andrius
/
arm-trusted-firmware
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
arm-trusted-firmware/bl31/aarch64/runtime_exceptions.S

547 lines
15 KiB
ArmAsm
Raw Normal View History

ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
/*
runtime_exceptions: Save x4-x29 unconditionally In preparation for SMCCC v1.1 support, save x4 to x29 unconditionally. Previously we expected callers coming from AArch64 mode to preserve x8-x17. This is no longer the case with SMCCC v1.1 as AArch64 callers only need to save x0-x3. Change-Id: Ie62d620776533969ff4a02c635422f1b9208be9c Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
2018-01-22 11:53:04 +00:00
* Copyright (c) 2013-2018, ARM Limited and Contributors. All rights reserved.
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
*
Use SPDX license identifiers To make software license auditing simpler, use SPDX[0] license identifiers instead of duplicating the license text in every file. NOTE: Files that have been imported by FreeBSD have not been modified. [0]: https://spdx.org/ Change-Id: I80a00e1f641b8cc075ca5a95b10607ed9ed8761a Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
2017-05-03 09:38:09 +01:00
* SPDX-License-Identifier: BSD-3-Clause
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
*/
#include <arch.h>
Make use of user/system includes more consistent Make codebase consistent in its use of #include "" syntax for user includes and #include <> syntax for system includes. Fixes ARM-software/tf-issues#65 Change-Id: If2f7c4885173b1fd05ac2cde5f1c8a07000c7a33
2014-04-09 13:13:04 +01:00
#include <asm_macros.S>
Reduce deep nesting of header files Reduce the number of header files included from other header files as much as possible without splitting the files. Use forward declarations where possible. This allows removal of some unnecessary "#ifndef __ASSEMBLY__" statements. Also, review the .c and .S files for which header files really need including and reorder the #include statements alphabetically. Fixes ARM-software/tf-issues#31 Change-Id: Iec92fb976334c77453e010b60bcf56f3be72bd3e
2014-04-09 13:14:54 +01:00
#include <context.h>
Add PMF instrumentation points in TF In order to quantify the overall time spent in the PSCI software implementation, an initial collection of PMF instrumentation points has been added. Instrumentation has been added to the following code paths: - Entry to PSCI SMC handler. The timestamp is captured as early as possible during the runtime exception and stored in memory before entering the PSCI SMC handler. - Exit from PSCI SMC handler. The timestamp is captured after normal return from the PSCI SMC handler or if a low power state was requested it is captured in the bl31 warm boot path before return to normal world. - Entry to low power state. The timestamp is captured before entry to a low power state which implies either standby or power down. As these power states are mutually exclusive, only one timestamp is defined to describe both. It is possible to differentiate between the two power states using the PSCI STAT interface. - Exit from low power state. The timestamp is captured after a standby or power up operation has completed. To calculate the number of cycles spent running code in Trusted Firmware one can perform the following calculation: (exit_psci - enter_psci) - (exit_low_pwr - enter_low_pwr). The resulting number of cycles can be converted to time given the frequency of the counter. Change-Id: Ie3b8f3d16409b6703747093b3a2d5c7429ad0166 Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
2016-09-19 11:18:44 +01:00
#include <cpu_data.h>
AArch64: Introduce External Abort handling At present, any External Abort routed to EL3 is reported as an unhandled exception and cause a panic. This patch enables ARM Trusted Firmware to handle External Aborts routed to EL3. With this patch, when an External Abort is received at EL3, its handling is delegated to plat_ea_handler() function. Platforms can provide their own implementation of this function. This patch adds a weak definition of the said function that prints out a message and just panics. In order to support handling External Aborts at EL3, the build option HANDLE_EA_EL3_FIRST must be set to 1. Before this patch, HANDLE_EA_EL3_FIRST wasn't passed down to compilation; this patch fixes that too. Change-Id: I4d07b7e65eb191ff72d63b909ae9512478cd01a1 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
2017-11-30 12:54:15 +00:00
#include <ea_handle.h>
Introduce interrupt handling framework in BL3-1 This patch adds a common handler for FIQ and IRQ exceptions in the BL3-1 runtime exception vector table. This function determines the interrupt type and calls its handler. A crash is reported if an inconsistency in the interrupt management framework is detected. In the event of a spurious interrupt, execution resumes from the instruction where the interrupt was generated. This patch also removes 'cm_macros.S' as its contents have been moved to 'runtime_exceptions.S' Change-Id: I3c85ecf8eaf43a3fac429b119ed0bd706d2e2093
2014-05-09 11:07:09 +01:00
#include <interrupt_mgmt.h>
Split platform.h into separate headers Previously, platform.h contained many declarations and definitions used for different purposes. This file has been split so that: * Platform definitions used by common code that must be defined by the platform are now in platform_def.h. The exact include path is exported through $PLAT_INCLUDES in the platform makefile. * Platform definitions specific to the FVP platform are now in /plat/fvp/fvp_def.h. * Platform API declarations specific to the FVP platform are now in /plat/fvp/fvp_private.h. * The remaining platform API declarations that must be ported by each platform are still in platform.h but this file has been moved to /include/plat/common since this can be shared by all platforms. Change-Id: Ieb3bb22fbab3ee8027413c6b39a783534aee474a
2014-05-14 17:44:19 +01:00
#include <platform_def.h>
Reduce deep nesting of header files Reduce the number of header files included from other header files as much as possible without splitting the files. Use forward declarations where possible. This allows removal of some unnecessary "#ifndef __ASSEMBLY__" statements. Also, review the .c and .S files for which header files really need including and reorder the #include statements alphabetically. Fixes ARM-software/tf-issues#31 Change-Id: Iec92fb976334c77453e010b60bcf56f3be72bd3e
2014-04-09 13:14:54 +01:00
#include <runtime_svc.h>
Add support for the SMC Calling Convention 2.0 Due to differences in the bitfields of the SMC IDs, it is not possible to support SMCCC 1.X and 2.0 at the same time. The behaviour of `SMCCC_MAJOR_VERSION` has changed. Now, it is a build option that specifies the major version of the SMCCC that the Trusted Firmware supports. The only two allowed values are 1 and 2, and it defaults to 1. The value of `SMCCC_MINOR_VERSION` is derived from it. Note: Support for SMCCC v2.0 is an experimental feature to enable prototyping of secure partition specifications. Support for this convention is disabled by default and could be removed without notice. Change-Id: I88abf9ccf08e9c66a13ce55c890edea54d9f16a7 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-04-23 15:43:29 +01:00
#include <smccc.h>
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
.globl runtime_exceptions
Workaround for CVE-2017-5715 on Cortex A57 and A72 Invalidate the Branch Target Buffer (BTB) on entry to EL3 by disabling and enabling the MMU. To achieve this without performing any branch instruction, a per-cpu vbar is installed which executes the workaround and then branches off to the corresponding vector entry in the main vector table. A side effect of this change is that the main vbar is configured before any reset handling. This is to allow the per-cpu reset function to override the vbar setting. This workaround is enabled by default on the affected CPUs. Change-Id: I97788d38463a5840a410e3cea85ed297a1678265 Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
2017-11-30 14:53:53 +00:00
.globl sync_exception_sp_el0
.globl irq_sp_el0
.globl fiq_sp_el0
.globl serror_sp_el0
.globl sync_exception_sp_elx
.globl irq_sp_elx
.globl fiq_sp_elx
.globl serror_sp_elx
.globl sync_exception_aarch64
.globl irq_aarch64
.globl fiq_aarch64
.globl serror_aarch64
.globl sync_exception_aarch32
.globl irq_aarch32
.globl fiq_aarch32
.globl serror_aarch32
AArch64: Introduce External Abort handling At present, any External Abort routed to EL3 is reported as an unhandled exception and cause a panic. This patch enables ARM Trusted Firmware to handle External Aborts routed to EL3. With this patch, when an External Abort is received at EL3, its handling is delegated to plat_ea_handler() function. Platforms can provide their own implementation of this function. This patch adds a weak definition of the said function that prints out a message and just panics. In order to support handling External Aborts at EL3, the build option HANDLE_EA_EL3_FIRST must be set to 1. Before this patch, HANDLE_EA_EL3_FIRST wasn't passed down to compilation; this patch fixes that too. Change-Id: I4d07b7e65eb191ff72d63b909ae9512478cd01a1 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
2017-11-30 12:54:15 +00:00
/*
* Handle External Abort by delegating to the platform's EA handler.
* Once the platform handler returns, the macro exits EL3 and returns to
* where the abort was taken from.
*
* This macro assumes that x30 is available for use.
*
* 'abort_type' is a constant passed to the platform handler, indicating
* the cause of the External Abort.
*/
.macro handle_ea abort_type
/* Save GP registers */
bl save_gp_registers
/* Setup exception class and syndrome arguments for platform handler */
mov x0, \abort_type
mrs x1, esr_el3
adr x30, el3_exit
b delegate_ea
.endm
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
/* ---------------------------------------------------------------------
* This macro handles Synchronous exceptions.
* Only SMC exceptions are supported.
* ---------------------------------------------------------------------
Introduce interrupt handling framework in BL3-1 This patch adds a common handler for FIQ and IRQ exceptions in the BL3-1 runtime exception vector table. This function determines the interrupt type and calls its handler. A crash is reported if an inconsistency in the interrupt management framework is detected. In the event of a spurious interrupt, execution resumes from the instruction where the interrupt was generated. This patch also removes 'cm_macros.S' as its contents have been moved to 'runtime_exceptions.S' Change-Id: I3c85ecf8eaf43a3fac429b119ed0bd706d2e2093
2014-05-09 11:07:09 +01:00
*/
.macro handle_sync_exception
Unmask SError interrupt and clear SCR_EL3.EA bit This patch disables routing of external aborts from lower exception levels to EL3 and ensures that a SError interrupt generated as a result of execution in EL3 is taken locally instead of a lower exception level. The SError interrupt is enabled in the TSP code only when the operation has not been directly initiated by the normal world. This is to prevent the possibility of an asynchronous external abort which originated in normal world from being taken when execution is in S-EL1. Fixes ARM-software/tf-issues#153 Change-Id: I157b996c75996d12fd86d27e98bc73dd8bce6cd5
2014-08-04 23:13:10 +01:00
/* Enable the SError interrupt */
msr daifclr, #DAIF_ABT_BIT
Introduce interrupt handling framework in BL3-1 This patch adds a common handler for FIQ and IRQ exceptions in the BL3-1 runtime exception vector table. This function determines the interrupt type and calls its handler. A crash is reported if an inconsistency in the interrupt management framework is detected. In the event of a spurious interrupt, execution resumes from the instruction where the interrupt was generated. This patch also removes 'cm_macros.S' as its contents have been moved to 'runtime_exceptions.S' Change-Id: I3c85ecf8eaf43a3fac429b119ed0bd706d2e2093
2014-05-09 11:07:09 +01:00
str x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR]
Add PMF instrumentation points in TF In order to quantify the overall time spent in the PSCI software implementation, an initial collection of PMF instrumentation points has been added. Instrumentation has been added to the following code paths: - Entry to PSCI SMC handler. The timestamp is captured as early as possible during the runtime exception and stored in memory before entering the PSCI SMC handler. - Exit from PSCI SMC handler. The timestamp is captured after normal return from the PSCI SMC handler or if a low power state was requested it is captured in the bl31 warm boot path before return to normal world. - Entry to low power state. The timestamp is captured before entry to a low power state which implies either standby or power down. As these power states are mutually exclusive, only one timestamp is defined to describe both. It is possible to differentiate between the two power states using the PSCI STAT interface. - Exit from low power state. The timestamp is captured after a standby or power up operation has completed. To calculate the number of cycles spent running code in Trusted Firmware one can perform the following calculation: (exit_psci - enter_psci) - (exit_low_pwr - enter_low_pwr). The resulting number of cycles can be converted to time given the frequency of the counter. Change-Id: Ie3b8f3d16409b6703747093b3a2d5c7429ad0166 Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
2016-09-19 11:18:44 +01:00
#if ENABLE_RUNTIME_INSTRUMENTATION
/*
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
* Read the timestamp value and store it in per-cpu data. The value
* will be extracted from per-cpu data by the C level SMC handler and
* saved to the PMF timestamp region.
