Merge "fix(rmmd): add missing padding to RMM Boot Manifest and initialize it" into integration
diff --git a/docs/components/realm-management-extension.rst b/docs/components/realm-management-extension.rst
index 6fc0c2e..2ea8012 100644
--- a/docs/components/realm-management-extension.rst
+++ b/docs/components/realm-management-extension.rst
@@ -196,7 +196,7 @@
-C bp.refcounter.use_real_time=0 \
-C bp.ve_sysregs.exit_on_shutdown=1 \
-C cache_state_modelled=1 \
- -C bp.dram_size=2 \
+ -C bp.dram_size=4 \
-C bp.secure_memory=1 \
-C pci.pci_smmuv3.mmu.SMMU_ROOT_IDR0=3 \
-C pci.pci_smmuv3.mmu.SMMU_ROOT_IIDR=0x43B \
diff --git a/docs/threat_model/threat_model.rst b/docs/threat_model/threat_model.rst
index 38e5c87..99bbb3a 100644
--- a/docs/threat_model/threat_model.rst
+++ b/docs/threat_model/threat_model.rst
@@ -170,7 +170,7 @@
For each threat identified, a risk rating that ranges
from *informational* to *critical* is given based on the likelihood of the
-threat occuring if a mitigation is not in place, and the impact of the
+threat occurring if a mitigation is not in place, and the impact of the
threat (i.e. how severe the consequences could be). Table 4 explains each
rating in terms of score, impact and likelihood.
@@ -778,8 +778,9 @@
+========================+====================================================+
| Threat | | **Misconfiguration of the Memory Management Unit |
| | (MMU) may allow a normal world software to |
-| | access sensitive data or execute arbitrary |
-| | code** |
+| | access sensitive data, execute arbitrary |
+| | code or access otherwise restricted HW |
+| | interface** |
| | |
| | | A misconfiguration of the MMU could |
| | lead to an open door for software running in the |
@@ -853,6 +854,8 @@
+------------------------+-----------------------------------------------------+
| Threat Type | Information Disclosure |
+------------------------+-------------------+----------------+----------------+
+| Application | Server | IoT | Mobile |
++------------------------+-------------------+----------------+----------------+
| Impact | Medium (3) | Medium (3) | Medium (3) |
+------------------------+-------------------+----------------+----------------+
| Likelihood | Low (2) | Low (2) | Low (2) |
@@ -880,6 +883,41 @@
| | mitigated. |
+------------------------+-----------------------------------------------------+
++------------------------+-----------------------------------------------------+
+| ID | 13 |
++========================+=====================================================+
+| Threat | | **Leaving sensitive information in the memory, |
+| | can allow an attacker to retrieve them.** |
+| | |
+| | | Accidentally leaving not-needed sensitive data in |
+| | internal buffers can leak them if an attacker |
+| | gains access to memory due to a vulnerability. |
++------------------------+-----------------------------------------------------+
+| Diagram Elements | DF4, DF5 |
++------------------------+-----------------------------------------------------+
+| Affected TF-A | BL1, BL2, BL31 |
+| Components | |
++------------------------+-----------------------------------------------------+
+| Assets | Sensitive Data |
++------------------------+-----------------------------------------------------+
+| Threat Agent | NSCode, SecCode |
++------------------------+-----------------------------------------------------+
+| Threat Type | Information Disclosure |
++------------------------+-------------------+----------------+----------------+
+| Application | Server | IoT | Mobile |
++------------------------+-------------------+----------------+----------------+
+| Impact | Critical (5) | Critical (5) | Critical (5) |
++------------------------+-------------------+----------------+----------------+
+| Likelihood | Medium (3) | Medium (3) | Medium (3) |
++------------------------+-------------------+----------------+----------------+
+| Total Risk Rating | High (15) | High (15) | High (15) |
++------------------------+-------------------+----------------+----------------+
+| Mitigations | Clear the sensitive data from internal buffers as |
+| | soon as they are not needed anymore. |
++------------------------+-----------------------------------------------------+
+| Mitigations | | Yes / Platform specific |
++------------------------+-----------------------------------------------------+
+
--------------
*Copyright (c) 2021-2022, Arm Limited. All rights reserved.*
diff --git a/drivers/arm/rss/rss_comms.c b/drivers/arm/rss/rss_comms.c
index 5e224e1..4622af9 100644
--- a/drivers/arm/rss/rss_comms.c
+++ b/drivers/arm/rss/rss_comms.c
@@ -156,14 +156,22 @@
err = mhu_init_sender(mhu_sender_base);
if (err != MHU_ERR_NONE) {
- ERROR("[RSS-COMMS] Host to RSS MHU driver initialization failed: %d\n", err);
- return -1;
+ if (err == MHU_ERR_ALREADY_INIT) {
+ INFO("[RSS-COMMS] Host to RSS MHU driver already initialized\n");
+ } else {
+ ERROR("[RSS-COMMS] Host to RSS MHU driver initialization failed: %d\n", err);
+ return -1;
+ }
}
err = mhu_init_receiver(mhu_receiver_base);
if (err != MHU_ERR_NONE) {
- ERROR("[RSS-COMMS] RSS to Host MHU driver initialization failed: %d\n", err);
- return -1;
+ if (err == MHU_ERR_ALREADY_INIT) {
+ INFO("[RSS-COMMS] RSS to Host MHU driver already initialized\n");
+ } else {
+ ERROR("[RSS-COMMS] RSS to Host MHU driver initialization failed: %d\n", err);
+ return -1;
+ }
}
return 0;
diff --git a/drivers/auth/mbedtls/mbedtls_common.mk b/drivers/auth/mbedtls/mbedtls_common.mk
index 16ce65f..ae4b067 100644
--- a/drivers/auth/mbedtls/mbedtls_common.mk
+++ b/drivers/auth/mbedtls/mbedtls_common.mk
@@ -22,7 +22,7 @@
MBEDTLS_SOURCES += drivers/auth/mbedtls/mbedtls_common.c
-LIBMBEDTLS_SRCS := $(addprefix ${MBEDTLS_DIR}/library/, \
+LIBMBEDTLS_SRCS += $(addprefix ${MBEDTLS_DIR}/library/, \
aes.c \
asn1parse.c \
asn1write.c \
diff --git a/fdts/fvp-base-psci-common.dtsi b/fdts/fvp-base-psci-common.dtsi
index 6018f0c..7838fde 100644
--- a/fdts/fvp-base-psci-common.dtsi
+++ b/fdts/fvp-base-psci-common.dtsi
@@ -28,7 +28,7 @@
#size-cells = <2>;
#if (ENABLE_RME == 1)
- chosen { bootargs = "mem=1G console=ttyAMA0 earlycon=pl011,0x1c090000 root=/dev/vda ip=on";};
+ chosen { bootargs = "console=ttyAMA0 earlycon=pl011,0x1c090000 root=/dev/vda ip=on";};
#else
chosen {};
#endif
diff --git a/include/lib/psa/measured_boot.h b/include/lib/psa/measured_boot.h
index 47aa0b9..231da2c 100644
--- a/include/lib/psa/measured_boot.h
+++ b/include/lib/psa/measured_boot.h
@@ -74,4 +74,53 @@
size_t measurement_value_size,
bool lock_measurement);
+/**
+ * Retrieves a measurement from the requested slot.
+ *
+ * index Slot number from which measurement is to be
+ * retrieved.
+ * signer_id Pointer to signer_id buffer.
+ * signer_id_size Size of the signer_id buffer in bytes.
+ * signer_id_len On success, number of bytes that make up
+ * signer_id.
+ * version Pointer to version buffer.
+ * version_size Size of the version buffer in bytes.
+ * version_len On success, number of bytes that makeup the
+ * version.
+ * measurement_algo Pointer to measurement_algo.
+ * sw_type Pointer to sw_type buffer.
+ * sw_type_size Size of the sw_type buffer in bytes.
+ * sw_type_len On success, number of bytes that makeup the
+ * sw_type.
+ * measurement_value Pointer to measurement_value buffer.
+ * measurement_value_size Size of the measurement_value buffer in bytes.
+ * measurement_value_len On success, number of bytes that make up the
+ * measurement_value.
+ * is_locked Pointer to lock status of requested measurement
+ * slot.
+ *
+ * PSA_SUCCESS
+ * - Success.
+ * PSA_ERROR_INVALID_ARGUMENT
+ * - The size of at least one of the output buffers is incorrect or the
+ * requested slot index is invalid.
+ * PSA_ERROR_DOES_NOT_EXIST
+ * - The requested slot is empty, does not contain a measurement.
