xref: /rk3399_ARM-atf/include/services/rmmd_svc.h (revision a1032beb656d78d1cffc97fa64c961d098b23b48) 
1 /*
2  * Copyright (c) 2021-2025, Arm Limited and Contributors. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  */
6 
7 #ifndef RMMD_SVC_H
8 #define RMMD_SVC_H
9 
10 #include <common/sha_common_macros.h>
11 #include <lib/smccc.h>
12 #include <lib/utils_def.h>
13 
14 /* STD calls FNUM Min/Max ranges */
15 #define RMI_FNUM_MIN_VALUE	U(0x150)
16 #define RMI_FNUM_MAX_VALUE	U(0x18F)
17 
18 /* Construct RMI fastcall std FID from offset */
19 #define SMC64_RMI_FID(_offset)					  \
20 	((SMC_TYPE_FAST << FUNCID_TYPE_SHIFT)			| \
21 	 (SMC_64 << FUNCID_CC_SHIFT)				| \
22 	 (OEN_STD_START << FUNCID_OEN_SHIFT)			| \
23 	 (((RMI_FNUM_MIN_VALUE + (_offset)) & FUNCID_NUM_MASK)	  \
24 	  << FUNCID_NUM_SHIFT))
25 
26 #define is_rmi_fid(fid) __extension__ ({		\
27 	__typeof__(fid) _fid = (fid);			\
28 	((GET_SMC_NUM(_fid) >= RMI_FNUM_MIN_VALUE) &&	\
29 	 (GET_SMC_NUM(_fid) <= RMI_FNUM_MAX_VALUE) &&	\
30 	 (GET_SMC_TYPE(_fid) == SMC_TYPE_FAST)	   &&	\
31 	 (GET_SMC_CC(_fid) == SMC_64)              &&	\
32 	 (GET_SMC_OEN(_fid) == OEN_STD_START)      &&	\
33 	 ((_fid & 0x00FE0000) == 0U)); })
34 
35 /*
36  * RMI_FNUM_REQ_COMPLETE is the only function in the RMI range that originates
37  * from the Realm world and is handled by the RMMD. The RMI functions are
38  * always invoked by the Normal world, forwarded by RMMD and handled by the
39  * RMM.
40  */
41 					/* 0x18F */
42 #define RMM_RMI_REQ_COMPLETE		SMC64_RMI_FID(U(0x3F))
43 
44 /* RMM_BOOT_COMPLETE arg0 error codes */
45 #define E_RMM_BOOT_SUCCESS				(0)
46 #define E_RMM_BOOT_UNKNOWN				(-1)
47 #define E_RMM_BOOT_VERSION_MISMATCH			(-2)
48 #define E_RMM_BOOT_CPUS_OUT_OF_RANGE			(-3)
49 #define E_RMM_BOOT_CPU_ID_OUT_OF_RANGE			(-4)
50 #define E_RMM_BOOT_INVALID_SHARED_BUFFER		(-5)
51 #define E_RMM_BOOT_MANIFEST_VERSION_NOT_SUPPORTED	(-6)
52 #define E_RMM_BOOT_MANIFEST_DATA_ERROR			(-7)
53 
54 /* The SMC in the range 0x8400 0191 - 0x8400 01AF are reserved for RSIs.*/
55 
56 /*
57  * EL3 - RMM SMCs used for requesting RMMD services. These SMCs originate in Realm
58  * world and return to Realm world.
59  *
60  * These are allocated from 0x8400 01B0 - 0x8400 01CF in the RMM Service range.