Add PMF instrumentation points in TF In order to quantify the overall time spent in the PSCI software implementation, an initial collection of PMF instrumentation points has been added. Instrumentation has been added to the following code paths: - Entry to PSCI SMC handler. The timestamp is captured as early as possible during the runtime exception and stored in memory before entering the PSCI SMC handler. - Exit from PSCI SMC handler. The timestamp is captured after normal return from the PSCI SMC handler or if a low power state was requested it is captured in the bl31 warm boot path before return to normal world. - Entry to low power state. The timestamp is captured before entry to a low power state which implies either standby or power down. As these power states are mutually exclusive, only one timestamp is defined to describe both. It is possible to differentiate between the two power states using the PSCI STAT interface. - Exit from low power state. The timestamp is captured after a standby or power up operation has completed. To calculate the number of cycles spent running code in Trusted Firmware one can perform the following calculation: (exit_psci - enter_psci) - (exit_low_pwr - enter_low_pwr). The resulting number of cycles can be converted to time given the frequency of the counter. Change-Id: Ie3b8f3d16409b6703747093b3a2d5c7429ad0166 Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
2016-09-19 11:18:44 +01:00
*/
mrs x30, cntpct_el0
str x29, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X29]
mrs x29, tpidr_el3
str x30, [x29, #CPU_DATA_PMF_TS0_OFFSET]
ldr x29, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X29]
#endif
Introduce interrupt handling framework in BL3-1 This patch adds a common handler for FIQ and IRQ exceptions in the BL3-1 runtime exception vector table. This function determines the interrupt type and calls its handler. A crash is reported if an inconsistency in the interrupt management framework is detected. In the event of a spurious interrupt, execution resumes from the instruction where the interrupt was generated. This patch also removes 'cm_macros.S' as its contents have been moved to 'runtime_exceptions.S' Change-Id: I3c85ecf8eaf43a3fac429b119ed0bd706d2e2093
2014-05-09 11:07:09 +01:00
mrs x30, esr_el3
ubfx x30, x30, #ESR_EC_SHIFT, #ESR_EC_LENGTH
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
/* Handle SMC exceptions separately from other synchronous exceptions */
Introduce interrupt handling framework in BL3-1 This patch adds a common handler for FIQ and IRQ exceptions in the BL3-1 runtime exception vector table. This function determines the interrupt type and calls its handler. A crash is reported if an inconsistency in the interrupt management framework is detected. In the event of a spurious interrupt, execution resumes from the instruction where the interrupt was generated. This patch also removes 'cm_macros.S' as its contents have been moved to 'runtime_exceptions.S' Change-Id: I3c85ecf8eaf43a3fac429b119ed0bd706d2e2093
2014-05-09 11:07:09 +01:00
cmp x30, #EC_AARCH32_SMC
b.eq smc_handler32
cmp x30, #EC_AARCH64_SMC
b.eq smc_handler64
AArch64: Introduce External Abort handling At present, any External Abort routed to EL3 is reported as an unhandled exception and cause a panic. This patch enables ARM Trusted Firmware to handle External Aborts routed to EL3. With this patch, when an External Abort is received at EL3, its handling is delegated to plat_ea_handler() function. Platforms can provide their own implementation of this function. This patch adds a weak definition of the said function that prints out a message and just panics. In order to support handling External Aborts at EL3, the build option HANDLE_EA_EL3_FIRST must be set to 1. Before this patch, HANDLE_EA_EL3_FIRST wasn't passed down to compilation; this patch fixes that too. Change-Id: I4d07b7e65eb191ff72d63b909ae9512478cd01a1 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
2017-11-30 12:54:15 +00:00
/* Check for I/D aborts from lower EL */
cmp x30, #EC_IABORT_LOWER_EL
b.eq 1f
cmp x30, #EC_DABORT_LOWER_EL
b.ne 2f
1:
/* Test for EA bit in the instruction syndrome */
mrs x30, esr_el3
tbz x30, #ESR_ISS_EABORT_EA_BIT, 2f
handle_ea #ERROR_EA_SYNC
2:
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
/* Other kinds of synchronous exceptions are not handled */
Fix x30 reporting for unhandled exceptions Some error paths that lead to a crash dump will overwrite the value in the x30 register by calling functions with the no_ret macro, which resolves to a BL instruction. This is not very useful and not what the reader would expect, since a crash dump should usually show all registers in the state they were in when the exception happened. This patch replaces the offending function calls with a B instruction to preserve the value in x30. Change-Id: I2a3636f2943f79bab0cd911f89d070012e697c2a Signed-off-by: Julius Werner <jwerner@chromium.org>
2017-07-27 22:59:34 +01:00
ldr x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR]
b report_unhandled_exception
Introduce interrupt handling framework in BL3-1 This patch adds a common handler for FIQ and IRQ exceptions in the BL3-1 runtime exception vector table. This function determines the interrupt type and calls its handler. A crash is reported if an inconsistency in the interrupt management framework is detected. In the event of a spurious interrupt, execution resumes from the instruction where the interrupt was generated. This patch also removes 'cm_macros.S' as its contents have been moved to 'runtime_exceptions.S' Change-Id: I3c85ecf8eaf43a3fac429b119ed0bd706d2e2093
2014-05-09 11:07:09 +01:00
.endm
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
/* ---------------------------------------------------------------------
* This macro handles FIQ or IRQ interrupts i.e. EL3, S-EL1 and NS
* interrupts.
* ---------------------------------------------------------------------
Introduce interrupt handling framework in BL3-1 This patch adds a common handler for FIQ and IRQ exceptions in the BL3-1 runtime exception vector table. This function determines the interrupt type and calls its handler. A crash is reported if an inconsistency in the interrupt management framework is detected. In the event of a spurious interrupt, execution resumes from the instruction where the interrupt was generated. This patch also removes 'cm_macros.S' as its contents have been moved to 'runtime_exceptions.S' Change-Id: I3c85ecf8eaf43a3fac429b119ed0bd706d2e2093
2014-05-09 11:07:09 +01:00
*/
.macro handle_interrupt_exception label
Unmask SError interrupt and clear SCR_EL3.EA bit This patch disables routing of external aborts from lower exception levels to EL3 and ensures that a SError interrupt generated as a result of execution in EL3 is taken locally instead of a lower exception level. The SError interrupt is enabled in the TSP code only when the operation has not been directly initiated by the normal world. This is to prevent the possibility of an asynchronous external abort which originated in normal world from being taken when execution is in S-EL1. Fixes ARM-software/tf-issues#153 Change-Id: I157b996c75996d12fd86d27e98bc73dd8bce6cd5
2014-08-04 23:13:10 +01:00
/* Enable the SError interrupt */
msr daifclr, #DAIF_ABT_BIT
Introduce interrupt handling framework in BL3-1 This patch adds a common handler for FIQ and IRQ exceptions in the BL3-1 runtime exception vector table. This function determines the interrupt type and calls its handler. A crash is reported if an inconsistency in the interrupt management framework is detected. In the event of a spurious interrupt, execution resumes from the instruction where the interrupt was generated. This patch also removes 'cm_macros.S' as its contents have been moved to 'runtime_exceptions.S' Change-Id: I3c85ecf8eaf43a3fac429b119ed0bd706d2e2093
2014-05-09 11:07:09 +01:00
str x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR]
bl save_gp_registers
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
/* Save the EL3 system registers needed to return from this exception */
Fix handling of spurious interrupts in BL3_1 There are couple of issues with how the interrupt routing framework in BL3_1 handles spurious interrupts. 1. In the macro 'handle_interrupt_exception', if a spurious interrupt is detected by plat_ic_get_pending_interrupt_type(), then execution jumps to 'interrupt_exit_\label'. This macro uses the el3_exit() function to return to the original exception level. el3_exit() attempts to restore the SPSR_EL3 and ELR_EL3 registers with values from the current CPU context. Since these registers were not saved in this code path, it programs stale values into these registers. This leads to unpredictable behaviour after the execution of the ERET instruction. 2. When an interrupt is routed to EL3, it could be de-asserted before the GICC_HPPIR is read in plat_ic_get_pending_interrupt_type(). There could be another interrupt pending at the same time e.g. a non-secure interrupt. Its type will be returned instead of the original interrupt. This would result in a call to get_interrupt_type_handler(). The firmware will panic if the handler for this type of interrupt has not been registered. This patch fixes the first problem by saving SPSR_EL3 and ELR_EL3 early in the 'handle_interrupt_exception' macro, instead of only doing so once the validity of the interrupt has been determined. The second problem is fixed by returning execution back to the lower exception level through the 'interrupt_exit_\label' label instead of treating it as an error condition. The 'interrupt_error_\label' label has been removed since it is no longer used. Fixes ARM-software/tf-issues#305 Change-Id: I81c729a206d461084db501bb81b44dff435021e8
2015-05-13 17:57:18 +01:00
mrs x0, spsr_el3
mrs x1, elr_el3
stp x0, x1, [sp, #CTX_EL3STATE_OFFSET + CTX_SPSR_EL3]
Introduce interrupt handling framework in BL3-1 This patch adds a common handler for FIQ and IRQ exceptions in the BL3-1 runtime exception vector table. This function determines the interrupt type and calls its handler. A crash is reported if an inconsistency in the interrupt management framework is detected. In the event of a spurious interrupt, execution resumes from the instruction where the interrupt was generated. This patch also removes 'cm_macros.S' as its contents have been moved to 'runtime_exceptions.S' Change-Id: I3c85ecf8eaf43a3fac429b119ed0bd706d2e2093
2014-05-09 11:07:09 +01:00
/* Switch to the runtime stack i.e. SP_EL0 */
ldr x2, [sp, #CTX_EL3STATE_OFFSET + CTX_RUNTIME_SP]
mov x20, sp
msr spsel, #0
mov sp, x2
/*
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
* Find out whether this is a valid interrupt type.
* If the interrupt controller reports a spurious interrupt then return
* to where we came from.
Introduce interrupt handling framework in BL3-1 This patch adds a common handler for FIQ and IRQ exceptions in the BL3-1 runtime exception vector table. This function determines the interrupt type and calls its handler. A crash is reported if an inconsistency in the interrupt management framework is detected. In the event of a spurious interrupt, execution resumes from the instruction where the interrupt was generated. This patch also removes 'cm_macros.S' as its contents have been moved to 'runtime_exceptions.S' Change-Id: I3c85ecf8eaf43a3fac429b119ed0bd706d2e2093
2014-05-09 11:07:09 +01:00
*/
Further renames of platform porting functions Rename the ic_* platform porting functions to plat_ic_* to be consistent with the other functions in platform.h. Also rename bl31_get_next_image_info() to bl31_plat_get_next_image_ep_info() and remove the duplicate declaration in bl31.h. Change-Id: I4851842069d3cff14c0a468daacc0a891a7ede84
2014-05-27 16:17:21 +01:00
bl plat_ic_get_pending_interrupt_type
Introduce interrupt handling framework in BL3-1 This patch adds a common handler for FIQ and IRQ exceptions in the BL3-1 runtime exception vector table. This function determines the interrupt type and calls its handler. A crash is reported if an inconsistency in the interrupt management framework is detected. In the event of a spurious interrupt, execution resumes from the instruction where the interrupt was generated. This patch also removes 'cm_macros.S' as its contents have been moved to 'runtime_exceptions.S' Change-Id: I3c85ecf8eaf43a3fac429b119ed0bd706d2e2093
2014-05-09 11:07:09 +01:00
cmp x0, #INTR_TYPE_INVAL
b.eq interrupt_exit_\label
/*
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
* Get the registered handler for this interrupt type.
* A NULL return value could be 'cause of the following conditions:
Fix handling of spurious interrupts in BL3_1 There are couple of issues with how the interrupt routing framework in BL3_1 handles spurious interrupts. 1. In the macro 'handle_interrupt_exception', if a spurious interrupt is detected by plat_ic_get_pending_interrupt_type(), then execution jumps to 'interrupt_exit_\label'. This macro uses the el3_exit() function to return to the original exception level. el3_exit() attempts to restore the SPSR_EL3 and ELR_EL3 registers with values from the current CPU context. Since these registers were not saved in this code path, it programs stale values into these registers. This leads to unpredictable behaviour after the execution of the ERET instruction. 2. When an interrupt is routed to EL3, it could be de-asserted before the GICC_HPPIR is read in plat_ic_get_pending_interrupt_type(). There could be another interrupt pending at the same time e.g. a non-secure interrupt. Its type will be returned instead of the original interrupt. This would result in a call to get_interrupt_type_handler(). The firmware will panic if the handler for this type of interrupt has not been registered. This patch fixes the first problem by saving SPSR_EL3 and ELR_EL3 early in the 'handle_interrupt_exception' macro, instead of only doing so once the validity of the interrupt has been determined. The second problem is fixed by returning execution back to the lower exception level through the 'interrupt_exit_\label' label instead of treating it as an error condition. The 'interrupt_error_\label' label has been removed since it is no longer used. Fixes ARM-software/tf-issues#305 Change-Id: I81c729a206d461084db501bb81b44dff435021e8
2015-05-13 17:57:18 +01:00
*
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
* a. An interrupt of a type was routed correctly but a handler for its
* type was not registered.
Fix handling of spurious interrupts in BL3_1 There are couple of issues with how the interrupt routing framework in BL3_1 handles spurious interrupts. 1. In the macro 'handle_interrupt_exception', if a spurious interrupt is detected by plat_ic_get_pending_interrupt_type(), then execution jumps to 'interrupt_exit_\label'. This macro uses the el3_exit() function to return to the original exception level. el3_exit() attempts to restore the SPSR_EL3 and ELR_EL3 registers with values from the current CPU context. Since these registers were not saved in this code path, it programs stale values into these registers. This leads to unpredictable behaviour after the execution of the ERET instruction. 2. When an interrupt is routed to EL3, it could be de-asserted before the GICC_HPPIR is read in plat_ic_get_pending_interrupt_type(). There could be another interrupt pending at the same time e.g. a non-secure interrupt. Its type will be returned instead of the original interrupt. This would result in a call to get_interrupt_type_handler(). The firmware will panic if the handler for this type of interrupt has not been registered. This patch fixes the first problem by saving SPSR_EL3 and ELR_EL3 early in the 'handle_interrupt_exception' macro, instead of only doing so once the validity of the interrupt has been determined. The second problem is fixed by returning execution back to the lower exception level through the 'interrupt_exit_\label' label instead of treating it as an error condition. The 'interrupt_error_\label' label has been removed since it is no longer used. Fixes ARM-software/tf-issues#305 Change-Id: I81c729a206d461084db501bb81b44dff435021e8
2015-05-13 17:57:18 +01:00
*
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
* b. An interrupt of a type was not routed correctly so a handler for
* its type was not registered.
