1 /* 2 * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved. 3 * Copyright (c) 2020, NVIDIA Corporation. All rights reserved. 4 * 5 * SPDX-License-Identifier: BSD-3-Clause 6 */ 7 8 /******************************************************************************* 9 * This is the Secure Payload Dispatcher (SPD). The dispatcher is meant to be a 10 * plug-in component to the Secure Monitor, registered as a runtime service. The 11 * SPD is expected to be a functional extension of the Secure Payload (SP) that 12 * executes in Secure EL1. The Secure Monitor will delegate all SMCs targeting 13 * the Trusted OS/Applications range to the dispatcher. The SPD will either 14 * handle the request locally or delegate it to the Secure Payload. It is also 15 * responsible for initialising and maintaining communication with the SP. 16 ******************************************************************************/ 17 #include <assert.h> 18 #include <bl31/interrupt_mgmt.h> 19 #include <errno.h> 20 #include <stddef.h> 21 22 #include <arch_helpers.h> 23 #include <bl31/bl31.h> 24 #include <bl32/payloads/tlk.h> 25 #include <common/bl_common.h> 26 #include <common/debug.h> 27 #include <common/runtime_svc.h> 28 #include <lib/el3_runtime/context_mgmt.h> 29 #include <plat/common/platform.h> 30 #include <tools_share/uuid.h> 31 32 #include "tlkd_private.h" 33 34 extern const spd_pm_ops_t tlkd_pm_ops; 35 36 /******************************************************************************* 37 * Per-cpu Secure Payload state 38 ******************************************************************************/ 39 tlk_context_t tlk_ctx; 40 41 /******************************************************************************* 42 * CPU number on which TLK booted up 43 ******************************************************************************/ 44 static uint32_t boot_cpu; 45 46 /* TLK UID: RFC-4122 compliant UUID (version-5, sha-1) */ 47 DEFINE_SVC_UUID2(tlk_uuid, 48 0xc9e911bd, 0xba2b, 0xee52, 0xb1, 0x72, 49 0x46, 0x1f, 0xba, 0x97, 0x7f, 0x63); 50 51 static int32_t tlkd_init(void); 52 53 /******************************************************************************* 54 * Secure Payload Dispatcher's timer interrupt handler 55 ******************************************************************************/ 56 static uint64_t tlkd_interrupt_handler(uint32_t id, 57 uint32_t flags, 58 void *handle, 59 void *cookie) 60 { 61 cpu_context_t *s_cpu_context; 62 int irq = plat_ic_get_pending_interrupt_id(); 63 64 /* acknowledge the interrupt and mark it complete */ 65 (void)plat_ic_acknowledge_interrupt(); 66 plat_ic_end_of_interrupt(irq); 67 68 /* 69 * Disable the routing of NS interrupts from secure world to 70 * EL3 while interrupted on this core. 71 */ 72 disable_intr_rm_local(INTR_TYPE_S_EL1, SECURE); 73 74 /* Check the security state when the exception was generated */ 75 assert(get_interrupt_src_ss(flags) == NON_SECURE); 76 assert(handle == cm_get_context(NON_SECURE)); 77 78 /* Save non-secure state */ 79 cm_el1_sysregs_context_save(NON_SECURE); 80 81 /* Get a reference to the secure context */ 82 s_cpu_context = cm_get_context(SECURE); 83 assert(s_cpu_context); 84 85 /* 86 * Restore non-secure state. There is no need to save the 87 * secure system register context since the SP was supposed 88 * to preserve it during S-EL1 interrupt handling. 