1 /*
2  * Copyright (c) 2017-2021, Arm Limited and Contributors. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  */
6 
7 #include <assert.h>
8 #include <stdbool.h>
9 #include <stdint.h>
10 
11 #include <arch.h>
12 #include <arch_features.h>
13 #include <arch_helpers.h>
14 #include <lib/cassert.h>
15 #include <lib/utils_def.h>
16 #include <lib/xlat_tables/xlat_tables_v2.h>
17 
18 #include "../xlat_tables_private.h"
19 
20 /*
21  * Returns true if the provided granule size is supported, false otherwise.
22  */
xlat_arch_is_granule_size_supported(size_t size)23 bool xlat_arch_is_granule_size_supported(size_t size)
24 {
25 	u_register_t id_aa64mmfr0_el1 = read_id_aa64mmfr0_el1();
26 
27 	if (size == PAGE_SIZE_4KB) {
28 		return ((id_aa64mmfr0_el1 >> ID_AA64MMFR0_EL1_TGRAN4_SHIFT) &
29 			 ID_AA64MMFR0_EL1_TGRAN4_MASK) ==
30 			 ID_AA64MMFR0_EL1_TGRAN4_SUPPORTED;
31 	} else if (size == PAGE_SIZE_16KB) {
32 		return ((id_aa64mmfr0_el1 >> ID_AA64MMFR0_EL1_TGRAN16_SHIFT) &
33 			 ID_AA64MMFR0_EL1_TGRAN16_MASK) ==
34 			 ID_AA64MMFR0_EL1_TGRAN16_SUPPORTED;
35 	} else if (size == PAGE_SIZE_64KB) {
36 		return ((id_aa64mmfr0_el1 >> ID_AA64MMFR0_EL1_TGRAN64_SHIFT) &
37 			 ID_AA64MMFR0_EL1_TGRAN64_MASK) ==
38 			 ID_AA64MMFR0_EL1_TGRAN64_SUPPORTED;
39 	} else {
40 		return 0;
41 	}
42 }
43 
xlat_arch_get_max_supported_granule_size(void)44 size_t xlat_arch_get_max_supported_granule_size(void)
45 {
46 	if (xlat_arch_is_granule_size_supported(PAGE_SIZE_64KB)) {
47 		return PAGE_SIZE_64KB;
48 	} else if (xlat_arch_is_granule_size_supported(PAGE_SIZE_16KB)) {
49 		return PAGE_SIZE_16KB;
50 	} else {
51 		assert(xlat_arch_is_granule_size_supported(PAGE_SIZE_4KB));
52 		return PAGE_SIZE_4KB;
53 	}
54 }
55 
56 /*
57  * Determine the physical address space encoded in the 'attr' parameter.
58  *
59  * The physical address will fall into one of four spaces; secure,
60  * nonsecure, root, or realm if RME is enabled, or one of two spaces;
61  * secure and nonsecure otherwise.
62  */
xlat_arch_get_pas(uint32_t attr)63 uint32_t xlat_arch_get_pas(uint32_t attr)
64 {
65 	uint32_t pas = MT_PAS(attr);
66 
67 	switch (pas) {
68 #if ENABLE_RME
69 	/* TTD.NSE = 1 and TTD.NS = 1 for Realm PAS */
70 	case MT_REALM:
71 		return LOWER_ATTRS(EL3_S1_NSE | NS);
72 	/* TTD.NSE = 1 and TTD.NS = 0 for Root PAS */
73 	case MT_ROOT:
74 		return LOWER_ATTRS(EL3_S1_NSE);
75 #endif
76 	case MT_NS:
77 		return LOWER_ATTRS(NS);
78 	default: /* MT_SECURE */
79 		return 0U;
80 	}
81 }
82 
tcr_physical_addr_size_bits(unsigned long long max_addr)83 unsigned long long tcr_physical_addr_size_bits(unsigned long long max_addr)
84 {
85 	/* Physical address can't exceed 48 bits */
86 	assert((max_addr & ADDR_MASK_48_TO_63) == 0U);
87 
88 	/* 48 bits address */
89 	if ((max_addr & ADDR_MASK_44_TO_47) != 0U)
90 		return TCR_PS_BITS_256TB;
91 
92 	/* 44 bits address */
93 	if ((max_addr & ADDR_MASK_42_TO_43) != 0U)
94 		return TCR_PS_BITS_16TB;
95 
96 	/* 42 bits address */
97 	if ((max_addr & ADDR_MASK_40_TO_41) != 0U)
98 		return TCR_PS_BITS_4TB;
99 
100 	/* 40 bits address */
101 	if ((max_addr & ADDR_MASK_36_TO_39) != 0U)
102 		return TCR_PS_BITS_1TB;
103 
104 	/* 36 bits address */
105 	if ((max_addr & ADDR_MASK_32_TO_35) != 0U)
106 		return TCR_PS_BITS_64GB;
107 
108 	return TCR_PS_BITS_4GB;
109 }
110 
111 #if ENABLE_ASSERTIONS
112 /*
113  * Physical Address ranges supported in the AArch64 Memory Model. Value 0b110 is
114  * supported in ARMv8.2 onwards.
