177c27753SZelalem Aweke /* 22b0bc4e0SJayanth Dodderi Chidanand * Copyright (c) 2021-2023, Arm Limited and Contributors. All rights reserved. 377c27753SZelalem Aweke * 477c27753SZelalem Aweke * SPDX-License-Identifier: BSD-3-Clause 577c27753SZelalem Aweke */ 677c27753SZelalem Aweke 777c27753SZelalem Aweke #include <assert.h> 877c27753SZelalem Aweke #include <errno.h> 92461bd3aSManish Pandey #include <inttypes.h> 102461bd3aSManish Pandey #include <stdint.h> 1177c27753SZelalem Aweke #include <string.h> 1277c27753SZelalem Aweke 1377c27753SZelalem Aweke #include <arch_helpers.h> 1477c27753SZelalem Aweke #include <arch_features.h> 1577c27753SZelalem Aweke #include <bl31/bl31.h> 1677c27753SZelalem Aweke #include <common/debug.h> 1777c27753SZelalem Aweke #include <common/runtime_svc.h> 1877c27753SZelalem Aweke #include <context.h> 1977c27753SZelalem Aweke #include <lib/el3_runtime/context_mgmt.h> 20461c0a5dSElizabeth Ho #include <lib/el3_runtime/cpu_data.h> 2177c27753SZelalem Aweke #include <lib/el3_runtime/pubsub.h> 22c73686a1SBoyan Karatotev #include <lib/extensions/pmuv3.h> 23c73686a1SBoyan Karatotev #include <lib/extensions/sys_reg_trace.h> 24f19dc624Sjohpow01 #include <lib/gpt_rme/gpt_rme.h> 2577c27753SZelalem Aweke 2677c27753SZelalem Aweke #include <lib/spinlock.h> 2777c27753SZelalem Aweke #include <lib/utils.h> 2877c27753SZelalem Aweke #include <lib/xlat_tables/xlat_tables_v2.h> 2977c27753SZelalem Aweke #include <plat/common/common_def.h> 3077c27753SZelalem Aweke #include <plat/common/platform.h> 3177c27753SZelalem Aweke #include <platform_def.h> 3277c27753SZelalem Aweke #include <services/rmmd_svc.h> 3377c27753SZelalem Aweke #include <smccc_helpers.h> 34f92eb7e2SArunachalam Ganapathy #include <lib/extensions/sme.h> 35a4cc85c1SSubhasish Ghosh #include <lib/extensions/sve.h> 3677c27753SZelalem Aweke #include "rmmd_initial_context.h" 3777c27753SZelalem Aweke #include "rmmd_private.h" 3877c27753SZelalem Aweke 3977c27753SZelalem Aweke /******************************************************************************* 408c980a4aSJavier Almansa Sobrino * RMM boot failure flag 418c980a4aSJavier Almansa Sobrino ******************************************************************************/ 428c980a4aSJavier Almansa Sobrino static bool rmm_boot_failed; 438c980a4aSJavier Almansa Sobrino 448c980a4aSJavier Almansa Sobrino /******************************************************************************* 4577c27753SZelalem Aweke * RMM context information. 4677c27753SZelalem Aweke ******************************************************************************/ 4777c27753SZelalem Aweke rmmd_rmm_context_t rmm_context[PLATFORM_CORE_COUNT]; 4877c27753SZelalem Aweke 4977c27753SZelalem Aweke /******************************************************************************* 5077c27753SZelalem Aweke * RMM entry point information. Discovered on the primary core and reused 5177c27753SZelalem Aweke * on secondary cores. 5277c27753SZelalem Aweke ******************************************************************************/ 5377c27753SZelalem Aweke static entry_point_info_t *rmm_ep_info; 5477c27753SZelalem Aweke 5577c27753SZelalem Aweke /******************************************************************************* 5677c27753SZelalem Aweke * Static function declaration. 