89 */ 90 cm_el1_sysregs_context_restore(SECURE); 91 cm_set_next_eret_context(SECURE); 92 93 /* Provide the IRQ number to the SPD */ 94 SMC_RET4(s_cpu_context, (uint32_t)TLK_IRQ_FIRED, 0, (uint32_t)irq, 0); 95 } 96 97 /******************************************************************************* 98 * Secure Payload Dispatcher setup. The SPD finds out the SP entrypoint and type 99 * (aarch32/aarch64) if not already known and initialises the context for entry 100 * into the SP for its initialisation. 101 ******************************************************************************/ 102 static int32_t tlkd_setup(void) 103 { 104 entry_point_info_t *tlk_ep_info; 105 uint32_t flags; 106 int32_t ret; 107 108 /* 109 * Get information about the Secure Payload (BL32) image. Its 110 * absence is a critical failure. 111 */ 112 tlk_ep_info = bl31_plat_get_next_image_ep_info(SECURE); 113 if (!tlk_ep_info) { 114 WARN("No SP provided. Booting device without SP" 115 " initialization. SMC`s destined for SP" 116 " will return SMC_UNK\n"); 117 return 1; 118 } 119 120 /* 121 * If there's no valid entry point for SP, we return a non-zero value 122 * signalling failure initializing the service. We bail out without 123 * registering any handlers 124 */ 125 if (!tlk_ep_info->pc) 126 return 1; 127 128 /* 129 * Inspect the SP image's SPSR and determine it's execution state 130 * i.e whether AArch32 or AArch64. 131 */ 132 tlkd_init_tlk_ep_state(tlk_ep_info, 133 (tlk_ep_info->spsr >> MODE_RW_SHIFT) & MODE_RW_MASK, 134 tlk_ep_info->pc, 135 &tlk_ctx); 136 137 /* get a list of all S-EL1 IRQs from the platform */ 138 139 /* register interrupt handler */ 140 flags = 0; 141 set_interrupt_rm_flag(flags, NON_SECURE); 142 ret = register_interrupt_type_handler(INTR_TYPE_S_EL1, 143 tlkd_interrupt_handler, 144 flags); 145 if (ret != 0) { 146 ERROR("failed to register tlkd interrupt handler (%d)\n", ret); 147 } 148 149 /* 150 * All TLK SPD initialization done. Now register our init function 151 * with BL31 for deferred invocation 152 */ 153 bl31_register_bl32_init(&tlkd_init); 154 155 return 0; 156 } 157 158 /******************************************************************************* 159 * This function passes control to the Secure Payload image (BL32) for the first 160 * time on the primary cpu after a cold boot. It assumes that a valid secure 161 * context has already been created by tlkd_setup() which can be directly 162 * used. This function performs a synchronous entry into the Secure payload. 163 * The SP passes control back to this routine through a SMC. 164 ******************************************************************************/ 165 static int32_t tlkd_init(void) 166 { 167 entry_point_info_t *tlk_entry_point; 168 169 /* 170 * Get information about the Secure Payload (BL32) image. Its 171 * absence is a critical failure. 172 */ 173 tlk_entry_point = bl31_plat_get_next_image_ep_info(SECURE); 174 assert(tlk_entry_point); 175 176 cm_init_my_context(tlk_entry_point); 177 178 /* 179 * TLK runs only on a single CPU. Store the value of the boot 180 * CPU for sanity checking later. 181 */ 182 boot_cpu = plat_my_core_pos(); 183 184 /* 185 * Arrange for an entry into the test secure payload. 