Merge "mmc:prevent accessing to the released space in case of wrong usage" into integration
diff --git a/include/drivers/arm/tzc400.h b/include/drivers/arm/tzc400.h
index cf2e82b..aacd5df 100644
--- a/include/drivers/arm/tzc400.h
+++ b/include/drivers/arm/tzc400.h
@@ -65,8 +65,8 @@
#define FAIL_CONTROL_NS_SECURE U(0)
#define FAIL_CONTROL_NS_NONSECURE U(1)
#define FAIL_CONTROL_PRIV_SHIFT 20
-#define FAIL_CONTROL_PRIV_PRIV U(0)
-#define FAIL_CONTROL_PRIV_UNPRIV U(1)
+#define FAIL_CONTROL_PRIV_UNPRIV U(0)
+#define FAIL_CONTROL_PRIV_PRIV U(1)
/*
* FAIL_ID_ID_MASK depends on AID_WIDTH which is platform specific.
diff --git a/include/lib/cpus/aarch64/cortex_matterhorn_elp_arm.h b/include/lib/cpus/aarch64/cortex_matterhorn_elp_arm.h
new file mode 100644
index 0000000..309578e
--- /dev/null
+++ b/include/lib/cpus/aarch64/cortex_matterhorn_elp_arm.h
@@ -0,0 +1,23 @@
+/*
+ * Copyright (c) 2021, ARM Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef CORTEX_MATTERHORN_ELP_ARM_H
+#define CORTEX_MATTERHORN_ELP_ARM_H
+
+#define CORTEX_MATTERHORN_ELP_ARM_MIDR U(0x410FD480)
+
+/*******************************************************************************
+ * CPU Extended Control register specific definitions
+ ******************************************************************************/
+#define CORTEX_MATTERHORN_ELP_ARM_CPUECTLR_EL1 S3_0_C15_C1_4
+
+/*******************************************************************************
+ * CPU Power Control register specific definitions
+ ******************************************************************************/
+#define CORTEX_MATTERHORN_ELP_ARM_CPUPWRCTLR_EL1 S3_0_C15_C2_7
+#define CORTEX_MATTERHORN_ELP_ARM_CPUPWRCTLR_EL1_CORE_PWRDN_BIT U(1)
+
+#endif /* CORTEX_MATTERHORN_ELP_ARM_H */
diff --git a/include/services/ffa_svc.h b/include/services/ffa_svc.h
index 0513eab..ec75bc9 100644
--- a/include/services/ffa_svc.h
+++ b/include/services/ffa_svc.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2021, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -22,7 +22,7 @@
/* The macros below are used to identify FFA calls from the SMC function ID */
#define FFA_FNUM_MIN_VALUE U(0x60)
-#define FFA_FNUM_MAX_VALUE U(0x7f)
+#define FFA_FNUM_MAX_VALUE U(0x84)
#define is_ffa_fid(fid) __extension__ ({ \
__typeof__(fid) _fid = (fid); \
((GET_SMC_NUM(_fid) >= FFA_FNUM_MIN_VALUE) && \
@@ -85,6 +85,7 @@
#define FFA_FNUM_MEM_RETRIEVE_RESP U(0x75)
#define FFA_FNUM_MEM_RELINQUISH U(0x76)
#define FFA_FNUM_MEM_RECLAIM U(0x77)
+#define FFA_FNUM_SECONDARY_EP_REGISTER U(0x84)
/* FFA SMC32 FIDs */
#define FFA_ERROR FFA_FID(SMC_32, FFA_FNUM_ERROR)
@@ -116,6 +117,7 @@
#define FFA_MEM_RECLAIM FFA_FID(SMC_32, FFA_FNUM_MEM_RECLAIM)
/* FFA SMC64 FIDs */
+#define FFA_ERROR_SMC64 FFA_FID(SMC_64, FFA_FNUM_ERROR)
#define FFA_SUCCESS_SMC64 FFA_FID(SMC_64, FFA_FNUM_SUCCESS)
#define FFA_RXTX_MAP_SMC64 FFA_FID(SMC_64, FFA_FNUM_RXTX_MAP)
#define FFA_MSG_SEND_DIRECT_REQ_SMC64 \
@@ -127,6 +129,8 @@
#define FFA_MEM_SHARE_SMC64 FFA_FID(SMC_64, FFA_FNUM_MEM_SHARE)
#define FFA_MEM_RETRIEVE_REQ_SMC64 \
FFA_FID(SMC_64, FFA_FNUM_MEM_RETRIEVE_REQ)
+#define FFA_SECONDARY_EP_REGISTER_SMC64 \
+ FFA_FID(SMC_64, FFA_FNUM_SECONDARY_EP_REGISTER)
/*
* Reserve a special value for traffic targeted to the Hypervisor or SPM.
