1 /* 2 * Copyright (c) 2013-2016, ARM Limited and Contributors. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions are met: 6 * 7 * Redistributions of source code must retain the above copyright notice, this 8 * list of conditions and the following disclaimer. 9 * 10 * Redistributions in binary form must reproduce the above copyright notice, 11 * this list of conditions and the following disclaimer in the documentation 12 * and/or other materials provided with the distribution. 13 * 14 * Neither the name of ARM nor the names of its contributors may be used 15 * to endorse or promote products derived from this software without specific 16 * prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 19 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 22 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 23 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 24 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 25 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 26 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 27 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 28 * POSSIBILITY OF SUCH DAMAGE. 29 */ 30 31 32 /******************************************************************************* 33 * This is the Secure Payload Dispatcher (SPD). The dispatcher is meant to be a 34 * plug-in component to the Secure Monitor, registered as a runtime service. The 35 * SPD is expected to be a functional extension of the Secure Payload (SP) that 36 * executes in Secure EL1. The Secure Monitor will delegate all SMCs targeting 37 * the Trusted OS/Applications range to the dispatcher. The SPD will either 38 * handle the request locally or delegate it to the Secure Payload. It is also 39 * responsible for initialising and maintaining communication with the SP. 40 ******************************************************************************/ 41 #include <arch_helpers.h> 42 #include <assert.h> 43 #include <bl_common.h> 44 #include <bl31.h> 45 #include <context_mgmt.h> 46 #include <debug.h> 47 #include <errno.h> 48 #include <platform.h> 49 #include <runtime_svc.h> 50 #include <stddef.h> 51 #include <string.h> 52 #include <tsp.h> 53 #include <uuid.h> 54 #include "tspd_private.h" 55 56 /******************************************************************************* 57 * Address of the entrypoint vector table in the Secure Payload. It is 58 * initialised once on the primary core after a cold boot. 59 ******************************************************************************/ 60 tsp_vectors_t *tsp_vectors; 61 62 /******************************************************************************* 63 * Array to keep track of per-cpu Secure Payload state 64 ******************************************************************************/ 65 tsp_context_t tspd_sp_context[TSPD_CORE_COUNT]; 66 67 68 /* TSP UID */ 69 DEFINE_SVC_UUID(tsp_uuid, 70 0x5b3056a0, 0x3291, 0x427b, 0x98, 0x11, 71 0x71, 0x68, 0xca, 0x50, 0xf3, 0xfa); 72 73 int32_t tspd_init(void); 74 75 /* 76 * This helper function handles Secure EL1 preemption. The preemption could be 77 * due Non Secure interrupts or EL3 interrupts. In both the cases we context 78 * switch to the normal world and in case of EL3 interrupts, it will again be 79 * routed to EL3 which will get handled at the exception vectors. 80 */ 81 uint64_t tspd_handle_sp_preemption(void *handle) 82 { 83 cpu_context_t *ns_cpu_context; 84 85 assert(handle == cm_get_context(SECURE)); 86 cm_el1_sysregs_context_save(SECURE); 87 /* Get a reference to the non-secure context */ 88 ns_cpu_context = cm_get_context(NON_SECURE); 89 assert(ns_cpu_context); 90 91 /* 92 * To allow Secure EL1 interrupt handler to re-enter TSP while TSP 93 * is preempted, the secure system register context which will get 94 * overwritten must be additionally saved. This is currently done 95 * by the TSPD S-EL1 interrupt handler. 96 */ 97 98 /* 99 * Restore non-secure state. 