1/*
2 * Copyright (c) 2016-2021, ARM Limited and Contributors. All rights reserved.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 */
6
7#include <arch.h>
8#include <asm_macros.S>
9#include <common/bl_common.h>
10#include <common/runtime_svc.h>
11#include <context.h>
12#include <el3_common_macros.S>
13#include <lib/el3_runtime/cpu_data.h>
14#include <lib/pmf/aarch32/pmf_asm_macros.S>
15#include <lib/runtime_instr.h>
16#include <lib/xlat_tables/xlat_tables_defs.h>
17#include <smccc_helpers.h>
18#include <smccc_macros.S>
19
20	.globl	sp_min_vector_table
21	.globl	sp_min_entrypoint
22	.globl	sp_min_warm_entrypoint
23	.globl	sp_min_handle_smc
24	.globl	sp_min_handle_fiq
25
26#define FIXUP_SIZE	((BL32_LIMIT) - (BL32_BASE))
27
28	.macro route_fiq_to_sp_min reg
29		/* -----------------------------------------------------
30		 * FIQs are secure interrupts trapped by Monitor and non
31		 * secure is not allowed to mask the FIQs.
32		 * -----------------------------------------------------
33		 */
34		ldcopr	\reg, SCR
35		orr	\reg, \reg, #SCR_FIQ_BIT
36		bic	\reg, \reg, #SCR_FW_BIT
37		stcopr	\reg, SCR
38	.endm
39
40	.macro clrex_on_monitor_entry
41#if (ARM_ARCH_MAJOR == 7)
42	/*
43	 * ARMv7 architectures need to clear the exclusive access when
44	 * entering Monitor mode.
45	 */
46	clrex
47#endif
48	.endm
49
50vector_base sp_min_vector_table
51	b	sp_min_entrypoint
52	b	plat_panic_handler	/* Undef */
53	b	sp_min_handle_smc	/* Syscall */
54	b	plat_panic_handler	/* Prefetch abort */
55	b	plat_panic_handler	/* Data abort */
56	b	plat_panic_handler	/* Reserved */
57	b	plat_panic_handler	/* IRQ */
58	b	sp_min_handle_fiq	/* FIQ */
59
60
61/*
62 * The Cold boot/Reset entrypoint for SP_MIN
63 */
64func sp_min_entrypoint
65#if !RESET_TO_SP_MIN
66	/* ---------------------------------------------------------------
67	 * Preceding bootloader has populated r0 with a pointer to a
68	 * 'bl_params_t' structure & r1 with a pointer to platform
69	 * specific structure
70	 * ---------------------------------------------------------------
71	 */
72	mov	r9, r0
73	mov	r10, r1
74	mov	r11, r2
75	mov	r12, r3
76
77	/* ---------------------------------------------------------------------
78	 * For !RESET_TO_SP_MIN systems, only the primary CPU ever reaches
79	 * sp_min_entrypoint() during the cold boot flow, so the cold/warm boot
80	 * and primary/secondary CPU logic should not be executed in this case.
81	 *
82	 * Also, assume that the previous bootloader has already initialised the
83	 * SCTLR, including the CPU endianness, and has initialised the memory.
84	 * ---------------------------------------------------------------------
85	 */
86	el3_entrypoint_common					\
87		_init_sctlr=0					\
88		_warm_boot_mailbox=0				\
89		_secondary_cold_boot=0				\
90		_init_memory=0					\
91		_init_c_runtime=1				\
92		_exception_vectors=sp_min_vector_table		\
93		_pie_fixup_size=FIXUP_SIZE
94
95	/* ---------------------------------------------------------------------
96	 * Relay the previous bootloader's arguments to the platform layer
97	 * ---------------------------------------------------------------------
98	 */
99#else
100	/* ---------------------------------------------------------------------
101	 * For RESET_TO_SP_MIN systems which have a programmable reset address,
102	 * sp_min_entrypoint() is executed only on the cold boot path so we can
103	 * skip the warm boot mailbox mechanism.
104	 * ---------------------------------------------------------------------
105	 */
106	el3_entrypoint_common					\
107		_init_sctlr=1					\
108		_warm_boot_mailbox=!PROGRAMMABLE_RESET_ADDRESS	\
109		_secondary_cold_boot=!COLD_BOOT_SINGLE_CPU	\
110		_init_memory=1					\
111		_init_c_runtime=1				\
112		_exception_vectors=sp_min_vector_table		\
113		_pie_fixup_size=FIXUP_SIZE
114
115	/* ---------------------------------------------------------------------
116	 * For RESET_TO_SP_MIN systems, BL32 (SP_MIN) is the first bootloader
117	 * to run so there's no argument to relay from a previous bootloader.
118	 * Zero the arguments passed to the platform layer to reflect that.