diff --git a/lib/cpus/aarch64/cortex_matterhorn_elp_arm.S b/lib/cpus/aarch64/cortex_matterhorn_elp_arm.S
new file mode 100644
index 0000000..b0f81a2
--- /dev/null
+++ b/lib/cpus/aarch64/cortex_matterhorn_elp_arm.S
@@ -0,0 +1,77 @@
+/*
+ * Copyright (c) 2021, ARM Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <arch.h>
+#include <asm_macros.S>
+#include <common/bl_common.h>
+#include <cortex_matterhorn_elp_arm.h>
+#include <cpu_macros.S>
+#include <plat_macros.S>
+
+/* Hardware handled coherency */
+#if HW_ASSISTED_COHERENCY == 0
+#error "Cortex Matterhorn ELP ARM must be compiled with HW_ASSISTED_COHERENCY enabled"
+#endif
+
+/* 64-bit only core */
+#if CTX_INCLUDE_AARCH32_REGS == 1
+#error "Cortex Matterhorn ELP ARM supports only AArch64. Compile with CTX_INCLUDE_AARCH32_REGS=0"
+#endif
+
+ /* ----------------------------------------------------
+ * HW will do the cache maintenance while powering down
+ * ----------------------------------------------------
+ */
+func cortex_matterhorn_elp_arm_core_pwr_dwn
+ /* ---------------------------------------------------
+ * Enable CPU power down bit in power control register
+ * ---------------------------------------------------
+ */
+ mrs x0, CORTEX_MATTERHORN_ELP_ARM_CPUPWRCTLR_EL1
+ orr x0, x0, #CORTEX_MATTERHORN_ELP_ARM_CPUPWRCTLR_EL1_CORE_PWRDN_BIT
+ msr CORTEX_MATTERHORN_ELP_ARM_CPUPWRCTLR_EL1, x0
+ isb
+ ret
+endfunc cortex_matterhorn_elp_arm_core_pwr_dwn
+
+ /*
+ * Errata printing function for Cortex Matterhorn_elp_arm. Must follow AAPCS.
+ */
+#if REPORT_ERRATA
+func cortex_matterhorn_elp_arm_errata_report
+ ret
+endfunc cortex_matterhorn_elp_arm_errata_report
+#endif
+
+func cortex_matterhorn_elp_arm_reset_func
+ /* Disable speculative loads */
+ msr SSBS, xzr
+ isb
+ ret
+endfunc cortex_matterhorn_elp_arm_reset_func
+
+ /* ---------------------------------------------
+ * This function provides Cortex-Matterhorn_elp_arm specific
+ * register information for crash reporting.
+ * It needs to return with x6 pointing to
+ * a list of register names in ascii and
+ * x8 - x15 having values of registers to be
+ * reported.
