1 /* 2 * Copyright (c) 2019-2022, ARM Limited. All rights reserved. 3 * 4 * SPDX-License-Identifier: BSD-3-Clause 5 */ 6 7 #include <assert.h> 8 9 #include <common/debug.h> 10 #include <common/fdt_wrappers.h> 11 #include <drivers/io/io_storage.h> 12 #include <drivers/partition/partition.h> 13 #include <lib/object_pool.h> 14 #include <libfdt.h> 15 #include <tools_share/firmware_image_package.h> 16 17 #include <plat/arm/common/arm_fconf_getter.h> 18 #include <plat/arm/common/arm_fconf_io_storage.h> 19 #include <platform_def.h> 20 21 #if PSA_FWU_SUPPORT 22 /* metadata entry details */ 23 static io_block_spec_t fwu_metadata_spec; 24 #endif /* PSA_FWU_SUPPORT */ 25 26 io_block_spec_t fip_block_spec = { 27 /* 28 * This is fixed FIP address used by BL1, BL2 loads partition table 29 * to get FIP address. 30 */ 31 #if ARM_GPT_SUPPORT 32 .offset = PLAT_ARM_FLASH_IMAGE_BASE + PLAT_ARM_FIP_OFFSET_IN_GPT, 33 #else 34 .offset = PLAT_ARM_FLASH_IMAGE_BASE, 35 #endif /* ARM_GPT_SUPPORT */ 36 .length = PLAT_ARM_FLASH_IMAGE_MAX_SIZE 37 }; 38 39 #if ARM_GPT_SUPPORT 40 static const io_block_spec_t gpt_spec = { 41 .offset = PLAT_ARM_FLASH_IMAGE_BASE, 42 /* 43 * PLAT_PARTITION_BLOCK_SIZE = 512 44 * PLAT_PARTITION_MAX_ENTRIES = 128 45 * each sector has 4 partition entries, and there are 46 * 2 reserved sectors i.e. protective MBR and primary 47 * GPT header hence length gets calculated as, 48 * length = 512 * (128/4 + 2) 49 */ 50 .length = PLAT_PARTITION_BLOCK_SIZE * 51 (PLAT_PARTITION_MAX_ENTRIES / 4 + 2), 52 }; 53 #endif /* ARM_GPT_SUPPORT */ 54 55 const io_uuid_spec_t arm_uuid_spec[MAX_NUMBER_IDS] = { 56 [BL2_IMAGE_ID] = {UUID_TRUSTED_BOOT_FIRMWARE_BL2}, 57 [TB_FW_CONFIG_ID] = {UUID_TB_FW_CONFIG}, 58 [FW_CONFIG_ID] = {UUID_FW_CONFIG}, 59 #if !ARM_IO_IN_DTB 60 [SCP_BL2_IMAGE_ID] = {UUID_SCP_FIRMWARE_SCP_BL2}, 61 [BL31_IMAGE_ID] = {UUID_EL3_RUNTIME_FIRMWARE_BL31}, 62 [BL32_IMAGE_ID] = {UUID_SECURE_PAYLOAD_BL32}, 63 [BL32_EXTRA1_IMAGE_ID] = {UUID_SECURE_PAYLOAD_BL32_EXTRA1}, 64 [BL32_EXTRA2_IMAGE_ID] = {UUID_SECURE_PAYLOAD_BL32_EXTRA2}, 65 [BL33_IMAGE_ID] = {UUID_NON_TRUSTED_FIRMWARE_BL33}, 66 [HW_CONFIG_ID] = {UUID_HW_CONFIG}, 67 [SOC_FW_CONFIG_ID] = {UUID_SOC_FW_CONFIG}, 68 [TOS_FW_CONFIG_ID] = {UUID_TOS_FW_CONFIG}, 69 [NT_FW_CONFIG_ID] = {UUID_NT_FW_CONFIG}, 70 [RMM_IMAGE_ID] = {UUID_REALM_MONITOR_MGMT_FIRMWARE}, 71 #endif /* ARM_IO_IN_DTB */ 72 #if TRUSTED_BOARD_BOOT 