arm cortex-a53 switch from el3 secure to el1 non-secure problem
I am trying to switch from EL3 secure state to EL1 non-secure state.If I don't change the security state, and only perform a switch from EL3 to EL1, like this:
el1_entry_aarch64:
NOP
NOP
NOP
// we can use the same vector table in this example, but in general
// each combination of Exception level, Security state, and Execution state
// will need a new vector table
LDR x0, =vectors
MSR VBAR_EL1, x0
//we must ensure that floating point register accesses are not trapped
//since the c library for AArch64-v8A uses them
MOV x0, #(0x3 << 20)
MSR CPACR_EL1, x0
B __main
secure_to_ns:
MOV w1, #0 // Initial value of register is unknown
ORR w1, w1, #(1 << 11) // set ST bit (disable trapping of timer control registers)
ORR w1, w1, #(1 << 10) // set RW bit (next lower EL in aarch64)
ORR w1, w1, #(1 << 3) // Set EA bit (SError routed to EL3)
ORR w1, w1, #(1 << 2) // Set FIQ bit (FIQs routed to EL3)
ORR w1, w1, #(1 << 1) // Set IRQ bit (IRQs routed to EL3)
MSR SCR_EL3, x1
MSR SCTLR_EL1, xzr
LDR x0, =el1_entry_aarch64
MOV x1, #0x5
MSR ELR_EL3, x0 // where to branch to when exception completes
MSR SPSR_EL3, x1 // set the program state for this point to a known value
ERET
After executing ERET, the PC will jump to el1_entry_aarch64, and from there it will proceed to the main function.
Apart from this, there are also some basic stack initialization operations which I have omitted here.
But if I add the assembly code to switch the security state, when executing in el1_entry_aarch64, the program enters an exception.
Changes of secure_to_ns are as follows:
secure_to_ns:
MOV w1, #0 // Initial value of register is unknown
ORR w1, w1, #(1 << 11) // set ST bit (disable trapping of timer control registers)
ORR w1, w1, #(1 << 10) // set RW bit (next lower EL in aarch64)
ORR w1, w1, #(1 << 3) // Set EA bit (SError routed to EL3)
ORR w1, w1, #(1 << 2) // Set FIQ bit (FIQs routed to EL3)
ORR w1, w1, #(1 << 1) // Set IRQ bit (IRQs routed to EL3)
ORR w1, w1, #1 **// Set NS bit (lower EL in non Secure state)**
MSR SCR_EL3, x1
MSR SCTLR_EL1, xzr
LDR x0, =el1_entry_aarch64
MOV x1, #0x5
MSR ELR_EL3, x0 // where to branch to when exception completes
MSR SPSR_EL3, x1 // set the program state for this point to a known value
ERET
Code demo
When executing the NOP instruction within the el1_entry_aarch64 function, the program enters an exception.
My program is running within the memory range 0xF8040000 to 0xF80AFFFF, which is a 448KB memory space. Through certain configurations, I have set the range 0xF8090000 to 0xF80B0000 as a non-secure access region.
At the same time, I have placed the relevant assembly code in the non-secure region, which means that all code executed after the eret instruction is within the non-secure area.
At first, I did not include the NOP assembly instruction, but still encountered the issue. I initially thought it might be related to jumps between different segments, so I added the NOP instruction. Now it appears that the issue is not related to the jump itself.
I tried "Johannes Krottmayer" solution and found the key issue.
ARM allows direct switching from EL3 to EL1, or it can switch from EL3 to EL2 and then to EL1. This is mainly controlled by the SPSR register.
The reason is that before EL3 switches to EL1, it needs to determine whether EL1 is in AArch32 or AArch64 mode. This requires modifying the HCR_EL2 register to control this.
Therefore, the key lies in the configuration of HCR_EL2 in el2_setup_el1. This part was missing in my original code, which caused issues after the jump. Adding the following code snippet to secure_to_ns should solve the problem:
secure_to_ns:
mrs x0, HCR_EL2
orr x0, x0, #(1 << 31) /* EL1 is AArch64 */
msr HCR_EL2, x0
MOV w1, #0 // Initial value of register is unknown
ORR w1, w1, #(1 << 11) // set ST bit (disable trapping of timer control registers)
ORR w1, w1, #(1 << 10) // set RW bit (next lower EL in aarch64)
ORR w1, w1, #(1 << 3) // Set EA bit (SError routed to EL3)
ORR w1, w1, #(1 << 2) // Set FIQ bit (FIQs routed to EL3)
ORR w1, w1, #(1 << 1) // Set IRQ bit (IRQs routed to EL3)
ORR w1, w1, #1 **// Set NS bit (lower EL in non Secure state)**
MSR SCR_EL3, x1
MSR SCTLR_EL1, xzr
LDR x0, =el1_entry_aarch64
MOV x1, #0x5
MSR ELR_EL3, x0 // where to branch to when exception completes
MSR SPSR_EL3, x1 // set the program state for this point to a known value
ERET
- What does `b .` mean in this ASSEMBLY code?
- Building boringSSL x64 on Windows
- Programming with RISC-V: how to write cleaner, less ugly code for the Collatz conjecture?
- Visual C++ 2010 Express x64 assembly
- can c++filt be used to write the demangled name back in the .s file itself?
- Why does GCC generate different opcodes for multiplication based on a value of the constant?
- GNU Assembly Printing Formatted Error Messages - macro substitution into quoted string for .print
- AVX512 assembly breaks when called concurrently from different goroutines
- Push and Pop on AMD64
- Number of memory accesses
- Can gcc compile x86 assembly or just link it?
- How to reason what the compiler might generate?
- How to populate a 64-bit register with duplicate byte values?
- Address size on PlayStation 3/PowerPC
- Why does C#'s Thread.MemoryBarrier() use "lock or" instead of mfence?
- Why does a std::atomic store with sequential consistency use XCHG?
- x86 MUL Instruction from VS 2008/2010
- LDAXRB and STXRB instructions - what is the "exclusive access to the memory address" in ARM64?
- How to use shifter operands in GNU arm assembly syntax?
- QtSPIM: Explanation for code shown without loading program
- In ARM Cortex, the stack pointer increases instead of decreasing when allocating space for a local variable
- What are the best instruction sequences to generate vector constants on the fly?
- Replace digit with a word and write to a file using assembler 8086
- Angr unconstrained state has the same address as a found state
- What would happen if the CS segment register is changed? (And how would you do so?)
- Why are we switching segments while calculating string length?
- How to fix: (cannot have implicit far jump or call to near label) and (use a register assumed to ERROR)
- Is this inline asm correct for bitcasting int as float?
- Run a given program by user
- Assembly x86 to C