diff options
-rw-r--r-- | ArmPkg/ArmPkg.dec | 18 | ||||
-rw-r--r-- | ArmPkg/Include/Chipset/AArch64.h | 14 | ||||
-rw-r--r-- | ArmPkg/Include/Chipset/ArmV7.h | 14 | ||||
-rw-r--r-- | ArmPkg/Include/Library/ArmLib.h | 12 | ||||
-rw-r--r-- | ArmPkg/Library/ArmLib/ArmV7/ArmLibSupportV7.S | 12 | ||||
-rw-r--r-- | ArmPkg/Library/ArmLib/ArmV7/ArmLibSupportV7.asm | 16 | ||||
-rw-r--r-- | ArmPkg/Library/ArmLib/Common/AArch64/ArmLibSupport.S | 6 | ||||
-rw-r--r-- | ArmPkg/Library/ArmLib/Common/Arm/ArmLibSupport.S | 10 | ||||
-rw-r--r-- | ArmPkg/Library/ArmLib/Common/Arm/ArmLibSupport.asm | 10 | ||||
-rw-r--r-- | ArmPlatformPkg/Sec/AArch64/Arch.c | 25 | ||||
-rw-r--r-- | ArmPlatformPkg/Sec/Arm/Arch.c | 25 | ||||
-rw-r--r-- | ArmPlatformPkg/Sec/Sec.c | 4 | ||||
-rw-r--r-- | ArmPlatformPkg/Sec/Sec.inf | 8 | ||||
-rw-r--r-- | ArmPlatformPkg/Sec/SecInternal.h | 6 |
14 files changed, 118 insertions, 62 deletions
diff --git a/ArmPkg/ArmPkg.dec b/ArmPkg/ArmPkg.dec index 3326e7b584..39f264251b 100644 --- a/ArmPkg/ArmPkg.dec +++ b/ArmPkg/ArmPkg.dec @@ -128,15 +128,7 @@ # - BIT9 : SIF - Secure Instruction Fetch
# 0x31 = NS | EA | FW
gArmTokenSpaceGuid.PcdArmScr|0x31|UINT32|0x00000038
-
- # Non Secure Access Control Register
- # - BIT15 : NSASEDIS - Disable Non-secure Advanced SIMD functionality
- # - BIT14 : NSD32DIS - Disable Non-secure use of D16-D31
- # - BIT11 : cp11 - Non-secure access to coprocessor 11 enable
- # - BIT10 : cp10 - Non-secure access to coprocessor 10 enable
- # 0xC00 = cp10 | cp11
- gArmTokenSpaceGuid.PcdArmNsacr|0xC00|UINT32|0x00000039
-
+
# System Memory (DRAM): These PCDs define the region of in-built system memory
# Some platforms can get DRAM extensions, these additional regions will be declared
# to UEFI by ArmPLatformPlib
@@ -182,6 +174,14 @@ # The FDT blob must be loaded at a 64bit aligned address.
gArmTokenSpaceGuid.PcdArmLinuxFdtAlignment|0x8|UINT32|0x00000026
+ # Non Secure Access Control Register
+ # - BIT15 : NSASEDIS - Disable Non-secure Advanced SIMD functionality
+ # - BIT14 : NSD32DIS - Disable Non-secure use of D16-D31
+ # - BIT11 : cp11 - Non-secure access to coprocessor 11 enable
+ # - BIT10 : cp10 - Non-secure access to coprocessor 10 enable
+ # 0xC00 = cp10 | cp11
+ gArmTokenSpaceGuid.PcdArmNsacr|0xC00|UINT32|0x00000039
+
[PcdsFixedAtBuild.AARCH64]
