[mirror_edk2.git] / ArmPlatformPkg / Sec / Sec.c

/** @file
*  Main file supporting the SEC Phase on ARM Platforms
*
*  Copyright (c) 2011, ARM Limited. All rights reserved.
*  
*  This program and the accompanying materials                          
*  are licensed and made available under the terms and conditions of the BSD License         
*  which accompanies this distribution.  The full text of the license may be found at        
*  http://opensource.org/licenses/bsd-license.php                                            
*
*  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,                     
*  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.             
*
**/

#include <Library/DebugAgentLib.h>
#include <Library/PcdLib.h>
#include <Library/PrintLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/ArmLib.h>
#include <Library/SerialPortLib.h>
#include <Library/ArmPlatformLib.h>
#include <Library/ArmGicLib.h>

#include "SecInternal.h"

#define SerialPrint(txt)  SerialPortWrite ((UINT8*)txt, AsciiStrLen(txt)+1);

extern VOID *monitor_vector_table;

VOID
CEntryPoint (
  IN  UINTN                     MpId
  )
{
  CHAR8           Buffer[100];
  UINTN           CharCount;
  UINTN           JumpAddress;

  // Primary CPU clears out the SCU tag RAMs, secondaries wait
  if (IS_PRIMARY_CORE(MpId)) {
    if (FixedPcdGet32(PcdMPCoreSupport)) {
      ArmInvalidScu ();
    }

    // SEC phase needs to run library constructors by hand. This assumes we are linked against the SerialLib
    // In non SEC modules the init call is in autogenerated code.
    SerialPortInitialize ();

    // Start talking
    CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"UEFI firmware built at %a on %a\n\r",__TIME__, __DATE__);
    SerialPortWrite ((UINT8 *) Buffer, CharCount);

    // Initialize the Debug Agent for Source Level Debugging
    InitializeDebugAgent (DEBUG_AGENT_INIT_PREMEM_SEC, NULL, NULL);
    SaveAndSetDebugTimerInterrupt (TRUE);

    // Now we've got UART, make the check:
    // - The Vector table must be 32-byte aligned
    ASSERT(((UINT32)SecVectorTable & ((1 << 5)-1)) == 0);
  }

  // Invalidate the data cache. Doesn't have to do the Data cache clean.
  ArmInvalidateDataCache();

  // Invalidate Instruction Cache
  ArmInvalidateInstructionCache();

  // Invalidate I & D TLBs
  ArmInvalidateInstructionAndDataTlb();

  // Enable Full Access to CoProcessors
  ArmWriteCPACR (CPACR_CP_FULL_ACCESS);

  // Enable SWP instructions
  ArmEnableSWPInstruction ();

  // Enable program flow prediction, if supported.
  ArmEnableBranchPrediction ();

  if (FixedPcdGet32(PcdVFPEnabled)) {
    ArmEnableVFP();
  }

  if (IS_PRIMARY_CORE(MpId)) {
    // Initialize peripherals that must be done at the early stage
    // Example: Some L2x0 controllers must be initialized in Secure World
    ArmPlatformSecInitialize ();

    // If we skip the PEI Core we could want to initialize the DRAM in the SEC phase.
    // If we are in standalone, we need the initialization to copy the UEFI firmware into DRAM
    if (FeaturePcdGet(PcdSystemMemoryInitializeInSec)) {
      // Initialize system memory (DRAM)
      ArmPlatformInitializeSystemMemory ();
    }

    // Some platform can change their physical memory mapping
    ArmPlatformBootRemapping ();
  }

  // Test if Trustzone is supported on this platform
  if (ArmPlatformTrustzoneSupported ()) {
    // Ensure the Monitor Stack Base & Size have been set
    ASSERT(PcdGet32(PcdCPUCoresSecMonStackBase) != 0);
    ASSERT(PcdGet32(PcdCPUCoreSecMonStackSize) != 0);

    if (FixedPcdGet32(PcdMPCoreSupport)) {
      // Setup SMP in Non Secure world
      ArmSetupSmpNonSecure (GET_CORE_ID(MpId));
    }

