1 /* 2 * Copyright (c) 2018, ARM Limited and Contributors. All rights reserved. 3 * 4 * SPDX-License-Identifier: BSD-3-Clause 5 */ 6 7 #include <arm_dyn_cfg_helpers.h> 8 #include <assert.h> 9 #include <debug.h> 10 #include <desc_image_load.h> 11 #if TRUSTED_BOARD_BOOT 12 #include <mbedtls_config.h> 13 #endif 14 #include <plat_arm.h> 15 #include <platform.h> 16 #include <platform_def.h> 17 #include <string.h> 18 #include <tbbr_img_def.h> 19 20 21 /* Variable to store the address to TB_FW_CONFIG passed from BL1 */ 22 static void *tb_fw_cfg_dtb; 23 static size_t tb_fw_cfg_dtb_size; 24 25 26 #if TRUSTED_BOARD_BOOT 27 28 static void *mbedtls_heap_addr; 29 static size_t mbedtls_heap_size; 30 31 /* 32 * This function is the implementation of the shared Mbed TLS heap between 33 * BL1 and BL2 for Arm platforms. The shared heap address is passed from BL1 34 * to BL2 with a pointer. This pointer resides inside the TB_FW_CONFIG file 35 * which is a DTB. 36 * 37 * This function is placed inside an #if directive for the below reasons: 38 * - To allocate space for the Mbed TLS heap --only if-- Trusted Board Boot 39 * is enabled. 40 * - This implementation requires the DTB to be present so that BL1 has a 41 * mechanism to pass the pointer to BL2. 42 */ 43 int arm_get_mbedtls_heap(void **heap_addr, size_t *heap_size) 44 { 45 assert(heap_addr != NULL); 46 assert(heap_size != NULL); 47 48 #if defined(IMAGE_BL1) || BL2_AT_EL3 49 50 /* If in BL1 or BL2_AT_EL3 define a heap */ 51 static unsigned char heap[TF_MBEDTLS_HEAP_SIZE]; 52 53 *heap_addr = heap; 54 *heap_size = sizeof(heap); 55 mbedtls_heap_addr = heap; 56 mbedtls_heap_size = sizeof(heap); 57 58 #elif defined(IMAGE_BL2) 59 60 int err; 61 62 /* If in BL2, retrieve the already allocated heap's info from DTB */ 63 if (tb_fw_cfg_dtb != NULL) { 64 err = arm_get_dtb_mbedtls_heap_info(tb_fw_cfg_dtb, heap_addr, 65 heap_size); 66 if (err < 0) { 67 ERROR("BL2: unable to retrieve shared Mbed TLS heap information from DTB\n"); 68 panic(); 69 } 70 } else { 71 ERROR("BL2: DTB missing, cannot get Mbed TLS heap\n"); 72 panic(); 73 } 74 #endif 75 76 return 0; 77 } 78 79 /* 80 * Puts the shared Mbed TLS heap information to the DTB. 81 * Executed only from BL1. 82 */ 83 void arm_bl1_set_mbedtls_heap(void) 84 { 85 int err; 86 87 /* 88 * If tb_fw_cfg_dtb==NULL then DTB is not present for the current 89 * platform. As such, we don't attempt to write to the DTB at all. 90 * 91 * If mbedtls_heap_addr==NULL, then it means we are using the default 92 * heap implementation. As such, BL2 will have its own heap for sure 93 * and hence there is no need to pass any information to the DTB. 94 * 95 * In the latter case, if we still wanted to write in the DTB the heap 96 * information, we would need to call plat_get_mbedtls_heap to retrieve 97 * the default heap's address and size. 98 */ 99 if ((tb_fw_cfg_dtb != NULL) && (mbedtls_heap_addr != NULL)) { 100 err = arm_set_dtb_mbedtls_heap_info(tb_fw_cfg_dtb, 101 mbedtls_heap_addr, mbedtls_heap_size); 102 if (err < 0) { 103 ERROR("BL1: unable to write shared Mbed TLS heap information to DTB\n"); 104 panic(); 105 } 106 /* 107 * Ensure that the info written to the DTB is visible to other 108 * images. It's critical because BL2 won't be able to proceed 109 * without the heap info. 110 */ 111 flush_dcache_range((uintptr_t)tb_fw_cfg_dtb, 112 tb_fw_cfg_dtb_size); 113 } 114 } 115 116 #endif /* TRUSTED_BOARD_BOOT */ 117 118 /* 119 * Helper function to load TB_FW_CONFIG and populate the load information to 120 * arg0 of BL2 entrypoint info. 121 */ 122 void arm_load_tb_fw_config(void) 123 { 124 int err; 125 uintptr_t config_base = 0; 126 image_desc_t *image_desc; 127 128 image_desc_t arm_tb_fw_info = { 129 .image_id = TB_FW_CONFIG_ID, 130 SET_STATIC_PARAM_HEAD(image_info, PARAM_IMAGE_BINARY, 131 VERSION_2, image_info_t, 0), 132 .image_info.image_base = ARM_TB_FW_CONFIG_BASE, 133 .image_info.image_max_size = 134 ARM_TB_FW_CONFIG_LIMIT - ARM_TB_FW_CONFIG_BASE 135 }; 136 137 VERBOSE("BL1: Loading TB_FW_CONFIG\n"); 138 err = load_auth_image(TB_FW_CONFIG_ID, &arm_tb_fw_info.image_info); 139 if (err != 0) { 140 /* Return