ArmPlatformPkg/Sec/Sec.c

   1 /** @file
   2 *  Main file supporting the SEC Phase on ARM Platforms
   3 *
   4 *  Copyright (c) 2011-2012, ARM Limited. All rights reserved.
   5 *
   6 *  This program and the accompanying materials
   7 *  are licensed and made available under the terms and conditions of the BSD License
   8 *  which accompanies this distribution.  The full text of the license may be found at
   9 *  http://opensource.org/licenses/bsd-license.php
  10 *
  11 *  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
  12 *  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
  13 *
  14 **/
  15
  16 #include <Library/ArmTrustedMonitorLib.h>
  17 #include <Library/DebugAgentLib.h>
  18 #include <Library/PrintLib.h>
  19 #include <Library/BaseMemoryLib.h>
  20 #include <Library/SerialPortLib.h>
  21 #include <Library/ArmGicLib.h>
  22
  23 #include "SecInternal.h"
  24
  25 #define SerialPrint(txt)  SerialPortWrite ((UINT8*)txt, AsciiStrLen(txt)+1);
  26
  27 VOID
  28 CEntryPoint (
  29   IN  UINTN                     MpId,
  30   IN  UINTN                     SecBootMode
  31   )
  32 {
  33   CHAR8           Buffer[100];
  34   UINTN           CharCount;
  35   UINTN           JumpAddress;
  36
  37   // Invalidate the data cache. Doesn't have to do the Data cache clean.
  38   ArmInvalidateDataCache();
  39
  40   // Invalidate Instruction Cache
  41   ArmInvalidateInstructionCache();
  42
  43   // Invalidate I & D TLBs
  44   ArmInvalidateInstructionAndDataTlb();
  45
  46   // CPU specific settings
  47   ArmCpuSetup (MpId);
  48
  49   // Enable Floating Point Coprocessor if supported by the platform
  50   if (FixedPcdGet32 (PcdVFPEnabled)) {
  51     ArmEnableVFP();
  52   }
  53
  54   // Initialize peripherals that must be done at the early stage
  55   // Example: Some L2 controller, interconnect, clock, DMC, etc
  56   ArmPlatformSecInitialize (MpId);
  57
  58   // Primary CPU clears out the SCU tag RAMs, secondaries wait
  59   if (IS_PRIMARY_CORE(MpId)) {
  60     if (ArmIsMpCore()) {
  61       // Signal for the initial memory is configured (event: BOOT_MEM_INIT)
  62       ArmCallSEV ();
  63     }
  64
  65     // SEC phase needs to run library constructors by hand. This assumes we are linked against the SerialLib
  66     // In non SEC modules the init call is in autogenerated code.
  67     SerialPortInitialize ();
  68
  69     // Start talking
  70     if (FixedPcdGetBool (PcdTrustzoneSupport)) {
  71       CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Secure firmware (version %s built at %a on %a)\n\r",
  72           (CHAR16*)PcdGetPtr(PcdFirmwareVersionString), __TIME__, __DATE__);
  73     } else {
  74       CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Boot firmware (version %s built at %a on %a)\n\r",
  75           (CHAR16*)PcdGetPtr(PcdFirmwareVersionString), __TIME__, __DATE__);
  76     }
  77     SerialPortWrite ((UINT8 *) Buffer, CharCount);
  78
  79     // Initialize the Debug Agent for Source Level Debugging
  80     InitializeDebugAgent (DEBUG_AGENT_INIT_PREMEM_SEC, NULL, NULL);
  81     SaveAndSetDebugTimerInterrupt (TRUE);
  82
  83     // Now we've got UART, make the check:
  84     // - The Vector table must be 32-byte aligned
  85     ASSERT(((UINT32)SecVectorTable & ((1 << 5)-1)) == 0);
  86
  87     // Enable the GIC distributor and CPU Interface
  88     // - no other Interrupts are enabled,  doesn't have to worry about the priority.
  89     // - all the cores are in secure state, use secure SGI's
  90     ArmGicEnableDistributor (PcdGet32(PcdGicDistributorBase));
  91     ArmGicEnableInterruptInterface (PcdGet32(PcdGicInterruptInterfaceBase));
  92   } else {
  93     // Enable the GIC CPU Interface
  94     ArmGicEnableInterruptInterface (PcdGet32(PcdGicInterruptInterfaceBase));
  95   }
  96
  97   // Enable Full Access to CoProcessors
  98   ArmWriteCpacr (CPACR_CP_FULL_ACCESS);
  99
 100   // Test if Trustzone is supported on this platform
 101   if (FixedPcdGetBool (PcdTrustzoneSupport)) {
 102     if (ArmIsMpCore()) {
 103       // Setup SMP in Non Secure world
 104       ArmCpuSetupSmpNonSecure (GET_CORE_ID(MpId));
 105     }
 106
 107     // Either we use the Secure Stacks for Secure Monitor (in this case (Base == 0) && (Size == 0))
 108     // Or we use separate Secure Monitor stacks (but (Base != 0) && (Size != 0))
 109     ASSERT (((PcdGet32(PcdCPUCoresSecMonStackBase) == 0) && (PcdGet32(PcdCPUCoreSecMonStackSize) == 0)) ||
 110             ((PcdGet32(PcdCPUCoresSecMonStackBase) != 0) && (PcdGet32(PcdCPUCoreSecMonStackSize) != 0)));
 111
 112     // Enter Monitor Mode
 113     enter_monitor_mode ((UINTN)TrustedWorldInitialization, MpId, SecBootMode, (VOID*)(PcdGet32(PcdCPUCoresSecMonStackBase) + (PcdGet32(PcdCPUCoreSecMonStackSize) * (GET_CORE_POS(MpId) + 1))));
 114   } else {
 115     if (IS_PRIMARY_CORE(MpId)) {
 116       SerialPrint ("Trust Zone Configuration is disabled\n\r");
 117     }
 118
 119     // With Trustzone support the transition from Sec to Normal world is done by return_from_exception().