5777c27753SZelalem Aweke ******************************************************************************/ 5877c27753SZelalem Aweke static int32_t rmm_init(void); 5977c27753SZelalem Aweke 6077c27753SZelalem Aweke /******************************************************************************* 6177c27753SZelalem Aweke * This function takes an RMM context pointer and performs a synchronous entry 6277c27753SZelalem Aweke * into it. 6377c27753SZelalem Aweke ******************************************************************************/ 6477c27753SZelalem Aweke uint64_t rmmd_rmm_sync_entry(rmmd_rmm_context_t *rmm_ctx) 6577c27753SZelalem Aweke { 6677c27753SZelalem Aweke uint64_t rc; 6777c27753SZelalem Aweke 6877c27753SZelalem Aweke assert(rmm_ctx != NULL); 6977c27753SZelalem Aweke 7077c27753SZelalem Aweke cm_set_context(&(rmm_ctx->cpu_ctx), REALM); 7177c27753SZelalem Aweke 7277c27753SZelalem Aweke /* Restore the realm context assigned above */ 7377c27753SZelalem Aweke cm_el1_sysregs_context_restore(REALM); 7477c27753SZelalem Aweke cm_el2_sysregs_context_restore(REALM); 7577c27753SZelalem Aweke cm_set_next_eret_context(REALM); 7677c27753SZelalem Aweke 7777c27753SZelalem Aweke /* Enter RMM */ 7877c27753SZelalem Aweke rc = rmmd_rmm_enter(&rmm_ctx->c_rt_ctx); 7977c27753SZelalem Aweke 808b95e848SZelalem Aweke /* 818b95e848SZelalem Aweke * Save realm context. EL1 and EL2 Non-secure 828b95e848SZelalem Aweke * contexts will be restored before exiting to 838b95e848SZelalem Aweke * Non-secure world, therefore there is no need 848b95e848SZelalem Aweke * to clear EL1 and EL2 context registers. 858b95e848SZelalem Aweke */ 8677c27753SZelalem Aweke cm_el1_sysregs_context_save(REALM); 8777c27753SZelalem Aweke cm_el2_sysregs_context_save(REALM); 8877c27753SZelalem Aweke 8977c27753SZelalem Aweke return rc; 9077c27753SZelalem Aweke } 9177c27753SZelalem Aweke 9277c27753SZelalem Aweke /******************************************************************************* 9377c27753SZelalem Aweke * This function returns to the place where rmmd_rmm_sync_entry() was 9477c27753SZelalem Aweke * called originally. 9577c27753SZelalem Aweke ******************************************************************************/ 9677c27753SZelalem Aweke __dead2 void rmmd_rmm_sync_exit(uint64_t rc) 9777c27753SZelalem Aweke { 9877c27753SZelalem Aweke rmmd_rmm_context_t *ctx = &rmm_context[plat_my_core_pos()]; 9977c27753SZelalem Aweke 10077c27753SZelalem Aweke /* Get context of the RMM in use by this CPU. */ 10177c27753SZelalem Aweke assert(cm_get_context(REALM) == &(ctx->cpu_ctx)); 10277c27753SZelalem Aweke 10377c27753SZelalem Aweke /* 10477c27753SZelalem Aweke * The RMMD must have initiated the original request through a 10577c27753SZelalem Aweke * synchronous entry into RMM. Jump back to the original C runtime 10677c27753SZelalem Aweke * context with the value of rc in x0; 10777c27753SZelalem Aweke */ 10877c27753SZelalem Aweke rmmd_rmm_exit(ctx->c_rt_ctx, rc); 10977c27753SZelalem Aweke 11077c27753SZelalem Aweke panic(); 11177c27753SZelalem Aweke } 11277c27753SZelalem Aweke 11377c27753SZelalem Aweke static void rmm_el2_context_init(el2_sysregs_t *regs) 11477c27753SZelalem Aweke { 11577c27753SZelalem Aweke regs->ctx_regs[CTX_SPSR_EL2 >> 3] = REALM_SPSR_EL2; 11677c27753SZelalem Aweke regs->ctx_regs[CTX_SCTLR_EL2 >> 3] = SCTLR_EL2_RES1; 11777c27753SZelalem Aweke } 11877c27753SZelalem Aweke 11977c27753SZelalem Aweke /******************************************************************************* 120a4cc85c1SSubhasish Ghosh * Enable architecture extensions on first entry to Realm world. 