Merge changes from topic "ffa_mem_perm_get_update" into integration
* changes:
feat(spm): update MM_SP_MEMORY_ATTRIBUTES_GET_AARCH64 interface
feat(el3-spmc): update FFA_MEM_PERM_GET interface
diff --git a/docs/security_advisories/index.rst b/docs/security_advisories/index.rst
index 0ab73bc..a6fed96 100644
--- a/docs/security_advisories/index.rst
+++ b/docs/security_advisories/index.rst
@@ -17,3 +17,4 @@
security-advisory-tfv-10.rst
security-advisory-tfv-11.rst
security-advisory-tfv-12.rst
+ security-advisory-tfv-13.rst
diff --git a/docs/security_advisories/security-advisory-tfv-13.rst b/docs/security_advisories/security-advisory-tfv-13.rst
new file mode 100644
index 0000000..929e9b8
--- /dev/null
+++ b/docs/security_advisories/security-advisory-tfv-13.rst
@@ -0,0 +1,82 @@
+Advisory TFV-13 (CVE-2024-7881)
+================================
+
++----------------+-----------------------------------------------------------------+
+| Title | An unprivileged context can trigger a data memory-dependent |
+| | prefetch engine to fetch the contents of a privileged location |
+| | and consume those contents as an address that is |
+| | also dereferenced. |
+| | |
++================+=================================================================+
+| CVE ID | `CVE-2024-7881`_ |
++----------------+-----------------------------------------------------------------+
+| Date | Reported on 16 August 2024 |
++----------------+-----------------------------------------------------------------+
+| Versions | TF-A version from v2.2 to v2.12 |
+| Affected | LTS releases lts-v2.8.0 to lts-v2.8.28 |
+| | LTS releases lts-v2.10.0 to lts-v2.10.12 |
++----------------+-----------------------------------------------------------------+
+| Configurations | All |
+| Affected | |
++----------------+-----------------------------------------------------------------+
+| Impact | Potential leakage of secure world data to normal world. |
++----------------+-----------------------------------------------------------------+
+| Fix Version | `Gerrit topic #ar/smccc_arch_wa_4`_ |
+| | Also see mitigation guidance in the `Official Arm Advisory`_ |
++----------------+-----------------------------------------------------------------+
+| Credit | Arm |
++----------------+-----------------------------------------------------------------+
+
+Description
+-----------
+
+An issue has been identified in some Arm-based CPUs that may allow
+an unprivileged context to trigger a data memory-dependent prefetch engine
+to fetch the contents of a privileged location (for which it
+does not have read permission) and consume those contents as an address
+that is also dereferenced.
+
+The below table lists all the CPUs impacted by this vulnerability and have
+mitigation in TF-A.
+
++----------------------+
+| Core |
++----------------------+
+| Cortex-X3 |
++----------------------+
+| Cortex-X4 |
++----------------------+
+| Cortex-X925 |
++----------------------+
+| Neoverse-V2 |
++----------------------+
+| Neoverse-V3 |
++----------------------+
+| Neoverse-V3AE |
++----------------------+
+
+Mitigation and Recommendations
+------------------------------
+
+Arm recommends following the mitigation steps and configuration changes
+described in the official advisory. The mitigation for CVE-2024-7881 is
+implemented at EL3 and addresses vulnerabilities caused by memory-dependant
+speculative prefetching. This issue is avoided by setting CPUACTLR6_EL1[41]
+to 1, this disables the affected prefetcher.
+
+Arm has updated the SMC Calling Convention spec so that privileged normal world
+software can identify when the issue has been mitigated in
+firmware (SMCCC_ARCH_WORKAROUND_4). Refer to the `SMC Calling Convention
+Specification`_ for more details.
+
+The above workaround is enabled by default (on vulnerable CPUs only).
+Platforms can choose to disable them at compile time if
+they do not require them.
+
+For further technical information, affected CPUs, and detailed guidance,
+refer to the full `Official Arm Advisory`_.
