diff options
Diffstat (limited to 'include')
42 files changed, 568 insertions, 140 deletions
diff --git a/include/arch/aarch32/asm_macros.S b/include/arch/aarch32/asm_macros.S index 8cfa21231..f75da0ce6 100644 --- a/include/arch/aarch32/asm_macros.S +++ b/include/arch/aarch32/asm_macros.S @@ -95,11 +95,29 @@ #if ARM_ARCH_MAJOR == 7 && !defined(ARMV7_SUPPORTS_VIRTUALIZATION) /* + * Macro for mitigating against speculative execution. * ARMv7 cores without Virtualization extension do not support the * eret instruction. */ - .macro eret + .macro exception_return movs pc, lr + dsb nsh + isb + .endm + +#else + /* + * Macro for mitigating against speculative execution beyond ERET. + * If possible use Speculation Barrier instruction defined in ARMv8.5 + */ + .macro exception_return + eret +#if ARM_ARCH_AT_LEAST(8, 5) + sb +#else + dsb nsh + isb +#endif .endm #endif diff --git a/include/arch/aarch32/smccc_macros.S b/include/arch/aarch32/smccc_macros.S index 4ec229218..ea7835a42 100644 --- a/include/arch/aarch32/smccc_macros.S +++ b/include/arch/aarch32/smccc_macros.S @@ -235,7 +235,7 @@ /* Restore the rest of the general purpose registers */ ldm r0, {r0-r12} - eret + exception_return .endm #endif /* SMCCC_MACROS_S */ diff --git a/include/arch/aarch64/arch.h b/include/arch/aarch64/arch.h index 1faddbedc..2b2c11652 100644 --- a/include/arch/aarch64/arch.h +++ b/include/arch/aarch64/arch.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved. * Copyright (c) 2020, NVIDIA Corporation. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause @@ -97,6 +97,32 @@ #define ICC_SGI0R_EL1 S3_0_c12_c11_7 /******************************************************************************* + * Definitions for EL2 system registers for save/restore routine + ******************************************************************************/ + +#define CNTPOFF_EL2 S3_4_C14_C0_6 +#define HAFGRTR_EL2 S3_4_C3_C1_6 +#define HDFGRTR_EL2 S3_4_C3_C1_4 +#define HDFGWTR_EL2 S3_4_C3_C1_5 +#define HFGITR_EL2 S3_4_C1_C1_6 +#define HFGRTR_EL2 S3_4_C1_C1_4 +#define HFGWTR_EL2 S3_4_C1_C1_5 +#define ICH_HCR_EL2 S3_4_C12_C11_0 +#define ICH_VMCR_EL2 S3_4_C12_C11_7 +#define MPAMVPM0_EL2 S3_4_C10_C5_0 +#define MPAMVPM1_EL2 S3_4_C10_C5_1 +#define MPAMVPM2_EL2 S3_4_C10_C5_2 +#define MPAMVPM3_EL2 S3_4_C10_C5_3 +#define MPAMVPM4_EL2 S3_4_C10_C5_4 +#define MPAMVPM5_EL2 S3_4_C10_C5_5 +#define MPAMVPM6_EL2 S3_4_C10_C5_6 +#define MPAMVPM7_EL2 S3_4_C10_C5_7 +#define MPAMVPMV_EL2 S3_4_C10_C4_1 +#define TRFCR_EL2 S3_4_C1_C2_1 +#define PMSCR_EL2 S3_4_C9_C9_0 +#define TFSR_EL2 S3_4_C5_C6_0 + +/******************************************************************************* * Generic timer memory mapped registers & offsets ******************************************************************************/ #define CNTCR_OFF U(0x000) @@ -426,6 +452,9 @@ #define SPSR_M_AARCH64 U(0x0) #define SPSR_M_AARCH32 U(0x1) +#define SPSR_EL_SHIFT U(2) +#define SPSR_EL_WIDTH U(2) + #define SPSR_SSBS_BIT_AARCH64 BIT_64(12) #define SPSR_SSBS_BIT_AARCH32 BIT_64(23) @@ -531,6 +560,7 @@ #define MODE_EL_SHIFT U(0x2) #define MODE_EL_MASK U(0x3) +#define MODE_EL_WIDTH U(0x2) #define MODE_EL3 U(0x3) #define MODE_EL2 U(0x2) #define MODE_EL1 U(0x1) diff --git a/include/arch/aarch64/asm_macros.S b/include/arch/aarch64/asm_macros.S index a7d5a3dd6..cbb9f0be8 100644 --- a/include/arch/aarch64/asm_macros.S +++ b/include/arch/aarch64/asm_macros.S @@ -220,11 +220,16 @@ /* * Macro for mitigating against speculative execution beyond ERET. + * If possible use Speculation Barrier instruction defined in ARMv8.5 */ .macro exception_return eret - dsb nsh +#if ARM_ARCH_AT_LEAST(8, 5) + sb +#else + dsb nsh isb +#endif .endm #endif /* ASM_MACROS_S */ diff --git a/include/bl32/payloads/tlk.h b/include/bl32/payloads/tlk.h index ce8e3e890..5162d1340 100644 --- a/include/bl32/payloads/tlk.h +++ b/include/bl32/payloads/tlk.h @@ -1,5 +1,6 @@ /* * Copyright (c) 2015-2018, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2020, NVIDIA Corporation. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -26,7 +27,7 @@ #define TLK_RESUME_FID TLK_TOS_YIELD_FID(0x100) #define TLK_SYSTEM_SUSPEND TLK_TOS_YIELD_FID(0xE001) #define TLK_SYSTEM_RESUME TLK_TOS_YIELD_FID(0xE002) -#define TLK_SYSTEM_OFF TLK_TOS_YIELD_FID(0xE003) +#define TLK_IRQ_FIRED TLK_TOS_YIELD_FID(0xE004) /* * SMC function IDs that TLK uses to signal various forms of completions @@ -38,7 +39,7 @@ #define TLK_VA_TRANSLATE (0x32000004 | (ULL(1) << 31)) #define TLK_SUSPEND_DONE (0x32000005 | (ULL(1) << 31)) #define TLK_RESUME_DONE (0x32000006 | (ULL(1) << 31)) -#define TLK_SYSTEM_OFF_DONE (0x32000007 | (ULL(1) << 31)) +#define TLK_IRQ_DONE (0x32000008 | (ULL(1) << 31)) /* * Trusted Application specific function IDs diff --git a/include/common/bl_common.ld.h b/include/common/bl_common.ld.h new file mode 100644 index 000000000..32c54b4d2 --- /dev/null +++ b/include/common/bl_common.ld.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2020, ARM Limited and Contributors. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#ifndef BL_COMMON_LD_H +#define BL_COMMON_LD_H + +/* + * The xlat_table section is for full, aligned page tables (4K). + * Removing them from .bss avoids forcing 4K alignment on + * the .bss section. The tables are initialized to zero by the translation + * tables library. + */ +#define XLAT_TABLE_SECTION \ + xlat_table (NOLOAD) : { \ + *(xlat_table) \ + } + +#endif /* BL_COMMON_LD_H */ diff --git a/include/common/debug.h b/include/common/debug.h index 245e69865..9aef15b51 100644 --- a/include/common/debug.h +++ b/include/common/debug.