    // Enter Monitor Mode
    enter_monitor_mode ((VOID*)(PcdGet32(PcdCPUCoresSecMonStackBase) + (PcdGet32(PcdCPUCoreSecMonStackSize) * GET_CORE_POS(MpId))));

    //Write the monitor mode vector table address
    ArmWriteVMBar((UINT32) &monitor_vector_table);

    //-------------------- Monitor Mode ---------------------
    // Setup the Trustzone Chipsets
    if (IS_PRIMARY_CORE(MpId)) {
      ArmPlatformTrustzoneInit ();

      // Wake up the secondary cores by sending a interrupt to everyone else
      // NOTE 1: The Software Generated Interrupts are always enabled on Cortex-A9
      //         MPcore test chip on Versatile Express board, So the Software doesn't have to
      //         enable SGI's explicitly.
      //      2: As no other Interrupts are enabled,  doesn't have to worry about the priority.
      //      3: As all the cores are in secure state, use secure SGI's
      //

      ArmGicEnableDistributor (PcdGet32(PcdGicDistributorBase));
      ArmGicEnableInterruptInterface (PcdGet32(PcdGicInterruptInterfaceBase));

      // Send SGI to all Secondary core to wake them up from WFI state.
      ArmGicSendSgiTo (PcdGet32(PcdGicDistributorBase), ARM_GIC_ICDSGIR_FILTER_EVERYONEELSE, 0x0E);
    } else {
      // The secondary cores need to wait until the Trustzone chipsets configuration is done
      // before switching to Non Secure World

      // Enabled GIC CPU Interface
      ArmGicEnableInterruptInterface (PcdGet32(PcdGicInterruptInterfaceBase));

      // Waiting for the SGI from the primary core
      ArmCallWFI();

      // Acknowledge the interrupt and send End of Interrupt signal.
      ArmGicAcknowledgeSgiFrom (PcdGet32(PcdGicInterruptInterfaceBase), PRIMARY_CORE_ID);
    }

    // Transfer the interrupt to Non-secure World
    ArmGicSetupNonSecure (PcdGet32(PcdGicDistributorBase),PcdGet32(PcdGicInterruptInterfaceBase));

    // Write to CP15 Non-secure Access Control Register :
    //   - Enable CP10 and CP11 accesses in NS World
    //   - Enable Access to Preload Engine in NS World
    //   - Enable lockable TLB entries allocation in NS world
    //   - Enable R/W access to SMP bit of Auxiliary Control Register in NS world
    ArmWriteNsacr (NSACR_NS_SMP | NSACR_TL | NSACR_PLE | NSACR_CP(10) | NSACR_CP(11));

    // CP15 Secure Configuration Register with Non Secure bit (SCR_NS), CPSR.A modified in any
    // security state (SCR_AW), CPSR.F modified in any security state (SCR_FW)
    ArmWriteScr (SCR_NS | SCR_FW | SCR_AW);
  } else {
    if (IS_PRIMARY_CORE(MpId)) {
      SerialPrint ("Trust Zone Configuration is disabled\n\r");
    }

    // Trustzone is not enabled, just enable the Distributor and CPU interface
    if (IS_PRIMARY_CORE(MpId)) {
      ArmGicEnableDistributor (PcdGet32(PcdGicDistributorBase));
    }
    ArmGicEnableInterruptInterface (PcdGet32(PcdGicInterruptInterfaceBase));

    // With Trustzone support the transition from Sec to Normal world is done by return_from_exception().
    // If we want to keep this function call we need to ensure the SVC's SPSR point to the same Program
    // Status Register as the the current one (CPSR).
    copy_cpsr_into_spsr ();
  }