# By default we do transition to EL2 non-secure mode with Stack for EL2.
# Mode Description Bits
diff --git a/ArmPkg/Include/Chipset/AArch64.h b/ArmPkg/Include/Chipset/AArch64.h index 7f1f44ccc3..8b64786004 100644 --- a/ArmPkg/Include/Chipset/AArch64.h +++ b/ArmPkg/Include/Chipset/AArch64.h @@ -34,15 +34,6 @@ // ID_AA64PFR0 - AArch64 Processor Feature Register 0 definitions
#define AARCH64_PFR0_FP (0xF << 16)
-// NSACR - Non-Secure Access Control Register definitions
-#define NSACR_CP(cp) ((1 << (cp)) & 0x3FFF)
-#define NSACR_NSD32DIS (1 << 14)
-#define NSACR_NSASEDIS (1 << 15)
-#define NSACR_PLE (1 << 16)
-#define NSACR_TL (1 << 17)
-#define NSACR_NS_SMP (1 << 18)
-#define NSACR_RFR (1 << 19)
-
// SCR - Secure Configuration Register definitions
#define SCR_NS (1 << 0)
#define SCR_IRQ (1 << 1)
@@ -176,4 +167,9 @@ GcdAttributeToPageAttribute ( IN UINT64 GcdAttributes
);
+UINTN
+ArmWriteCptr (
+ IN UINT64 Cptr
+ );
+
#endif // __AARCH64_H__
diff --git a/ArmPkg/Include/Chipset/ArmV7.h b/ArmPkg/Include/Chipset/ArmV7.h index 479e8d05e1..29922eca19 100644 --- a/ArmPkg/Include/Chipset/ArmV7.h +++ b/ArmPkg/Include/Chipset/ArmV7.h @@ -112,5 +112,17 @@ EFIAPI ArmReadIdPfr1 (
VOID
);
-
+
+UINT32
+EFIAPI
+ArmReadNsacr (
+ VOID
+ );
+
+VOID
+EFIAPI
+ArmWriteNsacr (
+ IN UINT32 Nsacr
+ );
+
#endif // __ARM_V7_H__
diff --git a/ArmPkg/Include/Library/ArmLib.h b/ArmPkg/Include/Library/ArmLib.h index 1f1fd9e515..bd1bbc40b4 100644 --- a/ArmPkg/Include/Library/ArmLib.h +++ b/ArmPkg/Include/Library/ArmLib.h @@ -537,18 +537,6 @@ ArmEnableVFP ( UINT32
EFIAPI
-ArmReadNsacr (
- VOID
- );
-
-VOID
-EFIAPI
-ArmWriteNsacr (
- IN UINT32 SetWayFormat
- );
-
-UINT32
-EFIAPI
ArmReadScr (
VOID
);
diff --git a/ArmPkg/Library/ArmLib/ArmV7/ArmLibSupportV7.S b/ArmPkg/Library/ArmLib/ArmV7/ArmLibSupportV7.S index 9595f224c5..5ee8b25675 100644 --- a/ArmPkg/Library/ArmLib/ArmV7/ArmLibSupportV7.S +++ b/ArmPkg/Library/ArmLib/ArmV7/ArmLibSupportV7.S @@ -1,7 +1,7 @@ #------------------------------------------------------------------------------
#
# Copyright (c) 2008 - 2009, Apple Inc. All rights reserved.<BR>
-# Copyright (c) 2011, ARM Limited. All rights reserved.
+# Copyright (c) 2011-2013, ARM Limited. All rights reserved.
#
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
@@ -29,6 +29,8 @@ GCC_ASM_EXPORT(ArmEnableInterrupts) GCC_ASM_EXPORT(ArmDisableInterrupts)
GCC_ASM_EXPORT(ReadCCSIDR)
GCC_ASM_EXPORT(ReadCLIDR)
+GCC_ASM_EXPORT(ArmReadNsacr)
+GCC_ASM_EXPORT(ArmWriteNsacr)
#------------------------------------------------------------------------------
@@ -98,4 +100,12 @@ ASM_PFX(ReadCLIDR): mrc p15,1,r0,c0,c0,1 @ Read CP15 Cache Level ID Register
bx lr
+ASM_PFX(ArmReadNsacr):
+ mrc p15, 0, r0, c1, c1, 2
+ bx lr
+
+ASM_PFX(ArmWriteNsacr):
+ mcr p15, 0, r0, c1, c1, 2
+ bx lr
+
ASM_FUNCTION_REMOVE_IF_UNREFERENCED
diff --git a/ArmPkg/Library/ArmLib/ArmV7/ArmLibSupportV7.asm b/ArmPkg/Library/ArmLib/ArmV7/ArmLibSupportV7.asm index a5ff6b2610..6af662bda5 100644 --- a/ArmPkg/Library/ArmLib/ArmV7/ArmLibSupportV7.asm +++ b/ArmPkg/Library/ArmLib/ArmV7/ArmLibSupportV7.asm @@ -1,7 +1,7 @@ //------------------------------------------------------------------------------
//
// Copyright (c) 2008 - 2010, Apple Inc. All rights reserved.<BR>
-// Copyright (c) 2011, ARM Limited. All rights reserved.
+// Copyright (c) 2011-2013, ARM Limited. All rights reserved.
