xref: /rk3399_ARM-atf/plat/arm/board/tc/tc_bl2_dpe.c (revision 6a415bd1e71ac944c0ac67507b01f251e63361c3) 
1 /*
2  * Copyright (c) 2024, Arm Limited. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  */
6 
7 #include <stdint.h>
8 
9 #include <common/debug.h>
10 #include <drivers/arm/rss_comms.h>
11 #include <drivers/measured_boot/metadata.h>
12 #include <drivers/measured_boot/rss/dice_prot_env.h>
13 #include <plat/arm/common/plat_arm.h>
14 #include <plat/common/platform.h>
15 #include <platform_def.h>
16 #include <tools_share/tbbr_oid.h>
17 
18 /*
19  * The content and the values of this array depends on:
20  * - build config: Which components are loaded: SPMD, TOS, SPx, etc ?
21  * - boot order: the last element in a layer should be treated differently.
22  */
23 
24 /*
25  * TODO:
26  *     - The content of the array must be tailored according to the build
27  *       config (TOS, SPMD, etc). All loaded components (executables and
28  *       config blobs) must be present in this array.
29  *     - Current content is according to the Trusty build config.
30  */
31 struct dpe_metadata tc_dpe_metadata[] = {
32 	{
33 		.id = BL31_IMAGE_ID,
34 		.signer_id_size = SIGNER_ID_MIN_SIZE,
35 		.sw_type = MBOOT_BL31_IMAGE_STRING,
36 		.allow_new_context_to_derive = false,
37 		.retain_parent_context = true,
38 		.create_certificate = false,
39 		.pk_oid = BL31_IMAGE_KEY_OID },
40 	{
41 		.id = BL32_IMAGE_ID,
42 		.signer_id_size = SIGNER_ID_MIN_SIZE,
43 		.sw_type = MBOOT_BL32_IMAGE_STRING,
44 		.allow_new_context_to_derive = false,
45 		.retain_parent_context = true,
46 		.create_certificate = false,
47 		.pk_oid = BL32_IMAGE_KEY_OID },
48 	{
49 		.id = BL33_IMAGE_ID,
50 		.signer_id_size = SIGNER_ID_MIN_SIZE,
51 		.sw_type = MBOOT_BL33_IMAGE_STRING,
52 		.allow_new_context_to_derive = true,
53 		.retain_parent_context = true,
54 		.create_certificate = false,
55 		.pk_oid = BL33_IMAGE_KEY_OID },
56 
57 	{
58 		.id = HW_CONFIG_ID,
59 		.signer_id_size = SIGNER_ID_MIN_SIZE,
60 		.sw_type = MBOOT_HW_CONFIG_STRING,
61 		.allow_new_context_to_derive = false,
62 		.retain_parent_context = true,
63 		.create_certificate = false,
64 		.pk_oid = HW_CONFIG_KEY_OID },
65 	{
66 		.id = NT_FW_CONFIG_ID,
67 		.signer_id_size = SIGNER_ID_MIN_SIZE,
68 		.sw_type = MBOOT_NT_FW_CONFIG_STRING,
69 		.allow_new_context_to_derive = false,
70 		.retain_parent_context = true,
71 		.create_certificate = false,
72 		.pk_oid = NT_FW_CONFIG_KEY_OID },
73 	{
74 		.id = SCP_BL2_IMAGE_ID,
75 		.signer_id_size = SIGNER_ID_MIN_SIZE,
76 		.sw_type = MBOOT_SCP_BL2_IMAGE_STRING,
77 		.allow_new_context_to_derive = false,
78 		.retain_parent_context = true,
79 		.create_certificate = false,
80 		.pk_oid = SCP_BL2_IMAGE_KEY_OID },
81 	{
82 		.id = SOC_FW_CONFIG_ID,
83 		.signer_id_size = SIGNER_ID_MIN_SIZE,
84 		.sw_type = MBOOT_SOC_FW_CONFIG_STRING,
85 		.allow_new_context_to_derive = false,
86 		.retain_parent_context = true,
87 		.create_certificate = false,
88 		.pk_oid = SOC_FW_CONFIG_KEY_OID },
89 	{
90 		.id = TOS_FW_CONFIG_ID,
91 		.signer_id_size = SIGNER_ID_MIN_SIZE,
92 		.sw_type = MBOOT_TOS_FW_CONFIG_STRING,
93 		.allow_new_context_to_derive = false,
94 		.retain_parent_context = true,
95 		.create_certificate = false,
96 		.pk_oid = TOS_FW_CONFIG_KEY_OID },
97 #if defined(SPD_spmd)
98 	{
99 		.id = SP_PKG1_ID,
100 		.signer_id_size = SIGNER_ID_MIN_SIZE,
101 		.sw_type = MBOOT_SP1_STRING,
102 		.allow_new_context_to_derive = false,