+ */
+psa_status_t rss_measured_boot_read_measurement(uint8_t index,
+ uint8_t *signer_id,
+ size_t signer_id_size,
+ size_t *signer_id_len,
+ uint8_t *version,
+ size_t version_size,
+ size_t *version_len,
+ uint32_t *measurement_algo,
+ uint8_t *sw_type,
+ size_t sw_type_size,
+ size_t *sw_type_len,
+ uint8_t *measurement_value,
+ size_t measurement_value_size,
+ size_t *measurement_value_len,
+ bool *is_locked);
+
#endif /* PSA_MEASURED_BOOT_H */
diff --git a/include/plat/arm/common/arm_pas_def.h b/include/plat/arm/common/arm_pas_def.h
index c199302..fba8d2c 100644
--- a/include/plat/arm/common/arm_pas_def.h
+++ b/include/plat/arm/common/arm_pas_def.h
@@ -21,24 +21,30 @@
* ============================================================================
* 0GB | 1GB |L0 GPT|ANY |TBROM (EL3 code) |Fixed mapping
* | | | |TSRAM (EL3 data) |
- * | | | |IO (incl.UARTs & GIC) |
+ * 00000000 | | | |IO (incl.UARTs & GIC) |
* ----------------------------------------------------------------------------
* 1GB | 1GB |L0 GPT|ANY |IO |Fixed mapping
+ * 40000000 | | | | |
* ----------------------------------------------------------------------------
- * 2GB | 1GB |L1 GPT|NS |DRAM (NS Kernel) |Use T.Descrip
+ * 2GB |2GB-64MB |L1 GPT|NS |DRAM (NS Kernel) |Use T.Descrip
+ * 80000000 | | | | |
* ----------------------------------------------------------------------------
- * 3GB |1GB-64MB |L1 GPT|NS |DRAM (NS Kernel) |Use T.Descrip
- * ----------------------------------------------------------------------------
- * 4GB-64MB |64MB-32MB | | | |
- * | -4MB |L1 GPT|SECURE|DRAM TZC |Use T.Descrip
+ * 4GB-64MB |64MB-32MB-4MB|L1 GPT|SECURE|DRAM TZC |Use T.Descrip
+ * FC000000 | | | | |
* ----------------------------------------------------------------------------
* 4GB-32MB | | | | |
* -3MB-1MB |32MB |L1 GPT|REALM |RMM |Use T.Descrip
+ * FDC00000 | | | | |
* ----------------------------------------------------------------------------
* 4GB-3MB | | | | |
* -1MB |3MB |L1 GPT|ROOT |EL3 DRAM data |Use T.Descrip
+ * FFC00000 | | | | |
* ----------------------------------------------------------------------------
* 4GB-1MB |1MB |L1 GPT|ROOT |DRAM (L1 GPTs, SCP TZC) |Fixed mapping
+ * FFF00000 | | | | |
+ * ----------------------------------------------------------------------------
+ * 34GB |2GB |L1 GPT|NS |DRAM (NS Kernel) |Use T.Descrip
+ * 880000000| | | | |
* ============================================================================
*
* - 4KB of L0 GPT reside in TSRAM, on top of the CONFIG section.
@@ -55,7 +61,7 @@
/* Device memory 0 to 2GB */
#define ARM_PAS_1_BASE (U(0))
-#define ARM_PAS_1_SIZE ((ULL(1)<<31)) /* 2GB */
+#define ARM_PAS_1_SIZE ((ULL(1) << 31)) /* 2GB */
/* NS memory 2GB to (end - 64MB) */
#define ARM_PAS_2_BASE (ARM_PAS_1_BASE + ARM_PAS_1_SIZE)
@@ -69,9 +75,14 @@
#define ARM_PAS_3_BASE (ARM_AP_TZC_DRAM1_BASE)
#define ARM_PAS_3_SIZE (ARM_AP_TZC_DRAM1_SIZE)
+/* NS memory 2GB */
+#define ARM_PAS_4_BASE ARM_DRAM2_BASE
+#define ARM_PAS_4_SIZE ((ULL(1) << 31)) /* 2GB */
+
#define ARM_PAS_GPI_ANY MAP_GPT_REGION(ARM_PAS_1_BASE, \
ARM_PAS_1_SIZE, \
GPT_GPI_ANY)
+
#define ARM_PAS_KERNEL GPT_MAP_REGION_GRANULE(ARM_PAS_2_BASE, \
ARM_PAS_2_SIZE, \
GPT_GPI_NS)
@@ -80,6 +91,9 @@
ARM_PAS_3_SIZE, \
GPT_GPI_SECURE)
+#define ARM_PAS_KERNEL_1 GPT_MAP_REGION_GRANULE(ARM_PAS_4_BASE, \
+ ARM_PAS_4_SIZE, \
+ GPT_GPI_NS)
/*
* REALM and Shared area share the same PAS, so consider them a single
* PAS region to configure in GPT.
diff --git a/include/services/trp/trp_helpers.h b/include/services/trp/trp_helpers.h
index 8e786e2..83ec740 100644
--- a/include/services/trp/trp_helpers.h
+++ b/include/services/trp/trp_helpers.h
@@ -39,5 +39,12 @@
__dead2 void trp_boot_abort(uint64_t err);
+/* TRP SMC result registers X0-X4 */
+#define TRP_SMC_RESULT_REGS 5
+
+struct trp_smc_result {
+ unsigned long long x[TRP_SMC_RESULT_REGS];
+};
+
#endif /* __ASSEMBLER __ */
#endif /* TRP_HELPERS_H */
diff --git a/lib/psa/measured_boot.c b/lib/psa/measured_boot.c
index 61747f2..10c43f1 100644
--- a/lib/psa/measured_boot.c
+++ b/lib/psa/measured_boot.c
@@ -111,6 +111,61 @@
NULL, 0);
}
+psa_status_t rss_measured_boot_read_measurement(uint8_t index,
+ uint8_t *signer_id,
+ size_t signer_id_size,
+ size_t *signer_id_len,
+ uint8_t *version,
+ size_t version_size,
+ size_t *version_len,
+ uint32_t *measurement_algo,
+ uint8_t *sw_type,
+ size_t sw_type_size,
+ size_t *sw_type_len,
+ uint8_t *measurement_value,
+ size_t measurement_value_size,
+ size_t *measurement_value_len,
+ bool *is_locked)
+{
+ psa_status_t status;
+ struct measured_boot_read_iovec_in_t read_iov_in = {
+ .index = index,
+ .sw_type_size = sw_type_size,
+ .version_size = version_size,
+ };
+
+ struct measured_boot_read_iovec_out_t read_iov_out;
+
+ psa_invec in_vec[] = {
+ {.base = &read_iov_in,
+ .len = sizeof(struct measured_boot_read_iovec_in_t)},
+ };
+
+ psa_outvec out_vec[] = {
+ {.base = &read_iov_out,
+ .len = sizeof(struct measured_boot_read_iovec_out_t)},
+ {.base = signer_id, .len = signer_id_size},
+ {.base = measurement_value, .len = measurement_value_size}
+ };
+
+ status = psa_call(RSS_MEASURED_BOOT_HANDLE, RSS_MEASURED_BOOT_READ,
+ in_vec, IOVEC_LEN(in_vec),
+ out_vec, IOVEC_LEN(out_vec));
+
+ if (status == PSA_SUCCESS) {
+ *is_locked = read_iov_out.is_locked;
+ *measurement_algo = read_iov_out.measurement_algo;
+ *sw_type_len = read_iov_out.sw_type_len;
+ *version_len = read_iov_out.version_len;
+ memcpy(sw_type, read_iov_out.sw_type, read_iov_out.sw_type_len);
+ memcpy(version, read_iov_out.version, read_iov_out.version_len);
+ *signer_id_len = out_vec[1].len;
+ *measurement_value_len = out_vec[2].len;
+ }
+
+ return status;
+}
+
#else /* !PLAT_RSS_NOT_SUPPORTED */
psa_status_t
@@ -133,4 +188,24 @@
return PSA_SUCCESS;
}
+
+psa_status_t rss_measured_boot_read_measurement(uint8_t index,
+ uint8_t *signer_id,
+ size_t signer_id_size,
+ size_t *signer_id_len,
+ uint8_t *version,
+ size_t version_size,
+ size_t *version_len,
+ uint32_t *measurement_algo,
+ uint8_t *sw_type,
+ size_t sw_type_size,
+ size_t *sw_type_len,
+ uint8_t *measurement_value,
+ size_t measurement_value_size,
+ size_t *measurement_value_len,
+ bool *is_locked)
+{
+ return PSA_SUCCESS;
+}
+
#endif /* !PLAT_RSS_NOT_SUPPORTED */
diff --git a/lib/psa/measured_boot_private.h b/lib/psa/measured_boot_private.h
index 649c3f6..80d2c19 100644
--- a/lib/psa/measured_boot_private.h
+++ b/lib/psa/measured_boot_private.h
@@ -11,8 +11,24 @@
#include <stdint.h>
/* Measured boot message types that distinguish its services */
