andrius
/
arm-trusted-firmware
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

feat(spmc): enable building of the SPMC at EL3 

Introduce build flag for enabling the secure partition
manager core, SPMC_AT_EL3. When enabled, the SPMC module
will be included into the BL31 image. By default the
flag is disabled.

Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: I5ea1b953e5880a07ffc91c4dea876a375850cf2a
This commit is contained in:
Marc Bonnici 2021-12-01 18:00:40 +00:00
parent b61d94a1a2
commit 1d63ae4d0d
5 changed files with 60 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Makefile
View File

@ -527,6 +527,9 @@ ifneq (${SPD},none)
ifeq ($(CTX_INCLUDE_EL2_REGS),0) ifeq ($(CTX_INCLUDE_EL2_REGS),0)
$(error SPMD with SPM at S-EL2 requires CTX_INCLUDE_EL2_REGS option) $(error SPMD with SPM at S-EL2 requires CTX_INCLUDE_EL2_REGS option)
endif endif
ifeq ($(SPMC_AT_EL3),1)
$(error SPM cannot be enabled in both S-EL2 and EL3.)
endif
endif endif
ifeq ($(findstring optee_sp,$(ARM_SPMC_MANIFEST_DTS)),optee_sp) ifeq ($(findstring optee_sp,$(ARM_SPMC_MANIFEST_DTS)),optee_sp)
@ -577,6 +580,9 @@ ifneq (${ENABLE_RME},0)
ifneq (${ARCH},aarch64) ifneq (${ARCH},aarch64)
$(error ENABLE_RME requires AArch64) $(error ENABLE_RME requires AArch64)
endif endif
ifeq ($(SPMC_AT_EL3),1)
$(error SPMC_AT_EL3 and ENABLE_RME cannot both be enabled.)
endif
include services/std_svc/rmmd/rmmd.mk include services/std_svc/rmmd/rmmd.mk
$(warning "RME is an experimental feature") $(warning "RME is an experimental feature")
endif endif
@ -1006,6 +1012,7 @@ $(eval $(call assert_booleans,\
SEPARATE_NOBITS_REGION \ SEPARATE_NOBITS_REGION \
SPIN_ON_BL1_EXIT \ SPIN_ON_BL1_EXIT \
SPM_MM \ SPM_MM \
SPMC_AT_EL3 \
SPMD_SPM_AT_SEL2 \ SPMD_SPM_AT_SEL2 \
TRUSTED_BOARD_BOOT \ TRUSTED_BOARD_BOOT \
CRYPTO_SUPPORT \ CRYPTO_SUPPORT \
@ -1138,6 +1145,7 @@ $(eval $(call add_defines,\
SPD_${SPD} \ SPD_${SPD} \
SPIN_ON_BL1_EXIT \ SPIN_ON_BL1_EXIT \
SPM_MM \ SPM_MM \
SPMC_AT_EL3 \
SPMD_SPM_AT_SEL2 \ SPMD_SPM_AT_SEL2 \
TRUSTED_BOARD_BOOT \ TRUSTED_BOARD_BOOT \
CRYPTO_SUPPORT \ CRYPTO_SUPPORT \

9
bl31/bl31.mk
View File

@ -25,6 +25,14 @@ endif
include lib/extensions/amu/amu.mk include lib/extensions/amu/amu.mk
include lib/mpmm/mpmm.mk include lib/mpmm/mpmm.mk
ifeq (${SPMC_AT_EL3},1)
$(warning "EL3 SPMC is an experimental feature")
$(info Including EL3 SPMC makefile)
include services/std_svc/spm/common/spm.mk
include services/std_svc/spm/el3_spmc/spmc.mk
endif
include lib/psci/psci_lib.mk include lib/psci/psci_lib.mk
BL31_SOURCES += bl31/bl31_main.c \ BL31_SOURCES += bl31/bl31_main.c \
@ -42,6 +50,7 @@ BL31_SOURCES += bl31/bl31_main.c \
${PSCI_LIB_SOURCES} \ ${PSCI_LIB_SOURCES} \
${SPMD_SOURCES} \ ${SPMD_SOURCES} \
${SPM_MM_SOURCES} \ ${SPM_MM_SOURCES} \
${SPMC_SOURCES} \
${SPM_SOURCES} ${SPM_SOURCES}
ifeq (${DISABLE_MTPMU},1) ifeq (${DISABLE_MTPMU},1)