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2018, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -91,6 +91,7 @@ #if ENABLE_BACKTRACE void backtrace(const char *cookie); +const char *get_el_str(unsigned int el); #else #define backtrace(x) #endif diff --git a/include/drivers/amlogic/meson_console.h b/include/drivers/amlogic/meson_console.h index 70e3b0bd4..8d52d794b 100644 --- a/include/drivers/amlogic/meson_console.h +++ b/include/drivers/amlogic/meson_console.h @@ -9,17 +9,10 @@ #include <drivers/console.h> -#define CONSOLE_T_MESON_BASE CONSOLE_T_DRVDATA - #ifndef __ASSEMBLER__ #include <stdint.h> -typedef struct { - console_t console; - uintptr_t base; -} console_meson_t; - /* * Initialize a new meson console instance and register it with the console * framework. The |console| pointer must point to storage that will be valid @@ -30,7 +23,7 @@ typedef struct { * order to make this function future-proof. */ int console_meson_register(uintptr_t baseaddr, uint32_t clock, uint32_t baud, - console_meson_t *console); + console_t *console); #endif /*__ASSEMBLER__*/ diff --git a/include/drivers/arm/gicv3.h b/include/drivers/arm/gicv3.h index c4f42d04d..e6339bcfe 100644 --- a/include/drivers/arm/gicv3.h +++ b/include/drivers/arm/gicv3.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015-2019, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -32,7 +32,7 @@ #define GICD_SETSPI_NSR U(0x40) #define GICD_CLRSPI_NSR U(0x48) #define GICD_SETSPI_SR U(0x50) -#define GICD_CLRSPI_SR U(0x50) +#define GICD_CLRSPI_SR U(0x58) #define GICD_IGRPMODR U(0xd00) /* * GICD_IROUTER<n> register is at 0x6000 + 8n, where n is the interrupt id and @@ -79,7 +79,7 @@ #define NUM_OF_DIST_REGS 30 /******************************************************************************* - * GICv3 Re-distributor interface registers & constants + * GICv3 Redistributor interface registers & constants ******************************************************************************/ #define GICR_PCPUBASE_SHIFT 0x11 #define GICR_SGIBASE_OFFSET U(65536) /* 64 KB */ diff --git a/include/drivers/arm/pl011.h b/include/drivers/arm/pl011.h index 8733d1964..ebc664348 100644 --- a/include/drivers/arm/pl011.h +++ b/include/drivers/arm/pl011.h @@ -81,17 +81,10 @@ #endif /* !PL011_GENERIC_UART */ -#define CONSOLE_T_PL011_BASE CONSOLE_T_DRVDATA - #ifndef __ASSEMBLER__ #include <stdint.h> -typedef struct { - console_t console; - uintptr_t base; -} console_pl011_t; - /* * Initialize a new PL011 console instance and register it with the console * framework. The |console| pointer must point to storage that will be valid @@ -99,7 +92,7 @@ typedef struct { * Its contents will be reinitialized from scratch. */ int console_pl011_register(uintptr_t baseaddr, uint32_t clock, uint32_t baud, - console_pl011_t *console); + console_t *console); #endif /*__ASSEMBLER__*/ diff --git a/include/drivers/auth/crypto_mod.h b/include/drivers/auth/crypto_mod.h index f211035d7..71cf67306 100644 --- a/include/drivers/auth/crypto_mod.h +++ b/include/drivers/auth/crypto_mod.h @@ -13,9 +13,18 @@ enum crypto_ret_value { CRYPTO_ERR_INIT, CRYPTO_ERR_HASH, CRYPTO_ERR_SIGNATURE, + CRYPTO_ERR_DECRYPTION, CRYPTO_ERR_UNKNOWN }; +#define CRYPTO_MAX_IV_SIZE 16U +#define CRYPTO_MAX_TAG_SIZE 16U + +/* Decryption algorithm */ +enum crypto_dec_algo { + CRYPTO_GCM_DECRYPT = 0 +}; + /* * Cryptographic library descriptor */ @@ -44,6 +53,15 @@ typedef struct crypto_lib_desc_s { unsigned int data_len, unsigned char *output); #endif /* MEASURED_BOOT */ + /* + * Authenticated decryption. Return one of the + * 'enum crypto_ret_value' options. + */ + int (*auth_decrypt)(enum crypto_dec_algo dec_algo, void *data_ptr, + size_t len, const void *key, unsigned int key_len, + unsigned int key_flags, const void *iv, + unsigned int iv_len, const void *tag, + unsigned int tag_len); } crypto_lib_desc_t; /* Public functions */ @@ -54,6 +72,11 @@ int crypto_mod_verify_signature(void *data_ptr, unsigned int data_len, void *pk_ptr, unsigned int pk_len); int crypto_mod_verify_hash(void *data_ptr, unsigned int data_len, void *digest_info_ptr, unsigned int digest_info_len); +int crypto_mod_auth_decrypt(enum crypto_dec_algo dec_algo, void *data_ptr, + size_t len, const void *key, unsigned int key_len, + unsigned int key_flags, const void *iv, + unsigned int iv_len, const void *tag, + unsigned int tag_len); #if MEASURED_BOOT int crypto_mod_calc_hash(unsigned int alg, void *data_ptr, @@ -61,21 +84,24 @@ int crypto_mod_calc_hash(unsigned int alg, void *data_ptr, /* Macro to register a cryptographic library */ #define REGISTER_CRYPTO_LIB(_name, _init, _verify_signature, _verify_hash, \ - _calc_hash) \ + _calc_hash, _auth_decrypt) \ const crypto_lib_desc_t crypto_lib_desc = { \ .name = _name, \ .init = _init, \ .verify_signature = _verify_signature, \ .verify_hash = _verify_hash, \ - .calc_hash = _calc_hash \ + .calc_hash = _calc_hash, \ + .auth_decrypt = _auth_decrypt \ } #else -#define REGISTER_CRYPTO_LIB(_name, _init, _verify_signature, _verify_hash) \ +#define REGISTER_CRYPTO_LIB(_name, _init, _verify_signature, _verify_hash, \ + _auth_decrypt) \ const crypto_lib_desc_t crypto_lib_desc = { \ .name = _name, \ .init = _init, \ .verify_signature = _verify_signature, \ - .verify_hash = _verify_hash \ + .verify_hash = _verify_hash, \ + .auth_decrypt = _auth_decrypt \ } #endif /* MEASURED_BOOT */ diff --git a/include/drivers/auth/mbedtls/mbedtls_config.h b/include/drivers/auth/mbedtls/mbedtls_config.h index 6e179bbd1..dc00da7d6 100644 --- a/include/drivers/auth/mbedtls/mbedtls_config.h +++ b/include/drivers/auth/mbedtls/mbedtls_config.h @@ -79,6 +79,12 @@ #define MBEDTLS_X509_USE_C #define MBEDTLS_X509_CRT_PARSE_C +#if TF_MBEDTLS_USE_AES_GCM +#define MBEDTLS_AES_C +#define MBEDTLS_CIPHER_C +#define MBEDTLS_GCM_C +#endif + /* MPI / BIGNUM options */ #define MBEDTLS_MPI_WINDOW_SIZE 2 diff --git a/include/drivers/cadence/cdns_uart.h b/include/drivers/cadence/cdns_uart.h index 64a062ca1..46ba4663e 100644 --- a/include/drivers/cadence/cdns_uart.h +++ b/include/drivers/cadence/cdns_uart.h @@ -25,17 +25,10 @@ #define R_UART_TX 0x30 #define R_UART_RX 0x30 -#define CONSOLE_T_CDNS_BASE CONSOLE_T_DRVDATA - #ifndef __ASSEMBLER__ #include <stdint.h> -typedef struct { - console_t console; - uintptr_t base; -} console_cdns_t; - /* * Initialize