diff options
Diffstat (limited to '')
-rw-r--r-- | include/plat/common/common_def.h | 127 | ||||
-rw-r--r-- | include/plat/common/plat_drtm.h | 74 | ||||
-rw-r--r-- | include/plat/common/plat_trng.h | 18 | ||||
-rw-r--r-- | include/plat/common/platform.h | 424 |
4 files changed, 643 insertions, 0 deletions
diff --git a/include/plat/common/common_def.h b/include/plat/common/common_def.h new file mode 100644 index 0000000..1d3ac15 --- /dev/null +++ b/include/plat/common/common_def.h @@ -0,0 +1,127 @@ +/* + * Copyright (c) 2015-2022, ARM Limited and Contributors. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ +#ifndef COMMON_DEF_H +#define COMMON_DEF_H + +#include <common/bl_common.h> +#include <lib/utils_def.h> +#include <lib/xlat_tables/xlat_tables_defs.h> + +#include <platform_def.h> + +#define SZ_32 U(0x00000020) +#define SZ_64 U(0x00000040) +#define SZ_128 U(0x00000080) +#define SZ_256 U(0x00000100) +#define SZ_512 U(0x00000200) + +#define SZ_1K U(0x00000400) +#define SZ_2K U(0x00000800) +#define SZ_4K U(0x00001000) +#define SZ_8K U(0x00002000) +#define SZ_16K U(0x00004000) +#define SZ_32K U(0x00008000) +#define SZ_64K U(0x00010000) +#define SZ_128K U(0x00020000) +#define SZ_256K U(0x00040000) +#define SZ_512K U(0x00080000) + +#define SZ_1M U(0x00100000) +#define SZ_2M U(0x00200000) +#define SZ_4M U(0x00400000) +#define SZ_8M U(0x00800000) +#define SZ_16M U(0x01000000) +#define SZ_32M U(0x02000000) +#define SZ_64M U(0x04000000) +#define SZ_128M U(0x08000000) +#define SZ_256M U(0x10000000) +#define SZ_512M U(0x20000000) + +#define SZ_1G U(0x40000000) +#define SZ_2G U(0x80000000) + +/****************************************************************************** + * Required platform porting definitions that are expected to be common to + * all platforms + *****************************************************************************/ + +/* + * Platform binary types for linking + */ +#ifdef __aarch64__ +#define PLATFORM_LINKER_FORMAT "elf64-littleaarch64" +#define PLATFORM_LINKER_ARCH aarch64 +#else +#define PLATFORM_LINKER_FORMAT "elf32-littlearm" +#define PLATFORM_LINKER_ARCH arm +#endif /* __aarch64__ */ + +/* + * Generic platform constants + */ +#define FIRMWARE_WELCOME_STR "Booting Trusted Firmware\n" + +#define BL2_IMAGE_DESC { \ + .image_id = BL2_IMAGE_ID, \ + SET_STATIC_PARAM_HEAD(image_info, PARAM_EP, \ + VERSION_2, image_info_t, 0), \ + .image_info.image_base = BL2_BASE, \ + .image_info.image_max_size = BL2_LIMIT - BL2_BASE,\ + SET_STATIC_PARAM_HEAD(ep_info, PARAM_EP, \ + VERSION_2, entry_point_info_t, SECURE | EXECUTABLE),\ + .ep_info.pc = BL2_BASE, \ +} + +/* + * The following constants identify the extents of the code & read-only data + * regions. These addresses are used by the MMU setup code and therefore they + * must be page-aligned. + * + * When the code and read-only data are mapped as a single atomic section + * (i.e. when SEPARATE_CODE_AND_RODATA=0) then we treat the whole section as + * code by specifying the read-only data section as empty. + * + * BL1 is different than the other images in the sense that its read-write data + * originally lives in Trusted ROM and needs to be relocated in Trusted SRAM at + * run-time. Therefore, the read-write data in ROM can be mapped with the same + * memory attributes as the read-only data region. For this reason, BL1 uses + * different macros. + * + * Note that BL1_ROM_END is not necessarily aligned on a page boundary as it + * just points to the end of BL1's actual content in Trusted ROM. Therefore it + * needs to be rounded up to the next page size in order to map the whole last + * page of it with the right memory attributes. + */ +#if SEPARATE_CODE_AND_RODATA + +#define BL1_CODE_END BL_CODE_END +#define BL1_RO_DATA_BASE BL_RO_DATA_BASE +#define BL1_RO_DATA_END round_up(BL1_ROM_END, PAGE_SIZE) +#if BL2_IN_XIP_MEM +#define BL2_CODE_END BL_CODE_END +#define BL2_RO_DATA_BASE BL_RO_DATA_BASE +#define BL2_RO_DATA_END round_up(BL2_ROM_END, PAGE_SIZE) +#endif /* BL2_IN_XIP_MEM */ +#else +#define BL_RO_DATA_BASE UL(0) +#define BL_RO_DATA_END