1 /*
2 * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
3 * Copyright (c) 2020, NVIDIA Corporation. All rights reserved.
4 *
5 * SPDX-License-Identifier: BSD-3-Clause
6 */
7
8 /*******************************************************************************
9 * This is the Secure Payload Dispatcher (SPD). The dispatcher is meant to be a
10 * plug-in component to the Secure Monitor, registered as a runtime service. The
11 * SPD is expected to be a functional extension of the Secure Payload (SP) that
12 * executes in Secure EL1. The Secure Monitor will delegate all SMCs targeting
13 * the Trusted OS/Applications range to the dispatcher. The SPD will either
14 * handle the request locally or delegate it to the Secure Payload. It is also
15 * responsible for initialising and maintaining communication with the SP.
16 ******************************************************************************/
17 #include <assert.h>
18 #include <bl31/interrupt_mgmt.h>
19 #include <errno.h>
20 #include <stddef.h>
21
22 #include <arch_helpers.h>
23 #include <bl31/bl31.h>
24 #include <bl32/payloads/tlk.h>
25 #include <common/bl_common.h>
26 #include <common/debug.h>
27 #include <common/runtime_svc.h>
28 #include <lib/el3_runtime/context_mgmt.h>
29 #include <plat/common/platform.h>
30 #include <tools_share/uuid.h>
31
32 #include "tlkd_private.h"
33
34 extern const spd_pm_ops_t tlkd_pm_ops;
35
36 /*******************************************************************************
37 * Per-cpu Secure Payload state
38 ******************************************************************************/
39 tlk_context_t tlk_ctx;
40
41 /*******************************************************************************
42 * CPU number on which TLK booted up
43 ******************************************************************************/
44 static uint32_t boot_cpu;
45
46 /* TLK UID: RFC-4122 compliant UUID (version-5, sha-1) */
47 DEFINE_SVC_UUID2(tlk_uuid,
48 0xc9e911bd, 0xba2b, 0xee52, 0xb1, 0x72,
49 0x46, 0x1f, 0xba, 0x97, 0x7f, 0x63);
50
51 static int32_t tlkd_init(void);
52
53 /*******************************************************************************
54 * Secure Payload Dispatcher's timer interrupt handler
55 ******************************************************************************/
tlkd_interrupt_handler(uint32_t id,uint32_t flags,void * handle,void * cookie)56 static uint64_t tlkd_interrupt_handler(uint32_t id,
57 uint32_t flags,
58 void *handle,
59 void *cookie)
60 {
61 cpu_context_t *s_cpu_context;
62 int irq = plat_ic_get_pending_interrupt_id();
63
64 /* acknowledge the interrupt and mark it complete */
65 (void)plat_ic_acknowledge_interrupt();
66 plat_ic_end_of_interrupt(irq);
67
68 /*
69 * Disable the routing of NS interrupts from secure world to
70 * EL3 while interrupted on this core.
71 */
72 disable_intr_rm_local(INTR_TYPE_S_EL1, SECURE);
73
74 /* Check the security state when the exception was generated */
75 assert(get_interrupt_src_ss(flags) == NON_SECURE);
76 assert(handle == cm_get_context(NON_SECURE));
77
78 /* Save non-secure state */
79 cm_el1_sysregs_context_save(NON_SECURE);
80
81 /* Get a reference to the secure context */
82 s_cpu_context = cm_get_context(SECURE);
83 assert(s_cpu_context);
84
85 /*
86 * Restore non-secure state. There is no need to save the
87 * secure system register context since the SP was supposed
88 * to preserve it during S-EL1 interrupt handling.
89 */
90 cm_el1_sysregs_context_restore(SECURE);
91 cm_set_next_eret_context(SECURE);
92
93 /* Provide the IRQ number to the SPD */
94 SMC_RET4(s_cpu_context, (uint32_t)TLK_IRQ_FIRED, 0, (uint32_t)irq, 0);
95 }
96
97 /*******************************************************************************
98 * Secure Payload Dispatcher setup. The SPD finds out the SP entrypoint and type
99 * (aarch32/aarch64) if not already known and initialises the context for entry
100 * into the SP for its initialisation.