100 */ 101 cm_el1_sysregs_context_restore(NON_SECURE); 102 cm_set_next_eret_context(NON_SECURE); 103 104 /* 105 * The TSP was preempted during STD SMC execution. 106 * Return back to the normal world with SMC_PREEMPTED as error 107 * code in x0. 108 */ 109 SMC_RET1(ns_cpu_context, SMC_PREEMPTED); 110 } 111 112 /******************************************************************************* 113 * This function is the handler registered for S-EL1 interrupts by the TSPD. It 114 * validates the interrupt and upon success arranges entry into the TSP at 115 * 'tsp_sel1_intr_entry()' for handling the interrupt. 116 ******************************************************************************/ 117 static uint64_t tspd_sel1_interrupt_handler(uint32_t id, 118 uint32_t flags, 119 void *handle, 120 void *cookie) 121 { 122 uint32_t linear_id; 123 tsp_context_t *tsp_ctx; 124 125 /* Check the security state when the exception was generated */ 126 assert(get_interrupt_src_ss(flags) == NON_SECURE); 127 128 /* Sanity check the pointer to this cpu's context */ 129 assert(handle == cm_get_context(NON_SECURE)); 130 131 /* Save the non-secure context before entering the TSP */ 132 cm_el1_sysregs_context_save(NON_SECURE); 133 134 /* Get a reference to this cpu's TSP context */ 135 linear_id = plat_my_core_pos(); 136 tsp_ctx = &tspd_sp_context[linear_id]; 137 assert(&tsp_ctx->cpu_ctx == cm_get_context(SECURE)); 138 139 /* 140 * Determine if the TSP was previously preempted. Its last known 141 * context has to be preserved in this case. 142 * The TSP should return control to the TSPD after handling this 143 * S-EL1 interrupt. Preserve essential EL3 context to allow entry into 144 * the TSP at the S-EL1 interrupt entry point using the 'cpu_context' 145 * structure. There is no need to save the secure system register 146 * context since the TSP is supposed to preserve it during S-EL1 147 * interrupt handling. 148 */ 149 if (get_std_smc_active_flag(tsp_ctx->state)) { 150 tsp_ctx->saved_spsr_el3 = SMC_GET_EL3(&tsp_ctx->cpu_ctx, 151 CTX_SPSR_EL3); 152 tsp_ctx->saved_elr_el3 = SMC_GET_EL3(&tsp_ctx->cpu_ctx, 153 CTX_ELR_EL3); 154 #if TSP_NS_INTR_ASYNC_PREEMPT 155 /*Need to save the previously interrupted secure context */ 156 memcpy(&tsp_ctx->sp_ctx, &tsp_ctx->cpu_ctx, TSPD_SP_CTX_SIZE); 157 #endif 158 } 159 160 cm_el1_sysregs_context_restore(SECURE); 161 cm_set_elr_spsr_el3(SECURE, (uint64_t) &tsp_vectors->sel1_intr_entry, 162 SPSR_64(MODE_EL1, MODE_SP_ELX, DISABLE_ALL_EXCEPTIONS)); 163 164 cm_set_next_eret_context(SECURE); 165 166 /* 167 * Tell the TSP that it has to handle a S-EL1 interrupt synchronously. 168 * Also the instruction in normal world where the interrupt was 169 * generated is passed for debugging purposes. It is safe to retrieve 170 * this address from ELR_EL3 as the secure context will not take effect 171 * until el3_exit(). 172 */ 173 SMC_RET2(&tsp_ctx->cpu_ctx, TSP_HANDLE_SEL1_INTR_AND_RETURN, read_elr_el3()); 174 } 175 176 #if TSP_NS_INTR_ASYNC_PREEMPT 177 /******************************************************************************* 178 * This function is the handler registered for Non secure interrupts by the 179 * TSPD. It validates the interrupt and upon success arranges entry into the 180 * normal world for handling the interrupt. 181 ******************************************************************************/ 182 static uint64_t tspd_ns_interrupt_handler(uint32_t id, 183 uint32_t flags, 184 void *handle, 185 void *cookie) 186 { 187 /* Check the security state when the exception was generated */ 188 assert(get_interrupt_src_ss(flags) == SECURE); 189 190 /* 191 * Disable the routing of NS interrupts from secure world to EL3 while 192 * interrupted on this core. 193 */ 194 disable_intr_rm_local(INTR_TYPE_NS, SECURE); 195 196 return tspd_handle_sp_preemption(handle); 197 } 198 #endif 199 200 /******************************************************************************* 201 * Secure Payload Dispatcher setup. The SPD finds out the SP entrypoint and type 202 * (aarch32/aarch64) if not already known and initialises the context for entry 203 * into the SP for its initialisation. 