121a4cc85c1SSubhasish Ghosh ******************************************************************************/ 122461c0a5dSElizabeth Ho 123a4cc85c1SSubhasish Ghosh static void manage_extensions_realm(cpu_context_t *ctx) 124a4cc85c1SSubhasish Ghosh { 125c73686a1SBoyan Karatotev pmuv3_enable(ctx); 126f92eb7e2SArunachalam Ganapathy 127f92eb7e2SArunachalam Ganapathy /* 128c0e16d30SArunachalam Ganapathy * Enable access to TPIDR2_EL0 if SME/SME2 is enabled for Non Secure world. 129f92eb7e2SArunachalam Ganapathy */ 130f92eb7e2SArunachalam Ganapathy if (is_feat_sme_supported()) { 131f92eb7e2SArunachalam Ganapathy sme_enable(ctx); 132f92eb7e2SArunachalam Ganapathy } 133a4cc85c1SSubhasish Ghosh } 134a4cc85c1SSubhasish Ghosh 135461c0a5dSElizabeth Ho static void manage_extensions_realm_per_world(void) 136461c0a5dSElizabeth Ho { 137*4087ed6cSJayanth Dodderi Chidanand cm_el3_arch_init_per_world(&per_world_context[CPU_CONTEXT_REALM]); 138*4087ed6cSJayanth Dodderi Chidanand 139461c0a5dSElizabeth Ho if (is_feat_sve_supported()) { 140461c0a5dSElizabeth Ho /* 141461c0a5dSElizabeth Ho * Enable SVE and FPU in realm context when it is enabled for NS. 142461c0a5dSElizabeth Ho * Realm manager must ensure that the SVE and FPU register 143461c0a5dSElizabeth Ho * contexts are properly managed. 144461c0a5dSElizabeth Ho */ 145461c0a5dSElizabeth Ho sve_enable_per_world(&per_world_context[CPU_CONTEXT_REALM]); 146461c0a5dSElizabeth Ho } 147461c0a5dSElizabeth Ho 148461c0a5dSElizabeth Ho /* NS can access this but Realm shouldn't */ 149461c0a5dSElizabeth Ho if (is_feat_sys_reg_trace_supported()) { 150461c0a5dSElizabeth Ho sys_reg_trace_disable_per_world(&per_world_context[CPU_CONTEXT_REALM]); 151461c0a5dSElizabeth Ho } 152461c0a5dSElizabeth Ho 153c0e16d30SArunachalam Ganapathy /* 154c0e16d30SArunachalam Ganapathy * If SME/SME2 is supported and enabled for NS world, then disable trapping 155c0e16d30SArunachalam Ganapathy * of SME instructions for Realm world. RMM will save/restore required 156c0e16d30SArunachalam Ganapathy * registers that are shared with SVE/FPU so that Realm can use FPU or SVE. 157c0e16d30SArunachalam Ganapathy */ 158c0e16d30SArunachalam Ganapathy if (is_feat_sme_supported()) { 159c0e16d30SArunachalam Ganapathy sme_enable_per_world(&per_world_context[CPU_CONTEXT_REALM]); 160461c0a5dSElizabeth Ho } 161c0e16d30SArunachalam Ganapathy } 162461c0a5dSElizabeth Ho 163a4cc85c1SSubhasish Ghosh /******************************************************************************* 16477c27753SZelalem Aweke * Jump to the RMM for the first time. 16577c27753SZelalem Aweke ******************************************************************************/ 16677c27753SZelalem Aweke static int32_t rmm_init(void) 16777c27753SZelalem Aweke { 1688c980a4aSJavier Almansa Sobrino long rc; 16977c27753SZelalem Aweke rmmd_rmm_context_t *ctx = &rmm_context[plat_my_core_pos()]; 17077c27753SZelalem Aweke 17177c27753SZelalem Aweke INFO("RMM init start.\n"); 17277c27753SZelalem Aweke 173a4cc85c1SSubhasish Ghosh /* Enable architecture extensions */ 174a4cc85c1SSubhasish Ghosh manage_extensions_realm(&ctx->cpu_ctx); 175a4cc85c1SSubhasish Ghosh 176461c0a5dSElizabeth Ho manage_extensions_realm_per_world(); 177461c0a5dSElizabeth Ho 17877c27753SZelalem Aweke /* Initialize RMM EL2 context. */ 17977c27753SZelalem Aweke rmm_el2_context_init(&ctx->cpu_ctx.el2_sysregs_ctx); 18077c27753SZelalem Aweke 18177c27753SZelalem Aweke rc = rmmd_rmm_sync_entry(ctx); 1828c980a4aSJavier Almansa Sobrino if (rc != E_RMM_BOOT_SUCCESS) { 1838c980a4aSJavier Almansa Sobrino ERROR("RMM init failed: %ld\n", rc); 1848c980a4aSJavier Almansa Sobrino /* Mark the boot as failed for all the CPUs */ 1858c980a4aSJavier Almansa Sobrino rmm_boot_failed = true; 1868c980a4aSJavier Almansa Sobrino return 0; 18777c27753SZelalem Aweke } 18877c27753SZelalem Aweke 18977c27753SZelalem Aweke INFO("RMM init end.