1 /* 2 * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved. 3 * Copyright (c) 2020, NVIDIA Corporation. All rights reserved. 4 * 5 * SPDX-License-Identifier: BSD-3-Clause 6 */ 7 8 /******************************************************************************* 9 * This is the Secure Payload Dispatcher (SPD). The dispatcher is meant to be a 10 * plug-in component to the Secure Monitor, registered as a runtime service. The 11 * SPD is expected to be a functional extension of the Secure Payload (SP) that 12 * executes in Secure EL1. The Secure Monitor will delegate all SMCs targeting 13 * the Trusted OS/Applications range to the dispatcher. The SPD will either 14 * handle the request locally or delegate it to the Secure Payload. It is also 15 * responsible for initialising and maintaining communication with the SP. 16 ******************************************************************************/ 17 #include <assert.h> 18 #include <bl31/interrupt_mgmt.h> 19 #include <errno.h> 20 #include <stddef.h> 21 22 #include <arch_helpers.h> 23 #include <bl31/bl31.h> 24 #include <bl32/payloads/tlk.h> 25 #include <common/bl_common.h> 26 #include <common/debug.h> 27 #include <common/runtime_svc.h> 28 #include <lib/el3_runtime/context_mgmt.h> 29 #include <plat/common/platform.h> 30 #include <tools_share/uuid.h> 31 32 #include "tlkd_private.h" 33 34 extern const spd_pm_ops_t tlkd_pm_ops; 35 36 /******************************************************************************* 37 * Per-cpu Secure Payload state 38 ******************************************************************************/ 39 tlk_context_t tlk_ctx; 40 41 /******************************************************************************* 42 * CPU number on which TLK booted up 43 ******************************************************************************/ 44 static uint32_t boot_cpu; 45 46 /* TLK UID: RFC-4122 compliant UUID (version-5, sha-1) */ 47 DEFINE_SVC_UUID2(tlk_uuid, 48 0xc9e911bd, 0xba2b, 0xee52, 0xb1, 0x72, 49 0x46, 0x1f, 0xba, 0x97, 0x7f, 0x63); 50 51 static int32_t tlkd_init(void); 52 53 /******************************************************************************* 54 * Secure Payload Dispatcher's timer interrupt handler 55 ******************************************************************************/ 56 static uint64_t tlkd_interrupt_handler(uint32_t id, 57 uint32_t flags, 58 void *handle, 59 void *cookie) 60 { 61 cpu_context_t *s_cpu_context; 62 int irq = plat_ic_get_pending_interrupt_id(); 63 64 /* acknowledge the interrupt and mark it complete */ 65 (void)plat_ic_acknowledge_interrupt(); 66 plat_ic_end_of_interrupt(irq); 67 68 /* 69 * Disable the routing of NS interrupts from secure world to 70 * EL3 while interrupted on this core. 71 */ 72 disable_intr_rm_local(INTR_TYPE_S_EL1, SECURE); 73 74 /* Check the security state when the exception was generated */ 75 assert(get_interrupt_src_ss(flags) == NON_SECURE); 76 assert(handle == cm_get_context(NON_SECURE)); 77 78 /* Save non-secure state */ 79 cm_el1_sysregs_context_save(NON_SECURE); 80 81 /* Get a reference to the secure context */ 82 s_cpu_context = cm_get_context(SECURE); 83 assert(s_cpu_context); 84 85 /* 86 * Restore non-secure state. There is no need to save the 87 * secure system register context since the SP was supposed 88 * to preserve it during S-EL1 interrupt handling. 