Fix handling of spurious interrupts in BL3_1 There are couple of issues with how the interrupt routing framework in BL3_1 handles spurious interrupts. 1. In the macro 'handle_interrupt_exception', if a spurious interrupt is detected by plat_ic_get_pending_interrupt_type(), then execution jumps to 'interrupt_exit_\label'. This macro uses the el3_exit() function to return to the original exception level. el3_exit() attempts to restore the SPSR_EL3 and ELR_EL3 registers with values from the current CPU context. Since these registers were not saved in this code path, it programs stale values into these registers. This leads to unpredictable behaviour after the execution of the ERET instruction. 2. When an interrupt is routed to EL3, it could be de-asserted before the GICC_HPPIR is read in plat_ic_get_pending_interrupt_type(). There could be another interrupt pending at the same time e.g. a non-secure interrupt. Its type will be returned instead of the original interrupt. This would result in a call to get_interrupt_type_handler(). The firmware will panic if the handler for this type of interrupt has not been registered. This patch fixes the first problem by saving SPSR_EL3 and ELR_EL3 early in the 'handle_interrupt_exception' macro, instead of only doing so once the validity of the interrupt has been determined. The second problem is fixed by returning execution back to the lower exception level through the 'interrupt_exit_\label' label instead of treating it as an error condition. The 'interrupt_error_\label' label has been removed since it is no longer used. Fixes ARM-software/tf-issues#305 Change-Id: I81c729a206d461084db501bb81b44dff435021e8
2015-05-13 17:57:18 +01:00
*
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
* c. An interrupt of a type was routed correctly to EL3, but was
* deasserted before its pending state could be read. Another
* interrupt of a different type pended at the same time and its
* type was reported as pending instead. However, a handler for this
* type was not registered.
Fix handling of spurious interrupts in BL3_1 There are couple of issues with how the interrupt routing framework in BL3_1 handles spurious interrupts. 1. In the macro 'handle_interrupt_exception', if a spurious interrupt is detected by plat_ic_get_pending_interrupt_type(), then execution jumps to 'interrupt_exit_\label'. This macro uses the el3_exit() function to return to the original exception level. el3_exit() attempts to restore the SPSR_EL3 and ELR_EL3 registers with values from the current CPU context. Since these registers were not saved in this code path, it programs stale values into these registers. This leads to unpredictable behaviour after the execution of the ERET instruction. 2. When an interrupt is routed to EL3, it could be de-asserted before the GICC_HPPIR is read in plat_ic_get_pending_interrupt_type(). There could be another interrupt pending at the same time e.g. a non-secure interrupt. Its type will be returned instead of the original interrupt. This would result in a call to get_interrupt_type_handler(). The firmware will panic if the handler for this type of interrupt has not been registered. This patch fixes the first problem by saving SPSR_EL3 and ELR_EL3 early in the 'handle_interrupt_exception' macro, instead of only doing so once the validity of the interrupt has been determined. The second problem is fixed by returning execution back to the lower exception level through the 'interrupt_exit_\label' label instead of treating it as an error condition. The 'interrupt_error_\label' label has been removed since it is no longer used. Fixes ARM-software/tf-issues#305 Change-Id: I81c729a206d461084db501bb81b44dff435021e8
2015-05-13 17:57:18 +01:00
*
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
* a. and b. can only happen due to a programming error. The
* occurrence of c. could be beyond the control of Trusted Firmware.
* It makes sense to return from this exception instead of reporting an
* error.
Introduce interrupt handling framework in BL3-1 This patch adds a common handler for FIQ and IRQ exceptions in the BL3-1 runtime exception vector table. This function determines the interrupt type and calls its handler. A crash is reported if an inconsistency in the interrupt management framework is detected. In the event of a spurious interrupt, execution resumes from the instruction where the interrupt was generated. This patch also removes 'cm_macros.S' as its contents have been moved to 'runtime_exceptions.S' Change-Id: I3c85ecf8eaf43a3fac429b119ed0bd706d2e2093
2014-05-09 11:07:09 +01:00
*/
bl get_interrupt_type_handler
Fix handling of spurious interrupts in BL3_1 There are couple of issues with how the interrupt routing framework in BL3_1 handles spurious interrupts. 1. In the macro 'handle_interrupt_exception', if a spurious interrupt is detected by plat_ic_get_pending_interrupt_type(), then execution jumps to 'interrupt_exit_\label'. This macro uses the el3_exit() function to return to the original exception level. el3_exit() attempts to restore the SPSR_EL3 and ELR_EL3 registers with values from the current CPU context. Since these registers were not saved in this code path, it programs stale values into these registers. This leads to unpredictable behaviour after the execution of the ERET instruction. 2. When an interrupt is routed to EL3, it could be de-asserted before the GICC_HPPIR is read in plat_ic_get_pending_interrupt_type(). There could be another interrupt pending at the same time e.g. a non-secure interrupt. Its type will be returned instead of the original interrupt. This would result in a call to get_interrupt_type_handler(). The firmware will panic if the handler for this type of interrupt has not been registered. This patch fixes the first problem by saving SPSR_EL3 and ELR_EL3 early in the 'handle_interrupt_exception' macro, instead of only doing so once the validity of the interrupt has been determined. The second problem is fixed by returning execution back to the lower exception level through the 'interrupt_exit_\label' label instead of treating it as an error condition. The 'interrupt_error_\label' label has been removed since it is no longer used. Fixes ARM-software/tf-issues#305 Change-Id: I81c729a206d461084db501bb81b44dff435021e8
2015-05-13 17:57:18 +01:00
cbz x0, interrupt_exit_\label
Introduce interrupt handling framework in BL3-1 This patch adds a common handler for FIQ and IRQ exceptions in the BL3-1 runtime exception vector table. This function determines the interrupt type and calls its handler. A crash is reported if an inconsistency in the interrupt management framework is detected. In the event of a spurious interrupt, execution resumes from the instruction where the interrupt was generated. This patch also removes 'cm_macros.S' as its contents have been moved to 'runtime_exceptions.S' Change-Id: I3c85ecf8eaf43a3fac429b119ed0bd706d2e2093
2014-05-09 11:07:09 +01:00
mov x21, x0
mov x0, #INTR_ID_UNAVAILABLE
/* Set the current security state in the 'flags' parameter */
mrs x2, scr_el3
ubfx x1, x2, #0, #1
/* Restore the reference to the 'handle' i.e. SP_EL3 */
mov x2, x20
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
/* x3 will point to a cookie (not used now) */
Pass 'cookie' parameter to interrupt handler in BL3-1 The interrupt handling routine in BL3-1 expects a cookie as its last parameter which was not being passed when invoking the interrupt handler in BL3-1. This patch fixes that by passing a dummy cookie parameter in the x3 register. Fixes ARM-software/tf-issues#171 Change-Id: Ic98abbbd9f849e6f1c55343e865b5e0a4904a1c5
2014-05-27 16:54:31 +01:00
mov x3, xzr
Introduce interrupt handling framework in BL3-1 This patch adds a common handler for FIQ and IRQ exceptions in the BL3-1 runtime exception vector table. This function determines the interrupt type and calls its handler. A crash is reported if an inconsistency in the interrupt management framework is detected. In the event of a spurious interrupt, execution resumes from the instruction where the interrupt was generated. This patch also removes 'cm_macros.S' as its contents have been moved to 'runtime_exceptions.S' Change-Id: I3c85ecf8eaf43a3fac429b119ed0bd706d2e2093
2014-05-09 11:07:09 +01:00
/* Call the interrupt type handler */
blr x21
interrupt_exit_\label:
/* Return from exception, possibly in a different security state */
b el3_exit
.endm
Introduce some helper macros for exception vectors This patch introduces some assembler macros to simplify the declaration of the exception vectors. It abstracts the section the exception code is put into as well as the alignments constraints mandated by the ARMv8 architecture. For all TF images, the exception code has been updated to make use of these macros. This patch also updates some invalid comments in the exception vector code. Change-Id: I35737b8f1c8c24b6da89b0a954c8152a4096fa95
2016-05-24 16:56:03 +01:00
vector_base runtime_exceptions
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
/* ---------------------------------------------------------------------
* Current EL with SP_EL0 : 0x0 - 0x200
* ---------------------------------------------------------------------
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
*/
Introduce some helper macros for exception vectors This patch introduces some assembler macros to simplify the declaration of the exception vectors. It abstracts the section the exception code is put into as well as the alignments constraints mandated by the ARMv8 architecture. For all TF images, the exception code has been updated to make use of these macros. This patch also updates some invalid comments in the exception vector code. Change-Id: I35737b8f1c8c24b6da89b0a954c8152a4096fa95
2016-05-24 16:56:03 +01:00
vector_entry sync_exception_sp_el0
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
/* We don't expect any synchronous exceptions from EL3 */
Fix x30 reporting for unhandled exceptions Some error paths that lead to a crash dump will overwrite the value in the x30 register by calling functions with the no_ret macro, which resolves to a BL instruction. This is not very useful and not what the reader would expect, since a crash dump should usually show all registers in the state they were in when the exception happened. This patch replaces the offending function calls with a B instruction to preserve the value in x30. Change-Id: I2a3636f2943f79bab0cd911f89d070012e697c2a Signed-off-by: Julius Werner <jwerner@chromium.org>
2017-07-27 22:59:34 +01:00
b report_unhandled_exception
Add exception vector guards This patch adds guards so that an exception vector exceeding 32 instructions will generate a compile-time error. This keeps the exception handlers in check from spilling over. Change-Id: I7aa56dd0071a333664e2814c656d3896032046fe
2014-02-07 15:53:18 +00:00
check_vector_size sync_exception_sp_el0
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
Introduce some helper macros for exception vectors This patch introduces some assembler macros to simplify the declaration of the exception vectors. It abstracts the section the exception code is put into as well as the alignments constraints mandated by the ARMv8 architecture. For all TF images, the exception code has been updated to make use of these macros. This patch also updates some invalid comments in the exception vector code. Change-Id: I35737b8f1c8c24b6da89b0a954c8152a4096fa95
2016-05-24 16:56:03 +01:00
vector_entry irq_sp_el0
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
/*
* EL3 code is non-reentrant. Any asynchronous exception is a serious
* error. Loop infinitely.
*/
Fix x30 reporting for unhandled exceptions Some error paths that lead to a crash dump will overwrite the value in the x30 register by calling functions with the no_ret macro, which resolves to a BL instruction. This is not very useful and not what the reader would expect, since a crash dump should usually show all registers in the state they were in when the exception happened. This patch replaces the offending function calls with a B instruction to preserve the value in x30. Change-Id: I2a3636f2943f79bab0cd911f89d070012e697c2a Signed-off-by: Julius Werner <jwerner@chromium.org>
2017-07-27 22:59:34 +01:00
b report_unhandled_interrupt
Add exception vector guards This patch adds guards so that an exception vector exceeding 32 instructions will generate a compile-time error. This keeps the exception handlers in check from spilling over. Change-Id: I7aa56dd0071a333664e2814c656d3896032046fe
2014-02-07 15:53:18 +00:00
check_vector_size irq_sp_el0
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
Introduce some helper macros for exception vectors This patch introduces some assembler macros to simplify the declaration of the exception vectors. It abstracts the section the exception code is put into as well as the alignments constraints mandated by the ARMv8 architecture. For all TF images, the exception code has been updated to make use of these macros. This patch also updates some invalid comments in the exception vector code. Change-Id: I35737b8f1c8c24b6da89b0a954c8152a4096fa95
2016-05-24 16:56:03 +01:00
vector_entry fiq_sp_el0
Fix x30 reporting for unhandled exceptions Some error paths that lead to a crash dump will overwrite the value in the x30 register by calling functions with the no_ret macro, which resolves to a BL instruction. This is not very useful and not what the reader would expect, since a crash dump should usually show all registers in the state they were in when the exception happened. This patch replaces the offending function calls with a B instruction to preserve the value in x30. Change-Id: I2a3636f2943f79bab0cd911f89d070012e697c2a Signed-off-by: Julius Werner <jwerner@chromium.org>
2017-07-27 22:59:34 +01:00
b report_unhandled_interrupt
Add exception vector guards This patch adds guards so that an exception vector exceeding 32 instructions will generate a compile-time error. This keeps the exception handlers in check from spilling over. Change-Id: I7aa56dd0071a333664e2814c656d3896032046fe
2014-02-07 15:53:18 +00:00
check_vector_size fiq_sp_el0
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
Introduce some helper macros for exception vectors This patch introduces some assembler macros to simplify the declaration of the exception vectors. It abstracts the section the exception code is put into as well as the alignments constraints mandated by the ARMv8 architecture. For all TF images, the exception code has been updated to make use of these macros. This patch also updates some invalid comments in the exception vector code. Change-Id: I35737b8f1c8c24b6da89b0a954c8152a4096fa95
2016-05-24 16:56:03 +01:00
vector_entry serror_sp_el0
Fix x30 reporting for unhandled exceptions Some error paths that lead to a crash dump will overwrite the value in the x30 register by calling functions with the no_ret macro, which resolves to a BL instruction. This is not very useful and not what the reader would expect, since a crash dump should usually show all registers in the state they were in when the exception happened. This patch replaces the offending function calls with a B instruction to preserve the value in x30. Change-Id: I2a3636f2943f79bab0cd911f89d070012e697c2a Signed-off-by: Julius Werner <jwerner@chromium.org>
2017-07-27 22:59:34 +01:00
b report_unhandled_exception
Add exception vector guards This patch adds guards so that an exception vector exceeding 32 instructions will generate a compile-time error. This keeps the exception handlers in check from spilling over. Change-Id: I7aa56dd0071a333664e2814c656d3896032046fe
2014-02-07 15:53:18 +00:00
check_vector_size serror_sp_el0
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
/* ---------------------------------------------------------------------
* Current EL with SP_ELx: 0x200 - 0x400
* ---------------------------------------------------------------------
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
*/
Introduce some helper macros for exception vectors This patch introduces some assembler macros to simplify the declaration of the exception vectors. It abstracts the section the exception code is put into as well as the alignments constraints mandated by the ARMv8 architecture. For all TF images, the exception code has been updated to make use of these macros. This patch also updates some invalid comments in the exception vector code. Change-Id: I35737b8f1c8c24b6da89b0a954c8152a4096fa95
2016-05-24 16:56:03 +01:00
vector_entry sync_exception_sp_elx
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
/*
* This exception will trigger if anything went wrong during a previous
* exception entry or exit or while handling an earlier unexpected
* synchronous exception. There is a high probability that SP_EL3 is
* corrupted.