//
// This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License
@@ -25,7 +25,9 @@ EXPORT ArmDisableInterrupts
EXPORT ReadCCSIDR
EXPORT ReadCLIDR
-
+ EXPORT ArmReadNsacr
+ EXPORT ArmWriteNsacr
+
AREA ArmLibSupportV7, CODE, READONLY
@@ -96,5 +98,13 @@ ReadCCSIDR ReadCLIDR
mrc p15,1,r0,c0,c0,1 ; Read CP15 Cache Level ID Register
bx lr
-
+
+ArmReadNsacr
+ mrc p15, 0, r0, c1, c1, 2
+ bx lr
+
+ArmWriteNsacr
+ mcr p15, 0, r0, c1, c1, 2
+ bx lr
+
END
diff --git a/ArmPkg/Library/ArmLib/Common/AArch64/ArmLibSupport.S b/ArmPkg/Library/ArmLib/Common/AArch64/ArmLibSupport.S index 2db812616a..cf2ec76be9 100644 --- a/ArmPkg/Library/ArmLib/Common/AArch64/ArmLibSupport.S +++ b/ArmPkg/Library/ArmLib/Common/AArch64/ArmLibSupport.S @@ -32,7 +32,7 @@ GCC_ASM_EXPORT (ArmWriteAuxCr) GCC_ASM_EXPORT (ArmReadAuxCr)
GCC_ASM_EXPORT (ArmInvalidateTlb)
GCC_ASM_EXPORT (ArmUpdateTranslationTableEntry)
-GCC_ASM_EXPORT (ArmWriteNsacr)
+GCC_ASM_EXPORT (ArmWriteCptr)
GCC_ASM_EXPORT (ArmWriteScr)
GCC_ASM_EXPORT (ArmWriteMVBar)
GCC_ASM_EXPORT (ArmCallWFE)
@@ -176,9 +176,9 @@ ASM_PFX(ArmInvalidateTlb): isb
ret
-ASM_PFX(ArmWriteNsacr):
+ASM_PFX(ArmWriteCptr):
msr cptr_el3, x0 // EL3 Coprocessor Trap Reg (CPTR)
- ret // Non-Secure Access Control Reg (NSACR) in ARMv7
+ ret
ASM_PFX(ArmWriteScr):
msr scr_el3, x0 // Secure configuration register EL3
diff --git a/ArmPkg/Library/ArmLib/Common/Arm/ArmLibSupport.S b/ArmPkg/Library/ArmLib/Common/Arm/ArmLibSupport.S index 71aee43073..4c95565e8f 100644 --- a/ArmPkg/Library/ArmLib/Common/Arm/ArmLibSupport.S +++ b/ArmPkg/Library/ArmLib/Common/Arm/ArmLibSupport.S @@ -38,8 +38,6 @@ GCC_ASM_EXPORT(ArmWriteAuxCr) GCC_ASM_EXPORT(ArmReadAuxCr)
GCC_ASM_EXPORT(ArmInvalidateTlb)
GCC_ASM_EXPORT(ArmUpdateTranslationTableEntry)
-GCC_ASM_EXPORT(ArmReadNsacr)
-GCC_ASM_EXPORT(ArmWriteNsacr)
GCC_ASM_EXPORT(ArmReadScr)
GCC_ASM_EXPORT(ArmWriteScr)
GCC_ASM_EXPORT(ArmReadMVBar)
@@ -147,14 +145,6 @@ ASM_PFX(ArmInvalidateTlb): isb
bx lr
-ASM_PFX(ArmReadNsacr):
- mrc p15, 0, r0, c1, c1, 2
- bx lr
-
-ASM_PFX(ArmWriteNsacr):
- mcr p15, 0, r0, c1, c1, 2
- bx lr
-
ASM_PFX(ArmReadScr):
mrc p15, 0, r0, c1, c1, 0
bx lr
diff --git a/ArmPkg/Library/ArmLib/Common/Arm/ArmLibSupport.asm b/ArmPkg/Library/ArmLib/Common/Arm/ArmLibSupport.asm index 1636010e0f..f4b22943ff 100644 --- a/ArmPkg/Library/ArmLib/Common/Arm/ArmLibSupport.asm +++ b/ArmPkg/Library/ArmLib/Common/Arm/ArmLibSupport.asm @@ -38,8 +38,6 @@ EXPORT ArmReadAuxCr
EXPORT ArmInvalidateTlb
EXPORT ArmUpdateTranslationTableEntry
- EXPORT ArmReadNsacr
- EXPORT ArmWriteNsacr
EXPORT ArmReadScr
EXPORT ArmWriteScr
EXPORT ArmReadMVBar
@@ -147,14 +145,6 @@ ArmInvalidateTlb isb
bx lr
-ArmReadNsacr
- mrc p15, 0, r0, c1, c1, 2
- bx lr
-
-ArmWriteNsacr
- mcr p15, 0, r0, c1, c1, 2
- bx lr
-
ArmReadScr
mrc p15, 0, r0, c1, c1, 0
bx lr
diff --git a/ArmPlatformPkg/Sec/AArch64/Arch.c b/ArmPlatformPkg/Sec/AArch64/Arch.c new file mode 100644 index 0000000000..6e7d58e5d4 --- /dev/null +++ b/ArmPlatformPkg/Sec/AArch64/Arch.c @@ -0,0 +1,25 @@ +/** @file
+*
+* Copyright (c) 2013, ARM Limited. All rights reserved.