\n"); 19077c27753SZelalem Aweke 19177c27753SZelalem Aweke return 1; 19277c27753SZelalem Aweke } 19377c27753SZelalem Aweke 19477c27753SZelalem Aweke /******************************************************************************* 19577c27753SZelalem Aweke * Load and read RMM manifest, setup RMM. 19677c27753SZelalem Aweke ******************************************************************************/ 19777c27753SZelalem Aweke int rmmd_setup(void) 19877c27753SZelalem Aweke { 199dc65ae46SJavier Almansa Sobrino size_t shared_buf_size __unused; 200dc65ae46SJavier Almansa Sobrino uintptr_t shared_buf_base; 20177c27753SZelalem Aweke uint32_t ep_attr; 20277c27753SZelalem Aweke unsigned int linear_id = plat_my_core_pos(); 20377c27753SZelalem Aweke rmmd_rmm_context_t *rmm_ctx = &rmm_context[linear_id]; 204a97bfa5fSAlexeiFedorov struct rmm_manifest *manifest; 2051d0ca40eSJavier Almansa Sobrino int rc; 20677c27753SZelalem Aweke 20777c27753SZelalem Aweke /* Make sure RME is supported. */ 20877c27753SZelalem Aweke assert(get_armv9_2_feat_rme_support() != 0U); 20977c27753SZelalem Aweke 21077c27753SZelalem Aweke rmm_ep_info = bl31_plat_get_next_image_ep_info(REALM); 21177c27753SZelalem Aweke if (rmm_ep_info == NULL) { 21277c27753SZelalem Aweke WARN("No RMM image provided by BL2 boot loader, Booting " 21377c27753SZelalem Aweke "device without RMM initialization. SMCs destined for " 21477c27753SZelalem Aweke "RMM will return SMC_UNK\n"); 21577c27753SZelalem Aweke return -ENOENT; 21677c27753SZelalem Aweke } 21777c27753SZelalem Aweke 21877c27753SZelalem Aweke /* Under no circumstances will this parameter be 0 */ 21977c27753SZelalem Aweke assert(rmm_ep_info->pc == RMM_BASE); 22077c27753SZelalem Aweke 22177c27753SZelalem Aweke /* Initialise an entrypoint to set up the CPU context */ 22277c27753SZelalem Aweke ep_attr = EP_REALM; 22377c27753SZelalem Aweke if ((read_sctlr_el3() & SCTLR_EE_BIT) != 0U) { 22477c27753SZelalem Aweke ep_attr |= EP_EE_BIG; 22577c27753SZelalem Aweke } 22677c27753SZelalem Aweke 22777c27753SZelalem Aweke SET_PARAM_HEAD(rmm_ep_info, PARAM_EP, VERSION_1, ep_attr); 22877c27753SZelalem Aweke rmm_ep_info->spsr = SPSR_64(MODE_EL2, 22977c27753SZelalem Aweke MODE_SP_ELX, 23077c27753SZelalem Aweke DISABLE_ALL_EXCEPTIONS); 23177c27753SZelalem Aweke 2328c980a4aSJavier Almansa Sobrino shared_buf_size = 2338c980a4aSJavier Almansa Sobrino plat_rmmd_get_el3_rmm_shared_mem(&shared_buf_base); 2348c980a4aSJavier Almansa Sobrino 2358c980a4aSJavier Almansa Sobrino assert((shared_buf_size == SZ_4K) && 2368c980a4aSJavier Almansa Sobrino ((void *)shared_buf_base != NULL)); 2378c980a4aSJavier Almansa Sobrino 2381d0ca40eSJavier Almansa Sobrino /* Load the boot manifest at the beginning of the shared area */ 239a97bfa5fSAlexeiFedorov manifest = (struct rmm_manifest *)shared_buf_base; 2401d0ca40eSJavier Almansa Sobrino rc = plat_rmmd_load_manifest(manifest); 2411d0ca40eSJavier Almansa Sobrino if (rc != 0) { 2421d0ca40eSJavier Almansa Sobrino ERROR("Error loading RMM Boot Manifest (%i)\n", rc); 2431d0ca40eSJavier Almansa Sobrino return rc; 2441d0ca40eSJavier Almansa Sobrino } 2451d0ca40eSJavier Almansa Sobrino flush_dcache_range((uintptr_t)shared_buf_base, shared_buf_size); 2461d0ca40eSJavier Almansa Sobrino 2478c980a4aSJavier Almansa Sobrino /* 2488c980a4aSJavier Almansa Sobrino * Prepare coldboot arguments for RMM: 2498c980a4aSJavier Almansa Sobrino * arg0: This CPUID (primary processor). 