+ * ---------------------------------------------
+ */
+.section .rodata.cortex_matterhorn_elp_arm_regs, "aS"
+cortex_matterhorn_elp_arm_regs: /* The ascii list of register names to be reported */
+ .asciz "cpuectlr_el1", ""
+
+func cortex_matterhorn_elp_arm_cpu_reg_dump
+ adr x6, cortex_matterhorn_elp_arm_regs
+ mrs x8, CORTEX_MATTERHORN_ELP_ARM_CPUECTLR_EL1
+ ret
+endfunc cortex_matterhorn_elp_arm_cpu_reg_dump
+
+declare_cpu_ops cortex_matterhorn_elp_arm, CORTEX_MATTERHORN_ELP_ARM_MIDR, \
+ cortex_matterhorn_elp_arm_reset_func, \
+ cortex_matterhorn_elp_arm_core_pwr_dwn
diff --git a/plat/arm/board/fvp/fdts/fvp_spmc_manifest.dts b/plat/arm/board/fvp/fdts/fvp_spmc_manifest.dts
index f4805db..4838396 100644
--- a/plat/arm/board/fvp/fdts/fvp_spmc_manifest.dts
+++ b/plat/arm/board/fvp/fdts/fvp_spmc_manifest.dts
@@ -47,7 +47,7 @@
is_ffa_partition;
debug_name = "cactus-tertiary";
load_address = <0x7200000>;
- vcpu_count = <8>;
+ vcpu_count = <1>;
mem_size = <1048576>;
};
};
diff --git a/plat/arm/board/tc0/platform.mk b/plat/arm/board/tc0/platform.mk
index 393d09c..20ea6e3 100644
--- a/plat/arm/board/tc0/platform.mk
+++ b/plat/arm/board/tc0/platform.mk
@@ -1,4 +1,4 @@
-# Copyright (c) 2020, Arm Limited. All rights reserved.
+# Copyright (c) 2020-2021, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -44,7 +44,8 @@
PLAT_INCLUDES += -I${TC0_BASE}/include/
TC0_CPU_SOURCES := lib/cpus/aarch64/cortex_klein.S \
- lib/cpus/aarch64/cortex_matterhorn.S
+ lib/cpus/aarch64/cortex_matterhorn.S \
+ lib/cpus/aarch64/cortex_matterhorn_elp_arm.S
INTERCONNECT_SOURCES := ${TC0_BASE}/tc0_interconnect.c
diff --git a/plat/arm/common/arm_bl31_setup.c b/plat/arm/common/arm_bl31_setup.c
index 81ef6e7..6dd4587 100644
--- a/plat/arm/common/arm_bl31_setup.c
+++ b/plat/arm/common/arm_bl31_setup.c
@@ -156,19 +156,6 @@
bl33_image_ep_info.args.arg0 = (u_register_t)ARM_DRAM1_BASE;
#endif
-# if ARM_LINUX_KERNEL_AS_BL33
- /*
- * According to the file ``Documentation/arm64/booting.txt`` of the
- * Linux kernel tree, Linux expects the physical address of the device
- * tree blob (DTB) in x0, while x1-x3 are reserved for future use and
- * must be 0.
- */
- bl33_image_ep_info.args.arg0 = (u_register_t)ARM_PRELOADED_DTB_BASE;
- bl33_image_ep_info.args.arg1 = 0U;
- bl33_image_ep_info.args.arg2 = 0U;
- bl33_image_ep_info.args.arg3 = 0U;
-# endif
-
#else /* RESET_TO_BL31 */
/*
@@ -206,6 +193,19 @@
if (bl33_image_ep_info.pc == 0U)
panic();
#endif /* RESET_TO_BL31 */
+
+# if ARM_LINUX_KERNEL_AS_BL33
+ /*
+ * According to the file ``Documentation/arm64/booting.txt`` of the
+ * Linux kernel tree, Linux expects the physical address of the device
+ * tree blob (DTB) in x0, while x1-x3 are reserved for future use and
+ * must be 0.
