1e7f1181fSTamas Ban /* 2e7f1181fSTamas Ban * Copyright (c) 2024, Arm Limited. All rights reserved. 3e7f1181fSTamas Ban * 4e7f1181fSTamas Ban * SPDX-License-Identifier: BSD-3-Clause 5e7f1181fSTamas Ban */ 6e7f1181fSTamas Ban 7e7f1181fSTamas Ban #include <stdint.h> 8e7f1181fSTamas Ban 903d388d8STamas Ban #include <common/debug.h> 10e7f1181fSTamas Ban #include <drivers/arm/rss_comms.h> 11e7f1181fSTamas Ban #include <drivers/measured_boot/metadata.h> 12e7f1181fSTamas Ban #include <drivers/measured_boot/rss/dice_prot_env.h> 13e7f1181fSTamas Ban #include <plat/arm/common/plat_arm.h> 14e7f1181fSTamas Ban #include <plat/common/platform.h> 15e7f1181fSTamas Ban #include <platform_def.h> 1603d388d8STamas Ban #include <tools_share/tbbr_oid.h> 17e7f1181fSTamas Ban 18e7f1181fSTamas Ban /* 19e7f1181fSTamas Ban * The content and the values of this array depends on: 20e7f1181fSTamas Ban * - build config: Which components are loaded: SPMD, TOS, SPx, etc ? 21e7f1181fSTamas Ban * - boot order: the last element in a layer should be treated differently. 22e7f1181fSTamas Ban */ 23e7f1181fSTamas Ban 24e7f1181fSTamas Ban /* 25e7f1181fSTamas Ban * TODO: 26e7f1181fSTamas Ban * - The content of the array must be tailored according to the build 27e7f1181fSTamas Ban * config (TOS, SPMD, etc). All loaded components (executables and 28e7f1181fSTamas Ban * config blobs) must be present in this array. 29e7f1181fSTamas Ban * - Current content is according to the Trusty build config. 30e7f1181fSTamas Ban */ 31e7f1181fSTamas Ban struct dpe_metadata tc_dpe_metadata[] = { 32e7f1181fSTamas Ban { 33e7f1181fSTamas Ban .id = BL31_IMAGE_ID, 34e7f1181fSTamas Ban .signer_id_size = SIGNER_ID_MIN_SIZE, 35e7f1181fSTamas Ban .sw_type = MBOOT_BL31_IMAGE_STRING, 36e7f1181fSTamas Ban .allow_new_context_to_derive = false, 37e7f1181fSTamas Ban .retain_parent_context = true, 38e7f1181fSTamas Ban .create_certificate = false, 39e7f1181fSTamas Ban .pk_oid = BL31_IMAGE_KEY_OID }, 40e7f1181fSTamas Ban { 41e7f1181fSTamas Ban .id = BL32_IMAGE_ID, 42e7f1181fSTamas Ban .signer_id_size = SIGNER_ID_MIN_SIZE, 43e7f1181fSTamas Ban .sw_type = MBOOT_BL32_IMAGE_STRING, 44e7f1181fSTamas Ban .allow_new_context_to_derive = false, 45e7f1181fSTamas Ban .retain_parent_context = true, 46e7f1181fSTamas Ban .create_certificate = false, 47e7f1181fSTamas Ban .pk_oid = BL32_IMAGE_KEY_OID }, 48e7f1181fSTamas Ban { 49e7f1181fSTamas Ban .id = BL33_IMAGE_ID, 50e7f1181fSTamas Ban .signer_id_size = SIGNER_ID_MIN_SIZE, 51e7f1181fSTamas Ban .sw_type = MBOOT_BL33_IMAGE_STRING, 52e7f1181fSTamas Ban .allow_new_context_to_derive = true, 53e7f1181fSTamas Ban .retain_parent_context = true, 54e7f1181fSTamas Ban .create_certificate = false, 55e7f1181fSTamas Ban .pk_oid = BL33_IMAGE_KEY_OID }, 56e7f1181fSTamas Ban 57e7f1181fSTamas Ban { 58e7f1181fSTamas Ban .id = HW_CONFIG_ID, 59e7f1181fSTamas Ban .signer_id_size = SIGNER_ID_MIN_SIZE, 60e7f1181fSTamas Ban .sw_type = MBOOT_HW_CONFIG_STRING, 61e7f1181fSTamas Ban .allow_new_context_to_derive = false, 62e7f1181fSTamas Ban .retain_parent_context = true, 63e7f1181fSTamas Ban .create_certificate = false, 64e7f1181fSTamas Ban .pk_oid = HW_CONFIG_KEY_OID }, 65e7f1181fSTamas Ban { 66e7f1181fSTamas Ban .id = NT_FW_CONFIG_ID, 67e7f1181fSTamas Ban .signer_id_size = SIGNER_ID_MIN_SIZE, 68e7f1181fSTamas Ban .sw_type = MBOOT_NT_FW_CONFIG_STRING, 69e7f1181fSTamas Ban .allow_new_context_to_derive = false, 70e7f1181fSTamas Ban .retain_parent_context = true, 71e7f1181fSTamas