a new Cadence console instance and register it with the console * framework. The |console| pointer must point to storage that will be valid @@ -43,7 +36,7 @@ typedef struct { * Its contents will be reinitialized from scratch. */ int console_cdns_register(uintptr_t baseaddr, uint32_t clock, uint32_t baud, - console_cdns_t *console); + console_t *console); #endif /*__ASSEMBLER__*/ diff --git a/include/drivers/console.h b/include/drivers/console.h index a4859d80f..761816ac7 100644 --- a/include/drivers/console.h +++ b/include/drivers/console.h @@ -14,7 +14,8 @@ #define CONSOLE_T_PUTC (U(2) * REGSZ) #define CONSOLE_T_GETC (U(3) * REGSZ) #define CONSOLE_T_FLUSH (U(4) * REGSZ) -#define CONSOLE_T_DRVDATA (U(5) * REGSZ) +#define CONSOLE_T_BASE (U(5) * REGSZ) +#define CONSOLE_T_DRVDATA (U(6) * REGSZ) #define CONSOLE_FLAG_BOOT (U(1) << 0) #define CONSOLE_FLAG_RUNTIME (U(1) << 1) @@ -43,6 +44,7 @@ typedef struct console { int (*const putc)(int character, struct console *console); int (*const getc)(struct console *console); int (*const flush)(struct console *console); + uintptr_t base; /* Additional private driver data may follow here. */ } console_t; diff --git a/include/drivers/coreboot/cbmem_console.h b/include/drivers/coreboot/cbmem_console.h index 40c90e6bb..30b39f14d 100644 --- a/include/drivers/coreboot/cbmem_console.h +++ b/include/drivers/coreboot/cbmem_console.h @@ -9,14 +9,12 @@ #include <drivers/console.h> -#define CONSOLE_T_CBMC_BASE CONSOLE_T_DRVDATA -#define CONSOLE_T_CBMC_SIZE (CONSOLE_T_DRVDATA + REGSZ) +#define CONSOLE_T_CBMC_SIZE CONSOLE_T_DRVDATA #ifndef __ASSEMBLER__ typedef struct { console_t console; - uintptr_t base; uint32_t size; } console_cbmc_t; diff --git a/include/drivers/io/io_encrypted.h b/include/drivers/io/io_encrypted.h new file mode 100644 index 000000000..9dcf061b4 --- /dev/null +++ b/include/drivers/io/io_encrypted.h @@ -0,0 +1,15 @@ +/* + * Copyright (c) 2020, Linaro Limited. All rights reserved. + * Author: Sumit Garg <sumit.garg@linaro.org> + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#ifndef IO_ENCRYPTED_H +#define IO_ENCRYPTED_H + +struct io_dev_connector; + +int register_io_dev_enc(const struct io_dev_connector **dev_con); + +#endif /* IO_ENCRYPTED_H */ diff --git a/include/drivers/io/io_storage.h b/include/drivers/io/io_storage.h index a301ad563..f2d641c2d 100644 --- a/include/drivers/io/io_storage.h +++ b/include/drivers/io/io_storage.h @@ -25,6 +25,7 @@ typedef enum { IO_TYPE_MTD, IO_TYPE_MMC, IO_TYPE_STM32IMAGE, + IO_TYPE_ENCRYPTED, IO_TYPE_MAX } io_type_t; diff --git a/include/drivers/marvell/uart/a3700_console.h b/include/drivers/marvell/uart/a3700_console.h index 517f01a8f..5e3ab0515 100644 --- a/include/drivers/marvell/uart/a3700_console.h +++ b/include/drivers/marvell/uart/a3700_console.h @@ -54,17 +54,10 @@ #define UART_CTRL_TXFIFO_RESET (1 << 15) #define UARTLSR_TXFIFOEMPTY (1 << 6) -#define CONSOLE_T_A3700_BASE CONSOLE_T_DRVDATA - #ifndef __ASSEMBLER__ #include <stdint.h> -typedef struct { - console_t console; - uintptr_t base; -} console_a3700_t; - /* * Initialize a new a3700 console instance and register it with the console * framework. The |console| pointer must point to storage that will be valid @@ -72,7 +65,7 @@ typedef struct { * Its contents will be reinitialized from scratch. */ int console_a3700_register(uintptr_t baseaddr, uint32_t clock, uint32_t baud, - console_a3700_t *console); + console_t *console); #endif /*__ASSEMBLER__*/ diff --git a/include/drivers/renesas/rcar/console/console.h b/include/drivers/renesas/rcar/console/console.h index 0e4ed8f35..7d5b5d3ce 100644 --- a/include/drivers/renesas/rcar/console/console.h +++ b/include/drivers/renesas/rcar/console/console.h @@ -7,17 +7,10 @@ #ifndef RCAR_PRINTF_H #define RCAR_PRINTF_H -#define CONSOLE_T_RCAR_BASE CONSOLE_T_DRVDATA - #ifndef __ASSEMBLER__ #include <stdint.h> -typedef struct { - console_t console; - uintptr_t base; -} console_rcar_t; - /* * Initialize a new rcar console instance and register it with the console * framework. The |console| pointer must point to storage that will be valid @@ -25,7 +18,7 @@ typedef struct { * Its contents will be reinitialized from scratch. */ int console_rcar_register(uintptr_t baseaddr, uint32_t clock, uint32_t baud, - console_rcar_t *console); + console_t *console); #endif /*__ASSEMBLER__*/ diff --git a/include/drivers/rpi3/gpio/rpi3_gpio.h b/include/drivers/rpi3/gpio/rpi3_gpio.h index 159a2e08b..7bb3ee25b 100644 --- a/include/drivers/rpi3/gpio/rpi3_gpio.h +++ b/include/drivers/rpi3/gpio/rpi3_gpio.h @@ -11,11 +11,7 @@ #include <stdint.h> #include <drivers/gpio.h> -struct rpi3_gpio_params { - uintptr_t reg_base; -}; - -void rpi3_gpio_init(struct rpi3_gpio_params *params); +void rpi3_gpio_init(void); int rpi3_gpio_get_select(int gpio); void rpi3_gpio_set_select(int gpio, int fsel); diff --git a/include/drivers/st/stm32_console.h b/include/drivers/st/stm32_console.h index a2ad87cb5..8d9187d2a 100644 --- a/include/drivers/st/stm32_console.h +++ b/include/drivers/st/stm32_console.h @@ -9,17 +9,10 @@ #include <drivers/console.h> -#define CONSOLE_T_STM32_BASE CONSOLE_T_DRVDATA - #ifndef __ASSEMBLER__ #include <stdint.h> -struct console_stm32 { - console_t console; - uintptr_t base; -}; - /* * Initialize a new STM32 console instance and register it with the console * framework. The |console| pointer must point to storage that will be valid @@ -27,7 +20,7 @@ struct console_stm32 { * Its contents will be reinitialized from scratch. */ int console_stm32_register(uintptr_t baseaddr, uint32_t clock, uint32_t baud, - struct console_stm32 *console); + console_t *console); #endif /*__ASSEMBLER__*/ diff --git a/include/drivers/ti/uart/uart_16550.h b/include/drivers/ti/uart/uart_16550.h index 2b95fa33a..bddd9970c 100644 --- a/include/drivers/ti/uart/uart_16550.h +++ b/include/drivers/ti/uart/uart_16550.h @@ -71,17 +71,10 @@ #define UARTLSR_RDR_BIT (0) /* Rx Data Ready Bit */ #define