  JumpAddress = PcdGet32 (PcdFvBaseAddress);
  ArmPlatformSecExtraAction (MpId, &JumpAddress);

  return_from_exception (JumpAddress);
  //-------------------- Non Secure Mode ---------------------

  // PEI Core should always load and never return
  ASSERT (FALSE);
}

VOID
SecCommonExceptionEntry (
  IN UINT32 Entry,
  IN UINT32 LR
  )
{
  CHAR8           Buffer[100];
  UINTN           CharCount;

  switch (Entry) {
  case 0:
    CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Reset Exception at 0x%X\n\r",LR);
    break;
  case 1:
    CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Undefined Exception at 0x%X\n\r",LR);
    break;
  case 2:
    CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"SWI Exception at 0x%X\n\r",LR);
    break;
  case 3:
    CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"PrefetchAbort Exception at 0x%X\n\r",LR);
    break;
  case 4:
    CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"DataAbort Exception at 0x%X\n\r",LR);
    break;
  case 5:
    CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Reserved Exception at 0x%X\n\r",LR);
    break;
  case 6:
    CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"IRQ Exception at 0x%X\n\r",LR);
    break;
  case 7:
    CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"FIQ Exception at 0x%X\n\r",LR);
    break;
  default:
    CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Unknown Exception at 0x%X\n\r",LR);
    break;
  }
  SerialPortWrite ((UINT8 *) Buffer, CharCount);
  while(1);
}
Commit	Line	Data
	1	/** @file
	2	* Main file supporting the SEC Phase on ARM Platforms
	3	*
	4	* Copyright (c) 2011, ARM Limited. All rights reserved.
	5	*
	6	* This program and the accompanying materials
	7	* are licensed and made available under the terms and conditions of the BSD License
	8	* which accompanies this distribution. The full text of the license may be found at
	9	* http://opensource.org/licenses/bsd-license.php
	10	*
	11	* THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
	12	* WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
	13	*
	14	**/
	15
	16	#include <Library/DebugAgentLib.h>
	17	#include <Library/PcdLib.h>
	18	#include <Library/PrintLib.h>
	19	#include <Library/BaseMemoryLib.h>
	20	#include <Library/ArmLib.h>
	21	#include <Library/SerialPortLib.h>
	22	#include <Library/ArmPlatformLib.h>
	23	#include <Library/ArmGicLib.h>
	24
	25	#include "SecInternal.h"
	26
	27	#define SerialPrint(txt) SerialPortWrite ((UINT8*)txt, AsciiStrLen(txt)+1);
	28
	29	extern VOID *monitor_vector_table;
	30
	31	VOID
	32	CEntryPoint (
	33	IN UINTN MpId
	34	)
	35	{
	36	CHAR8 Buffer[100];
	37	UINTN CharCount;
	38	UINTN JumpAddress;
	39
	40	// Primary CPU clears out the SCU tag RAMs, secondaries wait
	41	if (IS_PRIMARY_CORE(MpId)) {
	42	if (FixedPcdGet32(PcdMPCoreSupport)) {
	43	ArmInvalidScu ();
	44	}
	45
	46	// SEC phase needs to run library constructors by hand. This assumes we are linked against the SerialLib
	47	// In non SEC modules the init call is in autogenerated code.
	48	SerialPortInitialize ();
	49
	50	// Start talking
	51	CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"UEFI firmware built at %a on %a\n\r",__TIME__, __DATE__);
	52	SerialPortWrite ((UINT8 *) Buffer, CharCount);
	53
	54	// Initialize the Debug Agent for Source Level Debugging
	55	InitializeDebugAgent (DEBUG_AGENT_INIT_PREMEM_SEC, NULL, NULL);