73 [TRUSTED_BOOT_FW_CERT_ID] = {UUID_TRUSTED_BOOT_FW_CERT}, 74 #if !ARM_IO_IN_DTB 75 [CCA_CONTENT_CERT_ID] = {UUID_CCA_CONTENT_CERT}, 76 [CORE_SWD_KEY_CERT_ID] = {UUID_CORE_SWD_KEY_CERT}, 77 [PLAT_KEY_CERT_ID] = {UUID_PLAT_KEY_CERT}, 78 [TRUSTED_KEY_CERT_ID] = {UUID_TRUSTED_KEY_CERT}, 79 [SCP_FW_KEY_CERT_ID] = {UUID_SCP_FW_KEY_CERT}, 80 [SOC_FW_KEY_CERT_ID] = {UUID_SOC_FW_KEY_CERT}, 81 [TRUSTED_OS_FW_KEY_CERT_ID] = {UUID_TRUSTED_OS_FW_KEY_CERT}, 82 [NON_TRUSTED_FW_KEY_CERT_ID] = {UUID_NON_TRUSTED_FW_KEY_CERT}, 83 [SCP_FW_CONTENT_CERT_ID] = {UUID_SCP_FW_CONTENT_CERT}, 84 [SOC_FW_CONTENT_CERT_ID] = {UUID_SOC_FW_CONTENT_CERT}, 85 [TRUSTED_OS_FW_CONTENT_CERT_ID] = {UUID_TRUSTED_OS_FW_CONTENT_CERT}, 86 [NON_TRUSTED_FW_CONTENT_CERT_ID] = {UUID_NON_TRUSTED_FW_CONTENT_CERT}, 87 #if defined(SPD_spmd) 88 [SIP_SP_CONTENT_CERT_ID] = {UUID_SIP_SECURE_PARTITION_CONTENT_CERT}, 89 [PLAT_SP_CONTENT_CERT_ID] = {UUID_PLAT_SECURE_PARTITION_CONTENT_CERT}, 90 #endif 91 #endif /* ARM_IO_IN_DTB */ 92 #endif /* TRUSTED_BOARD_BOOT */ 93 }; 94 95 /* By default, ARM platforms load images from the FIP */ 96 struct plat_io_policy policies[MAX_NUMBER_IDS] = { 97 #if ARM_GPT_SUPPORT 98 [GPT_IMAGE_ID] = { 99 &memmap_dev_handle, 100 (uintptr_t)&gpt_spec, 101 open_memmap 102 }, 103 #endif /* ARM_GPT_SUPPORT */ 104 #if PSA_FWU_SUPPORT 105 [FWU_METADATA_IMAGE_ID] = { 106 &memmap_dev_handle, 107 /* filled runtime from partition information */ 108 (uintptr_t)&fwu_metadata_spec, 109 open_memmap 110 }, 111 [BKUP_FWU_METADATA_IMAGE_ID] = { 112 &memmap_dev_handle, 113 /* filled runtime from partition information */ 114 (uintptr_t)&fwu_metadata_spec, 115 open_memmap 116 }, 117 #endif /* PSA_FWU_SUPPORT */ 118 [FIP_IMAGE_ID] = { 119 &memmap_dev_handle, 120 (uintptr_t)&fip_block_spec, 121 open_memmap 122 }, 123 [BL2_IMAGE_ID] = { 124 &fip_dev_handle, 125 (uintptr_t)&arm_uuid_spec[BL2_IMAGE_ID], 126 open_fip 127 }, 128 [TB_FW_CONFIG_ID] = { 129 &fip_dev_handle, 130 (uintptr_t)&arm_uuid_spec[TB_FW_CONFIG_ID], 131 open_fip 132 }, 133 [FW_CONFIG_ID] = { 134 &fip_dev_handle, 135 (uintptr_t)&arm_uuid_spec[FW_CONFIG_ID], 136 open_fip 137 }, 138 #if !ARM_IO_IN_DTB 139 [SCP_BL2_IMAGE_ID] = { 140 &fip_dev_handle, 141 (uintptr_t)&arm_uuid_spec[SCP_BL2_IMAGE_ID], 142 open_fip 143 }, 144 [BL31_IMAGE_ID] = { 145 &fip_dev_handle, 146 (uintptr_t)&arm_uuid_spec[BL31_IMAGE_ID], 147 open_fip 148 }, 149 [BL32_IMAGE_ID] = { 150 &fip_dev_handle, 151 (uintptr_t)&arm_uuid_spec[BL32_IMAGE_ID], 152 open_fip 153 }, 154 [BL32_EXTRA1_IMAGE_ID] = { 155 &fip_dev_handle, 156 (uintptr_t)&arm_uuid_spec[BL32_EXTRA1_IMAGE_ID], 157 open_fip 158 }, 159 [BL32_EXTRA2_IMAGE_ID] = { 160 &fip_dev_handle, 161 (uintptr_t)&arm_uuid_spec[BL32_EXTRA2_IMAGE_ID], 162 open_fip 163 }, 164 [BL33_IMAGE_ID] = { 165 &fip_dev_handle, 166 (uintptr_t)&arm_uuid_spec[BL33_IMAGE_ID], 167 open_fip 168 }, 169 [RMM_IMAGE_ID] = { 170 &fip_dev_handle, 171 (uintptr_t)&arm_uuid_spec[RMM_IMAGE_ID], 172 open_fip 173 }, 174 [HW_CONFIG_ID] = { 175 &fip_dev_handle, 176 (uintptr_t)&arm_uuid_spec[HW_CONFIG_ID], 177 open_fip 178 }, 179 [SOC_FW_CONFIG_ID] = { 180 &fip_dev_handle, 181 (uintptr_t)&arm_uuid_spec[SOC_FW_CONFIG_ID], 182 open_fip 183 }, 184 [TOS_FW_CONFIG_ID] = { 185 &fip_dev_handle, 186 (uintptr_t)&arm_uuid_spec[TOS_FW_CONFIG_ID], 187 open_fip 188 }, 189 [NT_FW_CONFIG_ID] = { 190 &fip_dev_handle, 191 (uintptr_t)&arm_uuid_spec[NT_FW_CONFIG_ID], 192 open_fip 193 }, 194 #endif /* ARM_IO_IN_DTB */ 195 #if TRUSTED_BOARD_BOOT 196 [TRUSTED_BOOT_FW_CERT_ID] = { 197 &fip_dev_handle, 198 (uintptr_t)&arm_uuid_spec[TRUSTED_BOOT_FW_CERT_ID], 199 open_fip 200 }, 201 #if !ARM_IO_IN_DTB 202 [CCA_CONTENT_CERT_ID] = { 203 &fip_dev_handle, 204 (uintptr_t)&arm_uuid_spec[CCA_CONTENT_CERT_ID], 205 open_fip 206 }, 207 [CORE_SWD_KEY_CERT_ID] = { 208 &fip_dev_handle, 209 (uintptr_t)&arm_uuid_spec[CORE_SWD_KEY_CERT_ID], 210 open_fip 211 }, 212 [PLAT_KEY_CERT_ID] = { 213 &fip_dev_handle, 214 (uintptr_t)&arm_uuid_spec[PLAT_KEY_CERT_ID], 215 open_fip 216 }, 217 [TRUSTED_KEY_CERT_ID] = { 218 &fip_dev_handle, 219 (uintptr_t)&arm_uuid_spec[TRUSTED_KEY_CERT_ID], 220 open_fip 221 }, 222 [SCP_FW_KEY_CERT_ID] = { 223 &fip_dev_handle, 224 (uintptr_t)&arm_uuid_spec[SCP_FW_KEY_CERT_ID], 225 open_fip 226 }, 227 [SOC_FW_KEY_CERT_ID] = { 228 &fip_dev_handle, 229 (uintptr_t)&arm_uuid_spec[SOC_FW_KEY_CERT_ID], 230 open_fip 231 }, 232 [TRUSTED_OS_FW_KEY_CERT_ID] = { 233 &fip_dev_handle, 234 (uintptr_t)&arm_uuid_spec[TRUSTED_OS_FW_KEY_CERT_ID], 235 open_fip 236 }, 237 [NON_TRUSTED_FW_KEY_CERT_ID] = { 238 &fip_dev_handle, 239 (uintptr_t)&arm_uuid_spec[NON_TRUSTED_FW_KEY_CERT_ID], 240 open_fip 241 }, 242 [SCP_FW_CONTENT_CERT_ID] = { 243 &fip_dev_handle, 244 (uintptr_t)&arm_uuid_spec[SCP_FW_CONTENT_CERT_ID], 245 open_fip 246 }, 247 [SOC_FW_CONTENT_CERT_ID] = { 248 &fip_dev_handle, 249 (uintptr_t)&arm_uuid_spec[SOC_FW_CONTENT_CERT_ID], 250 open_fip 251 }, 252 [TRUSTED_OS_FW_CONTENT_CERT_ID] = { 253 &fip_dev_handle, 254 (uintptr_t)&arm_uuid_spec[TRUSTED_OS_FW_CONTENT_CERT_ID], 255 open_fip 256 }, 257 [NON_TRUSTED_FW_CONTENT_CERT_ID] = { 258 &fip_dev_handle, 259 (uintptr_t)&arm_uuid_spec[NON_TRUSTED_FW_CONTENT_CERT_ID], 260 open_fip 261 }, 262 #if defined(SPD_spmd) 263 [SIP_SP_CONTENT_CERT_ID] = { 264 &fip_dev_handle, 265 (uintptr_t)&arm_uuid_spec[SIP_SP_CONTENT_CERT_ID], 266 open_fip 267 }, 268 [PLAT_SP_CONTENT_CERT_ID] = { 269 &fip_dev_handle, 270 (uintptr_t)&arm_uuid_spec[PLAT_SP_CONTENT_CERT_ID], 271 open_fip 272 }, 273 #endif 274 #endif /* ARM_IO_IN_DTB */ 275 #endif /* TRUSTED_BOARD_BOOT */ 276 }; 277 278 #ifdef IMAGE_BL2 279 280 #if TRUSTED_BOARD_BOOT 281 #define FCONF_ARM_IO_UUID_NUMBER U(24) 282 #else 283 #define FCONF_ARM_IO_UUID_NUMBER U(10) 284 #endif 285 286 static io_uuid_spec_t fconf_arm_uuids[FCONF_ARM_IO_UUID_NUMBER]; 287 static OBJECT_POOL_ARRAY(fconf_arm_uuids_pool, fconf_arm_uuids); 288 289 struct policies_load_info { 290 unsigned int image_id; 291 const char *name; 292 }; 293 294 /* image id to property name table */ 295 static const struct policies_load_info load_info[FCONF_ARM_IO_UUID_NUMBER] = { 296 {SCP_BL2_IMAGE_ID, "scp_bl2_uuid"}, 297 {BL31_IMAGE_ID, "bl31_uuid"}, 298 {BL32_IMAGE_ID, "bl32_uuid"}, 299 {BL32_EXTRA1_IMAGE_ID, "bl32_extra1_uuid"}, 300 {BL32_EXTRA2_IMAGE_ID, "bl32_extra2_uuid"}, 301 {BL33_IMAGE_ID, "bl33_uuid"}, 302 {HW_CONFIG_ID, "hw_cfg_uuid"}, 303 {SOC_FW_CONFIG_ID, "soc_fw_cfg_uuid"}, 304 {TOS_FW_CONFIG_ID, "tos_fw_cfg_uuid"}, 305 {NT_FW_CONFIG_ID, "nt_fw_cfg_uuid"}, 306 #if TRUSTED_BOARD_BOOT 307 {CCA_CONTENT_CERT_ID, "cca_cert_uuid"}, 308 {CORE_SWD_KEY_CERT_ID, "core_swd_cert_uuid"}, 309 {PLAT_KEY_CERT_ID, "plat_cert_uuid"}, 310 {TRUSTED_KEY_CERT_ID, "t_key_cert_uuid"}, 311 {SCP_FW_KEY_CERT_ID, "scp_fw_key_uuid"}, 312 {SOC_FW_KEY_CERT_ID, "soc_fw_key_uuid"}, 313 {TRUSTED_OS_FW_KEY_CERT_ID, "tos_fw_key_cert_uuid"}, 314 {NON_TRUSTED_FW_KEY_CERT_ID, "nt_fw_key_cert_uuid"}, 315 {SCP_FW_CONTENT_CERT_ID, "scp_fw_content_cert_uuid"}, 316 {SOC_FW_CONTENT_CERT_ID, "soc_fw_content_cert_uuid"}, 317 {TRUSTED_OS_FW_CONTENT_CERT_ID, "tos_fw_content_cert_uuid"}, 318 {NON_TRUSTED_FW_CONTENT_CERT_ID, "nt_fw_content_cert_uuid"}, 319 #if defined(SPD_spmd) 