+
+.. _CVE-2024-7881: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7881
+.. _Gerrit topic #ar/smccc_arch_wa_4: https://review.trustedfirmware.org/q/topic:%22ar/smccc_arch_wa_4%22
+.. _SMC Calling Convention specification: https://developer.arm.com/documentation/den0028/latest
+.. _Official Arm Advisory: https://developer.arm.com/documentation/110326/latest
diff --git a/include/arch/aarch64/arch.h b/include/arch/aarch64/arch.h
index ee18309..d14ce10 100644
--- a/include/arch/aarch64/arch.h
+++ b/include/arch/aarch64/arch.h
@@ -891,6 +891,24 @@
#define SPSR_NZCV (SPSR_V_BIT | SPSR_C_BIT | SPSR_Z_BIT | SPSR_N_BIT)
#define SPSR_PACM_BIT_AARCH64 BIT_64(35)
+/*
+ * SPSR_EL2
+ * M=0x9 (0b1001 EL2h)
+ * M[4]=0
+ * DAIF=0xF Exceptions masked on entry.
+ * BTYPE=0 BTI not yet supported.
+ * SSBS=0 Not yet supported.
+ * IL=0 Not an illegal exception return.
+ * SS=0 Not single stepping.
+ * PAN=1 RMM shouldn't access Unprivileged memory when running in VHE mode.
+ * UAO=0
+ * DIT=0
+ * TCO=0
+ * NZCV=0
+ */
+#define SPSR_EL2_REALM (SPSR_M_EL2H | (0xF << SPSR_DAIF_SHIFT) | \
+ SPSR_PAN_BIT)
+
#define DISABLE_ALL_EXCEPTIONS \
(DAIF_FIQ_BIT | DAIF_IRQ_BIT | DAIF_ABT_BIT | DAIF_DBG_BIT)
#define DISABLE_INTERRUPTS (DAIF_FIQ_BIT | DAIF_IRQ_BIT)
diff --git a/include/services/arm_arch_svc.h b/include/services/arm_arch_svc.h
index ea7de0e..1a0ba56 100644
--- a/include/services/arm_arch_svc.h
+++ b/include/services/arm_arch_svc.h
@@ -207,6 +207,7 @@
SCR_FIQ_BIT | \
SCR_IRQ_BIT | \
SCR_NS_BIT | \
+ SCR_NSE_BIT | \
SCR_RES1_BITS | \
SCR_FEAT_MEC | \
SCR_PLAT_IGNORED)
diff --git a/lib/aarch64/armclang_printf.S b/lib/aarch64/armclang_printf.S
index f9326fd..12622ae 100644
--- a/lib/aarch64/armclang_printf.S
+++ b/lib/aarch64/armclang_printf.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2019, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -11,6 +11,7 @@
.globl __0printf
.globl __1printf
.globl __2printf
+ .globl __2snprintf
func __0printf
b printf
@@ -23,3 +24,7 @@
func __2printf
b printf
endfunc __2printf
+
+func __2snprintf
+ b snprintf
+endfunc __2snprintf
diff --git a/lib/cpus/aarch64/cortex_a57.S b/lib/cpus/aarch64/cortex_a57.S
index 553f6f9..4a61187 100644
--- a/lib/cpus/aarch64/cortex_a57.S
+++ b/lib/cpus/aarch64/cortex_a57.S
@@ -59,7 +59,7 @@
msr osdlr_el1, x0
isb
- apply_erratum cortex_a57, ERRATUM(817169), ERRATA_A57_817169, NO_GET_CPU_REV
+ apply_erratum cortex_a57, ERRATUM(817169), ERRATA_A57_817169
dsb sy
ret
diff --git a/lib/cpus/aarch64/cortex_a710.S b/lib/cpus/aarch64/cortex_a710.S
index 59b6244..65fa98f 100644
--- a/lib/cpus/aarch64/cortex_a710.S
+++ b/lib/cpus/aarch64/cortex_a710.S
