/*
 * Copyright (c) 2023, Arm Limited and Contributors. All rights reserved.
 *
 * SPDX-License-Identifier: BSD-3-Clause
 */

#include <assert.h>
#include <errno.h>
#include <string.h>
#include "spmd_private.h"

#include <common/debug.h>
#include <lib/el3_runtime/context_mgmt.h>
#include <services/el3_spmd_logical_sp.h>
#include <services/spmc_svc.h>


#if ENABLE_SPMD_LP
static bool is_spmd_lp_inited;
static bool is_spmc_inited;

/*
 * Helper function to obtain the array storing the EL3
 * SPMD Logical Partition descriptors.
 */
static struct spmd_lp_desc *get_spmd_el3_lp_array(void)
{
	return (struct spmd_lp_desc *) SPMD_LP_DESCS_START;
}

/*******************************************************************************
 * Validate any logical partition descriptors before we initialize.
 * Initialization of said partitions will be taken care of during SPMD boot.
 ******************************************************************************/
static int el3_spmd_sp_desc_validate(struct spmd_lp_desc *lp_array)
{
	/* Check the array bounds are valid. */
	assert(SPMD_LP_DESCS_END > SPMD_LP_DESCS_START);

	/*
	 * No support for SPMD logical partitions when SPMC is at EL3.
	 */
	assert(!is_spmc_at_el3());

	/* If no SPMD logical partitions are implemented then simply bail out. */
	if (SPMD_LP_DESCS_COUNT == 0U) {
		return -1;
	}

	for (uint32_t index = 0U; index < SPMD_LP_DESCS_COUNT; index++) {
		struct spmd_lp_desc *lp_desc = &lp_array[index];

		/* Validate our logical partition descriptors. */
		if (lp_desc == NULL) {
			ERROR("Invalid SPMD Logical SP Descriptor\n");
			return -EINVAL;
		}

		/*
		 * Ensure the ID follows the convention to indicate it resides
		 * in the secure world.
		 */
		if (!ffa_is_secure_world_id(lp_desc->sp_id)) {
			ERROR("Invalid SPMD Logical SP ID (0x%x)\n",
			      lp_desc->sp_id);
			return -EINVAL;
		}

		/* Ensure SPMD logical partition is in valid range. */
		if (!is_spmd_lp_id(lp_desc->sp_id)) {
			ERROR("Invalid SPMD Logical Partition ID (0x%x)\n",
			      lp_desc->sp_id);
			return -EINVAL;
		}

		/* Ensure the UUID is not the NULL UUID. */
		if (lp_desc->uuid[0] == 0 && lp_desc->uuid[1] == 0 &&
		    lp_desc->uuid[2] == 0 && lp_desc->uuid[3] == 0) {
			ERROR("Invalid UUID for SPMD Logical SP (0x%x)\n",
			      lp_desc->sp_id);
			return -EINVAL;
		}

		/* Ensure init function callback is registered. */
		if (lp_desc->init == NULL) {
			ERROR("Missing init function for Logical SP(0x%x)\n",
			      lp_desc->sp_id);
			return -EINVAL;
		}

		/* Ensure that SPMD LP only supports sending direct requests. */
		if (lp_desc->properties != FFA_PARTITION_DIRECT_REQ_SEND) {
			ERROR("Invalid SPMD logical partition properties (0x%x)\n",
			      lp_desc->properties);
			return -EINVAL;
		}

		/* Ensure that all partition IDs are unique. */
		for (uint32_t inner_idx = index + 1;
		     inner_idx < SPMD_LP_DESCS_COUNT; inner_idx++) {
			if (lp_desc->sp_id == lp_array[inner_idx].sp_id) {
				ERROR("Duplicate SPMD logical SP ID Detected (0x%x)\n",
				      lp_desc->sp_id);
				return -EINVAL;
			}
		}
	}
	return 0;
}

static void spmd_encode_ffa_error(struct ffa_value *retval, int32_t error_code)
{
	retval->func = FFA_ERROR;
	retval->arg1 = FFA_TARGET_INFO_MBZ;
	retval->arg2 = (uint32_t)error_code;
	retval->arg3 = FFA_TARGET_INFO_MBZ;
	retval->arg4 = FFA_TARGET_INFO_MBZ;
	retval->arg5 = FFA_TARGET_INFO_MBZ;
	retval->arg6 = FFA_TARGET_INFO_MBZ;
	retval->arg7 = FFA_TARGET_INFO_MBZ;
}

static void spmd_build_direct_message_req(spmd_spm_core_context_t *ctx,
					  uint64_t x1, uint64_t x2,
					  uint64_t x3, uint64_t x4)
{
	gp_regs_t *gpregs = get_gpregs_ctx(&ctx->cpu_ctx);

	write_ctx_reg(gpregs, CTX_GPREG_X0, FFA_MSG_SEND_DIRECT_REQ_SMC32);
	write_ctx_reg(gpregs, CTX_GPREG_X1, x1);
	write_ctx_reg(gpregs, CTX_GPREG_X2, x2);
	write_ctx_reg(gpregs, CTX_GPREG_X3, x3);
	write_ctx_reg(gpregs, CTX_GPREG_X4, x4);
	write_ctx_reg(gpregs, CTX_GPREG_X5, 0U);
	write_ctx_reg(gpregs, CTX_GPREG_X6, 0U);
	write_ctx_reg(gpregs, CTX_GPREG_X7, 0U);
}