UARTLSR_RDR (1 << UARTLSR_RDR_BIT) /* Rx Data Ready */ -#define CONSOLE_T_16550_BASE CONSOLE_T_DRVDATA - #ifndef __ASSEMBLER__ #include <stdint.h> -typedef struct { - console_t console; - uintptr_t base; -} console_16550_t; - /* * Initialize a new 16550 console instance and register it with the console * framework. The |console| pointer must point to storage that will be valid @@ -94,7 +87,7 @@ typedef struct { * case as well. */ int console_16550_register(uintptr_t baseaddr, uint32_t clock, uint32_t baud, - console_16550_t *console); + console_t *console); #endif /*__ASSEMBLER__*/ diff --git a/include/export/common/tbbr/tbbr_img_def_exp.h b/include/export/common/tbbr/tbbr_img_def_exp.h index ff0d16c73..89dbc58fe 100644 --- a/include/export/common/tbbr/tbbr_img_def_exp.h +++ b/include/export/common/tbbr/tbbr_img_def_exp.h @@ -85,7 +85,15 @@ /* Binary with STM32 header */ #define STM32_IMAGE_ID U(29) +/* Encrypted image identifier */ +#define ENC_IMAGE_ID U(30) + /* Define size of the array */ -#define MAX_NUMBER_IDS U(30) +#if defined(SPD_spmd) +#define MAX_SP_IDS U(8) +#define MAX_NUMBER_IDS MAX_SP_IDS + U(31) +#else +#define MAX_NUMBER_IDS U(31) +#endif #endif /* ARM_TRUSTED_FIRMWARE_EXPORT_COMMON_TBBR_TBBR_IMG_DEF_EXP_H */ diff --git a/include/lib/cpus/aarch64/cortex_klein.h b/include/lib/cpus/aarch64/cortex_klein.h new file mode 100644 index 000000000..729b3bf0a --- /dev/null +++ b/include/lib/cpus/aarch64/cortex_klein.h @@ -0,0 +1,23 @@ +/* + * Copyright (c) 2020, ARM Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#ifndef CORTEX_KLEIN_H +#define CORTEX_KLEIN_H + +#define CORTEX_KLEIN_MIDR U(0x410FD460) + +/******************************************************************************* + * CPU Extended Control register specific definitions + ******************************************************************************/ +#define CORTEX_KLEIN_CPUECTLR_EL1 S3_0_C15_C1_4 + +/******************************************************************************* + * CPU Power Control register specific definitions + ******************************************************************************/ +#define CORTEX_KLEIN_CPUPWRCTLR_EL1 S3_0_C15_C2_7 +#define CORTEX_KLEIN_CPUPWRCTLR_EL1_CORE_PWRDN_BIT U(1) + +#endif /* CORTEX_KLEIN_H */ diff --git a/include/lib/cpus/aarch64/cortex_matterhorn.h b/include/lib/cpus/aarch64/cortex_matterhorn.h new file mode 100644 index 000000000..018553359 --- /dev/null +++ b/include/lib/cpus/aarch64/cortex_matterhorn.h @@ -0,0 +1,23 @@ +/* + * Copyright (c) 2020, ARM Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#ifndef CORTEX_MATTERHORN_H +#define CORTEX_MATTERHORN_H + +#define CORTEX_MATTERHORN_MIDR U(0x410FD470) + +/******************************************************************************* + * CPU Extended Control register specific definitions + ******************************************************************************/ +#define CORTEX_MATTERHORN_CPUECTLR_EL1 S3_0_C15_C1_4 + +/******************************************************************************* + * CPU Power Control register specific definitions + ******************************************************************************/ +#define CORTEX_MATTERHORN_CPUPWRCTLR_EL1 S3_0_C15_C2_7 +#define CORTEX_MATTERHORN_CPUPWRCTLR_EL1_CORE_PWRDN_BIT U(1) + +#endif /* CORTEX_MATTERHORN_H */ diff --git a/include/lib/cpus/aarch64/denver.h b/include/lib/cpus/aarch64/denver.h index 02657a0fb..b98abdf4d 100644 --- a/include/lib/cpus/aarch64/denver.h +++ b/include/lib/cpus/aarch64/denver.h @@ -34,6 +34,11 @@ #define DENVER_CPU_PMSTATE_C7 U(0x7) #define DENVER_CPU_PMSTATE_MASK U(0xF) +/* ACTRL_ELx bits to enable dual execution*/ +#define DENVER_CPU_ENABLE_DUAL_EXEC_EL2 (ULL(1) << 9) +#define DENVER_CPU_ENABLE_DUAL_EXEC_EL3 (ULL(1) << 9) +#define DENVER_CPU_ENABLE_DUAL_EXEC_EL1 (U(1) << 4) + #ifndef __ASSEMBLER__ /* Disable Dynamic Code Optimisation */ diff --git a/include/lib/el3_runtime/aarch64/context.h b/include/lib/el3_runtime/aarch64/context.h index 4158c023e..e061950c8 100644 --- a/include/lib/el3_runtime/aarch64/context.h +++ b/include/lib/el3_runtime/aarch64/context.h @@ -68,7 +68,7 @@ * registers are only 32-bits wide but are stored as 64-bit values for * convenience ******************************************************************************/ -#define CTX_SYSREGS_OFFSET (CTX_EL3STATE_OFFSET + CTX_EL3STATE_END) +#define CTX_EL1_SYSREGS_OFFSET (CTX_EL3STATE_OFFSET + CTX_EL3STATE_END) #define CTX_SPSR_EL1 U(0x0) #define CTX_ELR_EL1 U(0x8) #define CTX_SCTLR_EL1 U(0x10) @@ -138,13 +138,118 @@ /* * End of system registers. */ -#define CTX_SYSREGS_END CTX_MTE_REGS_END +#define CTX_EL1_SYSREGS_END CTX_MTE_REGS_END + +/* + * EL2 register set + */ + +#if CTX_INCLUDE_EL2_REGS +/* For later discussion + * ICH_AP0R<n>_EL2 + * ICH_AP1R<n>_EL2 + * AMEVCNTVOFF0<n>_EL2 + * AMEVCNTVOFF1<n>_EL2 + * ICH_LR<n>_EL2 + */ +#define CTX_EL2_SYSREGS_OFFSET (CTX_EL1_SYSREGS_OFFSET + CTX_EL1_SYSREGS_END) + +#define CTX_ACTLR_EL2 U(0x0) +#define CTX_AFSR0_EL2 U(0x8) +#define CTX_AFSR1_EL2 U(0x10) +#define CTX_AMAIR_EL2 U(0x18) +#define CTX_CNTHCTL_EL2 U(0x20) +#define CTX_CNTHP_CTL_EL2 U(0x28) +#define CTX_CNTHP_CVAL_EL2 U(0x30) +#define CTX_CNTHP_TVAL_EL2 U(0x38) +#define CTX_CNTVOFF_EL2 U(0x40) +#define CTX_CPTR_EL2 U(0x48) +#define CTX_DBGVCR32_EL2 U(0x50) +#define CTX_ELR_EL2 U(0x58) +#define CTX_ESR_EL2 U(0x60) +#define CTX_FAR_EL2 U(0x68) +#define CTX_FPEXC32_EL2 U(0x70) +#define CTX_HACR_EL2 U(0x78) +#define CTX_HCR_EL2 U(0x80) +#define CTX_HPFAR_EL2 U(0x88) +#define CTX_HSTR_EL2 U(0x90) +#define CTX_ICC_SRE_EL2 U(0x98) +#define CTX_ICH_HCR_EL2 U(0xa0) +#define CTX_ICH_VMCR_EL2 U(0xa8) +#define CTX_MAIR_EL2 U(0xb0) +#define CTX_MDCR_EL2 U(0xb8) +#define CTX_PMSCR_EL2 U(0xc0) +#define CTX_SCTLR_EL2 U(0xc8) +#define CTX_SPSR_EL2 U(0xd0) +#define CTX_SP_EL2 U(0xd8) +#define CTX_TCR_EL2 U(0xe0) +#define CTX_TRFCR_EL2 U(0xe8) +#define CTX_TTBR0_EL2 U(0xf0) +#define CTX_VBAR_EL2 