@@ -276,7 +276,7 @@
* ----------------------------------------------------
*/
func cortex_a710_core_pwr_dwn
- apply_erratum cortex_a710, ERRATUM(2008768), ERRATA_A710_2008768, NO_GET_CPU_REV
+ apply_erratum cortex_a710, ERRATUM(2008768), ERRATA_A710_2008768
apply_erratum cortex_a710, ERRATUM(2291219), ERRATA_A710_2291219, NO_GET_CPU_REV
/* ---------------------------------------------------
diff --git a/lib/cpus/aarch64/cortex_a76.S b/lib/cpus/aarch64/cortex_a76.S
index ca5ccf7..fc6d737 100644
--- a/lib/cpus/aarch64/cortex_a76.S
+++ b/lib/cpus/aarch64/cortex_a76.S
@@ -515,7 +515,7 @@
*/
sysreg_bit_set CORTEX_A76_CPUPWRCTLR_EL1, CORTEX_A76_CORE_PWRDN_EN_MASK
- apply_erratum cortex_a76, ERRATUM(2743102), ERRATA_A76_2743102, NO_GET_CPU_REV
+ apply_erratum cortex_a76, ERRATUM(2743102), ERRATA_A76_2743102
isb
ret
diff --git a/lib/cpus/aarch64/cortex_a77.S b/lib/cpus/aarch64/cortex_a77.S
index 82a20ec..09b25e2 100644
--- a/lib/cpus/aarch64/cortex_a77.S
+++ b/lib/cpus/aarch64/cortex_a77.S
@@ -169,7 +169,7 @@
sysreg_bit_set CORTEX_A77_CPUPWRCTLR_EL1, \
CORTEX_A77_CPUPWRCTLR_EL1_CORE_PWRDN_BIT
- apply_erratum cortex_a77, ERRATUM(2743100), ERRATA_A77_2743100, NO_GET_CPU_REV
+ apply_erratum cortex_a77, ERRATUM(2743100), ERRATA_A77_2743100
isb
ret
diff --git a/lib/cpus/aarch64/cortex_a78.S b/lib/cpus/aarch64/cortex_a78.S
index b166823..7623446 100644
--- a/lib/cpus/aarch64/cortex_a78.S
+++ b/lib/cpus/aarch64/cortex_a78.S
@@ -191,7 +191,7 @@
func cortex_a78_core_pwr_dwn
sysreg_bit_set CORTEX_A78_CPUPWRCTLR_EL1, CORTEX_A78_CPUPWRCTLR_EL1_CORE_PWRDN_EN_BIT
- apply_erratum cortex_a78, ERRATUM(2772019), ERRATA_A78_2772019, NO_GET_CPU_REV
+ apply_erratum cortex_a78, ERRATUM(2772019), ERRATA_A78_2772019
isb
ret
diff --git a/lib/cpus/aarch64/cortex_a78c.S b/lib/cpus/aarch64/cortex_a78c.S
index 19d988e..0349cc5 100644
--- a/lib/cpus/aarch64/cortex_a78c.S
+++ b/lib/cpus/aarch64/cortex_a78c.S
@@ -129,7 +129,7 @@
*/
sysreg_bit_set CORTEX_A78C_CPUPWRCTLR_EL1, CORTEX_A78C_CPUPWRCTLR_EL1_CORE_PWRDN_EN_BIT
- apply_erratum cortex_a78c, ERRATUM(2772121), ERRATA_A78C_2772121, NO_GET_CPU_REV
+ apply_erratum cortex_a78c, ERRATUM(2772121), ERRATA_A78C_2772121
isb
ret
diff --git a/lib/cpus/aarch64/cortex_x2.S b/lib/cpus/aarch64/cortex_x2.S
index 910a6a9..a67553d 100644
--- a/lib/cpus/aarch64/cortex_x2.S
+++ b/lib/cpus/aarch64/cortex_x2.S
@@ -180,7 +180,7 @@
*/
sysreg_bit_set CORTEX_X2_CPUPWRCTLR_EL1, CORTEX_X2_CPUPWRCTLR_EL1_CORE_PWRDN_BIT
- apply_erratum cortex_x2, ERRATUM(2768515), ERRATA_X2_2768515, NO_GET_CPU_REV
+ apply_erratum cortex_x2, ERRATUM(2768515), ERRATA_X2_2768515
isb
ret
endfunc cortex_x2_core_pwr_dwn
