#include <Library/BaseMemoryLib.h>
#include <Library/SerialPortLib.h>
#include <Library/ArmGicLib.h>
-#include <Library/ArmCpuLib.h>
#include "SecInternal.h"
VOID
CEntryPoint (
- IN UINTN MpId
+ IN UINTN MpId,
+ IN UINTN SecBootMode
)
{
CHAR8 Buffer[100];
if (FixedPcdGet32 (PcdVFPEnabled)) {
ArmEnableVFP();
}
-
+
+ // Initialize peripherals that must be done at the early stage
+ // Example: Some L2 controller, interconnect, clock, DMC, etc
+ ArmPlatformSecInitialize (MpId);
+
// Primary CPU clears out the SCU tag RAMs, secondaries wait
- if (IS_PRIMARY_CORE(MpId)) {
+ if (IS_PRIMARY_CORE(MpId) && (SecBootMode == ARM_SEC_COLD_BOOT)) {
if (ArmIsMpCore()) {
- ArmCpuSynchronizeSignal (ARM_CPU_EVENT_BOOT_MEM_INIT);
+ // Signal for the initial memory is configured (event: BOOT_MEM_INIT)
+ ArmCallSEV ();
}
// SEC phase needs to run library constructors by hand. This assumes we are linked against the SerialLib
SerialPortInitialize ();
// Start talking
- CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"UEFI firmware built at %a on %a\n\r",__TIME__, __DATE__);
+ if (FixedPcdGetBool (PcdTrustzoneSupport)) {
+ CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Secure firmware (version %s built at %a on %a)\n\r",
+ (CHAR16*)PcdGetPtr(PcdFirmwareVersionString), __TIME__, __DATE__);
+ } else {
+ CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Boot firmware (version %s built at %a on %a)\n\r",
+ (CHAR16*)PcdGetPtr(PcdFirmwareVersionString), __TIME__, __DATE__);
+ }
SerialPortWrite ((UINT8 *) Buffer, CharCount);
// Initialize the Debug Agent for Source Level Debugging
InitializeDebugAgent (DEBUG_AGENT_INIT_PREMEM_SEC, NULL, NULL);
SaveAndSetDebugTimerInterrupt (TRUE);
- // Now we've got UART, make the check:
- // - The Vector table must be 32-byte aligned
- ASSERT(((UINT32)SecVectorTable & ((1 << 5)-1)) == 0);
-
// Enable the GIC distributor and CPU Interface
// - no other Interrupts are enabled, doesn't have to worry about the priority.
// - all the cores are in secure state, use secure SGI's
}
// Enable Full Access to CoProcessors
- ArmWriteCPACR (CPACR_CP_FULL_ACCESS);
-
- if (IS_PRIMARY_CORE(MpId)) {
- // Initialize peripherals that must be done at the early stage
- // Example: Some L2x0 controllers must be initialized in Secure World
- ArmPlatformSecInitialize ();
-
- // If we skip the PEI Core we could want to initialize the DRAM in the SEC phase.
- // If we are in standalone, we need the initialization to copy the UEFI firmware into DRAM
- if (FeaturePcdGet (PcdSystemMemoryInitializeInSec)) {
- // Initialize system memory (DRAM)
- ArmPlatformInitializeSystemMemory ();
- }
- }
+ ArmWriteCpacr (CPACR_CP_FULL_ACCESS);
// Test if Trustzone is supported on this platform
if (FixedPcdGetBool (PcdTrustzoneSupport)) {
((PcdGet32(PcdCPUCoresSecMonStackBase) != 0) && (PcdGet32(PcdCPUCoreSecMonStackSize) != 0)));
// Enter Monitor Mode
- enter_monitor_mode ((UINTN)TrustedWorldInitialization, MpId, (VOID*)(PcdGet32(PcdCPUCoresSecMonStackBase) + (PcdGet32(PcdCPUCoreSecMonStackSize) * (GET_CORE_POS(MpId) + 1))));
+ enter_monitor_mode ((UINTN)TrustedWorldInitialization, MpId, SecBootMode, (VOID*)(PcdGet32(PcdCPUCoresSecMonStackBase) + (PcdGet32(PcdCPUCoreSecMonStackSize) * (GET_CORE_POS(MpId) + 1))));
} else {
if (IS_PRIMARY_CORE(MpId)) {
SerialPrint ("Trust Zone Configuration is disabled\n\r");
VOID
TrustedWorldInitialization (
- IN UINTN MpId
+ IN UINTN MpId,
+ IN UINTN SecBootMode
)
{
UINTN JumpAddress;
ArmGicSetupNonSecure (MpId, PcdGet32(PcdGicDistributorBase), PcdGet32(PcdGicInterruptInterfaceBase));
// Initialize platform specific security policy
- ArmPlatformTrustzoneInit (MpId);
+ ArmPlatformSecTrustzoneInit (MpId);
// Setup the Trustzone Chipsets
- if (IS_PRIMARY_CORE(MpId)) {
- if (ArmIsMpCore()) {
- // Waiting for the Primary Core to have finished to initialize the Secure World
- ArmCpuSynchronizeSignal (ARM_CPU_EVENT_SECURE_INIT);
+ if (SecBootMode == ARM_SEC_COLD_BOOT) {
+ if (IS_PRIMARY_CORE(MpId)) {
+ if (ArmIsMpCore()) {
+ // Signal the secondary core the Security settings is done (event: EVENT_SECURE_INIT)
+ ArmCallSEV ();
+ }
+ } else {
+ // The secondary cores need to wait until the Trustzone chipsets configuration is done
+ // before switching to Non Secure World
+
+ // Wait for the Primary Core to finish the initialization of the Secure World (event: EVENT_SECURE_INIT)
+ ArmCallWFE ();
}
- } else {
- // The secondary cores need to wait until the Trustzone chipsets configuration is done
- // before switching to Non Secure World
-
- // Waiting for the Primary Core to have finished to initialize the Secure World
- ArmCpuSynchronizeWait (ARM_CPU_EVENT_SECURE_INIT);
}
- // Call the Platform specific fucntion to execute additional actions if required
+ // Call the Platform specific function to execute additional actions if required
JumpAddress = PcdGet32 (PcdFvBaseAddress);
ArmPlatformSecExtraAction (MpId, &JumpAddress);
ASSERT (FALSE);
}
-VOID
-SecCommonExceptionEntry (
- IN UINT32 Entry,
- IN UINT32 LR
- )
-{
- CHAR8 Buffer[100];
- UINTN CharCount;
-
- switch (Entry) {
- case 0:
- CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Reset Exception at 0x%X\n\r",LR);
- break;
- case 1:
- CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Undefined Exception at 0x%X\n\r",LR);
- break;
- case 2:
- CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"SWI Exception at 0x%X\n\r",LR);
- break;
- case 3:
- CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"PrefetchAbort Exception at 0x%X\n\r",LR);
- break;
- case 4:
- CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"DataAbort Exception at 0x%X\n\r",LR);
- break;
- case 5:
- CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Reserved Exception at 0x%X\n\r",LR);
- break;
- case 6:
- CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"IRQ Exception at 0x%X\n\r",LR);
- break;
- case 7:
- CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"FIQ Exception at 0x%X\n\r",LR);
- break;
- default:
- CharCount = AsciiSPrint (Buffer,sizeof (Buffer),"Unknown Exception at 0x%X\n\r",LR);
- break;
- }
- SerialPortWrite ((UINT8 *) Buffer, CharCount);
- while(1);
-}