186 */ 187 return tlkd_synchronous_sp_entry(&tlk_ctx); 188 } 189 190 /******************************************************************************* 191 * This function is responsible for handling all SMCs in the Trusted OS/App 192 * range from the non-secure state as defined in the SMC Calling Convention 193 * Document. It is also responsible for communicating with the Secure payload 194 * to delegate work and return results back to the non-secure state. Lastly it 195 * will also return any information that the secure payload needs to do the 196 * work assigned to it. 197 ******************************************************************************/ 198 static uintptr_t tlkd_smc_handler(uint32_t smc_fid, 199 u_register_t x1, 200 u_register_t x2, 201 u_register_t x3, 202 u_register_t x4, 203 void *cookie, 204 void *handle, 205 u_register_t flags) 206 { 207 cpu_context_t *ns_cpu_context; 208 gp_regs_t *gp_regs; 209 uint32_t ns; 210 uint64_t par; 211 212 /* Passing a NULL context is a critical programming error */ 213 assert(handle); 214 215 /* These SMCs are only supported by a single CPU */ 216 if (boot_cpu != plat_my_core_pos()) 217 SMC_RET1(handle, SMC_UNK); 218 219 /* Determine which security state this SMC originated from */ 220 ns = is_caller_non_secure(flags); 221 222 switch (smc_fid) { 223 224 /* 225 * This function ID is used by SP to indicate that it was 226 * preempted by a non-secure world IRQ. 227 */ 228 case TLK_PREEMPTED: 229 230 if (ns) 231 SMC_RET1(handle, SMC_UNK); 232 233 assert(handle == cm_get_context(SECURE)); 234 cm_el1_sysregs_context_save(SECURE); 235 236 /* Get a reference to the non-secure context */ 237 ns_cpu_context = cm_get_context(NON_SECURE); 238 assert(ns_cpu_context); 239 240 /* 241 * Restore non-secure state. There is no need to save the 242 * secure system register context since the SP was supposed 243 * to preserve it during S-EL1 interrupt handling. 244 */ 245 cm_el1_sysregs_context_restore(NON_SECURE); 246 cm_set_next_eret_context(NON_SECURE); 247 248 SMC_RET1(ns_cpu_context, x1); 249 250 /* 251 * This is a request from the non-secure context to: 252 * 253 * a. register shared memory with the SP for storing it's 254 * activity logs. 255 * b. register shared memory with the SP for passing args 256 * required for maintaining sessions with the Trusted 257 * Applications. 258 * c. register shared persistent buffers for secure storage 259 * d. register NS DRAM ranges passed by Cboot 260 * e. register Root of Trust parameters from Cboot for Verified Boot 261 * f. open/close sessions 262 * g. issue commands to the Trusted Apps 263 * h. resume the preempted yielding SMC call. 264 */ 265 case TLK_REGISTER_LOGBUF: 266 case TLK_REGISTER_REQBUF: 267 case TLK_SS_REGISTER_HANDLER: 268 case TLK_REGISTER_NS_DRAM_RANGES: 269 case TLK_SET_ROOT_OF_TRUST: 270 case TLK_OPEN_TA_SESSION: 271 case TLK_CLOSE_TA_SESSION: 272 case TLK_TA_LAUNCH_OP: 273 case TLK_TA_SEND_EVENT: 274 case TLK_RESUME_FID: 275 276 if (!ns) 277 SMC_RET1(handle, SMC_UNK); 278 279 /* 280 * This is a fresh request from the non-secure client. 281 * The parameters are in x1 and x2. Figure out which 282 * registers need to be preserved, save the non-secure 283 * state and send the request to the secure payload. 