U(0xf8) +#define CTX_VMPIDR_EL2 U(0x100) +#define CTX_VPIDR_EL2 U(0x108) +#define CTX_VTCR_EL2 U(0x110) +#define CTX_VTTBR_EL2 U(0x118) + +// Only if MTE registers in use +#define CTX_TFSR_EL2 U(0x120) + +// Only if ENABLE_MPAM_FOR_LOWER_ELS==1 +#define CTX_MPAM2_EL2 U(0x128) +#define CTX_MPAMHCR_EL2 U(0x130) +#define CTX_MPAMVPM0_EL2 U(0x138) +#define CTX_MPAMVPM1_EL2 U(0x140) +#define CTX_MPAMVPM2_EL2 U(0x148) +#define CTX_MPAMVPM3_EL2 U(0x150) +#define CTX_MPAMVPM4_EL2 U(0x158) +#define CTX_MPAMVPM5_EL2 U(0x160) +#define CTX_MPAMVPM6_EL2 U(0x168) +#define CTX_MPAMVPM7_EL2 U(0x170) +#define CTX_MPAMVPMV_EL2 U(0x178) + +// Starting with Armv8.6 +#define CTX_HAFGRTR_EL2 U(0x180) +#define CTX_HDFGRTR_EL2 U(0x188) +#define CTX_HDFGWTR_EL2 U(0x190) +#define CTX_HFGITR_EL2 U(0x198) +#define CTX_HFGRTR_EL2 U(0x1a0) +#define CTX_HFGWTR_EL2 U(0x1a8) +#define CTX_CNTPOFF_EL2 U(0x1b0) + +// Starting with Armv8.4 +#define CTX_CNTHPS_CTL_EL2 U(0x1b8) +#define CTX_CNTHPS_CVAL_EL2 U(0x1c0) +#define CTX_CNTHPS_TVAL_EL2 U(0x1c8) +#define CTX_CNTHVS_CTL_EL2 U(0x1d0) +#define CTX_CNTHVS_CVAL_EL2 U(0x1d8) +#define CTX_CNTHVS_TVAL_EL2 U(0x1e0) +#define CTX_CNTHV_CTL_EL2 U(0x1e8) +#define CTX_CNTHV_CVAL_EL2 U(0x1f0) +#define CTX_CNTHV_TVAL_EL2 U(0x1f8) +#define CTX_CONTEXTIDR_EL2 U(0x200) +#define CTX_SDER32_EL2 U(0x208) +#define CTX_TTBR1_EL2 U(0x210) +#define CTX_VDISR_EL2 U(0x218) +#define CTX_VNCR_EL2 U(0x220) +#define CTX_VSESR_EL2 U(0x228) +#define CTX_VSTCR_EL2 U(0x230) +#define CTX_VSTTBR_EL2 U(0x238) + +// Starting with Armv8.5 +#define CTX_SCXTNUM_EL2 U(0x240) +/* Align to the next 16 byte boundary */ +#define CTX_EL2_SYSREGS_END U(0x250) +#endif /* CTX_INCLUDE_EL2_REGS */ /******************************************************************************* * Constants that allow assembler code to access members of and the 'fp_regs' * structure at their correct offsets. ******************************************************************************/ -#define CTX_FPREGS_OFFSET (CTX_SYSREGS_OFFSET + CTX_SYSREGS_END) +#if CTX_INCLUDE_EL2_REGS +# define CTX_FPREGS_OFFSET (CTX_EL2_SYSREGS_OFFSET + CTX_EL2_SYSREGS_END) +#else +# define CTX_FPREGS_OFFSET (CTX_EL1_SYSREGS_OFFSET + CTX_EL1_SYSREGS_END) +#endif #if CTX_INCLUDE_FPREGS #define CTX_FP_Q0 U(0x0) #define CTX_FP_Q1 U(0x10) @@ -235,7 +340,10 @@ /* Constants to determine the size of individual context structures */ #define CTX_GPREG_ALL (CTX_GPREGS_END >> DWORD_SHIFT) -#define CTX_SYSREG_ALL (CTX_SYSREGS_END >> DWORD_SHIFT) +#define CTX_EL1_SYSREGS_ALL (CTX_EL1_SYSREGS_END >> DWORD_SHIFT) +#if CTX_INCLUDE_EL2_REGS +# define CTX_EL2_SYSREGS_ALL (CTX_EL2_SYSREGS_END >> DWORD_SHIFT) +#endif #if CTX_INCLUDE_FPREGS # define CTX_FPREG_ALL (CTX_FPREGS_END >> DWORD_SHIFT) #endif @@ -256,10 +364,18 @@ DEFINE_REG_STRUCT(gp_regs, CTX_GPREG_ALL); /* * AArch64 EL1 system register context structure for preserving the - * architectural state during switches from one security state to - * another in EL1. + * architectural state during world switches. + */ +DEFINE_REG_STRUCT(el1_sysregs, CTX_EL1_SYSREGS_ALL); + + +/* + * AArch64 EL2 system register context structure for preserving the + * architectural state during world switches. */ -DEFINE_REG_STRUCT(el1_sys_regs, CTX_SYSREG_ALL); +#if CTX_INCLUDE_EL2_REGS +DEFINE_REG_STRUCT(el2_sysregs, CTX_EL2_SYSREGS_ALL); +#endif /* * AArch64 floating point register context structure for preserving @@ -304,7 +420,10 @@ DEFINE_REG_STRUCT(pauth, CTX_PAUTH_REGS_ALL); typedef struct cpu_context { gp_regs_t gpregs_ctx; el3_state_t el3state_ctx; - el1_sys_regs_t sysregs_ctx; + el1_sysregs_t el1_sysregs_ctx; +#if CTX_INCLUDE_EL2_REGS + el2_sysregs_t el2_sysregs_ctx; +#endif #if CTX_INCLUDE_FPREGS fp_regs_t fpregs_ctx; #endif @@ -319,7 +438,10 @@ typedef struct cpu_context { #if CTX_INCLUDE_FPREGS # define get_fpregs_ctx(h) (&((cpu_context_t *) h)->fpregs_ctx) #endif -#define get_sysregs_ctx(h) (&((cpu_context_t *) h)->sysregs_ctx) +#define get_el1_sysregs_ctx(h) (&((cpu_context_t *) h)->el1_sysregs_ctx) +#if CTX_INCLUDE_EL2_REGS +# define get_el2_sysregs_ctx(h) (&((cpu_context_t *) h)->el2_sysregs_ctx) +#endif #define get_gpregs_ctx(h) (&((cpu_context_t *) h)->gpregs_ctx) #define get_cve_2018_3639_ctx(h) (&((cpu_context_t *) h)->cve_2018_3639_ctx) #if CTX_INCLUDE_PAUTH_REGS @@ -333,8 +455,12 @@ typedef struct cpu_context { */ CASSERT(CTX_GPREGS_OFFSET == __builtin_offsetof(cpu_context_t, gpregs_ctx), \ assert_core_context_gp_offset_mismatch); -CASSERT(CTX_SYSREGS_OFFSET == __builtin_offsetof(cpu_context_t, sysregs_ctx), \ - assert_core_context_sys_offset_mismatch); +CASSERT(CTX_EL1_SYSREGS_OFFSET == __builtin_offsetof(cpu_context_t, el1_sysregs_ctx), \ + assert_core_context_el1_sys_offset_mismatch); +#if CTX_INCLUDE_EL2_REGS +CASSERT(CTX_EL2_SYSREGS_OFFSET == __builtin_offsetof(cpu_context_t, el2_sysregs_ctx), \ + assert_core_context_el2_sys_offset_mismatch); +#endif #if CTX_INCLUDE_FPREGS CASSERT(CTX_FPREGS_OFFSET == __builtin_offsetof(cpu_context_t, fpregs_ctx), \ assert_core_context_fp_offset_mismatch); @@ -387,8 +513,14 @@ CASSERT(CTX_PAUTH_REGS_OFFSET == __builtin_offsetof(cpu_context_t, pauth_ctx), \ /******************************************************************************* * Function prototypes ******************************************************************************/ -void el1_sysregs_context_save(el1_sys_regs_t *regs); -void el1_sysregs_context_restore(el1_sys_regs_t *regs); +void el1_sysregs_context_save(el1_sysregs_t *regs); +void el1_sysregs_context_restore(el1_sysregs_t *regs); + +#if CTX_INCLUDE_EL2_REGS +void el2_sysregs_context_save(el2_sysregs_t *regs); +void el2_sysregs_context_restore(el2_sysregs_t *regs); +#endif + #if CTX_INCLUDE_FPREGS void fpregs_context_save(fp_regs_t *regs); void fpregs_context_restore(fp_regs_t *regs); diff --git a/include/lib/el3_runtime/context_mgmt.h b/include/lib/el3_runtime/context_mgmt.h index 17955e3a8..b36cd3d70 100644 --- a/include/lib/el3_runtime/context_mgmt.h +++ b/include/lib/el3_runtime/context_mgmt.h @@ -36,6 +36,11 @@ void cm_setup_context(cpu_context_t *ctx, const entry_point_info_t *ep); void cm_prepare_el3_exit(uint32_t security_state); #ifdef __aarch64__ +#if CTX_INCLUDE_EL2_REGS +void cm_el2_sysregs_context_save(uint32_t security_state); +void cm_el2_sysregs_context_restore(uint32_t security_state); +#endif + void cm_el1_sysregs_context_save(uint32_t security_state); void cm_el1_sysregs_context_restore(uint32_t security_state); void cm_set_elr_el3(uint32_t security_state, uintptr_t entrypoint); diff --git a/include/lib/fconf/fconf.h b/include/lib/fconf/fconf.h index f58ff5710..09d2b59aa 100644 --- a/include/lib/fconf/fconf.h +++ b/include/lib/fconf/fconf.h @@ -12,11 +12,18 @@ /* Public API */ #define FCONF_GET_PROPERTY(a, b, c) a##__##b##_getter(c) -#define FCONF_REGISTER_POPULATOR(name, callback) \ +/* + * This macro takes three arguments: + * config: Configuration identifier + * name: property namespace + * callback: populate() function + */ +#define FCONF_REGISTER_POPULATOR(config, name, callback) \ __attribute__((used, section(".fconf_populator"))) \ - const struct fconf_populator name##__populator = { \ - .info = #name, \ - .populate = callback \ + const struct fconf_populator (name##__populator) = { \ + .config_type = (#config), \ + .info = (#name), \ + .populate = (callback) \ }; /* @@ -27,6 +34,7 @@ */ struct fconf_populator { /* Description of the data loaded by the callback */ + const char *config_type; const char *info; /* Callback used by fconf_populate function with a provided config dtb. @@ -45,7 +53,7 @@ void fconf_load_config(void); * * Panic on error. */ -void fconf_populate(uintptr_t config); +void fconf_populate(const char *config_type, uintptr_t config); /* FCONF specific getter */ #define fconf__dtb_getter(prop) fconf_dtb_info.prop diff --git a/include/lib/object_pool.h b/include/lib/object_pool.h index 0f85331a8..66e8c4780 100644 --- a/include/lib/object_pool.h +++ b/include/lib/object_pool.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2018-2020, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -56,13 +56,13 @@ struct object_pool { */ static inline void *pool_alloc_n(struct object_pool *pool, size_t count) { - if (pool->used + count > pool->capacity) { + if ((pool->used + count) > pool->capacity) { ERROR("Cannot allocate %zu objects out of pool (%zu objects left).\n", count, pool->capacity - pool->used); panic(); } - void *obj = (char *)(pool->objects) + pool->obj_size * pool->used; + void *obj = (char *)(pool->objects) + (pool->obj_size * pool->used); pool->used += count; return obj; } diff --git a/include/lib/xlat_tables/xlat_tables_v2.h b/include/lib/xlat_tables/xlat_tables_v2.h index 0e099987e..ab311f4cb 100644 --- a/include/lib/xlat_tables/xlat_tables_v2.h +++ b/include/lib/xlat_tables/xlat_tables_v2.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017-2018, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2017-2020, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -164,14 +164,20 @@ typedef struct xlat_ctx xlat_ctx_t; * Would typically be PLAT_VIRT_ADDR_SPACE_SIZE * (resp. PLAT_PHY_ADDR_SPACE_SIZE) for the translation context describing the * BL image currently executing. + + * _base_table_section: + * Specify the name of the section where the base translation tables have to + * be placed by the linker. */ #define REGISTER_XLAT_CONTEXT(_ctx_name, _mmap_count, _xlat_tables_count, \ - _virt_addr_space_size, _phy_addr_space_size) \ + _virt_addr_space_size, _phy_addr_space_size, \ + _base_table_section) \ REGISTER_XLAT_CONTEXT_FULL_SPEC(_ctx_name, (_mmap_count), \ (_xlat_tables_count), \ (_virt_addr_space_size), \ (_phy_addr_space_size), \ - EL_REGIME_INVALID, "xlat_table") + EL_REGIME_INVALID, \ + "xlat_table", (_base_table_section)) /* * Same as REGISTER_XLAT_CONTEXT plus the additional parameters: @@ -191,7 +197,9 @@ typedef struct xlat_ctx xlat_ctx_t; (_xlat_tables_count), \ (_virt_addr_space_size), \ (_phy_addr_space_size), \ - (_xlat_regime), (_section_name)) + (_xlat_regime), \ + (_section_name), ".bss" \ +) /****************************************************************************** * Generic translation table APIs. @@ -345,6 +353,16 @@ int xlat_change_mem_attributes_ctx(const xlat_ctx_t *ctx, uintptr_t base_va, size_t size, uint32_t attr); int xlat_change_mem_attributes(uintptr_t base_va, size_t size, uint32_t attr); +#if PLAT_RO_XLAT_TABLES +/* + * Change the memory attributes of the memory region encompassing the higher + * level translation tables to secure read-only data. + * + * Return 0 on success, a negative error code on error. + */ +int xlat_make_tables_readonly(void); +#endif + /* * Query the memory attributes of a memory page in a set of translation tables. * diff --git a/include/lib/xlat_tables/xlat_tables_v2_helpers.h b/include/lib/xlat_tables/xlat_tables_v2_helpers.h index b17b71a87..62f853d18 100644 --- a/include/lib/xlat_tables/xlat_tables_v2_helpers.h +++ b/include/lib/xlat_tables/xlat_tables_v2_helpers.