1e62748e3SManish V Badarkhe /* 2e62748e3SManish V Badarkhe * Copyright (c) 2022 Arm Limited. All rights reserved. 3e62748e3SManish V Badarkhe * 4e62748e3SManish V Badarkhe * SPDX-License-Identifier: BSD-3-Clause 5e62748e3SManish V Badarkhe * 6e62748e3SManish V Badarkhe * DRTM service 7e62748e3SManish V Badarkhe * 8e62748e3SManish V Badarkhe * Authors: 9e62748e3SManish V Badarkhe * Lucian Paul-Trifu <lucian.paultrifu@gmail.com> 10e62748e3SManish V Badarkhe * Brian Nezvadovitz <brinez@microsoft.com> 2021-02-01 11e62748e3SManish V Badarkhe */ 12e62748e3SManish V Badarkhe 13e62748e3SManish V Badarkhe #include <stdint.h> 14e62748e3SManish V Badarkhe 15d54792bdSManish V Badarkhe #include <arch.h> 16d54792bdSManish V Badarkhe #include <arch_helpers.h> 17*2a1cdee4Sjohpow01 #include <common/bl_common.h> 18e62748e3SManish V Badarkhe #include <common/debug.h> 19e62748e3SManish V Badarkhe #include <common/runtime_svc.h> 20d54792bdSManish V Badarkhe #include <drivers/auth/crypto_mod.h> 21e62748e3SManish V Badarkhe #include "drtm_main.h" 22*2a1cdee4Sjohpow01 #include <lib/xlat_tables/xlat_tables_v2.h> 23*2a1cdee4Sjohpow01 #include <plat/common/platform.h> 24e62748e3SManish V Badarkhe #include <services/drtm_svc.h> 25*2a1cdee4Sjohpow01 #include <platform_def.h> 26e62748e3SManish V Badarkhe 27*2a1cdee4Sjohpow01 /* Structure to store DRTM features specific to the platform. */ 28*2a1cdee4Sjohpow01 static drtm_features_t plat_drtm_features; 29*2a1cdee4Sjohpow01 30*2a1cdee4Sjohpow01 /* DRTM-formatted memory map. */ 31*2a1cdee4Sjohpow01 static drtm_memory_region_descriptor_table_t *plat_drtm_mem_map; 32d54792bdSManish V Badarkhe 33e62748e3SManish V Badarkhe int drtm_setup(void) 34e62748e3SManish V Badarkhe { 35d54792bdSManish V Badarkhe bool rc; 36*2a1cdee4Sjohpow01 const plat_drtm_tpm_features_t *plat_tpm_feat; 37*2a1cdee4Sjohpow01 const plat_drtm_dma_prot_features_t *plat_dma_prot_feat; 38*2a1cdee4Sjohpow01 uint64_t dlme_data_min_size; 39d54792bdSManish V Badarkhe 40e62748e3SManish V Badarkhe INFO("DRTM service setup\n"); 41e62748e3SManish V Badarkhe 42*2a1cdee4Sjohpow01 /* Read boot PE ID from MPIDR */ 43*2a1cdee4Sjohpow01 plat_drtm_features.boot_pe_id = read_mpidr_el1() & MPIDR_AFFINITY_MASK; 44d54792bdSManish V Badarkhe 45d54792bdSManish V Badarkhe rc = drtm_dma_prot_init(); 46d54792bdSManish V Badarkhe if (rc) { 47d54792bdSManish V Badarkhe return INTERNAL_ERROR; 48d54792bdSManish V Badarkhe } 49d54792bdSManish V Badarkhe 50d54792bdSManish V Badarkhe /* 51d54792bdSManish V Badarkhe * initialise the platform supported crypto module that will 52d54792bdSManish V Badarkhe * be used by the DRTM-service to calculate hash of DRTM- 53d54792bdSManish V Badarkhe * implementation specific components 54d54792bdSManish V Badarkhe */ 55d54792bdSManish V Badarkhe crypto_mod_init(); 56d54792bdSManish V Badarkhe 57*2a1cdee4Sjohpow01 /* Build DRTM-compatible address map. */ 58*2a1cdee4Sjohpow01 plat_drtm_mem_map = drtm_build_address_map(); 59*2a1cdee4Sjohpow01 if (plat_drtm_mem_map == NULL) { 60*2a1cdee4Sjohpow01 return INTERNAL_ERROR; 61*2a1cdee4Sjohpow01 } 62*2a1cdee4Sjohpow01 63*2a1cdee4Sjohpow01 /* Get DRTM features from platform hooks. */ 64*2a1cdee4Sjohpow01 plat_tpm_feat = plat_drtm_get_tpm_features(); 65*2a1cdee4Sjohpow01 if (plat_tpm_feat == NULL) { 66*2a1cdee4Sjohpow01 return INTERNAL_ERROR; 67*2a1cdee4Sjohpow01 } 68*2a1cdee4Sjohpow01 69*2a1cdee4Sjohpow01 plat_dma_prot_feat = plat_drtm_get_dma_prot_features(); 70*2a1cdee4Sjohpow01 if (plat_dma_prot_feat == NULL) { 71*2a1cdee4Sjohpow01 return INTERNAL_ERROR; 72*2a1cdee4Sjohpow01 } 73*2a1cdee4Sjohpow01 74*2a1cdee4Sjohpow01 /* 75*2a1cdee4Sjohpow01 * Add up minimum DLME data memory. 