The use of ARMv8.3 pointer authentication (PAuth) is governed by fields
in HCR_EL2, which trigger a 'trap to EL2' if not enabled. The reset
value of these fields is 'architecturally unknown' so we must ensure
that the fields are enabled (to disable the traps) if we are entering
the kernel at EL1.
The APK field disables PAuth instruction traps and the API field
disables PAuth register traps
Add code to disable the traps in armv8_switch_to_el1_m. Prior to doing
so, it checks fields in the ID_AA64ISAR1_EL1 register to ensure pointer
authentication is supported by the hardware.
The runtime checks require a second temporary register, so add this to
the EL1 transition macro signature and update 2 call sites.
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from. So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry. Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.
In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.
This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents. There's also a few places where I found we did not have a tag
and have introduced one.
Signed-off-by: Tom Rini <trini@konsulko.com>
TPL builds today don't need to call into firmware or set up the MMU
(if this changes, it should be controlled through a config option
whether to include this or not), but include the needed support code
for this anyway. By moving these unused low-level functions into
seperate function-sections, the linker can garbage-collect the unused
sections.
Note that (if DM support is enabled), there will be a call to the
cache-flushing code from alloc_priv(...) in drivers/core/device.c.
This then add 52 bytes of binary size (an increase from 20589 to 20641
bytes) compared to completely removing this code.
Even for a feature-rich TPL (including DM support as for the RK3368),
this equates to a size difference of significantly more than 10% in
TPL binary size.
Signed-off-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
For 64-bit kernel, there is a warning about x1-x3 nonzero in violation
of boot protocol. To fix this issue, input argument 4 is added for
armv8_switch_to_el2 and armv8_switch_to_el1. The input argument 4 will
be set to the right value, such as zero.
Signed-off-by: Alison Wang <alison.wang@nxp.com>
Reviewed-by: Alexander Graf <agraf@suse.de>
Tested-by: Ryan Harkin <ryan.harkin@linaro.org>
Tested-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: York Sun <york.sun@nxp.com>
As PSCI and secure monitor firmware framework are enabled, this patch is
to support loading 32-bit OS in such case. The default target exception
level returned to U-Boot is EL2, so the corresponding work to switch to
AArch32 EL2 and jump to 32-bit OS are done in U-Boot and secure firmware
together.
Signed-off-by: Alison Wang <alison.wang@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
To support loading a 32-bit OS, the execution state will change from
AArch64 to AArch32 when jumping to kernel.
The architecture information will be got through checking FIT image,
then U-Boot will load 32-bit OS or 64-bit OS automatically.
Signed-off-by: Ebony Zhu <ebony.zhu@nxp.com>
Signed-off-by: Alison Wang <alison.wang@nxp.com>
Signed-off-by: Chenhui Zhao <chenhui.zhao@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
Various files are needlessly rebuilt every time due to the version and
build time changing. As version.h is not actually needed, remove the
include.
Signed-off-by: Rob Herring <robh@kernel.org>
Cc: Albert Aribaud <albert.u.boot@aribaud.net>
Cc: Stefano Babic <sbabic@denx.de>
Cc: Minkyu Kang <mk7.kang@samsung.com>
Cc: Marek Vasut <marex@denx.de>
Cc: Tom Warren <twarren@nvidia.com>
Cc: Michal Simek <monstr@monstr.eu>
Cc: Macpaul Lin <macpaul@andestech.com>
Cc: Wolfgang Denk <wd@denx.de>
Cc: York Sun <yorksun@freescale.com>
Cc: Stefan Roese <sr@denx.de>
Cc: Nobuhiro Iwamatsu <iwamatsu@nigauri.org>
Cc: Simon Glass <sjg@chromium.org>
Cc: Philippe Reynes <tremyfr@yahoo.fr>
Cc: Eric Jarrige <eric.jarrige@armadeus.org>
Cc: "David Müller" <d.mueller@elsoft.ch>
Cc: Phil Edworthy <phil.edworthy@renesas.com>
Cc: Robert Baldyga <r.baldyga@samsung.com>
Cc: Torsten Koschorrek <koschorrek@synertronixx.de>
Cc: Anatolij Gustschin <agust@denx.de>
Reviewed-by: Linus Walleij <linus.walleij@linaro.org>
Reviewed-by: Łukasz Majewski <l.majewski@samsung.com>
Secondary cores need to be released from holdoff by boot release
registers. With GPP bootrom, they can boot from main memory
directly. Individual spin table is used for each core. Spin table
and the boot page is reserved in device tree so OS won't overwrite.
Signed-off-by: York Sun <yorksun@freescale.com>
Signed-off-by: Arnab Basu <arnab.basu@freescale.com>
Currently cntvoff_el2 is initialised with an arbitrary bag of bits
derived from the initial value of cnthctl_el2 on the current CPU. This is
somewhat odd and problematic as some of these bits are UNKNOWN at reset
and may differ across CPUs (which may cause an OS at EL1 to observe time
going backwards across CPUs).
This patch instead initialises cntvoff_el2 with xzr, giving the register
a consistent value of zero on all CPUs.
Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Acked-by: Marc Zyngier <marc.zyngier@arm.com>
Acked-by: Catalin Marinas <catalin.marinas@arm.com>
Cc: Scott Wood <scottwood@freescale.com>
Cc: David Feng <fenghua@phytium.com.cn>
Cc: Tom Rini <trini@ti.com>
Acked-by: David.Feng <fenghua@phytium.com.cn>
Relocation code based on a patch by Scott Wood, which is:
Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: David Feng <fenghua@phytium.com.cn>