diff --git a/lib/cpus/aarch64/cortex_x3.S b/lib/cpus/aarch64/cortex_x3.S
index 36bb419..8879b54 100644
--- a/lib/cpus/aarch64/cortex_x3.S
+++ b/lib/cpus/aarch64/cortex_x3.S
@@ -155,7 +155,7 @@
* ----------------------------------------------------
*/
func cortex_x3_core_pwr_dwn
- apply_erratum cortex_x3, ERRATUM(2313909), ERRATA_X3_2313909, NO_GET_CPU_REV
+ apply_erratum cortex_x3, ERRATUM(2313909), ERRATA_X3_2313909
/* ---------------------------------------------------
* Enable CPU power down bit in power control register
* ---------------------------------------------------
diff --git a/lib/cpus/aarch64/cortex_x4.S b/lib/cpus/aarch64/cortex_x4.S
index b1dc52c..72a2595 100644
--- a/lib/cpus/aarch64/cortex_x4.S
+++ b/lib/cpus/aarch64/cortex_x4.S
@@ -154,7 +154,7 @@
*/
sysreg_bit_set CORTEX_X4_CPUPWRCTLR_EL1, CORTEX_X4_CPUPWRCTLR_EL1_CORE_PWRDN_BIT
- apply_erratum cortex_x4, ERRATUM(2740089), ERRATA_X4_2740089, NO_GET_CPU_REV
+ apply_erratum cortex_x4, ERRATUM(2740089), ERRATA_X4_2740089
isb
ret
diff --git a/lib/cpus/aarch64/neoverse_n1.S b/lib/cpus/aarch64/neoverse_n1.S
index e821ecb..baeb83c 100644
--- a/lib/cpus/aarch64/neoverse_n1.S
+++ b/lib/cpus/aarch64/neoverse_n1.S
@@ -240,7 +240,7 @@
*/
sysreg_bit_set NEOVERSE_N1_CPUPWRCTLR_EL1, NEOVERSE_N1_CORE_PWRDN_EN_MASK
- apply_erratum neoverse_n1, ERRATUM(2743102), ERRATA_N1_2743102, NO_GET_CPU_REV
+ apply_erratum neoverse_n1, ERRATUM(2743102), ERRATA_N1_2743102
isb
ret
diff --git a/lib/cpus/aarch64/neoverse_n2.S b/lib/cpus/aarch64/neoverse_n2.S
index 7d9d7f1..2f053ac 100644
--- a/lib/cpus/aarch64/neoverse_n2.S
+++ b/lib/cpus/aarch64/neoverse_n2.S
@@ -274,7 +274,7 @@
cpu_reset_func_end neoverse_n2
func neoverse_n2_core_pwr_dwn
- apply_erratum neoverse_n2, ERRATUM(2009478), ERRATA_N2_2009478, NO_GET_CPU_REV
+ apply_erratum neoverse_n2, ERRATUM(2009478), ERRATA_N2_2009478
apply_erratum neoverse_n2, ERRATUM(2326639), ERRATA_N2_2326639, NO_GET_CPU_REV
/* ---------------------------------------------------
diff --git a/lib/cpus/aarch64/neoverse_v1.S b/lib/cpus/aarch64/neoverse_v1.S
index f975be0..96b52aa 100644
--- a/lib/cpus/aarch64/neoverse_v1.S
+++ b/lib/cpus/aarch64/neoverse_v1.S
@@ -253,7 +253,7 @@
* ---------------------------------------------
*/
sysreg_bit_set NEOVERSE_V1_CPUPWRCTLR_EL1, NEOVERSE_V1_CPUPWRCTLR_EL1_CORE_PWRDN_BIT
- apply_erratum neoverse_v1, ERRATUM(2743093), ERRATA_V1_2743093, NO_GET_CPU_REV
+ apply_erratum neoverse_v1, ERRATUM(2743093), ERRATA_V1_2743093
isb
ret
diff --git a/lib/cpus/aarch64/neoverse_v2.S b/lib/cpus/aarch64/neoverse_v2.S
index 9526b80..8224f93 100644
--- a/lib/cpus/aarch64/neoverse_v2.S