119	 * ---------------------------------------------------------------------
120	 */
121	mov	r9, #0
122	mov	r10, #0
123	mov	r11, #0
124	mov	r12, #0
125
126#endif /* RESET_TO_SP_MIN */
127
128#if SP_MIN_WITH_SECURE_FIQ
129	route_fiq_to_sp_min r4
130#endif
131
132	mov	r0, r9
133	mov	r1, r10
134	mov	r2, r11
135	mov	r3, r12
136	bl	sp_min_early_platform_setup2
137	bl	sp_min_plat_arch_setup
138
139	/* Jump to the main function */
140	bl	sp_min_main
141
142	/* -------------------------------------------------------------
143	 * Clean the .data & .bss sections to main memory. This ensures
144	 * that any global data which was initialised by the primary CPU
145	 * is visible to secondary CPUs before they enable their data
146	 * caches and participate in coherency.
147	 * -------------------------------------------------------------
148	 */
149	ldr	r0, =__DATA_START__
150	ldr	r1, =__DATA_END__
151	sub	r1, r1, r0
152	bl	clean_dcache_range
153
154	ldr	r0, =__BSS_START__
155	ldr	r1, =__BSS_END__
156	sub	r1, r1, r0
157	bl	clean_dcache_range
158
159	bl	smc_get_next_ctx
160
161	/* r0 points to `smc_ctx_t` */
162	/* The PSCI cpu_context registers have been copied to `smc_ctx_t` */
163	b	sp_min_exit
164endfunc sp_min_entrypoint
165
166
167/*
168 * SMC handling function for SP_MIN.
169 */
170func sp_min_handle_smc
171	/* On SMC entry, `sp` points to `smc_ctx_t`. Save `lr`. */
172	str	lr, [sp, #SMC_CTX_LR_MON]
173
174#if ENABLE_RUNTIME_INSTRUMENTATION
175	/*
176	 * Read the timestamp value and store it on top of the C runtime stack.
177	 * The value will be saved to the per-cpu data once the C stack is
178	 * available, as a valid stack is needed to call _cpu_data()
179	 */
180	strd	r0, r1, [sp, #SMC_CTX_GPREG_R0]
181	ldcopr16 r0, r1, CNTPCT_64
182	ldr	lr, [sp, #SMC_CTX_SP_MON]
183	strd	r0, r1, [lr, #-8]!
184	str	lr, [sp, #SMC_CTX_SP_MON]
185	ldrd	r0, r1, [sp, #SMC_CTX_GPREG_R0]
186#endif
187
188	smccc_save_gp_mode_regs
189
190	clrex_on_monitor_entry
191
192	/*
193	 * `sp` still points to `smc_ctx_t`. Save it to a register
194	 * and restore the C runtime stack pointer to `sp`.
195	 */
196	mov	r2, sp				/* handle */
197	ldr	sp, [r2, #SMC_CTX_SP_MON]
198
199#if ENABLE_RUNTIME_INSTRUMENTATION
200	/* Save handle to a callee saved register */
201	mov	r6, r2
202
203	/*
204	 * Restore the timestamp value and store it in per-cpu data. The value
205	 * will be extracted from per-cpu data by the C level SMC handler and
206	 * saved to the PMF timestamp region.
207	 */
208	ldrd	r4, r5, [sp], #8
209	bl	_cpu_data
210	strd	r4, r5, [r0, #CPU_DATA_PMF_TS0_OFFSET]
211
212	/* Restore handle */
213	mov	r2, r6
214#endif
215
216	ldr	r0, [r2, #SMC_CTX_SCR]
217	and	r3, r0, #SCR_NS_BIT		/* flags */
218
219	/* Switch to Secure Mode*/
220	bic	r0, #SCR_NS_BIT
221	stcopr	r0, SCR
222	isb
223
224	ldr	r0, [r2, #SMC_CTX_GPREG_R0]	/* smc_fid */
225	/* Check whether an SMC64 is issued */
226	tst	r0, #(FUNCID_CC_MASK << FUNCID_CC_SHIFT)
227	beq	1f
228	/* SMC32 is not detected. Return error back to caller */
229	mov	r0, #SMC_UNK
230	str	r0, [r2, #SMC_CTX_GPREG_R0]
231	mov	r0, r2
232	b	sp_min_exit
2331:
234	/* SMC32 is detected */
235	mov	r1, #0				/* cookie */
236	bl	handle_runtime_svc
237
238	/* `r0` points to `smc_ctx_t` */
239	b	sp_min_exit
240endfunc sp_min_handle_smc
241
242/*
243 * Secure Interrupts handling function for SP_MIN.
