From 5e7731443c6c9214bb012e70f267c3af0aa33258 Mon Sep 17 00:00:00 2001 From: oliviermartin Date: Mon, 26 Mar 2012 11:03:36 +0000 Subject: ArmPlatformPkg/Sec: Allowed the Secondary Cores to set the Secure/Non Secure bits to their PPIs The GICD_IGROUPR0 is banked for each connected processor. It means the Non-Secure bits for the PPIs (Private Peripheral Interrupts) must be configured for every processor. git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13135 6f19259b-4bc3-4df7-8a09-765794883524 --- ArmPkg/Drivers/PL390Gic/PL390GicSec.c | 16 ++++++++++++---- ArmPkg/Drivers/PL390Gic/PL390GicSecLib.inf | 6 +++++- ArmPkg/Include/Library/ArmGicLib.h | 3 ++- .../Library/ArmRealViewEbLibRTSM/ArmRealViewEbSec.c | 2 +- .../Library/ArmVExpressLibCTA9x4/ArmVExpressSecLib.inf | 3 +++ .../Library/ArmVExpressLibCTA9x4/CTA9x4Sec.c | 7 ++++++- .../ArmVExpressPkg/Library/ArmVExpressLibRTSM/RTSMSec.c | 2 +- ArmPlatformPkg/Include/Library/ArmPlatformLib.h | 2 +- .../Library/ArmPlatformLibNull/ArmPlatformLibNullSec.c | 7 ++++++- .../Library/ArmPlatformLibNull/ArmPlatformLibNullSec.inf | 5 ++++- ArmPlatformPkg/Sec/Sec.c | 12 ++++++------ BeagleBoardPkg/Library/BeagleBoardLib/BeagleBoard.c | 15 --------------- 12 files changed, 47 insertions(+), 33 deletions(-) diff --git a/ArmPkg/Drivers/PL390Gic/PL390GicSec.c b/ArmPkg/Drivers/PL390Gic/PL390GicSec.c index 4f10e4e512..12f9e3e3fc 100644 --- a/ArmPkg/Drivers/PL390Gic/PL390GicSec.c +++ b/ArmPkg/Drivers/PL390Gic/PL390GicSec.c @@ -1,6 +1,6 @@ /** @file * -* Copyright (c) 2011, ARM Limited. All rights reserved. +* Copyright (c) 2011-2012, ARM Limited. All rights reserved. * * This program and the accompanying materials * are licensed and made available under the terms and conditions of the BSD License @@ -13,6 +13,7 @@ **/ #include +#include #include #include #include @@ -24,6 +25,7 @@ VOID EFIAPI ArmGicSetupNonSecure ( + IN UINTN MpId, IN INTN GicDistributorBase, IN INTN GicInterruptInterfaceBase ) @@ -47,9 +49,15 @@ ArmGicSetupNonSecure ( MmioWrite32 (GicInterruptInterfaceBase + ARM_GIC_ICCEIOR, InterruptId); } - // Ensure all GIC interrupts are Non-Secure - for (Index = 0; Index < (PcdGet32(PcdGicNumInterrupts) / 32); Index++) { - MmioWrite32 (GicDistributorBase + ARM_GIC_ICDISR + (Index * 4), 0xffffffff); + // Only the primary core should set the Non Secure bit to the SPIs (Shared Peripheral Interrupt). + if (IS_PRIMARY_CORE(MpId)) { + // Ensure all GIC interrupts are Non-Secure + for (Index = 0; Index < (PcdGet32(PcdGicNumInterrupts) / 32); Index++) { + MmioWrite32 (GicDistributorBase + ARM_GIC_ICDISR + (Index * 4), 0xffffffff); + } + } else { + // The secondary cores only set the Non Secure bit to their banked PPIs + MmioWrite32 (GicDistributorBase + ARM_GIC_ICDISR, 0xffffffff); } // Ensure all interrupts can get through the priority mask diff --git a/ArmPkg/Drivers/PL390Gic/PL390GicSecLib.inf b/ArmPkg/Drivers/PL390Gic/PL390GicSecLib.inf index 13085221ca..ff89103393 100644 --- a/ArmPkg/Drivers/PL390Gic/PL390GicSecLib.inf +++ b/ArmPkg/Drivers/PL390Gic/PL390GicSecLib.inf @@ -1,5 +1,5 @@ #/* @file -# Copyright (c) 2011, ARM Limited. All rights reserved. +# Copyright (c) 2011-2012, ARM Limited. All