+ */
+ bl33_image_ep_info.args.arg0 = (u_register_t)ARM_PRELOADED_DTB_BASE;
+ bl33_image_ep_info.args.arg1 = 0U;
+ bl33_image_ep_info.args.arg2 = 0U;
+ bl33_image_ep_info.args.arg3 = 0U;
+# endif
}
void bl31_early_platform_setup2(u_register_t arg0, u_register_t arg1,
diff --git a/plat/arm/common/arm_common.mk b/plat/arm/common/arm_common.mk
index 74afc53..a225b40 100644
--- a/plat/arm/common/arm_common.mk
+++ b/plat/arm/common/arm_common.mk
@@ -86,11 +86,7 @@
$(eval $(call add_define,ARM_LINUX_KERNEL_AS_BL33))
ifeq (${ARM_LINUX_KERNEL_AS_BL33},1)
- ifeq (${ARCH},aarch64)
- ifneq (${RESET_TO_BL31},1)
- $(error "ARM_LINUX_KERNEL_AS_BL33 is only available if RESET_TO_BL31=1.")
- endif
- else
+ ifneq (${ARCH},aarch64)
ifneq (${RESET_TO_SP_MIN},1)
$(error "ARM_LINUX_KERNEL_AS_BL33 is only available if RESET_TO_SP_MIN=1.")
endif
diff --git a/services/std_svc/spmd/spmd_main.c b/services/std_svc/spmd/spmd_main.c
index 6aab558..75981c8 100644
--- a/services/std_svc/spmd/spmd_main.c
+++ b/services/std_svc/spmd/spmd_main.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020-2021, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -164,7 +164,6 @@
for (core_id = 0U; core_id < PLATFORM_CORE_COUNT; core_id++) {
if (core_id != linear_id) {
spm_core_context[core_id].state = SPMC_STATE_OFF;
- spm_core_context[core_id].secondary_ep.entry_point = 0UL;
}
}
@@ -406,13 +405,6 @@
VERBOSE("%s %llx %llx %llx %llx %llx\n", __func__,
msg, parm1, parm2, parm3, parm4);
- switch (msg) {
- case SPMD_DIRECT_MSG_SET_ENTRY_POINT:
- return spmd_pm_secondary_core_set_ep(parm1, parm2, parm3);
- default:
- break;
- }
-
return -EINVAL;
}
@@ -429,6 +421,7 @@
void *handle,
uint64_t flags)
{
+ unsigned int linear_id = plat_my_core_pos();
spmd_spm_core_context_t *ctx = spmd_get_context();
bool secure_origin;
int32_t ret;
@@ -437,10 +430,12 @@
/* Determine which security state this SMC originated from */
secure_origin = is_caller_secure(flags);
- INFO("SPM: 0x%x 0x%llx 0x%llx 0x%llx 0x%llx 0x%llx 0x%llx 0x%llx\n",
- smc_fid, x1, x2, x3, x4, SMC_GET_GP(handle, CTX_GPREG_X5),
- SMC_GET_GP(handle, CTX_GPREG_X6),
- SMC_GET_GP(handle, CTX_GPREG_X7));
+ VERBOSE("SPM(%u): 0x%x 0x%llx 0x%llx 0x%llx 0x%llx "
+ "0x%llx 0x%llx 0x%llx\n",
+ linear_id, smc_fid, x1, x2, x3, x4,
+ SMC_GET_GP(handle, CTX_GPREG_X5),
+ SMC_GET_GP(handle, CTX_GPREG_X6),
+ SMC_GET_GP(handle, CTX_GPREG_X7));
switch (smc_fid) {
case FFA_ERROR:
@@ -533,6 +528,28 @@
break; /* not reached */
+ case FFA_SECONDARY_EP_REGISTER_SMC64:
+ if (secure_origin) {
+ ret = spmd_pm_secondary_ep_register(x1);
+
+ if (ret < 0) {
+ SMC_RET8(handle, FFA_ERROR_SMC64,
+ FFA_TARGET_INFO_MBZ, ret,
+ FFA_PARAM_MBZ, FFA_PARAM_MBZ,
+ FFA_PARAM_MBZ, FFA_PARAM_MBZ,
+ FFA_PARAM_MBZ);
+ } else {
+ SMC_RET8(handle, FFA_SUCCESS_SMC64,
+ FFA_TARGET_INFO_MBZ, FFA_PARAM_MBZ,
+ FFA_PARAM_MBZ, FFA_PARAM_MBZ,
+ FFA_PARAM_MBZ, FFA_PARAM_MBZ,
+ FFA_PARAM_MBZ);
+ }
+ }
+
+ return spmd_ffa_error_return(handle, FFA_ERROR_NOT_SUPPORTED);
+ break; /* Not reached */
+
