[mirror_edk2.git] / ArmPlatformPkg / Sec / Sec.c

/** @file
*  Main file supporting the SEC Phase on ARM Platforms
*
*  Copyright (c) 2011, ARM Limited. All rights reserved.
*  
*  This program and the accompanying materials                          
*  are licensed and made available under the terms and conditions of the BSD License         
*  which accompanies this distribution.  The full text of the license may be found at        
*  http://opensource.org/licenses/bsd-license.php                                            
*
*  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,                     
*  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.             
*
**/

#include <Library/DebugAgentLib.h>
#include <Library/PcdLib.h>
#include <Library/PrintLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/ArmLib.h>
#include <Library/SerialPortLib.h>
#include <Library/ArmPlatformLib.h>
#include <Library/ArmGicLib.h>

#include "SecInternal.h"

#define SerialPrint(txt)  SerialPortWrite ((UINT8*)txt, AsciiStrLen(txt)+1);

extern VOID *monitor_vector_table;

VOID
CEntryPoint (
  IN  UINTN                     MpId
  )
{
  CHAR8           Buffer[100];
  UINTN           CharCount;
  UINTN           JumpAddress;

  // Primary CPU clears out the SCU tag RAMs, secondaries wait
  if (IS_PRIMARY_CORE(MpId)) {
    if (FixedPcdGet32(PcdMPCoreSupport)) {
      ArmInvalidScu ();
    }

    // SEC phase needs to run library constructors by hand. This assumes we are linked against the SerialLib
    // In non SEC modules the init call is in autogenerated code.
    SerialPortInitialize ();

    // Start talking
    CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"UEFI firmware built at %a on %a\n\r",__TIME__, __DATE__);
    SerialPortWrite ((UINT8 *) Buffer, CharCount);

    // Initialize the Debug Agent for Source Level Debugging
    InitializeDebugAgent (DEBUG_AGENT_INIT_PREMEM_SEC, NULL, NULL);
    SaveAndSetDebugTimerInterrupt (TRUE);

    // Now we've got UART, make the check:
    // - The Vector table must be 32-byte aligned
    ASSERT(((UINT32)SecVectorTable & ((1 << 5)-1)) == 0);
  }

  // Invalidate the data cache. Doesn't have to do the Data cache clean.
  ArmInvalidateDataCache();

  // Invalidate Instruction Cache
  ArmInvalidateInstructionCache();

  // Invalidate I & D TLBs
  ArmInvalidateInstructionAndDataTlb();

  // Enable Full Access to CoProcessors
  ArmWriteCPACR (CPACR_CP_FULL_ACCESS);

  // Enable SWP instructions
  ArmEnableSWPInstruction ();

  // Enable program flow prediction, if supported.
  ArmEnableBranchPrediction ();

  if (FixedPcdGet32(PcdVFPEnabled)) {
    ArmEnableVFP();
  }

  if (IS_PRIMARY_CORE(MpId)) {
    // Initialize peripherals that must be done at the early stage
    // Example: Some L2x0 controllers must be initialized in Secure World
    ArmPlatformSecInitialize ();

    // If we skip the PEI Core we could want to initialize the DRAM in the SEC phase.
    // If we are in standalone, we need the initialization to copy the UEFI firmware into DRAM
    if (FeaturePcdGet(PcdSystemMemoryInitializeInSec)) {
      // Initialize system memory (DRAM)
      ArmPlatformInitializeSystemMemory ();
    }

    // Some platform can change their physical memory mapping
    ArmPlatformBootRemapping ();
  }

  // Test if Trustzone is supported on this platform
  if (ArmPlatformTrustzoneSupported ()) {
    // Ensure the Monitor Stack Base & Size have been set
    ASSERT(PcdGet32(PcdCPUCoresSecMonStackBase) != 0);
    ASSERT(PcdGet32(PcdCPUCoreSecMonStackSize) != 0);

    if (FixedPcdGet32(PcdMPCoreSupport)) {
      // Setup SMP in Non Secure world
      ArmSetupSmpNonSecure (GET_CORE_ID(MpId));
    }

    // Enter Monitor Mode
    enter_monitor_mode ((VOID*)(PcdGet32(PcdCPUCoresSecMonStackBase) + (PcdGet32(PcdCPUCoreSecMonStackSize) * GET_CORE_POS(MpId))));

    //Write the monitor mode vector table address
    ArmWriteVMBar((UINT32) &monitor_vector_table);

