1 /* 2 * Copyright (c) 2025, Arm Limited. All rights reserved. 3 * Copyright (c) 2025, NVIDIA Corporation. All rights reserved. 4 * 5 * SPDX-License-Identifier: BSD-3-Clause 6 */ 7 8 #include <errno.h> 9 #include <string.h> 10 11 #include <lib/spinlock.h> 12 #include <plat/common/platform.h> 13 #include <services/bl31_lfa.h> 14 #include <services/lfa_svc.h> 15 #include <services/rmmd_rmm_lfa.h> 16 #include <smccc_helpers.h> 17 18 static uint32_t lfa_component_count; 19 static plat_lfa_component_info_t *lfa_components; 20 static struct lfa_component_status current_activation; 21 static bool is_lfa_initialized; 22 23 /* 24 * Spinlock to serialize LFA operations (PRIME, ACTIVATE). 25 * This ensures that these calls from different CPUs are properly 26 * serialized and do not execute concurrently, while still allowing 27 * the same operation to be invoked from any CPU. 28 */ 29 static spinlock_t lfa_lock; 30 31 void lfa_reset_activation(void) 32 { 33 current_activation.component_id = LFA_INVALID_COMPONENT; 34 current_activation.prime_status = PRIME_NONE; 35 current_activation.cpu_rendezvous_required = false; 36 } 37 38 static int convert_to_lfa_error(int ret) 39 { 40 switch (ret) { 41 case 0: 42 return LFA_SUCCESS; 43 case -EAUTH: 44 return LFA_AUTH_ERROR; 45 case -ENOMEM: 46 return LFA_NO_MEMORY; 47 default: 48 return LFA_DEVICE_ERROR; 49 } 50 } 51 52 static bool lfa_initialize_components(void) 53 { 54 lfa_component_count = plat_lfa_get_components(&lfa_components); 55 56 if (lfa_component_count == 0U || lfa_components == NULL) { 57 /* unlikely to reach here */ 58 ERROR("Invalid LFA component setup: count = 0 or components are NULL"); 59 return false; 60 } 61 62 return true; 63 } 64 65 static uint64_t get_fw_activation_flags(uint32_t fw_seq_id) 66 { 67 const plat_lfa_component_info_t *comp = 68 &lfa_components[fw_seq_id]; 69 uint64_t flags = 0ULL; 70 71 flags |= ((comp->activator == NULL ? 0ULL : 1ULL) 72 << LFA_ACTIVATION_CAPABLE_SHIFT); 73 flags |= (uint64_t)(comp->activation_pending) 74 << LFA_ACTIVATION_PENDING_SHIFT; 75 76 if (comp->activator != NULL) { 77 flags |= ((comp->activator->may_reset_cpu ? 1ULL : 0ULL) 78 << LFA_MAY_RESET_CPU_SHIFT); 79 flags |= ((comp->activator->cpu_rendezvous_required ? 0ULL : 1ULL) 80 << LFA_CPU_RENDEZVOUS_OPTIONAL_SHIFT); 81 } 82 83 return flags; 84 } 85 86 static int lfa_cancel(uint32_t component_id) 87 { 88 int ret = LFA_SUCCESS; 89 90 if (lfa_component_count == 0U) { 91 return LFA_WRONG_STATE; 92 } 93 94 /* Check if component ID is in range. */ 95 if ((component_id >= lfa_component_count) || 96 (component_id != current_activation.component_id)) { 97 return LFA_INVALID_PARAMETERS; 98 } 99 100 ret = plat_lfa_cancel(component_id); 101 if (ret != LFA_SUCCESS) { 102 return LFA_BUSY; 103 } 104 105 /* TODO: add proper termination prime and activate phases */ 106 lfa_reset_activation(); 107 108 return ret; 109 } 110 111 static int lfa_activate(uint32_t component_id, uint64_t flags, 112 uint64_t ep_address, uint64_t context_id) 113 { 114 int ret = LFA_ACTIVATION_FAILED; 115 struct lfa_component_ops *activator; 116 117 if ((lfa_component_count == 0U) || 118 (!lfa_components[component_id].activation_pending) || 119 (current_activation.prime_status != PRIME_COMPLETE)) { 120 return LFA_COMPONENT_WRONG_STATE; 