feat(rmmd): add RMM_MECID_KEY_UPDATE call
With this addition, TF-A now has an SMC call to handle the
update of MEC keys associated to MECIDs.
The behavior of this newly added call is empty for now until an
implementation for the MPE (Memory Protection Engine) driver is
available. Only parameter sanitization has been implemented.
Signed-off-by: Tushar Khandelwal <tushar.khandelwal@arm.com>
Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
Change-Id: I2a969310b47e8c6da1817a79be0cd56158c6efc3
diff --git a/docs/components/rmm-el3-comms-spec.rst b/docs/components/rmm-el3-comms-spec.rst
index f1ca031..dfdabc6 100644
--- a/docs/components/rmm-el3-comms-spec.rst
+++ b/docs/components/rmm-el3-comms-spec.rst
@@ -52,8 +52,8 @@
- ``RES0``: Bit 31 of the version number is reserved 0 as to maintain
consistency with the versioning schemes used in other parts of RMM.
-This document specifies the 0.4 version of Boot Interface ABI and RMM-EL3
-services specification and the 0.4 version of the Boot Manifest.
+This document specifies the 0.5 version of Boot Interface ABI and RMM-EL3
+services specification and the 0.5 version of the Boot Manifest.
.. _rmm_el3_boot_interface:
@@ -671,6 +671,54 @@
``E_RMM_OK``,No errors detected
+RMM_MECID_KEY_UPDATE command
+============================
+
+This command updates the tweak for the encryption key/programs a new encryption key
+associated with a given MECID. After the execution of this command, all memory
+accesses associated with the MECID are encrypted/decrypted using the new key.
+This command is available from v0.5 of the RMM-EL3 interface.
+
+FID
+---
+
+``0xC40001B6``
+
+Input values
+------------
+
+.. csv-table:: Input values for RMM_MECID_KEY_UPDATE
+ :header: "Name", "Register", "Field", "Type", "Description"
+ :widths: 1 1 1 1 5
+
+ fid,x0,[63:0],UInt64,Command FID
+ mecid,x1,[15:0],UInt64,"mecid is a 16-bit value between 0 and 65,535 that identifies the MECID for which the encryption key is to be updated. Value has to be a valid MECID as per field MECIDWidthm1 read from MECIDR_EL2. Bits [63:16] must be 0."
+
+Output values
+-------------
+
+.. csv-table:: Output values for RMM_MECID_KEY_UPDATE
+ :header: "Name", "Register", "Field", "Type", "Description"
+ :widths: 1 1 1 1 5
+
+ Result,x0,[63:0],Error Code,Command return status. Valid for all opcodes listed in input values
+
+
+Failure conditions
+------------------
+
+The table below shows all the possible error codes returned in ``Result`` upon
+a failure. The errors are ordered by condition check.
+
+.. csv-table:: Failure conditions for RMM_MECID_KEY_UPDATE
+ :header: "ID", "Condition"
+ :widths: 1 5
+
+ ``E_RMM_INVAL``,"if mecid is invalid (larger than 65,535 or than the maximum MECID width, determined by MECIDR_EL2.MECIDWidthm1)"
+ ``E_RMM_UNK``,"An unknown error occurred whilst processing the command or the SMC is not present if interface version is <0.5"
+ ``E_RMM_OK``,No errors detected
+
+
RMM-EL3 world switch register save restore convention
_____________________________________________________
diff --git a/docs/porting-guide.rst b/docs/porting-guide.rst
index 0f0dedd..327c67b 100644
--- a/docs/porting-guide.rst
+++ b/docs/porting-guide.rst
@@ -2350,6 +2350,24 @@
When ENABLE_RME is disabled, this function is not used.
+Function : plat_rmm_mecid_key_update() [when ENABLE_RME == 1]
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+ Argument : uint16_t
+ Return : int
+
+This function is invoked by BL31's RMMD when there is a request from the RMM
+monitor to update the tweak for the encryption key associated to a MECID.
+
+The first parameter (``uint16_t mecid``) contains the MECID for which the
+encryption key is to be updated.
+
+Return value is 0 upon success and -EFAULT otherwise.
+
+This function needs to be implemented by a platform if it enables RME.
+
Function : plat_rmmd_el3_token_sign_push_req() [mandatory when RMMD_ENABLE_EL3_TOKEN_SIGN == 1]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~