UL(0) +#define BL1_CODE_END round_up(BL1_ROM_END, PAGE_SIZE) +#if BL2_IN_XIP_MEM +#define BL2_RO_DATA_BASE UL(0) +#define BL2_RO_DATA_END UL(0) +#define BL2_CODE_END round_up(BL2_ROM_END, PAGE_SIZE) +#endif /* BL2_IN_XIP_MEM */ +#endif /* SEPARATE_CODE_AND_RODATA */ + +#if MEASURED_BOOT +/* + * Start critical data Ids from 2^32/2 reserving Ids from 0 to (2^32/2 - 1) + * for Images, It is a critical data Id base for all platforms. + */ +#define CRITICAL_DATA_ID_BASE U(0x80000000) +#endif /* MEASURED_BOOT */ + +#endif /* COMMON_DEF_H */ diff --git a/include/plat/common/plat_drtm.h b/include/plat/common/plat_drtm.h new file mode 100644 index 0000000..e96e719 --- /dev/null +++ b/include/plat/common/plat_drtm.h @@ -0,0 +1,74 @@ +/* + * Copyright (c) 2022, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#ifndef PLAT_DRTM_H +#define PLAT_DRTM_H + +#include <stdint.h> +#include <lib/xlat_tables/xlat_tables_compat.h> + +typedef struct { + uint8_t max_num_mem_prot_regions; + uint8_t dma_protection_support; +} plat_drtm_dma_prot_features_t; + +typedef struct { + bool tpm_based_hash_support; + uint32_t firmware_hash_algorithm; +} plat_drtm_tpm_features_t; + +typedef struct { + uint64_t region_address; + uint64_t region_size_type; +} __attribute__((packed)) drtm_mem_region_t; + +/* + * Memory region descriptor table structure as per DRTM beta0 section 3.13 + * Table 11 MEMORY_REGION_DESCRIPTOR_TABLE + */ +typedef struct { + uint16_t revision; + uint16_t reserved; + uint32_t num_regions; + drtm_mem_region_t region[]; +} __attribute__((packed)) drtm_memory_region_descriptor_table_t; + +/* platform specific address map functions */ +const mmap_region_t *plat_get_addr_mmap(void); + +/* platform-specific DMA protection functions */ +bool plat_has_non_host_platforms(void); +bool plat_has_unmanaged_dma_peripherals(void); +unsigned int plat_get_total_smmus(void); +void plat_enumerate_smmus(const uintptr_t **smmus_out, + size_t *smmu_count_out); +const plat_drtm_dma_prot_features_t *plat_drtm_get_dma_prot_features(void); +uint64_t plat_drtm_dma_prot_get_max_table_bytes(void); + +/* platform-specific TPM functions */ +const plat_drtm_tpm_features_t *plat_drtm_get_tpm_features(void); + +/* + * TODO: Implement these functions as per the platform use case, + * as of now none of the platform uses these functions + */ +uint64_t plat_drtm_get_min_size_normal_world_dce(void); +uint64_t plat_drtm_get_tcb_hash_table_size(void); +uint64_t plat_drtm_get_imp_def_dlme_region_size(void); +uint64_t plat_drtm_get_tcb_hash_features(void); + +/* DRTM error handling functions */ +int plat_set_drtm_error(uint64_t error_code); +int plat_get_drtm_error(uint64_t *error_code); + +/* + * Platform-specific function to ensure passed region lies within + * Non-Secure region of DRAM + */ +int plat_drtm_validate_ns_region(uintptr_t region_start, + size_t region_size); + +#endif /* PLAT_DRTM_H */ diff --git a/include/plat/common/plat_trng.h b/include/plat/common/plat_trng.h new file mode 100644 index 0000000..a9f73b6 --- /dev/null +++ b/include/plat/common/plat_trng.h @@ -0,0 +1,18 @@ +/* + * Copyright (c) 2021, ARM Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#ifndef PLAT_TRNG_H +#define PLAT_TRNG_H + +#include <tools_share/uuid.h> + +/* TRNG platform functions */ + +extern uuid_t plat_trng_uuid; +void plat_entropy_setup(void); +bool plat_get_entropy(uint64_t *out); + +#endif /* PLAT_TRNG_H */ diff --git a/include/plat/common/platform.h b/include/plat/common/platform.h new file mode 100644 index 0000000..8407bbd --- /dev/null +++ b/include/plat/common/platform.h @@ -0,0 +1,424 @@ +/* + * Copyright (c) 2013-2022, Arm Limited and Contributors. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#ifndef PLATFORM_H +#define PLATFORM_H + +#include <stdint.h> + +#include <lib/psci/psci.h> +#if defined(SPD_spmd) + #include <services/spm_core_manifest.h> +#endif +#if ENABLE_RME +#include <services/rmm_core_manifest.h> +#endif +#include <drivers/fwu/fwu_metadata.h> +#if TRNG_SUPPORT +#include "plat_trng.h" +#endif /* TRNG_SUPPORT */ +#if DRTM_SUPPORT +#include "plat_drtm.h" +#endif /* DRTM_SUPPORT */ + +/******************************************************************************* + * Forward declarations + ******************************************************************************/ +struct auth_img_desc_s; +struct meminfo; +struct image_info; +struct entry_point_info; +struct image_desc; +struct bl_load_info; +struct bl_params; +struct mmap_region; +struct spm_mm_boot_info; +struct sp_res_desc; +enum fw_enc_status_t; + +/******************************************************************************* + * plat_get_rotpk_info() flags + ******************************************************************************/ +#define ROTPK_IS_HASH (1 << 0) +/* Flag used to skip verification of the certificate ROTPK while the platform + ROTPK is not deployed */ +#define ROTPK_NOT_DEPLOYED (1 << 1) + +/******************************************************************************* + * plat_get_enc_key_info() flags + ******************************************************************************/ +/* + * Flag used to notify caller that information provided in key buffer is an + * identifier rather than an actual key. + */ +#define ENC_KEY_IS_IDENTIFIER (1 << 0) + +/******************************************************************************* + * Function declarations + ******************************************************************************/ +/******************************************************************************* + * Mandatory common functions + ******************************************************************************/ +unsigned int plat_get_syscnt_freq2(void); + +int plat_get_image_source(unsigned int image_id, + uintptr_t *dev_handle, + uintptr_t *image_spec); +uintptr_t plat_get_ns_image_entrypoint(void); +unsigned int plat_my_core_pos(void); +int plat_core_pos_by_mpidr(u_register_t mpidr); +int plat_get_mbedtls_heap(void **heap_addr, size_t *heap_size); + +#if STACK_PROTECTOR_ENABLED +/* + * Return a new value to be used for the stack protection's canary. + * + * Ideally, this value is a random number that is impossible to predict by an + * attacker. + */ +u_register_t plat_get_stack_protector_canary(void); +#endif /* STACK_PROTECTOR_ENABLED */ + +/******************************************************************************* + * Mandatory interrupt management functions + ******************************************************************************/ +uint32_t plat_ic_get_pending_interrupt_id(void); +uint32_t plat_ic_get_pending_interrupt_type(void); +uint32_t plat_ic_acknowledge_interrupt(void); +uint32_t plat_ic_get_interrupt_type(uint32_t id); +void plat_ic_end_of_interrupt(uint32_t id); +uint32_t plat_interrupt_type_to_line(uint32_t type, + uint32_t security_state); + +/******************************************************************************* + * Optional interrupt management functions, depending on chosen EL3 components. + ******************************************************************************/ +unsigned int plat_ic_get_running_priority(void); +int plat_ic_is_spi(unsigned int id); +int plat_ic_is_ppi(unsigned int id); +int plat_ic_is_sgi(unsigned int id); +unsigned int plat_ic_get_interrupt_active(unsigned int id); +void plat_ic_disable_interrupt(unsigned int id); +void plat_ic_enable_interrupt(unsigned int id); +int plat_ic_has_interrupt_type(unsigned int type); +void plat_ic_set_interrupt_type(unsigned int id, unsigned int type); +void plat_ic_set_interrupt_priority(unsigned int id, unsigned int priority); +void plat_ic_raise_el3_sgi(int sgi_num, u_register_t target); +void plat_ic_raise_ns_sgi(int sgi_num, u_register_t target); +void plat_ic_raise_s_el1_sgi(int sgi_num, u_register_t target); +void plat_ic_set_spi_routing(unsigned int id, unsigned int routing_mode, + u_register_t mpidr); +void plat_ic_set_interrupt_pending(unsigned int id); +void plat_ic_clear_interrupt_pending(unsigned int id); +unsigned int plat_ic_set_priority_mask(unsigned int mask); +unsigned int plat_ic_get_interrupt_id(unsigned int