rights reserved. # # This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License @@ -28,6 +28,7 @@ MdePkg/MdePkg.dec [LibraryClasses] + ArmLib DebugLib IoLib PcdLib @@ -35,3 +36,6 @@ [FixedPcd.common] gArmTokenSpaceGuid.PcdGicNumInterrupts gArmTokenSpaceGuid.PcdGicSgiIntId + + gArmTokenSpaceGuid.PcdArmPrimaryCoreMask + gArmTokenSpaceGuid.PcdArmPrimaryCore diff --git a/ArmPkg/Include/Library/ArmGicLib.h b/ArmPkg/Include/Library/ArmGicLib.h index 66e12dad59..44cc89c353 100644 --- a/ArmPkg/Include/Library/ArmGicLib.h +++ b/ArmPkg/Include/Library/ArmGicLib.h @@ -1,6 +1,6 @@ /** @file * -* Copyright (c) 2011, ARM Limited. All rights reserved. +* Copyright (c) 2011-2012, ARM Limited. All rights reserved. * * This program and the accompanying materials * are licensed and made available under the terms and conditions of the BSD License @@ -77,6 +77,7 @@ VOID EFIAPI ArmGicSetupNonSecure ( + IN UINTN MpId, IN INTN GicDistributorBase, IN INTN GicInterruptInterfaceBase ); diff --git a/ArmPlatformPkg/ArmRealViewEbPkg/Library/ArmRealViewEbLibRTSM/ArmRealViewEbSec.c b/ArmPlatformPkg/ArmRealViewEbPkg/Library/ArmRealViewEbLibRTSM/ArmRealViewEbSec.c index 5eb667d6eb..7191835a61 100755 --- a/ArmPlatformPkg/ArmRealViewEbPkg/Library/ArmRealViewEbLibRTSM/ArmRealViewEbSec.c +++ b/ArmPlatformPkg/ArmRealViewEbPkg/Library/ArmRealViewEbLibRTSM/ArmRealViewEbSec.c @@ -31,7 +31,7 @@ **/ VOID ArmPlatformTrustzoneInit ( - VOID + IN UINTN MpId ) { ASSERT(FALSE); diff --git a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibCTA9x4/ArmVExpressSecLib.inf b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibCTA9x4/ArmVExpressSecLib.inf index 03aee0378a..47ad7396ad 100644 --- a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibCTA9x4/ArmVExpressSecLib.inf +++ b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibCTA9x4/ArmVExpressSecLib.inf @@ -52,3 +52,6 @@ gArmTokenSpaceGuid.PcdTrustzoneSupport gArmTokenSpaceGuid.PcdL2x0ControllerBase + + gArmTokenSpaceGuid.PcdArmPrimaryCoreMask + gArmTokenSpaceGuid.PcdArmPrimaryCore diff --git a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibCTA9x4/CTA9x4Sec.c b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibCTA9x4/CTA9x4Sec.c index 0cf07a3caf..37140a4a58 100644 --- a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibCTA9x4/CTA9x4Sec.c +++ b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibCTA9x4/CTA9x4Sec.c @@ -32,9 +32,14 @@ **/ VOID ArmPlatformTrustzoneInit ( - VOID + IN UINTN MpId ) { + // Nothing to do + if (!IS_PRIMARY_CORE(MpId)) { + return; + } + // // Setup TZ Protection Controller // diff --git a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibRTSM/RTSMSec.c b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibRTSM/RTSMSec.c index deba689360..c65c28c1fa 100644 --- a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibRTSM/RTSMSec.c +++ b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibRTSM/RTSMSec.c @@ -31,7 +31,7 @@ **/ VOID ArmPlatformTrustzoneInit ( - VOID + IN UINTN MpId ) { // No TZPC or TZASC on RTSM to initialize diff --git a/ArmPlatformPkg/Include/Library/ArmPlatformLib.h b/ArmPlatformPkg/Include/Library/ArmPlatformLib.h index 852eb236ce..7dd39fef8c 100644 --- a/ArmPlatformPkg/Include/Library/ArmPlatformLib.h +++ b/ArmPlatformPkg/Include/Library/ArmPlatformLib.h @@ -140,7 +140,7 @@ ArmPlatformInitializeSystemMemory ( **/ VOID ArmPlatformTrustzoneInit ( - VOID + IN UINTN MpId ); /** diff --git a/ArmPlatformPkg/Library/ArmPlatformLibNull/ArmPlatformLibNullSec.c b/ArmPlatformPkg/Library/ArmPlatformLibNull/ArmPlatformLibNullSec.c index 11183e9393..9622a32291 100644 --- a/ArmPlatformPkg/Library/ArmPlatformLibNull/ArmPlatformLibNullSec.c +++ b/ArmPlatformPkg/Library/ArmPlatformLibNull/ArmPlatformLibNullSec.c @@ -25,9 +25,14 @@ **/ VOID ArmPlatformTrustzoneInit ( - VOID + IN UINTN MpId ) { + // Secondary cores might have to set the Secure SGIs into the GICD_IGROUPR0 + if (!IS_PRIMARY_CORE(MpId)) { + return; + } + ASSERT(FALSE); } diff --git a/ArmPlatformPkg/Library/ArmPlatformLibNull/ArmPlatformLibNullSec.inf b/ArmPlatformPkg/Library/ArmPlatformLibNull/ArmPlatformLibNullSec.inf index 80ac1a6045..bd3dc4958c 100644 --- a/ArmPlatformPkg/Library/ArmPlatformLibNull/ArmPlatformLibNullSec.inf +++ b/ArmPlatformPkg/Library/ArmPlatformLibNull/ArmPlatformLibNullSec.inf @@ -1,5 +1,5 @@ #/* @file -# Copyright (c) 2011, ARM Limited. All rights reserved. +# Copyright (c) 2011-2012, ARM Limited. All rights reserved. # # This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License @@ -37,3 +37,6 @@ [FixedPcd] gArmTokenSpaceGuid.PcdFvBaseAddress + + gArmTokenSpaceGuid.PcdArmPrimaryCoreMask + gArmTokenSpaceGuid.PcdArmPrimaryCore diff --git a/ArmPlatformPkg/Sec/Sec.c b/ArmPlatformPkg/Sec/Sec.c index 6b478ac0b4..d12c359d4f 100644 --- a/ArmPlatformPkg/Sec/Sec.c +++ b/ArmPlatformPkg/Sec/Sec.c @@ -144,14 +144,14 @@ TrustedWorldInitialization ( // Set up Monitor World (Vector Table, etc) ArmSecureMonitorWorldInitialize (); - // Setup the Trustzone Chipsets - if (IS_PRIMARY_CORE(MpId)) { - // Transfer the interrupt to Non-secure World - ArmGicSetupNonSecure (PcdGet32(PcdGicDistributorBase), PcdGet32(PcdGicInterruptInterfaceBase)); + // Transfer the interrupt to Non-secure World + ArmGicSetupNonSecure (MpId, PcdGet32(PcdGicDistributorBase), PcdGet32(PcdGicInterruptInterfaceBase)); - // Initialize platform specific security policy - ArmPlatformTrustzoneInit (); + // Initialize platform specific security policy + ArmPlatformTrustzoneInit (MpId); + // Setup the Trustzone Chipsets + if (IS_PRIMARY_CORE(MpId)) { if (ArmIsMpCore()) { // Waiting for the Primary Core to have finished to initialize the Secure World ArmCpuSynchronizeSignal (ARM_CPU_EVENT_SECURE_INIT); diff --git a/BeagleBoardPkg/Library/BeagleBoardLib/BeagleBoard.c b/BeagleBoardPkg/Library/BeagleBoardLib/BeagleBoard.c index 8acb6d9710..a806848ad5 100755 --- a/BeagleBoardPkg/Library/BeagleBoardLib/BeagleBoard.c +++ b/BeagleBoardPkg/Library/BeagleBoardLib/BeagleBoard.c @@ -74,21 +74,6 @@ ArmPlatformTrustzoneSupported ( return FALSE; } -/** - Initialize the Secure peripherals and memory regions - - If Trustzone is supported by your platform then this function makes the required initialization - of the secure peripherals and memory regions. - -**/ -VOID -ArmPlatformTrustzoneInit ( - VOID - ) -{ - ASSERT(FALSE); -} - /** Remap the memory at 0x0 -- cgit v1.2.3