+#define RSS_MEASURED_BOOT_READ 1001U
#define RSS_MEASURED_BOOT_EXTEND 1002U
+struct measured_boot_read_iovec_in_t {
+ uint8_t index;
+ uint8_t sw_type_size;
+ uint8_t version_size;
+};
+
+struct measured_boot_read_iovec_out_t {
+ uint8_t is_locked;
+ uint32_t measurement_algo;
+ uint8_t sw_type[SW_TYPE_MAX_SIZE];
+ uint8_t sw_type_len;
+ uint8_t version[VERSION_MAX_SIZE];
+ uint8_t version_len;
+};
+
struct measured_boot_extend_iovec_t {
uint8_t index;
uint8_t lock_measurement;
diff --git a/plat/arm/board/common/rotpk/arm_dev_rotpk.S b/plat/arm/board/common/rotpk/arm_dev_rotpk.S
index 06e2a06..a7fadf6 100644
--- a/plat/arm/board/common/rotpk/arm_dev_rotpk.S
+++ b/plat/arm/board/common/rotpk/arm_dev_rotpk.S
@@ -14,7 +14,6 @@
#endif
.global arm_rotpk_header
- .global arm_rotpk_header_end
.section .rodata.arm_rotpk_hash, "a"
arm_rotpk_header:
diff --git a/plat/arm/common/arm_bl2_setup.c b/plat/arm/common/arm_bl2_setup.c
index 08c014d..02e419a 100644
--- a/plat/arm/common/arm_bl2_setup.c
+++ b/plat/arm/common/arm_bl2_setup.c
@@ -143,11 +143,12 @@
ARM_PAS_SECURE,
ARM_PAS_REALM,
ARM_PAS_EL3_DRAM,
- ARM_PAS_GPTS
+ ARM_PAS_GPTS,
+ ARM_PAS_KERNEL_1
};
/* Initialize entire protected space to GPT_GPI_ANY. */
- if (gpt_init_l0_tables(GPCCR_PPS_4GB, ARM_L0_GPT_ADDR_BASE,
+ if (gpt_init_l0_tables(GPCCR_PPS_64GB, ARM_L0_GPT_ADDR_BASE,
ARM_L0_GPT_SIZE) < 0) {
ERROR("gpt_init_l0_tables() failed!\n");
panic();
diff --git a/plat/intel/soc/agilex/bl31_plat_setup.c b/plat/intel/soc/agilex/bl31_plat_setup.c
index b1b9514..26ed7ef 100644
--- a/plat/intel/soc/agilex/bl31_plat_setup.c
+++ b/plat/intel/soc/agilex/bl31_plat_setup.c
@@ -17,6 +17,7 @@
#include "ccu/ncore_ccu.h"
#include "socfpga_mailbox.h"
#include "socfpga_private.h"
+#include "socfpga_sip_svc.h"
static entry_point_info_t bl32_image_ep_info;
static entry_point_info_t bl33_image_ep_info;
@@ -35,6 +36,25 @@
return NULL;
}
+void setup_smmu_secure_context(void)
+{
+ /*
+ * Program SCR0 register (0xFA000000)
+ * to set SMCFCFG bit[21] to 0x1 which raise stream match conflict fault
+ * to set CLIENTPD bit[0] to 0x0 which enables SMMU for secure context
+ */
+ mmio_write_32(0xFA000000, 0x00200000);
+
+ /*
+ * Program SCR1 register (0xFA000004)
+ * to set NSNUMSMRGO bit[14:8] to 0x4 which stream mapping register
+ * for non-secure context and the rest will be secure context
+ * to set NSNUMCBO bit[5:0] to 0x4 which allocate context bank
+ * for non-secure context and the rest will be secure context
+ */
+ mmio_write_32(0xFA000004, 0x00000404);
+}
+
void bl31_early_platform_setup2(u_register_t arg0, u_register_t arg1,
u_register_t arg2, u_register_t arg3)
{
@@ -109,6 +129,7 @@
gicv2_distif_init();
gicv2_pcpu_distif_init();
gicv2_cpuif_enable();
+ setup_smmu_secure_context();
/* Signal secondary CPUs to jump to BL31 (BL2 = U-boot SPL) */
mmio_write_64(PLAT_CPU_RELEASE_ADDR,
diff --git a/plat/intel/soc/common/include/socfpga_fcs.h b/plat/intel/soc/common/include/socfpga_fcs.h
index 893551d..8a8f348 100644
--- a/plat/intel/soc/common/include/socfpga_fcs.h
+++ b/plat/intel/soc/common/include/socfpga_fcs.h
@@ -84,6 +84,14 @@
#define FCS_ECDSA_HASH_SIGN_CMD_MAX_WORD_SIZE 17U
#define FCS_ECDSA_HASH_SIG_VERIFY_CMD_MAX_WORD_SIZE 52U
#define FCS_ECDH_REQUEST_CMD_MAX_WORD_SIZE 29U
+
+#define FCS_CRYPTO_ECB_BUFFER_SIZE 12U
+#define FCS_CRYPTO_CBC_CTR_BUFFER_SIZE 28U
+#define FCS_CRYPTO_BLOCK_MODE_MASK 0x07
+#define FCS_CRYPTO_ECB_MODE 0x00
+#define FCS_CRYPTO_CBC_MODE 0x01
+#define FCS_CRYPTO_CTR_MODE 0x02
+
/* FCS Payload Structure */
typedef struct fcs_rng_payload_t {
uint32_t session_id;
@@ -235,6 +243,11 @@
uint32_t src_addr, uint32_t src_size,
uint64_t dst_addr, uint32_t *dst_size,
uint8_t is_finalised, uint32_t *mbox_error);
+int intel_fcs_get_digest_smmu_update_finalize(uint32_t session_id, uint32_t context_id,
+ uint32_t src_addr, uint32_t src_size,
+ uint64_t dst_addr, uint32_t *dst_size,
+ uint8_t is_finalised, uint32_t *mbox_error,
+ uint32_t *send_id);
int intel_fcs_mac_verify_init(uint32_t session_id, uint32_t context_id,
uint32_t key_id, uint32_t param_size,
@@ -244,6 +257,11 @@
uint64_t dst_addr, uint32_t *dst_size,
uint32_t data_size, uint8_t is_finalised,
uint32_t *mbox_error);
+int intel_fcs_mac_verify_smmu_update_finalize(uint32_t session_id, uint32_t context_id,
+ uint32_t src_addr, uint32_t src_size,
+ uint64_t dst_addr, uint32_t *dst_size,
+ uint32_t data_size, uint8_t is_finalised,
+ uint32_t *mbox_error, uint32_t *send_id);
int intel_fcs_ecdsa_hash_sign_init(uint32_t session_id, uint32_t context_id,
uint32_t key_id, uint32_t param_size,
@@ -270,6 +288,11 @@
uint32_t src_size, uint64_t dst_addr,
uint32_t *dst_size, uint8_t is_finalised,
uint32_t *mbox_error);
+int intel_fcs_ecdsa_sha2_data_sign_smmu_update_finalize(uint32_t session_id,
+ uint32_t context_id, uint32_t src_addr,
+ uint32_t src_size, uint64_t dst_addr,
+ uint32_t *dst_size, uint8_t is_finalised,
+ uint32_t *mbox_error, uint32_t *send_id);
int intel_fcs_ecdsa_sha2_data_sig_verify_init(uint32_t session_id,
uint32_t context_id, uint32_t key_id,
@@ -280,6 +303,12 @@
uint32_t src_size, uint64_t dst_addr,
uint32_t *dst_size, uint32_t data_size,
uint8_t is_finalised, uint32_t *mbox_error);
+int intel_fcs_ecdsa_sha2_data_sig_verify_smmu_update_finalize(uint32_t session_id,
+ uint32_t context_id, uint32_t src_addr,
+ uint32_t src_size, uint64_t dst_addr,
+ uint32_t *dst_size, uint32_t data_size,
+ uint8_t is_finalised, uint32_t *mbox_error,
+ uint32_t *send_id);
int intel_fcs_ecdsa_get_pubkey_init(uint32_t session_id, uint32_t context_id,
uint32_t key_id, uint32_t param_size,
diff --git a/plat/intel/soc/common/include/socfpga_mailbox.h b/plat/intel/soc/common/include/socfpga_mailbox.h
index 1f4b2a4..3ab6f52 100644
--- a/plat/intel/soc/common/include/socfpga_mailbox.h
+++ b/plat/intel/soc/common/include/socfpga_mailbox.h
@@ -139,6 +139,7 @@
#define SOFTFUNC_STATUS_CONF_DONE (1 << 0)
#define MBOX_CFGSTAT_STATE_IDLE 0x00000000
#define MBOX_CFGSTAT_STATE_CONFIG 0x10000000
+#define MBOX_CFGSTAT_VAB_BS_PREAUTH 0x20000000
#define MBOX_CFGSTAT_STATE_FAILACK 0x08000000
#define MBOX_CFGSTAT_STATE_ERROR_INVALID 0xf0000001
#define MBOX_CFGSTAT_STATE_ERROR_CORRUPT 0xf0000002
diff --git a/plat/intel/soc/common/include/socfpga_sip_svc.h b/plat/intel/soc/common/include/socfpga_sip_svc.h
index 0803eb5..21169f7 100644
--- a/plat/intel/soc/common/include/socfpga_sip_svc.h
+++ b/plat/intel/soc/common/include/socfpga_sip_svc.h
@@ -86,49 +86,57 @@
#define INTEL_SIP_SMC_GET_USERCODE 0xC200003D