2508c980a4aSJavier Almansa Sobrino * arg1: Version for this Boot Interface. 2518c980a4aSJavier Almansa Sobrino * arg2: PLATFORM_CORE_COUNT. 2528c980a4aSJavier Almansa Sobrino * arg3: Base address for the EL3 <-> RMM shared area. The boot 2538c980a4aSJavier Almansa Sobrino * manifest will be stored at the beginning of this area. 2548c980a4aSJavier Almansa Sobrino */ 2558c980a4aSJavier Almansa Sobrino rmm_ep_info->args.arg0 = linear_id; 2568c980a4aSJavier Almansa Sobrino rmm_ep_info->args.arg1 = RMM_EL3_INTERFACE_VERSION; 2578c980a4aSJavier Almansa Sobrino rmm_ep_info->args.arg2 = PLATFORM_CORE_COUNT; 2588c980a4aSJavier Almansa Sobrino rmm_ep_info->args.arg3 = shared_buf_base; 2598c980a4aSJavier Almansa Sobrino 26077c27753SZelalem Aweke /* Initialise RMM context with this entry point information */ 26177c27753SZelalem Aweke cm_setup_context(&rmm_ctx->cpu_ctx, rmm_ep_info); 26277c27753SZelalem Aweke 26377c27753SZelalem Aweke INFO("RMM setup done.\n"); 26477c27753SZelalem Aweke 26577c27753SZelalem Aweke /* Register init function for deferred init. */ 26677c27753SZelalem Aweke bl31_register_rmm_init(&rmm_init); 26777c27753SZelalem Aweke 26877c27753SZelalem Aweke return 0; 26977c27753SZelalem Aweke } 27077c27753SZelalem Aweke 27177c27753SZelalem Aweke /******************************************************************************* 27277c27753SZelalem Aweke * Forward SMC to the other security state 27377c27753SZelalem Aweke ******************************************************************************/ 27411578303SSoby Mathew static uint64_t rmmd_smc_forward(uint32_t src_sec_state, 27511578303SSoby Mathew uint32_t dst_sec_state, uint64_t x0, 27611578303SSoby Mathew uint64_t x1, uint64_t x2, uint64_t x3, 27711578303SSoby Mathew uint64_t x4, void *handle) 27877c27753SZelalem Aweke { 2798e51cccaSAlexeiFedorov cpu_context_t *ctx = cm_get_context(dst_sec_state); 2808e51cccaSAlexeiFedorov 28177c27753SZelalem Aweke /* Save incoming security state */ 28277c27753SZelalem Aweke cm_el1_sysregs_context_save(src_sec_state); 28377c27753SZelalem Aweke cm_el2_sysregs_context_save(src_sec_state); 28477c27753SZelalem Aweke 28577c27753SZelalem Aweke /* Restore outgoing security state */ 28677c27753SZelalem Aweke cm_el1_sysregs_context_restore(dst_sec_state); 28777c27753SZelalem Aweke cm_el2_sysregs_context_restore(dst_sec_state); 28877c27753SZelalem Aweke cm_set_next_eret_context(dst_sec_state); 28977c27753SZelalem Aweke 29011578303SSoby Mathew /* 2918e51cccaSAlexeiFedorov * As per SMCCCv1.2, we need to preserve x4 to x7 unless 29211578303SSoby Mathew * being used as return args. Hence we differentiate the 29311578303SSoby Mathew * onward and backward path. Support upto 8 args in the 29411578303SSoby Mathew * onward path and 4 args in return path. 2958e51cccaSAlexeiFedorov * Register x4 will be preserved by RMM in case it is not 2968e51cccaSAlexeiFedorov * used in return path. 29711578303SSoby Mathew */ 29811578303SSoby Mathew if (src_sec_state == NON_SECURE) { 2998e51cccaSAlexeiFedorov SMC_RET8(ctx, x0, x1, x2, x3, x4, 30077c27753SZelalem Aweke SMC_GET_GP(handle, CTX_GPREG_X5), 30177c27753SZelalem Aweke SMC_GET_GP(handle, CTX_GPREG_X6), 30277c27753SZelalem Aweke