case FFA_MSG_SEND_DIRECT_REQ_SMC32:
if (secure_origin && spmd_is_spmc_message(x1)) {
ret = spmd_handle_spmc_message(x3, x4,
diff --git a/services/std_svc/spmd/spmd_pm.c b/services/std_svc/spmd/spmd_pm.c
index 5433e5d..074609c 100644
--- a/services/std_svc/spmd/spmd_pm.c
+++ b/services/std_svc/spmd/spmd_pm.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020-2021, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,8 +7,15 @@
#include <assert.h>
#include <errno.h>
#include <lib/el3_runtime/context_mgmt.h>
+#include <lib/spinlock.h>
#include "spmd_private.h"
+static struct {
+ bool secondary_ep_locked;
+ uintptr_t secondary_ep;
+ spinlock_t lock;
+} g_spmd_pm;
+
/*******************************************************************************
* spmd_build_spmc_message
*
@@ -25,16 +32,16 @@
}
/*******************************************************************************
- * spmd_pm_secondary_core_set_ep
+ * spmd_pm_secondary_ep_register
******************************************************************************/
-int spmd_pm_secondary_core_set_ep(unsigned long long mpidr,
- uintptr_t entry_point, unsigned long long context)
+int spmd_pm_secondary_ep_register(uintptr_t entry_point)
{
- int id = plat_core_pos_by_mpidr(mpidr);
+ int ret = FFA_ERROR_INVALID_PARAMETER;
- if ((id < 0) || ((unsigned int)id >= PLATFORM_CORE_COUNT)) {
- ERROR("%s inconsistent MPIDR (%llx)\n", __func__, mpidr);
- return -EINVAL;
+ spin_lock(&g_spmd_pm.lock);
+
+ if (g_spmd_pm.secondary_ep_locked == true) {
+ goto out;
}
/*
@@ -42,27 +49,22 @@
* load_address <= entry_point < load_address + binary_size
*/
if (!spmd_check_address_in_binary_image(entry_point)) {
- ERROR("%s entry point is not within image boundaries (%llx)\n",
- __func__, mpidr);
- return -EINVAL;
+ ERROR("%s entry point is not within image boundaries\n",
+ __func__);
+ goto out;
}
- spmd_spm_core_context_t *ctx = spmd_get_context_by_mpidr(mpidr);
- spmd_pm_secondary_ep_t *secondary_ep = &ctx->secondary_ep;
- if (secondary_ep->locked) {
- ERROR("%s entry locked (%llx)\n", __func__, mpidr);
- return -EINVAL;
- }
+ g_spmd_pm.secondary_ep = entry_point;
+ g_spmd_pm.secondary_ep_locked = true;
- /* Fill new entry to corresponding secondary core id and lock it */
- secondary_ep->entry_point = entry_point;
- secondary_ep->context = context;
- secondary_ep->locked = true;
+ VERBOSE("%s %lx\n", __func__, entry_point);
- VERBOSE("%s %d %llx %lx %llx\n",
- __func__, id, mpidr, entry_point, context);
+ ret = 0;
- return 0;
+out:
+ spin_unlock(&g_spmd_pm.lock);
+
+ return ret;
}
/*******************************************************************************
@@ -82,18 +84,20 @@
assert(ctx->state != SPMC_STATE_ON);
assert(spmc_ep_info != NULL);
+ spin_lock(&g_spmd_pm.lock);
+
/*
- * TODO: this might require locking the spmc_ep_info structure,
- * or provisioning one structure per cpu
+ * Leave the possibility that the SPMC does not call
+ * FFA_SECONDARY_EP_REGISTER in which case re-use the
+ * primary core address for booting secondary cores.