320 {SIP_SP_CONTENT_CERT_ID, "sip_sp_content_cert_uuid"}, 321 {PLAT_SP_CONTENT_CERT_ID, "plat_sp_content_cert_uuid"}, 322 #endif 323 #endif /* TRUSTED_BOARD_BOOT */ 324 }; 325 326 int fconf_populate_arm_io_policies(uintptr_t config) 327 { 328 int err, node; 329 unsigned int i; 330 331 union uuid_helper_t uuid_helper; 332 io_uuid_spec_t *uuid_ptr; 333 334 /* As libfdt uses void *, we can't avoid this cast */ 335 const void *dtb = (void *)config; 336 337 /* Assert the node offset point to "arm,io-fip-handle" compatible property */ 338 const char *compatible_str = "arm,io-fip-handle"; 339 node = fdt_node_offset_by_compatible(dtb, -1, compatible_str); 340 if (node < 0) { 341 ERROR("FCONF: Can't find %s compatible in dtb\n", compatible_str); 342 return node; 343 } 344 345 /* Locate the uuid cells and read the value for all the load info uuid */ 346 for (i = 0; i < FCONF_ARM_IO_UUID_NUMBER; i++) { 347 uuid_ptr = pool_alloc(&fconf_arm_uuids_pool); 348 err = fdtw_read_uuid(dtb, node, load_info[i].name, 16, 349 (uint8_t *)&uuid_helper); 350 if (err < 0) { 351 WARN("FCONF: Read cell failed for %s\n", load_info[i].name); 352 return err; 353 } 354 355 VERBOSE("FCONF: arm-io_policies.%s cell found with value = " 356 "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x\n", 357 load_info[i].name, 358 uuid_helper.uuid_struct.time_low[0], uuid_helper.uuid_struct.time_low[1], 359 uuid_helper.uuid_struct.time_low[2], uuid_helper.uuid_struct.time_low[3], 360 uuid_helper.uuid_struct.time_mid[0], uuid_helper.uuid_struct.time_mid[1], 361 uuid_helper.uuid_struct.time_hi_and_version[0], 362 uuid_helper.uuid_struct.time_hi_and_version[1], 363 uuid_helper.uuid_struct.clock_seq_hi_and_reserved, 364 uuid_helper.uuid_struct.clock_seq_low, 365 uuid_helper.uuid_struct.node[0], uuid_helper.uuid_struct.node[1], 366 uuid_helper.uuid_struct.node[2], uuid_helper.uuid_struct.node[3], 367 uuid_helper.uuid_struct.node[4], uuid_helper.uuid_struct.node[5]); 368 369 uuid_ptr->uuid = uuid_helper.uuid_struct; 370 policies[load_info[i].image_id].image_spec = (uintptr_t)uuid_ptr; 371 policies[load_info[i].image_id].dev_handle = &fip_dev_handle; 372 policies[load_info[i].image_id].check = open_fip; 373 } 374 return 0; 375 } 376 377 #if ARM_IO_IN_DTB 378 FCONF_REGISTER_POPULATOR(TB_FW, arm_io, fconf_populate_arm_io_policies); 379 #endif /* ARM_IO_IN_DTB */ 380 381 #endif /* IMAGE_BL2 */ 382