204 ******************************************************************************/ 205 int32_t tspd_setup(void) 206 { 207 entry_point_info_t *tsp_ep_info; 208 uint32_t linear_id; 209 210 linear_id = plat_my_core_pos(); 211 212 /* 213 * Get information about the Secure Payload (BL32) image. Its 214 * absence is a critical failure. TODO: Add support to 215 * conditionally include the SPD service 216 */ 217 tsp_ep_info = bl31_plat_get_next_image_ep_info(SECURE); 218 if (!tsp_ep_info) { 219 WARN("No TSP provided by BL2 boot loader, Booting device" 220 " without TSP initialization. SMC`s destined for TSP" 221 " will return SMC_UNK\n"); 222 return 1; 223 } 224 225 /* 226 * If there's no valid entry point for SP, we return a non-zero value 227 * signalling failure initializing the service. We bail out without 228 * registering any handlers 229 */ 230 if (!tsp_ep_info->pc) 231 return 1; 232 233 /* 234 * We could inspect the SP image and determine its execution 235 * state i.e whether AArch32 or AArch64. Assuming it's AArch64 236 * for the time being. 237 */ 238 tspd_init_tsp_ep_state(tsp_ep_info, 239 TSP_AARCH64, 240 tsp_ep_info->pc, 241 &tspd_sp_context[linear_id]); 242 243 #if TSP_INIT_ASYNC 244 bl31_set_next_image_type(SECURE); 245 #else 246 /* 247 * All TSPD initialization done. Now register our init function with 248 * BL31 for deferred invocation 249 */ 250 bl31_register_bl32_init(&tspd_init); 251 #endif 252 return 0; 253 } 254 255 /******************************************************************************* 256 * This function passes control to the Secure Payload image (BL32) for the first 257 * time on the primary cpu after a cold boot. It assumes that a valid secure 258 * context has already been created by tspd_setup() which can be directly used. 259 * It also assumes that a valid non-secure context has been initialised by PSCI 260 * so it does not need to save and restore any non-secure state. This function 261 * performs a synchronous entry into the Secure payload. The SP passes control 262 * back to this routine through a SMC. 263 ******************************************************************************/ 264 int32_t tspd_init(void) 265 { 266 uint32_t linear_id = plat_my_core_pos(); 267 tsp_context_t *tsp_ctx = &tspd_sp_context[linear_id]; 268 entry_point_info_t *tsp_entry_point; 269 uint64_t rc; 270 271 /* 272 * Get information about the Secure Payload (BL32) image. Its 273 * absence is a critical failure. 274 */ 275 tsp_entry_point = bl31_plat_get_next_image_ep_info(SECURE); 276 assert(tsp_entry_point); 277 278 cm_init_my_context(tsp_entry_point); 279 280 /* 281 * Arrange for an entry into the test secure payload. It will be 282 * returned via TSP_ENTRY_DONE case 283 */ 284 rc = tspd_synchronous_sp_entry(tsp_ctx); 285 assert(rc != 0); 286 287 return rc; 288 } 289 290 291 /******************************************************************************* 292 * This function is responsible for handling all SMCs in the Trusted OS/App 293 * range from the non-secure state as defined in the SMC Calling Convention 294 * Document. It is also responsible for communicating with the Secure payload 295 * to delegate work and return results back to the non-secure state. Lastly it 296 * will also return any information that the secure payload needs to do the 297 * work assigned to it. 298 ******************************************************************************/ 299 uint64_t tspd_smc_handler(uint32_t smc_fid, 300 uint64_t x1, 301 uint64_t x2, 302 uint64_t x3, 303 uint64_t x4, 304 void *cookie, 305 void *handle, 306 uint64_t flags) 307 { 308 cpu_context_t *ns_cpu_context; 309 uint32_t linear_id = plat_my_core_pos(), ns; 310 tsp_context_t *tsp_ctx = &tspd_sp_context[linear_id]; 311 uint64_t rc; 312 #if TSP_INIT_ASYNC 313 entry_point_info_t *next_image_info; 314 #endif 315 316 /* Determine which security state this SMC originated from */ 317 ns = is_caller_non_secure(flags); 318 319 switch (smc_fid) { 320 321 /* 322 * This function ID is used by TSP to indicate that it was 323 * preempted by a normal world IRQ. 324 * 325 */ 326 case TSP_PREEMPTED: 327 if (ns) 328 SMC_RET1(handle, SMC_UNK); 329 330 return tspd_handle_sp_preemption(handle); 331 332 /* 333 * This function ID is used only by the TSP to indicate that it has 334 * finished handling a S-EL1 interrupt or was preempted by a higher 335 * priority pending EL3 interrupt. Execution should resume 336 * in the normal world. 337 */ 338 case TSP_HANDLED_S_EL1_INTR: 339 if (ns) 340 SMC_RET1(handle, SMC_UNK); 341 342 assert(handle == cm_get_context(SECURE)); 343 344 /* 345 * Restore the relevant EL3 state which saved to service 346 * this SMC. 347 */ 348 if (get_std_smc_active_flag(tsp_ctx->state)) { 349 SMC_SET_EL3(&tsp_ctx->cpu_ctx, 350 CTX_SPSR_EL3, 351 tsp_ctx->saved_spsr_el3); 352 SMC_SET_EL3(&tsp_ctx->cpu_ctx, 353 CTX_ELR_EL3, 354 tsp_ctx->saved_elr_el3); 355 #if TSP_NS_INTR_ASYNC_PREEMPT 356 /* 357 * Need to restore the previously interrupted 358 * secure context. 359 */ 360 memcpy(&tsp_ctx->cpu_ctx, &tsp_ctx->sp_ctx, 361 TSPD_SP_CTX_SIZE); 362 #endif 363 } 364 365 /* Get a reference to the non-secure context */ 366 ns_cpu_context = cm_get_context(NON_SECURE); 367 assert(ns_cpu_context); 368 369 /* 370 * Restore non-secure state. There is no need to save the 371 * secure system register context since the TSP was supposed 372 * to preserve it during S-EL1 interrupt handling. 373 */ 374 cm_el1_sysregs_context_restore(NON_SECURE); 375 cm_set_next_eret_context(NON_SECURE); 376 377 SMC_RET0((uint64_t) ns_cpu_context); 378 379 /* 380 * This function ID is used only by the SP to indicate it has 381 * finished initialising itself after a cold boot 382 */ 383 case TSP_ENTRY_DONE: 384 if (ns) 385 SMC_RET1(handle, SMC_UNK); 386 387 /* 388 * Stash the SP entry points information. This is done 389 * only once on the primary cpu 390 */ 391 assert(tsp_vectors == NULL); 392 tsp_vectors = (tsp_vectors_t *) x1; 393 394 if (tsp_vectors) { 395 set_tsp_pstate(tsp_ctx->state, TSP_PSTATE_ON); 396 397 /* 398 * TSP has been successfully initialized. Register power 399 * managemnt hooks with PSCI 400 */ 401 psci_register_spd_pm_hook(&tspd_pm); 402 403 /* 404 * Register an interrupt handler for S-EL1 interrupts 405 * when generated during code executing in the 406 * non-secure state. 407 */ 408 flags = 0; 409 set_interrupt_rm_flag(flags, NON_SECURE); 410 rc = register_interrupt_type_handler(INTR_TYPE_S_EL1, 411 tspd_sel1_interrupt_handler, 412 flags); 413 if (rc) 414 panic(); 415 416 #if TSP_NS_INTR_ASYNC_PREEMPT 417 /* 418 * Register an interrupt handler for NS interrupts when 419 * generated during code executing in secure state are 420 * routed to EL3. 421 */ 422 flags = 0; 423 set_interrupt_rm_flag(flags, SECURE); 424 425 rc = register_interrupt_type_handler(INTR_TYPE_NS, 426 tspd_ns_interrupt_handler, 427 flags); 428 if (rc) 429 panic(); 430 431 /* 432 * Disable the NS interrupt locally. 433 */ 434 disable_intr_rm_local(INTR_TYPE_NS, SECURE); 435 #endif 436 } 437 438 439 #if TSP_INIT_ASYNC 440 /* Save the Secure EL1 system register context */ 441 assert(cm_get_context(SECURE) == &tsp_ctx->cpu_ctx); 442 cm_el1_sysregs_context_save(SECURE); 443 444 /* Program EL3 registers to enable entry into the next EL */ 445 next_image_info = bl31_plat_get_next_image_ep_info(NON_SECURE); 446 assert(next_image_info); 447 assert(NON_SECURE == 448 GET_SECURITY_STATE(next_image_info->h.attr)); 449 450 cm_init_my_context(next_image_info); 451 cm_prepare_el3_exit(NON_SECURE); 452 SMC_RET0(cm_get_context(NON_SECURE)); 453 #else 454 /* 455 * SP reports completion. The SPD must have initiated 456 * the original request through a synchronous entry 457 * into the SP. Jump back to the original C runtime 458 * context. 