Add support for handling runtime service requests This patch uses the reworked exception handling support to handle runtime service requests through SMCs following the SMC calling convention. This is a giant commit since all the changes are inter-related. It does the following: 1. Replace the old exception handling mechanism with the new one 2. Enforce that SP_EL0 is used C runtime stacks. 3. Ensures that the cold and warm boot paths use the 'cpu_context' structure to program an ERET into the next lower EL. 4. Ensures that SP_EL3 always points to the next 'cpu_context' structure prior to an ERET into the next lower EL 5. Introduces a PSCI SMC handler which completes the use of PSCI as a runtime service Change-Id: I661797f834c0803d2c674d20f504df1b04c2b852 Co-authored-by: Achin Gupta <achin.gupta@arm.com>
2014-02-06 10:36:15 +00:00
*/
Fix x30 reporting for unhandled exceptions Some error paths that lead to a crash dump will overwrite the value in the x30 register by calling functions with the no_ret macro, which resolves to a BL instruction. This is not very useful and not what the reader would expect, since a crash dump should usually show all registers in the state they were in when the exception happened. This patch replaces the offending function calls with a B instruction to preserve the value in x30. Change-Id: I2a3636f2943f79bab0cd911f89d070012e697c2a Signed-off-by: Julius Werner <jwerner@chromium.org>
2017-07-27 22:59:34 +01:00
b report_unhandled_exception
Add exception vector guards This patch adds guards so that an exception vector exceeding 32 instructions will generate a compile-time error. This keeps the exception handlers in check from spilling over. Change-Id: I7aa56dd0071a333664e2814c656d3896032046fe
2014-02-07 15:53:18 +00:00
check_vector_size sync_exception_sp_elx
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
Introduce some helper macros for exception vectors This patch introduces some assembler macros to simplify the declaration of the exception vectors. It abstracts the section the exception code is put into as well as the alignments constraints mandated by the ARMv8 architecture. For all TF images, the exception code has been updated to make use of these macros. This patch also updates some invalid comments in the exception vector code. Change-Id: I35737b8f1c8c24b6da89b0a954c8152a4096fa95
2016-05-24 16:56:03 +01:00
vector_entry irq_sp_elx
Fix x30 reporting for unhandled exceptions Some error paths that lead to a crash dump will overwrite the value in the x30 register by calling functions with the no_ret macro, which resolves to a BL instruction. This is not very useful and not what the reader would expect, since a crash dump should usually show all registers in the state they were in when the exception happened. This patch replaces the offending function calls with a B instruction to preserve the value in x30. Change-Id: I2a3636f2943f79bab0cd911f89d070012e697c2a Signed-off-by: Julius Werner <jwerner@chromium.org>
2017-07-27 22:59:34 +01:00
b report_unhandled_interrupt
Add exception vector guards This patch adds guards so that an exception vector exceeding 32 instructions will generate a compile-time error. This keeps the exception handlers in check from spilling over. Change-Id: I7aa56dd0071a333664e2814c656d3896032046fe
2014-02-07 15:53:18 +00:00
check_vector_size irq_sp_elx
Introduce some helper macros for exception vectors This patch introduces some assembler macros to simplify the declaration of the exception vectors. It abstracts the section the exception code is put into as well as the alignments constraints mandated by the ARMv8 architecture. For all TF images, the exception code has been updated to make use of these macros. This patch also updates some invalid comments in the exception vector code. Change-Id: I35737b8f1c8c24b6da89b0a954c8152a4096fa95
2016-05-24 16:56:03 +01:00
vector_entry fiq_sp_elx
Fix x30 reporting for unhandled exceptions Some error paths that lead to a crash dump will overwrite the value in the x30 register by calling functions with the no_ret macro, which resolves to a BL instruction. This is not very useful and not what the reader would expect, since a crash dump should usually show all registers in the state they were in when the exception happened. This patch replaces the offending function calls with a B instruction to preserve the value in x30. Change-Id: I2a3636f2943f79bab0cd911f89d070012e697c2a Signed-off-by: Julius Werner <jwerner@chromium.org>
2017-07-27 22:59:34 +01:00
b report_unhandled_interrupt
Add exception vector guards This patch adds guards so that an exception vector exceeding 32 instructions will generate a compile-time error. This keeps the exception handlers in check from spilling over. Change-Id: I7aa56dd0071a333664e2814c656d3896032046fe
2014-02-07 15:53:18 +00:00
check_vector_size fiq_sp_elx
Introduce some helper macros for exception vectors This patch introduces some assembler macros to simplify the declaration of the exception vectors. It abstracts the section the exception code is put into as well as the alignments constraints mandated by the ARMv8 architecture. For all TF images, the exception code has been updated to make use of these macros. This patch also updates some invalid comments in the exception vector code. Change-Id: I35737b8f1c8c24b6da89b0a954c8152a4096fa95
2016-05-24 16:56:03 +01:00
vector_entry serror_sp_elx
Fix x30 reporting for unhandled exceptions Some error paths that lead to a crash dump will overwrite the value in the x30 register by calling functions with the no_ret macro, which resolves to a BL instruction. This is not very useful and not what the reader would expect, since a crash dump should usually show all registers in the state they were in when the exception happened. This patch replaces the offending function calls with a B instruction to preserve the value in x30. Change-Id: I2a3636f2943f79bab0cd911f89d070012e697c2a Signed-off-by: Julius Werner <jwerner@chromium.org>
2017-07-27 22:59:34 +01:00
b report_unhandled_exception
Add exception vector guards This patch adds guards so that an exception vector exceeding 32 instructions will generate a compile-time error. This keeps the exception handlers in check from spilling over. Change-Id: I7aa56dd0071a333664e2814c656d3896032046fe
2014-02-07 15:53:18 +00:00
check_vector_size serror_sp_elx
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
/* ---------------------------------------------------------------------
Miscellaneous documentation fixes This patch gathers miscellaneous minor fixes to the documentation, and comments in the source code. Change-Id: I631e3dda5abafa2d90f464edaee069a1e58b751b Co-Authored-By: Soby Mathew <soby.mathew@arm.com> Co-Authored-By: Dan Handley <dan.handley@arm.com>
2014-08-06 11:27:23 +01:00
* Lower EL using AArch64 : 0x400 - 0x600
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
* ---------------------------------------------------------------------
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
*/
Introduce some helper macros for exception vectors This patch introduces some assembler macros to simplify the declaration of the exception vectors. It abstracts the section the exception code is put into as well as the alignments constraints mandated by the ARMv8 architecture. For all TF images, the exception code has been updated to make use of these macros. This patch also updates some invalid comments in the exception vector code. Change-Id: I35737b8f1c8c24b6da89b0a954c8152a4096fa95
2016-05-24 16:56:03 +01:00
vector_entry sync_exception_aarch64
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
/*
* This exception vector will be the entry point for SMCs and traps
* that are unhandled at lower ELs most commonly. SP_EL3 should point
* to a valid cpu context where the general purpose and system register
* state can be saved.
Add support for handling runtime service requests This patch uses the reworked exception handling support to handle runtime service requests through SMCs following the SMC calling convention. This is a giant commit since all the changes are inter-related. It does the following: 1. Replace the old exception handling mechanism with the new one 2. Enforce that SP_EL0 is used C runtime stacks. 3. Ensures that the cold and warm boot paths use the 'cpu_context' structure to program an ERET into the next lower EL. 4. Ensures that SP_EL3 always points to the next 'cpu_context' structure prior to an ERET into the next lower EL 5. Introduces a PSCI SMC handler which completes the use of PSCI as a runtime service Change-Id: I661797f834c0803d2c674d20f504df1b04c2b852 Co-authored-by: Achin Gupta <achin.gupta@arm.com>
2014-02-06 10:36:15 +00:00
*/
handle_sync_exception
Add exception vector guards This patch adds guards so that an exception vector exceeding 32 instructions will generate a compile-time error. This keeps the exception handlers in check from spilling over. Change-Id: I7aa56dd0071a333664e2814c656d3896032046fe
2014-02-07 15:53:18 +00:00
check_vector_size sync_exception_aarch64
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
Introduce some helper macros for exception vectors This patch introduces some assembler macros to simplify the declaration of the exception vectors. It abstracts the section the exception code is put into as well as the alignments constraints mandated by the ARMv8 architecture. For all TF images, the exception code has been updated to make use of these macros. This patch also updates some invalid comments in the exception vector code. Change-Id: I35737b8f1c8c24b6da89b0a954c8152a4096fa95
2016-05-24 16:56:03 +01:00
vector_entry irq_aarch64
Introduce interrupt handling framework in BL3-1 This patch adds a common handler for FIQ and IRQ exceptions in the BL3-1 runtime exception vector table. This function determines the interrupt type and calls its handler. A crash is reported if an inconsistency in the interrupt management framework is detected. In the event of a spurious interrupt, execution resumes from the instruction where the interrupt was generated. This patch also removes 'cm_macros.S' as its contents have been moved to 'runtime_exceptions.S' Change-Id: I3c85ecf8eaf43a3fac429b119ed0bd706d2e2093
2014-05-09 11:07:09 +01:00
handle_interrupt_exception irq_aarch64
Add exception vector guards This patch adds guards so that an exception vector exceeding 32 instructions will generate a compile-time error. This keeps the exception handlers in check from spilling over. Change-Id: I7aa56dd0071a333664e2814c656d3896032046fe
2014-02-07 15:53:18 +00:00
check_vector_size irq_aarch64
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
Introduce some helper macros for exception vectors This patch introduces some assembler macros to simplify the declaration of the exception vectors. It abstracts the section the exception code is put into as well as the alignments constraints mandated by the ARMv8 architecture. For all TF images, the exception code has been updated to make use of these macros. This patch also updates some invalid comments in the exception vector code. Change-Id: I35737b8f1c8c24b6da89b0a954c8152a4096fa95
2016-05-24 16:56:03 +01:00
vector_entry fiq_aarch64
Introduce interrupt handling framework in BL3-1 This patch adds a common handler for FIQ and IRQ exceptions in the BL3-1 runtime exception vector table. This function determines the interrupt type and calls its handler. A crash is reported if an inconsistency in the interrupt management framework is detected. In the event of a spurious interrupt, execution resumes from the instruction where the interrupt was generated. This patch also removes 'cm_macros.S' as its contents have been moved to 'runtime_exceptions.S' Change-Id: I3c85ecf8eaf43a3fac429b119ed0bd706d2e2093
2014-05-09 11:07:09 +01:00
handle_interrupt_exception fiq_aarch64
Add exception vector guards This patch adds guards so that an exception vector exceeding 32 instructions will generate a compile-time error. This keeps the exception handlers in check from spilling over. Change-Id: I7aa56dd0071a333664e2814c656d3896032046fe
2014-02-07 15:53:18 +00:00
check_vector_size fiq_aarch64
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
Introduce some helper macros for exception vectors This patch introduces some assembler macros to simplify the declaration of the exception vectors. It abstracts the section the exception code is put into as well as the alignments constraints mandated by the ARMv8 architecture. For all TF images, the exception code has been updated to make use of these macros. This patch also updates some invalid comments in the exception vector code. Change-Id: I35737b8f1c8c24b6da89b0a954c8152a4096fa95
2016-05-24 16:56:03 +01:00
vector_entry serror_aarch64
AArch64: Introduce External Abort handling At present, any External Abort routed to EL3 is reported as an unhandled exception and cause a panic. This patch enables ARM Trusted Firmware to handle External Aborts routed to EL3. With this patch, when an External Abort is received at EL3, its handling is delegated to plat_ea_handler() function. Platforms can provide their own implementation of this function. This patch adds a weak definition of the said function that prints out a message and just panics. In order to support handling External Aborts at EL3, the build option HANDLE_EA_EL3_FIRST must be set to 1. Before this patch, HANDLE_EA_EL3_FIRST wasn't passed down to compilation; this patch fixes that too. Change-Id: I4d07b7e65eb191ff72d63b909ae9512478cd01a1 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
2017-11-30 12:54:15 +00:00
msr daifclr, #DAIF_ABT_BIT
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
/*
AArch64: Introduce External Abort handling At present, any External Abort routed to EL3 is reported as an unhandled exception and cause a panic. This patch enables ARM Trusted Firmware to handle External Aborts routed to EL3. With this patch, when an External Abort is received at EL3, its handling is delegated to plat_ea_handler() function. Platforms can provide their own implementation of this function. This patch adds a weak definition of the said function that prints out a message and just panics. In order to support handling External Aborts at EL3, the build option HANDLE_EA_EL3_FIRST must be set to 1. Before this patch, HANDLE_EA_EL3_FIRST wasn't passed down to compilation; this patch fixes that too. Change-Id: I4d07b7e65eb191ff72d63b909ae9512478cd01a1 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
2017-11-30 12:54:15 +00:00
* Explicitly save x30 so as to free up a register and to enable
* branching
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
*/
AArch64: Introduce External Abort handling At present, any External Abort routed to EL3 is reported as an unhandled exception and cause a panic. This patch enables ARM Trusted Firmware to handle External Aborts routed to EL3. With this patch, when an External Abort is received at EL3, its handling is delegated to plat_ea_handler() function. Platforms can provide their own implementation of this function. This patch adds a weak definition of the said function that prints out a message and just panics. In order to support handling External Aborts at EL3, the build option HANDLE_EA_EL3_FIRST must be set to 1. Before this patch, HANDLE_EA_EL3_FIRST wasn't passed down to compilation; this patch fixes that too. Change-Id: I4d07b7e65eb191ff72d63b909ae9512478cd01a1 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
2017-11-30 12:54:15 +00:00
str x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR]
handle_ea #ERROR_EA_ASYNC
Add exception vector guards This patch adds guards so that an exception vector exceeding 32 instructions will generate a compile-time error. This keeps the exception handlers in check from spilling over. Change-Id: I7aa56dd0071a333664e2814c656d3896032046fe
2014-02-07 15:53:18 +00:00
check_vector_size serror_aarch64
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
/* ---------------------------------------------------------------------
Miscellaneous documentation fixes This patch gathers miscellaneous minor fixes to the documentation, and comments in the source code. Change-Id: I631e3dda5abafa2d90f464edaee069a1e58b751b Co-Authored-By: Soby Mathew <soby.mathew@arm.com> Co-Authored-By: Dan Handley <dan.handley@arm.com>
2014-08-06 11:27:23 +01:00
* Lower EL using AArch32 : 0x600 - 0x800
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
* ---------------------------------------------------------------------
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
*/
Introduce some helper macros for exception vectors This patch introduces some assembler macros to simplify the declaration of the exception vectors. It abstracts the section the exception code is put into as well as the alignments constraints mandated by the ARMv8 architecture. For all TF images, the exception code has been updated to make use of these macros. This patch also updates some invalid comments in the exception vector code. Change-Id: I35737b8f1c8c24b6da89b0a954c8152a4096fa95
2016-05-24 16:56:03 +01:00
vector_entry sync_exception_aarch32
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
/*
* This exception vector will be the entry point for SMCs and traps
* that are unhandled at lower ELs most commonly. SP_EL3 should point
* to a valid cpu context where the general purpose and system register
* state can be saved.