244 */
245func sp_min_handle_fiq
246#if !SP_MIN_WITH_SECURE_FIQ
247	b plat_panic_handler
248#else
249	/* FIQ has a +4 offset for lr compared to preferred return address */
250	sub	lr, lr, #4
251	/* On SMC entry, `sp` points to `smc_ctx_t`. Save `lr`. */
252	str	lr, [sp, #SMC_CTX_LR_MON]
253
254	smccc_save_gp_mode_regs
255
256	clrex_on_monitor_entry
257
258	/* load run-time stack */
259	mov	r2, sp
260	ldr	sp, [r2, #SMC_CTX_SP_MON]
261
262	/* Switch to Secure Mode */
263	ldr	r0, [r2, #SMC_CTX_SCR]
264	bic	r0, #SCR_NS_BIT
265	stcopr	r0, SCR
266	isb
267
268	push	{r2, r3}
269	bl	sp_min_fiq
270	pop	{r0, r3}
271
272	b	sp_min_exit
273#endif
274endfunc sp_min_handle_fiq
275
276/*
277 * The Warm boot entrypoint for SP_MIN.
278 */
279func sp_min_warm_entrypoint
280#if ENABLE_RUNTIME_INSTRUMENTATION
281	/*
282	 * This timestamp update happens with cache off.  The next
283	 * timestamp collection will need to do cache maintenance prior
284	 * to timestamp update.
285	 */
286	pmf_calc_timestamp_addr rt_instr_svc, RT_INSTR_EXIT_HW_LOW_PWR
287	ldcopr16 r2, r3, CNTPCT_64
288	strd	r2, r3, [r0]
289#endif
290	/*
291	 * On the warm boot path, most of the EL3 initialisations performed by
292	 * 'el3_entrypoint_common' must be skipped:
293	 *
294	 *  - Only when the platform bypasses the BL1/BL32 (SP_MIN) entrypoint by
295	 *    programming the reset address do we need to initialied the SCTLR.
296	 *    In other cases, we assume this has been taken care by the
297	 *    entrypoint code.
298	 *
299	 *  - No need to determine the type of boot, we know it is a warm boot.
300	 *
301	 *  - Do not try to distinguish between primary and secondary CPUs, this
302	 *    notion only exists for a cold boot.
303	 *
304	 *  - No need to initialise the memory or the C runtime environment,
305	 *    it has been done once and for all on the cold boot path.
306	 */
307	el3_entrypoint_common					\
308		_init_sctlr=PROGRAMMABLE_RESET_ADDRESS		\
309		_warm_boot_mailbox=0				\
310		_secondary_cold_boot=0				\
311		_init_memory=0					\
312		_init_c_runtime=0				\
313		_exception_vectors=sp_min_vector_table		\
314		_pie_fixup_size=0
315
316	/*
317	 * We're about to enable MMU and participate in PSCI state coordination.
318	 *
319	 * The PSCI implementation invokes platform routines that enable CPUs to
320	 * participate in coherency. On a system where CPUs are not
321	 * cache-coherent without appropriate platform specific programming,
322	 * having caches enabled until such time might lead to coherency issues
323	 * (resulting from stale data getting speculatively fetched, among
324	 * others). Therefore we keep data caches disabled even after enabling
325	 * the MMU for such platforms.
326	 *
327	 * On systems with hardware-assisted coherency, or on single cluster
328	 * platforms, such platform specific programming is not required to
329	 * enter coherency (as CPUs already are); and there's no reason to have
330	 * caches disabled either.
331	 */
332#if HW_ASSISTED_COHERENCY || WARMBOOT_ENABLE_DCACHE_EARLY
333	mov	r0, #0
334#else
335	mov	r0, #DISABLE_DCACHE
336#endif
337	bl	bl32_plat_enable_mmu
338
339#if SP_MIN_WITH_SECURE_FIQ
340	route_fiq_to_sp_min r0
341#endif
342
343	bl	sp_min_warm_boot
344	bl	smc_get_next_ctx
345	/* r0 points to `smc_ctx_t` */
346	/* The PSCI cpu_context registers have been copied to `smc_ctx_t` */
347
348#if ENABLE_RUNTIME_INSTRUMENTATION
349	/* Save smc_ctx_t */
350	mov	r5, r0
351
352	pmf_calc_timestamp_addr rt_instr_svc, RT_INSTR_EXIT_PSCI
353	mov	r4, r0
354
355	/*
356	 * Invalidate before updating timestamp to ensure previous timestamp
357	 * updates on the same cache line with caches disabled are properly
358	 * seen by the same core. Without the cache invalidate, the core might
359	 * write into a stale cache line.
360	 */
361	mov	r1, #PMF_TS_SIZE
362	bl	inv_dcache_range
363
364	ldcopr16 r0, r1, CNTPCT_64
365	strd	r0, r1, [r4]
366
367	/* Restore smc_ctx_t */
368	mov	r0, r5
369#endif
370
371	b	sp_min_exit
372endfunc sp_min_warm_entrypoint
373
374/*
375 * The function to restore the registers from SMC context and return
376 * to the mode restored to SPSR.
377 *
378 * Arguments : r0 must point to the SMC context to restore from.
379 */
380func sp_min_exit
381	monitor_exit
382endfunc sp_min_exit
383