SMC_GET_GP(handle, CTX_GPREG_X7)); 30311578303SSoby Mathew } 3048e51cccaSAlexeiFedorov 3058e51cccaSAlexeiFedorov SMC_RET5(ctx, x0, x1, x2, x3, x4); 30677c27753SZelalem Aweke } 30777c27753SZelalem Aweke 30877c27753SZelalem Aweke /******************************************************************************* 30977c27753SZelalem Aweke * This function handles all SMCs in the range reserved for RMI. Each call is 31077c27753SZelalem Aweke * either forwarded to the other security state or handled by the RMM dispatcher 31177c27753SZelalem Aweke ******************************************************************************/ 31277c27753SZelalem Aweke uint64_t rmmd_rmi_handler(uint32_t smc_fid, uint64_t x1, uint64_t x2, 31377c27753SZelalem Aweke uint64_t x3, uint64_t x4, void *cookie, 31477c27753SZelalem Aweke void *handle, uint64_t flags) 31577c27753SZelalem Aweke { 31677c27753SZelalem Aweke uint32_t src_sec_state; 31777c27753SZelalem Aweke 3188c980a4aSJavier Almansa Sobrino /* If RMM failed to boot, treat any RMI SMC as unknown */ 3198c980a4aSJavier Almansa Sobrino if (rmm_boot_failed) { 3208c980a4aSJavier Almansa Sobrino WARN("RMMD: Failed to boot up RMM. Ignoring RMI call\n"); 3218c980a4aSJavier Almansa Sobrino SMC_RET1(handle, SMC_UNK); 3228c980a4aSJavier Almansa Sobrino } 3238c980a4aSJavier Almansa Sobrino 32477c27753SZelalem Aweke /* Determine which security state this SMC originated from */ 32577c27753SZelalem Aweke src_sec_state = caller_sec_state(flags); 32677c27753SZelalem Aweke 32777c27753SZelalem Aweke /* RMI must not be invoked by the Secure world */ 32877c27753SZelalem Aweke if (src_sec_state == SMC_FROM_SECURE) { 329319fb084SSoby Mathew WARN("RMMD: RMI invoked by secure world.\n"); 33077c27753SZelalem Aweke SMC_RET1(handle, SMC_UNK); 33177c27753SZelalem Aweke } 33277c27753SZelalem Aweke 33377c27753SZelalem Aweke /* 33477c27753SZelalem Aweke * Forward an RMI call from the Normal world to the Realm world as it 33577c27753SZelalem Aweke * is. 33677c27753SZelalem Aweke */ 33777c27753SZelalem Aweke if (src_sec_state == SMC_FROM_NON_SECURE) { 33867889630SArunachalam Ganapathy /* 33967889630SArunachalam Ganapathy * If SVE hint bit is set in the flags then update the SMC 34067889630SArunachalam Ganapathy * function id and pass it on to the lower EL. 34167889630SArunachalam Ganapathy */ 34267889630SArunachalam Ganapathy if (is_sve_hint_set(flags)) { 34367889630SArunachalam Ganapathy smc_fid |= (FUNCID_SVE_HINT_MASK << 34467889630SArunachalam Ganapathy FUNCID_SVE_HINT_SHIFT); 34567889630SArunachalam Ganapathy } 346319fb084SSoby Mathew VERBOSE("RMMD: RMI call from non-secure world.\n"); 34711578303SSoby Mathew return rmmd_smc_forward(NON_SECURE, REALM, smc_fid, 34877c27753SZelalem Aweke x1, x2, x3, x4, handle); 34977c27753SZelalem Aweke } 35077c27753SZelalem Aweke 351319fb084SSoby Mathew if (src_sec_state != SMC_FROM_REALM) { 352319fb084SSoby Mathew SMC_RET1(handle, SMC_UNK); 353319fb084SSoby Mathew } 35477c27753SZelalem Aweke 35577c27753SZelalem Aweke switch (smc_fid) { 3568e51cccaSAlexeiFedorov case RMM_RMI_REQ_COMPLETE: { 3578e51cccaSAlexeiFedorov uint64_t x5 = SMC_GET_GP(handle, CTX_GPREG_X5); 35877c27753SZelalem Aweke 3598e51cccaSAlexeiFedorov return rmmd_smc_forward(REALM, NON_SECURE, x1, 3608e51cccaSAlexeiFedorov x2, x3, x4, x5, handle); 3618e51cccaSAlexeiFedorov } 36277c27753SZelalem Aweke default: 363319fb084SSoby Mathew WARN("RMMD: Unsupported RMM call 0x%08x\n", smc_fid); 36477c27753SZelalem Aweke SMC_RET1(handle, SMC_UNK); 36577c27753SZelalem Aweke } 36677c27753SZelalem Aweke } 36777c27753SZelalem Aweke 36877c27753SZelalem Aweke /******************************************************************************* 36977c27753SZelalem Aweke * This cpu has been turned on. Enter RMM to initialise R-EL2. Entry into RMM 37077c27753SZelalem Aweke * is done after initialising minimal architectural state that guarantees safe 37177c27753SZelalem Aweke * execution. 