Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / android / bootable / bootloader / edk2 / 6f711615bacf7ce3bc42507cba87bc0adcda0461 / . / ArmPlatformPkg / Sec / Sec.c
blob: 52fa53a6475ac28cef14194a4348078639a753cd [file] [log] [blame]
oliviermartin1e57a462013-01-25 11:28:06 +0000[diff] [blame]1/** @file
2* Main file supporting the SEC Phase on ARM Platforms
3*
4* Copyright (c) 2011-2012, ARM Limited. All rights reserved.
5*
6* This program and the accompanying materials
7* are licensed and made available under the terms and conditions of the BSD License
8* which accompanies this distribution. The full text of the license may be found at
9* http://opensource.org/licenses/bsd-license.php
10*
11* THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
12* WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
13*
14**/
15
16#include <Library/ArmTrustedMonitorLib.h>
17#include <Library/DebugAgentLib.h>
18#include <Library/PrintLib.h>
19#include <Library/BaseMemoryLib.h>
20#include <Library/SerialPortLib.h>
21#include <Library/ArmGicLib.h>
22
23#include "SecInternal.h"
24
25#define SerialPrint(txt) SerialPortWrite ((UINT8*)txt, AsciiStrLen(txt)+1);
26
27VOID
28CEntryPoint (
29 IN UINTN MpId,
30 IN UINTN SecBootMode
31 )
32{
33 CHAR8 Buffer[100];
34 UINTN CharCount;
35 UINTN JumpAddress;
36
37 // Invalidate the data cache. Doesn't have to do the Data cache clean.
oliviermartin6f711612013-03-12 00:45:29 +0000[diff] [blame^]38 ArmInvalidateDataCache ();
oliviermartin1e57a462013-01-25 11:28:06 +0000[diff] [blame]39
40 // Invalidate Instruction Cache
oliviermartin6f711612013-03-12 00:45:29 +0000[diff] [blame^]41 ArmInvalidateInstructionCache ();
oliviermartin1e57a462013-01-25 11:28:06 +0000[diff] [blame]42
43 // Invalidate I & D TLBs
oliviermartin6f711612013-03-12 00:45:29 +0000[diff] [blame^]44 ArmInvalidateInstructionAndDataTlb ();
oliviermartin1e57a462013-01-25 11:28:06 +0000[diff] [blame]45
46 // CPU specific settings
47 ArmCpuSetup (MpId);
48
49 // Enable Floating Point Coprocessor if supported by the platform
50 if (FixedPcdGet32 (PcdVFPEnabled)) {
oliviermartin6f711612013-03-12 00:45:29 +0000[diff] [blame^]51 ArmEnableVFP ();
oliviermartin1e57a462013-01-25 11:28:06 +0000[diff] [blame]52 }
53
54 // Initialize peripherals that must be done at the early stage
55 // Example: Some L2 controller, interconnect, clock, DMC, etc
56 ArmPlatformSecInitialize (MpId);
57
58 // Primary CPU clears out the SCU tag RAMs, secondaries wait
59 if (IS_PRIMARY_CORE(MpId) && (SecBootMode == ARM_SEC_COLD_BOOT)) {
60 if (ArmIsMpCore()) {
61 // Signal for the initial memory is configured (event: BOOT_MEM_INIT)
62 ArmCallSEV ();
63 }
64
65 // SEC phase needs to run library constructors by hand. This assumes we are linked against the SerialLib
66 // In non SEC modules the init call is in autogenerated code.
67 SerialPortInitialize ();
68
69 // Start talking
70 if (FixedPcdGetBool (PcdTrustzoneSupport)) {
71 CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Secure firmware (version %s built at %a on %a)\n\r",
72 (CHAR16*)PcdGetPtr(PcdFirmwareVersionString), __TIME__, __DATE__);
73 } else {
74 CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Boot firmware (version %s built at %a on %a)\n\r",
75 (CHAR16*)PcdGetPtr(PcdFirmwareVersionString), __TIME__, __DATE__);
76 }
77 SerialPortWrite ((UINT8 *) Buffer, CharCount);
78
79 // Initialize the Debug Agent for Source Level Debugging
80 InitializeDebugAgent (DEBUG_AGENT_INIT_PREMEM_SEC, NULL, NULL);
81 SaveAndSetDebugTimerInterrupt (TRUE);
82
83 // Enable the GIC distributor and CPU Interface
84 // - no other Interrupts are enabled, doesn't have to worry about the priority.
