spd: tlkd: support new TLK SMCs for RPMB service
This patch adds support to handle following TLK SMCs:
{TLK_SET_BL_VERSION, TLK_LOCK_BL_INTERFACE, TLK_BL_RPMB_SERVICE}
These SMCs need to be supported in ATF in order to forward them to
TLK. Otherwise, these functionalities won't work.
Brief:
TLK_SET_BL_VERSION: This SMC is issued by the bootloader to supply its
version to TLK. TLK can use this to prevent rollback attacks.
TLK_LOCK_BL_INTERFACE: This SMC is issued by bootloader before handing off
execution to the OS. This allows preventing sensitive SMCs being used
by the OS.
TLK_BL_RPMB_SERVICE: bootloader issues this SMC to sign or verify RPMB
frames.
Tested by: Tests TLK can receive the new SMCs issued by bootloader
Change-Id: I57c2d189a5f7a77cea26c3f8921866f2a6f0f944
Signed-off-by: Mustafa Yigit Bilgen <mbilgen@nvidia.com>
diff --git a/include/bl32/payloads/tlk.h b/include/bl32/payloads/tlk.h
index 5162d13..290f329 100644
--- a/include/bl32/payloads/tlk.h
+++ b/include/bl32/payloads/tlk.h
@@ -24,6 +24,9 @@
#define TLK_SS_REGISTER_HANDLER TLK_TOS_YIELD_FID(0x3)
#define TLK_REGISTER_NS_DRAM_RANGES TLK_TOS_YIELD_FID(0x4)
#define TLK_SET_ROOT_OF_TRUST TLK_TOS_YIELD_FID(0x5)
+#define TLK_SET_BL_VERSION TLK_TOS_YIELD_FID(0x6)
+#define TLK_LOCK_BL_INTERFACE TLK_TOS_YIELD_FID(0x7)
+#define TLK_BL_RPMB_SERVICE TLK_TOS_YIELD_FID(0x8)
#define TLK_RESUME_FID TLK_TOS_YIELD_FID(0x100)
#define TLK_SYSTEM_SUSPEND TLK_TOS_YIELD_FID(0xE001)
#define TLK_SYSTEM_RESUME TLK_TOS_YIELD_FID(0xE002)
diff --git a/services/spd/tlkd/tlkd_main.c b/services/spd/tlkd/tlkd_main.c
index 481bb69..ecac435 100644
--- a/services/spd/tlkd/tlkd_main.c
+++ b/services/spd/tlkd/tlkd_main.c
@@ -272,6 +272,9 @@
case TLK_TA_LAUNCH_OP:
case TLK_TA_SEND_EVENT:
case TLK_RESUME_FID:
+ case TLK_SET_BL_VERSION:
+ case TLK_LOCK_BL_INTERFACE:
+ case TLK_BL_RPMB_SERVICE:
if (!ns)
SMC_RET1(handle, SMC_UNK);