    //-------------------- Monitor Mode ---------------------
    // Setup the Trustzone Chipsets
    if (IS_PRIMARY_CORE(MpId)) {
      ArmPlatformTrustzoneInit ();

      // Wake up the secondary cores by sending a interrupt to everyone else
      // NOTE 1: The Software Generated Interrupts are always enabled on Cortex-A9
      //         MPcore test chip on Versatile Express board, So the Software doesn't have to
      //         enable SGI's explicitly.
      //      2: As no other Interrupts are enabled,  doesn't have to worry about the priority.
      //      3: As all the cores are in secure state, use secure SGI's
      //

      ArmGicEnableDistributor (PcdGet32(PcdGicDistributorBase));
      ArmGicEnableInterruptInterface (PcdGet32(PcdGicInterruptInterfaceBase));

      // Send SGI to all Secondary core to wake them up from WFI state.
      ArmGicSendSgiTo (PcdGet32(PcdGicDistributorBase), ARM_GIC_ICDSGIR_FILTER_EVERYONEELSE, 0x0E);
    } else {
      // The secondary cores need to wait until the Trustzone chipsets configuration is done
      // before switching to Non Secure World

      // Enabled GIC CPU Interface
      ArmGicEnableInterruptInterface (PcdGet32(PcdGicInterruptInterfaceBase));

      // Waiting for the SGI from the primary core
      ArmCallWFI();

      // Acknowledge the interrupt and send End of Interrupt signal.
      ArmGicAcknowledgeSgiFrom (PcdGet32(PcdGicInterruptInterfaceBase), PRIMARY_CORE_ID);
    }

    // Transfer the interrupt to Non-secure World
    ArmGicSetupNonSecure (PcdGet32(PcdGicDistributorBase),PcdGet32(PcdGicInterruptInterfaceBase));

    // Write to CP15 Non-secure Access Control Register :
    //   - Enable CP10 and CP11 accesses in NS World
    //   - Enable Access to Preload Engine in NS World
    //   - Enable lockable TLB entries allocation in NS world
    //   - Enable R/W access to SMP bit of Auxiliary Control Register in NS world
    ArmWriteNsacr (NSACR_NS_SMP | NSACR_TL | NSACR_PLE | NSACR_CP(10) | NSACR_CP(11));

    // CP15 Secure Configuration Register with Non Secure bit (SCR_NS), CPSR.A modified in any
    // security state (SCR_AW), CPSR.F modified in any security state (SCR_FW)
    ArmWriteScr (SCR_NS | SCR_FW | SCR_AW);
  } else {
    if (IS_PRIMARY_CORE(MpId)) {
      SerialPrint ("Trust Zone Configuration is disabled\n\r");
    }

    // Trustzone is not enabled, just enable the Distributor and CPU interface
    if (IS_PRIMARY_CORE(MpId)) {
      ArmGicEnableDistributor (PcdGet32(PcdGicDistributorBase));
    }
    ArmGicEnableInterruptInterface (PcdGet32(PcdGicInterruptInterfaceBase));

    // With Trustzone support the transition from Sec to Normal world is done by return_from_exception().
    // If we want to keep this function call we need to ensure the SVC's SPSR point to the same Program
    // Status Register as the the current one (CPSR).
    copy_cpsr_into_spsr ();
  }

  JumpAddress = PcdGet32 (PcdFvBaseAddress);
  ArmPlatformSecExtraAction (MpId, &JumpAddress);

  return_from_exception (JumpAddress);
  //-------------------- Non Secure Mode ---------------------

  // PEI Core should always load and never return
  ASSERT (FALSE);
}

VOID
SecCommonExceptionEntry (
  IN UINT32 Entry,
  IN UINT32 LR
  )
{
  CHAR8           Buffer[100];
  UINTN           CharCount;