85 // - all the cores are in secure state, use secure SGI's
86 ArmGicEnableDistributor (PcdGet32(PcdGicDistributorBase));
87 ArmGicEnableInterruptInterface (PcdGet32(PcdGicInterruptInterfaceBase));
88 } else {
89 // Enable the GIC CPU Interface
90 ArmGicEnableInterruptInterface (PcdGet32(PcdGicInterruptInterfaceBase));
91 }
92
93 // Enable Full Access to CoProcessors
94 ArmWriteCpacr (CPACR_CP_FULL_ACCESS);
95
96 // Test if Trustzone is supported on this platform
97 if (FixedPcdGetBool (PcdTrustzoneSupport)) {
oliviermartin6f711612013-03-12 00:45:29 +0000[diff] [blame^]98 if (ArmIsMpCore ()) {
oliviermartin1e57a462013-01-25 11:28:06 +0000[diff] [blame]99 // Setup SMP in Non Secure world
100 ArmCpuSetupSmpNonSecure (GET_CORE_ID(MpId));
101 }
102
103 // Either we use the Secure Stacks for Secure Monitor (in this case (Base == 0) && (Size == 0))
104 // Or we use separate Secure Monitor stacks (but (Base != 0) && (Size != 0))
105 ASSERT (((PcdGet32(PcdCPUCoresSecMonStackBase) == 0) && (PcdGet32(PcdCPUCoreSecMonStackSize) == 0)) ||
106 ((PcdGet32(PcdCPUCoresSecMonStackBase) != 0) && (PcdGet32(PcdCPUCoreSecMonStackSize) != 0)));
107
108 // Enter Monitor Mode
109 enter_monitor_mode ((UINTN)TrustedWorldInitialization, MpId, SecBootMode, (VOID*)(PcdGet32(PcdCPUCoresSecMonStackBase) + (PcdGet32(PcdCPUCoreSecMonStackSize) * (GET_CORE_POS(MpId) + 1))));
110 } else {
111 if (IS_PRIMARY_CORE(MpId)) {
112 SerialPrint ("Trust Zone Configuration is disabled\n\r");
113 }
114
115 // With Trustzone support the transition from Sec to Normal world is done by return_from_exception().
116 // If we want to keep this function call we need to ensure the SVC's SPSR point to the same Program
117 // Status Register as the the current one (CPSR).
118 copy_cpsr_into_spsr ();
119
120 // Call the Platform specific function to execute additional actions if required
121 JumpAddress = PcdGet32 (PcdFvBaseAddress);
122 ArmPlatformSecExtraAction (MpId, &JumpAddress);
123
124 NonTrustedWorldTransition (MpId, JumpAddress);
125 }
126 ASSERT (0); // We must never return from the above function
127}
128
129VOID
130TrustedWorldInitialization (
131 IN UINTN MpId,
132 IN UINTN SecBootMode
133 )
134{
135 UINTN JumpAddress;
136
137 //-------------------- Monitor Mode ---------------------
138
139 // Set up Monitor World (Vector Table, etc)
140 ArmSecureMonitorWorldInitialize ();
141
142 // Transfer the interrupt to Non-secure World
143 ArmGicSetupNonSecure (MpId, PcdGet32(PcdGicDistributorBase), PcdGet32(PcdGicInterruptInterfaceBase));
144
145 // Initialize platform specific security policy
146 ArmPlatformSecTrustzoneInit (MpId);
147
148 // Setup the Trustzone Chipsets
149 if (SecBootMode == ARM_SEC_COLD_BOOT) {
150 if (IS_PRIMARY_CORE(MpId)) {
151 if (ArmIsMpCore()) {
152 // Signal the secondary core the Security settings is done (event: EVENT_SECURE_INIT)
153 ArmCallSEV ();
154 }
155 } else {
156 // The secondary cores need to wait until the Trustzone chipsets configuration is done
157 // before switching to Non Secure World
158
159 // Wait for the Primary Core to finish the initialization of the Secure World (event: EVENT_SECURE_INIT)
160 ArmCallWFE ();
161 }
162 }
163
164 // Call the Platform specific function to execute additional actions if required
165 JumpAddress = PcdGet32 (PcdFvBaseAddress);
166 ArmPlatformSecExtraAction (MpId, &JumpAddress);
167
168 // Write to CP15 Non-secure Access Control Register
169 ArmWriteNsacr (PcdGet32 (PcdArmNsacr));
170
171 // CP15 Secure Configuration Register
172 ArmWriteScr (PcdGet32 (PcdArmScr));
173
174 NonTrustedWorldTransition (MpId, JumpAddress);
175}
176
177VOID
178NonTrustedWorldTransition (
179 IN UINTN MpId,
180 IN UINTN JumpAddress
181 )
182{
183 // If PcdArmNonSecModeTransition is defined then set this specific mode to CPSR before the transition
184 // By not set, the mode for Non Secure World is SVC
185 if (PcdGet32 (PcdArmNonSecModeTransition) != 0) {
186 set_non_secure_mode ((ARM_PROCESSOR_MODE)PcdGet32 (PcdArmNonSecModeTransition));
187 }
188
189 return_from_exception (JumpAddress);
190 //-------------------- Non Secure Mode ---------------------
191
192 // PEI Core should always load and never return
193 ASSERT (FALSE);
194}
195