459 */ 460 tspd_synchronous_sp_exit(tsp_ctx, x1); 461 #endif 462 /* 463 * This function ID is used only by the SP to indicate it has finished 464 * aborting a preempted Standard SMC request. 465 */ 466 case TSP_ABORT_DONE: 467 468 /* 469 * These function IDs are used only by the SP to indicate it has 470 * finished: 471 * 1. turning itself on in response to an earlier psci 472 * cpu_on request 473 * 2. resuming itself after an earlier psci cpu_suspend 474 * request. 475 */ 476 case TSP_ON_DONE: 477 case TSP_RESUME_DONE: 478 479 /* 480 * These function IDs are used only by the SP to indicate it has 481 * finished: 482 * 1. suspending itself after an earlier psci cpu_suspend 483 * request. 484 * 2. turning itself off in response to an earlier psci 485 * cpu_off request. 486 */ 487 case TSP_OFF_DONE: 488 case TSP_SUSPEND_DONE: 489 case TSP_SYSTEM_OFF_DONE: 490 case TSP_SYSTEM_RESET_DONE: 491 if (ns) 492 SMC_RET1(handle, SMC_UNK); 493 494 /* 495 * SP reports completion. The SPD must have initiated the 496 * original request through a synchronous entry into the SP. 497 * Jump back to the original C runtime context, and pass x1 as 498 * return value to the caller 499 */ 500 tspd_synchronous_sp_exit(tsp_ctx, x1); 501 502 /* 503 * Request from non-secure client to perform an 504 * arithmetic operation or response from secure 505 * payload to an earlier request. 506 */ 507 case TSP_FAST_FID(TSP_ADD): 508 case TSP_FAST_FID(TSP_SUB): 509 case TSP_FAST_FID(TSP_MUL): 510 case TSP_FAST_FID(TSP_DIV): 511 512 case TSP_STD_FID(TSP_ADD): 513 case TSP_STD_FID(TSP_SUB): 514 case TSP_STD_FID(TSP_MUL): 515 case TSP_STD_FID(TSP_DIV): 516 if (ns) { 517 /* 518 * This is a fresh request from the non-secure client. 519 * The parameters are in x1 and x2. Figure out which 520 * registers need to be preserved, save the non-secure 521 * state and send the request to the secure payload. 522 */ 523 assert(handle == cm_get_context(NON_SECURE)); 524 525 /* Check if we are already preempted */ 526 if (get_std_smc_active_flag(tsp_ctx->state)) 527 SMC_RET1(handle, SMC_UNK); 528 529 cm_el1_sysregs_context_save(NON_SECURE); 530 531 /* Save x1 and x2 for use by TSP_GET_ARGS call below */ 532 store_tsp_args(tsp_ctx, x1, x2); 533 534 /* 535 * We are done stashing the non-secure context. Ask the 536 * secure payload to do the work now. 537 */ 538 539 /* 540 * Verify if there is a valid context to use, copy the 541 * operation type and parameters to the secure context 542 * and jump to the fast smc entry point in the secure 543 * payload. Entry into S-EL1 will take place upon exit 544 * from this function. 545 */ 546 assert(&tsp_ctx->cpu_ctx == cm_get_context(SECURE)); 547 548 /* Set appropriate entry for SMC. 549 * We expect the TSP to manage the PSTATE.I and PSTATE.F 550 * flags as appropriate. 551 */ 552 if (GET_SMC_TYPE(smc_fid) == SMC_TYPE_FAST) { 553 cm_set_elr_el3(SECURE, (uint64_t) 554 &tsp_vectors->fast_smc_entry); 555 } else { 556 set_std_smc_active_flag(tsp_ctx->state); 557 cm_set_elr_el3(SECURE, (uint64_t) 558 &tsp_vectors->std_smc_entry); 559 #if TSP_NS_INTR_ASYNC_PREEMPT 560 /* 561 * Enable the routing of NS interrupts to EL3 562 * during STD SMC processing on this core. 563 */ 564 enable_intr_rm_local(INTR_TYPE_NS, SECURE); 565 #endif 566 } 567 568 cm_el1_sysregs_context_restore(SECURE); 569 cm_set_next_eret_context(SECURE); 570 SMC_RET3(&tsp_ctx->cpu_ctx, smc_fid, x1, x2); 571 } else { 572 /* 573 * This is the result from the secure client of an 574 * earlier request. The results are in x1-x3. Copy it 575 * into the non-secure context, save the secure state 576 * and return to the non-secure state. 