1 /*
2 * Copyright (c) 2015-2022, ARM Limited and Contributors. All rights reserved.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 */
6
7 #include <assert.h>
8
9 #include <arch.h>
10 #include <arch_helpers.h>
11 #include <common/bl_common.h>
12 #include <common/debug.h>
13 #include <drivers/console.h>
14 #include <lib/debugfs.h>
15 #include <lib/extensions/ras.h>
16 #if ENABLE_RME
17 #include <lib/gpt_rme/gpt_rme.h>
18 #endif
19 #include <lib/mmio.h>
20 #include <lib/xlat_tables/xlat_tables_compat.h>
21 #include <plat/arm/common/plat_arm.h>
22 #include <plat/common/platform.h>
23 #include <platform_def.h>
24
25 /*
26 * Placeholder variables for copying the arguments that have been passed to
27 * BL31 from BL2.
28 */
29 static entry_point_info_t bl32_image_ep_info;
30 static entry_point_info_t bl33_image_ep_info;
31 #if ENABLE_RME
32 static entry_point_info_t rmm_image_ep_info;
33 #endif
34
35 #if !RESET_TO_BL31
36 /*
37 * Check that BL31_BASE is above ARM_FW_CONFIG_LIMIT. The reserved page
38 * is required for SOC_FW_CONFIG/TOS_FW_CONFIG passed from BL2.
39 */
40 CASSERT(BL31_BASE >= ARM_FW_CONFIG_LIMIT, assert_bl31_base_overflows);
41 #endif
42
43 /* Weak definitions may be overridden in specific ARM standard platform */
44 #pragma weak bl31_early_platform_setup2
45 #pragma weak bl31_platform_setup
46 #pragma weak bl31_plat_arch_setup
47 #pragma weak bl31_plat_get_next_image_ep_info
48
49 #define MAP_BL31_TOTAL MAP_REGION_FLAT( \
50 BL31_START, \
51 BL31_END - BL31_START, \
52 MT_MEMORY | MT_RW | EL3_PAS)
53 #if RECLAIM_INIT_CODE
54 IMPORT_SYM(unsigned long, __INIT_CODE_START__, BL_INIT_CODE_BASE);
55 IMPORT_SYM(unsigned long, __INIT_CODE_END__, BL_CODE_END_UNALIGNED);
56 IMPORT_SYM(unsigned long, __STACKS_END__, BL_STACKS_END_UNALIGNED);
57
58 #define BL_INIT_CODE_END ((BL_CODE_END_UNALIGNED + PAGE_SIZE - 1) & \
59 ~(PAGE_SIZE - 1))
60 #define BL_STACKS_END ((BL_STACKS_END_UNALIGNED + PAGE_SIZE - 1) & \
61 ~(PAGE_SIZE - 1))
62
63 #define MAP_BL_INIT_CODE MAP_REGION_FLAT( \
64 BL_INIT_CODE_BASE, \
65 BL_INIT_CODE_END \
66 - BL_INIT_CODE_BASE, \
67 MT_CODE | EL3_PAS)
68 #endif
69
70 #if SEPARATE_NOBITS_REGION
71 #define MAP_BL31_NOBITS MAP_REGION_FLAT( \
72 BL31_NOBITS_BASE, \
73 BL31_NOBITS_LIMIT \
74 - BL31_NOBITS_BASE, \
75 MT_MEMORY | MT_RW | EL3_PAS)
76
77 #endif
78 /*******************************************************************************
79 * Return a pointer to the 'entry_point_info' structure of the next image for the
80 * security state specified. BL33 corresponds to the non-secure image type
81 * while BL32 corresponds to the secure image type. A NULL pointer is returned
82 * if the image does not exist.
83 ******************************************************************************/
bl31_plat_get_next_image_ep_info(uint32_t type)84 struct entry_point_info *bl31_plat_get_next_image_ep_info(uint32_t type)
85 {
86 entry_point_info_t *next_image_info;
87
88 assert(sec_state_is_valid(type));
89 if (type == NON_SECURE) {
90 next_image_info = &bl33_image_ep_info;
91 }
92 #if ENABLE_RME
93 else if (type == REALM) {
94 next_image_info = &rmm_image_ep_info;
95 }
96 #endif
97 else {
98 next_image_info = &bl32_image_ep_info;
99 }
100
101 /*
102 * None of the images on the ARM development platforms can have 0x0
103 * as the entrypoint
104 */
105 if (next_image_info->pc)
106 return next_image_info;
107 else
108 return NULL;
109 }
110
111 /*******************************************************************************
112 * Perform any BL31 early platform setup common to ARM standard platforms.