Add support for handling runtime service requests This patch uses the reworked exception handling support to handle runtime service requests through SMCs following the SMC calling convention. This is a giant commit since all the changes are inter-related. It does the following: 1. Replace the old exception handling mechanism with the new one 2. Enforce that SP_EL0 is used C runtime stacks. 3. Ensures that the cold and warm boot paths use the 'cpu_context' structure to program an ERET into the next lower EL. 4. Ensures that SP_EL3 always points to the next 'cpu_context' structure prior to an ERET into the next lower EL 5. Introduces a PSCI SMC handler which completes the use of PSCI as a runtime service Change-Id: I661797f834c0803d2c674d20f504df1b04c2b852 Co-authored-by: Achin Gupta <achin.gupta@arm.com>
2014-02-06 10:36:15 +00:00
*/
handle_sync_exception
Add exception vector guards This patch adds guards so that an exception vector exceeding 32 instructions will generate a compile-time error. This keeps the exception handlers in check from spilling over. Change-Id: I7aa56dd0071a333664e2814c656d3896032046fe
2014-02-07 15:53:18 +00:00
check_vector_size sync_exception_aarch32
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
Introduce some helper macros for exception vectors This patch introduces some assembler macros to simplify the declaration of the exception vectors. It abstracts the section the exception code is put into as well as the alignments constraints mandated by the ARMv8 architecture. For all TF images, the exception code has been updated to make use of these macros. This patch also updates some invalid comments in the exception vector code. Change-Id: I35737b8f1c8c24b6da89b0a954c8152a4096fa95
2016-05-24 16:56:03 +01:00
vector_entry irq_aarch32
Introduce interrupt handling framework in BL3-1 This patch adds a common handler for FIQ and IRQ exceptions in the BL3-1 runtime exception vector table. This function determines the interrupt type and calls its handler. A crash is reported if an inconsistency in the interrupt management framework is detected. In the event of a spurious interrupt, execution resumes from the instruction where the interrupt was generated. This patch also removes 'cm_macros.S' as its contents have been moved to 'runtime_exceptions.S' Change-Id: I3c85ecf8eaf43a3fac429b119ed0bd706d2e2093
2014-05-09 11:07:09 +01:00
handle_interrupt_exception irq_aarch32
Add exception vector guards This patch adds guards so that an exception vector exceeding 32 instructions will generate a compile-time error. This keeps the exception handlers in check from spilling over. Change-Id: I7aa56dd0071a333664e2814c656d3896032046fe
2014-02-07 15:53:18 +00:00
check_vector_size irq_aarch32
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
Introduce some helper macros for exception vectors This patch introduces some assembler macros to simplify the declaration of the exception vectors. It abstracts the section the exception code is put into as well as the alignments constraints mandated by the ARMv8 architecture. For all TF images, the exception code has been updated to make use of these macros. This patch also updates some invalid comments in the exception vector code. Change-Id: I35737b8f1c8c24b6da89b0a954c8152a4096fa95
2016-05-24 16:56:03 +01:00
vector_entry fiq_aarch32
Introduce interrupt handling framework in BL3-1 This patch adds a common handler for FIQ and IRQ exceptions in the BL3-1 runtime exception vector table. This function determines the interrupt type and calls its handler. A crash is reported if an inconsistency in the interrupt management framework is detected. In the event of a spurious interrupt, execution resumes from the instruction where the interrupt was generated. This patch also removes 'cm_macros.S' as its contents have been moved to 'runtime_exceptions.S' Change-Id: I3c85ecf8eaf43a3fac429b119ed0bd706d2e2093
2014-05-09 11:07:09 +01:00
handle_interrupt_exception fiq_aarch32
Add exception vector guards This patch adds guards so that an exception vector exceeding 32 instructions will generate a compile-time error. This keeps the exception handlers in check from spilling over. Change-Id: I7aa56dd0071a333664e2814c656d3896032046fe
2014-02-07 15:53:18 +00:00
check_vector_size fiq_aarch32
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
Introduce some helper macros for exception vectors This patch introduces some assembler macros to simplify the declaration of the exception vectors. It abstracts the section the exception code is put into as well as the alignments constraints mandated by the ARMv8 architecture. For all TF images, the exception code has been updated to make use of these macros. This patch also updates some invalid comments in the exception vector code. Change-Id: I35737b8f1c8c24b6da89b0a954c8152a4096fa95
2016-05-24 16:56:03 +01:00
vector_entry serror_aarch32
AArch64: Introduce External Abort handling At present, any External Abort routed to EL3 is reported as an unhandled exception and cause a panic. This patch enables ARM Trusted Firmware to handle External Aborts routed to EL3. With this patch, when an External Abort is received at EL3, its handling is delegated to plat_ea_handler() function. Platforms can provide their own implementation of this function. This patch adds a weak definition of the said function that prints out a message and just panics. In order to support handling External Aborts at EL3, the build option HANDLE_EA_EL3_FIRST must be set to 1. Before this patch, HANDLE_EA_EL3_FIRST wasn't passed down to compilation; this patch fixes that too. Change-Id: I4d07b7e65eb191ff72d63b909ae9512478cd01a1 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
2017-11-30 12:54:15 +00:00
msr daifclr, #DAIF_ABT_BIT
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
/*
AArch64: Introduce External Abort handling At present, any External Abort routed to EL3 is reported as an unhandled exception and cause a panic. This patch enables ARM Trusted Firmware to handle External Aborts routed to EL3. With this patch, when an External Abort is received at EL3, its handling is delegated to plat_ea_handler() function. Platforms can provide their own implementation of this function. This patch adds a weak definition of the said function that prints out a message and just panics. In order to support handling External Aborts at EL3, the build option HANDLE_EA_EL3_FIRST must be set to 1. Before this patch, HANDLE_EA_EL3_FIRST wasn't passed down to compilation; this patch fixes that too. Change-Id: I4d07b7e65eb191ff72d63b909ae9512478cd01a1 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
2017-11-30 12:54:15 +00:00
* Explicitly save x30 so as to free up a register and to enable
* branching
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
*/
AArch64: Introduce External Abort handling At present, any External Abort routed to EL3 is reported as an unhandled exception and cause a panic. This patch enables ARM Trusted Firmware to handle External Aborts routed to EL3. With this patch, when an External Abort is received at EL3, its handling is delegated to plat_ea_handler() function. Platforms can provide their own implementation of this function. This patch adds a weak definition of the said function that prints out a message and just panics. In order to support handling External Aborts at EL3, the build option HANDLE_EA_EL3_FIRST must be set to 1. Before this patch, HANDLE_EA_EL3_FIRST wasn't passed down to compilation; this patch fixes that too. Change-Id: I4d07b7e65eb191ff72d63b909ae9512478cd01a1 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
2017-11-30 12:54:15 +00:00
str x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR]
handle_ea #ERROR_EA_ASYNC
Add exception vector guards This patch adds guards so that an exception vector exceeding 32 instructions will generate a compile-time error. This keeps the exception handlers in check from spilling over. Change-Id: I7aa56dd0071a333664e2814c656d3896032046fe
2014-02-07 15:53:18 +00:00
check_vector_size serror_aarch32
Add support for handling runtime service requests This patch uses the reworked exception handling support to handle runtime service requests through SMCs following the SMC calling convention. This is a giant commit since all the changes are inter-related. It does the following: 1. Replace the old exception handling mechanism with the new one 2. Enforce that SP_EL0 is used C runtime stacks. 3. Ensures that the cold and warm boot paths use the 'cpu_context' structure to program an ERET into the next lower EL. 4. Ensures that SP_EL3 always points to the next 'cpu_context' structure prior to an ERET into the next lower EL 5. Introduces a PSCI SMC handler which completes the use of PSCI as a runtime service Change-Id: I661797f834c0803d2c674d20f504df1b04c2b852 Co-authored-by: Achin Gupta <achin.gupta@arm.com>
2014-02-06 10:36:15 +00:00
Add support for the SMC Calling Convention 2.0 Due to differences in the bitfields of the SMC IDs, it is not possible to support SMCCC 1.X and 2.0 at the same time. The behaviour of `SMCCC_MAJOR_VERSION` has changed. Now, it is a build option that specifies the major version of the SMCCC that the Trusted Firmware supports. The only two allowed values are 1 and 2, and it defaults to 1. The value of `SMCCC_MINOR_VERSION` is derived from it. Note: Support for SMCCC v2.0 is an experimental feature to enable prototyping of secure partition specifications. Support for this convention is disabled by default and could be removed without notice. Change-Id: I88abf9ccf08e9c66a13ce55c890edea54d9f16a7 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-04-23 15:43:29 +01:00
/* ---------------------------------------------------------------------
* This macro takes an argument in x16 that is the index in the
* 'rt_svc_descs_indices' array, checks that the value in the array is
* valid, and loads in x15 the pointer to the handler of that service.
* ---------------------------------------------------------------------
*/
.macro load_rt_svc_desc_pointer
/* Load descriptor index from array of indices */
adr x14, rt_svc_descs_indices
ldrb w15, [x14, x16]
#if SMCCC_MAJOR_VERSION == 1
/* Any index greater than 127 is invalid. Check bit 7. */
tbnz w15, 7, smc_unknown
#elif SMCCC_MAJOR_VERSION == 2
/* Verify that the top 3 bits of the loaded index are 0 (w15 <= 31) */
cmp w15, #31
b.hi smc_unknown
#endif /* SMCCC_MAJOR_VERSION */
/*
* Get the descriptor using the index
* x11 = (base + off), w15 = index
*
* handler = (base + off) + (index << log2(size))
*/
adr x11, (__RT_SVC_DESCS_START__ + RT_SVC_DESC_HANDLE)
lsl w10, w15, #RT_SVC_SIZE_LOG2
ldr x15, [x11, w10, uxtw]
.endm
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
/* ---------------------------------------------------------------------
Add support for handling runtime service requests This patch uses the reworked exception handling support to handle runtime service requests through SMCs following the SMC calling convention. This is a giant commit since all the changes are inter-related. It does the following: 1. Replace the old exception handling mechanism with the new one 2. Enforce that SP_EL0 is used C runtime stacks. 3. Ensures that the cold and warm boot paths use the 'cpu_context' structure to program an ERET into the next lower EL. 4. Ensures that SP_EL3 always points to the next 'cpu_context' structure prior to an ERET into the next lower EL 5. Introduces a PSCI SMC handler which completes the use of PSCI as a runtime service Change-Id: I661797f834c0803d2c674d20f504df1b04c2b852 Co-authored-by: Achin Gupta <achin.gupta@arm.com>
2014-02-06 10:36:15 +00:00
* The following code handles secure monitor calls.
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
* Depending upon the execution state from where the SMC has been
* invoked, it frees some general purpose registers to perform the
* remaining tasks. They involve finding the runtime service handler
* that is the target of the SMC & switching to runtime stacks (SP_EL0)
* before calling the handler.