/* FPGA Crypto Services */
-#define INTEL_SIP_SMC_FCS_RANDOM_NUMBER 0xC200005A
-#define INTEL_SIP_SMC_FCS_RANDOM_NUMBER_EXT 0x4200008F
-#define INTEL_SIP_SMC_FCS_CRYPTION 0x4200005B
-#define INTEL_SIP_SMC_FCS_CRYPTION_EXT 0xC2000090
-#define INTEL_SIP_SMC_FCS_SERVICE_REQUEST 0x4200005C
-#define INTEL_SIP_SMC_FCS_SEND_CERTIFICATE 0x4200005D
-#define INTEL_SIP_SMC_FCS_GET_PROVISION_DATA 0x4200005E
-#define INTEL_SIP_SMC_FCS_CNTR_SET_PREAUTH 0xC200005F
-#define INTEL_SIP_SMC_FCS_PSGSIGMA_TEARDOWN 0xC2000064
-#define INTEL_SIP_SMC_FCS_CHIP_ID 0xC2000065
-#define INTEL_SIP_SMC_FCS_ATTESTATION_SUBKEY 0xC2000066
-#define INTEL_SIP_SMC_FCS_ATTESTATION_MEASUREMENTS 0xC2000067
-#define INTEL_SIP_SMC_FCS_GET_ATTESTATION_CERT 0xC2000068
-#define INTEL_SIP_SMC_FCS_CREATE_CERT_ON_RELOAD 0xC2000069
-#define INTEL_SIP_SMC_FCS_OPEN_CS_SESSION 0xC200006E
-#define INTEL_SIP_SMC_FCS_CLOSE_CS_SESSION 0xC200006F
-#define INTEL_SIP_SMC_FCS_IMPORT_CS_KEY 0x42000070
-#define INTEL_SIP_SMC_FCS_EXPORT_CS_KEY 0xC2000071
-#define INTEL_SIP_SMC_FCS_REMOVE_CS_KEY 0xC2000072
-#define INTEL_SIP_SMC_FCS_GET_CS_KEY_INFO 0xC2000073
-#define INTEL_SIP_SMC_FCS_AES_CRYPT_INIT 0xC2000074
-#define INTEL_SIP_SMC_FCS_AES_CRYPT_UPDATE 0x42000075
-#define INTEL_SIP_SMC_FCS_AES_CRYPT_FINALIZE 0x42000076
-#define INTEL_SIP_SMC_FCS_GET_DIGEST_INIT 0xC2000077
-#define INTEL_SIP_SMC_FCS_GET_DIGEST_UPDATE 0xC2000078
-#define INTEL_SIP_SMC_FCS_GET_DIGEST_FINALIZE 0xC2000079
-#define INTEL_SIP_SMC_FCS_MAC_VERIFY_INIT 0xC200007A
-#define INTEL_SIP_SMC_FCS_MAC_VERIFY_UPDATE 0xC200007B
-#define INTEL_SIP_SMC_FCS_MAC_VERIFY_FINALIZE 0xC200007C
-#define INTEL_SIP_SMC_FCS_ECDSA_HASH_SIGN_INIT 0xC200007D
-#define INTEL_SIP_SMC_FCS_ECDSA_HASH_SIGN_FINALIZE 0xC200007F
-#define INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIGN_INIT 0xC2000080
-#define INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIGN_UPDATE 0xC2000081
-#define INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIGN_FINALIZE 0xC2000082
-#define INTEL_SIP_SMC_FCS_ECDSA_HASH_SIG_VERIFY_INIT 0xC2000083
-#define INTEL_SIP_SMC_FCS_ECDSA_HASH_SIG_VERIFY_FINALIZE 0xC2000085
-#define INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_INIT 0xC2000086
-#define INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_UPDATE 0xC2000087
-#define INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_FINALIZE 0xC2000088
-#define INTEL_SIP_SMC_FCS_ECDSA_GET_PUBKEY_INIT 0xC2000089
-#define INTEL_SIP_SMC_FCS_ECDSA_GET_PUBKEY_FINALIZE 0xC200008B
-#define INTEL_SIP_SMC_FCS_ECDH_REQUEST_INIT 0xC200008C
-#define INTEL_SIP_SMC_FCS_ECDH_REQUEST_FINALIZE 0xC200008E
+#define INTEL_SIP_SMC_FCS_RANDOM_NUMBER 0xC200005A
+#define INTEL_SIP_SMC_FCS_RANDOM_NUMBER_EXT 0x4200008F
+#define INTEL_SIP_SMC_FCS_CRYPTION 0x4200005B
+#define INTEL_SIP_SMC_FCS_CRYPTION_EXT 0xC2000090
+#define INTEL_SIP_SMC_FCS_SERVICE_REQUEST 0x4200005C
+#define INTEL_SIP_SMC_FCS_SEND_CERTIFICATE 0x4200005D
+#define INTEL_SIP_SMC_FCS_GET_PROVISION_DATA 0x4200005E
+#define INTEL_SIP_SMC_FCS_CNTR_SET_PREAUTH 0xC200005F
+#define INTEL_SIP_SMC_FCS_PSGSIGMA_TEARDOWN 0xC2000064
+#define INTEL_SIP_SMC_FCS_CHIP_ID 0xC2000065
+#define INTEL_SIP_SMC_FCS_ATTESTATION_SUBKEY 0xC2000066
+#define INTEL_SIP_SMC_FCS_ATTESTATION_MEASUREMENTS 0xC2000067
+#define INTEL_SIP_SMC_FCS_GET_ATTESTATION_CERT 0xC2000068
+#define INTEL_SIP_SMC_FCS_CREATE_CERT_ON_RELOAD 0xC2000069
+#define INTEL_SIP_SMC_FCS_OPEN_CS_SESSION 0xC200006E
+#define INTEL_SIP_SMC_FCS_CLOSE_CS_SESSION 0xC200006F
+#define INTEL_SIP_SMC_FCS_IMPORT_CS_KEY 0x42000070
+#define INTEL_SIP_SMC_FCS_EXPORT_CS_KEY 0xC2000071
+#define INTEL_SIP_SMC_FCS_REMOVE_CS_KEY 0xC2000072
+#define INTEL_SIP_SMC_FCS_GET_CS_KEY_INFO 0xC2000073
+#define INTEL_SIP_SMC_FCS_AES_CRYPT_INIT 0xC2000074
+#define INTEL_SIP_SMC_FCS_AES_CRYPT_UPDATE 0x42000075
+#define INTEL_SIP_SMC_FCS_AES_CRYPT_FINALIZE 0x42000076
+#define INTEL_SIP_SMC_FCS_GET_DIGEST_INIT 0xC2000077
+#define INTEL_SIP_SMC_FCS_GET_DIGEST_UPDATE 0xC2000078
+#define INTEL_SIP_SMC_FCS_GET_DIGEST_FINALIZE 0xC2000079
+#define INTEL_SIP_SMC_FCS_GET_DIGEST_SMMU_UPDATE 0x42000091
+#define INTEL_SIP_SMC_FCS_GET_DIGEST_SMMU_FINALIZE 0x42000092
+#define INTEL_SIP_SMC_FCS_MAC_VERIFY_INIT 0xC200007A
+#define INTEL_SIP_SMC_FCS_MAC_VERIFY_UPDATE 0xC200007B
+#define INTEL_SIP_SMC_FCS_MAC_VERIFY_FINALIZE 0xC200007C
+#define INTEL_SIP_SMC_FCS_MAC_VERIFY_SMMU_UPDATE 0x42000093
+#define INTEL_SIP_SMC_FCS_MAC_VERIFY_SMMU_FINALIZE 0x42000094
+#define INTEL_SIP_SMC_FCS_ECDSA_HASH_SIGN_INIT 0xC200007D
+#define INTEL_SIP_SMC_FCS_ECDSA_HASH_SIGN_FINALIZE 0xC200007F
+#define INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIGN_INIT 0xC2000080
+#define INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIGN_UPDATE 0xC2000081
+#define INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIGN_FINALIZE 0xC2000082
+#define INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIGN_SMMU_UPDATE 0x42000095
+#define INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIGN_SMMU_FINALIZE 0x42000096
+#define INTEL_SIP_SMC_FCS_ECDSA_HASH_SIG_VERIFY_INIT 0xC2000083
+#define INTEL_SIP_SMC_FCS_ECDSA_HASH_SIG_VERIFY_FINALIZE 0xC2000085
+#define INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_INIT 0xC2000086
+#define INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_UPDATE 0xC2000087
+#define INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_FINALIZE 0xC2000088
+#define INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_SMMU_UPDATE 0x42000097
+#define INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_SMMU_FINALIZE 0x42000098
+#define INTEL_SIP_SMC_FCS_ECDSA_GET_PUBKEY_INIT 0xC2000089
+#define INTEL_SIP_SMC_FCS_ECDSA_GET_PUBKEY_FINALIZE 0xC200008B
+#define INTEL_SIP_SMC_FCS_ECDH_REQUEST_INIT 0xC200008C
+#define INTEL_SIP_SMC_FCS_ECDH_REQUEST_FINALIZE 0xC200008E
#define INTEL_SIP_SMC_FCS_SHA_MODE_MASK 0xF
#define INTEL_SIP_SMC_FCS_DIGEST_SIZE_MASK 0xF
@@ -166,8 +174,14 @@
#define SIP_SVC_VERSION 0x8200ff03
/* SiP Service Calls version numbers */
-#define SIP_SVC_VERSION_MAJOR 1
-#define SIP_SVC_VERSION_MINOR 0
+/*
+ * Increase if there is any backward compatibility impact
+ */
+#define SIP_SVC_VERSION_MAJOR 2
+/*
+ * Increase if there is new SMC function ID being added
+ */
+#define SIP_SVC_VERSION_MINOR 1
/* Structure Definitions */
diff --git a/plat/intel/soc/common/include/socfpga_system_manager.h b/plat/intel/soc/common/include/socfpga_system_manager.h
index 7f67313..69ee6d3 100644
--- a/plat/intel/soc/common/include/socfpga_system_manager.h