113 * Here is an opportunity to copy parameters passed by the calling EL (S-EL1
114 * in BL2 & EL3 in BL1) before they are lost (potentially). This needs to be
115 * done before the MMU is initialized so that the memory layout can be used
116 * while creating page tables. BL2 has flushed this information to memory, so
117 * we are guaranteed to pick up good data.
118 ******************************************************************************/
arm_bl31_early_platform_setup(void * from_bl2,uintptr_t soc_fw_config,uintptr_t hw_config,void * plat_params_from_bl2)119 void __init arm_bl31_early_platform_setup(void *from_bl2, uintptr_t soc_fw_config,
120 uintptr_t hw_config, void *plat_params_from_bl2)
121 {
122 /* Initialize the console to provide early debug support */
123 arm_console_boot_init();
124
125 #if RESET_TO_BL31
126 /* There are no parameters from BL2 if BL31 is a reset vector */
127 assert(from_bl2 == NULL);
128 assert(plat_params_from_bl2 == NULL);
129
130 # ifdef BL32_BASE
131 /* Populate entry point information for BL32 */
132 SET_PARAM_HEAD(&bl32_image_ep_info,
133 PARAM_EP,
134 VERSION_1,
135 0);
136 SET_SECURITY_STATE(bl32_image_ep_info.h.attr, SECURE);
137 bl32_image_ep_info.pc = BL32_BASE;
138 bl32_image_ep_info.spsr = arm_get_spsr_for_bl32_entry();
139
140 #if defined(SPD_spmd)
141 /* SPM (hafnium in secure world) expects SPM Core manifest base address
142 * in x0, which in !RESET_TO_BL31 case loaded after base of non shared
143 * SRAM(after 4KB offset of SRAM). But in RESET_TO_BL31 case all non
144 * shared SRAM is allocated to BL31, so to avoid overwriting of manifest
145 * keep it in the last page.
146 */
147 bl32_image_ep_info.args.arg0 = ARM_TRUSTED_SRAM_BASE +
148 PLAT_ARM_TRUSTED_SRAM_SIZE - PAGE_SIZE;
149 #endif
150
151 # endif /* BL32_BASE */
152
153 /* Populate entry point information for BL33 */
154 SET_PARAM_HEAD(&bl33_image_ep_info,
155 PARAM_EP,
156 VERSION_1,
157 0);
158 /*
159 * Tell BL31 where the non-trusted software image
160 * is located and the entry state information
161 */
162 bl33_image_ep_info.pc = plat_get_ns_image_entrypoint();
163
164 bl33_image_ep_info.spsr = arm_get_spsr_for_bl33_entry();
165 SET_SECURITY_STATE(bl33_image_ep_info.h.attr, NON_SECURE);
166
167 #if ENABLE_RME
168 /*
169 * Populate entry point information for RMM.
170 * Only PC needs to be set as other fields are determined by RMMD.
171 */
172 rmm_image_ep_info.pc = RMM_BASE;
173 #endif /* ENABLE_RME */
174
175 #else /* RESET_TO_BL31 */
176
177 /*
178 * In debug builds, we pass a special value in 'plat_params_from_bl2'
179 * to verify platform parameters from BL2 to BL31.
180 * In release builds, it's not used.
181 */
182 assert(((unsigned long long)plat_params_from_bl2) ==
183 ARM_BL31_PLAT_PARAM_VAL);
184
185 /*
186 * Check params passed from BL2 should not be NULL,
187 */
188 bl_params_t *params_from_bl2 = (bl_params_t *)from_bl2;
189 assert(params_from_bl2 != NULL);
190 assert(params_from_bl2->h.type == PARAM_BL_PARAMS);
191 assert(params_from_bl2->h.version >= VERSION_2);
192
193 bl_params_node_t *bl_params = params_from_bl2->head;
194
195 /*
196 * Copy BL33, BL32 and RMM (if present), entry point information.
197 * They are stored in Secure RAM, in BL2's address space.