115  */
116 static const unsigned int pa_range_bits_arr[] = {
117 	PARANGE_0000, PARANGE_0001, PARANGE_0010, PARANGE_0011, PARANGE_0100,
118 	PARANGE_0101, PARANGE_0110
119 };
120 
xlat_arch_get_max_supported_pa(void)121 unsigned long long xlat_arch_get_max_supported_pa(void)
122 {
123 	u_register_t pa_range = read_id_aa64mmfr0_el1() &
124 						ID_AA64MMFR0_EL1_PARANGE_MASK;
125 
126 	/* All other values are reserved */
127 	assert(pa_range < ARRAY_SIZE(pa_range_bits_arr));
128 
129 	return (1ULL << pa_range_bits_arr[pa_range]) - 1ULL;
130 }
131 
132 /*
133  * Return minimum virtual address space size supported by the architecture
134  */
xlat_get_min_virt_addr_space_size(void)135 uintptr_t xlat_get_min_virt_addr_space_size(void)
136 {
137 	uintptr_t ret;
138 
139 	if (is_armv8_4_ttst_present())
140 		ret = MIN_VIRT_ADDR_SPACE_SIZE_TTST;
141 	else
142 		ret = MIN_VIRT_ADDR_SPACE_SIZE;
143 
144 	return ret;
145 }
146 #endif /* ENABLE_ASSERTIONS*/
147 
is_mmu_enabled_ctx(const xlat_ctx_t * ctx)148 bool is_mmu_enabled_ctx(const xlat_ctx_t *ctx)
149 {
150 	if (ctx->xlat_regime == EL1_EL0_REGIME) {
151 		assert(xlat_arch_current_el() >= 1U);
152 		return (read_sctlr_el1() & SCTLR_M_BIT) != 0U;
153 	} else if (ctx->xlat_regime == EL2_REGIME) {
154 		assert(xlat_arch_current_el() >= 2U);
155 		return (read_sctlr_el2() & SCTLR_M_BIT) != 0U;
156 	} else {
157 		assert(ctx->xlat_regime == EL3_REGIME);
158 		assert(xlat_arch_current_el() >= 3U);
159 		return (read_sctlr_el3() & SCTLR_M_BIT) != 0U;
160 	}
161 }
162 
is_dcache_enabled(void)163 bool is_dcache_enabled(void)
164 {
165 	unsigned int el = get_current_el_maybe_constant();
166 
167 	if (el == 1U) {
168 		return (read_sctlr_el1() & SCTLR_C_BIT) != 0U;
169 	} else if (el == 2U) {
170 		return (read_sctlr_el2() & SCTLR_C_BIT) != 0U;
171 	} else {
172 		return (read_sctlr_el3() & SCTLR_C_BIT) != 0U;
173 	}
174 }
175 
xlat_arch_regime_get_xn_desc(int xlat_regime)176 uint64_t xlat_arch_regime_get_xn_desc(int xlat_regime)
177 {
178 	if (xlat_regime == EL1_EL0_REGIME) {
179 		return UPPER_ATTRS(UXN) | UPPER_ATTRS(PXN);
180 	} else {
181 		assert((xlat_regime == EL2_REGIME) ||
182 		       (xlat_regime == EL3_REGIME));
183 		return UPPER_ATTRS(XN);
184 	}
185 }
186 
xlat_arch_tlbi_va(uintptr_t va,int xlat_regime)187 void xlat_arch_tlbi_va(uintptr_t va, int xlat_regime)
188 {
189 	/*
190 	 * Ensure the translation table write has drained into memory before
191 	 * invalidating the TLB entry.
192 	 */
193 	dsbishst();
194 
195 	/*
196 	 * This function only supports invalidation of TLB entries for the EL3
197 	 * and EL1&0 translation regimes.
198 	 *
199 	 * Also, it is architecturally UNDEFINED to invalidate TLBs of a higher
200 	 * exception level (see section D4.9.2 of the ARM ARM rev B.a).
201 	 */
202 	if (xlat_regime == EL1_EL0_REGIME) {
203 		assert(xlat_arch_current_el() >= 1U);
204 		tlbivaae1is(TLBI_ADDR(va));
205 	} else if (xlat_regime == EL2_REGIME) {
206 		assert(xlat_arch_current_el() >= 2U);
207 		tlbivae2is(TLBI_ADDR(va));
208 	} else {
209 		assert(xlat_regime == EL3_REGIME);
210 		assert(xlat_arch_current_el() >= 3U);
211 		tlbivae3is(TLBI_ADDR(va));
212 	}
213 }
214 
xlat_arch_tlbi_va_sync(void)215 void xlat_arch_tlbi_va_sync(void)
216 {
217 	/*
218 	 * A TLB maintenance instruction can complete at any time after
219 	 * it is issued, but is only guaranteed to be complete after the
220 	 * execution of DSB by the PE that executed the TLB maintenance
221 	 * instruction. After the TLB invalidate instruction is
222 	 * complete, no new memory accesses using the invalidated TLB
223 	 * entries will be observed by any observer of the system
224 	 * domain. See section D4.8.2 of the ARMv8 (issue k), paragraph
225 	 * "Ordering and completion of TLB maintenance instructions".
