1*54fd6939SJiyong Park/* 2*54fd6939SJiyong Park * Copyright (c) 2016-2021, ARM Limited and Contributors. All rights reserved. 3*54fd6939SJiyong Park * 4*54fd6939SJiyong Park * SPDX-License-Identifier: BSD-3-Clause 5*54fd6939SJiyong Park */ 6*54fd6939SJiyong Park 7*54fd6939SJiyong Park#include <arch.h> 8*54fd6939SJiyong Park#include <asm_macros.S> 9*54fd6939SJiyong Park#include <assert_macros.S> 10*54fd6939SJiyong Park#include <common/bl_common.h> 11*54fd6939SJiyong Park#include <lib/xlat_tables/xlat_tables_defs.h> 12*54fd6939SJiyong Park 13*54fd6939SJiyong Park .globl smc 14*54fd6939SJiyong Park .globl zeromem 15*54fd6939SJiyong Park .globl zero_normalmem 16*54fd6939SJiyong Park .globl memcpy4 17*54fd6939SJiyong Park .globl disable_mmu_icache_secure 18*54fd6939SJiyong Park .globl disable_mmu_secure 19*54fd6939SJiyong Park .globl fixup_gdt_reloc 20*54fd6939SJiyong Park 21*54fd6939SJiyong Park#define PAGE_START_MASK ~(PAGE_SIZE_MASK) 22*54fd6939SJiyong Park 23*54fd6939SJiyong Parkfunc smc 24*54fd6939SJiyong Park /* 25*54fd6939SJiyong Park * For AArch32 only r0-r3 will be in the registers; 26*54fd6939SJiyong Park * rest r4-r6 will be pushed on to the stack. So here, we'll 27*54fd6939SJiyong Park * have to load them from the stack to registers r4-r6 explicitly. 28*54fd6939SJiyong Park * Clobbers: r4-r6 29*54fd6939SJiyong Park */ 30*54fd6939SJiyong Park ldm sp, {r4, r5, r6} 31*54fd6939SJiyong Park smc #0 32*54fd6939SJiyong Parkendfunc smc 33*54fd6939SJiyong Park 34*54fd6939SJiyong Park/* ----------------------------------------------------------------------- 35*54fd6939SJiyong Park * void zeromem(void *mem, unsigned int length) 36*54fd6939SJiyong Park * 37*54fd6939SJiyong Park * Initialise a region in normal memory to 0. This functions complies with the 38*54fd6939SJiyong Park * AAPCS and can be called from C code. 39*54fd6939SJiyong Park * 40*54fd6939SJiyong Park * ----------------------------------------------------------------------- 41*54fd6939SJiyong Park */ 42*54fd6939SJiyong Parkfunc zeromem 43*54fd6939SJiyong Park /* 44*54fd6939SJiyong Park * Readable names for registers 45*54fd6939SJiyong Park * 46*54fd6939SJiyong Park * Registers r0, r1 and r2 are also set by zeromem which 47*54fd6939SJiyong Park * branches into the fallback path directly, so cursor, length and 48*54fd6939SJiyong Park * stop_address should not be retargeted to other registers. 49*54fd6939SJiyong Park */ 50*54fd6939SJiyong Park cursor .req r0 /* Start address and then current address */ 51*54fd6939SJiyong Park length .req r1 /* Length in bytes of the region to zero out */ 52*54fd6939SJiyong Park /* 53*54fd6939SJiyong Park * Reusing the r1 register as length is only used at the beginning of 54*54fd6939SJiyong Park * the function. 