89 */ 90 cm_el1_sysregs_context_restore(SECURE); 91 cm_set_next_eret_context(SECURE); 92 93 /* Provide the IRQ number to the SPD */ 94 SMC_RET4(s_cpu_context, (uint32_t)TLK_IRQ_FIRED, 0, (uint32_t)irq, 0); 95 } 96 97 /******************************************************************************* 98 * Secure Payload Dispatcher setup. The SPD finds out the SP entrypoint and type 99 * (aarch32/aarch64) if not already known and initialises the context for entry 100 * into the SP for its initialisation. 101 ******************************************************************************/ 102 static int32_t tlkd_setup(void) 103 { 104 entry_point_info_t *tlk_ep_info; 105 uint32_t flags; 106 int32_t ret; 107 108 /* 109 * Get information about the Secure Payload (BL32) image. Its 110 * absence is a critical failure. 111 */ 112 tlk_ep_info = bl31_plat_get_next_image_ep_info(SECURE); 113 if (!tlk_ep_info) { 114 WARN("No SP provided. Booting device without SP" 115 " initialization. SMC`s destined for SP" 116 " will return SMC_UNK\n"); 117 return 1; 118 } 119 120 /* 121 * If there's no valid entry point for SP, we return a non-zero value 122 * signalling failure initializing the service. We bail out without 123 * registering any handlers 124 */ 125 if (!tlk_ep_info->pc) 126 return 1; 127 128 /* 129 * Inspect the SP image's SPSR and determine it's execution state 130 * i.e whether AArch32 or AArch64. 131 */ 132 tlkd_init_tlk_ep_state(tlk_ep_info, 133 (tlk_ep_info->spsr >> MODE_RW_SHIFT) & MODE_RW_MASK, 134 tlk_ep_info->pc, 135 &tlk_ctx); 136 137 /* get a list of all S-EL1 IRQs from the platform */ 138 139 /* register interrupt handler */ 140 flags = 0; 141 set_interrupt_rm_flag(flags, NON_SECURE); 142 ret = register_interrupt_type_handler(INTR_TYPE_S_EL1, 143 tlkd_interrupt_handler, 144 flags); 145 if (ret != 0) { 146 ERROR("failed to register tlkd interrupt handler (%d)\n", ret); 147 } 148 149 /* 150 * All TLK SPD initialization done. Now register our init function 151 * with BL31 for deferred invocation 152 */ 153 bl31_register_bl32_init(&tlkd_init); 154 155 return 0; 156 } 157 158 /******************************************************************************* 159 * This function passes control to the Secure Payload image (BL32) for the first 160 * time on the primary cpu after a cold boot. It assumes that a valid secure 161 * context has already been created by tlkd_setup() which can be directly 162 * used. This function performs a synchronous entry into the Secure payload. 163 * The SP passes control back to this routine through a SMC. 164 ******************************************************************************/ 165 static int32_t tlkd_init(void) 166 { 167 entry_point_info_t *tlk_entry_point; 168 169 /* 170 * Get information about the Secure Payload (BL32) image. Its 171 * absence is a critical failure. 172 */ 173 tlk_entry_point = bl31_plat_get_next_image_ep_info(SECURE); 174 assert(tlk_entry_point); 175 176 cm_init_my_context(tlk_entry_point); 177 178 /* 179 * TLK runs only on a single CPU. Store the value of the boot 180 * CPU for sanity checking later. 181 */ 182 boot_cpu = plat_my_core_pos(); 183 184 /* 185 * Arrange for an entry into the test secure payload. 