedPcdGetBool (PcdTrustzoneSupport)) {
> + if (ArmIsMpCore ()) {
> + // Setup SMP in Non Secure world
> + ArmCpuSetupSmpNonSecure (GET_CORE_ID(MpId));
> + }
> +
> + // Either we use the Secure Stacks for Secure Monitor (in this case (Base == 0) && (Size == 0))
> + // Or we use separate Secure Monitor stacks (but (Base != 0) && (Size != 0))
> + ASSERT (((PcdGet64(PcdCPUCoresSecMonStackBase) == 0) && (PcdGet32(PcdCPUCoreSecMonStackSize) == 0)) ||
> + ((PcdGet64(PcdCPUCoresSecMonStackBase) != 0) && (PcdGet32(PcdCPUCoreSecMonStackSize) != 0)));
> +
> + // Enter Monitor Mode
> + enter_monitor_mode (
> + (UINTN)TrustedWorldInitialization, MpId, SecBootMode,
> + (VOID*) (PcdGet64 (PcdCPUCoresSecMonStackBase) +
> + (PcdGet32 (PcdCPUCoreSecMonStackSize) * (ArmPlatformGetCorePosition (MpId) + 1)))
> + );
> + } else {
> + if (ArmPlatformIsPrimaryCore (MpId)) {
> + SerialPrint ("Trust Zone Configuration is disabled\n\r");
> + }
> +
> + // With Trustzone support the transition from Sec to Normal world is done by return_from_exception().
> + // If we want to keep this function call we need to ensure the SVC's SPSR point to the same Program
> + // Status Register as the the current one (CPSR).
> + copy_cpsr_into_spsr ();
> +
> + // Call the Platform specific function to execute additional actions if required
> + JumpAddress = PcdGet64 (PcdFvBaseAddress);
> +
> + ArmPlatformSecExtraAction (MpId, &JumpAddress);
> +
> + NonTrustedWorldTransition (MpId, JumpAddress);
> + }
> + ASSERT (0); // We must never return from the above function
> +}
> +
> +VOID
> +TrustedWorldInitialization (
> + IN UINTN MpId,
> + IN UINTN SecBootMode
> + )
> +{
> + UINTN JumpAddress;
> +
> + //-------------------- Monitor Mode ---------------------
> +
> + // Set up Monitor World (Vector Table, etc)
> + ArmSecureMonitorWorldInitialize ();
> +
> + // Transfer the interrupt to Non-secure World
> + ArmGicV3SetupNonSecure (MpId, PcdGet64(PcdGicDistributorBase), PcdGet64(PcdGicRedistributorsBase));
> +
> + // Initialize platform specific security policy
> + ArmPlatformSecTrustzoneInit (MpId);
> +
> + // Setup the Trustzone Chipsets
> + if (SecBootMode == ARM_SEC_COLD_BOOT) {
> + if (ArmPlatformIsPrimaryCore (MpId)) {
> + if (ArmIsMpCore()) {
> + // Signal the secondary core the Security settings is done (event: EVENT_SECURE_INIT)
> + ArmCallSEV ();
> + }
> + } else {
> + // The secondary cores need to wait until the Trustzone chipsets configuration is done
> + // before switching to Non Secure World
> +
> + // Wait for the Primary Core to finish the initialization of the Secure World (event: EVENT_SECURE_INIT)
> + ArmCallWFE ();
> + }
> + }
> +
> + // Call the Platform specific function to execute additional actions if required
> + JumpAddress = PcdGet64 (PcdFvBaseAddress);
> +
> + ArmPlatformSecExtraAction (MpId, &JumpAddress);
> +
> + // Initialize architecture specific security policy
> + ArmSecArchTrustzoneInit ();
> +
> + // CP15 Secure Configuration Register
> + ArmWriteScr (PcdGet32 (PcdArmScr));
> +
> + NonTrustedWorldTransition (MpId, JumpAddress);
> +}
> +
> +VOID
> +NonTrustedWorldTransition (
> + IN UINTN MpId,
> + IN UINTN JumpAddress
> + )
> +{
> + // If PcdArmNonSecModeTransition is defined then set this specific mode to CPSR before the transition
> + // By not set, the mode for Non Secure World is SVC
> + if (PcdGet32 (PcdArmNonSecModeTransition) != 0) {
> + set_non_secure_mode ((ARM_PROCESSOR_MODE)PcdGet32 (PcdArmNonSecModeTransition));
> + }
> +
> + return_from_exception (JumpAddress);
> + //-------------------- Non Secure Mode ---------------------
> +
> + // PEI Core should always load and never return
> + ASSERT (FALSE);
> +}
> +
> +/*
> + * This function configures the all interrupts to be Non-secure.
