(1) I intrrrupt the cpu in UEFI (EL2) by press enter key when the serial outputs the following message.
NOTICE: Booting Trusted Firmware
NOTICE: BL1: v1.0(release):14b6608
NOTICE: BL1: Built : 14:15:51, Sep 1 2014
NOTICE: BL1: Booting BL2
NOTICE: BL2: v1.0(release):14b6608
NOTICE: BL2: Built : 14:15:51, Sep 1 2014
NOTICE: BL1: Booting BL3-1
NOTICE: BL3-1: v1.0(release):14b6608
NOTICE: BL3-1: Built : 14:15:53, Sep 1 2014
UEFI firmware (version v2.1 built at 14:41:56 on Oct 23 2014)
The default boot selection will start in 9 seconds
[1] Linux from NOR Flash
[2] Shell
[3] Boot Manager
(2)I follow the tutorial(Running Bare-Metal code at EL3 on the Juno board) to switch to EL3.
(3)I modified the example project "startup_ARMv8_AArch64_with_AArch32_app" which is located in the example folder of DS5 installation folder.
It's aimed not to initial the GIC. I download the file "AArch64_startup.axf" at EL3.
(4)I set the PC to the entry point and set a breakpoint to the following "eret" instruction. I step the eret instuction when it runs to the breakpoint.
PC register changed to the value of "__main", but the CPSR is still EL3h. It failed to switch to SVC mode.
PS:I also run the program in the VE_AEMv8x4 Brae-Metal simulation envirionment and it successed to switch to SVC mode.
drop_primary_to_el1:
ldr x1, lit___main
msr ELR_EL3, x1
mov x1, #(AArch32_Mode_SVC | \
AARCH64_SPSR_F | \
AARCH64_SPSR_I | \
AARCH64_SPSR_A)
msr SPSR_EL3, x1
eret
The problem is why it failed to switch from EL3 to SVC mode.
1.Yes,you are right! I chech the PSTATE.IL and it becomes 1'b1 after the eret is executed. I set the PC againt to the entry point. The PC will go to the vector table after one step.
2.I check these registers again and find that HCR_EL2.TGE,bit[27] is 1'b1. The V8 architecture document shows that an exception return to EL1 is treated as an illegal exception return if
this bit is set.
3.I clear HCR_EL2.TGE before eret and it succeeded to switch from EL3 to SVC mode.