1 /*
2  * Copyright 2019 The Hafnium Authors.
3  *
4  * Use of this source code is governed by a BSD-style
5  * license that can be found in the LICENSE file or at
6  * https://opensource.org/licenses/BSD-3-Clause.
7  */
8 
9 #pragma once
10 
11 #include "hf/addr.h"
12 #include "hf/fdt.h"
13 #include "hf/ffa.h"
14 #include "hf/memiter.h"
15 #include "hf/string.h"
16 #include "hf/vm.h"
17 
18 #define MANIFEST_INVALID_ADDRESS UINT64_MAX
19 #define MANIFEST_INVALID_ID UINT32_MAX
20 
21 #define SP_RTX_BUF_NAME_SIZE 10
22 
23 /** FF-A manifest memory and device regions attributes. */
24 #define MANIFEST_REGION_ATTR_READ (UINT32_C(1) << 0)
25 #define MANIFEST_REGION_ATTR_WRITE (UINT32_C(1) << 1)
26 #define MANIFEST_REGION_ATTR_EXEC (UINT32_C(1) << 2)
27 #define MANIFEST_REGION_ATTR_SECURITY (UINT32_C(1) << 3)
28 
29 #define MANIFEST_REGION_ALL_ATTR_MASK                             \
30 	(MANIFEST_REGION_ATTR_READ | MANIFEST_REGION_ATTR_WRITE | \
31 	 MANIFEST_REGION_ATTR_EXEC | MANIFEST_REGION_ATTR_SECURITY)
32 
33 /* Highest possible value for the boot-order field. */
34 #define DEFAULT_BOOT_ORDER 0xFFFF
35 #define DEFAULT_BOOT_GP_REGISTER UINT32_C(-1)
36 
37 enum run_time_el {
38 	EL1 = 0,
39 	S_EL0,
40 	S_EL1,
41 	SUPERVISOR_MODE,
42 	SECURE_USER_MODE,
43 	SECURE_SUPERVISOR_MODE
44 };
45 
46 enum execution_state { AARCH64 = 0, AARCH32 };
47 
48 enum xlat_granule { PAGE_4KB = 0, PAGE_16KB, PAGE_64KB };
49 
50 /**
51  * Partition Memory region as described in FFA v1.0 spec, Table 10
52  */
53 struct memory_region {
54 	/**
55 	 * Specify PA, VA for S-EL0 partitions or IPA
56 	 * for S-EL1 partitions - optional.
57 	 */
58 	uintptr_t base_address;
59 	/** Page count - mandatory */
60 	uint32_t page_count;
61 	/** Memory attributes - mandatory */
62 	uint32_t attributes;
63 	/** Name of memory region - optional */
64 	struct string name;
65 };
66 
67 struct interrupt_info {
68 	uint32_t id;
69 	uint32_t attributes;
70 };
71 
72 /**
73  * Partition Device region as described in FFA v1.0 spec, Table 11
74  */
75 struct device_region {
76 	/** Device base PA - mandatory */
77 	uintptr_t base_address;
78 	/** Page count - mandatory */
79 	uint32_t page_count;
80 	/** Memory attributes - mandatory */
81 	uint32_t attributes;
82 	/** List of physical interrupt ID's and their attributes - optional */
83 	struct interrupt_info interrupts[PARTITION_MAX_INTERRUPTS_PER_DEVICE];
84 	/** Count of physical interrupts - optional */
85 	uint8_t interrupt_count;
86 	/** SMMU ID - optional */
87 	uint32_t smmu_id;
88 	/** Count of Stream IDs assigned to device - optional */
89 	uint8_t stream_count;
90 	/** List of Stream IDs assigned to device - optional */
91 	uint32_t stream_ids[PARTITION_MAX_STREAMS_PER_DEVICE];
92 	/** Exclusive access to an endpoint - optional */
93 	bool exclusive_access;
94 	/** Name of Device region - optional */
95 	struct string name;
96 };
97 
98 /**
99  * RX/TX buffer, reference to memory-region entries that describe RX/TX
100  * buffers in partition manifest.
101  */
102 struct rx_tx {
103 	bool available;
104 	uint32_t rx_phandle;
105 	uint32_t tx_phandle;
106 	struct memory_region *rx_buffer;
107 	struct memory_region *tx_buffer;
108 };
109 
110 /**
111  * Partition manifest as described in FF-A v1.0 spec section 3.1
112  */
113 struct partition_manifest {
114 	/** FF-A expected version - mandatory */
115 	uint32_t ffa_version;
116 	/** UUID - mandatory */
117 	struct ffa_uuid uuid;
118 	/** Partition id - optional */
119 	ffa_vm_id_t id;
120 	/** Aux ids for mem transactions - optional */
121 	ffa_vm_id_t aux_id;
122 
123 	/* NOTE: optional name field maps to VM debug_name field */
124 
125 	/** mandatory */
126 	ffa_vcpu_count_t execution_ctx_count;
127 	/** EL1 or secure EL1, secure EL0 - mandatory */
128 	enum run_time_el run_time_el;
129 	/** AArch32 / AArch64 - mandatory */
130 	enum execution_state execution_state;
131 	/** optional */
132 	uintpaddr_t load_addr;
133 	/** optional */
134 	size_t ep_offset;
135 	/**  4/16/64KB - optional */
136 	enum xlat_granule xlat_granule;
137 	/** Register id from w0/x0-w3/x3 - optional. */
138 	uint32_t gp_register_num;
139 	/**
140 	 *  Flags the presence of the optional IMPDEF node to define Partition's
141 	 *  Boot Info.