76*2a1cdee4Sjohpow01 * 77*2a1cdee4Sjohpow01 * For systems with complete DMA protection there is only one entry in 78*2a1cdee4Sjohpow01 * the protected regions table. 79*2a1cdee4Sjohpow01 */ 80*2a1cdee4Sjohpow01 if (plat_dma_prot_feat->dma_protection_support == 81*2a1cdee4Sjohpow01 ARM_DRTM_DMA_PROT_FEATURES_DMA_SUPPORT_COMPLETE) { 82*2a1cdee4Sjohpow01 dlme_data_min_size = 83*2a1cdee4Sjohpow01 sizeof(drtm_memory_region_descriptor_table_t) + 84*2a1cdee4Sjohpow01 sizeof(drtm_mem_region_t); 85*2a1cdee4Sjohpow01 } else { 86*2a1cdee4Sjohpow01 /* 87*2a1cdee4Sjohpow01 * TODO set protected regions table size based on platform DMA 88*2a1cdee4Sjohpow01 * protection configuration 89*2a1cdee4Sjohpow01 */ 90*2a1cdee4Sjohpow01 panic(); 91*2a1cdee4Sjohpow01 } 92*2a1cdee4Sjohpow01 93*2a1cdee4Sjohpow01 dlme_data_min_size += (drtm_get_address_map_size() + 94*2a1cdee4Sjohpow01 PLAT_DRTM_EVENT_LOG_MAX_SIZE + 95*2a1cdee4Sjohpow01 plat_drtm_get_tcb_hash_table_size() + 96*2a1cdee4Sjohpow01 plat_drtm_get_imp_def_dlme_region_size()); 97*2a1cdee4Sjohpow01 98*2a1cdee4Sjohpow01 dlme_data_min_size = page_align(dlme_data_min_size, UP)/PAGE_SIZE; 99*2a1cdee4Sjohpow01 100*2a1cdee4Sjohpow01 /* Fill out platform DRTM features structure */ 101*2a1cdee4Sjohpow01 /* Only support default PCR schema (0x1) in this implementation. */ 102*2a1cdee4Sjohpow01 ARM_DRTM_TPM_FEATURES_SET_PCR_SCHEMA(plat_drtm_features.tpm_features, 103*2a1cdee4Sjohpow01 ARM_DRTM_TPM_FEATURES_PCR_SCHEMA_DEFAULT); 104*2a1cdee4Sjohpow01 ARM_DRTM_TPM_FEATURES_SET_TPM_HASH(plat_drtm_features.tpm_features, 105*2a1cdee4Sjohpow01 plat_tpm_feat->tpm_based_hash_support); 106*2a1cdee4Sjohpow01 ARM_DRTM_TPM_FEATURES_SET_FW_HASH(plat_drtm_features.tpm_features, 107*2a1cdee4Sjohpow01 plat_tpm_feat->firmware_hash_algorithm); 108*2a1cdee4Sjohpow01 ARM_DRTM_MIN_MEM_REQ_SET_MIN_DLME_DATA_SIZE(plat_drtm_features.minimum_memory_requirement, 109*2a1cdee4Sjohpow01 dlme_data_min_size); 110*2a1cdee4Sjohpow01 ARM_DRTM_MIN_MEM_REQ_SET_DCE_SIZE(plat_drtm_features.minimum_memory_requirement, 111*2a1cdee4Sjohpow01 plat_drtm_get_min_size_normal_world_dce()); 112*2a1cdee4Sjohpow01 ARM_DRTM_DMA_PROT_FEATURES_SET_MAX_REGIONS(plat_drtm_features.dma_prot_features, 113*2a1cdee4Sjohpow01 plat_dma_prot_feat->max_num_mem_prot_regions); 114*2a1cdee4Sjohpow01 ARM_DRTM_DMA_PROT_FEATURES_SET_DMA_SUPPORT(plat_drtm_features.dma_prot_features, 115*2a1cdee4Sjohpow01 plat_dma_prot_feat->dma_protection_support); 116*2a1cdee4Sjohpow01 ARM_DRTM_TCB_HASH_FEATURES_SET_MAX_NUM_HASHES(plat_drtm_features.tcb_hash_features, 117*2a1cdee4Sjohpow01 plat_drtm_get_tcb_hash_features()); 118*2a1cdee4Sjohpow01 119e62748e3SManish V Badarkhe return 0; 120e62748e3SManish V Badarkhe } 121e62748e3SManish V Badarkhe 122e62748e3SManish V Badarkhe uint64_t drtm_smc_handler(uint32_t smc_fid, 