1 /* 2 * Copyright (c) 2019-2023, ARM Limited. All rights reserved. 3 * 4 * SPDX-License-Identifier: BSD-3-Clause 5 */ 6 7 #include <assert.h> 8 9 #include <common/debug.h> 10 #include <common/fdt_wrappers.h> 11 #include <drivers/io/io_storage.h> 12 #include <drivers/partition/partition.h> 13 #include <lib/object_pool.h> 14 #include <libfdt.h> 15 #include <tools_share/firmware_image_package.h> 16 17 #include <plat/arm/common/arm_fconf_getter.h> 18 #include <plat/arm/common/arm_fconf_io_storage.h> 19 #include <platform_def.h> 20 21 #if PSA_FWU_SUPPORT 22 /* metadata entry details */ 23 static io_block_spec_t fwu_metadata_spec; 24 #endif /* PSA_FWU_SUPPORT */ 25 26 io_block_spec_t fip_block_spec = { 27 /* 28 * This is fixed FIP address used by BL1, BL2 loads partition table 29 * to get FIP address. 30 */ 31 #if ARM_GPT_SUPPORT 32 .offset = PLAT_ARM_FLASH_IMAGE_BASE + PLAT_ARM_FIP_OFFSET_IN_GPT, 33 #else 34 .offset = PLAT_ARM_FLASH_IMAGE_BASE, 35 #endif /* ARM_GPT_SUPPORT */ 36 .length = PLAT_ARM_FLASH_IMAGE_MAX_SIZE 37 }; 38 39 #if ARM_GPT_SUPPORT 40 static const io_block_spec_t gpt_spec = { 41 .offset = PLAT_ARM_FLASH_IMAGE_BASE, 42 /* 43 * PLAT_PARTITION_BLOCK_SIZE = 512 44 * PLAT_PARTITION_MAX_ENTRIES = 128 45 * each sector has 4 partition entries, and there are 46 * 2 reserved sectors i.e. protective MBR and primary 47 * GPT header hence length gets calculated as, 48 * length = 512 * (128/4 + 2) 49 */ 50 .length = PLAT_PARTITION_BLOCK_SIZE * 51 (PLAT_PARTITION_MAX_ENTRIES / 4 + 2), 52 }; 53 54 /* 55 * length will be assigned at runtime based on MBR header data. 56 * Backup GPT Header is present in Last LBA-1 and its entries 57 * are last 32 blocks starts at LBA-33, On runtime update these 58 * before device usage. Update offset to beginning LBA-33 and 59 * length to LBA-33. 60 */ 61 static io_block_spec_t bkup_gpt_spec = { 62 .offset = PLAT_ARM_FLASH_IMAGE_BASE, 63 .length = 0, 64 }; 65 #endif /* ARM_GPT_SUPPORT */ 66 67 const io_uuid_spec_t arm_uuid_spec[MAX_NUMBER_IDS] = { 68 [BL2_IMAGE_ID] = {UUID_TRUSTED_BOOT_FIRMWARE_BL2}, 69 [TB_FW_CONFIG_ID] = {UUID_TB_FW_CONFIG}, 70 [FW_CONFIG_ID] = {UUID_FW_CONFIG}, 71 #if !ARM_IO_IN_DTB 72 [SCP_BL2_IMAGE_ID] = {UUID_SCP_FIRMWARE_SCP_BL2}, 73 [BL31_IMAGE_ID] = {UUID_EL3_RUNTIME_FIRMWARE_BL31}, 74 [BL32_IMAGE_ID] = {UUID_SECURE_PAYLOAD_BL32}, 75 [BL32_EXTRA1_IMAGE_ID] = {UUID_SECURE_PAYLOAD_BL32_EXTRA1}, 76 [BL32_EXTRA2_IMAGE_ID] = {UUID_SECURE_PAYLOAD_BL32_EXTRA2}, 77 [BL33_IMAGE_ID] = {UUID_NON_TRUSTED_FIRMWARE_BL33}, 78 [HW_CONFIG_ID] = {UUID_HW_CONFIG}, 79 [SOC_FW_CONFIG_ID] = {UUID_SOC_FW_CONFIG}, 80 [TOS_FW_CONFIG_ID] = {UUID_TOS_FW_CONFIG}, 81 [NT_FW_CONFIG_ID] = {UUID_NT_FW_CONFIG}, 82 [RMM_IMAGE_ID] = {UUID_REALM_MONITOR_MGMT_FIRMWARE}, 83 #if ETHOSN_NPU_TZMP1 84 [ETHOSN_NPU_FW_IMAGE_ID] = {UUID_ETHOSN_FW}, 85 #endif /* ETHOSN_NPU_TZMP1 */ 86 #endif /* ARM_IO_IN_DTB */ 87 #if TRUSTED_BOARD_BOOT 88 [TRUSTED_BOOT_FW_CERT_ID] = {UUID_TRUSTED_BOOT_FW_CERT}, 89 #if !ARM_IO_IN_DTB 90 [CCA_CONTENT_CERT_ID] = {UUID_CCA_CONTENT_CERT}, 91 [CORE_SWD_KEY_CERT_ID] = {UUID_CORE_SWD_KEY_CERT}, 92 [PLAT_KEY_CERT_ID] = {UUID_PLAT_KEY_CERT}, 93 [TRUSTED_KEY_CERT_ID] = {UUID_TRUSTED_KEY_CERT}, 94 [SCP_FW_KEY_CERT_ID] = {UUID_SCP_FW_KEY_CERT}, 95 [SOC_FW_KEY_CERT_ID] = {UUID_SOC_FW_KEY_CERT}, 96 [TRUSTED_OS_FW_KEY_CERT_ID] = {UUID_TRUSTED_OS_FW_KEY_CERT}, 97 [NON_TRUSTED_FW_KEY_CERT_ID] = {UUID_NON_TRUSTED_FW_KEY_CERT}, 98 [SCP_FW_CONTENT_CERT_ID] = {UUID_SCP_FW_CONTENT_CERT}, 99 [SOC_FW_CONTENT_CERT_ID] = {UUID_SOC_FW_CONTENT_CERT}, 100 [TRUSTED_OS_FW_CONTENT_CERT_ID] = {UUID_TRUSTED_OS_FW_CONTENT_CERT}, 101 [NON_TRUSTED_FW_CONTENT_CERT_ID] = {UUID_NON_TRUSTED_FW_CONTENT_CERT}, 102 #if defined(SPD_spmd) 103 [SIP_SP_CONTENT_CERT_ID] = {UUID_SIP_SECURE_PARTITION_CONTENT_CERT}, 104 [PLAT_SP_CONTENT_CERT_ID] = {UUID_PLAT_SECURE_PARTITION_CONTENT_CERT}, 105 #endif 106 #if ETHOSN_NPU_TZMP1 107 [ETHOSN_NPU_FW_KEY_CERT_ID] = {UUID_ETHOSN_FW_KEY_CERTIFICATE}, 108 [ETHOSN_NPU_FW_CONTENT_CERT_ID] = {UUID_ETHOSN_FW_CONTENT_CERTIFICATE}, 109 #endif /* ETHOSN_NPU_TZMP1 */ 110 #endif /* ARM_IO_IN_DTB */ 111 #endif /* TRUSTED_BOARD_BOOT */ 112 }; 113 114 /* By default, ARM platforms load images from the FIP */ 115 struct plat_io_policy policies[MAX_NUMBER_IDS] = { 116 #if ARM_GPT_SUPPORT 117 [GPT_IMAGE_ID] = { 118 &memmap_dev_handle, 119 (uintptr_t)&gpt_spec, 120 open_memmap 121 }, 122 [BKUP_GPT_IMAGE_ID] = { 123 &memmap_dev_handle, 124 (uintptr_t)&bkup_gpt_spec, 125 open_memmap 126 }, 127 #endif /* ARM_GPT_SUPPORT */ 128 #if PSA_FWU_SUPPORT 129 [FWU_METADATA_IMAGE_ID] = { 130 &memmap_dev_handle, 131 /* filled runtime from partition information */ 132 (uintptr_t)&fwu_metadata_spec, 133 open_memmap 134 }, 135 [BKUP_FWU_METADATA_IMAGE_ID] = { 136 &memmap_dev_handle, 137 /* filled runtime from partition information */ 138 (uintptr_t)&fwu_metadata_spec, 139 open_memmap 140 }, 141 #endif /* PSA_FWU_SUPPORT */ 142 [FIP_IMAGE_ID] = { 143 &memmap_dev_handle, 144 (uintptr_t)&fip_block_spec, 145 open_memmap 146 }, 147 [BL2_IMAGE_ID] = { 148 &fip_dev_handle, 149 (uintptr_t)&arm_uuid_spec[BL2_IMAGE_ID], 150 open_fip 151 }, 152 [TB_FW_CONFIG_ID] = { 153 &fip_dev_handle, 154 (uintptr_t)&arm_uuid_spec[TB_FW_CONFIG_ID], 155 open_fip 156 }, 157 [FW_CONFIG_ID] = { 158 &fip_dev_handle, 159 (uintptr_t)&arm_uuid_spec[FW_CONFIG_ID], 160 open_fip 161 }, 162 #if !ARM_IO_IN_DTB 163 [SCP_BL2_IMAGE_ID] = { 164 &fip_dev_handle, 165 (uintptr_t)&arm_uuid_spec[SCP_BL2_IMAGE_ID], 166 open_fip 167 }, 168 [BL31_IMAGE_ID] = { 169 &fip_dev_handle, 170 (uintptr_t)&arm_uuid_spec[BL31_IMAGE_ID], 171 open_fip 172 }, 173 [BL32_IMAGE_ID] = { 174 &fip_dev_handle, 175 (uintptr_t)&arm_uuid_spec[BL32_IMAGE_ID], 176 open_fip 177 }, 178 [BL32_EXTRA1_IMAGE_ID] = { 179 &fip_dev_handle, 180 (uintptr_t)&arm_uuid_spec[BL32_EXTRA1_IMAGE_ID], 181 open_fip 182 }, 183 [BL32_EXTRA2_IMAGE_ID] = { 184 &fip_dev_handle, 185 (uintptr_t)&arm_uuid_spec[BL32_EXTRA2_IMAGE_ID], 186 open_fip 187 }, 188 [BL33_IMAGE_ID] = { 189 &fip_dev_handle, 190 (uintptr_t)&arm_uuid_spec[BL33_IMAGE_ID], 191 open_fip 192 }, 193 [RMM_IMAGE_ID] = { 194 &fip_dev_handle, 195 (uintptr_t)&arm_uuid_spec[RMM_IMAGE_ID], 196 open_fip 197 }, 198 [HW_CONFIG_ID] = { 199 &fip_dev_handle, 200 (uintptr_t)&arm_uuid_spec[HW_CONFIG_ID], 201 open_fip 202 }, 203 [SOC_FW_CONFIG_ID] = { 204 &fip_dev_handle, 205 (uintptr_t)&arm_uuid_spec[SOC_FW_CONFIG_ID], 206 open_fip 207 }, 208 [TOS_FW_CONFIG_ID] = { 209 &fip_dev_handle, 210 (uintptr_t)&arm_uuid_spec[TOS_FW_CONFIG_ID], 211 open_fip 212 }, 213 [NT_FW_CONFIG_ID] = { 214 &fip_dev_handle, 215 (uintptr_t)&arm_uuid_spec[NT_FW_CONFIG_ID], 216 open_fip 217 }, 218 #if ETHOSN_NPU_TZMP1 219 [ETHOSN_NPU_FW_IMAGE_ID] = { 220 &fip_dev_handle, 221 (uintptr_t)&arm_uuid_spec[ETHOSN_NPU_FW_IMAGE_ID], 222 open_fip 223 }, 224 #endif /* ETHOSN_NPU_TZMP1 */ 225 #endif /* ARM_IO_IN_DTB */ 226 #if TRUSTED_BOARD_BOOT 227 [TRUSTED_BOOT_FW_CERT_ID] = { 228 &fip_dev_handle, 229 (uintptr_t)&arm_uuid_spec[TRUSTED_BOOT_FW_CERT_ID], 230 open_fip 231 }, 232 #if !ARM_IO_IN_DTB 233 [CCA_CONTENT_CERT_ID] = { 234 &fip_dev_handle, 235 (uintptr_t)&arm_uuid_spec[CCA_CONTENT_CERT_ID], 236 open_fip 237 }, 238 [CORE_SWD_KEY_CERT_ID] = { 239 &fip_dev_handle, 240 (uintptr_t)&arm_uuid_spec[CORE_SWD_KEY_CERT_ID], 241 open_fip 242 }, 243 [PLAT_KEY_CERT_ID] = { 244 &fip_dev_handle, 245 (uintptr_t)&arm_uuid_spec[PLAT_KEY_CERT_ID], 246 open_fip 247 }, 248 [TRUSTED_KEY_CERT_ID] = { 249 &fip_dev_handle, 250 (uintptr_t)&arm_uuid_spec[TRUSTED_KEY_CERT_ID], 251 open_fip 252 }, 253 [SCP_FW_KEY_CERT_ID] = { 254 &fip_dev_handle, 255 (uintptr_t)&arm_uuid_spec[SCP_FW_KEY_CERT_ID], 256 open_fip 257 }, 258 [SOC_FW_KEY_CERT_ID] = { 259 &fip_dev_handle, 260 (uintptr_t)&arm_uuid_spec[SOC_FW_KEY_CERT_ID], 261 open_fip 262 }, 263 [TRUSTED_OS_FW_KEY_CERT_ID] = { 264 &fip_dev_handle, 265 (uintptr_t)&arm_uuid_spec[TRUSTED_OS_FW_KEY_CERT_ID], 266 open_fip 267 }, 268 [NON_TRUSTED_FW_KEY_CERT_ID] = { 269 &fip_dev_handle, 270 (uintptr_t)&arm_uuid_spec[NON_TRUSTED_FW_KEY_CERT_ID], 271 open_fip 272 }, 273 [SCP_FW_CONTENT_CERT_ID] = { 274 &fip_dev_handle, 275 (uintptr_t)&arm_uuid_spec[SCP_FW_CONTENT_CERT_ID], 276 open_fip 277 }, 278 [SOC_FW_CONTENT_CERT_ID] = { 279 &fip_dev_handle, 280 (uintptr_t)&arm_uuid_spec[SOC_FW_CONTENT_CERT_ID], 281 open_fip 282 }, 283 [TRUSTED_OS_FW_CONTENT_CERT_ID] = { 284 &fip_dev_handle, 285 (uintptr_t)&arm_uuid_spec[TRUSTED_OS_FW_CONTENT_CERT_ID], 286 open_fip 287 }, 288 [NON_TRUSTED_FW_CONTENT_CERT_ID] = { 289 &fip_dev_handle, 290 (uintptr_t)&arm_uuid_spec[NON_TRUSTED_FW_CONTENT_CERT_ID], 291 open_fip 292 }, 293 #if defined(SPD_spmd) 294 [SIP_SP_CONTENT_CERT_ID] = { 295 &fip_dev_handle, 296 (uintptr_t)&arm_uuid_spec[SIP_SP_CONTENT_CERT_ID], 297 open_fip 298 }, 299 [PLAT_SP_CONTENT_CERT_ID] = { 300 &fip_dev_handle, 301 (uintptr_t)&arm_uuid_spec[PLAT_SP_CONTENT_CERT_ID], 302 open_fip 303 }, 304 #endif 305 #if ETHOSN_NPU_TZMP1 306 [ETHOSN_NPU_FW_KEY_CERT_ID] = { 307 &fip_dev_handle, 308 (uintptr_t)&arm_uuid_spec[ETHOSN_NPU_FW_KEY_CERT_ID], 309 open_fip 310 }, 311 [ETHOSN_NPU_FW_CONTENT_CERT_ID] = { 312 &fip_dev_handle, 313 (uintptr_t)&arm_uuid_spec[ETHOSN_NPU_FW_CONTENT_CERT_ID], 314 open_fip 315 }, 316 #endif /* ETHOSN_NPU_TZMP1 */ 317 #endif /* ARM_IO_IN_DTB */ 318 #endif /* TRUSTED_BOARD_BOOT */ 319 }; 320 321 #ifdef IMAGE_BL2 322 323 #define FCONF_ARM_IO_UUID_NUM_BASE U(10) 324 325 #if ETHOSN_NPU_TZMP1 326 #define FCONF_ARM_IO_UUID_NUM_NPU U(1) 327 #else 328 #define FCONF_ARM_IO_UUID_NUM_NPU U(0) 329 #endif /* ETHOSN_NPU_TZMP1 */ 330 331 #if TRUSTED_BOARD_BOOT 332 #define FCONF_ARM_IO_UUID_NUM_TBB U(12) 333 #else 334 #define