Gitiles
Code Review Sign In
git01.mediatek.com / filogic / atf / 3d4e6a5a39fc8defe7b66a0be3d7bbc287b44626 / . / services / spd / tlkd / tlkd_main.c
blob: 65466aa2ec731c5f16c2ac679c58eaa3c3ef9bbb [file] [log] [blame]
Varun Wadekar3d4e6a52015-03-13 14:01:03 +0530[diff] [blame^]1/*
2 * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are met:
6 *
7 * Redistributions of source code must retain the above copyright notice, this
8 * list of conditions and the following disclaimer.
9 *
10 * Redistributions in binary form must reproduce the above copyright notice,
11 * this list of conditions and the following disclaimer in the documentation
12 * and/or other materials provided with the distribution.
13 *
14 * Neither the name of ARM nor the names of its contributors may be used
15 * to endorse or promote products derived from this software without specific
16 * prior written permission.
17 *
18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
19 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
22 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
23 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
24 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
26 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
27 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28 * POSSIBILITY OF SUCH DAMAGE.
29 */
30
31/*******************************************************************************
32 * This is the Secure Payload Dispatcher (SPD). The dispatcher is meant to be a
33 * plug-in component to the Secure Monitor, registered as a runtime service. The
34 * SPD is expected to be a functional extension of the Secure Payload (SP) that
35 * executes in Secure EL1. The Secure Monitor will delegate all SMCs targeting
36 * the Trusted OS/Applications range to the dispatcher. The SPD will either
37 * handle the request locally or delegate it to the Secure Payload. It is also
38 * responsible for initialising and maintaining communication with the SP.
39 ******************************************************************************/
40#include <arch_helpers.h>
41#include <assert.h>
42#include <bl_common.h>
43#include <bl31.h>
44#include <context_mgmt.h>
45#include <debug.h>
46#include <errno.h>
47#include <platform.h>
48#include <runtime_svc.h>
49#include <stddef.h>
50#include <tlk.h>
51#include <uuid.h>
52#include "tlkd_private.h"
53
54extern const spd_pm_ops_t tlkd_pm_ops;
55
56/*******************************************************************************
57 * Array to keep track of per-cpu Secure Payload state
58 ******************************************************************************/
59static tlk_context_t tlk_ctx;
60
61/* TLK UID: RFC-4122 compliant UUID (version-5, sha-1) */
62DEFINE_SVC_UUID(tlk_uuid,
63 0xbd11e9c9, 0x2bba, 0x52ee, 0xb1, 0x72,
64 0x46, 0x1f, 0xba, 0x97, 0x7f, 0x63);
65
66int32_t tlkd_init(void);
67
68/*
69 * The number of arguments/results to save during a SMC call for TLK.
70 */
71#define TLK_SHDBUF_SIZE 4
72
73/*******************************************************************************
74 * Shared memory buffer for passing SMC args/results to TLK
75 ******************************************************************************/
76typedef struct tlk_args_results {
77 uint64_t args[TLK_SHDBUF_SIZE];
78} tlk_args_results_t;
79
80static tlk_args_results_t *tlk_args_results_buf;
81
82/*
83 * Helper function to store args from TLK and pass results back
84 */
85static inline void store_tlk_args_results(uint64_t x0, uint64_t x1, uint64_t x2,
86 uint64_t x3)
87{
88 /* store arguments sent by TLK */
89 tlk_args_results_buf->args[0] = x0;
90 tlk_args_results_buf->args[1] = x1;
91 tlk_args_results_buf->args[2] = x2;
92 tlk_args_results_buf->args[3] = x3;
93
94 flush_dcache_range((uint64_t)tlk_args_results_buf,
95 sizeof(tlk_args_results_t));
96}
97
98/*******************************************************************************
99 * Secure Payload Dispatcher setup. The SPD finds out the SP entrypoint and type
100 * (aarch32/aarch64) if not already known and initialises the context for entry
101 * into the SP for its initialisation.
102 ******************************************************************************/
103int32_t tlkd_setup(void)
104{
105 entry_point_info_t *tlk_ep_info;
106
107 /*
108 * Get information about the Secure Payload (BL32) image. Its
109 * absence is a critical failure.
110 */
111 tlk_ep_info = bl31_plat_get_next_image_ep_info(SECURE);
112 if (!tlk_ep_info) {
113 WARN("No SP provided. Booting device without SP"
114 " initialization. SMC`s destined for SP"
115 " will return SMC_UNK\n");
116 return 1;
117 }
118
119 /*
120 * If there's no valid entry point for SP, we return a non-zero value
121 * signalling failure initializing the service. We bail out without
122 * registering any handlers
123 */
124 if (!tlk_ep_info->pc)
125 return 1;
126
127 /*
128 * Inspect the SP image's SPSR and determine it's execution state
129 * i.e whether AArch32 or AArch64.