101 ******************************************************************************/
tlkd_setup(void)102 static int32_t tlkd_setup(void)
103 {
104 entry_point_info_t *tlk_ep_info;
105 uint32_t flags;
106 int32_t ret;
107
108 /*
109 * Get information about the Secure Payload (BL32) image. Its
110 * absence is a critical failure.
111 */
112 tlk_ep_info = bl31_plat_get_next_image_ep_info(SECURE);
113 if (!tlk_ep_info) {
114 WARN("No SP provided. Booting device without SP"
115 " initialization. SMC`s destined for SP"
116 " will return SMC_UNK\n");
117 return 1;
118 }
119
120 /*
121 * If there's no valid entry point for SP, we return a non-zero value
122 * signalling failure initializing the service. We bail out without
123 * registering any handlers
124 */
125 if (!tlk_ep_info->pc)
126 return 1;
127
128 /*
129 * Inspect the SP image's SPSR and determine it's execution state
130 * i.e whether AArch32 or AArch64.
131 */
132 tlkd_init_tlk_ep_state(tlk_ep_info,
133 (tlk_ep_info->spsr >> MODE_RW_SHIFT) & MODE_RW_MASK,
134 tlk_ep_info->pc,
135 &tlk_ctx);
136
137 /* get a list of all S-EL1 IRQs from the platform */
138
139 /* register interrupt handler */
140 flags = 0;
141 set_interrupt_rm_flag(flags, NON_SECURE);
142 ret = register_interrupt_type_handler(INTR_TYPE_S_EL1,
143 tlkd_interrupt_handler,
144 flags);
145 if (ret != 0) {
146 ERROR("failed to register tlkd interrupt handler (%d)\n", ret);
147 }
148
149 /*
150 * All TLK SPD initialization done. Now register our init function
151 * with BL31 for deferred invocation
152 */
153 bl31_register_bl32_init(&tlkd_init);
154
155 return 0;
156 }
157
158 /*******************************************************************************
159 * This function passes control to the Secure Payload image (BL32) for the first
160 * time on the primary cpu after a cold boot. It assumes that a valid secure
161 * context has already been created by tlkd_setup() which can be directly
162 * used. This function performs a synchronous entry into the Secure payload.
163 * The SP passes control back to this routine through a SMC.
164 ******************************************************************************/
tlkd_init(void)165 static int32_t tlkd_init(void)
166 {
167 entry_point_info_t *tlk_entry_point;
168
169 /*
170 * Get information about the Secure Payload (BL32) image. Its
171 * absence is a critical failure.
172 */
173 tlk_entry_point = bl31_plat_get_next_image_ep_info(SECURE);
174 assert(tlk_entry_point);
175
176 cm_init_my_context(tlk_entry_point);
177
178 /*
179 * TLK runs only on a single CPU. Store the value of the boot
180 * CPU for sanity checking later.
181 */
182 boot_cpu = plat_my_core_pos();
183
184 /*
185 * Arrange for an entry into the test secure payload.
186 */
187 return tlkd_synchronous_sp_entry(&tlk_ctx);
188 }
189
190 /*******************************************************************************
191 * This function is responsible for handling all SMCs in the Trusted OS/App
192 * range from the non-secure state as defined in the SMC Calling Convention
193 * Document. It is also responsible for communicating with the Secure payload
194 * to delegate work and return results back to the non-secure state. Lastly it
195 * will also return any information that the secure payload needs to do the
196 * work assigned to it.