37277c27753SZelalem Aweke ******************************************************************************/ 37377c27753SZelalem Aweke static void *rmmd_cpu_on_finish_handler(const void *arg) 37477c27753SZelalem Aweke { 3758c980a4aSJavier Almansa Sobrino long rc; 37677c27753SZelalem Aweke uint32_t linear_id = plat_my_core_pos(); 37777c27753SZelalem Aweke rmmd_rmm_context_t *ctx = &rmm_context[linear_id]; 37877c27753SZelalem Aweke 3798c980a4aSJavier Almansa Sobrino if (rmm_boot_failed) { 3808c980a4aSJavier Almansa Sobrino /* RMM Boot failed on a previous CPU. Abort. */ 3818c980a4aSJavier Almansa Sobrino ERROR("RMM Failed to initialize. Ignoring for CPU%d\n", 3828c980a4aSJavier Almansa Sobrino linear_id); 3838c980a4aSJavier Almansa Sobrino return NULL; 3848c980a4aSJavier Almansa Sobrino } 3858c980a4aSJavier Almansa Sobrino 3868c980a4aSJavier Almansa Sobrino /* 3878c980a4aSJavier Almansa Sobrino * Prepare warmboot arguments for RMM: 3888c980a4aSJavier Almansa Sobrino * arg0: This CPUID. 3898c980a4aSJavier Almansa Sobrino * arg1 to arg3: Not used. 3908c980a4aSJavier Almansa Sobrino */ 3918c980a4aSJavier Almansa Sobrino rmm_ep_info->args.arg0 = linear_id; 3928c980a4aSJavier Almansa Sobrino rmm_ep_info->args.arg1 = 0ULL; 3938c980a4aSJavier Almansa Sobrino rmm_ep_info->args.arg2 = 0ULL; 3948c980a4aSJavier Almansa Sobrino rmm_ep_info->args.arg3 = 0ULL; 39577c27753SZelalem Aweke 39677c27753SZelalem Aweke /* Initialise RMM context with this entry point information */ 39777c27753SZelalem Aweke cm_setup_context(&ctx->cpu_ctx, rmm_ep_info); 39877c27753SZelalem Aweke 399a4cc85c1SSubhasish Ghosh /* Enable architecture extensions */ 400a4cc85c1SSubhasish Ghosh manage_extensions_realm(&ctx->cpu_ctx); 401a4cc85c1SSubhasish Ghosh 40277c27753SZelalem Aweke /* Initialize RMM EL2 context. */ 40377c27753SZelalem Aweke rmm_el2_context_init(&ctx->cpu_ctx.el2_sysregs_ctx); 40477c27753SZelalem Aweke 40577c27753SZelalem Aweke rc = rmmd_rmm_sync_entry(ctx); 4068c980a4aSJavier Almansa Sobrino 4078c980a4aSJavier Almansa Sobrino if (rc != E_RMM_BOOT_SUCCESS) { 4088c980a4aSJavier Almansa Sobrino ERROR("RMM init failed on CPU%d: %ld\n", linear_id, rc); 4098c980a4aSJavier Almansa Sobrino /* Mark the boot as failed for any other booting CPU */ 4108c980a4aSJavier Almansa Sobrino rmm_boot_failed = true; 41177c27753SZelalem Aweke } 41277c27753SZelalem Aweke 41377c27753SZelalem Aweke return NULL; 41477c27753SZelalem Aweke } 41577c27753SZelalem Aweke 41677c27753SZelalem Aweke /* Subscribe to PSCI CPU on to initialize RMM on secondary */ 41777c27753SZelalem Aweke SUBSCRIBE_TO_EVENT(psci_cpu_on_finish, rmmd_cpu_on_finish_handler); 41877c27753SZelalem Aweke 419319fb084SSoby Mathew /* Convert GPT lib error to RMMD GTS error */ 420319fb084SSoby Mathew static int gpt_to_gts_error(int error, uint32_t smc_fid, uint64_t address) 421319fb084SSoby Mathew { 422319fb084SSoby Mathew int ret; 423319fb084SSoby Mathew 424319fb084SSoby Mathew if (error == 0) { 425dc65ae46SJavier Almansa Sobrino return E_RMM_OK; 426319fb084SSoby Mathew } 427319fb084SSoby