Do not trap access to floating point registers

Traps when accessing architectural features are disabled by clearing bits
in CPTR_EL3 during early boot, including accesses to floating point
registers. The value of this register was previously undetermined, causing
unwanted traps to EL3. Future EL3 code (for example, context save/restore
code) may use floating point registers, although they are not used by current
code.

Also, the '-mgeneral-regs-only' flag is enabled in the GCC settings to
prevent generation of code that uses floating point registers.

Change-Id: I9a03675f6387bbbee81a6f2c9ccf81150db03747

8 files changed, 64 insertions, 15 deletions

diff --git a/Makefile b/Makefile
index 1f009a5..4e88308 100644
--- a/Makefile
+++ b/Makefile
@@ -97,9 +97,10 @@ INCLUDES		+=	-Ilib/include/ -Iinclude/aarch64/ -Iinclude/	\
 				-Iinclude/stdlib -Iinclude/stdlib/sys
 
 ASFLAGS			+= 	-nostdinc -ffreestanding -Wa,--fatal-warnings	\
-				-D__ASSEMBLY__ ${INCLUDES}
-CFLAGS			:= 	-nostdinc -pedantic -ffreestanding -Wall -Werror	\
-				-std=c99 -c -Os -DDEBUG=${DEBUG} ${INCLUDES} ${CFLAGS}
+				-mgeneral-regs-only -D__ASSEMBLY__ ${INCLUDES}
+CFLAGS			:= 	-nostdinc -pedantic -ffreestanding -Wall	\
+				-Werror -mgeneral-regs-only -std=c99 -c -Os	\
+				-DDEBUG=${DEBUG} ${INCLUDES} ${CFLAGS}
 
 LDFLAGS			+=	--fatal-warnings -O1
 BL1_LDFLAGS		:=	-Map=${BL1_MAPFILE} --script ${BL1_LINKERFILE} --entry=${BL1_ENTRY_POINT}
diff --git a/bl1/aarch64/bl1_arch_setup.c b/bl1/aarch64/bl1_arch_setup.c
index f308715..3a528e1 100644
--- a/bl1/aarch64/bl1_arch_setup.c
+++ b/bl1/aarch64/bl1_arch_setup.c
@@ -61,9 +61,6 @@ void bl1_arch_setup(void)
 	enable_serror();
 	enable_debug_exceptions();
 
-	/* Do not trap coprocessor accesses from lower ELs to EL3 */
-	write_cptr_el3(0);
-
 	/* Read the frequency from Frequency modes table */
 	counter_base_frequency = mmio_read_32(SYS_CNTCTL_BASE + CNTFID_OFF);
 	/* The first entry of the frequency modes table must not be 0 */
diff --git a/bl1/aarch64/bl1_entrypoint.S b/bl1/aarch64/bl1_entrypoint.S
index 9bb9c34..f5e4420 100644
--- a/bl1/aarch64/bl1_entrypoint.S
+++ b/bl1/aarch64/bl1_entrypoint.S
@@ -57,6 +57,29 @@ reset_handler:; .type reset_handler, %function
 	adr	x0, early_exceptions
 	msr	vbar_el3, x0
 
+	/* ---------------------------------------------------------------------
+	 * The initial state of the Architectural feature trap register
+	 * (CPTR_EL3) is unknown and it must be set to a known state. All
+	 * feature traps are disabled. Some bits in this register are marked as
+	 * Reserved and should not be modified.
+	 *
+	 * CPTR_EL3.TCPAC: This causes a direct access to the CPACR_EL1 from EL1
+	 *  or the CPTR_EL2 from EL2 to trap to EL3 unless it is trapped at EL2.
+	 * CPTR_EL3.TTA: This causes access to the Trace functionality to trap
+	 *  to EL3 when executed from EL0, EL1, EL2, or EL3. If system register
+	 *  access to trace functionality is not supported, this bit is RES0.
+	 * CPTR_EL3.TFP: This causes instructions that access the registers
+	 *  associated with Floating Point and Advanced SIMD execution to trap
+	 *  to EL3 when executed from any exception level, unless trapped to EL1
+	 *  or EL2.
+	 * ---------------------------------------------------------------------
+	 */
+	mrs	x0, cptr_el3
+	bic	w0, w0, #TCPAC_BIT
+	bic	w0, w0, #TTA_BIT
+	bic	w0, w0, #TFP_BIT
+	msr	cptr_el3, x0
+
 	/* ---------------------------------------------
 	 * Enable the instruction cache.
 	 * ---------------------------------------------
diff --git a/bl31/aarch64/bl31_arch_setup.c b/bl31/aarch64/bl31_arch_setup.c
index 0079f0f..492c45b 100644
--- a/bl31/aarch64/bl31_arch_setup.c
+++ b/bl31/aarch64/bl31_arch_setup.c
@@ -62,9 +62,6 @@ void bl31_arch_setup(void)
 	enable_serror();
 	enable_debug_exceptions();
 