	56	SaveAndSetDebugTimerInterrupt (TRUE);
	57
	58	// Now we've got UART, make the check:
	59	// - The Vector table must be 32-byte aligned
	60	ASSERT(((UINT32)SecVectorTable & ((1 << 5)-1)) == 0);
	61	}
	62
	63	// Invalidate the data cache. Doesn't have to do the Data cache clean.
	64	ArmInvalidateDataCache();
	65
	66	// Invalidate Instruction Cache
	67	ArmInvalidateInstructionCache();
	68
	69	// Invalidate I & D TLBs
	70	ArmInvalidateInstructionAndDataTlb();
	71
	72	// Enable Full Access to CoProcessors
	73	ArmWriteCPACR (CPACR_CP_FULL_ACCESS);
	74
	75	// Enable SWP instructions
	76	ArmEnableSWPInstruction ();
	77
	78	// Enable program flow prediction, if supported.
	79	ArmEnableBranchPrediction ();
	80
	81	if (FixedPcdGet32(PcdVFPEnabled)) {
	82	ArmEnableVFP();
	83	}
	84
	85	if (IS_PRIMARY_CORE(MpId)) {
	86	// Initialize peripherals that must be done at the early stage
	87	// Example: Some L2x0 controllers must be initialized in Secure World
	88	ArmPlatformSecInitialize ();
	89
	90	// If we skip the PEI Core we could want to initialize the DRAM in the SEC phase.
	91	// If we are in standalone, we need the initialization to copy the UEFI firmware into DRAM
	92	if (FeaturePcdGet(PcdSystemMemoryInitializeInSec)) {
	93	// Initialize system memory (DRAM)
	94	ArmPlatformInitializeSystemMemory ();
	95	}
	96
	97	// Some platform can change their physical memory mapping
	98	ArmPlatformBootRemapping ();
	99	}
	100
	101	// Test if Trustzone is supported on this platform
	102	if (ArmPlatformTrustzoneSupported ()) {
	103	// Ensure the Monitor Stack Base & Size have been set
	104	ASSERT(PcdGet32(PcdCPUCoresSecMonStackBase) != 0);
	105	ASSERT(PcdGet32(PcdCPUCoreSecMonStackSize) != 0);
	106
	107	if (FixedPcdGet32(PcdMPCoreSupport)) {
	108	// Setup SMP in Non Secure world
	109	ArmSetupSmpNonSecure (GET_CORE_ID(MpId));
	110	}
	111
	112	// Enter Monitor Mode
	113	enter_monitor_mode ((VOID)(PcdGet32(PcdCPUCoresSecMonStackBase) + (PcdGet32(PcdCPUCoreSecMonStackSize) GET_CORE_POS(MpId))));
	114
	115	//Write the monitor mode vector table address
	116	ArmWriteVMBar((UINT32) &monitor_vector_table);
	117
	118	//-------------------- Monitor Mode ---------------------
	119	// Setup the Trustzone Chipsets
	120	if (IS_PRIMARY_CORE(MpId)) {
	121	ArmPlatformTrustzoneInit ();
	122
	123	// Wake up the secondary cores by sending a interrupt to everyone else
	124	// NOTE 1: The Software Generated Interrupts are always enabled on Cortex-A9
	125	// MPcore test chip on Versatile Express board, So the Software doesn't have to
	126	// enable SGI's explicitly.
	127	// 2: As no other Interrupts are enabled, doesn't have to worry about the priority.
	128	// 3: As all the cores are in secure state, use secure SGI's
	129	//
	130
	131	ArmGicEnableDistributor (PcdGet32(PcdGicDistributorBase));
	132	ArmGicEnableInterruptInterface (PcdGet32(PcdGicInterruptInterfaceBase));
	133
	134	// Send SGI to all Secondary core to wake them up from WFI state.
	135	ArmGicSendSgiTo (PcdGet32(PcdGicDistributorBase), ARM_GIC_ICDSGIR_FILTER_EVERYONEELSE, 0x0E);
	136	} else {
	137	// The secondary cores need to wait until the Trustzone chipsets configuration is done
	138	// before switching to Non Secure World
	139
	140	// Enabled GIC CPU Interface
	141	ArmGicEnableInterruptInterface (PcdGet32(PcdGicInterruptInterfaceBase));
	142