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017-2018, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2017-2020, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -24,6 +24,7 @@ #include <platform_def.h> #include <lib/cassert.h> +#include <lib/utils_def.h> #include <lib/xlat_tables/xlat_tables_arch.h> #include <lib/xlat_tables/xlat_tables_defs.h> @@ -70,6 +71,9 @@ struct xlat_ctx { */ uint64_t (*tables)[XLAT_TABLE_ENTRIES]; int tables_num; +#if PLAT_RO_XLAT_TABLES + bool readonly_tables; +#endif /* * Keep track of how many regions are mapped in each table. The base * table can't be unmapped so it isn't needed to keep track of it. @@ -122,9 +126,18 @@ struct xlat_ctx { /* do nothing */ #endif /* PLAT_XLAT_TABLES_DYNAMIC */ +#if PLAT_RO_XLAT_TABLES +#define XLAT_CTX_INIT_TABLE_ATTR() \ + .readonly_tables = false, +#else +#define XLAT_CTX_INIT_TABLE_ATTR() + /* do nothing */ +#endif + #define REGISTER_XLAT_CONTEXT_FULL_SPEC(_ctx_name, _mmap_count, \ _xlat_tables_count, _virt_addr_space_size, \ - _phy_addr_space_size, _xlat_regime, _section_name)\ + _phy_addr_space_size, _xlat_regime, \ + _table_section, _base_table_section) \ CASSERT(CHECK_PHY_ADDR_SPACE_SIZE(_phy_addr_space_size), \ assert_invalid_physical_addr_space_sizefor_##_ctx_name);\ \ @@ -132,32 +145,34 @@ struct xlat_ctx { \ static uint64_t _ctx_name##_xlat_tables[_xlat_tables_count] \ [XLAT_TABLE_ENTRIES] \ - __aligned(XLAT_TABLE_SIZE) __section(_section_name); \ + __aligned(XLAT_TABLE_SIZE) __section(_table_section); \ \ static uint64_t _ctx_name##_base_xlat_table \ [GET_NUM_BASE_LEVEL_ENTRIES(_virt_addr_space_size)] \ __aligned(GET_NUM_BASE_LEVEL_ENTRIES(_virt_addr_space_size)\ - * sizeof(uint64_t)); \ + * sizeof(uint64_t)) \ + __section(_base_table_section); \ \ XLAT_ALLOC_DYNMAP_STRUCT(_ctx_name, _xlat_tables_count) \ \ static xlat_ctx_t _ctx_name##_xlat_ctx = { \ - .va_max_address = (_virt_addr_space_size) - 1UL, \ .pa_max_address = (_phy_addr_space_size) - 1ULL, \ + .va_max_address = (_virt_addr_space_size) - 1UL, \ .mmap = _ctx_name##_mmap, \ .mmap_num = (_mmap_count), \ - .base_level = GET_XLAT_TABLE_LEVEL_BASE(_virt_addr_space_size),\ - .base_table = _ctx_name##_base_xlat_table, \ - .base_table_entries = \ - GET_NUM_BASE_LEVEL_ENTRIES(_virt_addr_space_size),\ .tables = _ctx_name##_xlat_tables, \ - .tables_num = _xlat_tables_count, \ + .tables_num = ARRAY_SIZE(_ctx_name##_xlat_tables), \ + XLAT_CTX_INIT_TABLE_ATTR() \ XLAT_REGISTER_DYNMAP_STRUCT(_ctx_name) \ - .xlat_regime = (_xlat_regime), \ + .next_table = 0, \ + .base_table = _ctx_name##_base_xlat_table, \ + .base_table_entries = \ + ARRAY_SIZE(_ctx_name##_base_xlat_table), \ .max_pa = 0U, \ .max_va = 0U, \ - .next_table = 0, \ + .base_level = GET_XLAT_TABLE_LEVEL_BASE(_virt_addr_space_size),\ .initialized = false, \ + .xlat_regime = (_xlat_regime) \ } #endif /*__ASSEMBLER__*/ diff --git a/include/plat/arm/board/common/board_css_def.h b/include/plat/arm/board/common/board_css_def.h index 4637b6785..b79e0d572 100644 --- a/include/plat/arm/board/common/board_css_def.h +++ b/include/plat/arm/board/common/board_css_def.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015-2019, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -50,13 +50,6 @@ #define PLAT_ARM_NVM_BASE V2M_FLASH0_BASE #define PLAT_ARM_NVM_SIZE (V2M_FLASH0_SIZE - V2M_FLASH_BLOCK_SIZE) -/* - * Required platform porting definitions common to all ARM CSS-based - * development platforms - */ -#define PLAT_ARM_DRAM2_BASE ULL(0x880000000) -#define PLAT_ARM_DRAM2_SIZE ULL(0x180000000) - /* UART related constants */ #define PLAT_ARM_BOOT_UART_BASE SOC_CSS_UART0_BASE #define PLAT_ARM_BOOT_UART_CLK_IN_HZ SOC_CSS_UART0_CLK_IN_HZ diff --git a/include/plat/arm/common/fconf_arm_sp_getter.h b/include/plat/arm/common/fconf_arm_sp_getter.h new file mode 100644 index 000000000..38c30fbf9 --- /dev/null +++ b/include/plat/arm/common/fconf_arm_sp_getter.h @@ -0,0 +1,30 @@ +/* + * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#ifndef FCONF_ARM_SP_GETTER_H +#define FCONF_ARM_SP_GETTER_H + +#include <lib/fconf/fconf.h> +#include <tools_share/uuid.h> + +/* arm_sp getter */ +#define arm__sp_getter(prop) arm_sp.prop + +#define ARM_SP_MAX_SIZE U(0x10000) + +struct arm_sp_t { + unsigned int number_of_sp; + union uuid_helper_t uuids[MAX_SP_IDS]; + uintptr_t load_addr[MAX_SP_IDS]; +}; + +int fconf_populate_arm_sp(uintptr_t config); + +extern struct arm_sp_t arm_sp; + +extern bl_mem_params_node_t sp_mem_params_descs[MAX_SP_IDS]; + +#endif /* FCONF_ARM_SP_GETTER_H */ diff --git a/include/plat/arm/common/plat_arm.h b/include/plat/arm/common/plat_arm.h index 025a64fa2..a84047aac 100644 --- a/include/plat/arm/common/plat_arm.h +++ b/include/plat/arm/common/plat_arm.h @@ -148,11 +148,18 @@ void arm_setup_romlib(void); #define ARM_ROTPK_DEVEL_RSA_ID 2 #define ARM_ROTPK_DEVEL_ECDSA_ID 3 +/* Defines used to retrieve ARM SOC revision */ +#define ARM_SOC_CONTINUATION_CODE U(0x4) +#define ARM_SOC_IDENTIFICATION_CODE U(0x3B) +#define ARM_SOC_CONTINUATION_SHIFT U(24) +#define ARM_SOC_IDENTIFICATION_SHIFT U(16) + /* IO storage utility functions */ int arm_io_setup(void); /* Security utility functions */ -void arm_tzc400_setup(const arm_tzc_regions_info_t *tzc_regions); +void arm_tzc400_setup(uintptr_t tzc_base, + const arm_tzc_regions_info_t *tzc_regions); struct tzc_dmc500_driver_data; void arm_tzc_dmc500_setup(struct tzc_dmc500_driver_data *plat_driver_data, const arm_tzc_regions_info_t *tzc_regions); @@ -221,6 +228,7 @@ void arm_tsp_early_platform_setup(void); void arm_sp_min_early_platform_setup(void *from_bl2, uintptr_t tos_fw_config, uintptr_t hw_config, void *plat_params_from_bl2); void arm_sp_min_plat_runtime_setup(void); +void arm_sp_min_plat_arch_setup(void); /* FIP TOC validity check */ bool arm_io_is_toc_valid(void); @@ -237,6 +245,11 @@ int arm_get_mbedtls_heap(void **heap_addr, size_t *heap_size); void arm_free_init_memory(void); /* + * Make the higher level translation tables read-only + */ +void arm_xlat_make_tables_readonly(void); + +/* * Mandatory functions required in ARM standard platforms */ unsigned int plat_arm_get_cluster_core_count(u_register_t mpidr); @@ -262,7 +275,7 @@ __dead2 void plat_arm_error_handler(int err); * Optional functions in ARM standard platforms */ void plat_arm_override_gicr_frames(const uintptr_t *plat_gicr_frames); -int arm_get_rotpk_info(void **key_ptr, unsigned int *key_len, +int arm_get_rotpk_info(void *cookie, void **key_ptr, unsigned int *key_len, unsigned int *flags); int arm_get_rotpk_info_regs(void **key_ptr, unsigned int *key_len, unsigned int *flags); @@ -316,4 +329,7 @@ extern const unsigned int arm_pm_idle_states[]; void plat_arm_secure_wdt_start(void); void plat_arm_secure_wdt_stop(void); +/* Get SOC-ID of ARM platform */ +uint32_t plat_arm_get_soc_id(void); + #endif /* PLAT_ARM_H */ diff --git