61  */
62 #define RMMD_EL3_FNUM_MIN_VALUE		U(0x1B0)
63 #define RMMD_EL3_FNUM_MAX_VALUE		U(0x1CF)
64 
65 /* Construct RMM_EL3 fastcall std FID from offset */
66 #define SMC64_RMMD_EL3_FID(_offset)					  \
67 	((SMC_TYPE_FAST << FUNCID_TYPE_SHIFT)				| \
68 	 (SMC_64 << FUNCID_CC_SHIFT)					| \
69 	 (OEN_STD_START << FUNCID_OEN_SHIFT)				| \
70 	 (((RMMD_EL3_FNUM_MIN_VALUE + (_offset)) & FUNCID_NUM_MASK)	  \
71 	  << FUNCID_NUM_SHIFT))
72 
73 /* The macros below are used to identify GTSI calls from the SMC function ID */
74 #define is_rmmd_el3_fid(fid) __extension__ ({		\
75 	__typeof__(fid) _fid = (fid);			\
76 	((GET_SMC_NUM(_fid) >= RMMD_EL3_FNUM_MIN_VALUE) &&\
77 	(GET_SMC_NUM(_fid) <= RMMD_EL3_FNUM_MAX_VALUE)  &&\
78 	(GET_SMC_TYPE(_fid) == SMC_TYPE_FAST)	    &&	\
79 	(GET_SMC_CC(_fid) == SMC_64)                &&	\
80 	(GET_SMC_OEN(_fid) == OEN_STD_START)        &&	\
81 	((_fid & 0x00FE0000) == 0U)); })
82 
83 					/* 0x1B0 - 0x1B1 */
84 #define RMM_GTSI_DELEGATE		SMC64_RMMD_EL3_FID(U(0))
85 #define RMM_GTSI_UNDELEGATE		SMC64_RMMD_EL3_FID(U(1))
86 
87 /* Return error codes from RMM-EL3 SMCs */
88 #define E_RMM_OK			 0
89 #define E_RMM_UNK			-1
90 #define E_RMM_BAD_ADDR			-2
91 #define E_RMM_BAD_PAS			-3
92 #define E_RMM_NOMEM			-4
93 #define E_RMM_INVAL			-5
94 #define E_RMM_AGAIN			-6
95 #define E_RMM_FAULT			-7
96 #define E_RMM_IN_PROGRESS		-8
97 
98 /* Return error codes from RMI SMCs */
99 #define RMI_SUCCESS			0
100 #define RMI_ERROR_INPUT			1
101 
102 /*
103  * Retrieve Realm attestation key from EL3. Only P-384 ECC curve key is
104  * supported. The arguments to this SMC are :
105  *    arg0 - Function ID.
106  *    arg1 - Realm attestation key buffer Physical address.
107  *    arg2 - Realm attestation key buffer size (in bytes).
108  *    arg3 - The type of the elliptic curve to which the requested
109  *           attestation key belongs to. The value should be one of the
110  *           defined curve types.
111  * The return arguments are :
112  *    ret0 - Status / error.
113  *    ret1 - Size of the realm attestation key if successful.
114  */
115 					/* 0x1B2 */
116 #define RMM_ATTEST_GET_REALM_KEY	SMC64_RMMD_EL3_FID(U(2))
117 
118 /*
119  * Retrieve Platform token from EL3.
120  * The arguments to this SMC are :
121  *    arg0 - Function ID.
122  *    arg1 - Platform attestation token buffer Physical address. (The challenge
123  *           object is passed in this buffer.)
124  *    arg2 - Platform attestation token buffer size (in bytes).
125  *    arg3 - Challenge object size (in bytes). It has to be one of the defined
126  *           SHA hash sizes.
127  * The return arguments are :
128  *    ret0 - Status / error.
129  *    ret1 - Size of the platform token if successful.
130  */
131 					/* 0x1B3 */
132 #define RMM_ATTEST_GET_PLAT_TOKEN	SMC64_RMMD_EL3_FID(U(3))
133 
134 /* Starting RMM-EL3 interface version 0.4 */
135 #define RMM_EL3_FEATURES				SMC64_RMMD_EL3_FID(U(4))
136 #define RMM_EL3_FEAT_REG_0_IDX				U(0)
137 /* Bit 0 of FEAT_REG_0 */
138 /* 1 - the feature is present in EL3 , 0 - the feature is absent */
139 #define RMM_EL3_FEAT_REG_0_EL3_TOKEN_SIGN_MASK		U(0x1)
140 
141 /*
142  * Function codes to support attestation where EL3 is used to sign
143  * realm attestation tokens. In this model, the private key is not
144  * exposed to the RMM.
145  * The arguments to this SMC are:
146  *     arg0 - Function ID.