raw); + +/******************************************************************************* + * Optional common functions (may be overridden) + ******************************************************************************/ +uintptr_t plat_get_my_stack(void); +void plat_report_exception(unsigned int exception_type); +void plat_report_prefetch_abort(unsigned int fault_address); +void plat_report_data_abort(unsigned int fault_address); +int plat_crash_console_init(void); +int plat_crash_console_putc(int c); +void plat_crash_console_flush(void); +void plat_error_handler(int err) __dead2; +void plat_panic_handler(void) __dead2; +void plat_system_reset(void) __dead2; +const char *plat_log_get_prefix(unsigned int log_level); +void bl2_plat_preload_setup(void); +int plat_try_next_boot_source(void); + +#if MEASURED_BOOT +int plat_mboot_measure_image(unsigned int image_id, image_info_t *image_data); +int plat_mboot_measure_critical_data(unsigned int critical_data_id, + const void *base, + size_t size); +#else +static inline int plat_mboot_measure_image(unsigned int image_id __unused, + image_info_t *image_data __unused) +{ + return 0; +} +static inline int plat_mboot_measure_critical_data( + unsigned int critical_data_id __unused, + const void *base __unused, + size_t size __unused) +{ + return 0; +} +#endif /* MEASURED_BOOT */ + +/******************************************************************************* + * Mandatory BL1 functions + ******************************************************************************/ +void bl1_early_platform_setup(void); +void bl1_plat_arch_setup(void); +void bl1_platform_setup(void); +struct meminfo *bl1_plat_sec_mem_layout(void); + +/******************************************************************************* + * Optional EL3 component functions in BL31 + ******************************************************************************/ + +/* SDEI platform functions */ +#if SDEI_SUPPORT +void plat_sdei_setup(void); +int plat_sdei_validate_entry_point(uintptr_t ep, unsigned int client_mode); +void plat_sdei_handle_masked_trigger(uint64_t mpidr, unsigned int intr); +#endif + +void plat_default_ea_handler(unsigned int ea_reason, uint64_t syndrome, void *cookie, + void *handle, uint64_t flags); +void plat_ea_handler(unsigned int ea_reason, uint64_t syndrome, void *cookie, + void *handle, uint64_t flags); + +/* + * The following function is mandatory when the + * firmware update feature is used. + */ +int bl1_plat_mem_check(uintptr_t mem_base, unsigned int mem_size, + unsigned int flags); + +/******************************************************************************* + * Optional BL1 functions (may be overridden) + ******************************************************************************/ +/* + * The following functions are used for image loading process in BL1. + */ +void bl1_plat_set_ep_info(unsigned int image_id, + struct entry_point_info *ep_info); +/* + * The following functions are mandatory when firmware update + * feature is used and optional otherwise. + */ +unsigned int bl1_plat_get_next_image_id(void); +struct image_desc *bl1_plat_get_image_desc(unsigned int image_id); + +/* + * The following functions are used by firmware update + * feature and may optionally be overridden. + */ +__dead2 void bl1_plat_fwu_done(void *client_cookie, void *reserved); + +/* + * This BL1 function can be used by the platforms to update/use image + * information for a given `image_id`. + */ +int bl1_plat_handle_pre_image_load(unsigned int image_id); +int bl1_plat_handle_post_image_load(unsigned int image_id); + +#if MEASURED_BOOT +void bl1_plat_mboot_init(void); +void bl1_plat_mboot_finish(void); +#else +static inline void bl1_plat_mboot_init(void) +{ +} +static inline void bl1_plat_mboot_finish(void) +{ +} +#endif /* MEASURED_BOOT */ + +/******************************************************************************* + * Mandatory BL2 functions + ******************************************************************************/ +void bl2_early_platform_setup2(u_register_t arg0, u_register_t arg1, u_register_t