55*54fd6939SJiyong Park */ 56*54fd6939SJiyong Park stop_address .req r1 /* Address past the last zeroed byte */ 57*54fd6939SJiyong Park zeroreg1 .req r2 /* Source register filled with 0 */ 58*54fd6939SJiyong Park zeroreg2 .req r3 /* Source register filled with 0 */ 59*54fd6939SJiyong Park tmp .req r12 /* Temporary scratch register */ 60*54fd6939SJiyong Park 61*54fd6939SJiyong Park mov zeroreg1, #0 62*54fd6939SJiyong Park 63*54fd6939SJiyong Park /* stop_address is the address past the last to zero */ 64*54fd6939SJiyong Park add stop_address, cursor, length 65*54fd6939SJiyong Park 66*54fd6939SJiyong Park /* 67*54fd6939SJiyong Park * Length cannot be used anymore as it shares the same register with 68*54fd6939SJiyong Park * stop_address. 69*54fd6939SJiyong Park */ 70*54fd6939SJiyong Park .unreq length 71*54fd6939SJiyong Park 72*54fd6939SJiyong Park /* 73*54fd6939SJiyong Park * If the start address is already aligned to 8 bytes, skip this loop. 74*54fd6939SJiyong Park */ 75*54fd6939SJiyong Park tst cursor, #(8-1) 76*54fd6939SJiyong Park beq .Lzeromem_8bytes_aligned 77*54fd6939SJiyong Park 78*54fd6939SJiyong Park /* Calculate the next address aligned to 8 bytes */ 79*54fd6939SJiyong Park orr tmp, cursor, #(8-1) 80*54fd6939SJiyong Park adds tmp, tmp, #1 81*54fd6939SJiyong Park /* If it overflows, fallback to byte per byte zeroing */ 82*54fd6939SJiyong Park beq .Lzeromem_1byte_aligned 83*54fd6939SJiyong Park /* If the next aligned address is after the stop address, fall back */ 84*54fd6939SJiyong Park cmp tmp, stop_address 85*54fd6939SJiyong Park bhs .Lzeromem_1byte_aligned 86*54fd6939SJiyong Park 87*54fd6939SJiyong Park /* zero byte per byte */ 88*54fd6939SJiyong Park1: 89*54fd6939SJiyong Park strb zeroreg1, [cursor], #1 90*54fd6939SJiyong Park cmp cursor, tmp 91*54fd6939SJiyong Park bne 1b 92*54fd6939SJiyong Park 93*54fd6939SJiyong Park /* zero 8 bytes at a time */ 94*54fd6939SJiyong Park.Lzeromem_8bytes_aligned: 95*54fd6939SJiyong Park 96*54fd6939SJiyong Park /* Calculate the last 8 bytes aligned address. */ 97*54fd6939SJiyong Park bic tmp, stop_address, #(8-1) 98*54fd6939SJiyong Park 99*54fd6939SJiyong Park cmp cursor, tmp 100*54fd6939SJiyong Park bhs 2f 101*54fd6939SJiyong Park 102*54fd6939SJiyong Park mov zeroreg2, #0 103*54fd6939SJiyong Park1: 104*54fd6939SJiyong Park stmia cursor!, {zeroreg1, zeroreg2} 105*54fd6939SJiyong Park cmp cursor, tmp 106*54fd6939SJiyong Park blo 1b 107*54fd6939SJiyong Park2: 108*54fd6939SJiyong Park 109*54fd6939SJiyong Park /* zero byte per byte */ 110*54fd6939SJiyong Park.Lzeromem_1byte_aligned: 111*54fd6939SJiyong Park cmp cursor, stop_address 112*54fd6939SJiyong Park beq 2f 113*54fd6939SJiyong Park1: 114*54fd6939SJiyong Park strb zeroreg1, [cursor], #1 115*54fd6939SJiyong Park cmp cursor, stop_address 116*54fd6939SJiyong Park bne 1b 117*54fd6939SJiyong Park2: 118*54fd6939SJiyong Park bx lr 119*54fd6939SJiyong Park 120*54fd6939SJiyong Park .unreq cursor 121*54fd6939SJiyong Park /* 122*54fd6939SJiyong Park * length is already unreq'ed to reuse the register for another 123*54fd6939SJiyong Park * variable. 