186 */ 187 return tlkd_synchronous_sp_entry(&tlk_ctx); 188 } 189 190 /******************************************************************************* 191 * This function is responsible for handling all SMCs in the Trusted OS/App 192 * range from the non-secure state as defined in the SMC Calling Convention 193 * Document. It is also responsible for communicating with the Secure payload 194 * to delegate work and return results back to the non-secure state. Lastly it 195 * will also return any information that the secure payload needs to do the 196 * work assigned to it. 197 ******************************************************************************/ 198 static uintptr_t tlkd_smc_handler(uint32_t smc_fid, 199 u_register_t x1, 200 u_register_t x2, 201 u_register_t x3, 202 u_register_t x4, 203 void *cookie, 204 void *handle, 205 u_register_t flags) 206 { 207 cpu_context_t *ns_cpu_context; 208 gp_regs_t *gp_regs; 209 uint32_t ns; 210 uint64_t par; 211 212 /* Passing a NULL context is a critical programming error */ 213 assert(handle); 214 215 /* These SMCs are only supported by a single CPU */ 216 if (boot_cpu != plat_my_core_pos()) 217 SMC_RET1(handle, SMC_UNK); 218 219 /* Determine which security state this SMC originated from */ 220 ns = is_caller_non_secure(flags); 221 222 switch (smc_fid) { 223 224 /* 225 * This function ID is used by SP to indicate that it was 226 * preempted by a non-secure world IRQ. 227 */ 228 case TLK_PREEMPTED: 229 230 if (ns) 231 SMC_RET1(handle, SMC_UNK); 232 233 assert(handle == cm_get_context(SECURE)); 234 cm_el1_sysregs_context_save(SECURE); 235 236 /* Get a reference to the non-secure context */ 237 ns_cpu_context = cm_get_context(NON_SECURE); 238 assert(ns_cpu_context); 239 240 /* 241 * Restore non-secure state. There is no need to save the 242 * secure system register context since the SP was supposed 243 * to preserve it during S-EL1 interrupt handling. 244 */ 245 cm_el1_sysregs_context_restore(NON_SECURE); 246 cm_set_next_eret_context(NON_SECURE); 247 248 SMC_RET1(ns_cpu_context, x1); 249 250 /* 251 * This is a request from the non-secure context to: 252 * 253 * a. register shared memory with the SP for storing it's 254 * activity logs. 255 * b. register shared memory with the SP for passing args 256 * required for maintaining sessions with the Trusted 257 * Applications. 258 * c. register shared persistent buffers for secure storage 259 * d. register NS DRAM ranges passed by Cboot 260 * e. register Root of Trust parameters from Cboot for Verified Boot 261 * f. open/close sessions 262 * g. issue commands to the Trusted Apps 263 * h. resume the preempted yielding SMC call. 264 */ 265 case TLK_REGISTER_LOGBUF: 266 case TLK_REGISTER_REQBUF: 267 case TLK_SS_REGISTER_HANDLER: 268 case TLK_REGISTER_NS_DRAM_RANGES: 269 case TLK_SET_ROOT_OF_TRUST: 270 case TLK_OPEN_TA_SESSION: 271 case TLK_CLOSE_TA_SESSION: 272 case TLK_TA_LAUNCH_OP: 273 case TLK_TA_SEND_EVENT: 274 case TLK_RESUME_FID: 275 case TLK_SET_BL_VERSION: 276 case TLK_LOCK_BL_INTERFACE: 277 case TLK_BL_RPMB_SERVICE: 278 279 if (!ns) 280 SMC_RET1(handle, SMC_UNK); 281 282 /* 283 * This is a fresh request from the non-secure client. 284 * The parameters are in x1 and x2. Figure out which 285 * registers need to be preserved, save the non-secure 286 * state and send the request to the secure payload. 