577 */ 578 assert(handle == cm_get_context(SECURE)); 579 cm_el1_sysregs_context_save(SECURE); 580 581 /* Get a reference to the non-secure context */ 582 ns_cpu_context = cm_get_context(NON_SECURE); 583 assert(ns_cpu_context); 584 585 /* Restore non-secure state */ 586 cm_el1_sysregs_context_restore(NON_SECURE); 587 cm_set_next_eret_context(NON_SECURE); 588 if (GET_SMC_TYPE(smc_fid) == SMC_TYPE_STD) { 589 clr_std_smc_active_flag(tsp_ctx->state); 590 #if TSP_NS_INTR_ASYNC_PREEMPT 591 /* 592 * Disable the routing of NS interrupts to EL3 593 * after STD SMC processing is finished on this 594 * core. 595 */ 596 disable_intr_rm_local(INTR_TYPE_NS, SECURE); 597 #endif 598 } 599 600 SMC_RET3(ns_cpu_context, x1, x2, x3); 601 } 602 603 break; 604 /* 605 * Request from the non-secure world to abort a preempted Standard SMC 606 * call. 607 */ 608 case TSP_FID_ABORT: 609 /* ABORT should only be invoked by normal world */ 610 if (!ns) { 611 assert(0); 612 break; 613 } 614 615 assert(handle == cm_get_context(NON_SECURE)); 616 cm_el1_sysregs_context_save(NON_SECURE); 617 618 /* Abort the preempted SMC request */ 619 if (!tspd_abort_preempted_smc(tsp_ctx)) { 620 /* 621 * If there was no preempted SMC to abort, return 622 * SMC_UNK. 623 * 624 * Restoring the NON_SECURE context is not necessary as 625 * the synchronous entry did not take place if the 626 * return code of tspd_abort_preempted_smc is zero. 627 */ 628 cm_set_next_eret_context(NON_SECURE); 629 break; 630 } 631 632 cm_el1_sysregs_context_restore(NON_SECURE); 633 cm_set_next_eret_context(NON_SECURE); 634 SMC_RET0(handle); 635 636 /* 637 * Request from non secure world to resume the preempted 638 * Standard SMC call. 639 */ 640 case TSP_FID_RESUME: 641 /* RESUME should be invoked only by normal world */ 642 if (!ns) { 643 assert(0); 644 break; 645 } 646 647 /* 648 * This is a resume request from the non-secure client. 649 * save the non-secure state and send the request to 650 * the secure payload. 651 */ 652 assert(handle == cm_get_context(NON_SECURE)); 653 654 /* Check if we are already preempted before resume */ 655 if (!get_std_smc_active_flag(tsp_ctx->state)) 656 SMC_RET1(handle, SMC_UNK); 657 658 cm_el1_sysregs_context_save(NON_SECURE); 659 660 /* 661 * We are done stashing the non-secure context. Ask the 662 * secure payload to do the work now. 663 */ 664 #if TSP_NS_INTR_ASYNC_PREEMPT 665 /* 666 * Enable the routing of NS interrupts to EL3 during resumption 667 * of STD SMC call on this core. 668 */ 669 enable_intr_rm_local(INTR_TYPE_NS, SECURE); 670 #endif 671 672 673 674 /* We just need to return to the preempted point in 675 * TSP and the execution will resume as normal. 676 */ 677 cm_el1_sysregs_context_restore(SECURE); 678 cm_set_next_eret_context(SECURE); 679 SMC_RET0(&tsp_ctx->cpu_ctx); 680 681 /* 682 * This is a request from the secure payload for more arguments 683 * for an ongoing arithmetic operation requested by the 684 * non-secure world. Simply return the arguments from the non- 685 * secure client in the original call. 686 */ 687 case TSP_GET_ARGS: 688 if (ns) 689 SMC_RET1(handle, SMC_UNK); 690 691 get_tsp_args(tsp_ctx, x1, x2); 692 SMC_RET2(handle, x1, x2); 693 694 case TOS_CALL_COUNT: 695 /* 696 * Return the number of service function IDs implemented to 697 * provide service to non-secure 698 */ 699 SMC_RET1(handle, TSP_NUM_FID); 700 701 case TOS_UID: 702 /* Return TSP UID to the caller */ 703 SMC_UUID_RET(handle, tsp_uuid); 704 705 case TOS_CALL_VERSION: 706 /* Return the version of current implementation */ 707 SMC_RET2(handle, TSP_VERSION_MAJOR, TSP_VERSION_MINOR); 708 709 default: 710 break; 711 } 712 713 SMC_RET1(handle, SMC_UNK); 714 } 715 716 /* Define a SPD runtime service descriptor for fast SMC calls */ 717 DECLARE_RT_SVC( 718 tspd_fast, 719 720 OEN_TOS_START, 721 OEN_TOS_END, 722 SMC_TYPE_FAST, 723 tspd_setup, 724 tspd_smc_handler 725 ); 726 727 /* Define a SPD runtime service descriptor for standard SMC calls */ 728 DECLARE_RT_SVC( 729 tspd_std, 730 731 OEN_TOS_START, 732 OEN_TOS_END, 733 SMC_TYPE_STD, 734 NULL, 735 tspd_smc_handler 736 ); 737