	143	// Waiting for the SGI from the primary core
	144	ArmCallWFI();
	145
	146	// Acknowledge the interrupt and send End of Interrupt signal.
	147	ArmGicAcknowledgeSgiFrom (PcdGet32(PcdGicInterruptInterfaceBase), PRIMARY_CORE_ID);
	148	}
	149
	150	// Transfer the interrupt to Non-secure World
	151	ArmGicSetupNonSecure (PcdGet32(PcdGicDistributorBase),PcdGet32(PcdGicInterruptInterfaceBase));
	152
	153	// Write to CP15 Non-secure Access Control Register :
	154	// - Enable CP10 and CP11 accesses in NS World
	155	// - Enable Access to Preload Engine in NS World
	156	// - Enable lockable TLB entries allocation in NS world
	157	// - Enable R/W access to SMP bit of Auxiliary Control Register in NS world
	158	ArmWriteNsacr (NSACR_NS_SMP \| NSACR_TL \| NSACR_PLE \| NSACR_CP(10) \| NSACR_CP(11));
	159
	160	// CP15 Secure Configuration Register with Non Secure bit (SCR_NS), CPSR.A modified in any
	161	// security state (SCR_AW), CPSR.F modified in any security state (SCR_FW)
	162	ArmWriteScr (SCR_NS \| SCR_FW \| SCR_AW);
	163	} else {
	164	if (IS_PRIMARY_CORE(MpId)) {
	165	SerialPrint ("Trust Zone Configuration is disabled\n\r");
	166	}
	167
	168	// Trustzone is not enabled, just enable the Distributor and CPU interface
	169	if (IS_PRIMARY_CORE(MpId)) {
	170	ArmGicEnableDistributor (PcdGet32(PcdGicDistributorBase));
	171	}
	172	ArmGicEnableInterruptInterface (PcdGet32(PcdGicInterruptInterfaceBase));
	173
	174	// With Trustzone support the transition from Sec to Normal world is done by return_from_exception().
	175	// If we want to keep this function call we need to ensure the SVC's SPSR point to the same Program
	176	// Status Register as the the current one (CPSR).
	177	copy_cpsr_into_spsr ();
	178	}
	179
	180	JumpAddress = PcdGet32 (PcdFvBaseAddress);
	181	ArmPlatformSecExtraAction (MpId, &JumpAddress);
	182
	183	return_from_exception (JumpAddress);
	184	//-------------------- Non Secure Mode ---------------------
	185
	186	// PEI Core should always load and never return
	187	ASSERT (FALSE);
	188	}
	189
	190	VOID
	191	SecCommonExceptionEntry (
	192	IN UINT32 Entry,
	193	IN UINT32 LR
	194	)
	195	{
	196	CHAR8 Buffer[100];
	197	UINTN CharCount;
	198
	199	switch (Entry) {
	200	case 0:
	201	CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Reset Exception at 0x%X\n\r",LR);
	202	break;
	203	case 1:
	204	CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Undefined Exception at 0x%X\n\r",LR);
	205	break;
	206	case 2:
	207	CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"SWI Exception at 0x%X\n\r",LR);
	208	break;
	209	case 3:
	210	CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"PrefetchAbort Exception at 0x%X\n\r",LR);
	211	break;
	212	case 4:
	213	CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"DataAbort Exception at 0x%X\n\r",LR);
	214	break;
	215	case 5:
	216	CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Reserved Exception at 0x%X\n\r",LR);
	217	break;
	218	case 6:
	219	CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"IRQ Exception at 0x%X\n\r",LR);
	220	break;
	221	case 7:
	222	CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"FIQ Exception at 0x%X\n\r",LR);
	223	break;
	224	default:
	225	CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Unknown Exception at 0x%X\n\r",LR);
	226	break;
	227	}
	228	SerialPortWrite ((UINT8 *) Buffer, CharCount);
	229	while(1);
	230	}