+++ b/plat/intel/soc/common/include/socfpga_system_manager.h
@@ -42,6 +42,8 @@
#define IDLE_DATA_SOC2FPGA BIT(0)
#define IDLE_DATA_MASK (IDLE_DATA_LWSOC2FPGA | IDLE_DATA_SOC2FPGA)
+#define SYSMGR_QSPI_REFCLK_MASK GENMASK(27, 0)
+
#define SYSMGR_ECC_OCRAM_MASK BIT(1)
#define SYSMGR_ECC_DDR0_MASK BIT(16)
#define SYSMGR_ECC_DDR1_MASK BIT(17)
diff --git a/plat/intel/soc/common/sip/socfpga_sip_fcs.c b/plat/intel/soc/common/sip/socfpga_sip_fcs.c
index facee0f..f18c3e4 100644
--- a/plat/intel/soc/common/sip/socfpga_sip_fcs.c
+++ b/plat/intel/soc/common/sip/socfpga_sip_fcs.c
@@ -946,6 +946,104 @@
return INTEL_SIP_SMC_STATUS_OK;
}
+int intel_fcs_get_digest_smmu_update_finalize(uint32_t session_id,
+ uint32_t context_id, uint32_t src_addr,
+ uint32_t src_size, uint64_t dst_addr,
+ uint32_t *dst_size, uint8_t is_finalised,
+ uint32_t *mbox_error, uint32_t *send_id)
+{
+ int status;
+ uint32_t i;
+ uint32_t flag;
+ uint32_t crypto_header;
+ uint32_t resp_len;
+ uint32_t payload[FCS_GET_DIGEST_CMD_MAX_WORD_SIZE] = {0U};
+
+ /* Source data must be 8 bytes aligned */
+ if (dst_size == NULL || mbox_error == NULL ||
+ !is_8_bytes_aligned(src_size)) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
+ if (fcs_sha_get_digest_param.session_id != session_id ||
+ fcs_sha_get_digest_param.context_id != context_id) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
+ if (!is_address_in_ddr_range(src_addr, src_size) ||
+ !is_address_in_ddr_range(dst_addr, *dst_size)) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
+ resp_len = *dst_size / MBOX_WORD_BYTE;
+
+ /* Prepare crypto header */
+ flag = 0;
+
+ if (fcs_sha_get_digest_param.is_updated) {
+ fcs_sha_get_digest_param.crypto_param_size = 0;
+ } else {
+ flag |= FCS_CS_FIELD_FLAG_INIT;
+ }
+
+ if (is_finalised != 0U) {
+ flag |= FCS_CS_FIELD_FLAG_FINALIZE;
+ } else {
+ flag |= FCS_CS_FIELD_FLAG_UPDATE;
+ fcs_sha_get_digest_param.is_updated = 1;
+ }
+
+ crypto_header = ((flag << FCS_CS_FIELD_FLAG_OFFSET) |
+ (fcs_sha_get_digest_param.crypto_param_size &
+ FCS_CS_FIELD_SIZE_MASK));
+
+ /* Prepare command payload */
+ i = 0;
+ payload[i] = fcs_sha_get_digest_param.session_id;
+ i++;
+ payload[i] = fcs_sha_get_digest_param.context_id;
+ i++;
+ payload[i] = crypto_header;
+ i++;
+
+ if ((crypto_header >> FCS_CS_FIELD_FLAG_OFFSET) &
+ FCS_CS_FIELD_FLAG_INIT) {
+ payload[i] = fcs_sha_get_digest_param.key_id;
+ i++;
+ /* Crypto parameters */
+ payload[i] = fcs_sha_get_digest_param.crypto_param
+ & INTEL_SIP_SMC_FCS_SHA_MODE_MASK;
+ payload[i] |= ((fcs_sha_get_digest_param.crypto_param
+ >> INTEL_SIP_SMC_FCS_DIGEST_SIZE_OFFSET)
+ & INTEL_SIP_SMC_FCS_DIGEST_SIZE_MASK)
+ << FCS_SHA_HMAC_CRYPTO_PARAM_SIZE_OFFSET;
+ i++;
+ }
+ /* Data source address and size */
+ payload[i] = src_addr;
+ i++;
+ payload[i] = src_size;
+ i++;
+
+ status = mailbox_send_cmd_async(send_id, MBOX_FCS_GET_DIGEST_REQ,
+ payload, i, CMD_INDIRECT);
+
+ if (is_finalised != 0U) {
+ memset((void *)&fcs_sha_get_digest_param, 0,
+ sizeof(fcs_crypto_service_data));
+ }
+
+ if (status < 0) {
+ *mbox_error = -status;
+ return INTEL_SIP_SMC_STATUS_ERROR;
+ }
+
+ *dst_size = resp_len * MBOX_WORD_BYTE;
+ flush_dcache_range(dst_addr, *dst_size);
+
+ return INTEL_SIP_SMC_STATUS_OK;
+}
+
int intel_fcs_mac_verify_init(uint32_t session_id, uint32_t context_id,
uint32_t key_id, uint32_t param_size,
uint64_t param_data, uint32_t *mbox_error)
@@ -1071,6 +1169,127 @@
return INTEL_SIP_SMC_STATUS_OK;
}
+int intel_fcs_mac_verify_smmu_update_finalize(uint32_t session_id,
+ uint32_t context_id, uint32_t src_addr,
+ uint32_t src_size, uint64_t dst_addr,
+ uint32_t *dst_size, uint32_t data_size,
+ uint8_t is_finalised, uint32_t *mbox_error,
+ uint32_t *send_id)
+{
+ int status;
+ uint32_t i;
+ uint32_t flag;
+ uint32_t crypto_header;
+ uint32_t resp_len;
+ uint32_t payload[FCS_MAC_VERIFY_CMD_MAX_WORD_SIZE] = {0U};
+ uintptr_t mac_offset;
+
+ /*
+ * Source data must be 4 bytes aligned
+ * User data must be 8 bytes aligned
+ */
+ if (dst_size == NULL || mbox_error == NULL ||
+ !is_size_4_bytes_aligned(src_size) ||
+ !is_8_bytes_aligned(data_size)) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
+ if (data_size > src_size) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
+ if (fcs_sha_mac_verify_param.session_id != session_id ||
+ fcs_sha_mac_verify_param.context_id != context_id) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
+ if (!is_address_in_ddr_range(src_addr, src_size) ||
+ !is_address_in_ddr_range(dst_addr, *dst_size)) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
+ resp_len = *dst_size / MBOX_WORD_BYTE;
+
+ /* Prepare crypto header */
+ flag = 0;
+
+ if (fcs_sha_mac_verify_param.is_updated) {
+ fcs_sha_mac_verify_param.crypto_param_size = 0;
+ } else {
+ flag |= FCS_CS_FIELD_FLAG_INIT;
+ }
+
+ if (is_finalised) {
+ flag |= FCS_CS_FIELD_FLAG_FINALIZE;
+ } else {
+ flag |= FCS_CS_FIELD_FLAG_UPDATE;
+ fcs_sha_mac_verify_param.is_updated = 1;
+ }
+
+ crypto_header = ((flag << FCS_CS_FIELD_FLAG_OFFSET) |
+ (fcs_sha_mac_verify_param.crypto_param_size &
+ FCS_CS_FIELD_SIZE_MASK));
+
+ /* Prepare command payload */
+ i = 0;
+ payload[i] = fcs_sha_mac_verify_param.session_id;
+ i++;
+ payload[i] = fcs_sha_mac_verify_param.context_id;
+ i++;
+ payload[i] = crypto_header;
+ i++;
+
+ if ((crypto_header >> FCS_CS_FIELD_FLAG_OFFSET) &
+ FCS_CS_FIELD_FLAG_INIT) {
+ payload[i] = fcs_sha_mac_verify_param.key_id;
+ i++;
+ /* Crypto parameters */
+ payload[i] = ((fcs_sha_mac_verify_param.crypto_param
+ >> INTEL_SIP_SMC_FCS_DIGEST_SIZE_OFFSET)
+ & INTEL_SIP_SMC_FCS_DIGEST_SIZE_MASK)
+ << FCS_SHA_HMAC_CRYPTO_PARAM_SIZE_OFFSET;
+ i++;
+ }
+ /* Data source address and size */
+ payload[i] = src_addr;
+ i++;
+ payload[i] = data_size;
+ i++;
+
+ if ((crypto_header >> FCS_CS_FIELD_FLAG_OFFSET) &
+ FCS_CS_FIELD_FLAG_FINALIZE) {
+ /* Copy mac data to command
+ * Using dst_addr (physical address) to store mac_offset
+ * mac_offset = MAC data
+ */
+ mac_offset = dst_addr;
+ memcpy((uint8_t *) &payload[i], (uint8_t *) mac_offset,
+ src_size - data_size);
+
+ memset((void *)&dst_addr, 0, sizeof(dst_size));
+
+ i += (src_size - data_size) / MBOX_WORD_BYTE;
+ }
+
+ status = mailbox_send_cmd_async(send_id, MBOX_FCS_MAC_VERIFY_REQ,
+ payload, i, CMD_INDIRECT);
+
+ if (is_finalised) {
+ memset((void *)&fcs_sha_mac_verify_param, 0,
+ sizeof(fcs_crypto_service_data));
+ }
+
+ if (status < 0) {
+ *mbox_error = -status;
+ return INTEL_SIP_SMC_STATUS_ERROR;
+ }
+
+ *dst_size = resp_len * MBOX_WORD_BYTE;