287 */ 288 assert(handle == cm_get_context(NON_SECURE)); 289 290 /* 291 * Check if we are already processing a yielding SMC 292 * call. Of all the supported fids, only the "resume" 293 * fid expects the flag to be set. 294 */ 295 if (smc_fid == TLK_RESUME_FID) { 296 if (!get_yield_smc_active_flag(tlk_ctx.state)) 297 SMC_RET1(handle, SMC_UNK); 298 } else { 299 if (get_yield_smc_active_flag(tlk_ctx.state)) 300 SMC_RET1(handle, SMC_UNK); 301 } 302 303 cm_el1_sysregs_context_save(NON_SECURE); 304 305 /* 306 * Verify if there is a valid context to use. 307 */ 308 assert(&tlk_ctx.cpu_ctx == cm_get_context(SECURE)); 309 310 /* 311 * Mark the SP state as active. 312 */ 313 set_yield_smc_active_flag(tlk_ctx.state); 314 315 /* 316 * We are done stashing the non-secure context. Ask the 317 * secure payload to do the work now. 318 */ 319 cm_el1_sysregs_context_restore(SECURE); 320 cm_set_next_eret_context(SECURE); 321 322 /* 323 * TLK is a 32-bit Trusted OS and so expects the SMC 324 * arguments via r0-r7. TLK expects the monitor frame 325 * registers to be 64-bits long. Hence, we pass x0 in 326 * r0-r1, x1 in r2-r3, x3 in r4-r5 and x4 in r6-r7. 327 * 328 * As smc_fid is a uint32 value, r1 contains 0. 329 */ 330 gp_regs = get_gpregs_ctx(&tlk_ctx.cpu_ctx); 331 write_ctx_reg(gp_regs, CTX_GPREG_X4, (uint32_t)x2); 332 write_ctx_reg(gp_regs, CTX_GPREG_X5, (uint32_t)(x2 >> 32)); 333 write_ctx_reg(gp_regs, CTX_GPREG_X6, (uint32_t)x3); 334 write_ctx_reg(gp_regs, CTX_GPREG_X7, (uint32_t)(x3 >> 32)); 335 SMC_RET4(&tlk_ctx.cpu_ctx, smc_fid, 0, (uint32_t)x1, 336 (uint32_t)(x1 >> 32)); 337 338 /* 339 * Translate NS/EL1-S virtual addresses. 340 * 341 * x1 = virtual address 342 * x3 = type (NS/S) 343 * 344 * Returns PA:lo in r0, PA:hi in r1. 345 */ 346 case TLK_VA_TRANSLATE: 347 348 /* Should be invoked only by secure world */ 349 if (ns) 350 SMC_RET1(handle, SMC_UNK); 351 352 /* NS virtual addresses are 64-bit long */ 353 if (x3 & TLK_TRANSLATE_NS_VADDR) 354 x1 = (uint32_t)x1 | (x2 << 32); 355 356 if (!x1) 357 SMC_RET1(handle, SMC_UNK); 358 359 /* 360 * TODO: Sanity check x1. This would require platform 361 * support. 362 */ 363 364 /* virtual address and type: ns/s */ 365 par = tlkd_va_translate(x1, x3); 366 367 /* return physical address in r0-r1 */ 368 SMC_RET4(handle, (uint32_t)par, (uint32_t)(par >> 32), 0, 0); 369 370 /* 371 * This is a request from the SP to mark completion of 372 * a yielding function ID. 373 */ 374 case TLK_REQUEST_DONE: 375 if (ns) 376 SMC_RET1(handle, SMC_UNK); 377 378 /* 379 * Mark the SP state as inactive. 380 */ 381 clr_yield_smc_active_flag(tlk_ctx.state); 382 383 /* Get a reference to the non-secure context */ 384 ns_cpu_context = cm_get_context(NON_SECURE); 385 assert(ns_cpu_context); 386 387 /* 388 * This is a request completion SMC and we must switch to 389 * the non-secure world to pass the result. 390 */ 391 cm_el1_sysregs_context_save(SECURE); 392 393 /* 394 * We are done stashing the secure context. Switch to the 395 * non-secure context and return the result. 396 */ 397 cm_el1_sysregs_context_restore(NON_SECURE); 398 cm_set_next_eret_context(NON_SECURE); 399 SMC_RET1(ns_cpu_context, x1); 400 401 /* 402 * This function ID is used only by the SP to indicate it has 403 * finished initialising itself after a cold boot 404 */ 405 case TLK_ENTRY_DONE: 406 if (ns) 407 SMC_RET1(handle, SMC_UNK); 408 409 /* 410 * SP has been successfully initialized. Register power 411 * management hooks with PSCI 412 */ 413 psci_register_spd_pm_hook(&tlkd_pm_ops); 414 415 /* 416 * TLK reports completion. The SPD must have initiated 417 * the original request through a synchronous entry 418 * into the SP. Jump back to the original C runtime 419 * context. 