40
docs/components/secure-partition-manager.rst
View File

@ -127,14 +127,18 @@ TF-A build options
This section explains the TF-A build options involved in building with This section explains the TF-A build options involved in building with
support for an FF-A based SPM where the SPMD is located at EL3 and the support for an FF-A based SPM where the SPMD is located at EL3 and the
SPMC located at S-EL1 or S-EL2: SPMC located at S-EL1, S-EL2 or EL3:
- **SPD=spmd**: this option selects the SPMD component to relay the FF-A - **SPD=spmd**: this option selects the SPMD component to relay the FF-A
protocol from NWd to SWd back and forth. It is not possible to protocol from NWd to SWd back and forth. It is not possible to
enable another Secure Payload Dispatcher when this option is chosen. enable another Secure Payload Dispatcher when this option is chosen.
- **SPMD_SPM_AT_SEL2**: this option adjusts the SPMC exception - **SPMD_SPM_AT_SEL2**: this option adjusts the SPMC exception
level to being S-EL1 or S-EL2. It defaults to enabled (value 1) when level to being at S-EL2. It defaults to enabled (value 1) when
SPD=spmd is chosen. SPD=spmd is chosen.
- **SPMC_AT_EL3**: this option adjusts the SPMC exception level to being
at EL3.
- If neither **SPMD_SPM_AT_SEL2** or **SPMC_AT_EL3** are enabled the SPMC
exception level is set to S-EL1.
- **CTX_INCLUDE_EL2_REGS**: this option permits saving (resp. - **CTX_INCLUDE_EL2_REGS**: this option permits saving (resp.
restoring) the EL2 system register context before entering (resp. restoring) the EL2 system register context before entering (resp.
after leaving) the SPMC. It is mandatorily enabled when after leaving) the SPMC. It is mandatorily enabled when
@ -146,14 +150,16 @@ SPMC located at S-EL1 or S-EL2:
is required when ``SPMD_SPM_AT_SEL2`` is enabled hence when multiple is required when ``SPMD_SPM_AT_SEL2`` is enabled hence when multiple
secure partitions are to be loaded on behalf of the SPMC. secure partitions are to be loaded on behalf of the SPMC.
+---------------+----------------------+------------------+ +---------------+----------------------+------------------+-------------+
| | CTX_INCLUDE_EL2_REGS | SPMD_SPM_AT_SEL2 | | | CTX_INCLUDE_EL2_REGS | SPMD_SPM_AT_SEL2 | SPMC_AT_EL3 |
+---------------+----------------------+------------------+ +---------------+----------------------+------------------+-------------+
| SPMC at S-EL1 | 0 | 0 | | SPMC at S-EL1 | 0 | 0 | 0 |
+---------------+----------------------+------------------+ +---------------+----------------------+------------------+-------------+
| SPMC at S-EL2 | 1 | 1 (default when | | SPMC at S-EL2 | 1 | 1 (default when | 0 |
| | | SPD=spmd) | | | | SPD=spmd) | |
+---------------+----------------------+------------------+ +---------------+----------------------+------------------+-------------+
| SPMC at EL3 | 0 | 0 | 1 |
+---------------+----------------------+------------------+-------------+
Other combinations of such build options either break the build or are not Other combinations of such build options either break the build or are not
supported. supported.
@ -229,6 +235,20 @@ Same as above with enabling secure boot in addition:
GENERATE_COT=1 \ GENERATE_COT=1 \
all fip all fip
Sample TF-A build command line when SPMC is located at EL3:
.. code:: shell
make \
CROSS_COMPILE=aarch64-none-elf- \
SPD=spmd \
SPMD_SPM_AT_SEL2=0 \
SPMC_AT_EL3=1 \
BL32=<path-to-tee-binary> \
BL33=<path-to-bl33-binary> \
PLAT=fvp \
all fip
FVP model invocation FVP model invocation
==================== ====================

13
docs/getting_started/build-options.rst
View File

@ -780,13 +780,20 @@ Common build options
firmware images have been loaded in memory, and the MMU and caches are firmware images have been loaded in memory, and the MMU and caches are
turned off. Refer to the "Debugging options" section for more details. turned off. Refer to the "Debugging options" section for more details.
- ``SPMC_AT_EL3`` : This boolean option is used jointly with the SPM
Dispatcher option (``SPD=spmd``). When enabled (1) it indicates the SPMC
component runs at the EL3 exception level. The default value is ``0`` (
disabled). This configuration supports pre-Armv8.4 platforms (aka not
implementing the ``FEAT_SEL2`` extension). This is an experimental feature.
- ``SPMD_SPM_AT_SEL2`` : This boolean option is used jointly with the SPM - ``SPMD_SPM_AT_SEL2`` : This boolean option is used jointly with the SPM
Dispatcher option (``SPD=spmd``). When enabled (1) it indicates the SPMC Dispatcher option (``SPD=spmd``). When enabled (1) it indicates the SPMC
component runs at the S-EL2 execution state provided by the Armv8.4-SecEL2 component runs at the S-EL2 exception level provided by the ``FEAT_SEL2``
extension. This is the default when enabling the SPM Dispatcher. When extension. This is the default when enabling the SPM Dispatcher. When
disabled (0) it indicates the SPMC component runs at the S-EL1 execution disabled (0) it indicates the SPMC component runs at the S-EL1 execution
state. This latter configuration supports pre-Armv8.4 platforms (aka not state or at EL3 if ``SPMC_AT_EL3`` is enabled. The latter configurations
implementing the Armv8.4-SecEL2 extension). support pre-Armv8.4 platforms (aka not implementing the ``FEAT_SEL2``
extension).
- ``SPM_MM`` : Boolean option to enable the Management Mode (MM)-based Secure - ``SPM_MM`` : Boolean option to enable the Management Mode (MM)-based Secure
Partition Manager (SPM) implementation. The default value is ``0`` Partition Manager (SPM) implementation. The default value is ``0``

3
make_helpers/defaults.mk
View File

@ -288,6 +288,9 @@ SPD := none
# Enable the Management Mode (MM)-based Secure Partition Manager implementation # Enable the Management Mode (MM)-based Secure Partition Manager implementation
SPM_MM := 0 SPM_MM := 0
# Use the FF-A SPMC implementation in EL3.
SPMC_AT_EL3 := 0
# Use SPM at S-EL2 as a default config for SPMD # Use SPM at S-EL2 as a default config for SPMD
SPMD_SPM_AT_SEL2 := 1 SPMD_SPM_AT_SEL2 := 1