197 ******************************************************************************/
tlkd_smc_handler(uint32_t smc_fid,u_register_t x1,u_register_t x2,u_register_t x3,u_register_t x4,void * cookie,void * handle,u_register_t flags)198 static uintptr_t tlkd_smc_handler(uint32_t smc_fid,
199 u_register_t x1,
200 u_register_t x2,
201 u_register_t x3,
202 u_register_t x4,
203 void *cookie,
204 void *handle,
205 u_register_t flags)
206 {
207 cpu_context_t *ns_cpu_context;
208 gp_regs_t *gp_regs;
209 uint32_t ns;
210 uint64_t par;
211
212 /* Passing a NULL context is a critical programming error */
213 assert(handle);
214
215 /* These SMCs are only supported by a single CPU */
216 if (boot_cpu != plat_my_core_pos())
217 SMC_RET1(handle, SMC_UNK);
218
219 /* Determine which security state this SMC originated from */
220 ns = is_caller_non_secure(flags);
221
222 switch (smc_fid) {
223
224 /*
225 * This function ID is used by SP to indicate that it was
226 * preempted by a non-secure world IRQ.
227 */
228 case TLK_PREEMPTED:
229
230 if (ns)
231 SMC_RET1(handle, SMC_UNK);
232
233 assert(handle == cm_get_context(SECURE));
234 cm_el1_sysregs_context_save(SECURE);
235
236 /* Get a reference to the non-secure context */
237 ns_cpu_context = cm_get_context(NON_SECURE);
238 assert(ns_cpu_context);
239
240 /*
241 * Restore non-secure state. There is no need to save the
242 * secure system register context since the SP was supposed
243 * to preserve it during S-EL1 interrupt handling.
244 */
245 cm_el1_sysregs_context_restore(NON_SECURE);
246 cm_set_next_eret_context(NON_SECURE);
247
248 SMC_RET1(ns_cpu_context, x1);
249
250 /*
251 * This is a request from the non-secure context to:
252 *
253 * a. register shared memory with the SP for storing it's
254 * activity logs.
255 * b. register shared memory with the SP for passing args
256 * required for maintaining sessions with the Trusted
257 * Applications.
258 * c. register shared persistent buffers for secure storage
259 * d. register NS DRAM ranges passed by Cboot
260 * e. register Root of Trust parameters from Cboot for Verified Boot
261 * f. open/close sessions
262 * g. issue commands to the Trusted Apps
263 * h. resume the preempted yielding SMC call.
264 */
265 case TLK_REGISTER_LOGBUF:
266 case TLK_REGISTER_REQBUF:
267 case TLK_SS_REGISTER_HANDLER:
268 case TLK_REGISTER_NS_DRAM_RANGES:
269 case TLK_SET_ROOT_OF_TRUST:
270 case TLK_OPEN_TA_SESSION:
271 case TLK_CLOSE_TA_SESSION:
272 case TLK_TA_LAUNCH_OP:
273 case TLK_TA_SEND_EVENT:
274 case TLK_RESUME_FID:
275 case TLK_SET_BL_VERSION:
276 case TLK_LOCK_BL_INTERFACE:
277 case TLK_BL_RPMB_SERVICE:
278
279 if (!ns)
280 SMC_RET1(handle, SMC_UNK);
281
282 /*
283 * This is a fresh request from the non-secure client.
284 * The parameters are in x1 and x2. Figure out which
285 * registers need to be preserved, save the non-secure
286 * state and send the request to the secure payload.
287 */
288 assert(handle == cm_get_context(NON_SECURE));
289
290 /*
291 * Check if we are already processing a yielding SMC
292 * call. Of all the supported fids, only the "resume"
293 * fid expects the flag to be set.
294 */
295 if (smc_fid == TLK_RESUME_FID) {
296 if (!get_yield_smc_active_flag(tlk_ctx.state))
297 SMC_RET1(handle, SMC_UNK);
298 } else {
299 if (get_yield_smc_active_flag(tlk_ctx.state))
300 SMC_RET1(handle, SMC_UNK);
301 }
302
303 cm_el1_sysregs_context_save(NON_SECURE);
304
305 /*
306 * Verify if there is a valid context to use.
307 */
308 assert(&tlk_ctx.cpu_ctx == cm_get_context(SECURE));
309
310 /*
311 * Mark the SP state as active.