> + *
> + */
> +VOID
> +EFIAPI
> +ArmGicV3SetupNonSecure (
> + IN UINTN MpId,
> + IN INTN GicDistributorBase,
> + IN INTN GicRedistributorsBase
> + )
> +{
> + UINTN InterruptId;
> + UINTN Index;
> + UINTN MaxInterrupts;
> + UINT32 WakeR;
> +
> + // Set priority Mask so that no interrupts get through to CPU
> + ArmGicV3SetPriorityMask (0);
> +
> + // Clear ProcessorSleep bit in GICR_WAKER and wait for ChildrenAsleep to clear
> + WakeR = MmioRead32 (GicRedistributorsBase + ARM_GICR_WAKER);
> + WakeR &= ~(1 << 1);
> + MmioWrite32 (GicRedistributorsBase + ARM_GICR_WAKER, WakeR);
> + do {
> + WakeR = MmioRead32 (GicRedistributorsBase + ARM_GICR_WAKER);
> + } while ((WakeR & (1 << 2)));
> +
> + // Set PPIs to Non-secure Group 1 IRQ
> + MmioWrite32 (GicRedistributorsBase + ARM_GICR_SGI_PPI_FRAME_SIZE + ARM_GICR_IGROUPR0, 0xffff0000);
> +
> + InterruptId = ArmGicV3AcknowledgeInterrupt();
> + MaxInterrupts = ArmGicGetMaxNumInterrupts (GicDistributorBase);
> +
> + // Only try to clear valid interrupts. Ignore spurious interrupts.
> + while ((InterruptId & 0x3FF) < MaxInterrupts) {
> + // Some of the SGI's are still pending, read Ack register and send End of Interrupt Signal
> + ArmGicV3EndOfInterrupt (InterruptId);
> +
> + // Next
> + InterruptId = ArmGicV3AcknowledgeInterrupt();
> + }
> +
> + // Only the primary core should set the Non Secure bit to the SPIs (Shared Peripheral Interrupt).
> + if (ArmPlatformIsPrimaryCore (MpId)) {
> + // Ensure all GIC interrupts are Non-Secure
> + for (Index = 0; Index < (MaxInterrupts / 32); Index++) {
> + MmioWrite32 (GicDistributorBase + ARM_GIC_ICDISR + (Index * 4), 0xffffffff);
> + }
> + } else {
> + // The secondary cores only set the Non Secure bit to their banked PPIs
> + MmioWrite32 (GicDistributorBase + ARM_GIC_ICDISR, 0xffffffff);
> + }
> +
> + // Ensure all interrupts can get through the priority mask
> + ArmGicV3SetPriorityMask (0xff);
> +}
> +
> +//
> +// Previously in ArmCpuLib:
> +//
> +
> +VOID
> +ArmCpuSetup (
> + IN UINTN MpId
> + )
> +{
> + // Check if Architectural Timer frequency is valid number (should not be 0)
> + ASSERT (PcdGet32 (PcdArmArchTimerFreqInHz));
> + ASSERT (ArmIsArchTimerImplemented () != 0);
> +
> + // Note: System Counter frequency can only be set in Secure privileged mode,
> + // if security extensions are implemented.