147  *     arg1 - Opcode, one of:
148  *               RMM_EL3_TOKEN_SIGN_PUSH_REQ_OP,
149  *               RMM_EL3_TOKEN_SIGN_PULL_RESP_OP,
150  *               RMM_EL3_TOKEN_SIGN_GET_RAK_PUB_OP
151  *     arg2 - Pointer to buffer with request/response structures,
152  *            which is in the RMM<->EL3 shared buffer.
153  *     arg3 - Buffer size of memory pointed by arg2.
154  *     arg4 - ECC Curve, when opcode is RMM_EL3_TOKEN_SIGN_GET_RAK_PUB_OP
155  * The return arguments are:
156  *     ret0 - Status/Error
157  *     ret1 - Size of public key if opcode is RMM_EL3_TOKEN_SIGN_GET_RAK_PUB_OP
158  */
159 #define RMM_EL3_TOKEN_SIGN			SMC64_RMMD_EL3_FID(U(5))
160 
161 /* Opcodes for RMM_EL3_TOKEN_SIGN  */
162 #define RMM_EL3_TOKEN_SIGN_PUSH_REQ_OP          U(1)
163 #define RMM_EL3_TOKEN_SIGN_PULL_RESP_OP         U(2)
164 #define RMM_EL3_TOKEN_SIGN_GET_RAK_PUB_OP       U(3)
165 
166 /* Starting RMM-EL3 interface version 0.5 */
167 
168 /*
169  * Function code to support update of MEC keys.
170  * The arguments of this SMC are:
171  * 	arg0 - Function ID.
172  * 	arg1 - [63:48]: Res0, [47:32]: MECID, [31:1]: Res0, [0]: MEC refresh
173  * 	       reason
174  * The return arguments are:
175  * 	ret0 - Status/Error
176  */
177 #define RMM_MEC_REFRESH				SMC64_RMMD_EL3_FID(U(6))
178 
179 /* ECC Curve types for attest key generation */
180 #define ATTEST_KEY_CURVE_ECC_SECP384R1		U(0)
181 
182 /* Identifier for the hash algorithm used for attestation signing */
183 #define EL3_TOKEN_SIGN_HASH_ALG_SHA384		U(1)
184 
185 /* Starting RMM-EL3 interface version 0.6 */
186 /*
187  * Function codes to support RMM IDE Key management Interface.
188  * The arguments to this SMC are:
189  *     arg0 - Function ID.
190  *     arg1 - Enhanced Configuration Access Mechanism address
191  *     arg2 - Root Port ID
192  *     arg3 - IDE selective stream info
193  *     arg4 - Quad word of key[63:0]
194  *     arg5 - Quad word of key[127:64]
195  *     arg6 - Quad word of key[191:128]
196  *     arg7 - Quad word of key[255:192]
197  *     arg8 - Quad word of IV [63:0]
198  *     arg9 - Quad word of IV [95:64]
199  *     arg10 - request_id
200  *     arg11 - cookie
201  * The return arguments are:
202  *     ret0 - Status/Error
203  */
204 #define RMM_IDE_KEY_PROG			SMC64_RMMD_EL3_FID(U(7))
205 
206 /*******************************************************************************
207  * Structure to hold el3_ide_key info
208  ******************************************************************************/
209 #ifndef __ASSEMBLER__
210 typedef struct rp_ide_key_info {
211 	uint64_t keyqw0;
212 	uint64_t keyqw1;
213 	uint64_t keyqw2;
214 	uint64_t keyqw3;
215 	uint64_t ifvqw0;
216 	uint64_t ifvqw1;
217 } rp_ide_key_info_t;
218 #endif /* __ASSEMBLER__ */
219 
220 /*
221  * Function codes to support RMM IDE Key management Interface.
222  * The arguments to this SMC are:
223  *     arg0 - Function ID.
224  *     arg1 - Enhanced Configuration Access Mechanism address
225  *     arg2 - Root Port ID
226  *     arg3 - IDE selective stream info
227  *     arg4 - request_id
228  *     arg5 - cookie
229  * The return arguments are:
230  *     ret0 - Status/Error
231  */
232 #define RMM_IDE_KEY_SET_GO			SMC64_RMMD_EL3_FID(U(8))
233 
234 /*
235  * Function codes to support RMM IDE Key management Interface.