312 */
313 set_yield_smc_active_flag(tlk_ctx.state);
314
315 /*
316 * We are done stashing the non-secure context. Ask the
317 * secure payload to do the work now.
318 */
319 cm_el1_sysregs_context_restore(SECURE);
320 cm_set_next_eret_context(SECURE);
321
322 /*
323 * TLK is a 32-bit Trusted OS and so expects the SMC
324 * arguments via r0-r7. TLK expects the monitor frame
325 * registers to be 64-bits long. Hence, we pass x0 in
326 * r0-r1, x1 in r2-r3, x3 in r4-r5 and x4 in r6-r7.
327 *
328 * As smc_fid is a uint32 value, r1 contains 0.
329 */
330 gp_regs = get_gpregs_ctx(&tlk_ctx.cpu_ctx);
331 write_ctx_reg(gp_regs, CTX_GPREG_X4, (uint32_t)x2);
332 write_ctx_reg(gp_regs, CTX_GPREG_X5, (uint32_t)(x2 >> 32));
333 write_ctx_reg(gp_regs, CTX_GPREG_X6, (uint32_t)x3);
334 write_ctx_reg(gp_regs, CTX_GPREG_X7, (uint32_t)(x3 >> 32));
335 SMC_RET4(&tlk_ctx.cpu_ctx, smc_fid, 0, (uint32_t)x1,
336 (uint32_t)(x1 >> 32));
337
338 /*
339 * Translate NS/EL1-S virtual addresses.
340 *
341 * x1 = virtual address
342 * x3 = type (NS/S)
343 *
344 * Returns PA:lo in r0, PA:hi in r1.
345 */
346 case TLK_VA_TRANSLATE:
347
348 /* Should be invoked only by secure world */
349 if (ns)
350 SMC_RET1(handle, SMC_UNK);
351
352 /* NS virtual addresses are 64-bit long */
353 if (x3 & TLK_TRANSLATE_NS_VADDR)
354 x1 = (uint32_t)x1 | (x2 << 32);
355
356 if (!x1)
357 SMC_RET1(handle, SMC_UNK);
358
359 /*
360 * TODO: Sanity check x1. This would require platform
361 * support.
362 */
363
364 /* virtual address and type: ns/s */
365 par = tlkd_va_translate(x1, x3);
366
367 /* return physical address in r0-r1 */
368 SMC_RET4(handle, (uint32_t)par, (uint32_t)(par >> 32), 0, 0);
369
370 /*
371 * This is a request from the SP to mark completion of
372 * a yielding function ID.
373 */
374 case TLK_REQUEST_DONE:
375 if (ns)
376 SMC_RET1(handle, SMC_UNK);
377
378 /*
379 * Mark the SP state as inactive.
380 */
381 clr_yield_smc_active_flag(tlk_ctx.state);
382
383 /* Get a reference to the non-secure context */
384 ns_cpu_context = cm_get_context(NON_SECURE);
385 assert(ns_cpu_context);
386
387 /*
388 * This is a request completion SMC and we must switch to
389 * the non-secure world to pass the result.
390 */
391 cm_el1_sysregs_context_save(SECURE);
392
393 /*
394 * We are done stashing the secure context. Switch to the
395 * non-secure context and return the result.
396 */
397 cm_el1_sysregs_context_restore(NON_SECURE);
398 cm_set_next_eret_context(NON_SECURE);
399 SMC_RET1(ns_cpu_context, x1);
400
401 /*
402 * This function ID is used only by the SP to indicate it has
403 * finished initialising itself after a cold boot
404 */
405 case TLK_ENTRY_DONE:
406 if (ns)
407 SMC_RET1(handle, SMC_UNK);
408
409 /*
410 * SP has been successfully initialized. Register power
411 * management hooks with PSCI
412 */
413 psci_register_spd_pm_hook(&tlkd_pm_ops);
414
415 /*
416 * TLK reports completion. The SPD must have initiated
417 * the original request through a synchronous entry
418 * into the SP. Jump back to the original C runtime
419 * context.