+++ b/lib/cpus/aarch64/neoverse_v2.S
@@ -113,7 +113,7 @@
* ---------------------------------------------------
*/
sysreg_bit_set NEOVERSE_V2_CPUPWRCTLR_EL1, NEOVERSE_V2_CPUPWRCTLR_EL1_CORE_PWRDN_BIT
- apply_erratum neoverse_v2, ERRATUM(2801372), ERRATA_V2_2801372, NO_GET_CPU_REV
+ apply_erratum neoverse_v2, ERRATUM(2801372), ERRATA_V2_2801372
isb
ret
diff --git a/lib/el3_runtime/aarch64/context_mgmt.c b/lib/el3_runtime/aarch64/context_mgmt.c
index e188f74..dad2eda 100644
--- a/lib/el3_runtime/aarch64/context_mgmt.c
+++ b/lib/el3_runtime/aarch64/context_mgmt.c
@@ -150,21 +150,27 @@
manage_extensions_secure(ctx);
}
-#if ENABLE_RME
+#if ENABLE_RME && IMAGE_BL31
/******************************************************************************
* This function performs initializations that are specific to REALM state
* and updates the cpu context specified by 'ctx'.
+ *
+ * NOTE: any changes to this function must be verified by an RMMD maintainer.
*****************************************************************************/
static void setup_realm_context(cpu_context_t *ctx, const struct entry_point_info *ep)
{
u_register_t scr_el3;
el3_state_t *state;
+ el2_sysregs_t *el2_ctx;
state = get_el3state_ctx(ctx);
scr_el3 = read_ctx_reg(state, CTX_SCR_EL3);
+ el2_ctx = get_el2_sysregs_ctx(ctx);
scr_el3 |= SCR_NS_BIT | SCR_NSE_BIT;
+ write_el2_ctx_common(el2_ctx, spsr_el2, SPSR_EL2_REALM);
+
/* CSV2 version 2 and above */
if (is_feat_csv2_2_supported()) {
/* Enable access to the SCXTNUM_ELx registers. */
@@ -201,8 +207,28 @@
brbe_enable(ctx);
}
+ /*
+ * Enable access to TPIDR2_EL0 if SME/SME2 is enabled for Non Secure world.
+ */
+ if (is_feat_sme_supported()) {
+ sme_enable(ctx);
+ }
+
+ /*
+ * SPE and TRBE cannot be fully disabled from EL3 registers alone, only
+ * sysreg access can. In case the EL1 controls leave them active on
+ * context switch, we want the owning security state to be NS so Realm
+ * can't be DOSed.
+ */
+ if (is_feat_spe_supported()) {
+ spe_disable(ctx);
+ }
+
+ if (is_feat_trbe_supported()) {
+ trbe_disable(ctx);
+ }
}
-#endif /* ENABLE_RME */
+#endif /* ENABLE_RME && IMAGE_BL31 */
/******************************************************************************
* This function performs initializations that are specific to NON-SECURE state
@@ -309,12 +335,6 @@
/* Initialize EL2 context registers */
#if (CTX_INCLUDE_EL2_REGS && IMAGE_BL31)
-
- /*
- * Initialize SCTLR_EL2 context register with reset value.
- */
- write_el2_ctx_common(get_el2_sysregs_ctx(ctx), sctlr_el2, SCTLR_EL2_RES1);
-
if (is_feat_hcx_supported()) {
/*
* Initialize register HCRX_EL2 with its init value.
