Hi

To understand the interrupt handling in TF-A, i recommend you go through https://trustedfirmware-a.readthedocs.io/en/latest/design/interrupt-framework-design.html#concepts

To debug your problem, you need to first check if the timer interrupt is generated as FIQ and check whether it indeed is trapped in EL3 (checking SCR_EL3.FIQ=1).

Regarding build errors while adding .S files and your assembly implementation, it will be better if you share your code (may be pushing a patch on https://review.trustedfirmware.org).

Thanks
Manish

From: TF-A <tf-a-bounces@lists.trustedfirmware.org> on behalf of Ian Burres via TF-A <tf-a@lists.trustedfirmware.org>
Sent: 06 January 2021 17:56
To: tf-a@lists.trustedfirmware.org <tf-a@lists.trustedfirmware.org>
Subject: [TF-A] Routing FIQ timer interrupts to EL3 on Raspberry Pi 4B
 

I am attempting to route FIQ timer interrupts using the ARM timers (not system timers) to EL3 in order to achieve introspection.  I am running TF-A (cross compiled for AArch64/AArch32) on a Raspberry Pi 4B, which uses the Broadcom 2711 chipset.  I have written some code, but I am not an embedded software engineer – I’m an IoT pentester.  The ARM timers look like this:

 

RPI4_ARM_TIMER_LOAD         0x400

RPI4_ARM_TIMER_VALUE       0x404

…..

RPI4_ARM_TIMER_FREE_COUNTER   0x420

 

System timers are:

 

RPI4_SYS_TIMER_CLO, RPI4_SYS_TIMER_CS, etc…

 

I have successfully implement a Linux driver that allows me to dump kernel page tables and memory; however, I cannot see user page tables (even after running a CPU intensive program ).  I believe the only way to view user page tables is to have interrupts routed to EL3 – a Linux driver is not sufficient.  I have 3 UARTs attached with a debug log and screen setup.  From what I have read, the Raspberry Pi 4B uses GICv2.  TF-A supports EL3 routing when the build option GICV2_GO_FOR_EL3 is enabled, which I have done. 

 

>From what I have gathered, the FIQ interrupt has to be written in assembly.  So far, I have created a vector table, loaded the vector table, and masked and unmasked interrupts using daifclr, #3 and daifset, #3 instructions, using inline assembly.  The timer is initinitialized and handled using C functions.  I am using inline assembly, because I am adding code to the TF-A base, and I have not discovered how to add .S files to the build without receiving make errors.  I will gladly share the code I have if it helps, but what I am really looking for is if anyone believes I am on the right track or not.  Obviously, I am not implementing something correctly since the interrupt is not being handled.  Thanks.

 

Thomas

 

Sent from Mail for Windows 10