arg2, u_register_t arg3); +void bl2_plat_arch_setup(void); +void bl2_platform_setup(void); +struct meminfo *bl2_plat_sec_mem_layout(void); + +/* + * This function can be used by the platforms to update/use image + * information for given `image_id`. + */ +int bl2_plat_handle_pre_image_load(unsigned int image_id); +int bl2_plat_handle_post_image_load(unsigned int image_id); + +/******************************************************************************* + * Optional BL2 functions (may be overridden) + ******************************************************************************/ +#if MEASURED_BOOT +void bl2_plat_mboot_init(void); +void bl2_plat_mboot_finish(void); +#else +static inline void bl2_plat_mboot_init(void) +{ +} +static inline void bl2_plat_mboot_finish(void) +{ +} +#endif /* MEASURED_BOOT */ + +/******************************************************************************* + * Mandatory BL2 at EL3 functions: Must be implemented if BL2_AT_EL3 image is + * supported + ******************************************************************************/ +void bl2_el3_early_platform_setup(u_register_t arg0, u_register_t arg1, + u_register_t arg2, u_register_t arg3); +void bl2_el3_plat_arch_setup(void); + +/******************************************************************************* + * Optional BL2 at EL3 functions (may be overridden) + ******************************************************************************/ +void bl2_el3_plat_prepare_exit(void); + +/******************************************************************************* + * Mandatory BL2U functions. + ******************************************************************************/ +void bl2u_early_platform_setup(struct meminfo *mem_layout, + void *plat_info); +void bl2u_plat_arch_setup(void); +void bl2u_platform_setup(void); + +/******************************************************************************* + * Conditionally mandatory BL2U functions for CSS platforms. + ******************************************************************************/ +/* + * This function is used to perform any platform-specific actions required to + * handle the BL2U_SCP firmware. + */ +int bl2u_plat_handle_scp_bl2u(void); + +/******************************************************************************* + * Mandatory BL31 functions + ******************************************************************************/ +void bl31_early_platform_setup2(u_register_t arg0, u_register_t arg1, + u_register_t arg2, u_register_t arg3); +void bl31_plat_arch_setup(void); +void bl31_platform_setup(void); +void bl31_plat_runtime_setup(void); +struct entry_point_info *bl31_plat_get_next_image_ep_info(uint32_t type); + +/******************************************************************************* + * Mandatory PSCI functions (BL31) + ******************************************************************************/ +int plat_setup_psci_ops(uintptr_t sec_entrypoint, + const struct plat_psci_ops **psci_ops); +const unsigned char *plat_get_power_domain_tree_desc(void); + +/******************************************************************************* + * Optional PSCI functions (BL31). + ******************************************************************************/ +void plat_psci_stat_accounting_start(const psci_power_state_t *state_info); +void plat_psci_stat_accounting_stop(const psci_power_state_t *state_info); +u_register_t plat_psci_stat_get_residency(unsigned int lvl, + const psci_power_state_t *state_info, + unsigned int last_cpu_idx); +plat_local_state_t plat_get_target_pwr_state(unsigned int lvl, + const plat_local_state_t *states, + unsigned int ncpu); + +/******************************************************************************* + * Mandatory BL31 functions when ENABLE_RME=1 + ******************************************************************************/ +#if ENABLE_RME +int plat_rmmd_get_cca_attest_token(uintptr_t buf, size_t *len, + uintptr_t hash, size_t hash_size); +int plat_rmmd_get_cca_realm_attest_key(uintptr_t buf, size_t *len, + unsigned int type); +size_t