  switch (Entry) {
  case 0:
    CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Reset Exception at 0x%X\n\r",LR);
    break;
  case 1:
    CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Undefined Exception at 0x%X\n\r",LR);
    break;
  case 2:
    CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"SWI Exception at 0x%X\n\r",LR);
    break;
  case 3:
    CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"PrefetchAbort Exception at 0x%X\n\r",LR);
    break;
  case 4:
    CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"DataAbort Exception at 0x%X\n\r",LR);
    break;
  case 5:
    CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Reserved Exception at 0x%X\n\r",LR);
    break;
  case 6:
    CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"IRQ Exception at 0x%X\n\r",LR);
    break;
  case 7:
    CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"FIQ Exception at 0x%X\n\r",LR);
    break;
  default:
    CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Unknown Exception at 0x%X\n\r",LR);
    break;
  }
  SerialPortWrite ((UINT8 *) Buffer, CharCount);
  while(1);
}
Commit	Line	Data
1d5d0ae9	1	/** @file
009f583f	2	* Main file supporting the SEC Phase on ARM Platforms
1d5d0ae9	3	*
	4	* Copyright (c) 2011, ARM Limited. All rights reserved.
	5	*
	6	* This program and the accompanying materials
	7	* are licensed and made available under the terms and conditions of the BSD License
	8	* which accompanies this distribution. The full text of the license may be found at
	9	* http://opensource.org/licenses/bsd-license.php
	10	*
	11	* THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
	12	* WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
	13	*
	14	**/
	15
a6caee65	16	#include <Library/DebugAgentLib.h>
1d5d0ae9	17	#include <Library/PcdLib.h>
2637d1ef	18	#include <Library/PrintLib.h>
1d5d0ae9	19	#include <Library/BaseMemoryLib.h>
1d5d0ae9	20	#include <Library/ArmLib.h>
1d5d0ae9	21	#include <Library/SerialPortLib.h>
1d5d0ae9	22	#include <Library/ArmPlatformLib.h>
55a0d64b	23	#include <Library/ArmGicLib.h>
0620eec9	24
009f583f	25	#include "SecInternal.h"
009f583f	26
e862cd50	27	#define SerialPrint(txt) SerialPortWrite ((UINT8*)txt, AsciiStrLen(txt)+1);
2637d1ef	28
1d5d0ae9	29	extern VOID *monitor_vector_table;
1d5d0ae9	30
1d5d0ae9	31	VOID
1d5d0ae9	32	CEntryPoint (
0787bc61	33	IN UINTN MpId
1d5d0ae9	34	)
1d5d0ae9	35	{
2637d1ef	36	CHAR8 Buffer[100];
2637d1ef	37	UINTN CharCount;
a6caee65	38	UINTN JumpAddress;
2637d1ef	39
1d5d0ae9	40	// Primary CPU clears out the SCU tag RAMs, secondaries wait
0787bc61	41	if (IS_PRIMARY_CORE(MpId)) {
1d5d0ae9	42	if (FixedPcdGet32(PcdMPCoreSupport)) {
009f583f	43	ArmInvalidScu ();
1d5d0ae9	44	}
	45
	46	// SEC phase needs to run library constructors by hand. This assumes we are linked against the SerialLib
	47	// In non SEC modules the init call is in autogenerated code.
	48	SerialPortInitialize ();
2637d1ef	49
1d5d0ae9	50	// Start talking
2637d1ef	51	CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"UEFI firmware built at %a on %a\n\r",__TIME__, __DATE__);
2637d1ef	52	SerialPortWrite ((UINT8 *) Buffer, CharCount);
1d5d0ae9	53
a6caee65	54	// Initialize the Debug Agent for Source Level Debugging
	55	InitializeDebugAgent (DEBUG_AGENT_INIT_PREMEM_SEC, NULL, NULL);
	56	SaveAndSetDebugTimerInterrupt (TRUE);
	57
1d5d0ae9	58	// Now we've got UART, make the check:
	59	// - The Vector table must be 32-byte aligned
	60	ASSERT(((UINT32)SecVectorTable & ((1 << 5)-1)) == 0);
	61	}
	62
	63	// Invalidate the data cache. Doesn't have to do the Data cache clean.
	64	ArmInvalidateDataCache();