> + ArmGenericTimerSetTimerFreq (PcdGet32 (PcdArmArchTimerFreqInHz));
> +
> + if (ArmIsMpCore ()) {
> + // Turn on SMP coherency
> + ArmSetCpuExCrBit (A5X_FEATURE_SMP);
> + }
> +
> + //
> + // If CPU is CortexA57 r0p0 apply Errata workarounds
> + //
> + if ((ArmReadMidr () & ((ARM_CPU_TYPE_MASK << 4) | ARM_CPU_REV_MASK)) ==
> + ((ARM_CPU_TYPE_A57 << 4) | ARM_CPU_REV(0,0))) {
> +
> + // Errata 806969: DisableLoadStoreWB (1ULL << 49)
> + // Errata 813420: Execute Data Cache clean as Data Cache clean/invalidate (ULL << 44)
> + // Errata 814670: disable DMB nullification (1ULL << 58)
> + ArmSetCpuActlrBit ( (1ULL << 49) | (1ULL << 44) | (1ULL << 58) );
> + }
> +}
> +
> +VOID
> +ArmCpuSetupSmpNonSecure (
> + IN UINTN MpId
> + )
> +{
> +}
> +
> +VOID
> +EFIAPI
> +ArmSetCpuExCrBit (
> + IN UINT64 Bits
> + )
> +{
> + UINT64 Value;
> + Value = ArmReadCpuExCr ();
> + Value |= Bits;
> + ArmWriteCpuExCr (Value);
> +}
> +
> +VOID
> +EFIAPI
> +ArmUnsetCpuExCrBit (
> + IN UINT64 Bits
> + )
> +{
> + UINT64 Value;
> + Value = ArmReadCpuExCr ();
> + Value &= ~Bits;
> + ArmWriteCpuExCr (Value);
> +}
> diff --git a/CadencePkg/Sec/Sec.inf b/CadencePkg/Sec/Sec.inf
> new file mode 100644
> index 0000000..cf32f34
> --- /dev/null
> +++ b/CadencePkg/Sec/Sec.inf
> @@ -0,0 +1,85 @@
> +#/** @file
> +# SEC - Reset vector code that jumps to C and starts the PEI phase
> +#
> +# (C) Copyright 2015 Hewlett-Packard Development Company, L.P.<BR>
> +# Copyright (c) 2011-2013, ARM Limited. All rights reserved.
> +# Copyright (c) 2017, Cadence Design Systems, Inc. All rights reserved.
> +#
> +# This program and the accompanying materials
> +# are licensed and made available under the terms and conditions of the BSD License
> +# which accompanies this distribution. The full text of the license may be found at
> +# http://opensource.org/licenses/bsd-license.php
> +#
> +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +#
> +#**/
> +
> +[Defines]
> + INF_VERSION = 1.25
> + BASE_NAME = ArmPlatformSec
> + FILE_GUID = 424b4f2e-ec82-4c57-a188-253060be8a69
> + MODULE_TYPE = SEC
> + VERSION_STRING = 1.0
> +
> +[Sources]
> + Sec.c
> +
> +[Sources.AARCH64]
> + AArch64/Arch.c
> + AArch64/Helper.S
> + AArch64/SecEntryPoint.S
> + AArch64/ArmCortexA5xHelper.S | GCC
> +
> +[Packages]
> + MdePkg/MdePkg.dec
> + MdeModulePkg/MdeModulePkg.dec
> + ArmPkg/ArmPkg.dec
> + ArmPlatformPkg/ArmPlatformPkg.dec
> + CadencePkg/CadenceCspPkg.dec
> +
> +[LibraryClasses]
> + ArmLib
> + ArmGenericTimerCounterLib
> + ArmPlatformLib
> + ArmPlatformSecLib
> + ArmTrustedMonitorLib
> + BaseLib
> + DebugLib
> + DebugAgentLib
> + IoLib
> + ArmGicLib
> + PcdLib
> + PrintLib
> + SerialPortLib
> +
> +[Pcd]
> + gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVersionString
> +
> +[FixedPcd.common]
> +
> + gArmTokenSpaceGuid.PcdTrustzoneSupport
> + gArmTokenSpaceGuid.PcdVFPEnabled
> +
> + gArmTokenSpaceGuid.PcdArmScr
> + gArmTokenSpaceGuid.PcdArmNonSecModeTransition
> + gArmTokenSpaceGuid.PcdArmArchTimerFreqInHz
> +
> + gArmTokenSpaceGuid.PcdSecureFvBaseAddress
> + gArmTokenSpaceGuid.PcdSecureFvSize
> +
> + gArmTokenSpaceGuid.PcdFvBaseAddress
> +
> + gArmPlatformTokenSpaceGuid.PcdCPUCoresSecStackBase
> + gArmPlatformTokenSpaceGuid.PcdCPUCoreSecPrimaryStackSize
> + gArmPlatformTokenSpaceGuid.PcdCPUCoreSecSecondaryStackSize
> + gArmPlatformTokenSpaceGuid.PcdCPUCoresSecMonStackBase
> + gArmPlatformTokenSpaceGuid.PcdCPUCoreSecMonStackSize
> +
> + gArmTokenSpaceGuid.PcdGicInterruptInterfaceBase
> + gArmTokenSpaceGuid.PcdGicDistributorBase
> + gArmTokenSpaceGuid.PcdGicRedistributorsBase
> +
> +[FixedPcd.ARM]
> + gArmTokenSpaceGuid.PcdArmNsacr
> +
> diff --git a/CadencePkg/Sec/SecInternal.h b/CadencePkg/Sec/SecInternal.h
> new file mode 100644
> index 0000000..221eb57
> --- /dev/null
> +++ b/CadencePkg/Sec/SecInternal.h
> @@ -0,0 +1,105 @@
> +/** @file
> +* Main file supporting the SEC Phase on ARM PLatforms
> +*
> +* Copyright (c) 2011-2013, ARM Limited. All rights reserved.