Ban .create_certificate = false, 72e7f1181fSTamas Ban .pk_oid = NT_FW_CONFIG_KEY_OID }, 73e7f1181fSTamas Ban { 74e7f1181fSTamas Ban .id = SCP_BL2_IMAGE_ID, 75e7f1181fSTamas Ban .signer_id_size = SIGNER_ID_MIN_SIZE, 76e7f1181fSTamas Ban .sw_type = MBOOT_SCP_BL2_IMAGE_STRING, 77e7f1181fSTamas Ban .allow_new_context_to_derive = false, 78e7f1181fSTamas Ban .retain_parent_context = true, 79e7f1181fSTamas Ban .create_certificate = false, 80e7f1181fSTamas Ban .pk_oid = SCP_BL2_IMAGE_KEY_OID }, 81e7f1181fSTamas Ban { 82e7f1181fSTamas Ban .id = SOC_FW_CONFIG_ID, 83e7f1181fSTamas Ban .signer_id_size = SIGNER_ID_MIN_SIZE, 84e7f1181fSTamas Ban .sw_type = MBOOT_SOC_FW_CONFIG_STRING, 85e7f1181fSTamas Ban .allow_new_context_to_derive = false, 86e7f1181fSTamas Ban .retain_parent_context = true, 87e7f1181fSTamas Ban .create_certificate = false, 88e7f1181fSTamas Ban .pk_oid = SOC_FW_CONFIG_KEY_OID }, 89e7f1181fSTamas Ban { 90e7f1181fSTamas Ban .id = TOS_FW_CONFIG_ID, 91e7f1181fSTamas Ban .signer_id_size = SIGNER_ID_MIN_SIZE, 92e7f1181fSTamas Ban .sw_type = MBOOT_TOS_FW_CONFIG_STRING, 93e7f1181fSTamas Ban .allow_new_context_to_derive = false, 94e7f1181fSTamas Ban .retain_parent_context = true, 95e7f1181fSTamas Ban .create_certificate = false, 96e7f1181fSTamas Ban .pk_oid = TOS_FW_CONFIG_KEY_OID }, 97e7f1181fSTamas Ban #if defined(SPD_spmd) 98e7f1181fSTamas Ban { 99e7f1181fSTamas Ban .id = SP_PKG1_ID, 100e7f1181fSTamas Ban .signer_id_size = SIGNER_ID_MIN_SIZE, 101e7f1181fSTamas Ban .sw_type = MBOOT_SP1_STRING, 102e7f1181fSTamas Ban .allow_new_context_to_derive = false, 103e7f1181fSTamas Ban .retain_parent_context = true, 104e7f1181fSTamas Ban .create_certificate = true, /* With Trusty only one SP is loaded */ 105e7f1181fSTamas Ban .pk_oid = NULL }, 106e7f1181fSTamas Ban { 107e7f1181fSTamas Ban .id = SP_PKG2_ID, 108e7f1181fSTamas Ban .signer_id_size = SIGNER_ID_MIN_SIZE, 109e7f1181fSTamas Ban .sw_type = MBOOT_SP2_STRING, 110e7f1181fSTamas Ban .allow_new_context_to_derive = false, 111e7f1181fSTamas Ban .retain_parent_context = true, 112e7f1181fSTamas Ban .create_certificate = false, 113e7f1181fSTamas Ban .pk_oid = NULL }, 114e7f1181fSTamas Ban { 115e7f1181fSTamas Ban .id = SP_PKG3_ID, 116e7f1181fSTamas Ban .signer_id_size = SIGNER_ID_MIN_SIZE, 117e7f1181fSTamas Ban .sw_type = MBOOT_SP3_STRING, 118e7f1181fSTamas Ban .allow_new_context_to_derive = false, 119e7f1181fSTamas Ban .retain_parent_context = true, 120e7f1181fSTamas Ban .create_certificate = false, 121e7f1181fSTamas Ban .pk_oid = NULL }, 122e7f1181fSTamas Ban { 123e7f1181fSTamas Ban .id = SP_PKG4_ID, 124e7f1181fSTamas Ban .signer_id_size = SIGNER_ID_MIN_SIZE, 125e7f1181fSTamas Ban .sw_type = MBOOT_SP4_STRING, 126e7f1181fSTamas Ban .allow_new_context_to_derive = false, 127e7f1181fSTamas Ban .retain_parent_context = true, 128e7f1181fSTamas Ban .create_certificate = false, 129e7f1181fSTamas Ban .pk_oid = NULL }, 130e7f1181fSTamas Ban { 131e7f1181fSTamas Ban .id = SP_PKG5_ID, 132e7f1181fSTamas Ban .signer_id_size = SIGNER_ID_MIN_SIZE, 133e7f1181fSTamas Ban .sw_type = MBOOT_SP5_STRING, 134e7f1181fSTamas Ban .allow_new_context_to_derive = false, 135e7f1181fSTamas Ban .retain_parent_context = true, 136e7f1181fSTamas Ban .create_certificate = false, 137e7f1181fSTamas Ban .pk_oid = NULL }, 138e7f1181fSTamas Ban { 139e7f1181fSTamas Ban .id = SP_PKG6_ID, 140e7f1181fSTamas Ban .signer_id_size = SIGNER_ID_MIN_SIZE, 141e7f1181fSTamas Ban .sw_type = MBOOT_SP6_STRING, 142e7f1181fSTamas