	65
009f583f	66	// Invalidate Instruction Cache
1d5d0ae9	67	ArmInvalidateInstructionCache();
1d5d0ae9	68
009f583f	69	// Invalidate I & D TLBs
1d5d0ae9	70	ArmInvalidateInstructionAndDataTlb();
	71
	72	// Enable Full Access to CoProcessors
	73	ArmWriteCPACR (CPACR_CP_FULL_ACCESS);
	74
	75	// Enable SWP instructions
009f583f	76	ArmEnableSWPInstruction ();
1d5d0ae9	77
1d5d0ae9	78	// Enable program flow prediction, if supported.
009f583f	79	ArmEnableBranchPrediction ();
1d5d0ae9	80
	81	if (FixedPcdGet32(PcdVFPEnabled)) {
	82	ArmEnableVFP();
	83	}
	84
0787bc61	85	if (IS_PRIMARY_CORE(MpId)) {
8e06b586	86	// Initialize peripherals that must be done at the early stage
8e06b586	87	// Example: Some L2x0 controllers must be initialized in Secure World
aa01abaa	88	ArmPlatformSecInitialize ();
1d5d0ae9	89
	90	// If we skip the PEI Core we could want to initialize the DRAM in the SEC phase.
	91	// If we are in standalone, we need the initialization to copy the UEFI firmware into DRAM
a6caee65	92	if (FeaturePcdGet(PcdSystemMemoryInitializeInSec)) {
1d5d0ae9	93	// Initialize system memory (DRAM)
1ad14bc8	94	ArmPlatformInitializeSystemMemory ();
1d5d0ae9	95	}
1d5d0ae9	96
0620eec9	97	// Some platform can change their physical memory mapping
1ad14bc8	98	ArmPlatformBootRemapping ();
1d5d0ae9	99	}
	100
	101	// Test if Trustzone is supported on this platform
009f583f	102	if (ArmPlatformTrustzoneSupported ()) {
	103	// Ensure the Monitor Stack Base & Size have been set
	104	ASSERT(PcdGet32(PcdCPUCoresSecMonStackBase) != 0);
	105	ASSERT(PcdGet32(PcdCPUCoreSecMonStackSize) != 0);
	106
1d5d0ae9	107	if (FixedPcdGet32(PcdMPCoreSupport)) {
1d5d0ae9	108	// Setup SMP in Non Secure world
0787bc61	109	ArmSetupSmpNonSecure (GET_CORE_ID(MpId));
1d5d0ae9	110	}
	111
	112	// Enter Monitor Mode
0787bc61	113	enter_monitor_mode ((VOID)(PcdGet32(PcdCPUCoresSecMonStackBase) + (PcdGet32(PcdCPUCoreSecMonStackSize) GET_CORE_POS(MpId))));
1d5d0ae9	114
	115	//Write the monitor mode vector table address
	116	ArmWriteVMBar((UINT32) &monitor_vector_table);
	117
	118	//-------------------- Monitor Mode ---------------------
0620eec9	119	// Setup the Trustzone Chipsets
0787bc61	120	if (IS_PRIMARY_CORE(MpId)) {
009f583f	121	ArmPlatformTrustzoneInit ();
1d5d0ae9	122
	123	// Wake up the secondary cores by sending a interrupt to everyone else
	124	// NOTE 1: The Software Generated Interrupts are always enabled on Cortex-A9
	125	// MPcore test chip on Versatile Express board, So the Software doesn't have to
	126	// enable SGI's explicitly.
	127	// 2: As no other Interrupts are enabled, doesn't have to worry about the priority.
	128	// 3: As all the cores are in secure state, use secure SGI's
	129	//
	130
55a0d64b	131	ArmGicEnableDistributor (PcdGet32(PcdGicDistributorBase));
55a0d64b	132	ArmGicEnableInterruptInterface (PcdGet32(PcdGicInterruptInterfaceBase));
1d5d0ae9	133
1d5d0ae9	134	// Send SGI to all Secondary core to wake them up from WFI state.
55a0d64b	135	ArmGicSendSgiTo (PcdGet32(PcdGicDistributorBase), ARM_GIC_ICDSGIR_FILTER_EVERYONEELSE, 0x0E);
1d5d0ae9	136	} else {
1d5d0ae9	137	// The secondary cores need to wait until the Trustzone chipsets configuration is done
0620eec9	138	// before switching to Non Secure World
1d5d0ae9	139
1d5d0ae9	140	// Enabled GIC CPU Interface
55a0d64b	141	ArmGicEnableInterruptInterface (PcdGet32(PcdGicInterruptInterfaceBase));
1d5d0ae9	142
	143	// Waiting for the SGI from the primary core
	144	ArmCallWFI();
	145
0620eec9	146	// Acknowledge the interrupt and send End of Interrupt signal.
55a0d64b	147	ArmGicAcknowledgeSgiFrom (PcdGet32(PcdGicInterruptInterfaceBase), PRIMARY_CORE_ID);