a/include/plat/arm/css/common/css_def.h b/include/plat/arm/css/common/css_def.h index 7b6148445..d59935266 100644 --- a/include/plat/arm/css/common/css_def.h +++ b/include/plat/arm/css/common/css_def.h @@ -189,9 +189,6 @@ /* Load address of Non-Secure Image for CSS platform ports */ #define PLAT_ARM_NS_IMAGE_BASE U(0xE0000000) -/* TZC related constants */ -#define PLAT_ARM_TZC_FILTERS TZC_400_REGION_ATTR_FILTER_BIT_ALL - /* * Parsing of CPU and Cluster states, as returned by 'Get CSS Power State' SCP * command diff --git a/include/plat/common/platform.h b/include/plat/common/platform.h index f5bd298c5..e4431d2f0 100644 --- a/include/plat/common/platform.h +++ b/include/plat/common/platform.h @@ -27,6 +27,7 @@ struct bl_params; struct mmap_region; struct spm_mm_boot_info; struct sp_res_desc; +enum fw_enc_status_t; /******************************************************************************* * plat_get_rotpk_info() flags @@ -37,6 +38,15 @@ struct sp_res_desc; #define ROTPK_NOT_DEPLOYED (1 << 1) /******************************************************************************* + * plat_get_enc_key_info() flags + ******************************************************************************/ +/* + * Flag used to notify caller that information provided in key buffer is an + * identifier rather than an actual key. + */ +#define ENC_KEY_IS_IDENTIFIER (1 << 0) + +/******************************************************************************* * Function declarations ******************************************************************************/ /******************************************************************************* @@ -265,6 +275,9 @@ int plat_set_nv_ctr(void *cookie, unsigned int nv_ctr); int plat_set_nv_ctr2(void *cookie, const struct auth_img_desc_s *img_desc, unsigned int nv_ctr); int get_mbedtls_heap_helper(void **heap_addr, size_t *heap_size); +int plat_get_enc_key_info(enum fw_enc_status_t fw_enc_status, uint8_t *key, + size_t *key_len, unsigned int *flags, + const uint8_t *img_id, size_t img_id_len); /******************************************************************************* * Secure Partitions functions @@ -309,4 +322,14 @@ void plat_flush_next_bl_params(void); */ unsigned int platform_core_pos_helper(unsigned long mpidr); +/* + * Optional function to get SOC version + */ +int32_t plat_get_soc_version(void); + +/* + * Optional function to get SOC revision + */ +int32_t plat_get_soc_revision(void); + #endif /* PLATFORM_H */ diff --git a/include/services/arm_arch_svc.h b/include/services/arm_arch_svc.h index 23c6f5660..5bbd8bb6c 100644 --- a/include/services/arm_arch_svc.h +++ b/include/services/arm_arch_svc.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2018-2020, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -9,9 +9,11 @@ #define SMCCC_VERSION U(0x80000000) #define SMCCC_ARCH_FEATURES U(0x80000001) +#define SMCCC_ARCH_SOC_ID U(0x80000002) #define SMCCC_ARCH_WORKAROUND_1 U(0x80008000) #define SMCCC_ARCH_WORKAROUND_2 U(0x80007FFF) -#define SMCCC_ARCH_NOT_REQUIRED -2 +#define SMCCC_GET_SOC_VERSION U(0) +#define SMCCC_GET_SOC_REVISION U(1) #endif /* ARM_ARCH_SVC_H */ diff --git a/include/services/spm_core_manifest.h b/include/services/spm_core_manifest.h index 06ecc1391..71e6cfbe4 100644 --- a/include/services/spm_core_manifest.h +++ b/include/services/spm_core_manifest.h @@ -21,13 +21,6 @@ typedef struct spm_core_manifest_sect_attribute { uint32_t minor_version; /* - * Run-Time Exception Level (mandatory): - * - 1: SEL1 - * - 2: SEL2 - */ - uint32_t runtime_el; - - /* * Run-Time Execution state (optional): * - 0: AArch64 (default) * - 1: AArch32 @@ -50,6 +43,11 @@ typedef struct spm_core_manifest_sect_attribute { */ uint32_t binary_size; + /* + * ID of the SPMD (mandatory) + */ + uint16_t spmc_id; + } spmc_manifest_sect_attribute_t; #endif /* SPMC_MANIFEST_H */ diff --git a/include/services/spmd_svc.h b/include/services/spmd_svc.h index 6e4caf266..a766dcf8f 100644 --- a/include/services/spmd_svc.h +++ b/include/services/spmd_svc.h @@ -11,7 +11,7 @@ #include <services/spci_svc.h> #include <stdint.h> -int32_t spmd_setup(void); +int spmd_setup(void); uint64_t spmd_smc_handler(uint32_t smc_fid, uint64_t x1, uint64_t x2, diff --git a/include/tools_share/dualroot_oid.h b/include/tools_share/dualroot_oid.h new file mode 100644 index 000000000..3e88a6d22 --- /dev/null +++ b/include/tools_share/dualroot_oid.h @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#ifndef DUALROOT_OID_H +#define DUALROOT_OID_H + +/* Reuse the Object IDs defined by TBBR for certificate extensions. */ +#include "tbbr_oid.h" + +/* + * Platform root-of-trust public key. + * Arbitrary value that does not conflict with any of the TBBR reserved OIDs. + */ +#define PROT_PK_OID "1.3.6.1.4.1.4128.2100.1102" + +#endif /* DUALROOT_OID_H */ diff --git a/include/tools_share/firmware_encrypted.h b/include/tools_share/firmware_encrypted.h new file mode 100644 index 000000000..7ca634f5e --- /dev/null +++ b/include/tools_share/firmware_encrypted.h @@ -0,0 +1,42 @@ +/* + * Copyright (c) 2020, Linaro Limited. All rights reserved. + * Author: Sumit Garg <sumit.garg@linaro.org> + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#ifndef FIRMWARE_ENCRYPTED_H +#define FIRMWARE_ENCRYPTED_H + +#include <stdint.h> + +/* This is used as a signature to validate the encryption header */ +#define ENC_HEADER_MAGIC 0xAA640001U + +/* Firmware encryption status flag mask */ +#define FW_ENC_STATUS_FLAG_MASK 0x1 + +/* + * SSK: Secret Symmetric Key + * BSSK: Binding Secret Symmetric Key + */ +enum fw_enc_status_t { + FW_ENC_WITH_SSK = 0, + FW_ENC_WITH_BSSK = 1, +}; + +#define ENC_MAX_IV_SIZE 16U +#define ENC_MAX_TAG_SIZE 16U +#define ENC_MAX_KEY_SIZE 32U + +struct fw_enc_hdr { + uint32_t magic; + uint16_t dec_algo; + uint16_t flags; + uint16_t iv_len; + uint16_t tag_len; + uint8_t iv[ENC_MAX_IV_SIZE]; + uint8_t tag[ENC_MAX_TAG_SIZE]; +}; + +#endif /* FIRMWARE_ENCRYPTED_H */ |