+ flush_dcache_range(dst_addr, *dst_size);
+
+ return INTEL_SIP_SMC_STATUS_OK;
+}
+
int intel_fcs_ecdsa_hash_sign_init(uint32_t session_id, uint32_t context_id,
uint32_t key_id, uint32_t param_size,
uint64_t param_data, uint32_t *mbox_error)
@@ -1348,6 +1567,99 @@
return INTEL_SIP_SMC_STATUS_OK;
}
+int intel_fcs_ecdsa_sha2_data_sign_smmu_update_finalize(uint32_t session_id,
+ uint32_t context_id, uint32_t src_addr,
+ uint32_t src_size, uint64_t dst_addr,
+ uint32_t *dst_size, uint8_t is_finalised,
+ uint32_t *mbox_error, uint32_t *send_id)
+{
+ int status;
+ int i;
+ uint32_t flag;
+ uint32_t crypto_header;
+ uint32_t payload[FCS_ECDSA_SHA2_DATA_SIGN_CMD_MAX_WORD_SIZE] = {0U};
+ uint32_t resp_len;
+
+ /* Source data must be 8 bytes aligned */
+ if ((dst_size == NULL) || (mbox_error == NULL ||
+ !is_8_bytes_aligned(src_size))) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
+ if (fcs_sha2_data_sign_param.session_id != session_id ||
+ fcs_sha2_data_sign_param.context_id != context_id) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
+ if (!is_address_in_ddr_range(src_addr, src_size) ||
+ !is_address_in_ddr_range(dst_addr, *dst_size)) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
+ resp_len = *dst_size / MBOX_WORD_BYTE;
+
+ /* Prepare crypto header */
+ flag = 0;
+ if (fcs_sha2_data_sign_param.is_updated) {
+ fcs_sha2_data_sign_param.crypto_param_size = 0;
+ } else {
+ flag |= FCS_CS_FIELD_FLAG_INIT;
+ }
+
+ if (is_finalised != 0U) {
+ flag |= FCS_CS_FIELD_FLAG_FINALIZE;
+ } else {
+ flag |= FCS_CS_FIELD_FLAG_UPDATE;
+ fcs_sha2_data_sign_param.is_updated = 1;
+ }
+ crypto_header = (flag << FCS_CS_FIELD_FLAG_OFFSET) |
+ fcs_sha2_data_sign_param.crypto_param_size;
+
+ /* Prepare command payload */
+ i = 0;
+ payload[i] = fcs_sha2_data_sign_param.session_id;
+ i++;
+ payload[i] = fcs_sha2_data_sign_param.context_id;
+ i++;
+ payload[i] = crypto_header;
+ i++;
+
+ if ((crypto_header >> FCS_CS_FIELD_FLAG_OFFSET) &
+ FCS_CS_FIELD_FLAG_INIT) {
+ payload[i] = fcs_sha2_data_sign_param.key_id;
+ /* Crypto parameters */
+ i++;
+ payload[i] = fcs_sha2_data_sign_param.crypto_param
+ & INTEL_SIP_SMC_FCS_ECC_ALGO_MASK;
+ i++;
+ }
+
+ /* Data source address and size */
+ payload[i] = src_addr;
+ i++;
+ payload[i] = src_size;
+ i++;
+
+ status = mailbox_send_cmd_async(send_id,
+ MBOX_FCS_ECDSA_SHA2_DATA_SIGN_REQ,
+ payload, i, CMD_INDIRECT);
+
+ if (is_finalised != 0U) {
+ memset((void *)&fcs_sha2_data_sign_param, 0,
+ sizeof(fcs_crypto_service_data));
+ }
+
+ if (status < 0) {
+ *mbox_error = -status;
+ return INTEL_SIP_SMC_STATUS_ERROR;
+ }
+
+ *dst_size = resp_len * MBOX_WORD_BYTE;
+ flush_dcache_range(dst_addr, *dst_size);
+
+ return INTEL_SIP_SMC_STATUS_OK;
+}
+
int intel_fcs_ecdsa_sha2_data_sig_verify_init(uint32_t session_id,
uint32_t context_id, uint32_t key_id,
uint32_t param_size, uint64_t param_data,
@@ -1469,6 +1781,121 @@
return INTEL_SIP_SMC_STATUS_OK;
}
+int intel_fcs_ecdsa_sha2_data_sig_verify_smmu_update_finalize(uint32_t session_id,
+ uint32_t context_id, uint32_t src_addr,
+ uint32_t src_size, uint64_t dst_addr,
+ uint32_t *dst_size, uint32_t data_size,
+ uint8_t is_finalised, uint32_t *mbox_error,
+ uint32_t *send_id)
+{
+ int status;
+ uint32_t i;
+ uint32_t flag;
+ uint32_t crypto_header;
+ uint32_t payload[FCS_ECDSA_SHA2_DATA_SIG_VERIFY_CMD_MAX_WORD_SIZE] = {0U};
+ uint32_t resp_len;
+ uintptr_t sig_pubkey_offset;
+
+ /*
+ * Source data must be 4 bytes aligned
+ * Source addrress must be 8 bytes aligned
+ * User data must be 8 bytes aligned
+ */
+ if ((dst_size == NULL) || (mbox_error == NULL) ||
+ !is_size_4_bytes_aligned(src_size) ||
+ !is_8_bytes_aligned(src_addr) ||
+ !is_8_bytes_aligned(data_size)) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
+ if (fcs_sha2_data_sig_verify_param.session_id != session_id ||
+ fcs_sha2_data_sig_verify_param.context_id != context_id) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
+ if (!is_address_in_ddr_range(src_addr, src_size) ||
+ !is_address_in_ddr_range(dst_addr, *dst_size)) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
+ resp_len = *dst_size / MBOX_WORD_BYTE;
+
+ /* Prepare crypto header */
+ flag = 0;
+ if (fcs_sha2_data_sig_verify_param.is_updated)
+ fcs_sha2_data_sig_verify_param.crypto_param_size = 0;
+ else
+ flag |= FCS_CS_FIELD_FLAG_INIT;
+
+ if (is_finalised != 0U)
+ flag |= FCS_CS_FIELD_FLAG_FINALIZE;
+ else {
+ flag |= FCS_CS_FIELD_FLAG_UPDATE;
+ fcs_sha2_data_sig_verify_param.is_updated = 1;
+ }
+ crypto_header = (flag << FCS_CS_FIELD_FLAG_OFFSET) |
+ fcs_sha2_data_sig_verify_param.crypto_param_size;
+
+ /* Prepare command payload */
+ i = 0;
+ payload[i] = fcs_sha2_data_sig_verify_param.session_id;
+ i++;
+ payload[i] = fcs_sha2_data_sig_verify_param.context_id;
+ i++;
+ payload[i] = crypto_header;
+ i++;
+
+ if ((crypto_header >> FCS_CS_FIELD_FLAG_OFFSET) &
+ FCS_CS_FIELD_FLAG_INIT) {
+ payload[i] = fcs_sha2_data_sig_verify_param.key_id;
+ i++;
+ /* Crypto parameters */
+ payload[i] = fcs_sha2_data_sig_verify_param.crypto_param
+ & INTEL_SIP_SMC_FCS_ECC_ALGO_MASK;
+ i++;
+ }
+
+ /* Data source address and size */
+ payload[i] = src_addr;
+ i++;
+ payload[i] = data_size;
+ i++;
+
+ if ((crypto_header >> FCS_CS_FIELD_FLAG_OFFSET) &
+ FCS_CS_FIELD_FLAG_FINALIZE) {
+ /* Copy mac data to command
+ * Using dst_addr (physical address) to store sig_pubkey_offset
+ * sig_pubkey_offset is Signature + Public Key Data
+ */
+ sig_pubkey_offset = dst_addr;
+ memcpy((uint8_t *) &payload[i], (uint8_t *) sig_pubkey_offset,
+ src_size - data_size);
+
+ memset((void *)&dst_addr, 0, sizeof(dst_size));
+
+ i += (src_size - data_size) / MBOX_WORD_BYTE;
+ }
+
+ status = mailbox_send_cmd_async(send_id,
+ MBOX_FCS_ECDSA_SHA2_DATA_SIGN_VERIFY,
+ payload, i, CMD_INDIRECT);
+
+ if (is_finalised != 0U) {
+ memset((void *) &fcs_sha2_data_sig_verify_param, 0,
+ sizeof(fcs_crypto_service_data));
+ }
+
+ if (status < 0) {
+ *mbox_error = -status;
+ return INTEL_SIP_SMC_STATUS_ERROR;
+ }
+
+ *dst_size = resp_len * MBOX_WORD_BYTE;
+ flush_dcache_range(dst_addr, *dst_size);
+
+ return INTEL_SIP_SMC_STATUS_OK;
+}
+
int intel_fcs_ecdsa_get_pubkey_init(uint32_t session_id, uint32_t context_id,
uint32_t key_id, uint32_t param_size,
uint64_t param_data, uint32_t *mbox_error)
@@ -1620,6 +2047,29 @@
uint32_t key_id, uint64_t param_addr,
uint32_t param_size, uint32_t *mbox_error)
{
+ /* ptr to get param_addr value */
+ uint64_t *param_addr_ptr;
+
+ param_addr_ptr = (uint64_t *) param_addr;
+
+ /*
+ * Since crypto param size vary between mode.