-	/* Do not trap coprocessor accesses from lower ELs to EL3 */
-	write_cptr_el3(0);
-
 	/* Read the frequency from Frequency modes table */
 	counter_base_frequency = mmio_read_32(SYS_CNTCTL_BASE + CNTFID_OFF);
 	/* The first entry of the frequency modes table must not be 0 */
diff --git a/bl31/aarch64/bl31_entrypoint.S b/bl31/aarch64/bl31_entrypoint.S
index 62d44e2..cbbae7b 100644
--- a/bl31/aarch64/bl31_entrypoint.S
+++ b/bl31/aarch64/bl31_entrypoint.S
@@ -61,6 +61,29 @@ bl31_entrypoint:; .type bl31_entrypoint, %function
 	adr	x1, runtime_exceptions
 	msr	vbar_el3, x1
 
+	/* ---------------------------------------------------------------------
+	 * The initial state of the Architectural feature trap register
+	 * (CPTR_EL3) is unknown and it must be set to a known state. All
+	 * feature traps are disabled. Some bits in this register are marked as
+	 * Reserved and should not be modified.
+	 *
+	 * CPTR_EL3.TCPAC: This causes a direct access to the CPACR_EL1 from EL1
+	 *  or the CPTR_EL2 from EL2 to trap to EL3 unless it is trapped at EL2.
+	 * CPTR_EL3.TTA: This causes access to the Trace functionality to trap
+	 *  to EL3 when executed from EL0, EL1, EL2, or EL3. If system register
+	 *  access to trace functionality is not supported, this bit is RES0.
+	 * CPTR_EL3.TFP: This causes instructions that access the registers
+	 *  associated with Floating Point and Advanced SIMD execution to trap
+	 *  to EL3 when executed from any exception level, unless trapped to EL1
+	 *  or EL2.
+	 * ---------------------------------------------------------------------
+	 */
+	mrs	x1, cptr_el3
+	bic	w1, w1, #TCPAC_BIT
+	bic	w1, w1, #TTA_BIT
+	bic	w1, w1, #TFP_BIT
+	msr	cptr_el3, x1
+
 	/* ---------------------------------------------
 	 * Enable the instruction cache.
 	 * ---------------------------------------------
diff --git a/docs/change-log.md b/docs/change-log.md
index 46191c3..1b9b0d2 100644
--- a/docs/change-log.md
+++ b/docs/change-log.md
@@ -89,6 +89,11 @@ Detailed changes since last release
     separate issue tracking repository
     https://github.com/ARM-software/tf-issues.
 
+*   Cleared bits in the architectural trap feature register (CPTR_EL3) during
+    early boot to prevent traps when accessing certain registers, including
+    floating point registers. Also added `-mgeneral-regs-only` flag to GCC
+    settings to prevent generation of code using floating point registers.
+
 
 ARM Trusted Firmware - version 0.2
 ==================================
diff --git a/docs/user-guide.md b/docs/user-guide.md
index c42bf6b..bc4597f 100644
--- a/docs/user-guide.md
+++ b/docs/user-guide.md
@@ -672,11 +672,13 @@ BL1 performs minimal architectural initialization as follows.
         Aborts and SError Interrupts are configured to be taken in EL3 by
         setting the `SCR.EA` bit.
 
-    -   `CPTR_EL3`. Accesses to the `CPACR` from EL1 or EL2, or the `CPTR_EL2`
-        from EL2 are configured to not trap to EL3 by clearing the
-        `CPTR_EL3.TCPAC` bit. Instructions that access the registers associated
-        with Floating Point and Advanced SIMD execution are configured to not
-        trap to EL3 by clearing the `CPTR_EL3.TFP` bit.
+    -   `CPTR_EL3`. Accesses to the `CPACR_EL1` register from EL1 or EL2, or the
+        `CPTR_EL2` register from EL2 are configured to not trap to EL3 by
+        clearing the `CPTR_EL3.TCPAC` bit. Access to the trace functionality is
+        configured not to trap to EL3 by clearing the `CPTR_EL3.TTA` bit.
+        Instructions that access the registers associated with Floating Point
+        and Advanced SIMD execution are configured to not trap to EL3 by
+        clearing the `CPTR_EL3.TFP` bit.
 
     -   `CNTFRQ_EL0`. The `CNTFRQ_EL0` register is programmed with the base
         frequency of the system counter, which is retrieved from the first entry
diff --git a/include/aarch64/arch.h b/include/aarch64/arch.h
index 89b7a35..bcde243 100644
--- a/include/aarch64/arch.h
+++ b/include/aarch64/arch.h
@@ -167,7 +167,8 @@
 #define EL0VCTEN_BIT		(1 << 1)
 
 /* CPTR_EL3 definitions */
-#define TCPAC_BIT		(1ull << 31)
+#define TCPAC_BIT		(1 << 31)
+#define TTA_BIT			(1 << 20)
 #define TFP_BIT			(1 << 10)
 
 /* CPSR/SPSR definitions */