@@ -581,6 +601,13 @@
}
pmuv3_enable(ctx);
+
+#if CTX_INCLUDE_EL2_REGS
+ /*
+ * Initialize SCTLR_EL2 context register with reset value.
+ */
+ write_el2_ctx_common(get_el2_sysregs_ctx(ctx), sctlr_el2, SCTLR_EL2_RES1);
+#endif /* CTX_INCLUDE_EL2_REGS */
#endif /* IMAGE_BL31 */
/*
@@ -636,7 +663,7 @@
case SECURE:
setup_secure_context(ctx, ep);
break;
-#if ENABLE_RME
+#if ENABLE_RME && IMAGE_BL31
case REALM:
setup_realm_context(ctx, ep);
break;
diff --git a/plat/mediatek/drivers/mtcmos/mt8196/mtcmos.c b/plat/mediatek/drivers/mtcmos/mtcmos.c
similarity index 97%
rename from plat/mediatek/drivers/mtcmos/mt8196/mtcmos.c
rename to plat/mediatek/drivers/mtcmos/mtcmos.c
index 1e82bb4..acd41ee 100644
--- a/plat/mediatek/drivers/mtcmos/mt8196/mtcmos.c
+++ b/plat/mediatek/drivers/mtcmos/mtcmos.c
@@ -91,7 +91,7 @@
return 0;
}
-int spm_mtcmos_ctrl(enum mtcmos_state state, uintptr_t reg, uint32_t mask)
+static int spm_mtcmos_ctrl(enum mtcmos_state state, uintptr_t reg, uint32_t mask)
{
int ret = 0;
diff --git a/plat/mediatek/drivers/mtcmos/mt8196/mtcmos.h b/plat/mediatek/drivers/mtcmos/mtcmos.h
similarity index 62%
rename from plat/mediatek/drivers/mtcmos/mt8196/mtcmos.h
rename to plat/mediatek/drivers/mtcmos/mtcmos.h
index 39902bc..925bd09 100644
--- a/plat/mediatek/drivers/mtcmos/mt8196/mtcmos.h
+++ b/plat/mediatek/drivers/mtcmos/mtcmos.h
@@ -4,8 +4,8 @@
* SPDX-License-Identifier: BSD-3-Clause
*/
-#ifndef PLAT_MEDIATEK_DRIVERS_MTCMOS_MT8196_MTCMOS_H_
-#define PLAT_MEDIATEK_DRIVERS_MTCMOS_MT8196_MTCMOS_H_
+#ifndef MTCMOS_H
+#define MTCMOS_H
enum mtcmos_state {
STA_POWER_DOWN,
@@ -15,4 +15,4 @@
int spm_mtcmos_ctrl_ufs0(enum mtcmos_state state);
int spm_mtcmos_ctrl_ufs0_phy(enum mtcmos_state state);
-#endif /* PLAT_MEDIATEK_DRIVERS_MTCMOS_MT8196_MTCMOS_H_ */
+#endif /* MTCMOS_H */
diff --git a/plat/mediatek/drivers/mtcmos/rules.mk b/plat/mediatek/drivers/mtcmos/rules.mk
index a8f1df2..c1964a7 100644
--- a/plat/mediatek/drivers/mtcmos/rules.mk
+++ b/plat/mediatek/drivers/mtcmos/rules.mk
@@ -6,8 +6,8 @@
LOCAL_DIR := $(call GET_LOCAL_DIR)
MODULE := mtcmos
-LOCAL_SRCS-y := $(LOCAL_DIR)/${MTK_SOC}/mtcmos.c
+LOCAL_SRCS-y := $(LOCAL_DIR)/mtcmos.c
-PLAT_INCLUDES += -I${LOCAL_DIR}/${MTK_SOC}
+PLAT_INCLUDES += -I${LOCAL_DIR}
$(eval $(call MAKE_MODULE,$(MODULE),$(LOCAL_SRCS-y),$(MTK_BL)))
diff --git a/services/std_svc/rmmd/rmmd_initial_context.h b/services/std_svc/rmmd/rmmd_initial_context.h
deleted file mode 100644
index d7a743d..0000000
--- a/services/std_svc/rmmd/rmmd_initial_context.h
+++ /dev/null
@@ -1,33 +0,0 @@
-/*
- * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef RMMD_INITIAL_CONTEXT_H
-#define RMMD_INITIAL_CONTEXT_H
-
-#include <arch.h>
-
-/*
- * SPSR_EL2
- * M=0x9 (0b1001 EL2h)
- * M[4]=0
- * DAIF=0xF Exceptions masked on entry.