Add support for handling runtime service requests This patch uses the reworked exception handling support to handle runtime service requests through SMCs following the SMC calling convention. This is a giant commit since all the changes are inter-related. It does the following: 1. Replace the old exception handling mechanism with the new one 2. Enforce that SP_EL0 is used C runtime stacks. 3. Ensures that the cold and warm boot paths use the 'cpu_context' structure to program an ERET into the next lower EL. 4. Ensures that SP_EL3 always points to the next 'cpu_context' structure prior to an ERET into the next lower EL 5. Introduces a PSCI SMC handler which completes the use of PSCI as a runtime service Change-Id: I661797f834c0803d2c674d20f504df1b04c2b852 Co-authored-by: Achin Gupta <achin.gupta@arm.com>
2014-02-06 10:36:15 +00:00
*
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
* Note that x30 has been explicitly saved and can be used here
* ---------------------------------------------------------------------
Add support for handling runtime service requests This patch uses the reworked exception handling support to handle runtime service requests through SMCs following the SMC calling convention. This is a giant commit since all the changes are inter-related. It does the following: 1. Replace the old exception handling mechanism with the new one 2. Enforce that SP_EL0 is used C runtime stacks. 3. Ensures that the cold and warm boot paths use the 'cpu_context' structure to program an ERET into the next lower EL. 4. Ensures that SP_EL3 always points to the next 'cpu_context' structure prior to an ERET into the next lower EL 5. Introduces a PSCI SMC handler which completes the use of PSCI as a runtime service Change-Id: I661797f834c0803d2c674d20f504df1b04c2b852 Co-authored-by: Achin Gupta <achin.gupta@arm.com>
2014-02-06 10:36:15 +00:00
*/
Place assembler functions in separate sections This extends the --gc-sections behaviour to the many assembler support functions in the firmware images by placing each function into its own code section. This is achieved by creating a 'func' macro used to declare each function label. Fixes ARM-software/tf-issues#80 Change-Id: I301937b630add292d2dec6d2561a7fcfa6fec690
2014-03-18 13:46:55 +00:00
func smc_handler
Add support for handling runtime service requests This patch uses the reworked exception handling support to handle runtime service requests through SMCs following the SMC calling convention. This is a giant commit since all the changes are inter-related. It does the following: 1. Replace the old exception handling mechanism with the new one 2. Enforce that SP_EL0 is used C runtime stacks. 3. Ensures that the cold and warm boot paths use the 'cpu_context' structure to program an ERET into the next lower EL. 4. Ensures that SP_EL3 always points to the next 'cpu_context' structure prior to an ERET into the next lower EL 5. Introduces a PSCI SMC handler which completes the use of PSCI as a runtime service Change-Id: I661797f834c0803d2c674d20f504df1b04c2b852 Co-authored-by: Achin Gupta <achin.gupta@arm.com>
2014-02-06 10:36:15 +00:00
smc_handler32:
/* Check whether aarch32 issued an SMC64 */
tbnz x0, #FUNCID_CC_SHIFT, smc_prohibited
smc_handler64:
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
/*
* Populate the parameters for the SMC handler.
* We already have x0-x4 in place. x5 will point to a cookie (not used
* now). x6 will point to the context structure (SP_EL3) and x7 will
runtime_exceptions: Save x4-x29 unconditionally In preparation for SMCCC v1.1 support, save x4 to x29 unconditionally. Previously we expected callers coming from AArch64 mode to preserve x8-x17. This is no longer the case with SMCCC v1.1 as AArch64 callers only need to save x0-x3. Change-Id: Ie62d620776533969ff4a02c635422f1b9208be9c Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
2018-01-22 11:53:04 +00:00
* contain flags we need to pass to the handler.
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
*
Add support for the SMC Calling Convention 2.0 Due to differences in the bitfields of the SMC IDs, it is not possible to support SMCCC 1.X and 2.0 at the same time. The behaviour of `SMCCC_MAJOR_VERSION` has changed. Now, it is a build option that specifies the major version of the SMCCC that the Trusted Firmware supports. The only two allowed values are 1 and 2, and it defaults to 1. The value of `SMCCC_MINOR_VERSION` is derived from it. Note: Support for SMCCC v2.0 is an experimental feature to enable prototyping of secure partition specifications. Support for this convention is disabled by default and could be removed without notice. Change-Id: I88abf9ccf08e9c66a13ce55c890edea54d9f16a7 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-04-23 15:43:29 +01:00
* Save x4-x29 and sp_el0.
Add support for handling runtime service requests This patch uses the reworked exception handling support to handle runtime service requests through SMCs following the SMC calling convention. This is a giant commit since all the changes are inter-related. It does the following: 1. Replace the old exception handling mechanism with the new one 2. Enforce that SP_EL0 is used C runtime stacks. 3. Ensures that the cold and warm boot paths use the 'cpu_context' structure to program an ERET into the next lower EL. 4. Ensures that SP_EL3 always points to the next 'cpu_context' structure prior to an ERET into the next lower EL 5. Introduces a PSCI SMC handler which completes the use of PSCI as a runtime service Change-Id: I661797f834c0803d2c674d20f504df1b04c2b852 Co-authored-by: Achin Gupta <achin.gupta@arm.com>
2014-02-06 10:36:15 +00:00
*/
AArch64: Refactor GP register restore to separate function At present, the function that restores general purpose registers also does ERET. Refactor the restore code to restore general purpose registers without ERET to complement the save function. The macro save_x18_to_x29_sp_el0 was used only once, and is therefore removed, and its contents expanded inline for readability. No functional changes, but with this patch: - The SMC return path will incur an branch-return and an additional register load. - The unknown SMC path restores registers x0 to x3. Change-Id: I7a1a63e17f34f9cde810685d70a0ad13ca3b7c50 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
2017-11-29 16:59:34 +00:00
stp x4, x5, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X4]
stp x6, x7, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X6]
stp x8, x9, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X8]
stp x10, x11, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X10]
stp x12, x13, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X12]
stp x14, x15, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X14]
stp x16, x17, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X16]
stp x18, x19, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X18]
stp x20, x21, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X20]
stp x22, x23, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X22]
stp x24, x25, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X24]
stp x26, x27, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X26]
stp x28, x29, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X28]
mrs x18, sp_el0
str x18, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_SP_EL0]
Preserve x19-x29 across world switch for exception handling Previously exception handlers in BL3-1, X19-X29 were not saved and restored on every SMC/trap into EL3. Instead these registers were 'saved as needed' as a side effect of the A64 ABI used by the C compiler. That approach failed when world switching but was not visible with the TSP/TSPD code because the TSP is 64-bit, did not clobber these registers when running and did not support pre-emption by normal world interrupts. These scenarios showed that the values in these registers can be passed through a world switch, which broke the normal and trusted world assumptions about these registers being preserved. The Ideal solution saves and restores these registers when a world switch occurs - but that type of implementation is more complex. So this patch always saves and restores these registers on entry and exit of EL3. Fixes ARM-software/tf-issues#141 Change-Id: I9a727167bbc594454e81cf78a97ca899dfb11c27
2014-04-30 15:36:37 +01:00
Add support for handling runtime service requests This patch uses the reworked exception handling support to handle runtime service requests through SMCs following the SMC calling convention. This is a giant commit since all the changes are inter-related. It does the following: 1. Replace the old exception handling mechanism with the new one 2. Enforce that SP_EL0 is used C runtime stacks. 3. Ensures that the cold and warm boot paths use the 'cpu_context' structure to program an ERET into the next lower EL. 4. Ensures that SP_EL3 always points to the next 'cpu_context' structure prior to an ERET into the next lower EL 5. Introduces a PSCI SMC handler which completes the use of PSCI as a runtime service Change-Id: I661797f834c0803d2c674d20f504df1b04c2b852 Co-authored-by: Achin Gupta <achin.gupta@arm.com>
2014-02-06 10:36:15 +00:00
mov x5, xzr
mov x6, sp
Add support for the SMC Calling Convention 2.0 Due to differences in the bitfields of the SMC IDs, it is not possible to support SMCCC 1.X and 2.0 at the same time. The behaviour of `SMCCC_MAJOR_VERSION` has changed. Now, it is a build option that specifies the major version of the SMCCC that the Trusted Firmware supports. The only two allowed values are 1 and 2, and it defaults to 1. The value of `SMCCC_MINOR_VERSION` is derived from it. Note: Support for SMCCC v2.0 is an experimental feature to enable prototyping of secure partition specifications. Support for this convention is disabled by default and could be removed without notice. Change-Id: I88abf9ccf08e9c66a13ce55c890edea54d9f16a7 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-04-23 15:43:29 +01:00
#if SMCCC_MAJOR_VERSION == 1
Add support for handling runtime service requests This patch uses the reworked exception handling support to handle runtime service requests through SMCs following the SMC calling convention. This is a giant commit since all the changes are inter-related. It does the following: 1. Replace the old exception handling mechanism with the new one 2. Enforce that SP_EL0 is used C runtime stacks. 3. Ensures that the cold and warm boot paths use the 'cpu_context' structure to program an ERET into the next lower EL. 4. Ensures that SP_EL3 always points to the next 'cpu_context' structure prior to an ERET into the next lower EL 5. Introduces a PSCI SMC handler which completes the use of PSCI as a runtime service Change-Id: I661797f834c0803d2c674d20f504df1b04c2b852 Co-authored-by: Achin Gupta <achin.gupta@arm.com>
2014-02-06 10:36:15 +00:00
/* Get the unique owning entity number */
ubfx x16, x0, #FUNCID_OEN_SHIFT, #FUNCID_OEN_WIDTH
ubfx x15, x0, #FUNCID_TYPE_SHIFT, #FUNCID_TYPE_WIDTH
orr x16, x16, x15, lsl #FUNCID_OEN_WIDTH
Add support for the SMC Calling Convention 2.0 Due to differences in the bitfields of the SMC IDs, it is not possible to support SMCCC 1.X and 2.0 at the same time. The behaviour of `SMCCC_MAJOR_VERSION` has changed. Now, it is a build option that specifies the major version of the SMCCC that the Trusted Firmware supports. The only two allowed values are 1 and 2, and it defaults to 1. The value of `SMCCC_MINOR_VERSION` is derived from it. Note: Support for SMCCC v2.0 is an experimental feature to enable prototyping of secure partition specifications. Support for this convention is disabled by default and could be removed without notice. Change-Id: I88abf9ccf08e9c66a13ce55c890edea54d9f16a7 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-04-23 15:43:29 +01:00
load_rt_svc_desc_pointer
Add support for handling runtime service requests This patch uses the reworked exception handling support to handle runtime service requests through SMCs following the SMC calling convention. This is a giant commit since all the changes are inter-related. It does the following: 1. Replace the old exception handling mechanism with the new one 2. Enforce that SP_EL0 is used C runtime stacks. 3. Ensures that the cold and warm boot paths use the 'cpu_context' structure to program an ERET into the next lower EL. 4. Ensures that SP_EL3 always points to the next 'cpu_context' structure prior to an ERET into the next lower EL 5. Introduces a PSCI SMC handler which completes the use of PSCI as a runtime service Change-Id: I661797f834c0803d2c674d20f504df1b04c2b852 Co-authored-by: Achin Gupta <achin.gupta@arm.com>
2014-02-06 10:36:15 +00:00
Add support for the SMC Calling Convention 2.0 Due to differences in the bitfields of the SMC IDs, it is not possible to support SMCCC 1.X and 2.0 at the same time. The behaviour of `SMCCC_MAJOR_VERSION` has changed. Now, it is a build option that specifies the major version of the SMCCC that the Trusted Firmware supports. The only two allowed values are 1 and 2, and it defaults to 1. The value of `SMCCC_MINOR_VERSION` is derived from it. Note: Support for SMCCC v2.0 is an experimental feature to enable prototyping of secure partition specifications. Support for this convention is disabled by default and could be removed without notice. Change-Id: I88abf9ccf08e9c66a13ce55c890edea54d9f16a7 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-04-23 15:43:29 +01:00
#elif SMCCC_MAJOR_VERSION == 2
/* Bit 31 must be set */
tbz x0, #FUNCID_TYPE_SHIFT, smc_unknown
Add support for handling runtime service requests This patch uses the reworked exception handling support to handle runtime service requests through SMCs following the SMC calling convention. This is a giant commit since all the changes are inter-related. It does the following: 1. Replace the old exception handling mechanism with the new one 2. Enforce that SP_EL0 is used C runtime stacks. 3. Ensures that the cold and warm boot paths use the 'cpu_context' structure to program an ERET into the next lower EL. 4. Ensures that SP_EL3 always points to the next 'cpu_context' structure prior to an ERET into the next lower EL 5. Introduces a PSCI SMC handler which completes the use of PSCI as a runtime service Change-Id: I661797f834c0803d2c674d20f504df1b04c2b852 Co-authored-by: Achin Gupta <achin.gupta@arm.com>
2014-02-06 10:36:15 +00:00
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
/*
Add support for the SMC Calling Convention 2.0 Due to differences in the bitfields of the SMC IDs, it is not possible to support SMCCC 1.X and 2.0 at the same time. The behaviour of `SMCCC_MAJOR_VERSION` has changed. Now, it is a build option that specifies the major version of the SMCCC that the Trusted Firmware supports. The only two allowed values are 1 and 2, and it defaults to 1. The value of `SMCCC_MINOR_VERSION` is derived from it. Note: Support for SMCCC v2.0 is an experimental feature to enable prototyping of secure partition specifications. Support for this convention is disabled by default and could be removed without notice. Change-Id: I88abf9ccf08e9c66a13ce55c890edea54d9f16a7 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-04-23 15:43:29 +01:00
* Check MSB of namespace to decide between compatibility/vendor and
* SPCI/SPRT
Add support for handling runtime service requests This patch uses the reworked exception handling support to handle runtime service requests through SMCs following the SMC calling convention. This is a giant commit since all the changes are inter-related. It does the following: 1. Replace the old exception handling mechanism with the new one 2. Enforce that SP_EL0 is used C runtime stacks. 3. Ensures that the cold and warm boot paths use the 'cpu_context' structure to program an ERET into the next lower EL. 4. Ensures that SP_EL3 always points to the next 'cpu_context' structure prior to an ERET into the next lower EL 5. Introduces a PSCI SMC handler which completes the use of PSCI as a runtime service Change-Id: I661797f834c0803d2c674d20f504df1b04c2b852 Co-authored-by: Achin Gupta <achin.gupta@arm.com>
2014-02-06 10:36:15 +00:00
*/
Add support for the SMC Calling Convention 2.0 Due to differences in the bitfields of the SMC IDs, it is not possible to support SMCCC 1.X and 2.0 at the same time. The behaviour of `SMCCC_MAJOR_VERSION` has changed. Now, it is a build option that specifies the major version of the SMCCC that the Trusted Firmware supports. The only two allowed values are 1 and 2, and it defaults to 1. The value of `SMCCC_MINOR_VERSION` is derived from it. Note: Support for SMCCC v2.0 is an experimental feature to enable prototyping of secure partition specifications. Support for this convention is disabled by default and could be removed without notice. Change-Id: I88abf9ccf08e9c66a13ce55c890edea54d9f16a7 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-04-23 15:43:29 +01:00
tbz x0, #(FUNCID_NAMESPACE_SHIFT + 1), compat_or_vendor
/* Namespaces SPRT and SPCI currently unimplemented */
b smc_unknown
compat_or_vendor:
/* Namespace is b'00 (compatibility) or b'01 (vendor) */
Add support for handling runtime service requests This patch uses the reworked exception handling support to handle runtime service requests through SMCs following the SMC calling convention. This is a giant commit since all the changes are inter-related. It does the following: 1. Replace the old exception handling mechanism with the new one 2. Enforce that SP_EL0 is used C runtime stacks. 3. Ensures that the cold and warm boot paths use the 'cpu_context' structure to program an ERET into the next lower EL. 4. Ensures that SP_EL3 always points to the next 'cpu_context' structure prior to an ERET into the next lower EL 5. Introduces a PSCI SMC handler which completes the use of PSCI as a runtime service Change-Id: I661797f834c0803d2c674d20f504df1b04c2b852 Co-authored-by: Achin Gupta <achin.gupta@arm.com>
2014-02-06 10:36:15 +00:00
/*
Add support for the SMC Calling Convention 2.0 Due to differences in the bitfields of the SMC IDs, it is not possible to support SMCCC 1.X and 2.0 at the same time. The behaviour of `SMCCC_MAJOR_VERSION` has changed. Now, it is a build option that specifies the major version of the SMCCC that the Trusted Firmware supports. The only two allowed values are 1 and 2, and it defaults to 1. The value of `SMCCC_MINOR_VERSION` is derived from it. Note: Support for SMCCC v2.0 is an experimental feature to enable prototyping of secure partition specifications. Support for this convention is disabled by default and could be removed without notice. Change-Id: I88abf9ccf08e9c66a13ce55c890edea54d9f16a7 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-04-23 15:43:29 +01:00
* Add the LSB of the namespace (bit [28]) to the OEN [27:24] to create
* a 5-bit index into the rt_svc_descs_indices array.