284 */ 285 assert(handle == cm_get_context(NON_SECURE)); 286 287 /* 288 * Check if we are already processing a yielding SMC 289 * call. Of all the supported fids, only the "resume" 290 * fid expects the flag to be set. 291 */ 292 if (smc_fid == TLK_RESUME_FID) { 293 if (!get_yield_smc_active_flag(tlk_ctx.state)) 294 SMC_RET1(handle, SMC_UNK); 295 } else { 296 if (get_yield_smc_active_flag(tlk_ctx.state)) 297 SMC_RET1(handle, SMC_UNK); 298 } 299 300 cm_el1_sysregs_context_save(NON_SECURE); 301 302 /* 303 * Verify if there is a valid context to use. 304 */ 305 assert(&tlk_ctx.cpu_ctx == cm_get_context(SECURE)); 306 307 /* 308 * Mark the SP state as active. 309 */ 310 set_yield_smc_active_flag(tlk_ctx.state); 311 312 /* 313 * We are done stashing the non-secure context. Ask the 314 * secure payload to do the work now. 315 */ 316 cm_el1_sysregs_context_restore(SECURE); 317 cm_set_next_eret_context(SECURE); 318 319 /* 320 * TLK is a 32-bit Trusted OS and so expects the SMC 321 * arguments via r0-r7. TLK expects the monitor frame 322 * registers to be 64-bits long. Hence, we pass x0 in 323 * r0-r1, x1 in r2-r3, x3 in r4-r5 and x4 in r6-r7. 324 * 325 * As smc_fid is a uint32 value, r1 contains 0. 326 */ 327 gp_regs = get_gpregs_ctx(&tlk_ctx.cpu_ctx); 328 write_ctx_reg(gp_regs, CTX_GPREG_X4, (uint32_t)x2); 329 write_ctx_reg(gp_regs, CTX_GPREG_X5, (uint32_t)(x2 >> 32)); 330 write_ctx_reg(gp_regs, CTX_GPREG_X6, (uint32_t)x3); 331 write_ctx_reg(gp_regs, CTX_GPREG_X7, (uint32_t)(x3 >> 32)); 332 SMC_RET4(&tlk_ctx.cpu_ctx, smc_fid, 0, (uint32_t)x1, 333 (uint32_t)(x1 >> 32)); 334 335 /* 336 * Translate NS/EL1-S virtual addresses. 337 * 338 * x1 = virtual address 339 * x3 = type (NS/S) 340 * 341 * Returns PA:lo in r0, PA:hi in r1. 342 */ 343 case TLK_VA_TRANSLATE: 344 345 /* Should be invoked only by secure world */ 346 if (ns) 347 SMC_RET1(handle, SMC_UNK); 348 349 /* NS virtual addresses are 64-bit long */ 350 if (x3 & TLK_TRANSLATE_NS_VADDR) 351 x1 = (uint32_t)x1 | (x2 << 32); 352 353 if (!x1) 354 SMC_RET1(handle, SMC_UNK); 355 356 /* 357 * TODO: Sanity check x1. This would require platform 358 * support. 359 */ 360 361 /* virtual address and type: ns/s */ 362 par = tlkd_va_translate(x1, x3); 363 364 /* return physical address in r0-r1 */ 365 SMC_RET4(handle, (uint32_t)par, (uint32_t)(par >> 32), 0, 0); 366 367 /* 368 * This is a request from the SP to mark completion of 369 * a yielding function ID. 370 */ 371 case TLK_REQUEST_DONE: 372 if (ns) 373 SMC_RET1(handle, SMC_UNK); 374 375 /* 376 * Mark the SP state as inactive. 377 */ 378 clr_yield_smc_active_flag(tlk_ctx.state); 379 380 /* Get a reference to the non-secure context */ 381 ns_cpu_context = cm_get_context(NON_SECURE); 382 assert(ns_cpu_context); 383 384 /* 385 * This is a request completion SMC and we must switch to 386 * the non-secure world to pass the result. 387 */ 388 cm_el1_sysregs_context_save(SECURE); 389 390 /* 391 * We are done stashing the secure context. Switch to the 392 * non-secure context and return the result. 393 */ 394 cm_el1_sysregs_context_restore(NON_SECURE); 395 cm_set_next_eret_context(NON_SECURE); 396 SMC_RET1(ns_cpu_context, x1); 397 398 /* 399 * This function ID is used only by the SP to indicate it has 400 * finished initialising itself after a cold boot 401 */ 402 case TLK_ENTRY_DONE: 403 if (ns) 404 SMC_RET1(handle, SMC_UNK); 405 406 /* 407 * SP has been successfully initialized. Register power 408 * management hooks with PSCI 409 */ 410 psci_register_spd_pm_hook(&tlkd_pm_ops); 411 412 /* 413 * TLK reports completion. The SPD must have initiated 414 * the original request through a synchronous entry 415 * into the SP. Jump back to the original C runtime 416 * context. 