commit 2c8e134cae63df4aaa9e0ce4900d6fbd413839d3
author Manish V Badarkhe <Manish.Badarkhe@arm.com> Wed Jul 13 09:47:03 2022 +0100
committer Manish V Badarkhe <Manish.Badarkhe@arm.com> Wed Oct 05 15:25:28 2022 +0100
tree dd1efbef95bb6837d1259cde219ba0fe4da7288d
parent b61496993a20f3c02f854303e4a66dd1819342d3

feat(drtm): ensure that passed region lies within Non-Secure region of DRAM

Ensured DLME data region and DRTM parameters are lies within Non-Secure
region of DRAM by calling platform function 'plat_drtm_validate_ns_region'.

Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I93ead775f45ca7748193631f8f9eec4326fcf20a

services/std_svc/drtm/drtm_main.c

diff --git a/services/std_svc/drtm/drtm_main.c b/services/std_svc/drtm/drtm_main.c
index bec4b72..443516d 100644
--- a/services/std_svc/drtm/drtm_main.c
+++ b/services/std_svc/drtm/drtm_main.c
@@ -328,6 +328,14 @@
 	}
 
 	args_mapping_size = ALIGNED_UP(sizeof(struct_drtm_dl_args), DRTM_PAGE_SIZE);
+
+	/* check DRTM parameters are within NS address region */
+	rc = plat_drtm_validate_ns_region(x1, args_mapping_size);
+	if (rc != 0) {
+		ERROR("DRTM: parameters lies within secure memory\n");
+		return INVALID_PARAMETERS;
+	}
+
 	rc = mmap_add_dynamic_region_alloc_va(x1, &args_mapping, args_mapping_size,
 					      MT_MEMORY | MT_NS | MT_RO |
 					      MT_SHAREABILITY_ISH);
@@ -371,14 +379,6 @@
 	dlme_data_start = a->dlme_paddr + a->dlme_data_off;
 	dlme_data_end = dlme_end;
 
-	/*
-	 * TODO: validate that the DLME physical address range is all NS memory,
-	 * return INVALID_PARAMETERS if it is not.
-	 * Note that this check relies on platform-specific information. For
-	 * examples, see psci_plat_pm_ops->validate_ns_entrypoint() or
-	 * arm_validate_ns_entrypoint().
-	 */
-
 	/* Check the DLME regions arguments. */
 	if ((dlme_start % DRTM_PAGE_SIZE) != 0) {
 		ERROR("DRTM: argument DLME region is not "
@@ -428,6 +428,13 @@
 		return INVALID_PARAMETERS;
 	}
 
+	/* check DLME region (paddr + size) is within a NS address region */
+	rc = plat_drtm_validate_ns_region(dlme_start, (size_t)a->dlme_size);
+	if (rc != 0) {
+		ERROR("DRTM: DLME region lies within secure memory\n");
+		return INVALID_PARAMETERS;
+	}
+
 	/* Check the Normal World DCE region arguments. */
 	if (a->dce_nwd_paddr != 0) {
 		uint32_t dce_nwd_start = a->dce_nwd_paddr;