*
* The low 16 entries of the rt_svc_descs_indices array correspond to
* OENs of the compatibility namespace and the top 16 entries of the
* array are assigned to the vendor namespace descriptor.
Add support for handling runtime service requests This patch uses the reworked exception handling support to handle runtime service requests through SMCs following the SMC calling convention. This is a giant commit since all the changes are inter-related. It does the following: 1. Replace the old exception handling mechanism with the new one 2. Enforce that SP_EL0 is used C runtime stacks. 3. Ensures that the cold and warm boot paths use the 'cpu_context' structure to program an ERET into the next lower EL. 4. Ensures that SP_EL3 always points to the next 'cpu_context' structure prior to an ERET into the next lower EL 5. Introduces a PSCI SMC handler which completes the use of PSCI as a runtime service Change-Id: I661797f834c0803d2c674d20f504df1b04c2b852 Co-authored-by: Achin Gupta <achin.gupta@arm.com>
2014-02-06 10:36:15 +00:00
*/
Add support for the SMC Calling Convention 2.0 Due to differences in the bitfields of the SMC IDs, it is not possible to support SMCCC 1.X and 2.0 at the same time. The behaviour of `SMCCC_MAJOR_VERSION` has changed. Now, it is a build option that specifies the major version of the SMCCC that the Trusted Firmware supports. The only two allowed values are 1 and 2, and it defaults to 1. The value of `SMCCC_MINOR_VERSION` is derived from it. Note: Support for SMCCC v2.0 is an experimental feature to enable prototyping of secure partition specifications. Support for this convention is disabled by default and could be removed without notice. Change-Id: I88abf9ccf08e9c66a13ce55c890edea54d9f16a7 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-04-23 15:43:29 +01:00
ubfx x16, x0, #FUNCID_OEN_SHIFT, #(FUNCID_OEN_WIDTH + 1)
Add support for handling runtime service requests This patch uses the reworked exception handling support to handle runtime service requests through SMCs following the SMC calling convention. This is a giant commit since all the changes are inter-related. It does the following: 1. Replace the old exception handling mechanism with the new one 2. Enforce that SP_EL0 is used C runtime stacks. 3. Ensures that the cold and warm boot paths use the 'cpu_context' structure to program an ERET into the next lower EL. 4. Ensures that SP_EL3 always points to the next 'cpu_context' structure prior to an ERET into the next lower EL 5. Introduces a PSCI SMC handler which completes the use of PSCI as a runtime service Change-Id: I661797f834c0803d2c674d20f504df1b04c2b852 Co-authored-by: Achin Gupta <achin.gupta@arm.com>
2014-02-06 10:36:15 +00:00
Add support for the SMC Calling Convention 2.0 Due to differences in the bitfields of the SMC IDs, it is not possible to support SMCCC 1.X and 2.0 at the same time. The behaviour of `SMCCC_MAJOR_VERSION` has changed. Now, it is a build option that specifies the major version of the SMCCC that the Trusted Firmware supports. The only two allowed values are 1 and 2, and it defaults to 1. The value of `SMCCC_MINOR_VERSION` is derived from it. Note: Support for SMCCC v2.0 is an experimental feature to enable prototyping of secure partition specifications. Support for this convention is disabled by default and could be removed without notice. Change-Id: I88abf9ccf08e9c66a13ce55c890edea54d9f16a7 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-04-23 15:43:29 +01:00
load_rt_svc_desc_pointer
#endif /* SMCCC_MAJOR_VERSION */
Add support for handling runtime service requests This patch uses the reworked exception handling support to handle runtime service requests through SMCs following the SMC calling convention. This is a giant commit since all the changes are inter-related. It does the following: 1. Replace the old exception handling mechanism with the new one 2. Enforce that SP_EL0 is used C runtime stacks. 3. Ensures that the cold and warm boot paths use the 'cpu_context' structure to program an ERET into the next lower EL. 4. Ensures that SP_EL3 always points to the next 'cpu_context' structure prior to an ERET into the next lower EL 5. Introduces a PSCI SMC handler which completes the use of PSCI as a runtime service Change-Id: I661797f834c0803d2c674d20f504df1b04c2b852 Co-authored-by: Achin Gupta <achin.gupta@arm.com>
2014-02-06 10:36:15 +00:00
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
/*
Add support for the SMC Calling Convention 2.0 Due to differences in the bitfields of the SMC IDs, it is not possible to support SMCCC 1.X and 2.0 at the same time. The behaviour of `SMCCC_MAJOR_VERSION` has changed. Now, it is a build option that specifies the major version of the SMCCC that the Trusted Firmware supports. The only two allowed values are 1 and 2, and it defaults to 1. The value of `SMCCC_MINOR_VERSION` is derived from it. Note: Support for SMCCC v2.0 is an experimental feature to enable prototyping of secure partition specifications. Support for this convention is disabled by default and could be removed without notice. Change-Id: I88abf9ccf08e9c66a13ce55c890edea54d9f16a7 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-04-23 15:43:29 +01:00
* Restore the saved C runtime stack value which will become the new
* SP_EL0 i.e. EL3 runtime stack. It was saved in the 'cpu_context'
* structure prior to the last ERET from EL3.
Add support for handling runtime service requests This patch uses the reworked exception handling support to handle runtime service requests through SMCs following the SMC calling convention. This is a giant commit since all the changes are inter-related. It does the following: 1. Replace the old exception handling mechanism with the new one 2. Enforce that SP_EL0 is used C runtime stacks. 3. Ensures that the cold and warm boot paths use the 'cpu_context' structure to program an ERET into the next lower EL. 4. Ensures that SP_EL3 always points to the next 'cpu_context' structure prior to an ERET into the next lower EL 5. Introduces a PSCI SMC handler which completes the use of PSCI as a runtime service Change-Id: I661797f834c0803d2c674d20f504df1b04c2b852 Co-authored-by: Achin Gupta <achin.gupta@arm.com>
2014-02-06 10:36:15 +00:00
*/
Add support for the SMC Calling Convention 2.0 Due to differences in the bitfields of the SMC IDs, it is not possible to support SMCCC 1.X and 2.0 at the same time. The behaviour of `SMCCC_MAJOR_VERSION` has changed. Now, it is a build option that specifies the major version of the SMCCC that the Trusted Firmware supports. The only two allowed values are 1 and 2, and it defaults to 1. The value of `SMCCC_MINOR_VERSION` is derived from it. Note: Support for SMCCC v2.0 is an experimental feature to enable prototyping of secure partition specifications. Support for this convention is disabled by default and could be removed without notice. Change-Id: I88abf9ccf08e9c66a13ce55c890edea54d9f16a7 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-04-23 15:43:29 +01:00
ldr x12, [x6, #CTX_EL3STATE_OFFSET + CTX_RUNTIME_SP]
/* Switch to SP_EL0 */
msr spsel, #0
Add support for handling runtime service requests This patch uses the reworked exception handling support to handle runtime service requests through SMCs following the SMC calling convention. This is a giant commit since all the changes are inter-related. It does the following: 1. Replace the old exception handling mechanism with the new one 2. Enforce that SP_EL0 is used C runtime stacks. 3. Ensures that the cold and warm boot paths use the 'cpu_context' structure to program an ERET into the next lower EL. 4. Ensures that SP_EL3 always points to the next 'cpu_context' structure prior to an ERET into the next lower EL 5. Introduces a PSCI SMC handler which completes the use of PSCI as a runtime service Change-Id: I661797f834c0803d2c674d20f504df1b04c2b852 Co-authored-by: Achin Gupta <achin.gupta@arm.com>
2014-02-06 10:36:15 +00:00
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
/*
* Save the SPSR_EL3, ELR_EL3, & SCR_EL3 in case there is a world
* switch during SMC handling.
* TODO: Revisit if all system registers can be saved later.
Add support for handling runtime service requests This patch uses the reworked exception handling support to handle runtime service requests through SMCs following the SMC calling convention. This is a giant commit since all the changes are inter-related. It does the following: 1. Replace the old exception handling mechanism with the new one 2. Enforce that SP_EL0 is used C runtime stacks. 3. Ensures that the cold and warm boot paths use the 'cpu_context' structure to program an ERET into the next lower EL. 4. Ensures that SP_EL3 always points to the next 'cpu_context' structure prior to an ERET into the next lower EL 5. Introduces a PSCI SMC handler which completes the use of PSCI as a runtime service Change-Id: I661797f834c0803d2c674d20f504df1b04c2b852 Co-authored-by: Achin Gupta <achin.gupta@arm.com>
2014-02-06 10:36:15 +00:00
*/
mrs x16, spsr_el3
mrs x17, elr_el3
mrs x18, scr_el3
stp x16, x17, [x6, #CTX_EL3STATE_OFFSET + CTX_SPSR_EL3]
Remove coherent stack usage from the warm boot path This patch uses stacks allocated in normal memory to enable the MMU early in the warm boot path thus removing the dependency on stacks allocated in coherent memory. Necessary cache and stack maintenance is performed when a cpu is being powered down and up. This avoids any coherency issues that can arise from reading speculatively fetched stale stack memory from another CPUs cache. These changes affect the warm boot path in both BL3-1 and BL3-2. The EL3 system registers responsible for preserving the MMU state are not saved and restored any longer. Static values are used to program these system registers when a cpu is powered on or resumed from suspend. Change-Id: I8357e2eb5eb6c5f448492c5094b82b8927603784
2014-06-26 09:58:52 +01:00
str x18, [x6, #CTX_EL3STATE_OFFSET + CTX_SCR_EL3]
Add support for handling runtime service requests This patch uses the reworked exception handling support to handle runtime service requests through SMCs following the SMC calling convention. This is a giant commit since all the changes are inter-related. It does the following: 1. Replace the old exception handling mechanism with the new one 2. Enforce that SP_EL0 is used C runtime stacks. 3. Ensures that the cold and warm boot paths use the 'cpu_context' structure to program an ERET into the next lower EL. 4. Ensures that SP_EL3 always points to the next 'cpu_context' structure prior to an ERET into the next lower EL 5. Introduces a PSCI SMC handler which completes the use of PSCI as a runtime service Change-Id: I661797f834c0803d2c674d20f504df1b04c2b852 Co-authored-by: Achin Gupta <achin.gupta@arm.com>
2014-02-06 10:36:15 +00:00
/* Copy SCR_EL3.NS bit to the flag to indicate caller's security */
bfi x7, x18, #0, #1
mov sp, x12
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
/*
* Call the Secure Monitor Call handler and then drop directly into
* el3_exit() which will program any remaining architectural state
* prior to issuing the ERET to the desired lower EL.