103 		.retain_parent_context = true,
104 		.create_certificate = true, /* With Trusty only one SP is loaded */
105 		.pk_oid = NULL },
106 	{
107 		.id = SP_PKG2_ID,
108 		.signer_id_size = SIGNER_ID_MIN_SIZE,
109 		.sw_type = MBOOT_SP2_STRING,
110 		.allow_new_context_to_derive = false,
111 		.retain_parent_context = true,
112 		.create_certificate = false,
113 		.pk_oid = NULL },
114 	{
115 		.id = SP_PKG3_ID,
116 		.signer_id_size = SIGNER_ID_MIN_SIZE,
117 		.sw_type = MBOOT_SP3_STRING,
118 		.allow_new_context_to_derive = false,
119 		.retain_parent_context = true,
120 		.create_certificate = false,
121 		.pk_oid = NULL },
122 	{
123 		.id = SP_PKG4_ID,
124 		.signer_id_size = SIGNER_ID_MIN_SIZE,
125 		.sw_type = MBOOT_SP4_STRING,
126 		.allow_new_context_to_derive = false,
127 		.retain_parent_context = true,
128 		.create_certificate = false,
129 		.pk_oid = NULL },
130 	{
131 		.id = SP_PKG5_ID,
132 		.signer_id_size = SIGNER_ID_MIN_SIZE,
133 		.sw_type = MBOOT_SP5_STRING,
134 		.allow_new_context_to_derive = false,
135 		.retain_parent_context = true,
136 		.create_certificate = false,
137 		.pk_oid = NULL },
138 	{
139 		.id = SP_PKG6_ID,
140 		.signer_id_size = SIGNER_ID_MIN_SIZE,
141 		.sw_type = MBOOT_SP6_STRING,
142 		.allow_new_context_to_derive = false,
143 		.retain_parent_context = true,
144 		.create_certificate = false,
145 		.pk_oid = NULL },
146 	{
147 		.id = SP_PKG7_ID,
148 		.signer_id_size = SIGNER_ID_MIN_SIZE,
149 		.sw_type = MBOOT_SP7_STRING,
150 		.allow_new_context_to_derive = false,
151 		.retain_parent_context = true,
152 		.create_certificate = false,
153 		.pk_oid = NULL },
154 	{
155 		.id = SP_PKG8_ID,
156 		.signer_id_size = SIGNER_ID_MIN_SIZE,
157 		.sw_type = MBOOT_SP8_STRING,
158 		.allow_new_context_to_derive = false,
159 		.retain_parent_context = true,
160 		.create_certificate = false,
161 		.pk_oid = NULL },
162 
163 #endif
164 	{
165 		.id = DPE_INVALID_ID }
166 };
167 
168 /* Context handle is meant to be used by BL33. Sharing it via NT_FW_CONFIG */
169 static int new_ctx_handle;
170 
171 void plat_dpe_share_context_handle(int *ctx_handle)
172 {
173 	new_ctx_handle = *ctx_handle;
174 }
175 
176 void plat_dpe_get_context_handle(int *ctx_handle)
177 {
178 	int rc;
179 
180 	rc = arm_get_tb_fw_info(ctx_handle);
181 	if (rc != 0) {
182 		ERROR("Unable to get DPE context handle from TB_FW_CONFIG\n");
183 		/*
184 		 * It is a fatal error because on FVP platform, BL2 software
185 		 * assumes that a valid DPE context_handle is passed through
186 		 * the DTB object by BL1.
187 		 */
188 		plat_panic_handler();
189 	}
190 
191 	VERBOSE("Received DPE context handle: 0x%x\n", *ctx_handle);
192 }
193 
194 void bl2_plat_mboot_init(void)
195 {
196 	/* Initialize the communication channel between AP and RSS */
197 	(void)rss_comms_init(PLAT_RSS_AP_SND_MHU_BASE,
198 			     PLAT_RSS_AP_RCV_MHU_BASE);
199 
200 	dpe_init(tc_dpe_metadata);
201 }
202 
203 void bl2_plat_mboot_finish(void)
204 {
205 	int rc;
206 
207 	VERBOSE("Share DPE context handle with BL33: 0x%x\n", new_ctx_handle);
208 	rc = arm_set_nt_fw_info(&new_ctx_handle);
209 	if (rc != 0) {
210 		ERROR("Unable to set DPE context handle in NT_FW_CONFIG\n");
211 		/*
212 		 * It is a fatal error because on TC platform, BL33 software
213 		 * assumes that a valid DPE context_handle is passed through
214 		 * the DTB object by BL2.
215 		 */
216 		plat_panic_handler();
217 	}
218 }
219