1d5d0ae9	148	}
	149
	150	// Transfer the interrupt to Non-secure World
55a0d64b	151	ArmGicSetupNonSecure (PcdGet32(PcdGicDistributorBase),PcdGet32(PcdGicInterruptInterfaceBase));
1d5d0ae9	152
	153	// Write to CP15 Non-secure Access Control Register :
	154	// - Enable CP10 and CP11 accesses in NS World
	155	// - Enable Access to Preload Engine in NS World
	156	// - Enable lockable TLB entries allocation in NS world
	157	// - Enable R/W access to SMP bit of Auxiliary Control Register in NS world
009f583f	158	ArmWriteNsacr (NSACR_NS_SMP \| NSACR_TL \| NSACR_PLE \| NSACR_CP(10) \| NSACR_CP(11));
1d5d0ae9	159
	160	// CP15 Secure Configuration Register with Non Secure bit (SCR_NS), CPSR.A modified in any
	161	// security state (SCR_AW), CPSR.F modified in any security state (SCR_FW)
009f583f	162	ArmWriteScr (SCR_NS \| SCR_FW \| SCR_AW);
1d5d0ae9	163	} else {
0787bc61	164	if (IS_PRIMARY_CORE(MpId)) {
2637d1ef	165	SerialPrint ("Trust Zone Configuration is disabled\n\r");
1d5d0ae9	166	}
1d5d0ae9	167
0620eec9	168	// Trustzone is not enabled, just enable the Distributor and CPU interface
0787bc61	169	if (IS_PRIMARY_CORE(MpId)) {
55a0d64b	170	ArmGicEnableDistributor (PcdGet32(PcdGicDistributorBase));
bf7d7a67	171	}
55a0d64b	172	ArmGicEnableInterruptInterface (PcdGet32(PcdGicInterruptInterfaceBase));
1d5d0ae9	173
	174	// With Trustzone support the transition from Sec to Normal world is done by return_from_exception().
	175	// If we want to keep this function call we need to ensure the SVC's SPSR point to the same Program
	176	// Status Register as the the current one (CPSR).
a6caee65	177	copy_cpsr_into_spsr ();
1d5d0ae9	178	}
1d5d0ae9	179
f92b93c9	180	JumpAddress = PcdGet32 (PcdFvBaseAddress);
0787bc61	181	ArmPlatformSecExtraAction (MpId, &JumpAddress);
64e03133	182
a6caee65	183	return_from_exception (JumpAddress);
1d5d0ae9	184	//-------------------- Non Secure Mode ---------------------
	185
	186	// PEI Core should always load and never return
	187	ASSERT (FALSE);
	188	}
	189
2637d1ef	190	VOID
	191	SecCommonExceptionEntry (
	192	IN UINT32 Entry,
	193	IN UINT32 LR
	194	)
	195	{
	196	CHAR8 Buffer[100];
	197	UINTN CharCount;
	198
1d5d0ae9	199	switch (Entry) {
1d5d0ae9	200	case 0:
2637d1ef	201	CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Reset Exception at 0x%X\n\r",LR);
1d5d0ae9	202	break;
1d5d0ae9	203	case 1:
2637d1ef	204	CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Undefined Exception at 0x%X\n\r",LR);
1d5d0ae9	205	break;
1d5d0ae9	206	case 2:
2637d1ef	207	CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"SWI Exception at 0x%X\n\r",LR);
1d5d0ae9	208	break;
1d5d0ae9	209	case 3:
2637d1ef	210	CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"PrefetchAbort Exception at 0x%X\n\r",LR);
1d5d0ae9	211	break;
1d5d0ae9	212	case 4:
2637d1ef	213	CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"DataAbort Exception at 0x%X\n\r",LR);
1d5d0ae9	214	break;
1d5d0ae9	215	case 5:
2637d1ef	216	CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Reserved Exception at 0x%X\n\r",LR);
1d5d0ae9	217	break;
1d5d0ae9	218	case 6:
2637d1ef	219	CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"IRQ Exception at 0x%X\n\r",LR);
1d5d0ae9	220	break;
1d5d0ae9	221	case 7:
2637d1ef	222	CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"FIQ Exception at 0x%X\n\r",LR);
1d5d0ae9	223	break;
1d5d0ae9	224	default:
2637d1ef	225	CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Unknown Exception at 0x%X\n\r",LR);
1d5d0ae9	226	break;
1d5d0ae9	227	}
2637d1ef	228	SerialPortWrite ((UINT8 *) Buffer, CharCount);
1d5d0ae9	229	while(1);
1d5d0ae9	230	}