123e62748e3SManish V Badarkhe uint64_t x1, 124e62748e3SManish V Badarkhe uint64_t x2, 125e62748e3SManish V Badarkhe uint64_t x3, 126e62748e3SManish V Badarkhe uint64_t x4, 127e62748e3SManish V Badarkhe void *cookie, 128e62748e3SManish V Badarkhe void *handle, 129e62748e3SManish V Badarkhe uint64_t flags) 130e62748e3SManish V Badarkhe { 131e62748e3SManish V Badarkhe /* Check that the SMC call is from the Normal World. */ 132e62748e3SManish V Badarkhe if (!is_caller_non_secure(flags)) { 133e62748e3SManish V Badarkhe SMC_RET1(handle, NOT_SUPPORTED); 134e62748e3SManish V Badarkhe } 135e62748e3SManish V Badarkhe 136e62748e3SManish V Badarkhe switch (smc_fid) { 137e62748e3SManish V Badarkhe case ARM_DRTM_SVC_VERSION: 138e62748e3SManish V Badarkhe INFO("DRTM service handler: version\n"); 139e62748e3SManish V Badarkhe /* Return the version of current implementation */ 140e62748e3SManish V Badarkhe SMC_RET1(handle, ARM_DRTM_VERSION); 141e62748e3SManish V Badarkhe break; /* not reached */ 142e62748e3SManish V Badarkhe 143e62748e3SManish V Badarkhe case ARM_DRTM_SVC_FEATURES: 144e62748e3SManish V Badarkhe if (((x1 >> ARM_DRTM_FUNC_SHIFT) & ARM_DRTM_FUNC_MASK) == 145e62748e3SManish V Badarkhe ARM_DRTM_FUNC_ID) { 146e62748e3SManish V Badarkhe /* Dispatch function-based queries. */ 147e62748e3SManish V Badarkhe switch (x1 & FUNCID_MASK) { 148e62748e3SManish V Badarkhe case ARM_DRTM_SVC_VERSION: 149e62748e3SManish V Badarkhe SMC_RET1(handle, SUCCESS); 150e62748e3SManish V Badarkhe break; /* not reached */ 151e62748e3SManish V Badarkhe 152e62748e3SManish V Badarkhe case ARM_DRTM_SVC_FEATURES: 153e62748e3SManish V Badarkhe SMC_RET1(handle, SUCCESS); 154e62748e3SManish V Badarkhe break; /* not reached */ 155e62748e3SManish V Badarkhe 156e62748e3SManish V Badarkhe case ARM_DRTM_SVC_UNPROTECT_MEM: 157e62748e3SManish V Badarkhe SMC_RET1(handle, SUCCESS); 158e62748e3SManish V Badarkhe break; /* not reached */ 159e62748e3SManish V Badarkhe 160e62748e3SManish V Badarkhe case ARM_DRTM_SVC_DYNAMIC_LAUNCH: 161e62748e3SManish V Badarkhe SMC_RET1(handle, SUCCESS); 162e62748e3SManish V Badarkhe break; /* not reached */ 163e62748e3SManish V Badarkhe 164e62748e3SManish V Badarkhe case ARM_DRTM_SVC_CLOSE_LOCALITY: 165e62748e3SManish V Badarkhe WARN("ARM_DRTM_SVC_CLOSE_LOCALITY feature %s", 166e62748e3SManish V Badarkhe "is not supported\n"); 167e62748e3SManish V Badarkhe SMC_RET1(handle, NOT_SUPPORTED); 168e62748e3SManish V Badarkhe break; /* not reached */ 169e62748e3SManish V Badarkhe 170e62748e3SManish V Badarkhe case ARM_DRTM_SVC_GET_ERROR: 171e62748e3SManish V Badarkhe SMC_RET1(handle, SUCCESS); 172e62748e3SManish V Badarkhe break; /* not reached */ 173e62748e3SManish V Badarkhe 174e62748e3SManish V Badarkhe case ARM_DRTM_SVC_SET_ERROR: 175e62748e3SManish V Badarkhe SMC_RET1(handle, SUCCESS); 176e62748e3SManish V Badarkhe break; /* not reached */ 177e62748e3SManish V Badarkhe 178e62748e3SManish V Badarkhe case ARM_DRTM_SVC_SET_TCB_HASH: 179e62748e3SManish V Badarkhe WARN("ARM_DRTM_SVC_TCB_HASH feature %s", 180e62748e3SManish V Badarkhe "is not supported\n"); 181e62748e3SManish V Badarkhe SMC_RET1(handle, NOT_SUPPORTED); 182e62748e3SManish V Badarkhe break; /* not reached */ 183e62748e3SManish V Badarkhe 