fix(ras): trap "RAS error record" accesses only for NS
RAS_TRAP_LOWER_EL_ERR_ACCESS was used to prevent access to RAS error
record registers (RAS ERR* & RAS ERX*) from lower EL's in any security
state. To give more fine grain control per world basis re-purpose this
macro to RAS_TRAP_NS_ERR_REC_ACCESS, which will enable the trap only
if Error record registers are accessed from NS.
This will also help in future scenarios when RAS handling(in Firmware
first handling paradigm)can be offloaded to a secure partition.
This is first patch in series to refactor RAS framework in TF-A.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ifa7f60bc8c82c9960adf029001bc36c443016d5d
diff --git a/lib/el3_runtime/aarch64/context_mgmt.c b/lib/el3_runtime/aarch64/context_mgmt.c
index d88bea7..8213cbe 100644
--- a/lib/el3_runtime/aarch64/context_mgmt.c
+++ b/lib/el3_runtime/aarch64/context_mgmt.c
@@ -206,6 +206,17 @@
/* Allow access to Allocation Tags when MTE is implemented. */
scr_el3 |= SCR_ATA_BIT;
+#if RAS_TRAP_NS_ERR_REC_ACCESS
+ /*
+ * SCR_EL3.TERR: Trap Error record accesses. Accesses to the RAS ERR
+ * and RAS ERX registers from EL1 and EL2(from any security state)
+ * are trapped to EL3.
+ * Set here to trap only for NS EL1/EL2
+ *
+ */
+ scr_el3 |= SCR_TERR_BIT;
+#endif
+
#ifdef IMAGE_BL31
/*
* SCR_EL3.IRQ, SCR_EL3.FIQ: Enable the physical FIQ and IRQ routing as
@@ -306,14 +317,6 @@
scr_el3 |= SCR_TRNDR_BIT;
#endif
-#if RAS_TRAP_LOWER_EL_ERR_ACCESS
- /*
- * SCR_EL3.TERR: Trap Error record accesses. Accesses to the RAS ERR
- * and RAS ERX registers from EL1 and EL2 are trapped to EL3.
- */
- scr_el3 |= SCR_TERR_BIT;
-#endif
-
#if !HANDLE_EA_EL3_FIRST
/*
* SCR_EL3.EA: Do not route External Abort and SError Interrupt External