Please have a look at following patch, where on our platform we try to maintain single image of TFA (for custom CPU and Cortex A55) Cortex A55 does not have Secure EL2 implemented, while on the other hand our custom CPU has secure EL2 (and we run Hafnium there)
On Cortex A55 ARM AEM model: write_icc_sre_el2(read_el2_ctx_common(ctx, icc_sre_el2));
the context was set before as u_register_t icc_sre_el2_val = ICC_SRE_DIB_BIT | ICC_SRE_DFB_BIT | ICC_SRE_EN_BIT | ICC_SRE_SRE_BIT;
and setting ICC_SRE_DIB_BIT | ICC_SRE_DFB_BIT causes crash since secure EL2 is not implemented.
resulting into following patch which resolves the issue. seeking feedback/discussion if I can post it to upstream TFA, let me know if I am missing something here.
lib/el3_runtime: set NS bit if secure el2 is not implemented
before setting icc_sre_el2 set NS bit for non-secure context so that the ICC_SRE_DIB_BIT and ICC_SRE_DFB_BIT are preserved
Signed-off-by: Oza Pawandeep quic_poza@quicinc.com
diff --git a/lib/el3_runtime/aarch64/context_mgmt.c b/lib/el3_runtime/aarch64/context_mgmt.c index e31255868..5100f2f00 100644 --- a/lib/el3_runtime/aarch64/context_mgmt.c +++ b/lib/el3_runtime/aarch64/context_mgmt.c @@ -1411,7 +1411,18 @@ static void el2_sysregs_context_restore_gic(el2_sysregs_t *ctx, uint32_t securit u_register_t scr_el3 = read_scr_el3();
#if defined(SPD_spmd) && SPMD_SPM_AT_SEL2 - write_icc_sre_el2(read_el2_ctx_common(ctx, icc_sre_el2)); + if (is_feat_sel2_supported()) { + write_icc_sre_el2(read_el2_ctx_common(ctx, icc_sre_el2)); + } else { + write_scr_el3(scr_el3 | SCR_NS_BIT); + isb(); + + write_icc_sre_el2(read_el2_ctx_common(ctx, icc_sre_el2)); + + write_scr_el3(scr_el3); + isb(); + } + #else write_scr_el3(scr_el3 | SCR_NS_BIT); isb();
Regards, Oza.