124*54fd6939SJiyong Park */ 125*54fd6939SJiyong Park .unreq stop_address 126*54fd6939SJiyong Park .unreq zeroreg1 127*54fd6939SJiyong Park .unreq zeroreg2 128*54fd6939SJiyong Park .unreq tmp 129*54fd6939SJiyong Parkendfunc zeromem 130*54fd6939SJiyong Park 131*54fd6939SJiyong Park/* 132*54fd6939SJiyong Park * AArch32 does not have special ways of zeroing normal memory as AArch64 does 133*54fd6939SJiyong Park * using the DC ZVA instruction, so we just alias zero_normalmem to zeromem. 134*54fd6939SJiyong Park */ 135*54fd6939SJiyong Park.equ zero_normalmem, zeromem 136*54fd6939SJiyong Park 137*54fd6939SJiyong Park/* -------------------------------------------------------------------------- 138*54fd6939SJiyong Park * void memcpy4(void *dest, const void *src, unsigned int length) 139*54fd6939SJiyong Park * 140*54fd6939SJiyong Park * Copy length bytes from memory area src to memory area dest. 141*54fd6939SJiyong Park * The memory areas should not overlap. 142*54fd6939SJiyong Park * Destination and source addresses must be 4-byte aligned. 143*54fd6939SJiyong Park * -------------------------------------------------------------------------- 144*54fd6939SJiyong Park */ 145*54fd6939SJiyong Parkfunc memcpy4 146*54fd6939SJiyong Park#if ENABLE_ASSERTIONS 147*54fd6939SJiyong Park orr r3, r0, r1 148*54fd6939SJiyong Park tst r3, #0x3 149*54fd6939SJiyong Park ASM_ASSERT(eq) 150*54fd6939SJiyong Park#endif 151*54fd6939SJiyong Park/* copy 4 bytes at a time */ 152*54fd6939SJiyong Parkm_loop4: 153*54fd6939SJiyong Park cmp r2, #4 154*54fd6939SJiyong Park blo m_loop1 155*54fd6939SJiyong Park ldr r3, [r1], #4 156*54fd6939SJiyong Park str r3, [r0], #4 157*54fd6939SJiyong Park subs r2, r2, #4 158*54fd6939SJiyong Park bne m_loop4 159*54fd6939SJiyong Park bx lr 160*54fd6939SJiyong Park 161*54fd6939SJiyong Park/* copy byte per byte */ 162*54fd6939SJiyong Parkm_loop1: 163*54fd6939SJiyong Park ldrb r3, [r1], #1 164*54fd6939SJiyong Park strb r3, [r0], #1 165*54fd6939SJiyong Park subs r2, r2, #1 166*54fd6939SJiyong Park bne m_loop1 167*54fd6939SJiyong Park bx lr 168*54fd6939SJiyong Parkendfunc memcpy4 169*54fd6939SJiyong Park 170*54fd6939SJiyong Park/* --------------------------------------------------------------------------- 171*54fd6939SJiyong Park * Disable the MMU in Secure State 172*54fd6939SJiyong Park * --------------------------------------------------------------------------- 173*54fd6939SJiyong Park */ 174*54fd6939SJiyong Park 175*54fd6939SJiyong Parkfunc disable_mmu_secure 176*54fd6939SJiyong Park mov r1, #(SCTLR_M_BIT | SCTLR_C_BIT) 177*54fd6939SJiyong Parkdo_disable_mmu: 178*54fd6939SJiyong Park#if ERRATA_A9_794073 179*54fd6939SJiyong Park stcopr r0, BPIALL 180*54fd6939SJiyong Park dsb 181*54fd6939SJiyong Park#endif 182*54fd6939SJiyong Park ldcopr r0, SCTLR 183*54fd6939SJiyong Park bic r0, r0, r1 184*54fd6939SJiyong Park stcopr r0, SCTLR 185*54fd6939SJiyong Park isb // ensure MMU is off 186*54fd6939SJiyong Park dsb sy 187*54fd6939SJiyong Park bx lr 188*54fd6939SJiyong Parkendfunc disable_mmu_secure 189*54fd6939SJiyong Park 190*54fd6939SJiyong Park 191*54fd6939SJiyong Parkfunc disable_mmu_icache_secure 192*54fd6939SJiyong Park ldr r1, =(SCTLR_M_BIT | SCTLR_C_BIT | SCTLR_I_BIT) 193*54fd6939SJiyong Park b do_disable_mmu 194*54fd6939SJiyong Parkendfunc disable_mmu_icache_secure 195*54fd6939SJiyong Park 196*54fd6939SJiyong Park/* --------------------------------------------------------------------------- 197*54fd6939SJiyong Park * Helper to fixup Global Descriptor table (GDT) and dynamic relocations 198*54fd6939SJiyong Park * (.rel.dyn) at runtime. 