 120     // If we want to keep this function call we need to ensure the SVC's SPSR point to the same Program
 121     // Status Register as the the current one (CPSR).
 122     copy_cpsr_into_spsr ();
 123
 124     // Call the Platform specific function to execute additional actions if required
 125     JumpAddress = PcdGet32 (PcdFvBaseAddress);
 126     ArmPlatformSecExtraAction (MpId, &JumpAddress);
 127
 128     NonTrustedWorldTransition (MpId, JumpAddress);
 129   }
 130   ASSERT (0); // We must never return from the above function
 131 }
 132
 133 VOID
 134 TrustedWorldInitialization (
 135   IN  UINTN                     MpId,
 136   IN  UINTN                     SecBootMode
 137   )
 138 {
 139   UINTN   JumpAddress;
 140
 141   //-------------------- Monitor Mode ---------------------
 142
 143   // Set up Monitor World (Vector Table, etc)
 144   ArmSecureMonitorWorldInitialize ();
 145
 146   // Transfer the interrupt to Non-secure World
 147   ArmGicSetupNonSecure (MpId, PcdGet32(PcdGicDistributorBase), PcdGet32(PcdGicInterruptInterfaceBase));
 148
 149   // Initialize platform specific security policy
 150   ArmPlatformSecTrustzoneInit (MpId);
 151
 152   // Setup the Trustzone Chipsets
 153   if (IS_PRIMARY_CORE(MpId)) {
 154     if (ArmIsMpCore()) {
 155       // Signal the secondary core the Security settings is done (event: EVENT_SECURE_INIT)
 156       ArmCallSEV ();
 157     }
 158   } else if ((SecBootMode & ARM_SEC_BOOT_MASK) == ARM_SEC_COLD_BOOT) {
 159     // The secondary cores need to wait until the Trustzone chipsets configuration is done
 160     // before switching to Non Secure World
 161
 162     // Wait for the Primary Core to finish the initialization of the Secure World (event: EVENT_SECURE_INIT)
 163     ArmCallWFE ();
 164   }
 165
 166   // Call the Platform specific function to execute additional actions if required
 167   JumpAddress = PcdGet32 (PcdFvBaseAddress);
 168   ArmPlatformSecExtraAction (MpId, &JumpAddress);
 169
 170   // Write to CP15 Non-secure Access Control Register
 171   ArmWriteNsacr (PcdGet32 (PcdArmNsacr));
 172
 173   // CP15 Secure Configuration Register
 174   ArmWriteScr (PcdGet32 (PcdArmScr));
 175
 176   NonTrustedWorldTransition (MpId, JumpAddress);
 177 }
 178
 179 VOID
 180 NonTrustedWorldTransition (
 181   IN  UINTN                     MpId,
 182   IN  UINTN                     JumpAddress
 183   )
 184 {
 185   // If PcdArmNonSecModeTransition is defined then set this specific mode to CPSR before the transition
 186   // By not set, the mode for Non Secure World is SVC
 187   if (PcdGet32 (PcdArmNonSecModeTransition) != 0) {
 188     set_non_secure_mode ((ARM_PROCESSOR_MODE)PcdGet32 (PcdArmNonSecModeTransition));
 189   }
 190
 191   return_from_exception (JumpAddress);
 192   //-------------------- Non Secure Mode ---------------------
 193
 194   // PEI Core should always load and never return
 195   ASSERT (FALSE);
 196 }
 197
 198 VOID
 199 SecCommonExceptionEntry (
 200   IN UINT32 Entry,
 201   IN UINT32 LR
 202   )
 203 {
 204   CHAR8           Buffer[100];
 205   UINTN           CharCount;
 206
 207   switch (Entry) {
 208   case 0:
 209     CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Reset Exception at 0x%X\n\r",LR);
 210     break;
 211   case 1:
 212     CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Undefined Exception at 0x%X\n\r",LR);
 213     break;
 214   case 2:
 215     CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"SWI Exception at 0x%X\n\r",LR);
 216     break;
 217   case 3:
 218     CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"PrefetchAbort Exception at 0x%X\n\r",LR);
 219     break;
 220   case 4:
 221     CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"DataAbort Exception at 0x%X\n\r",LR);
 222     break;
 223   case 5:
 224     CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Reserved Exception at 0x%X\n\r",LR);
 225     break;
 226   case 6:
 227     CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"IRQ Exception at 0x%X\n\r",LR);
 228     break;
 229   case 7:
 230     CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"FIQ Exception at 0x%X\n\r",LR);
 231     break;
 232   default:
 233     CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Unknown Exception at 0x%X\n\r",LR);
 234     break;
 235   }
 236   SerialPortWrite ((UINT8 *) Buffer, CharCount);
 237   while(1);
 238 }