+ * Check ECB here and limit to size 12 bytes
+ */
+ if (((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) == FCS_CRYPTO_ECB_MODE) &&
+ (param_size > FCS_CRYPTO_ECB_BUFFER_SIZE)) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+ /*
+ * Since crypto param size vary between mode.
+ * Check CBC/CTR here and limit to size 28 bytes
+ */
+ if ((((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) == FCS_CRYPTO_CBC_MODE) ||
+ ((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) == FCS_CRYPTO_CTR_MODE)) &&
+ (param_size > FCS_CRYPTO_CBC_CTR_BUFFER_SIZE)) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
if (mbox_error == NULL) {
return INTEL_SIP_SMC_STATUS_REJECTED;
}
diff --git a/plat/intel/soc/common/soc/socfpga_mailbox.c b/plat/intel/soc/common/soc/socfpga_mailbox.c
index d14ac9a..7010d81 100644
--- a/plat/intel/soc/common/soc/socfpga_mailbox.c
+++ b/plat/intel/soc/common/soc/socfpga_mailbox.c
@@ -10,6 +10,7 @@
#include "socfpga_mailbox.h"
#include "socfpga_sip_svc.h"
+#include "socfpga_system_manager.h"
static mailbox_payload_t mailbox_resp_payload;
static mailbox_container_t mailbox_resp_ctr = {0, 0, &mailbox_resp_payload};
@@ -464,8 +465,26 @@
void mailbox_set_qspi_direct(void)
{
+ uint32_t response[1], qspi_clk, reg;
+ unsigned int resp_len = ARRAY_SIZE(response);
+
mailbox_send_cmd(MBOX_JOB_ID, MBOX_CMD_QSPI_DIRECT, NULL, 0U,
- CMD_CASUAL, NULL, NULL);
+ CMD_CASUAL, response, &resp_len);
+
+ qspi_clk = response[0];
+ INFO("QSPI ref clock: %u\n", qspi_clk);
+
+ /*
+ * Store QSPI ref clock frequency in BOOT_SCRATCH_COLD_0 register for
+ * later boot loader (i.e. u-boot) use.
+ * The frequency is stored in kHz and occupies BOOT_SCRATCH_COLD_0
+ * register bits[27:0].
+ */
+ qspi_clk /= 1000;
+ reg = mmio_read_32(SOCFPGA_SYSMGR(BOOT_SCRATCH_COLD_0));
+ reg &= ~SYSMGR_QSPI_REFCLK_MASK;
+ reg |= qspi_clk & SYSMGR_QSPI_REFCLK_MASK;
+ mmio_write_32(SOCFPGA_SYSMGR(BOOT_SCRATCH_COLD_0), reg);
}
void mailbox_set_qspi_close(void)
@@ -590,6 +609,11 @@
}
res = response[RECONFIG_STATUS_STATE];
+
+ if (res == MBOX_CFGSTAT_VAB_BS_PREAUTH) {
+ return MBOX_CFGSTAT_STATE_CONFIG;
+ }
+
if ((res != 0U) && (res != MBOX_CFGSTAT_STATE_CONFIG)) {
return res;
}
diff --git a/plat/intel/soc/common/socfpga_sip_svc.c b/plat/intel/soc/common/socfpga_sip_svc.c
index b57ab92..a20e61c 100644
--- a/plat/intel/soc/common/socfpga_sip_svc.c
+++ b/plat/intel/soc/common/socfpga_sip_svc.c
@@ -344,6 +344,28 @@
case(0xF8011120): /* INTSTAT */
case(0xF8011124): /* DIAGINTTEST */
case(0xF801112C): /* DERRADDRA */
+ case(0xFA000000): /* SMMU SCR0 */
+ case(0xFA000004): /* SMMU SCR1 */
+ case(0xFA000400): /* SMMU NSCR0 */
+ case(0xFA004000): /* SMMU SSD0_REG */
+ case(0xFA000820): /* SMMU SMR8 */
+ case(0xFA000c20): /* SMMU SCR8 */
+ case(0xFA028000): /* SMMU CB8_SCTRL */
+ case(0xFA001020): /* SMMU CBAR8 */
+ case(0xFA028030): /* SMMU TCR_LPAE */
+ case(0xFA028020): /* SMMU CB8_TTBR0_LOW */
+ case(0xFA028024): /* SMMU CB8_PRRR_HIGH */
+ case(0xFA028038): /* SMMU CB8_PRRR_MIR0 */
+ case(0xFA02803C): /* SMMU CB8_PRRR_MIR1 */
+ case(0xFA028010): /* SMMU_CB8)TCR2 */
+ case(0xFFD080A4): /* SDM SMMU STREAM ID REG */
+ case(0xFA001820): /* SMMU_CBA2R8 */
+ case(0xFA000074): /* SMMU_STLBGSTATUS */
+ case(0xFA0287F4): /* SMMU_CB8_TLBSTATUS */
+ case(0xFA000060): /* SMMU_STLBIALL */
+ case(0xFA000070): /* SMMU_STLBGSYNC */
+ case(0xFA028618): /* CB8_TLBALL */
+ case(0xFA0287F0): /* CB8_TLBSYNC */
case(0xFFD12028): /* SDMMCGRP_CTRL */
case(0xFFD12044): /* EMAC0 */
case(0xFFD12048): /* EMAC1 */
@@ -927,6 +949,22 @@
&mbox_error);
SMC_RET4(handle, status, mbox_error, x5, x6);
+ case INTEL_SIP_SMC_FCS_GET_DIGEST_SMMU_UPDATE:
+ x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
+ x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
+ status = intel_fcs_get_digest_smmu_update_finalize(x1, x2, x3,
+ x4, x5, (uint32_t *) &x6, false,
+ &mbox_error, &send_id);
+ SMC_RET4(handle, status, mbox_error, x5, x6);
+
+ case INTEL_SIP_SMC_FCS_GET_DIGEST_SMMU_FINALIZE:
+ x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
+ x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
+ status = intel_fcs_get_digest_smmu_update_finalize(x1, x2, x3,
+ x4, x5, (uint32_t *) &x6, true,
+ &mbox_error, &send_id);
+ SMC_RET4(handle, status, mbox_error, x5, x6);
+
case INTEL_SIP_SMC_FCS_MAC_VERIFY_INIT:
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
status = intel_fcs_mac_verify_init(x1, x2, x3,
@@ -951,6 +989,24 @@
true, &mbox_error);
SMC_RET4(handle, status, mbox_error, x5, x6);
+ case INTEL_SIP_SMC_FCS_MAC_VERIFY_SMMU_UPDATE:
+ x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
+ x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
+ x7 = SMC_GET_GP(handle, CTX_GPREG_X7);
+ status = intel_fcs_mac_verify_smmu_update_finalize(x1, x2, x3,
+ x4, x5, (uint32_t *) &x6, x7,
+ false, &mbox_error, &send_id);
+ SMC_RET4(handle, status, mbox_error, x5, x6);
+
+ case INTEL_SIP_SMC_FCS_MAC_VERIFY_SMMU_FINALIZE:
+ x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
+ x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
+ x7 = SMC_GET_GP(handle, CTX_GPREG_X7);
+ status = intel_fcs_mac_verify_smmu_update_finalize(x1, x2, x3,
+ x4, x5, (uint32_t *) &x6, x7,
+ true, &mbox_error, &send_id);
+ SMC_RET4(handle, status, mbox_error, x5, x6);
+
case INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIGN_INIT:
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
status = intel_fcs_ecdsa_sha2_data_sign_init(x1, x2, x3,
@@ -973,6 +1029,22 @@
&mbox_error);
SMC_RET4(handle, status, mbox_error, x5, x6);
+ case INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIGN_SMMU_UPDATE:
+ x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
+ x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
+ status = intel_fcs_ecdsa_sha2_data_sign_smmu_update_finalize(x1,
+ x2, x3, x4, x5, (uint32_t *) &x6, false,
+ &mbox_error, &send_id);
+ SMC_RET4(handle, status, mbox_error, x5, x6);
+
+ case INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIGN_SMMU_FINALIZE:
+ x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
+ x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
+ status = intel_fcs_ecdsa_sha2_data_sign_smmu_update_finalize(x1,
+ x2, x3, x4, x5, (uint32_t *) &x6, true,
+ &mbox_error, &send_id);
+ SMC_RET4(handle, status, mbox_error, x5, x6);
+
case INTEL_SIP_SMC_FCS_ECDSA_HASH_SIGN_INIT:
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
status = intel_fcs_ecdsa_hash_sign_init(x1, x2, x3,
@@ -1014,6 +1086,24 @@
x7, false, &mbox_error);
SMC_RET4(handle, status, mbox_error, x5, x6);
+ case INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_SMMU_UPDATE:
+ x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
+ x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
+ x7 = SMC_GET_GP(handle, CTX_GPREG_X7);
+ status = intel_fcs_ecdsa_sha2_data_sig_verify_smmu_update_finalize(
+ x1, x2, x3, x4, x5, (uint32_t *) &x6,
+ x7, false, &mbox_error, &send_id);
+ SMC_RET4(handle, status, mbox_error, x5, x6);
+
+ case INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_SMMU_FINALIZE:
+ x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
+ x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
+ x7 = SMC_GET_GP(handle, CTX_GPREG_X7);
+ status = intel_fcs_ecdsa_sha2_data_sig_verify_smmu_update_finalize(
+ x1, x2, x3, x4, x5, (uint32_t *) &x6,
+ x7, true, &mbox_error, &send_id);
+ SMC_RET4(handle, status, mbox_error, x5, x6);
+
case INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_FINALIZE:
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
diff --git a/plat/qemu/qemu/platform.mk b/plat/qemu/qemu/platform.mk
index dfc5de2..2cf2b9a 100644
--- a/plat/qemu/qemu/platform.mk
+++ b/plat/qemu/qemu/platform.mk
@@ -210,6 +210,12 @@
${PLAT_QEMU_COMMON_PATH}/qemu_bl31_setup.c \
${QEMU_GIC_SOURCES}
+# Pointer Authentication sources
+ifeq (${ENABLE_PAUTH}, 1)
+PLAT_BL_COMMON_SOURCES += plat/arm/common/aarch64/arm_pauth.c \
+ lib/extensions/pauth/pauth_helpers.S
+endif
+
ifeq (${SPD},spmd)
BL31_SOURCES += plat/qemu/common/qemu_spmd_manifest.c
endif
diff --git a/services/std_svc/rmmd/trp/trp_entry.S b/services/std_svc/rmmd/trp/trp_entry.S
index ef3024d..3e1d8c9 100644
--- a/services/std_svc/rmmd/trp/trp_entry.S
+++ b/services/std_svc/rmmd/trp/trp_entry.S
@@ -125,7 +125,29 @@
* ---------------------------------------------
*/
func trp_handler
+ /*
+ * Save Link Register and X4, as per SMCCC v1.2 its value
+ * must be preserved unless it contains result, as specified
+ * in the function definition.