198 */
199 while (bl_params != NULL) {
200 if (bl_params->image_id == BL32_IMAGE_ID) {
201 bl32_image_ep_info = *bl_params->ep_info;
202 }
203 #if ENABLE_RME
204 else if (bl_params->image_id == RMM_IMAGE_ID) {
205 rmm_image_ep_info = *bl_params->ep_info;
206 }
207 #endif
208 else if (bl_params->image_id == BL33_IMAGE_ID) {
209 bl33_image_ep_info = *bl_params->ep_info;
210 }
211
212 bl_params = bl_params->next_params_info;
213 }
214
215 if (bl33_image_ep_info.pc == 0U)
216 panic();
217 #if ENABLE_RME
218 if (rmm_image_ep_info.pc == 0U)
219 panic();
220 #endif
221 #endif /* RESET_TO_BL31 */
222
223 # if ARM_LINUX_KERNEL_AS_BL33
224 /*
225 * According to the file ``Documentation/arm64/booting.txt`` of the
226 * Linux kernel tree, Linux expects the physical address of the device
227 * tree blob (DTB) in x0, while x1-x3 are reserved for future use and
228 * must be 0.
229 * Repurpose the option to load Hafnium hypervisor in the normal world.
230 * It expects its manifest address in x0. This is essentially the linux
231 * dts (passed to the primary VM) by adding 'hypervisor' and chosen
232 * nodes specifying the Hypervisor configuration.
233 */
234 #if RESET_TO_BL31
235 bl33_image_ep_info.args.arg0 = (u_register_t)ARM_PRELOADED_DTB_BASE;
236 #else
237 bl33_image_ep_info.args.arg0 = (u_register_t)hw_config;
238 #endif
239 bl33_image_ep_info.args.arg1 = 0U;
240 bl33_image_ep_info.args.arg2 = 0U;
241 bl33_image_ep_info.args.arg3 = 0U;
242 # endif
243 }
244
bl31_early_platform_setup2(u_register_t arg0,u_register_t arg1,u_register_t arg2,u_register_t arg3)245 void bl31_early_platform_setup2(u_register_t arg0, u_register_t arg1,
246 u_register_t arg2, u_register_t arg3)
247 {
248 arm_bl31_early_platform_setup((void *)arg0, arg1, arg2, (void *)arg3);
249
250 /*
251 * Initialize Interconnect for this cluster during cold boot.
252 * No need for locks as no other CPU is active.
253 */
254 plat_arm_interconnect_init();
255
256 /*
257 * Enable Interconnect coherency for the primary CPU's cluster.
258 * Earlier bootloader stages might already do this (e.g. Trusted
259 * Firmware's BL1 does it) but we can't assume so. There is no harm in
260 * executing this code twice anyway.
261 * Platform specific PSCI code will enable coherency for other
262 * clusters.
263 */
264 plat_arm_interconnect_enter_coherency();
265 }
266
267 /*******************************************************************************
268 * Perform any BL31 platform setup common to ARM standard platforms
269 ******************************************************************************/
arm_bl31_platform_setup(void)270 void arm_bl31_platform_setup(void)
271 {
272 /* Initialize the GIC driver, cpu and distributor interfaces */
273 plat_arm_gic_driver_init();
274 plat_arm_gic_init();
275
276 #if RESET_TO_BL31
277 /*
278 * Do initial security configuration to allow DRAM/device access
279 * (if earlier BL has not already done so).