420 */ 421 tlkd_synchronous_sp_exit(&tlk_ctx, x1); 422 break; 423 424 /* 425 * These function IDs are used only by TLK to indicate it has 426 * finished: 427 * 1. suspending itself after an earlier psci cpu_suspend 428 * request. 429 * 2. resuming itself after an earlier psci cpu_suspend 430 * request. 431 * 3. powering down after an earlier psci system_off/system_reset 432 * request. 433 */ 434 case TLK_SUSPEND_DONE: 435 case TLK_RESUME_DONE: 436 437 if (ns) 438 SMC_RET1(handle, SMC_UNK); 439 440 /* 441 * TLK reports completion. TLKD must have initiated the 442 * original request through a synchronous entry into the SP. 443 * Jump back to the original C runtime context, and pass x1 as 444 * return value to the caller 445 */ 446 tlkd_synchronous_sp_exit(&tlk_ctx, x1); 447 break; 448 449 /* 450 * This function ID is used by SP to indicate that it has completed 451 * handling the secure interrupt. 452 */ 453 case TLK_IRQ_DONE: 454 455 if (ns) 456 SMC_RET1(handle, SMC_UNK); 457 458 assert(handle == cm_get_context(SECURE)); 459 460 /* save secure world context */ 461 cm_el1_sysregs_context_save(SECURE); 462 463 /* Get a reference to the non-secure context */ 464 ns_cpu_context = cm_get_context(NON_SECURE); 465 assert(ns_cpu_context); 466 467 /* 468 * Restore non-secure state. There is no need to save the 469 * secure system register context since the SP was supposed 470 * to preserve it during S-EL1 interrupt handling. 471 */ 472 cm_el1_sysregs_context_restore(NON_SECURE); 473 cm_set_next_eret_context(NON_SECURE); 474 475 SMC_RET0(ns_cpu_context); 476 477 /* 478 * Return the number of service function IDs implemented to 479 * provide service to non-secure 480 */ 481 case TOS_CALL_COUNT: 482 SMC_RET1(handle, TLK_NUM_FID); 483 484 /* 485 * Return TLK's UID to the caller 486 */ 487 case TOS_UID: 488 SMC_UUID_RET(handle, tlk_uuid); 489 490 /* 491 * Return the version of current implementation 492 */ 493 case TOS_CALL_VERSION: 494 SMC_RET2(handle, TLK_VERSION_MAJOR, TLK_VERSION_MINOR); 495 496 default: 497 WARN("%s: Unhandled SMC: 0x%x\n", __func__, smc_fid); 498 break; 499 } 500 501 SMC_RET1(handle, SMC_UNK); 502 } 503 504 /* Define a SPD runtime service descriptor for fast SMC calls */ 505 DECLARE_RT_SVC( 506 tlkd_tos_fast, 507 508 OEN_TOS_START, 509 OEN_TOS_END, 510 SMC_TYPE_FAST, 511 tlkd_setup, 512 tlkd_smc_handler 513 ); 514 515 /* Define a SPD runtime service descriptor for yielding SMC calls */ 516 DECLARE_RT_SVC( 517 tlkd_tos_std, 518 519 OEN_TOS_START, 520 OEN_TOS_END, 521 SMC_TYPE_YIELD, 522 NULL, 523 tlkd_smc_handler 524 ); 525 526 /* Define a SPD runtime service descriptor for fast SMC calls */ 527 DECLARE_RT_SVC( 528 tlkd_tap_fast, 529 530 OEN_TAP_START, 531 OEN_TAP_END, 532 SMC_TYPE_FAST, 533 NULL, 534 tlkd_smc_handler 535 ); 536 537 /* Define a SPD runtime service descriptor for yielding SMC calls */ 538 DECLARE_RT_SVC( 539 tlkd_tap_std, 540 541 OEN_TAP_START, 542 OEN_TAP_END, 543 SMC_TYPE_YIELD, 544 NULL, 545 tlkd_smc_handler 546 ); 547