Add support for handling runtime service requests This patch uses the reworked exception handling support to handle runtime service requests through SMCs following the SMC calling convention. This is a giant commit since all the changes are inter-related. It does the following: 1. Replace the old exception handling mechanism with the new one 2. Enforce that SP_EL0 is used C runtime stacks. 3. Ensures that the cold and warm boot paths use the 'cpu_context' structure to program an ERET into the next lower EL. 4. Ensures that SP_EL3 always points to the next 'cpu_context' structure prior to an ERET into the next lower EL 5. Introduces a PSCI SMC handler which completes the use of PSCI as a runtime service Change-Id: I661797f834c0803d2c674d20f504df1b04c2b852 Co-authored-by: Achin Gupta <achin.gupta@arm.com>
2014-02-06 10:36:15 +00:00
*/
#if DEBUG
cbz x15, rt_svc_fw_critical_error
#endif
blr x15
Move context management code to common location The upcoming Firmware Update feature needs transitioning across Secure/Normal worlds to complete the FWU process and hence requires context management code to perform this task. Currently context management code is part of BL31 stage only. This patch moves the code from (include)/bl31 to (include)/common. Some function declarations/definitions and macros have also moved to different files to help code sharing. Change-Id: I3858b08aecdb76d390765ab2b099f457873f7b0c
2015-10-02 17:56:48 +01:00
b el3_exit
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
Add support for handling runtime service requests This patch uses the reworked exception handling support to handle runtime service requests through SMCs following the SMC calling convention. This is a giant commit since all the changes are inter-related. It does the following: 1. Replace the old exception handling mechanism with the new one 2. Enforce that SP_EL0 is used C runtime stacks. 3. Ensures that the cold and warm boot paths use the 'cpu_context' structure to program an ERET into the next lower EL. 4. Ensures that SP_EL3 always points to the next 'cpu_context' structure prior to an ERET into the next lower EL 5. Introduces a PSCI SMC handler which completes the use of PSCI as a runtime service Change-Id: I661797f834c0803d2c674d20f504df1b04c2b852 Co-authored-by: Achin Gupta <achin.gupta@arm.com>
2014-02-06 10:36:15 +00:00
smc_unknown:
/*
AArch64: Refactor GP register restore to separate function At present, the function that restores general purpose registers also does ERET. Refactor the restore code to restore general purpose registers without ERET to complement the save function. The macro save_x18_to_x29_sp_el0 was used only once, and is therefore removed, and its contents expanded inline for readability. No functional changes, but with this patch: - The SMC return path will incur an branch-return and an additional register load. - The unknown SMC path restores registers x0 to x3. Change-Id: I7a1a63e17f34f9cde810685d70a0ad13ca3b7c50 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
2017-11-29 16:59:34 +00:00
* Unknown SMC call. Populate return value with SMC_UNK, restore
* GP registers, and return to caller.
Add support for handling runtime service requests This patch uses the reworked exception handling support to handle runtime service requests through SMCs following the SMC calling convention. This is a giant commit since all the changes are inter-related. It does the following: 1. Replace the old exception handling mechanism with the new one 2. Enforce that SP_EL0 is used C runtime stacks. 3. Ensures that the cold and warm boot paths use the 'cpu_context' structure to program an ERET into the next lower EL. 4. Ensures that SP_EL3 always points to the next 'cpu_context' structure prior to an ERET into the next lower EL 5. Introduces a PSCI SMC handler which completes the use of PSCI as a runtime service Change-Id: I661797f834c0803d2c674d20f504df1b04c2b852 Co-authored-by: Achin Gupta <achin.gupta@arm.com>
2014-02-06 10:36:15 +00:00
*/
Redefine SMC_UNK as -1 instead of 0xFFFFFFFF According to the SMC Calling Convention (ARM DEN0028B): The Unknown SMC Function Identifier is a sign-extended value of (-1) that is returned in R0, W0 or X0 register. The value wasn't sign-extended because it was defined as a 32-bit unsigned value (0xFFFFFFFF). SMC_PREEMPT has been redefined as -2 for the same reason. NOTE: This might be a compatibility break for some AArch64 platforms that don't follow the previous version of the SMCCC (ARM DEN0028A) correctly. That document specifies that only the bottom 32 bits of the returned value must be checked. If a platform relies on the top 32 bits of the result being 0 (so that SMC_UNK is 0x00000000FFFFFFFF), it will have to fix its code to comply with the SMCCC. Change-Id: I7f7b109f6b30c114fe570aa0ead3c335383cb54d Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-02-14 14:22:29 +00:00
mov x0, #SMC_UNK
AArch64: Refactor GP register restore to separate function At present, the function that restores general purpose registers also does ERET. Refactor the restore code to restore general purpose registers without ERET to complement the save function. The macro save_x18_to_x29_sp_el0 was used only once, and is therefore removed, and its contents expanded inline for readability. No functional changes, but with this patch: - The SMC return path will incur an branch-return and an additional register load. - The unknown SMC path restores registers x0 to x3. Change-Id: I7a1a63e17f34f9cde810685d70a0ad13ca3b7c50 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
2017-11-29 16:59:34 +00:00
str x0, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X0]
b restore_gp_registers_eret
Add support for handling runtime service requests This patch uses the reworked exception handling support to handle runtime service requests through SMCs following the SMC calling convention. This is a giant commit since all the changes are inter-related. It does the following: 1. Replace the old exception handling mechanism with the new one 2. Enforce that SP_EL0 is used C runtime stacks. 3. Ensures that the cold and warm boot paths use the 'cpu_context' structure to program an ERET into the next lower EL. 4. Ensures that SP_EL3 always points to the next 'cpu_context' structure prior to an ERET into the next lower EL 5. Introduces a PSCI SMC handler which completes the use of PSCI as a runtime service Change-Id: I661797f834c0803d2c674d20f504df1b04c2b852 Co-authored-by: Achin Gupta <achin.gupta@arm.com>
2014-02-06 10:36:15 +00:00
smc_prohibited:
Preserve x19-x29 across world switch for exception handling Previously exception handlers in BL3-1, X19-X29 were not saved and restored on every SMC/trap into EL3. Instead these registers were 'saved as needed' as a side effect of the A64 ABI used by the C compiler. That approach failed when world switching but was not visible with the TSP/TSPD code because the TSP is 64-bit, did not clobber these registers when running and did not support pre-emption by normal world interrupts. These scenarios showed that the values in these registers can be passed through a world switch, which broke the normal and trusted world assumptions about these registers being preserved. The Ideal solution saves and restores these registers when a world switch occurs - but that type of implementation is more complex. So this patch always saves and restores these registers on entry and exit of EL3. Fixes ARM-software/tf-issues#141 Change-Id: I9a727167bbc594454e81cf78a97ca899dfb11c27
2014-04-30 15:36:37 +01:00
ldr x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR]
Redefine SMC_UNK as -1 instead of 0xFFFFFFFF According to the SMC Calling Convention (ARM DEN0028B): The Unknown SMC Function Identifier is a sign-extended value of (-1) that is returned in R0, W0 or X0 register. The value wasn't sign-extended because it was defined as a 32-bit unsigned value (0xFFFFFFFF). SMC_PREEMPT has been redefined as -2 for the same reason. NOTE: This might be a compatibility break for some AArch64 platforms that don't follow the previous version of the SMCCC (ARM DEN0028A) correctly. That document specifies that only the bottom 32 bits of the returned value must be checked. If a platform relies on the top 32 bits of the result being 0 (so that SMC_UNK is 0x00000000FFFFFFFF), it will have to fix its code to comply with the SMCCC. Change-Id: I7f7b109f6b30c114fe570aa0ead3c335383cb54d Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-02-14 14:22:29 +00:00
mov x0, #SMC_UNK
Add support for handling runtime service requests This patch uses the reworked exception handling support to handle runtime service requests through SMCs following the SMC calling convention. This is a giant commit since all the changes are inter-related. It does the following: 1. Replace the old exception handling mechanism with the new one 2. Enforce that SP_EL0 is used C runtime stacks. 3. Ensures that the cold and warm boot paths use the 'cpu_context' structure to program an ERET into the next lower EL. 4. Ensures that SP_EL3 always points to the next 'cpu_context' structure prior to an ERET into the next lower EL 5. Introduces a PSCI SMC handler which completes the use of PSCI as a runtime service Change-Id: I661797f834c0803d2c674d20f504df1b04c2b852 Co-authored-by: Achin Gupta <achin.gupta@arm.com>
2014-02-06 10:36:15 +00:00
eret
rt_svc_fw_critical_error:
Cosmetic change to exception table * Move comments on unhandled exceptions at the right place. * Reformat the existing comments to highlight the start of each block of 4 entries in the exception table to ease navigation (lines of dash reserved for head comments). * Reflow comments to 80 columns. Change-Id: I5ab88a93d0628af8e151852cb5b597eb34437677 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2016-11-09 17:48:27 +00:00
/* Switch to SP_ELx */
msr spsel, #1
Define and use no_ret macro where no return is expected There are many instances in ARM Trusted Firmware where control is transferred to functions from which return isn't expected. Such jumps are made using 'bl' instruction to provide the callee with the location from which it was jumped to. Additionally, debuggers infer the caller by examining where 'lr' register points to. If a 'bl' of the nature described above falls at the end of an assembly function, 'lr' will be left pointing to a location outside of the function range. This misleads the debugger back trace. This patch defines a 'no_ret' macro to be used when jumping to functions from which return isn't expected. The macro ensures to use 'bl' instruction for the jump, and also, for debug builds, places a 'nop' instruction immediately thereafter (unless instructed otherwise) so as to leave 'lr' pointing within the function range. Change-Id: Ib34c69fc09197cfd57bc06e147cc8252910e01b0 Co-authored-by: Douglas Raillard <douglas.raillard@arm.com> Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
2016-11-30 15:21:11 +00:00
no_ret report_unhandled_exception
Add support to indicate size and end of assembly functions In order for the symbol table in the ELF file to contain the size of functions written in assembly, it is necessary to report it to the assembler using the .size directive. To fulfil the above requirements, this patch introduces an 'endfunc' macro which contains the .endfunc and .size directives. It also adds a .func directive to the 'func' assembler macro. The .func/.endfunc have been used so the assembler can fail if endfunc is omitted. Fixes ARM-Software/tf-issues#295 Change-Id: If8cb331b03d7f38fe7e3694d4de26f1075b278fc Signed-off-by: Kévin Petit <kevin.petit@arm.com>
2015-03-24 14:03:57 +00:00
endfunc smc_handler
AArch64: Introduce External Abort handling At present, any External Abort routed to EL3 is reported as an unhandled exception and cause a panic. This patch enables ARM Trusted Firmware to handle External Aborts routed to EL3. With this patch, when an External Abort is received at EL3, its handling is delegated to plat_ea_handler() function. Platforms can provide their own implementation of this function. This patch adds a weak definition of the said function that prints out a message and just panics. In order to support handling External Aborts at EL3, the build option HANDLE_EA_EL3_FIRST must be set to 1. Before this patch, HANDLE_EA_EL3_FIRST wasn't passed down to compilation; this patch fixes that too. Change-Id: I4d07b7e65eb191ff72d63b909ae9512478cd01a1 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
2017-11-30 12:54:15 +00:00
/*
* Delegate External Abort handling to platform's EA handler. This function
* assumes that all GP registers have been saved by the caller.
*
* x0: EA reason
* x1: EA syndrome
*/
func delegate_ea
/* Save EL3 state */
mrs x2, spsr_el3
mrs x3, elr_el3
stp x2, x3, [sp, #CTX_EL3STATE_OFFSET + CTX_SPSR_EL3]
/*
* Save ESR as handling might involve lower ELs, and returning back to
* EL3 from there would trample the original ESR.
*/
mrs x4, scr_el3
mrs x5, esr_el3
stp x4, x5, [sp, #CTX_EL3STATE_OFFSET + CTX_SCR_EL3]
/*
* Setup rest of arguments, and call platform External Abort handler.
*
* x0: EA reason (already in place)
* x1: Exception syndrome (already in place).
* x2: Cookie (unused for now).
* x3: Context pointer.
* x4: Flags (security state from SCR for now).
*/
mov x2, xzr
mov x3, sp
ubfx x4, x4, #0, #1
/* Switch to runtime stack */
ldr x5, [sp, #CTX_EL3STATE_OFFSET + CTX_RUNTIME_SP]
msr spsel, #0
mov sp, x5
mov x29, x30
bl plat_ea_handler
mov x30, x29
/* Make SP point to context */
msr spsel, #1
/* Restore EL3 state */
ldp x1, x2, [sp, #CTX_EL3STATE_OFFSET + CTX_SPSR_EL3]
msr spsr_el3, x1
msr elr_el3, x2
/* Restore ESR_EL3 and SCR_EL3 */
ldp x3, x4, [sp, #CTX_EL3STATE_OFFSET + CTX_SCR_EL3]
msr scr_el3, x3
msr esr_el3, x4
ret
endfunc delegate_ea