420 */
421 tlkd_synchronous_sp_exit(&tlk_ctx, x1);
422 break;
423
424 /*
425 * These function IDs are used only by TLK to indicate it has
426 * finished:
427 * 1. suspending itself after an earlier psci cpu_suspend
428 * request.
429 * 2. resuming itself after an earlier psci cpu_suspend
430 * request.
431 * 3. powering down after an earlier psci system_off/system_reset
432 * request.
433 */
434 case TLK_SUSPEND_DONE:
435 case TLK_RESUME_DONE:
436
437 if (ns)
438 SMC_RET1(handle, SMC_UNK);
439
440 /*
441 * TLK reports completion. TLKD must have initiated the
442 * original request through a synchronous entry into the SP.
443 * Jump back to the original C runtime context, and pass x1 as
444 * return value to the caller
445 */
446 tlkd_synchronous_sp_exit(&tlk_ctx, x1);
447 break;
448
449 /*
450 * This function ID is used by SP to indicate that it has completed
451 * handling the secure interrupt.
452 */
453 case TLK_IRQ_DONE:
454
455 if (ns)
456 SMC_RET1(handle, SMC_UNK);
457
458 assert(handle == cm_get_context(SECURE));
459
460 /* save secure world context */
461 cm_el1_sysregs_context_save(SECURE);
462
463 /* Get a reference to the non-secure context */
464 ns_cpu_context = cm_get_context(NON_SECURE);
465 assert(ns_cpu_context);
466
467 /*
468 * Restore non-secure state. There is no need to save the
469 * secure system register context since the SP was supposed
470 * to preserve it during S-EL1 interrupt handling.
471 */
472 cm_el1_sysregs_context_restore(NON_SECURE);
473 cm_set_next_eret_context(NON_SECURE);
474
475 SMC_RET0(ns_cpu_context);
476
477 /*
478 * Return the number of service function IDs implemented to
479 * provide service to non-secure
480 */
481 case TOS_CALL_COUNT:
482 SMC_RET1(handle, TLK_NUM_FID);
483
484 /*
485 * Return TLK's UID to the caller
486 */
487 case TOS_UID:
488 SMC_UUID_RET(handle, tlk_uuid);
489
490 /*
491 * Return the version of current implementation
492 */
493 case TOS_CALL_VERSION:
494 SMC_RET2(handle, TLK_VERSION_MAJOR, TLK_VERSION_MINOR);
495
496 default:
497 WARN("%s: Unhandled SMC: 0x%x\n", __func__, smc_fid);
498 break;
499 }
500
501 SMC_RET1(handle, SMC_UNK);
502 }
503
504 /* Define a SPD runtime service descriptor for fast SMC calls */
505 DECLARE_RT_SVC(
506 tlkd_tos_fast,
507
508 OEN_TOS_START,
509 OEN_TOS_END,
510 SMC_TYPE_FAST,
511 tlkd_setup,
512 tlkd_smc_handler
513 );
514
515 /* Define a SPD runtime service descriptor for yielding SMC calls */
516 DECLARE_RT_SVC(
517 tlkd_tos_std,
518
519 OEN_TOS_START,
520 OEN_TOS_END,
521 SMC_TYPE_YIELD,
522 NULL,
523 tlkd_smc_handler
524 );
525
526 /* Define a SPD runtime service descriptor for fast SMC calls */
527 DECLARE_RT_SVC(
528 tlkd_tap_fast,
529
530 OEN_TAP_START,
531 OEN_TAP_END,
532 SMC_TYPE_FAST,
533 NULL,
534 tlkd_smc_handler
535 );
536
537 /* Define a SPD runtime service descriptor for yielding SMC calls */
538 DECLARE_RT_SVC(
539 tlkd_tap_std,
540
541 OEN_TAP_START,
542 OEN_TAP_END,
543 SMC_TYPE_YIELD,
544 NULL,
545 tlkd_smc_handler
546 );
547