fix(ras): restrict RAS support for NS world
Current RAS framework in TF-A only supports handling errors originating
from NS world but the HANDLE_EA_EL3_FIRST flag configures it for all
lower Els. To make the current design of RAS explicit, rename this macro
to HANDLE_EA_EL3_FIRST_NS and set EA bit in scr_el3 only when
switching to NS world.
Note: I am unaware of any platform which traps errors originating in
Secure world to EL3, if there is any such platform then it need to
be explicitly implemented in TF-A
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: If58eb201d8fa792c16325c85c26056e9b409b750
diff --git a/lib/el3_runtime/aarch64/context_mgmt.c b/lib/el3_runtime/aarch64/context_mgmt.c
index 8213cbe..8c6798b 100644
--- a/lib/el3_runtime/aarch64/context_mgmt.c
+++ b/lib/el3_runtime/aarch64/context_mgmt.c
@@ -206,6 +206,11 @@
/* Allow access to Allocation Tags when MTE is implemented. */
scr_el3 |= SCR_ATA_BIT;
+#if HANDLE_EA_EL3_FIRST_NS
+ /* SCR_EL3.EA: Route External Abort and SError Interrupt to EL3. */
+ scr_el3 |= SCR_EA_BIT;
+#endif
+
#if RAS_TRAP_NS_ERR_REC_ACCESS
/*
* SCR_EL3.TERR: Trap Error record accesses. Accesses to the RAS ERR
@@ -279,7 +284,7 @@
* Security state and entrypoint attributes of the next EL.
*/
scr_el3 = read_scr();
- scr_el3 &= ~(SCR_NS_BIT | SCR_RW_BIT | SCR_FIQ_BIT | SCR_IRQ_BIT |
+ scr_el3 &= ~(SCR_NS_BIT | SCR_RW_BIT | SCR_EA_BIT | SCR_FIQ_BIT | SCR_IRQ_BIT |
SCR_ST_BIT | SCR_HCE_BIT | SCR_NSE_BIT);
/*
@@ -317,15 +322,6 @@
scr_el3 |= SCR_TRNDR_BIT;
#endif
-#if !HANDLE_EA_EL3_FIRST
- /*
- * SCR_EL3.EA: Do not route External Abort and SError Interrupt External
- * to EL3 when executing at a lower EL. When executing at EL3, External
- * Aborts are taken to EL3.
- */
- scr_el3 &= ~SCR_EA_BIT;
-#endif
-
#if FAULT_INJECTION_SUPPORT
/* Enable fault injection from lower ELs */
scr_el3 |= SCR_FIEN_BIT;