142 	 */
143 	bool boot_info;
144 	/** optional */
145 	uint16_t boot_order;
146 
147 	/** Optional RX/TX buffers */
148 	struct rx_tx rxtx;
149 
150 	/** mandatory - direct/indirect msg or both */
151 	uint8_t messaging_method;
152 	/** mandatory - action in response to non secure interrupt */
153 	uint8_t ns_interrupts_action;
154 	/** optional - managed exit signaled through vIRQ */
155 	bool me_signal_virq;
156 	/** optional - receipt of notifications. */
157 	bool notification_support;
158 	/** optional */
159 	bool has_primary_scheduler;
160 	/** optional - preemptible / run to completion */
161 	uint8_t runtime_model;
162 	/** optional - tuples SEPID/SMMUID/streamId */
163 	uint32_t stream_ep_ids[1];
164 
165 	/** Memory regions */
166 	uint16_t mem_region_count;
167 	struct memory_region mem_regions[PARTITION_MAX_MEMORY_REGIONS];
168 	/** Device regions */
169 	uint16_t dev_region_count;
170 	struct device_region dev_regions[PARTITION_MAX_DEVICE_REGIONS];
171 };
172 
173 /**
174  * Holds information about one of the VMs described in the manifest.
175  */
176 struct manifest_vm {
177 	/* Properties defined for both primary and secondary VMs. */
178 	struct string debug_name;
179 	struct string kernel_filename;
180 	struct smc_whitelist smc_whitelist;
181 	bool is_ffa_partition;
182 	bool is_hyp_loaded;
183 	struct partition_manifest partition;
184 
185 	union {
186 		/* Properties specific to the primary VM. */
187 		struct {
188 			uint64_t boot_address;
189 			struct string ramdisk_filename;
190 		} primary;
191 		/* Properties specific to secondary VMs. */
192 		struct {
193 			uint64_t mem_size;
194 			ffa_vcpu_count_t vcpu_count;
195 			struct string fdt_filename;
196 		} secondary;
197 	};
198 };
199 
200 /**
201  * Hafnium manifest parsed from FDT.
202  */
203 struct manifest {
204 	bool ffa_tee_enabled;
205 	ffa_vm_count_t vm_count;
206 	struct manifest_vm vm[MAX_VMS];
207 };
208 
209 enum manifest_return_code {
210 	MANIFEST_SUCCESS = 0,
211 	MANIFEST_ERROR_FILE_SIZE,
212 	MANIFEST_ERROR_MALFORMED_DTB,
213 	MANIFEST_ERROR_NO_ROOT_NODE,
214 	MANIFEST_ERROR_NO_HYPERVISOR_FDT_NODE,
215 	MANIFEST_ERROR_NOT_COMPATIBLE,
216 	MANIFEST_ERROR_RESERVED_VM_ID,
217 	MANIFEST_ERROR_NO_PRIMARY_VM,
218 	MANIFEST_ERROR_TOO_MANY_VMS,
219 	MANIFEST_ERROR_PROPERTY_NOT_FOUND,
220 	MANIFEST_ERROR_MALFORMED_STRING,
221 	MANIFEST_ERROR_STRING_TOO_LONG,
222 	MANIFEST_ERROR_MALFORMED_INTEGER,
223 	MANIFEST_ERROR_INTEGER_OVERFLOW,
224 	MANIFEST_ERROR_MALFORMED_INTEGER_LIST,
225 	MANIFEST_ERROR_MALFORMED_BOOLEAN,
226 	MANIFEST_ERROR_ARGUMENTS_LIST_EMPTY,
227 	MANIFEST_ERROR_MEMORY_REGION_NODE_EMPTY,
228 	MANIFEST_ERROR_DEVICE_REGION_NODE_EMPTY,
229 	MANIFEST_ERROR_RXTX_SIZE_MISMATCH,
230 	MANIFEST_ERROR_MEM_REGION_OVERLAP,
231 	MANIFEST_ERROR_INVALID_MEM_PERM,
232 	MANIFEST_ERROR_INTERRUPT_ID_REPEATED,
233 	MANIFEST_ILLEGAL_NS_ACTION,
234 };
235 
236 enum manifest_return_code manifest_init(struct mm_stage1_locked stage1_locked,
237 					struct manifest **manifest,
238 					struct memiter *manifest_fdt,
239 					struct mpool *ppool);
240 void manifest_deinit(struct mpool *ppool);
241 
242 enum manifest_return_code parse_ffa_manifest(struct fdt *fdt,
243 					     struct manifest_vm *vm,
244 					     struct fdt_node *boot_info);
245 
246 void manifest_dump(struct manifest_vm *vm);
247 
248 const char *manifest_strerror(enum manifest_return_code ret_code);
249