- * BTYPE=0 BTI not yet supported.
- * SSBS=0 Not yet supported.
- * IL=0 Not an illegal exception return.
- * SS=0 Not single stepping.
- * PAN=1 RMM shouldn't access realm memory.
- * UAO=0
- * DIT=0
- * TCO=0
- * NZCV=0
- */
-#define REALM_SPSR_EL2 ( \
- SPSR_M_EL2H | \
- (0xF << SPSR_DAIF_SHIFT) | \
- SPSR_PAN_BIT \
- )
-
-#endif /* RMMD_INITIAL_CONTEXT_H */
diff --git a/services/std_svc/rmmd/rmmd_main.c b/services/std_svc/rmmd/rmmd_main.c
index 7435130..fd40f0f 100644
--- a/services/std_svc/rmmd/rmmd_main.c
+++ b/services/std_svc/rmmd/rmmd_main.c
@@ -36,7 +36,6 @@
#include <lib/extensions/sve.h>
#include <lib/extensions/spe.h>
#include <lib/extensions/trbe.h>
-#include "rmmd_initial_context.h"
#include "rmmd_private.h"
/*******************************************************************************
@@ -110,40 +109,6 @@
panic();
}
-static void rmm_el2_context_init(el2_sysregs_t *regs)
-{
- write_el2_ctx_common(regs, spsr_el2, REALM_SPSR_EL2);
- write_el2_ctx_common(regs, sctlr_el2, SCTLR_EL2_RES1);
-}
-
-/*******************************************************************************
- * Enable architecture extensions on first entry to Realm world.
- ******************************************************************************/
-
-static void manage_extensions_realm(cpu_context_t *ctx)
-{
- /*
- * Enable access to TPIDR2_EL0 if SME/SME2 is enabled for Non Secure world.
- */
- if (is_feat_sme_supported()) {
- sme_enable(ctx);
- }
-
- /*
- * SPE and TRBE cannot be fully disabled from EL3 registers alone, only
- * sysreg access can. In case the EL1 controls leave them active on
- * context switch, we want the owning security state to be NS so Realm
- * can't be DOSed.
- */
- if (is_feat_spe_supported()) {
- spe_disable(ctx);
- }
-
- if (is_feat_trbe_supported()) {
- trbe_disable(ctx);
- }
-}
-
/*******************************************************************************
* Jump to the RMM for the first time.
******************************************************************************/
@@ -154,12 +119,6 @@
INFO("RMM init start.\n");
- /* Enable architecture extensions */
- manage_extensions_realm(&ctx->cpu_ctx);
-
- /* Initialize RMM EL2 context. */
- rmm_el2_context_init(&ctx->cpu_ctx.el2_sysregs_ctx);
-
rc = rmmd_rmm_sync_entry(ctx);
if (rc != E_RMM_BOOT_SUCCESS) {
ERROR("RMM init failed: %ld\n", rc);
@@ -384,12 +343,6 @@
/* Initialise RMM context with this entry point information */
cm_setup_context(&ctx->cpu_ctx, rmm_ep_info);
- /* Enable architecture extensions */
- manage_extensions_realm(&ctx->cpu_ctx);
-
- /* Initialize RMM EL2 context. */
- rmm_el2_context_init(&ctx->cpu_ctx.el2_sysregs_ctx);
-
rc = rmmd_rmm_sync_entry(ctx);
if (rc != E_RMM_BOOT_SUCCESS) {