From 4333f95bedb5f2b53dcb62e0e9c563794ec33c07 Mon Sep 17 00:00:00 2001 From: Manish Pandey Date: Mon, 15 Nov 2021 15:29:08 +0000 Subject: [PATCH] fix(spm_mm): do not compile if SVE/SME is enabled As spm_mm cannot handle SVE/SME usage in NS world so its better to give compilation error when ENABLE_SVE_FOR_NS=1 or ENABLE_SME_FOR_NS=1. Signed-off-by: Manish Pandey Change-Id: I69dbb272ca681bb020501342008eda20d4c0b096 --- docs/components/secure-partition-manager-mm.rst | 6 +++--- docs/getting_started/build-options.rst | 7 ++++--- services/std_svc/spm_mm/spm_mm.mk | 6 ++++++ 3 files changed, 13 insertions(+), 6 deletions(-) diff --git a/docs/components/secure-partition-manager-mm.rst b/docs/components/secure-partition-manager-mm.rst index 30312eef7..4cdb96c10 100644 --- a/docs/components/secure-partition-manager-mm.rst +++ b/docs/components/secure-partition-manager-mm.rst @@ -134,8 +134,8 @@ Interface). This will be referred to as the *Standalone MM Secure Partition* in the rest of this document. To enable SPM support in TF-A, the source code must be compiled with the build -flag ``SPM_MM=1``, along with ``EL3_EXCEPTION_HANDLING=1``. On Arm -platforms the build option ``ARM_BL31_IN_DRAM`` must be set to 1. Also, the +flag ``SPM_MM=1``, along with ``EL3_EXCEPTION_HANDLING=1`` and ``ENABLE_SVE_FOR_NS=0``. +On Arm platforms the build option ``ARM_BL31_IN_DRAM`` must be set to 1. Also, the location of the binary that contains the BL32 image (``BL32=path/to/image.bin``) must be specified. @@ -148,7 +148,7 @@ image in the FIP: .. code:: shell BL32=path/to/standalone/mm/sp BL33=path/to/bl33.bin \ - make PLAT=fvp SPM_MM=1 EL3_EXCEPTION_HANDLING=1 ARM_BL31_IN_DRAM=1 all fip + make PLAT=fvp SPM_MM=1 EL3_EXCEPTION_HANDLING=1 ENABLE_SVE_FOR_NS=0 ARM_BL31_IN_DRAM=1 all fip Describing Secure Partition resources ------------------------------------- diff --git a/docs/getting_started/build-options.rst b/docs/getting_started/build-options.rst index e7ffd9479..7662a1425 100644 --- a/docs/getting_started/build-options.rst +++ b/docs/getting_started/build-options.rst @@ -305,8 +305,8 @@ Common build options ENABLE_SME_FOR_SWD=1 will cause SME, SVE, and FPU/SIMD instructions in secure world to trap to EL3. SME is an optional architectural feature for AArch64 and TF-A support is experimental. At this time, this build option cannot be - used on systems that have SPD=spmd or ENABLE_RME, and attempting to build - with these options will fail. Default is 0. + used on systems that have SPD=spmd/SPM_MM or ENABLE_RME, and attempting to + build with these options will fail. Default is 0. - ``ENABLE_SME_FOR_SWD``: Boolean option to enable the Scalable Matrix Extension for secure world use along with SVE and FPU/SIMD, ENABLE_SME_FOR_NS @@ -329,7 +329,8 @@ Common build options compatible with the ``CTX_INCLUDE_FPREGS`` build option, and will raise an assert on platforms where SVE is implemented and ``ENABLE_SVE_FOR_NS`` set to 1. The default is 1 but is automatically disabled when ENABLE_SME_FOR_NS=1 - since SME encompasses SVE. + since SME encompasses SVE. At this time, this build option cannot be used on + systems that have SPM_MM enabled. - ``ENABLE_SVE_FOR_SWD``: Boolean option to enable SVE for the Secure world. SVE is an optional architectural feature for AArch64. Note that this option diff --git a/services/std_svc/spm_mm/spm_mm.mk b/services/std_svc/spm_mm/spm_mm.mk index 656488b8e..a87bdd878 100644 --- a/services/std_svc/spm_mm/spm_mm.mk +++ b/services/std_svc/spm_mm/spm_mm.mk @@ -10,6 +10,12 @@ endif ifneq (${ARCH},aarch64) $(error "Error: SPM_MM is only supported on aarch64.") endif +ifeq (${ENABLE_SVE_FOR_NS},1) + $(error "Error: SPM_MM is not compatible with ENABLE_SVE_FOR_NS") +endif +ifeq (${ENABLE_SME_FOR_NS},1) + $(error "Error: SPM_MM is not compatible with ENABLE_SME_FOR_NS") +endif SPM_SOURCES := $(addprefix services/std_svc/spm_mm/, \ ${ARCH}/spm_mm_helpers.S \