> +*
> +* This program and the accompanying materials
> +* are licensed and made available under the terms and conditions of the BSD License
> +* which accompanies this distribution. The full text of the license may be found at
> +* http://opensource.org/licenses/bsd-license.php
> +*
> +* THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +* WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +*
> +**/
> +
> +#ifndef __SEC_H__
> +#define __SEC_H__
> +
> +#include <Base.h>
> +#include <Library/ArmLib.h>
> +#include <Library/ArmPlatformLib.h>
> +#include <Library/ArmPlatformSecLib.h>
> +#include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/PcdLib.h>
> +
> +#define IS_ALIGNED(Address, Align) (((UINTN)Address & (Align-1)) == 0)
> +
> +VOID
> +TrustedWorldInitialization (
> + IN UINTN MpId,
> + IN UINTN SecBootMode
> + );
> +
> +VOID
> +NonTrustedWorldTransition (
> + IN UINTN MpId,
> + IN UINTN JumpAddress
> + );
> +
> +VOID
> +ArmGicV3SetupNonSecure (
> + IN UINTN MpId,
> + IN INTN GicDistributorBase,
> + IN INTN GicRedistributorsBase
> +);
> +
> +VOID
> +enter_monitor_mode (
> + IN UINTN MonitorEntryPoint,
> + IN UINTN MpId,
> + IN UINTN SecBootMode,
> + IN VOID* MonitorStackBase
> + );
> +
> +VOID
> +return_from_exception (
> + IN UINTN NonSecureBase
> + );
> +
> +VOID
> +copy_cpsr_into_spsr (
> + VOID
> + );
> +
> +VOID
> +set_non_secure_mode (
> + IN ARM_PROCESSOR_MODE Mode
> + );
> +
> +VOID
> +SecCommonExceptionEntry (
> + IN UINT32 Entry,
> + IN UINTN LR
> + );
> +
> +VOID
> +EFIAPI
> +ArmSecArchTrustzoneInit (
> + VOID
> + );
> +
> +VOID
> +ArmCpuSetup (
> + IN UINTN MpId
> + );
> +
> +VOID
> +ArmCpuSetupSmpNonSecure (
> + IN UINTN MpId
> + );
> +
> +VOID
> +EFIAPI
> +ArmSetCpuExCrBit (
> + IN UINT64 Bits
> +);
> +
> +VOID
> +EFIAPI
> +ArmUnsetCpuExCrBit (
> + IN UINT64 Bits
> +);
> +
> +#endif
> --
> 2.2.2
>
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
> -----Original Message----- > From: Leif Lindholm [mailto:leif.lindholm@linaro.org] > Sent: 06 June 2017 11:52 > To: Scott Telford <stelford@cadence.com> > Cc: edk2-devel@ml01.01.org; ard.biesheuvel@linaro.org; > graeme.gregory@linaro.org; afish@apple.com; michael.d.kinney@intel.com > Subject: Re: [staging/cadence-aarch64 PATCH v2 4/6] CadencePkg: Add SEC > phase implementation for Cadence CSP platform. > > On Mon, Jun 05, 2017 at 11:50:26AM +0100, Scott Telford wrote: > > Add SEC phase implementation for Cadence CSP platform configured with > > a single Cortex-A53 processor and GIC-500. > Secondly, is there a strong reason why ArmCortexA5xLib cannot be used > as is, rather than copied across? ArmCpuLib was deleted in commit cffa7925a293d991957bc47865eac25516b59e63, hence the need to merge the required A5x routines into this code. > Thirdly, it would be nice if the commit message described explicitly > where this code came from. Will do. Regards, Scott. _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
© 2016 - 2026 Red Hat, Inc.