+*
+* This program and the accompanying materials
+* are licensed and made available under the terms and conditions of the BSD License
+* which accompanies this distribution. The full text of the license may be found at
+* http://opensource.org/licenses/bsd-license.php
+*
+* THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+* WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+*
+**/
+
+#include <Chipset/AArch64.h>
+
+VOID
+EFIAPI
+ArmSecArchTrustzoneInit (
+ VOID
+ )
+{
+ // Do not trap any access to Floating Point and Advanced SIMD in EL3.
+ ArmWriteCptr (0);
+}
diff --git a/ArmPlatformPkg/Sec/Arm/Arch.c b/ArmPlatformPkg/Sec/Arm/Arch.c new file mode 100644 index 0000000000..85df0816ef --- /dev/null +++ b/ArmPlatformPkg/Sec/Arm/Arch.c @@ -0,0 +1,25 @@ +/** @file
+*
+* Copyright (c) 2013, ARM Limited. All rights reserved.
+*
+* This program and the accompanying materials
+* are licensed and made available under the terms and conditions of the BSD License
+* which accompanies this distribution. The full text of the license may be found at
+* http://opensource.org/licenses/bsd-license.php
+*
+* THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+* WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+*
+**/
+
+#include <Chipset/ArmV7.h>
+
+VOID
+EFIAPI
+ArmSecArchTrustzoneInit (
+ VOID
+ )
+{
+ // Write to CP15 Non-secure Access Control Register
+ ArmWriteNsacr (PcdGet32 (PcdArmNsacr));
+}
diff --git a/ArmPlatformPkg/Sec/Sec.c b/ArmPlatformPkg/Sec/Sec.c index 5282d68ec7..088a9247b4 100644 --- a/ArmPlatformPkg/Sec/Sec.c +++ b/ArmPlatformPkg/Sec/Sec.c @@ -165,8 +165,8 @@ TrustedWorldInitialization ( JumpAddress = PcdGet32 (PcdFvBaseAddress);
ArmPlatformSecExtraAction (MpId, &JumpAddress);
- // Write to CP15 Non-secure Access Control Register
- ArmWriteNsacr (PcdGet32 (PcdArmNsacr));
+ // Initialize architecture specific security policy
+ ArmSecArchTrustzoneInit ();
// CP15 Secure Configuration Register
ArmWriteScr (PcdGet32 (PcdArmScr));
diff --git a/ArmPlatformPkg/Sec/Sec.inf b/ArmPlatformPkg/Sec/Sec.inf index dc1c4f2bee..3e9a246d73 100644 --- a/ArmPlatformPkg/Sec/Sec.inf +++ b/ArmPlatformPkg/Sec/Sec.inf @@ -24,12 +24,14 @@ Sec.c
[Sources.ARM]
+ Arm/Arch.c
Arm/Helper.asm | RVCT
Arm/Helper.S | GCC
Arm/SecEntryPoint.S | GCC
Arm/SecEntryPoint.asm | RVCT
[Sources.AARCH64]
+ AArch64/Arch.c
AArch64/Helper.S | GCC
AArch64/SecEntryPoint.S | GCC
@@ -56,14 +58,13 @@ [FeaturePcd]
gArmPlatformTokenSpaceGuid.PcdSystemMemoryInitializeInSec
-[FixedPcd]
+[FixedPcd.common]
gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVersionString
gArmTokenSpaceGuid.PcdTrustzoneSupport
gArmTokenSpaceGuid.PcdVFPEnabled
gArmTokenSpaceGuid.PcdArmScr
- gArmTokenSpaceGuid.PcdArmNsacr
gArmTokenSpaceGuid.PcdArmNonSecModeTransition
gArmTokenSpaceGuid.PcdSecureFvBaseAddress
@@ -81,3 +82,6 @@ gArmTokenSpaceGuid.PcdGicInterruptInterfaceBase
gArmPlatformTokenSpaceGuid.PcdSecGlobalVariableSize
+
+[FixedPcd.ARM]
+ gArmTokenSpaceGuid.PcdArmNsacr
diff --git a/ArmPlatformPkg/Sec/SecInternal.h b/ArmPlatformPkg/Sec/SecInternal.h index 255059af5f..111123725b 100644 --- a/ArmPlatformPkg/Sec/SecInternal.h +++ b/ArmPlatformPkg/Sec/SecInternal.h @@ -74,4 +74,10 @@ SecCommonExceptionEntry ( IN UINTN LR
);
+VOID
+EFIAPI
+ArmSecArchTrustzoneInit (
+ VOID
+ );
+
#endif
|