417 */ 418 tlkd_synchronous_sp_exit(&tlk_ctx, x1); 419 break; 420 421 /* 422 * These function IDs are used only by TLK to indicate it has 423 * finished: 424 * 1. suspending itself after an earlier psci cpu_suspend 425 * request. 426 * 2. resuming itself after an earlier psci cpu_suspend 427 * request. 428 * 3. powering down after an earlier psci system_off/system_reset 429 * request. 430 */ 431 case TLK_SUSPEND_DONE: 432 case TLK_RESUME_DONE: 433 434 if (ns) 435 SMC_RET1(handle, SMC_UNK); 436 437 /* 438 * TLK reports completion. TLKD must have initiated the 439 * original request through a synchronous entry into the SP. 440 * Jump back to the original C runtime context, and pass x1 as 441 * return value to the caller 442 */ 443 tlkd_synchronous_sp_exit(&tlk_ctx, x1); 444 break; 445 446 /* 447 * This function ID is used by SP to indicate that it has completed 448 * handling the secure interrupt. 449 */ 450 case TLK_IRQ_DONE: 451 452 if (ns) 453 SMC_RET1(handle, SMC_UNK); 454 455 assert(handle == cm_get_context(SECURE)); 456 457 /* save secure world context */ 458 cm_el1_sysregs_context_save(SECURE); 459 460 /* Get a reference to the non-secure context */ 461 ns_cpu_context = cm_get_context(NON_SECURE); 462 assert(ns_cpu_context); 463 464 /* 465 * Restore non-secure state. There is no need to save the 466 * secure system register context since the SP was supposed 467 * to preserve it during S-EL1 interrupt handling. 468 */ 469 cm_el1_sysregs_context_restore(NON_SECURE); 470 cm_set_next_eret_context(NON_SECURE); 471 472 SMC_RET0(ns_cpu_context); 473 474 /* 475 * Return the number of service function IDs implemented to 476 * provide service to non-secure 477 */ 478 case TOS_CALL_COUNT: 479 SMC_RET1(handle, TLK_NUM_FID); 480 481 /* 482 * Return TLK's UID to the caller 483 */ 484 case TOS_UID: 485 SMC_UUID_RET(handle, tlk_uuid); 486 487 /* 488 * Return the version of current implementation 489 */ 490 case TOS_CALL_VERSION: 491 SMC_RET2(handle, TLK_VERSION_MAJOR, TLK_VERSION_MINOR); 492 493 default: 494 WARN("%s: Unhandled SMC: 0x%x\n", __func__, smc_fid); 495 break; 496 } 497 498 SMC_RET1(handle, SMC_UNK); 499 } 500 501 /* Define a SPD runtime service descriptor for fast SMC calls */ 502 DECLARE_RT_SVC( 503 tlkd_tos_fast, 504 505 OEN_TOS_START, 506 OEN_TOS_END, 507 SMC_TYPE_FAST, 508 tlkd_setup, 509 tlkd_smc_handler 510 ); 511 512 /* Define a SPD runtime service descriptor for yielding SMC calls */ 513 DECLARE_RT_SVC( 514 tlkd_tos_std, 515 516 OEN_TOS_START, 517 OEN_TOS_END, 518 SMC_TYPE_YIELD, 519 NULL, 520 tlkd_smc_handler 521 ); 522 523 /* Define a SPD runtime service descriptor for fast SMC calls */ 524 DECLARE_RT_SVC( 525 tlkd_tap_fast, 526 527 OEN_TAP_START, 528 OEN_TAP_END, 529 SMC_TYPE_FAST, 530 NULL, 531 tlkd_smc_handler 532 ); 533 534 /* Define a SPD runtime service descriptor for yielding SMC calls */ 535 DECLARE_RT_SVC( 536 tlkd_tap_std, 537 538 OEN_TAP_START, 539 OEN_TAP_END, 540 SMC_TYPE_YIELD, 541 NULL, 542 tlkd_smc_handler 543 ); 544