plat_rmmd_get_el3_rmm_shared_mem(uintptr_t *shared); +int plat_rmmd_load_manifest(rmm_manifest_t *manifest); +#endif + +/******************************************************************************* + * Optional BL31 functions (may be overridden) + ******************************************************************************/ +void bl31_plat_enable_mmu(uint32_t flags); + +/******************************************************************************* + * Optional BL32 functions (may be overridden) + ******************************************************************************/ +void bl32_plat_enable_mmu(uint32_t flags); + +/******************************************************************************* + * Trusted Board Boot functions + ******************************************************************************/ +int plat_get_rotpk_info(void *cookie, void **key_ptr, unsigned int *key_len, + unsigned int *flags); +int plat_get_nv_ctr(void *cookie, unsigned int *nv_ctr); +int plat_set_nv_ctr(void *cookie, unsigned int nv_ctr); +int plat_set_nv_ctr2(void *cookie, const struct auth_img_desc_s *img_desc, + unsigned int nv_ctr); +int plat_convert_pk(void *full_pk_ptr, unsigned int full_pk_len, + void **hashed_pk_ptr, unsigned int *hash_pk_len); +int get_mbedtls_heap_helper(void **heap_addr, size_t *heap_size); +int plat_get_enc_key_info(enum fw_enc_status_t fw_enc_status, uint8_t *key, + size_t *key_len, unsigned int *flags, + const uint8_t *img_id, size_t img_id_len); + +/******************************************************************************* + * Secure Partitions functions + ******************************************************************************/ +const struct mmap_region *plat_get_secure_partition_mmap(void *cookie); +const struct spm_mm_boot_info *plat_get_secure_partition_boot_info( + void *cookie); +int plat_spm_sp_rd_load(struct sp_res_desc *rd, const void *ptr, size_t size); +int plat_spm_sp_get_next_address(void **sp_base, size_t *sp_size, + void **rd_base, size_t *rd_size); +#if defined(SPD_spmd) +int plat_spm_core_manifest_load(spmc_manifest_attribute_t *manifest, + const void *pm_addr); +#endif +#if defined(SPMC_AT_EL3) +int plat_spmc_shmem_datastore_get(uint8_t **datastore, size_t *size); +#endif + +/******************************************************************************* + * Mandatory BL image load functions(may be overridden). + ******************************************************************************/ +/* + * This function returns pointer to the list of images that the + * platform has populated to load. + */ +struct bl_load_info *plat_get_bl_image_load_info(void); + +/* + * This function returns a pointer to the shared memory that the + * platform has kept aside to pass trusted firmware related + * information that next BL image could need. + */ +struct bl_params *plat_get_next_bl_params(void); + +/* + * This function flushes to main memory all the params that are + * passed to next image. + */ +void plat_flush_next_bl_params(void); + +/* + * The below function enable Trusted Firmware components like SPDs which + * haven't migrated to the new platform API to compile on platforms which + * have the compatibility layer disabled. + */ +unsigned int platform_core_pos_helper(unsigned long mpidr); + +/* + * Optional function to get SOC version + */ +int32_t plat_get_soc_version(void); + +/* + * Optional function to get SOC revision + */ +int32_t plat_get_soc_revision(void); + +/* + * Optional function to check for SMCCC function availability for platform + */ +int32_t plat_is_smccc_feature_available(u_register_t fid); + +/******************************************************************************* + * FWU platform specific functions + ******************************************************************************/ +int plat_fwu_set_metadata_image_source(unsigned int image_id, + uintptr_t *dev_handle, + uintptr_t *image_spec); +void plat_fwu_set_images_source(const struct fwu_metadata *metadata); +uint32_t plat_fwu_get_boot_idx(void); + +#endif /* PLATFORM_H */ |