121 } 122 123 /* Check if fw_seq_id is in range. */ 124 if ((component_id >= lfa_component_count) || 125 (current_activation.component_id != component_id)) { 126 return LFA_INVALID_PARAMETERS; 127 } 128 129 if (lfa_components[component_id].activator == NULL) { 130 return LFA_NOT_SUPPORTED; 131 } 132 133 ret = plat_lfa_notify_activate(component_id); 134 if (ret != 0) { 135 return LFA_ACTIVATION_FAILED; 136 } 137 138 activator = lfa_components[component_id].activator; 139 if (activator->activate != NULL) { 140 /* 141 * Pass skip_cpu_rendezvous (flag[0]) only if flag[0]==1 142 * & CPU_RENDEZVOUS is not required. 143 */ 144 if (flags & LFA_SKIP_CPU_RENDEZVOUS_BIT) { 145 if (!activator->cpu_rendezvous_required) { 146 INFO("Skipping rendezvous requested by caller.\n"); 147 current_activation.cpu_rendezvous_required = false; 148 } 149 /* 150 * Return error if caller tries to skip rendezvous when 151 * it is required. 152 */ 153 else { 154 ERROR("CPU Rendezvous is required, can't skip.\n"); 155 return LFA_INVALID_PARAMETERS; 156 } 157 } 158 159 ret = activator->activate(¤t_activation, ep_address, 160 context_id); 161 } 162 163 lfa_components[component_id].activation_pending = false; 164 165 return ret; 166 } 167 168 static int lfa_prime(uint32_t component_id, uint64_t *flags) 169 { 170 int ret = LFA_SUCCESS; 171 struct lfa_component_ops *activator; 172 173 if (lfa_component_count == 0U || 174 !lfa_components[component_id].activation_pending) { 175 return LFA_WRONG_STATE; 176 } 177 178 /* Check if fw_seq_id is in range. */ 179 if (component_id >= lfa_component_count) { 180 return LFA_INVALID_PARAMETERS; 181 } 182 183 if (lfa_components[component_id].activator == NULL) { 184 return LFA_NOT_SUPPORTED; 185 } 186 187 switch (current_activation.prime_status) { 188 case PRIME_NONE: 189 current_activation.component_id = component_id; 190 current_activation.prime_status = PRIME_STARTED; 191 break; 192 193 case PRIME_STARTED: 194 if (current_activation.component_id != component_id) { 195 /* Mismatched component trying to continue PRIME - error */ 196 return LFA_WRONG_STATE; 197 } 198 break; 199 200 case PRIME_COMPLETE: 201 default: 202 break; 203 } 204 205 ret = plat_lfa_load_auth_image(component_id); 206 if (ret != 0) { 207 return convert_to_lfa_error(ret); 208 } 209 210 activator = lfa_components[component_id].activator; 211 if (activator->prime != NULL) { 212 ret = activator->prime(¤t_activation); 213 if (ret != LFA_SUCCESS) { 214 /* 215 * TODO: it should be LFA_PRIME_FAILED but specification 216 * has not define this error yet 217 */ 218 return ret; 219 } 220 } 221 222 current_activation.prime_status = PRIME_COMPLETE; 223 224 /* TODO: split this into multiple PRIME calls */ 225 *flags = 0ULL; 226 227 return ret; 228 } 229 230 bool lfa_is_prime_complete(uint32_t lfa_component_id) 231 { 232 if (lfa_component_id >= lfa_component_count) { 233 return false; 234 } 235 236 return (current_activation.component_id == lfa_component_id && 237 current_activation.prime_status == PRIME_COMPLETE && 238 lfa_components[lfa_component_id].activation_pending == true); 239 } 240 241 int lfa_setup(void) 242 { 243 is_lfa_initialized = lfa_initialize_components(); 244 if (!is_lfa_initialized) { 245 return -1; 246 } 247 248 lfa_reset_activation(); 249 