184e62748e3SManish V Badarkhe case ARM_DRTM_SVC_LOCK_TCB_HASH: 185e62748e3SManish V Badarkhe WARN("ARM_DRTM_SVC_LOCK_TCB_HASH feature %s", 186e62748e3SManish V Badarkhe "is not supported\n"); 187e62748e3SManish V Badarkhe SMC_RET1(handle, NOT_SUPPORTED); 188e62748e3SManish V Badarkhe break; /* not reached */ 189e62748e3SManish V Badarkhe 190e62748e3SManish V Badarkhe default: 191e62748e3SManish V Badarkhe ERROR("Unknown DRTM service function\n"); 192e62748e3SManish V Badarkhe SMC_RET1(handle, NOT_SUPPORTED); 193e62748e3SManish V Badarkhe break; /* not reached */ 194e62748e3SManish V Badarkhe } 195e62748e3SManish V Badarkhe } 196e62748e3SManish V Badarkhe 197e62748e3SManish V Badarkhe case ARM_DRTM_SVC_UNPROTECT_MEM: 198e62748e3SManish V Badarkhe INFO("DRTM service handler: unprotect mem\n"); 199e62748e3SManish V Badarkhe SMC_RET1(handle, SMC_OK); 200e62748e3SManish V Badarkhe break; /* not reached */ 201e62748e3SManish V Badarkhe 202e62748e3SManish V Badarkhe case ARM_DRTM_SVC_DYNAMIC_LAUNCH: 203e62748e3SManish V Badarkhe INFO("DRTM service handler: dynamic launch\n"); 204e62748e3SManish V Badarkhe SMC_RET1(handle, SMC_OK); 205e62748e3SManish V Badarkhe break; /* not reached */ 206e62748e3SManish V Badarkhe 207e62748e3SManish V Badarkhe case ARM_DRTM_SVC_CLOSE_LOCALITY: 208e62748e3SManish V Badarkhe WARN("DRTM service handler: close locality %s\n", 209e62748e3SManish V Badarkhe "is not supported"); 210e62748e3SManish V Badarkhe SMC_RET1(handle, NOT_SUPPORTED); 211e62748e3SManish V Badarkhe break; /* not reached */ 212e62748e3SManish V Badarkhe 213e62748e3SManish V Badarkhe case ARM_DRTM_SVC_GET_ERROR: 214e62748e3SManish V Badarkhe INFO("DRTM service handler: get error\n"); 215e62748e3SManish V Badarkhe SMC_RET2(handle, SMC_OK, 0); 216e62748e3SManish V Badarkhe break; /* not reached */ 217e62748e3SManish V Badarkhe 218e62748e3SManish V Badarkhe case ARM_DRTM_SVC_SET_ERROR: 219e62748e3SManish V Badarkhe INFO("DRTM service handler: set error\n"); 220e62748e3SManish V Badarkhe SMC_RET1(handle, SMC_OK); 221e62748e3SManish V Badarkhe break; /* not reached */ 222e62748e3SManish V Badarkhe 223e62748e3SManish V Badarkhe case ARM_DRTM_SVC_SET_TCB_HASH: 224e62748e3SManish V Badarkhe WARN("DRTM service handler: set TCB hash %s\n", 225e62748e3SManish V Badarkhe "is not supported"); 226e62748e3SManish V Badarkhe SMC_RET1(handle, NOT_SUPPORTED); 227e62748e3SManish V Badarkhe break; /* not reached */ 228e62748e3SManish V Badarkhe 229e62748e3SManish V Badarkhe case ARM_DRTM_SVC_LOCK_TCB_HASH: 230e62748e3SManish V Badarkhe WARN("DRTM service handler: lock TCB hash %s\n", 231e62748e3SManish V Badarkhe "is not supported"); 232e62748e3SManish V Badarkhe SMC_RET1(handle, NOT_SUPPORTED); 233e62748e3SManish V Badarkhe break; /* not reached */ 234e62748e3SManish V Badarkhe 235e62748e3SManish V Badarkhe default: 236e62748e3SManish V Badarkhe ERROR("Unknown DRTM service function: 0x%x\n", smc_fid); 237e62748e3SManish V Badarkhe SMC_RET1(handle, SMC_UNK); 238e62748e3SManish V Badarkhe break; /* not reached */ 239e62748e3SManish V Badarkhe } 240e62748e3SManish V Badarkhe 241e62748e3SManish V Badarkhe /* not reached */ 242e62748e3SManish V Badarkhe SMC_RET1(handle, SMC_UNK); 243e62748e3SManish V Badarkhe } 244