Mathew 428319fb084SSoby Mathew if (error == -EINVAL) { 429dc65ae46SJavier Almansa Sobrino ret = E_RMM_BAD_ADDR; 430319fb084SSoby Mathew } else { 431319fb084SSoby Mathew /* This is the only other error code we expect */ 432319fb084SSoby Mathew assert(error == -EPERM); 433dc65ae46SJavier Almansa Sobrino ret = E_RMM_BAD_PAS; 434319fb084SSoby Mathew } 435319fb084SSoby Mathew 436319fb084SSoby Mathew ERROR("RMMD: PAS Transition failed. GPT ret = %d, PA: 0x%"PRIx64 ", FID = 0x%x\n", 437319fb084SSoby Mathew error, address, smc_fid); 438319fb084SSoby Mathew return ret; 439319fb084SSoby Mathew } 440319fb084SSoby Mathew 44177c27753SZelalem Aweke /******************************************************************************* 442319fb084SSoby Mathew * This function handles RMM-EL3 interface SMCs 44377c27753SZelalem Aweke ******************************************************************************/ 444319fb084SSoby Mathew uint64_t rmmd_rmm_el3_handler(uint32_t smc_fid, uint64_t x1, uint64_t x2, 44577c27753SZelalem Aweke uint64_t x3, uint64_t x4, void *cookie, 44677c27753SZelalem Aweke void *handle, uint64_t flags) 44777c27753SZelalem Aweke { 44877c27753SZelalem Aweke uint32_t src_sec_state; 4496a00e9b0SRobert Wakim int ret; 45077c27753SZelalem Aweke 4518c980a4aSJavier Almansa Sobrino /* If RMM failed to boot, treat any RMM-EL3 interface SMC as unknown */ 4528c980a4aSJavier Almansa Sobrino if (rmm_boot_failed) { 4538c980a4aSJavier Almansa Sobrino WARN("RMMD: Failed to boot up RMM. Ignoring RMM-EL3 call\n"); 4548c980a4aSJavier Almansa Sobrino SMC_RET1(handle, SMC_UNK); 4558c980a4aSJavier Almansa Sobrino } 4568c980a4aSJavier Almansa Sobrino 45777c27753SZelalem Aweke /* Determine which security state this SMC originated from */ 45877c27753SZelalem Aweke src_sec_state = caller_sec_state(flags); 45977c27753SZelalem Aweke 46077c27753SZelalem Aweke if (src_sec_state != SMC_FROM_REALM) { 461319fb084SSoby Mathew WARN("RMMD: RMM-EL3 call originated from secure or normal world\n"); 46277c27753SZelalem Aweke SMC_RET1(handle, SMC_UNK); 46377c27753SZelalem Aweke } 46477c27753SZelalem Aweke 46577c27753SZelalem Aweke switch (smc_fid) { 466e50fedbcSJavier Almansa Sobrino case RMM_GTSI_DELEGATE: 4676a00e9b0SRobert Wakim ret = gpt_delegate_pas(x1, PAGE_SIZE_4KB, SMC_FROM_REALM); 468319fb084SSoby Mathew SMC_RET1(handle, gpt_to_gts_error(ret, smc_fid, x1)); 469e50fedbcSJavier Almansa Sobrino case RMM_GTSI_UNDELEGATE: 4706a00e9b0SRobert Wakim ret = gpt_undelegate_pas(x1, PAGE_SIZE_4KB, SMC_FROM_REALM); 471319fb084SSoby Mathew SMC_RET1(handle, gpt_to_gts_error(ret, smc_fid, x1)); 472e50fedbcSJavier Almansa Sobrino case RMM_ATTEST_GET_PLAT_TOKEN: 4730f9159b7SSoby Mathew ret = rmmd_attest_get_platform_token(x1, &x2, x3); 4740f9159b7SSoby Mathew SMC_RET2(handle, ret, x2); 475e50fedbcSJavier Almansa Sobrino case RMM_ATTEST_GET_REALM_KEY: 476a0435105SSoby Mathew ret = rmmd_attest_get_signing_key(x1, &x2, x3); 477a0435105SSoby Mathew SMC_RET2(handle, ret, x2); 4788c980a4aSJavier Almansa Sobrino 4798c980a4aSJavier Almansa Sobrino case RMM_BOOT_COMPLETE: 4808c980a4aSJavier Almansa Sobrino VERBOSE("RMMD: running rmmd_rmm_sync_exit\n"); 4818c980a4aSJavier Almansa Sobrino rmmd_rmm_sync_exit(x1); 4828c980a4aSJavier Almansa Sobrino 48377c27753SZelalem Aweke default: 484319fb084SSoby Mathew WARN("RMMD: Unsupported RMM-EL3 call 0x%08x\n", smc_fid); 48577c27753SZelalem Aweke SMC_RET1(handle, SMC_UNK); 48677c27753SZelalem Aweke } 48777c27753SZelalem Aweke } 488