250 return 0; 251 } 252 253 uint64_t lfa_smc_handler(uint32_t smc_fid, u_register_t x1, u_register_t x2, 254 u_register_t x3, u_register_t x4, void *cookie, 255 void *handle, u_register_t flags) 256 { 257 uint64_t retx1, retx2; 258 uint64_t lfa_flags; 259 uint8_t *uuid_p; 260 uint32_t fw_seq_id = (uint32_t)x1; 261 int ret; 262 263 /** 264 * TODO: Acquire serialization lock. 265 */ 266 267 if (!is_lfa_initialized) { 268 return LFA_NOT_SUPPORTED; 269 } 270 271 switch (smc_fid) { 272 case LFA_VERSION: 273 SMC_RET1(handle, LFA_VERSION_VAL); 274 break; 275 276 case LFA_FEATURES: 277 SMC_RET1(handle, is_lfa_fid(x1) ? LFA_SUCCESS : LFA_NOT_SUPPORTED); 278 break; 279 280 case LFA_GET_INFO: 281 /** 282 * The current specification limits this input parameter to be zero for 283 * version 1.0 of LFA 284 */ 285 if (x1 == 0ULL) { 286 SMC_RET3(handle, LFA_SUCCESS, lfa_component_count, 0); 287 } else { 288 SMC_RET1(handle, LFA_INVALID_PARAMETERS); 289 } 290 break; 291 292 case LFA_GET_INVENTORY: 293 if (lfa_component_count == 0U) { 294 SMC_RET1(handle, LFA_WRONG_STATE); 295 } 296 297 /* 298 * Check if fw_seq_id is in range. LFA_GET_INFO must be called first to scan 299 * platform firmware and create a valid number of firmware components. 300 */ 301 if (fw_seq_id >= lfa_component_count) { 302 SMC_RET1(handle, LFA_INVALID_PARAMETERS); 303 } 304 305 /* 306 * grab the UUID of asked fw_seq_id and set the return UUID 307 * variables 308 */ 309 uuid_p = (uint8_t *)&lfa_components[fw_seq_id].uuid; 310 memcpy(&retx1, uuid_p, sizeof(uint64_t)); 311 memcpy(&retx2, uuid_p + sizeof(uint64_t), sizeof(uint64_t)); 312 313 /* 314 * check the given fw_seq_id's update available 315 * and accordingly set the active_pending flag 316 */ 317 lfa_components[fw_seq_id].activation_pending = 318 is_plat_lfa_activation_pending(fw_seq_id); 319 320 INFO("Component %lu %s live activation:\n", x1, 321 lfa_components[fw_seq_id].activator ? "supports" : 322 "does not support"); 323 324 if (lfa_components[fw_seq_id].activator != NULL) { 325 INFO("Activation pending: %s\n", 326 lfa_components[fw_seq_id].activation_pending ? "true" : "false"); 327 } 328 329 INFO("x1 = 0x%016lx, x2 = 0x%016lx\n", retx1, retx2); 330 331 SMC_RET4(handle, LFA_SUCCESS, retx1, retx2, get_fw_activation_flags(fw_seq_id)); 332 333 break; 334 335 case LFA_PRIME: 336 /* 337 * Acquire lock to serialize PRIME operations across CPUs. 338 * This ensures that multiple PRIME calls to the same component 339 * do not execute concurrently, even if issued from different 340 * CPUs. 341 */ 342 if (!spin_trylock(&lfa_lock)) { 343 SMC_RET1(handle, LFA_BUSY); 344 } 345 346 ret = lfa_prime(x1, &lfa_flags); 347 348 spin_unlock(&lfa_lock); 349 350 if (ret != LFA_SUCCESS) { 351 SMC_RET1(handle, ret); 352 } else { 353 SMC_RET2(handle, ret, lfa_flags); 354 } 355 break; 356 357 case LFA_ACTIVATE: 358 ret = lfa_activate(fw_seq_id, x2, x3, x4); 359 /* TODO: implement activate again */ 360 SMC_RET2(handle, ret, 0ULL); 361 362 break; 363 364 case LFA_CANCEL: 365 ret = lfa_cancel(x1); 366 SMC_RET1(handle, ret); 367 break; 368 369 default: 370 WARN("Unimplemented LFA Service Call: 0x%x\n", smc_fid); 371 SMC_RET1(handle, SMC_UNK); 372 break; /* unreachable */ 373 374 } 375 376 SMC_RET1(handle, SMC_UNK); 377 378 return 0; 379 } 380