226 	 */
227 	dsbish();
228 
229 	/*
230 	 * The effects of a completed TLB maintenance instruction are
231 	 * only guaranteed to be visible on the PE that executed the
232 	 * instruction after the execution of an ISB instruction by the
233 	 * PE that executed the TLB maintenance instruction.
234 	 */
235 	isb();
236 }
237 
xlat_arch_current_el(void)238 unsigned int xlat_arch_current_el(void)
239 {
240 	unsigned int el = (unsigned int)GET_EL(read_CurrentEl());
241 
242 	assert(el > 0U);
243 
244 	return el;
245 }
246 
setup_mmu_cfg(uint64_t * params,unsigned int flags,const uint64_t * base_table,unsigned long long max_pa,uintptr_t max_va,int xlat_regime)247 void setup_mmu_cfg(uint64_t *params, unsigned int flags,
248 		   const uint64_t *base_table, unsigned long long max_pa,
249 		   uintptr_t max_va, int xlat_regime)
250 {
251 	uint64_t mair, ttbr0, tcr;
252 	uintptr_t virtual_addr_space_size;
253 
254 	/* Set attributes in the right indices of the MAIR. */
255 	mair = MAIR_ATTR_SET(ATTR_DEVICE, ATTR_DEVICE_INDEX);
256 	mair |= MAIR_ATTR_SET(ATTR_IWBWA_OWBWA_NTR, ATTR_IWBWA_OWBWA_NTR_INDEX);
257 	mair |= MAIR_ATTR_SET(ATTR_NON_CACHEABLE, ATTR_NON_CACHEABLE_INDEX);
258 
259 	/*
260 	 * Limit the input address ranges and memory region sizes translated
261 	 * using TTBR0 to the given virtual address space size.
262 	 */
263 	assert(max_va < ((uint64_t)UINTPTR_MAX));
264 
265 	virtual_addr_space_size = (uintptr_t)max_va + 1U;
266 
267 	assert(virtual_addr_space_size >=
268 		xlat_get_min_virt_addr_space_size());
269 	assert(virtual_addr_space_size <= MAX_VIRT_ADDR_SPACE_SIZE);
270 	assert(IS_POWER_OF_TWO(virtual_addr_space_size));
271 
272 	/*
273 	 * __builtin_ctzll(0) is undefined but here we are guaranteed that
274 	 * virtual_addr_space_size is in the range [1,UINTPTR_MAX].
275 	 */
276 	int t0sz = 64 - __builtin_ctzll(virtual_addr_space_size);
277 
278 	tcr = (uint64_t)t0sz << TCR_T0SZ_SHIFT;
279 
280 	/*
281 	 * Set the cacheability and shareability attributes for memory
282 	 * associated with translation table walks.
283 	 */
284 	if ((flags & XLAT_TABLE_NC) != 0U) {
285 		/* Inner & outer non-cacheable non-shareable. */
286 		tcr |= TCR_SH_NON_SHAREABLE |
287 			TCR_RGN_OUTER_NC | TCR_RGN_INNER_NC;
288 	} else {
289 		/* Inner & outer WBWA & shareable. */
290 		tcr |= TCR_SH_INNER_SHAREABLE |
291 			TCR_RGN_OUTER_WBA | TCR_RGN_INNER_WBA;
292 	}
293 
294 	/*
295 	 * It is safer to restrict the max physical address accessible by the
296 	 * hardware as much as possible.
297 	 */
298 	unsigned long long tcr_ps_bits = tcr_physical_addr_size_bits(max_pa);
299 
300 	if (xlat_regime == EL1_EL0_REGIME) {
301 		/*
302 		 * TCR_EL1.EPD1: Disable translation table walk for addresses
303 		 * that are translated using TTBR1_EL1.
304 		 */
305 		tcr |= TCR_EPD1_BIT | (tcr_ps_bits << TCR_EL1_IPS_SHIFT);
306 	} else if (xlat_regime == EL2_REGIME) {
307 		tcr |= TCR_EL2_RES1 | (tcr_ps_bits << TCR_EL2_PS_SHIFT);
308 	} else {
309 		assert(xlat_regime == EL3_REGIME);
310 		tcr |= TCR_EL3_RES1 | (tcr_ps_bits << TCR_EL3_PS_SHIFT);
311 	}
312 
313 	/* Set TTBR bits as well */
314 	ttbr0 = (uint64_t) base_table;
315 
316 	if (is_armv8_2_ttcnp_present()) {
317 		/* Enable CnP bit so as to share page tables with all PEs. */
318 		ttbr0 |= TTBR_CNP_BIT;
319 	}
320 
321 	params[MMU_CFG_MAIR] = mair;
322 	params[MMU_CFG_TCR] = tcr;
323 	params[MMU_CFG_TTBR0] = ttbr0;
324 }
325