236  * The arguments to this SMC are:
237  *     arg0 - Function ID.
238  *     arg1 - Enhanced Configuration Access Mechanism address
239  *     arg2 - Root Port ID
240  *     arg3 - IDE selective stream info
241  *     arg4 - request_id
242  *     arg5 - cookie
243  * The return arguments are:
244  *     ret0 - Status/Error
245  */
246 #define RMM_IDE_KEY_SET_STOP			SMC64_RMMD_EL3_FID(U(9))
247 
248 /*
249  * Function codes to support RMM IDE Key management Interface.
250  * The arguments to this SMC are:
251  *     arg0 - Function ID.
252  *     arg1 - Enhanced Configuration Access Mechanism address
253  *     arg2 - Root Port ID
254  * The return arguments are:
255  *     ret0 - Status/Error
256  *     ret1 - Retrieved response corresponding to the previous request.
257  *     ret2 - request_id
258  *     ret3 - cookie
259  */
260 #define RMM_IDE_KM_PULL_RESPONSE		SMC64_RMMD_EL3_FID(U(10))
261 
262 /* Starting RMM-EL3 interface version 0.7 */
263 /*
264  * Reserve memory for the RMM.
265  * The arguments to this SMC are:
266  *     arg0 - Function ID.
267  *     arg1 - Size of memory to be reserved (in bytes).
268  *     arg2 - Flags and alignment requirements.
269  * The return arguments are:
270  *     ret0 - Status/error.
271  *     ret1 - Physical address of the reserved memory area.
272  */
273 #define RMM_RESERVE_MEMORY			SMC64_RMMD_EL3_FID(U(11))
274 
275 /*
276  * RMM_BOOT_COMPLETE originates on RMM when the boot finishes (either cold
277  * or warm boot). This is handled by the RMM-EL3 interface SMC handler.
278  *
279  * RMM_BOOT_COMPLETE FID is located at the end of the available range.
280  */
281 					 /* 0x1CF */
282 #define RMM_BOOT_COMPLETE		SMC64_RMMD_EL3_FID(U(0x1F))
283 
284 /*
285  * The major version number of the RMM Boot Interface implementation.
286  * Increase this whenever the semantics of the boot arguments change making it
287  * backwards incompatible.
288  */
289 #define RMM_EL3_IFC_VERSION_MAJOR	(U(0))
290 
291 /*
292  * The minor version number of the RMM Boot Interface implementation.
293  * Increase this when a bug is fixed, or a feature is added without
294  * breaking compatibility.
295  */
296 #define RMM_EL3_IFC_VERSION_MINOR	(U(8))
297 
298 #define RMM_EL3_INTERFACE_VERSION				\
299 	(((RMM_EL3_IFC_VERSION_MAJOR << 16) & 0x7FFFF) |	\
300 		RMM_EL3_IFC_VERSION_MINOR)
301 
302 #define RMM_EL3_IFC_VERSION_GET_MAJOR(_version) (((_version) >> 16) \
303 								& 0x7FFF)
304 #define RMM_EL3_IFC_VERSION_GET_MAJOR_MINOR(_version) ((_version) & 0xFFFF)
305 
306 #ifndef __ASSEMBLER__
307 #include <stdint.h>
308 
309 int rmmd_setup(void);
310 uint64_t rmmd_rmi_handler(uint32_t smc_fid,
311 		uint64_t x1,
312 		uint64_t x2,
313 		uint64_t x3,
314 		uint64_t x4,
315 		void *cookie,
316 		void *handle,
317 		uint64_t flags);
318 
319 uint64_t rmmd_rmm_el3_handler(uint32_t smc_fid,
320 		uint64_t x1,
321 		uint64_t x2,
322 		uint64_t x3,
323 		uint64_t x4,
324 		void *cookie,
325 		void *handle,
326 		uint64_t flags);
327 
328 #endif /* __ASSEMBLER__ */
329 #endif /* RMMD_SVC_H */
330