Ban .allow_new_context_to_derive = false, 143e7f1181fSTamas Ban .retain_parent_context = true, 144e7f1181fSTamas Ban .create_certificate = false, 145e7f1181fSTamas Ban .pk_oid = NULL }, 146e7f1181fSTamas Ban { 147e7f1181fSTamas Ban .id = SP_PKG7_ID, 148e7f1181fSTamas Ban .signer_id_size = SIGNER_ID_MIN_SIZE, 149e7f1181fSTamas Ban .sw_type = MBOOT_SP7_STRING, 150e7f1181fSTamas Ban .allow_new_context_to_derive = false, 151e7f1181fSTamas Ban .retain_parent_context = true, 152e7f1181fSTamas Ban .create_certificate = false, 153e7f1181fSTamas Ban .pk_oid = NULL }, 154e7f1181fSTamas Ban { 155e7f1181fSTamas Ban .id = SP_PKG8_ID, 156e7f1181fSTamas Ban .signer_id_size = SIGNER_ID_MIN_SIZE, 157e7f1181fSTamas Ban .sw_type = MBOOT_SP8_STRING, 158e7f1181fSTamas Ban .allow_new_context_to_derive = false, 159e7f1181fSTamas Ban .retain_parent_context = true, 160e7f1181fSTamas Ban .create_certificate = false, 161e7f1181fSTamas Ban .pk_oid = NULL }, 162e7f1181fSTamas Ban 163e7f1181fSTamas Ban #endif 164e7f1181fSTamas Ban { 165e7f1181fSTamas Ban .id = DPE_INVALID_ID } 166e7f1181fSTamas Ban }; 167e7f1181fSTamas Ban 16803d388d8STamas Ban /* Context handle is meant to be used by BL33. Sharing it via NT_FW_CONFIG */ 16903d388d8STamas Ban static int new_ctx_handle; 17003d388d8STamas Ban 17103d388d8STamas Ban void plat_dpe_share_context_handle(int *ctx_handle) 17203d388d8STamas Ban { 17303d388d8STamas Ban new_ctx_handle = *ctx_handle; 17403d388d8STamas Ban } 17503d388d8STamas Ban 176*467bdf26STamas Ban void plat_dpe_get_context_handle(int *ctx_handle) 177*467bdf26STamas Ban { 178*467bdf26STamas Ban int rc; 179*467bdf26STamas Ban 180*467bdf26STamas Ban rc = arm_get_tb_fw_info(ctx_handle); 181*467bdf26STamas Ban if (rc != 0) { 182*467bdf26STamas Ban ERROR("Unable to get DPE context handle from TB_FW_CONFIG\n"); 183*467bdf26STamas Ban /* 184*467bdf26STamas Ban * It is a fatal error because on FVP platform, BL2 software 185*467bdf26STamas Ban * assumes that a valid DPE context_handle is passed through 186*467bdf26STamas Ban * the DTB object by BL1. 187*467bdf26STamas Ban */ 188*467bdf26STamas Ban plat_panic_handler(); 189*467bdf26STamas Ban } 190*467bdf26STamas Ban 191*467bdf26STamas Ban VERBOSE("Received DPE context handle: 0x%x\n", *ctx_handle); 192*467bdf26STamas Ban } 193*467bdf26STamas Ban 194e7f1181fSTamas Ban void bl2_plat_mboot_init(void) 195e7f1181fSTamas Ban { 196e7f1181fSTamas Ban /* Initialize the communication channel between AP and RSS */ 197e7f1181fSTamas Ban (void)rss_comms_init(PLAT_RSS_AP_SND_MHU_BASE, 198e7f1181fSTamas Ban PLAT_RSS_AP_RCV_MHU_BASE); 199e7f1181fSTamas Ban 200e7f1181fSTamas Ban dpe_init(tc_dpe_metadata); 201e7f1181fSTamas Ban } 202e7f1181fSTamas Ban 203e7f1181fSTamas Ban void bl2_plat_mboot_finish(void) 204e7f1181fSTamas Ban { 20503d388d8STamas Ban int rc; 20603d388d8STamas Ban 20703d388d8STamas Ban VERBOSE("Share DPE context handle with BL33: 0x%x\n", new_ctx_handle); 20803d388d8STamas Ban rc = arm_set_nt_fw_info(&new_ctx_handle); 20903d388d8STamas Ban if (rc != 0) { 21003d388d8STamas Ban ERROR("Unable to set DPE context handle in NT_FW_CONFIG\n"); 21103d388d8STamas Ban /* 21203d388d8STamas Ban * It is a fatal error because on TC platform, BL33 software 21303d388d8STamas Ban * assumes that a valid DPE context_handle is passed through 21403d388d8STamas Ban * the DTB object by BL2. 21503d388d8STamas Ban */ 21603d388d8STamas Ban plat_panic_handler(); 21703d388d8STamas Ban } 218e7f1181fSTamas Ban } 219