static void spmd_encode_ctx_to_ffa_value(spmd_spm_core_context_t *ctx,
					 struct ffa_value *retval)
{
	gp_regs_t *gpregs = get_gpregs_ctx(&ctx->cpu_ctx);

	retval->func = read_ctx_reg(gpregs, CTX_GPREG_X0);
	retval->arg1 = read_ctx_reg(gpregs, CTX_GPREG_X1);
	retval->arg2 = read_ctx_reg(gpregs, CTX_GPREG_X2);
	retval->arg3 = read_ctx_reg(gpregs, CTX_GPREG_X3);
	retval->arg4 = read_ctx_reg(gpregs, CTX_GPREG_X4);
	retval->arg5 = read_ctx_reg(gpregs, CTX_GPREG_X5);
	retval->arg6 = read_ctx_reg(gpregs, CTX_GPREG_X6);
	retval->arg7 = read_ctx_reg(gpregs, CTX_GPREG_X7);
}

static void spmd_logical_sp_set_dir_req_ongoing(spmd_spm_core_context_t *ctx)
{
	ctx->spmd_lp_sync_req_ongoing |= SPMD_LP_FFA_DIR_REQ_ONGOING;
}

static void spmd_logical_sp_reset_dir_req_ongoing(spmd_spm_core_context_t *ctx)
{
	ctx->spmd_lp_sync_req_ongoing &= ~SPMD_LP_FFA_DIR_REQ_ONGOING;
}

#endif

/*
 * Initialize SPMD logical partitions. This function assumes that it is called
 * only after the SPMC has successfully initialized.
 */
int32_t spmd_logical_sp_init(void)
{
#if ENABLE_SPMD_LP
	int32_t rc = 0;
	struct spmd_lp_desc *spmd_lp_descs;

	if (is_spmd_lp_inited == true) {
		return 0;
	}

	if (is_spmc_inited == false) {
		return -1;
	}

	spmd_lp_descs = get_spmd_el3_lp_array();

	/* Perform initial validation of the SPMD Logical Partitions. */
	rc = el3_spmd_sp_desc_validate(spmd_lp_descs);
	if (rc != 0) {
		ERROR("Logical SPMD Partition validation failed!\n");
		return rc;
	}

	VERBOSE("SPMD Logical Secure Partition init start.\n");
	for (unsigned int i = 0U; i < SPMD_LP_DESCS_COUNT; i++) {
		rc = spmd_lp_descs[i].init();
		if (rc != 0) {
			ERROR("SPMD Logical SP (0x%x) failed to initialize\n",
			      spmd_lp_descs[i].sp_id);
			return rc;
		}
		VERBOSE("SPMD Logical SP (0x%x) Initialized\n",
			spmd_lp_descs[i].sp_id);
	}

	INFO("SPMD Logical Secure Partition init completed.\n");
	if (rc == 0) {
		is_spmd_lp_inited = true;
	}
	return rc;
#else
	return 0;
#endif
}

void spmd_logical_sp_set_spmc_initialized(void)
{
#if ENABLE_SPMD_LP
	is_spmc_inited = true;
#endif
}

void spmd_logical_sp_set_spmc_failure(void)
{
#if ENABLE_SPMD_LP
	is_spmc_inited = false;
#endif
}

/*******************************************************************************
 * This function sends an FF-A Direct Request from a partition in EL3 to a
 * partition that may reside under an SPMC (only lower ELs supported). The main
 * use of this API is for SPMD logical partitions.
 * The API is expected to be used when there are platform specific SMCs that
 * need to be routed to a secure partition that is FF-A compliant or when
 * there are group 0 interrupts that need to be handled first in EL3 and then
 * forwarded to an FF-A compliant secure partition. Therefore, it is expected
 * that the handle to the context provided belongs to the non-secure context.
 * This also means that interrupts/SMCs that trap to EL3 during secure execution
 * cannot use this API.
 * x1, x2, x3 and x4 are encoded as specified in the FF-A specification.
 * retval is used to pass the direct response values to the caller.
 * The function returns true if retval has valid values, and false otherwise.
 ******************************************************************************/
bool spmd_el3_ffa_msg_direct_req(uint64_t x1,
				 uint64_t x2,
				 uint64_t x3,
				 uint64_t x4,
				 void *handle,
				 struct ffa_value *retval)
{
#if ENABLE_SPMD_LP

	uint64_t rc = UINT64_MAX;
	spmd_spm_core_context_t *ctx = spmd_get_context();

	if (retval == NULL) {
		return false;
	}

	memset(retval, 0, sizeof(*retval));

	if (!is_spmd_lp_inited || !is_spmc_inited) {
		VERBOSE("Cannot send SPMD logical partition direct message,"
			" Partitions not initialized or SPMC not initialized.\n");
			spmd_encode_ffa_error(retval, FFA_ERROR_DENIED);
		return true;
	}