FCONF_ARM_IO_UUID_NUM_TBB U(0) 335 #endif /* TRUSTED_BOARD_BOOT */ 336 337 #if TRUSTED_BOARD_BOOT && defined(SPD_spmd) 338 #define FCONF_ARM_IO_UUID_NUM_SPD U(2) 339 #else 340 #define FCONF_ARM_IO_UUID_NUM_SPD U(0) 341 #endif /* TRUSTED_BOARD_BOOT && defined(SPD_spmd) */ 342 343 #if TRUSTED_BOARD_BOOT && ETHOSN_NPU_TZMP1 344 #define FCONF_ARM_IO_UUID_NUM_NPU_TBB U(2) 345 #else 346 #define FCONF_ARM_IO_UUID_NUM_NPU_TBB U(0) 347 #endif /* TRUSTED_BOARD_BOOT && ETHOSN_NPU_TZMP1 */ 348 349 #define FCONF_ARM_IO_UUID_NUMBER FCONF_ARM_IO_UUID_NUM_BASE + \ 350 FCONF_ARM_IO_UUID_NUM_NPU + \ 351 FCONF_ARM_IO_UUID_NUM_TBB + \ 352 FCONF_ARM_IO_UUID_NUM_SPD + \ 353 FCONF_ARM_IO_UUID_NUM_NPU_TBB 354 355 static io_uuid_spec_t fconf_arm_uuids[FCONF_ARM_IO_UUID_NUMBER]; 356 static OBJECT_POOL_ARRAY(fconf_arm_uuids_pool, fconf_arm_uuids); 357 358 struct policies_load_info { 359 unsigned int image_id; 360 const char *name; 361 }; 362 363 /* image id to property name table */ 364 static const struct policies_load_info load_info[FCONF_ARM_IO_UUID_NUMBER] = { 365 {SCP_BL2_IMAGE_ID, "scp_bl2_uuid"}, 366 {BL31_IMAGE_ID, "bl31_uuid"}, 367 {BL32_IMAGE_ID, "bl32_uuid"}, 368 {BL32_EXTRA1_IMAGE_ID, "bl32_extra1_uuid"}, 369 {BL32_EXTRA2_IMAGE_ID, "bl32_extra2_uuid"}, 370 {BL33_IMAGE_ID, "bl33_uuid"}, 371 {HW_CONFIG_ID, "hw_cfg_uuid"}, 372 {SOC_FW_CONFIG_ID, "soc_fw_cfg_uuid"}, 373 {TOS_FW_CONFIG_ID, "tos_fw_cfg_uuid"}, 374 {NT_FW_CONFIG_ID, "nt_fw_cfg_uuid"}, 375 #if ETHOSN_NPU_TZMP1 376 {ETHOSN_NPU_FW_IMAGE_ID, "ethosn_npu_fw_uuid"}, 377 #endif /* ETHOSN_NPU_TZMP1 */ 378 #if TRUSTED_BOARD_BOOT 379 {CCA_CONTENT_CERT_ID, "cca_cert_uuid"}, 380 {CORE_SWD_KEY_CERT_ID, "core_swd_cert_uuid"}, 381 {PLAT_KEY_CERT_ID, "plat_cert_uuid"}, 382 {TRUSTED_KEY_CERT_ID, "t_key_cert_uuid"}, 383 {SCP_FW_KEY_CERT_ID, "scp_fw_key_uuid"}, 384 {SOC_FW_KEY_CERT_ID, "soc_fw_key_uuid"}, 385 {TRUSTED_OS_FW_KEY_CERT_ID, "tos_fw_key_cert_uuid"}, 386 {NON_TRUSTED_FW_KEY_CERT_ID, "nt_fw_key_cert_uuid"}, 387 {SCP_FW_CONTENT_CERT_ID, "scp_fw_content_cert_uuid"}, 388 {SOC_FW_CONTENT_CERT_ID, "soc_fw_content_cert_uuid"}, 389 {TRUSTED_OS_FW_CONTENT_CERT_ID, "tos_fw_content_cert_uuid"}, 390 {NON_TRUSTED_FW_CONTENT_CERT_ID, "nt_fw_content_cert_uuid"}, 391 #if defined(SPD_spmd) 392 {SIP_SP_CONTENT_CERT_ID, "sip_sp_content_cert_uuid"}, 393 {PLAT_SP_CONTENT_CERT_ID, "plat_sp_content_cert_uuid"}, 394 #endif 395 #if ETHOSN_NPU_TZMP1 396 {ETHOSN_NPU_FW_KEY_CERT_ID, "ethosn_npu_fw_key_cert_uuid"}, 397 {ETHOSN_NPU_FW_CONTENT_CERT_ID, "ethosn_npu_fw_content_cert_uuid"}, 398 #endif /* ETHOSN_NPU_TZMP1 */ 399 #endif /* TRUSTED_BOARD_BOOT */ 400 }; 401 402 int fconf_populate_arm_io_policies(uintptr_t config) 403 { 404 int err, node; 405 unsigned int i; 406 407 union uuid_helper_t uuid_helper; 408 io_uuid_spec_t *uuid_ptr; 409 410 /* As libfdt uses void *, we can't avoid this cast */ 411 const void *dtb = (void *)config; 412 413 /* Assert the node offset point to "arm,io-fip-handle" compatible property */ 414 const char *compatible_str = "arm,io-fip-handle"; 415 node = fdt_node_offset_by_compatible(dtb, -1, compatible_str); 416 if (node < 0) { 417 ERROR("FCONF: Can't find %s compatible in dtb\n", compatible_str); 418 return node; 419 } 420 421 /* Locate the uuid cells and read the value for all the load info uuid */ 422 for (i = 0; i < FCONF_ARM_IO_UUID_NUMBER; i++) { 423 uuid_ptr = pool_alloc(&fconf_arm_uuids_pool); 424 err = fdtw_read_uuid(dtb, node, load_info[i].name, 16, 425 (uint8_t *)&uuid_helper); 426 if (err < 0) { 427 WARN("FCONF: Read cell failed for %s\n", load_info[i].name); 428 return err; 429 } 430 431 VERBOSE("FCONF: arm-io_policies.%s cell found with value = " 432 "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x\n", 433 load_info[i].name, 434 uuid_helper.uuid_struct.time_low[0], uuid_helper.uuid_struct.time_low[1], 435 uuid_helper.uuid_struct.time_low[2], uuid_helper.uuid_struct.time_low[3], 436 uuid_helper.uuid_struct.time_mid[0], uuid_helper.uuid_struct.time_mid[1], 437 uuid_helper.uuid_struct.time_hi_and_version[0], 438 uuid_helper.uuid_struct.time_hi_and_version[1], 439 uuid_helper.uuid_struct.clock_seq_hi_and_reserved, 440 uuid_helper.uuid_struct.clock_seq_low, 441 uuid_helper.uuid_struct.node[0], uuid_helper.uuid_struct.node[1], 442 uuid_helper.uuid_struct.node[2], uuid_helper.uuid_struct.node[3], 443 uuid_helper.uuid_struct.node[4], uuid_helper.uuid_struct.node[5]); 444 445 uuid_ptr->uuid = uuid_helper.uuid_struct; 446 policies[load_info[i].image_id].image_spec = (uintptr_t)uuid_ptr; 447 policies[load_info[i].image_id].dev_handle = &fip_dev_handle; 448 policies[load_info[i].image_id].check = open_fip; 449 } 450 return 0; 451 } 452 453 #if ARM_IO_IN_DTB 454 FCONF_REGISTER_POPULATOR(TB_FW, arm_io, fconf_populate_arm_io_policies); 455 #endif /* ARM_IO_IN_DTB */ 456 457 #endif /* IMAGE_BL2 */ 458