199*54fd6939SJiyong Park * 200*54fd6939SJiyong Park * This function is meant to be used when the firmware is compiled with -fpie 201*54fd6939SJiyong Park * and linked with -pie options. We rely on the linker script exporting 202*54fd6939SJiyong Park * appropriate markers for start and end of the section. For GOT, we 203*54fd6939SJiyong Park * expect __GOT_START__ and __GOT_END__. Similarly for .rela.dyn, we expect 204*54fd6939SJiyong Park * __RELA_START__ and __RELA_END__. 205*54fd6939SJiyong Park * 206*54fd6939SJiyong Park * The function takes the limits of the memory to apply fixups to as 207*54fd6939SJiyong Park * arguments (which is usually the limits of the relocable BL image). 208*54fd6939SJiyong Park * r0 - the start of the fixup region 209*54fd6939SJiyong Park * r1 - the limit of the fixup region 210*54fd6939SJiyong Park * These addresses have to be 4KB page aligned. 211*54fd6939SJiyong Park * --------------------------------------------------------------------------- 212*54fd6939SJiyong Park */ 213*54fd6939SJiyong Park 214*54fd6939SJiyong Park/* Relocation codes */ 215*54fd6939SJiyong Park#define R_ARM_RELATIVE 23 216*54fd6939SJiyong Park 217*54fd6939SJiyong Parkfunc fixup_gdt_reloc 218*54fd6939SJiyong Park mov r6, r0 219*54fd6939SJiyong Park mov r7, r1 220*54fd6939SJiyong Park 221*54fd6939SJiyong Park#if ENABLE_ASSERTIONS 222*54fd6939SJiyong Park /* Test if the limits are 4K aligned */ 223*54fd6939SJiyong Park orr r0, r0, r1 224*54fd6939SJiyong Park mov r1, #(PAGE_SIZE_MASK) 225*54fd6939SJiyong Park tst r0, r1 226*54fd6939SJiyong Park ASM_ASSERT(eq) 227*54fd6939SJiyong Park#endif 228*54fd6939SJiyong Park /* 229*54fd6939SJiyong Park * Calculate the offset based on return address in lr. 230*54fd6939SJiyong Park * Assume that this function is called within a page at the start of 231*54fd6939SJiyong Park * fixup region. 232*54fd6939SJiyong Park */ 233*54fd6939SJiyong Park ldr r1, =PAGE_START_MASK 234*54fd6939SJiyong Park and r2, lr, r1 235*54fd6939SJiyong Park subs r0, r2, r6 /* Diff(S) = Current Address - Compiled Address */ 236*54fd6939SJiyong Park beq 3f /* Diff(S) = 0. No relocation needed */ 237*54fd6939SJiyong Park 238*54fd6939SJiyong Park ldr r1, =__GOT_START__ 239*54fd6939SJiyong Park add r1, r1, r0 240*54fd6939SJiyong Park ldr r2, =__GOT_END__ 241*54fd6939SJiyong Park add r2, r2, r0 242*54fd6939SJiyong Park 243*54fd6939SJiyong Park /* 244*54fd6939SJiyong Park * GOT is an array of 32_bit addresses which must be fixed up as 245*54fd6939SJiyong Park * new_addr = old_addr + Diff(S). 