*/
- if (ctx->secondary_ep.entry_point == 0UL) {
- goto exit;
+ if (g_spmd_pm.secondary_ep_locked == true) {
+ spmc_ep_info->pc = g_spmd_pm.secondary_ep;
}
- spmc_ep_info->pc = ctx->secondary_ep.entry_point;
+ spin_unlock(&g_spmd_pm.lock);
+
cm_setup_context(&ctx->cpu_ctx, spmc_ep_info);
- write_ctx_reg(get_gpregs_ctx(&ctx->cpu_ctx), CTX_GPREG_X0,
- ctx->secondary_ep.context);
/* Mark CPU as initiating ON operation */
ctx->state = SPMC_STATE_ON_PENDING;
@@ -106,7 +110,6 @@
return;
}
-exit:
ctx->state = SPMC_STATE_ON;
VERBOSE("CPU %u on!\n", linear_id);
@@ -124,10 +127,6 @@
assert(ctx != NULL);
assert(ctx->state != SPMC_STATE_OFF);
- if (ctx->secondary_ep.entry_point == 0UL) {
- goto exit;
- }
-
/* Build an SPMD to SPMC direct message request. */
spmd_build_spmc_message(get_gpregs_ctx(&ctx->cpu_ctx), PSCI_CPU_OFF);
@@ -136,9 +135,15 @@
ERROR("%s failed (%llu) on CPU%u\n", __func__, rc, linear_id);
}
- /* TODO expect FFA_DIRECT_MSG_RESP returned from SPMC */
+ /* Expect a direct message response from the SPMC. */
+ u_register_t ffa_resp_func = read_ctx_reg(get_gpregs_ctx(&ctx->cpu_ctx),
+ CTX_GPREG_X0);
+ if (ffa_resp_func != FFA_MSG_SEND_DIRECT_RESP_SMC32) {
+ ERROR("%s invalid SPMC response (%lx).\n",
+ __func__, ffa_resp_func);
+ return -EINVAL;
+ }
-exit:
ctx->state = SPMC_STATE_OFF;
VERBOSE("CPU %u off!\n", linear_id);
diff --git a/services/std_svc/spmd/spmd_private.h b/services/std_svc/spmd/spmd_private.h
index eff0dd9..6d51a58 100644
--- a/services/std_svc/spmd/spmd_private.h
+++ b/services/std_svc/spmd/spmd_private.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2019-2021, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -42,12 +42,6 @@
SPMC_STATE_ON
} spmc_state_t;
-typedef struct spmd_pm_secondary_ep {
- uintptr_t entry_point;
- uintptr_t context;
- bool locked;
-} spmd_pm_secondary_ep_t;
-
/*
* Data structure used by the SPM dispatcher (SPMD) in EL3 to track context of
* the SPM core (SPMC) at the next lower EL.
@@ -56,7 +50,6 @@
uint64_t c_rt_ctx;
cpu_context_t cpu_ctx;
spmc_state_t state;
- spmd_pm_secondary_ep_t secondary_ep;
} spmd_spm_core_context_t;
/*
@@ -69,7 +62,6 @@
#define SPMC_SECURE_ID_SHIFT U(15)
#define SPMD_DIRECT_MSG_ENDPOINT_ID U(FFA_ENDPOINT_ID_MAX - 1)
-#define SPMD_DIRECT_MSG_SET_ENTRY_POINT U(1)
/* Functions used to enter/exit SPMC synchronously */
uint64_t spmd_spm_core_sync_entry(spmd_spm_core_context_t *ctx);
@@ -94,8 +86,7 @@
/* SPMC context on current CPU get helper */
spmd_spm_core_context_t *spmd_get_context(void);
-int spmd_pm_secondary_core_set_ep(unsigned long long mpidr,
- uintptr_t entry_point, unsigned long long context);
+int spmd_pm_secondary_ep_register(uintptr_t entry_point);
bool spmd_check_address_in_binary_image(uint64_t address);
#endif /* __ASSEMBLER__ */