	/*
	 * x2 must be zero, since there is no support for framework message via
	 * an SPMD logical partition. This is sort of a useless check and it is
	 * possible to not take parameter. However, as the framework extends it
	 * may be useful to have x2 and extend this function later with
	 * functionality based on x2.
	 */
	if (x2 != 0) {
		VERBOSE("x2 must be zero. Cannot send framework message.\n");
			spmd_encode_ffa_error(retval, FFA_ERROR_DENIED);
		return true;
	}

	/*
	 * Current context must be non-secure. API is expected to be used
	 * when entry into EL3 and the SPMD logical partition is via an
	 * interrupt that occurs when execution is in normal world and
	 * SMCs from normal world. FF-A compliant SPMCs are expected to
	 * trap interrupts during secure execution in lower ELs since they
	 * are usually not re-entrant and SMCs from secure world can be
	 * handled synchronously. There is no known use case for an SPMD
	 * logical partition to send a direct message to another partition
	 * in response to a secure interrupt or SMCs from secure world.
	 */
	if (handle != cm_get_context(NON_SECURE)) {
		VERBOSE("Handle must be for the non-secure context.\n");
			spmd_encode_ffa_error(retval, FFA_ERROR_DENIED);
		return true;
	}

	if (!is_spmd_lp_id(ffa_endpoint_source(x1))) {
		VERBOSE("Source ID must be valid SPMD logical partition"
			" ID.\n");
			spmd_encode_ffa_error(retval,
					      FFA_ERROR_INVALID_PARAMETER);
		return true;
	}

	if (is_spmd_lp_id(ffa_endpoint_destination(x1))) {
		VERBOSE("Destination ID must not be SPMD logical partition"
			" ID.\n");
			spmd_encode_ffa_error(retval,
					      FFA_ERROR_INVALID_PARAMETER);
		return true;
	}

	if (!ffa_is_secure_world_id(ffa_endpoint_destination(x1))) {
		VERBOSE("Destination ID must be secure world ID.\n");
			spmd_encode_ffa_error(retval,
					      FFA_ERROR_INVALID_PARAMETER);
		return true;
	}

	if (ffa_endpoint_destination(x1) == SPMD_DIRECT_MSG_ENDPOINT_ID) {
		VERBOSE("Destination ID must not be SPMD ID.\n");
			spmd_encode_ffa_error(retval,
					      FFA_ERROR_INVALID_PARAMETER);
		return true;
	}

	if (ffa_endpoint_destination(x1) == spmd_spmc_id_get()) {
		VERBOSE("Destination ID must not be SPMC ID.\n");
			spmd_encode_ffa_error(retval,
					      FFA_ERROR_INVALID_PARAMETER);
		return true;
	}

	/* Save the non-secure context before entering SPMC */
	cm_el1_sysregs_context_save(NON_SECURE);
#if SPMD_SPM_AT_SEL2
	cm_el2_sysregs_context_save(NON_SECURE);
#endif

	/*
	 * Perform synchronous entry into the SPMC. Synchronous entry is
	 * required because the spec requires that a direct message request
	 * from an SPMD LP look like a function call from it's perspective.
	 */
	spmd_build_direct_message_req(ctx, x1, x2, x3, x4);
	spmd_logical_sp_set_dir_req_ongoing(ctx);

	rc = spmd_spm_core_sync_entry(ctx);

	spmd_logical_sp_reset_dir_req_ongoing(ctx);

	if (rc != 0ULL) {
		ERROR("%s failed (%lx) on CPU%u\n", __func__, rc,
		      plat_my_core_pos());
		panic();
	} else {
		spmd_encode_ctx_to_ffa_value(ctx, retval);

		/*
		 * Only expect error or direct response,
		 * spmd_spm_core_sync_exit should not be called on other paths.
		 * Checks are asserts since the LSP can fail gracefully if the
		 * source or destination ids are not the same. Panic'ing would
		 * not provide any benefit.
		 */
		assert(is_ffa_error(retval) || is_ffa_direct_msg_resp(retval));
		assert(is_ffa_error(retval) ||
			(ffa_endpoint_destination(retval->arg1) ==
				ffa_endpoint_source(x1)));
		assert(is_ffa_error(retval) ||
			(ffa_endpoint_source(retval->arg1) ==
				ffa_endpoint_destination(x1)));
	}

	cm_el1_sysregs_context_restore(NON_SECURE);
#if SPMD_SPM_AT_SEL2
	cm_el2_sysregs_context_restore(NON_SECURE);
#endif
	cm_set_next_eret_context(NON_SECURE);

	return true;
#else
	return false;
#endif
}

bool is_spmd_logical_sp_dir_req_in_progress(
		spmd_spm_core_context_t *ctx)
{
#if ENABLE_SPMD_LP
	return ((ctx->spmd_lp_sync_req_ongoing & SPMD_LP_FFA_DIR_REQ_ONGOING)
		== SPMD_LP_FFA_DIR_REQ_ONGOING);
#else
	return false;
#endif
}