246*54fd6939SJiyong Park * The new_addr is the address currently the binary is executing from 247*54fd6939SJiyong Park * and old_addr is the address at compile time. 248*54fd6939SJiyong Park */ 249*54fd6939SJiyong Park1: ldr r3, [r1] 250*54fd6939SJiyong Park 251*54fd6939SJiyong Park /* Skip adding offset if address is < lower limit */ 252*54fd6939SJiyong Park cmp r3, r6 253*54fd6939SJiyong Park blo 2f 254*54fd6939SJiyong Park 255*54fd6939SJiyong Park /* Skip adding offset if address is > upper limit */ 256*54fd6939SJiyong Park cmp r3, r7 257*54fd6939SJiyong Park bhi 2f 258*54fd6939SJiyong Park add r3, r3, r0 259*54fd6939SJiyong Park str r3, [r1] 260*54fd6939SJiyong Park 261*54fd6939SJiyong Park2: add r1, r1, #4 262*54fd6939SJiyong Park cmp r1, r2 263*54fd6939SJiyong Park blo 1b 264*54fd6939SJiyong Park 265*54fd6939SJiyong Park /* Starting dynamic relocations. Use ldr to get RELA_START and END */ 266*54fd6939SJiyong Park3: ldr r1, =__RELA_START__ 267*54fd6939SJiyong Park add r1, r1, r0 268*54fd6939SJiyong Park ldr r2, =__RELA_END__ 269*54fd6939SJiyong Park add r2, r2, r0 270*54fd6939SJiyong Park 271*54fd6939SJiyong Park /* 272*54fd6939SJiyong Park * According to ELF-32 specification, the RELA data structure is as 273*54fd6939SJiyong Park * follows: 274*54fd6939SJiyong Park * typedef struct { 275*54fd6939SJiyong Park * Elf32_Addr r_offset; 276*54fd6939SJiyong Park * Elf32_Xword r_info; 277*54fd6939SJiyong Park * } Elf32_Rela; 278*54fd6939SJiyong Park * 279*54fd6939SJiyong Park * r_offset is address of reference 280*54fd6939SJiyong Park * r_info is symbol index and type of relocation (in this case 281*54fd6939SJiyong Park * code 23 which corresponds to R_ARM_RELATIVE). 282*54fd6939SJiyong Park * 283*54fd6939SJiyong Park * Size of Elf32_Rela structure is 8 bytes. 284*54fd6939SJiyong Park */ 285*54fd6939SJiyong Park 286*54fd6939SJiyong Park /* Skip R_ARM_NONE entry with code 0 */ 287*54fd6939SJiyong Park1: ldr r3, [r1, #4] 288*54fd6939SJiyong Park ands r3, r3, #0xff 289*54fd6939SJiyong Park beq 2f 290*54fd6939SJiyong Park 291*54fd6939SJiyong Park#if ENABLE_ASSERTIONS 292*54fd6939SJiyong Park /* Assert that the relocation type is R_ARM_RELATIVE */ 293*54fd6939SJiyong Park cmp r3, #R_ARM_RELATIVE 294*54fd6939SJiyong Park ASM_ASSERT(eq) 295*54fd6939SJiyong Park#endif 296*54fd6939SJiyong Park ldr r3, [r1] /* r_offset */ 297*54fd6939SJiyong Park add r3, r0, r3 /* Diff(S) + r_offset */ 298*54fd6939SJiyong Park ldr r4, [r3] 299*54fd6939SJiyong Park 300*54fd6939SJiyong Park /* Skip adding offset if address is < lower limit */ 301*54fd6939SJiyong Park cmp r4, r6 302*54fd6939SJiyong Park blo 2f 303*54fd6939SJiyong Park 304*54fd6939SJiyong Park /* Skip adding offset if address is >= upper limit */ 305*54fd6939SJiyong Park cmp r4, r7 306*54fd6939SJiyong Park bhs 2f 307*54fd6939SJiyong Park 308*54fd6939SJiyong Park add r4, r0, r4 309*54fd6939SJiyong Park str r4, [r3] 310*54fd6939SJiyong Park 311*54fd6939SJiyong Park2: add r1, r1, #8 312*54fd6939SJiyong Park cmp r1, r2 313*54fd6939SJiyong Park blo 1b 314*54fd6939SJiyong Park bx lr 315*54fd6939SJiyong Parkendfunc fixup_gdt_reloc 316