280 */
281 plat_arm_security_setup();
282
283 #if defined(PLAT_ARM_MEM_PROT_ADDR)
284 arm_nor_psci_do_dyn_mem_protect();
285 #endif /* PLAT_ARM_MEM_PROT_ADDR */
286
287 #endif /* RESET_TO_BL31 */
288
289 /* Enable and initialize the System level generic timer */
290 mmio_write_32(ARM_SYS_CNTCTL_BASE + CNTCR_OFF,
291 CNTCR_FCREQ(0U) | CNTCR_EN);
292
293 /* Allow access to the System counter timer module */
294 arm_configure_sys_timer();
295
296 /* Initialize power controller before setting up topology */
297 plat_arm_pwrc_setup();
298
299 #if RAS_EXTENSION
300 ras_init();
301 #endif
302
303 #if USE_DEBUGFS
304 debugfs_init();
305 #endif /* USE_DEBUGFS */
306 }
307
308 /*******************************************************************************
309 * Perform any BL31 platform runtime setup prior to BL31 exit common to ARM
310 * standard platforms
311 * Perform BL31 platform setup
312 ******************************************************************************/
arm_bl31_plat_runtime_setup(void)313 void arm_bl31_plat_runtime_setup(void)
314 {
315 console_switch_state(CONSOLE_FLAG_RUNTIME);
316
317 /* Initialize the runtime console */
318 arm_console_runtime_init();
319
320 #if RECLAIM_INIT_CODE
321 arm_free_init_memory();
322 #endif
323
324 #if PLAT_RO_XLAT_TABLES
325 arm_xlat_make_tables_readonly();
326 #endif
327 }
328
329 #if RECLAIM_INIT_CODE
330 /*
331 * Make memory for image boot time code RW to reclaim it as stack for the
332 * secondary cores, or RO where it cannot be reclaimed:
333 *
334 * |-------- INIT SECTION --------|
335 * -----------------------------------------
336 * | CORE 0 | CORE 1 | CORE 2 | EXTRA |
337 * | STACK | STACK | STACK | SPACE |
338 * -----------------------------------------
339 * <-------------------> <------>
340 * MAKE RW AND XN MAKE
341 * FOR STACKS RO AND XN
342 */
arm_free_init_memory(void)343 void arm_free_init_memory(void)
344 {
345 int ret = 0;
346
347 if (BL_STACKS_END < BL_INIT_CODE_END) {
348 /* Reclaim some of the init section as stack if possible. */
349 if (BL_INIT_CODE_BASE < BL_STACKS_END) {
350 ret |= xlat_change_mem_attributes(BL_INIT_CODE_BASE,
351 BL_STACKS_END - BL_INIT_CODE_BASE,
352 MT_RW_DATA);
353 }
354 /* Make the rest of the init section read-only. */
355 ret |= xlat_change_mem_attributes(BL_STACKS_END,
356 BL_INIT_CODE_END - BL_STACKS_END,
357 MT_RO_DATA);
358 } else {
359 /* The stacks cover the init section, so reclaim it all. */
360 ret |= xlat_change_mem_attributes(BL_INIT_CODE_BASE,
361 BL_INIT_CODE_END - BL_INIT_CODE_BASE,
362 MT_RW_DATA);
363 }
364
365 if (ret != 0) {
366 ERROR("Could not reclaim initialization code");
367 panic();
368 }
369 }
370 #endif
371
bl31_platform_setup(void)372 void __init bl31_platform_setup(void)
373 {
374 arm_bl31_platform_setup();
375 }
376
bl31_plat_runtime_setup(void)377 void bl31_plat_runtime_setup(void)
378 {
379 arm_bl31_plat_runtime_setup();
380 }
381
382 /*******************************************************************************
383 * Perform the very early platform specific architectural setup shared between
384 * ARM standard platforms. This only does basic initialization. Later
385 * architectural setup (bl31_arch_setup()) does not do anything platform
386 * specific.
387 ******************************************************************************/
arm_bl31_plat_arch_setup(void)388 void __init arm_bl31_plat_arch_setup(void)
389 {
390 const mmap_region_t bl_regions[] = {
391 MAP_BL31_TOTAL,
392 #if ENABLE_RME
393 ARM_MAP_L0_GPT_REGION,
394 #endif
395 #if RECLAIM_INIT_CODE
396 MAP_BL_INIT_CODE,
397 #endif
398 #if SEPARATE_NOBITS_REGION
399 MAP_BL31_NOBITS,
400 #endif
401 ARM_MAP_BL_RO,
402 #if USE_ROMLIB
403 ARM_MAP_ROMLIB_CODE,
404 ARM_MAP_ROMLIB_DATA,
405 #endif
406 #if USE_COHERENT_MEM
407 ARM_MAP_BL_COHERENT_RAM,
408 #endif
409 {0}
410 };
411
412 setup_page_tables(bl_regions, plat_arm_get_mmap());
413
414 enable_mmu_el3(0);
415
416 #if ENABLE_RME
417 /*
418 * Initialise Granule Protection library and enable GPC for the primary
419 * processor. The tables have already been initialized by a previous BL
420 * stage, so there is no need to provide any PAS here. This function
421 * sets up pointers to those tables.
422 */
423 if (gpt_runtime_init() < 0) {
424 ERROR("gpt_runtime_init() failed!\n");
425 panic();
426 }
427 #endif /* ENABLE_RME */
428
429 arm_setup_romlib();
430 }
431
bl31_plat_arch_setup(void)432 void __init bl31_plat_arch_setup(void)
433 {
434 arm_bl31_plat_arch_setup();
435 }
436