+ */
+ stp x4, lr, [sp, #-16]!
+
+ /*
+ * Zero the space for X0-X3 in trp_smc_result structure
+ * and pass its address as the last argument.
+ */
+ stp xzr, xzr, [sp, #-16]!
+ stp xzr, xzr, [sp, #-16]!
+ mov x7, sp
+
bl trp_rmi_handler
- restore_args_call_smc
+
+ ldp x1, x2, [sp], #16
+ ldp x3, x4, [sp], #16
+ ldp x5, lr, [sp], #16
+
+ ldr x0, =RMM_RMI_REQ_COMPLETE
+ smc #0
+
b trp_handler
endfunc trp_handler
diff --git a/services/std_svc/rmmd/trp/trp_main.c b/services/std_svc/rmmd/trp/trp_main.c
index b0a1c09..196bc11 100644
--- a/services/std_svc/rmmd/trp/trp_main.c
+++ b/services/std_svc/rmmd/trp/trp_main.c
@@ -4,7 +4,6 @@
* SPDX-License-Identifier: BSD-3-Clause
*/
-
#include <common/debug.h>
#include <plat/common/platform.h>
#include <services/rmm_core_manifest.h>
@@ -31,11 +30,11 @@
uint64_t x3)
{
/*
- * Validate boot parameters.
+ * Validate boot parameters
*
- * According to the Boot Interface ABI v.0.1, the
- * parameters recived from EL3 are:
- * x0: CPUID (verified earlier so not used)
+ * According to the Boot Interface ABI v.0.1,
+ * the parameters received from EL3 are:
+ * x0: CPUID (verified earlier, so not used)
* x1: Boot Interface version
* x2: PLATFORM_CORE_COUNT
* x3: Pointer to the shared memory area.
@@ -91,14 +90,14 @@
NOTICE("TRP: %s\n", build_message);
NOTICE("TRP: Supported RMM-EL3 Interface ABI: v.%u.%u\n",
TRP_RMM_EL3_ABI_VERS_MAJOR, TRP_RMM_EL3_ABI_VERS_MINOR);
- NOTICE("TRP: Boot Manifest Version : v.%u.%u\n",
+ NOTICE("TRP: Boot Manifest Version: v.%u.%u\n",
RMMD_GET_MANIFEST_VERSION_MAJOR(trp_boot_manifest_version),
RMMD_GET_MANIFEST_VERSION_MINOR(trp_boot_manifest_version));
- INFO("TRP: Memory base : 0x%lx\n", (unsigned long)RMM_BASE);
- INFO("TRP: Base address for the shared region : 0x%lx\n",
+ INFO("TRP: Memory base: 0x%lx\n", (unsigned long)RMM_BASE);
+ INFO("TRP: Shared region base address: 0x%lx\n",
(unsigned long)trp_shared_region_start);
- INFO("TRP: Total size : 0x%lx bytes\n", (unsigned long)(RMM_END
- - RMM_BASE));
+ INFO("TRP: Total size: 0x%lx bytes\n",
+ (unsigned long)(RMM_END - RMM_BASE));
INFO("TRP: RMM-EL3 Interface ABI reported by EL3: v.%u.%u\n",
TRP_RMM_EL3_VERSION_GET_MAJOR(trp_boot_abi_version),
TRP_RMM_EL3_VERSION_GET_MINOR(trp_boot_abi_version));
@@ -107,62 +106,73 @@
/*******************************************************************************
* Returning RMI version back to Normal World
******************************************************************************/
-static trp_args_t *trp_ret_rmi_version(void)
+static void trp_ret_rmi_version(struct trp_smc_result *smc_ret)
{
VERBOSE("RMM version is %u.%u\n", RMI_ABI_VERSION_MAJOR,
RMI_ABI_VERSION_MINOR);
- return set_smc_args(RMM_RMI_REQ_COMPLETE, RMI_ABI_VERSION,
- 0, 0, 0, 0, 0, 0);
+ smc_ret->x[0] = RMI_ABI_VERSION;
}
/*******************************************************************************
* Transitioning granule of NON-SECURE type to REALM type
******************************************************************************/
-static trp_args_t *trp_asc_mark_realm(unsigned long long x1)
+static void trp_asc_mark_realm(unsigned long long x1,
+ struct trp_smc_result *smc_ret)
{
- unsigned long long ret;
-
VERBOSE("Delegating granule 0x%llx\n", x1);
- ret = trp_smc(set_smc_args(RMM_GTSI_DELEGATE, x1, 0, 0, 0, 0, 0, 0));
+ smc_ret->x[0] = trp_smc(set_smc_args(RMM_GTSI_DELEGATE, x1,
+ 0UL, 0UL, 0UL, 0UL, 0UL, 0UL));
- if (ret != 0ULL) {
+ if (smc_ret->x[0] != 0ULL) {
ERROR("Granule transition from NON-SECURE type to REALM type "
- "failed 0x%llx\n", ret);
+ "failed 0x%llx\n", smc_ret->x[0]);
}
- return set_smc_args(RMM_RMI_REQ_COMPLETE, ret, 0, 0, 0, 0, 0, 0);
}
/*******************************************************************************
* Transitioning granule of REALM type to NON-SECURE type
******************************************************************************/
-static trp_args_t *trp_asc_mark_nonsecure(unsigned long long x1)
+static void trp_asc_mark_nonsecure(unsigned long long x1,
+ struct trp_smc_result *smc_ret)
{
- unsigned long long ret;
-
VERBOSE("Undelegating granule 0x%llx\n", x1);
- ret = trp_smc(set_smc_args(RMM_GTSI_UNDELEGATE, x1, 0, 0, 0, 0, 0, 0));
+ smc_ret->x[0] = trp_smc(set_smc_args(RMM_GTSI_UNDELEGATE, x1,
+ 0UL, 0UL, 0UL, 0UL, 0UL, 0UL));
- if (ret != 0ULL) {
+ if (smc_ret->x[0] != 0ULL) {
ERROR("Granule transition from REALM type to NON-SECURE type "
- "failed 0x%llx\n", ret);
+ "failed 0x%llx\n", smc_ret->x[0]);
}
- return set_smc_args(RMM_RMI_REQ_COMPLETE, ret, 0, 0, 0, 0, 0, 0);
}
/*******************************************************************************
* Main RMI SMC handler function
******************************************************************************/
-trp_args_t *trp_rmi_handler(unsigned long fid, unsigned long long x1)
+void trp_rmi_handler(unsigned long fid,
+ unsigned long long x1, unsigned long long x2,
+ unsigned long long x3, unsigned long long x4,
+ unsigned long long x5, unsigned long long x6,
+ struct trp_smc_result *smc_ret)
{
+ /* Not used in the current implementation */
+ (void)x2;
+ (void)x3;
+ (void)x4;
+ (void)x5;
+ (void)x6;
+
switch (fid) {
case RMI_RMM_REQ_VERSION:
- return trp_ret_rmi_version();
+ trp_ret_rmi_version(smc_ret);
+ break;
case RMI_RMM_GRANULE_DELEGATE:
- return trp_asc_mark_realm(x1);
+ trp_asc_mark_realm(x1, smc_ret);
+ break;
case RMI_RMM_GRANULE_UNDELEGATE:
- return trp_asc_mark_nonsecure(x1);
+ trp_asc_mark_nonsecure(x1, smc_ret);
+ break;
default:
- ERROR("Invalid SMC code to %s, FID %lu\n", __func__, fid);
+ ERROR("Invalid SMC code to %s, FID %lx\n", __func__, fid);
+ smc_ret->x[0] = SMC_UNK;
}
- return set_smc_args(SMC_UNK, 0, 0, 0, 0, 0, 0, 0);
}