if TB_FW_CONFIG is not loaded */ 141 VERBOSE("Failed to load TB_FW_CONFIG\n"); 142 return; 143 } 144 145 /* At this point we know that a DTB is indeed available */ 146 config_base = arm_tb_fw_info.image_info.image_base; 147 tb_fw_cfg_dtb = (void *)config_base; 148 tb_fw_cfg_dtb_size = (size_t)arm_tb_fw_info.image_info.image_max_size; 149 150 /* The BL2 ep_info arg0 is modified to point to TB_FW_CONFIG */ 151 image_desc = bl1_plat_get_image_desc(BL2_IMAGE_ID); 152 assert(image_desc != NULL); 153 image_desc->ep_info.args.arg0 = config_base; 154 155 INFO("BL1: TB_FW_CONFIG loaded at address = %p\n", 156 (void *) config_base); 157 158 #if TRUSTED_BOARD_BOOT && defined(DYN_DISABLE_AUTH) 159 int tb_fw_node; 160 uint32_t disable_auth = 0; 161 162 err = arm_dyn_tb_fw_cfg_init((void *)config_base, &tb_fw_node); 163 if (err < 0) { 164 ERROR("Invalid TB_FW_CONFIG loaded\n"); 165 panic(); 166 } 167 168 err = arm_dyn_get_disable_auth((void *)config_base, tb_fw_node, &disable_auth); 169 if (err < 0) 170 return; 171 172 if (disable_auth == 1) 173 dyn_disable_auth(); 174 #endif 175 } 176 177 /* 178 * BL2 utility function to set the address of TB_FW_CONFIG passed from BL1. 179 */ 180 void arm_bl2_set_tb_cfg_addr(void *dtb) 181 { 182 assert(dtb != NULL); 183 tb_fw_cfg_dtb = dtb; 184 } 185 186 /* 187 * BL2 utility function to initialize dynamic configuration specified by 188 * TB_FW_CONFIG. Populate the bl_mem_params_node_t of other FW_CONFIGs if 189 * specified in TB_FW_CONFIG. 190 */ 191 void arm_bl2_dyn_cfg_init(void) 192 { 193 int err = 0, tb_fw_node; 194 unsigned int i; 195 bl_mem_params_node_t *cfg_mem_params = NULL; 196 uint64_t image_base; 197 uint32_t image_size; 198 const unsigned int config_ids[] = { 199 HW_CONFIG_ID, 200 SOC_FW_CONFIG_ID, 201 NT_FW_CONFIG_ID, 202 #ifdef SPD_tspd 203 /* Currently tos_fw_config is only present for TSP */ 204 TOS_FW_CONFIG_ID 205 #endif 206 }; 207 208 if (tb_fw_cfg_dtb == NULL) { 209 VERBOSE("No TB_FW_CONFIG specified\n"); 210 return; 211 } 212 213 err = arm_dyn_tb_fw_cfg_init(tb_fw_cfg_dtb, &tb_fw_node); 214 if (err < 0) { 215 ERROR("Invalid TB_FW_CONFIG passed from BL1\n"); 216 panic(); 217 } 218 219 /* Iterate through all the fw config IDs */ 220 for (i = 0; i < ARRAY_SIZE(config_ids); i++) { 221 /* Get the config load address and size from TB_FW_CONFIG */ 222 cfg_mem_params = get_bl_mem_params_node(config_ids[i]); 223 if (cfg_mem_params == NULL) { 224 VERBOSE("Couldn't find HW_CONFIG in bl_mem_params_node\n"); 225 continue; 226 } 227 228 err = arm_dyn_get_config_load_info(tb_fw_cfg_dtb, tb_fw_node, 229 config_ids[i], &image_base, &image_size); 230 if (err < 0) { 231 VERBOSE("Couldn't find config_id %d load info in TB_FW_CONFIG\n", 232 config_ids[i]); 233 continue; 234 } 235 236 /* 237 * Do some runtime checks on the load addresses of soc_fw_config, 238 * tos_fw_config, nt_fw_config. This is not a comprehensive check 239 * of all invalid addresses but to prevent trivial porting errors. 240 */ 241 if (config_ids[i] != HW_CONFIG_ID) { 242 243 if (check_uptr_overflow(image_base, image_size) != 0) 244 continue; 245 246 /* Ensure the configs don't overlap with BL31 */ 247 if ((image_base > BL31_BASE) || ((image_base + image_size) > BL31_BASE)) 248 continue; 249 250 /* Ensure the configs are loaded in a valid address */ 251 if (image_base < ARM_BL_RAM_BASE) 252 continue; 253 #ifdef BL32_BASE 254 /* 255 * If BL32 is present, ensure that the configs don't 256 * overlap with it. 257 */ 258 if (image_base >= BL32_BASE && image_base <= BL32_LIMIT) 259 continue; 260 #endif 261 } 262 263 264 cfg_mem_params->image_info.image_base = (uintptr_t)image_base; 265 cfg_mem_params->image_info.image_max_size = image_size; 266 267 /* Remove the IMAGE_ATTRIB_SKIP_LOADING attribute from HW_CONFIG node */ 268 cfg_mem_params->image_info.h.attr &= ~IMAGE_ATTRIB_SKIP_LOADING; 269 } 270 271 #if TRUSTED_BOARD_BOOT && defined(DYN_DISABLE_AUTH) 272 uint32_t disable_auth = 0; 273 274 err = arm_dyn_get_disable_auth(tb_fw_cfg_dtb, tb_fw_node, 275 &disable_auth); 276 if (err < 0) 277 return; 278 279 if (disable_auth == 1) 280 dyn_disable_auth(); 281 #endif 282 } 283