130 */
131 tlkd_init_tlk_ep_state(tlk_ep_info,
132 (tlk_ep_info->spsr >> MODE_RW_SHIFT) & MODE_RW_MASK,
133 tlk_ep_info->pc,
134 &tlk_ctx);
135
136 /*
137 * All TLK SPD initialization done. Now register our init function
138 * with BL31 for deferred invocation
139 */
140 bl31_register_bl32_init(&tlkd_init);
141
142 return 0;
143}
144
145/*******************************************************************************
146 * This function passes control to the Secure Payload image (BL32) for the first
147 * time on the primary cpu after a cold boot. It assumes that a valid secure
148 * context has already been created by tlkd_setup() which can be directly
149 * used. This function performs a synchronous entry into the Secure payload.
150 * The SP passes control back to this routine through a SMC.
151 ******************************************************************************/
152int32_t tlkd_init(void)
153{
154 uint64_t mpidr = read_mpidr();
155 entry_point_info_t *tlk_entry_point;
156
157 /*
158 * Get information about the Secure Payload (BL32) image. Its
159 * absence is a critical failure.
160 */
161 tlk_entry_point = bl31_plat_get_next_image_ep_info(SECURE);
162 assert(tlk_entry_point);
163
164 cm_init_context(mpidr, tlk_entry_point);
165
166 /*
167 * Arrange for an entry into the test secure payload.
168 */
169 return tlkd_synchronous_sp_entry(&tlk_ctx);
170}
171
172/*******************************************************************************
173 * This function is responsible for handling all SMCs in the Trusted OS/App
174 * range from the non-secure state as defined in the SMC Calling Convention
175 * Document. It is also responsible for communicating with the Secure payload
176 * to delegate work and return results back to the non-secure state. Lastly it
177 * will also return any information that the secure payload needs to do the
178 * work assigned to it.
179 ******************************************************************************/
180uint64_t tlkd_smc_handler(uint32_t smc_fid,
181 uint64_t x1,
182 uint64_t x2,
183 uint64_t x3,
184 uint64_t x4,
185 void *cookie,
186 void *handle,
187 uint64_t flags)
188{
189 uint32_t ns;
190
191 /* Passing a NULL context is a critical programming error */
192 assert(handle);
193
194 /* Determine which security state this SMC originated from */
195 ns = is_caller_non_secure(flags);
196
197 switch (smc_fid) {
198
199 /*
200 * This function ID is used only by the SP to indicate it has
201 * finished initialising itself after a cold boot
202 */
203 case TLK_ENTRY_DONE:
204 if (ns)
205 SMC_RET1(handle, SMC_UNK);
206
207 /*
208 * SP has been successfully initialized. Register power
209 * managemnt hooks with PSCI
210 */
211 psci_register_spd_pm_hook(&tlkd_pm_ops);
212
213 /*
214 * TLK reports completion. The SPD must have initiated
215 * the original request through a synchronous entry
216 * into the SP. Jump back to the original C runtime
217 * context.
218 */
219 tlkd_synchronous_sp_exit(&tlk_ctx, tlk_args_results_buf->args[0]);
220
221 /*
222 * This is a request from the secure payload to register
223 * shared memory to pass SMC args/results between EL1, EL3.
224 */
225 case TLK_FID_SHARED_MEMBUF:
226 if (ns || !x1)
227 SMC_RET1(handle, SMC_UNK);
228
229 /*
230 * TODO: Check if the passed memory pointer is valid. Might
231 * require a call into the platform code.
232 */
233
234 tlk_args_results_buf = (tlk_args_results_t *)x1;
235 SMC_RET0(handle);
236
237 /*
238 * Return the number of service function IDs implemented to
239 * provide service to non-secure
240 */
241 case TOS_CALL_COUNT:
242 SMC_RET1(handle, TLK_NUM_FID);
243
244 /*
245 * Return TLK's UID to the caller
246 */
247 case TOS_UID:
248 SMC_UUID_RET(handle, tlk_uuid);
249
250 /*
251 * Return the version of current implementation
252 */
253 case TOS_CALL_VERSION:
254 SMC_RET2(handle, TLK_VERSION_MAJOR, TLK_VERSION_MINOR);
255
256 default:
257 break;
258 }
259
260 SMC_RET1(handle, SMC_UNK);
261}
262
263/* Define a SPD runtime service descriptor for fast SMC calls */
264DECLARE_RT_SVC(
265 tlkd_tos_fast,
266
267 OEN_TOS_START,
268 OEN_TOS_END,
269 SMC_TYPE_FAST,
270 tlkd_setup,
271 tlkd_smc_handler
272);
273
274/* Define a SPD runtime service descriptor for standard SMC calls */
275DECLARE_RT_SVC(
276 tlkd_tos_std,
277
278 OEN_TOS_START,
279 OEN_TOS_END,
280 SMC_TYPE_STD,
281 NULL,
282 tlkd_smc_handler
283);