Gitiles
Code Review Sign In
git01.mediatek.com / filogic / uboot / e67eac0b9ff62f9aff7dedb07bf3983749e0510a / . / arch / arm / cpu / armv8 / sec_firmware.c
blob: e21e199381dc9faa42207fbaabd5c00256745ede [file] [log] [blame]
Hou Zhiqiang505d7352016-06-28 20:18:13 +0800[diff] [blame]1/*
2 * Copyright 2016 NXP Semiconductor, Inc.
3 *
4 * SPDX-License-Identifier: GPL-2.0+
5 */
6
7#include <common.h>
8#include <errno.h>
9#include <linux/kernel.h>
10#include <asm/io.h>
11#include <asm/system.h>
12#include <asm/types.h>
13#include <asm/macro.h>
14#include <asm/armv8/sec_firmware.h>
15
16DECLARE_GLOBAL_DATA_PTR;
17extern void c_runtime_cpu_setup(void);
18
19#define SEC_FIRMWARE_LOADED 0x1
20#define SEC_FIRMWARE_RUNNING 0x2
21#define SEC_FIRMWARE_ADDR_MASK (~0x3)
22 /*
23 * Secure firmware load addr
24 * Flags used: 0x1 secure firmware has been loaded to secure memory
25 * 0x2 secure firmware is running
26 */
27 phys_addr_t sec_firmware_addr;
28
29static int sec_firmware_get_data(const void *sec_firmware_img,
30 const void **data, size_t *size)
31{
32 int conf_node_off, fw_node_off;
33 char *conf_node_name = NULL;
34 char *desc;
35 int ret;
36
37 conf_node_name = SEC_FIRMEWARE_FIT_CNF_NAME;
38
39 conf_node_off = fit_conf_get_node(sec_firmware_img, conf_node_name);
40 if (conf_node_off < 0) {
41 printf("SEC Firmware: %s: no such config\n", conf_node_name);
42 return -ENOENT;
43 }
44
45 fw_node_off = fit_conf_get_prop_node(sec_firmware_img, conf_node_off,
46 SEC_FIRMWARE_FIT_IMAGE);
47 if (fw_node_off < 0) {
48 printf("SEC Firmware: No '%s' in config\n",
49 SEC_FIRMWARE_FIT_IMAGE);
50 return -ENOLINK;
51 }
52
53 /* Verify secure firmware image */
54 if (!(fit_image_verify(sec_firmware_img, fw_node_off))) {
55 printf("SEC Firmware: Bad firmware image (bad CRC)\n");
56 return -EINVAL;
57 }
58
59 if (fit_image_get_data(sec_firmware_img, fw_node_off, data, size)) {
60 printf("SEC Firmware: Can't get %s subimage data/size",
61 SEC_FIRMWARE_FIT_IMAGE);
62 return -ENOENT;
63 }
64
65 ret = fit_get_desc(sec_firmware_img, fw_node_off, &desc);
66 if (ret)
67 printf("SEC Firmware: Can't get description\n");
68 else
69 printf("%s\n", desc);
70
71 return ret;
72}
73
74/*
75 * SEC Firmware FIT image parser checks if the image is in FIT
76 * format, verifies integrity of the image and calculates raw
77 * image address and size values.
78 *
79 * Returns 0 on success and a negative errno on error task fail.
80 */
81static int sec_firmware_parse_image(const void *sec_firmware_img,
82 const void **raw_image_addr,
83 size_t *raw_image_size)
84{
85 int ret;
86
87 ret = sec_firmware_get_data(sec_firmware_img, raw_image_addr,
88 raw_image_size);
89 if (ret)
90 return ret;
91
92 debug("SEC Firmware: raw_image_addr = 0x%p, raw_image_size = 0x%lx\n",
93 *raw_image_addr, *raw_image_size);
94
95 return 0;
96}
97
98static int sec_firmware_copy_image(const char *title,
99 u64 image_addr, u32 image_size, u64 sec_firmware)
100{
101 debug("%s copied to address 0x%p\n", title, (void *)sec_firmware);
102 memcpy((void *)sec_firmware, (void *)image_addr, image_size);
103 flush_dcache_range(sec_firmware, sec_firmware + image_size);
104
105 return 0;
106}
107
108/*
109 * This function will parse the SEC Firmware image, and then load it
110 * to secure memory.
111 */
112static int sec_firmware_load_image(const void *sec_firmware_img)
113{
114 const void *raw_image_addr;
115 size_t raw_image_size = 0;
116 int ret;
117
118 /*
119 * The Excetpion Level must be EL3 to load and initialize
120 * the SEC Firmware.
121 */
122 if (current_el() != 3) {
123 ret = -EACCES;
124 goto out;
125 }
126
127#ifdef CONFIG_SYS_MEM_RESERVE_SECURE
128 /*
129 * The SEC Firmware must be stored in secure memory.
130 * Append SEC Firmware to secure mmu table.
131 */
132 if (!(gd->arch.secure_ram & MEM_RESERVE_SECURE_MAINTAINED)) {
133 ret = -ENXIO;
134 goto out;
135 }
136
137 sec_firmware_addr = (gd->arch.secure_ram & MEM_RESERVE_SECURE_ADDR_MASK) +
138 gd->arch.tlb_size;
139#else
140#error "The CONFIG_SYS_MEM_RESERVE_SECURE must be defined when enabled SEC Firmware support"
141#endif
142
143 /* Align SEC Firmware base address to 4K */
144 sec_firmware_addr = (sec_firmware_addr + 0xfff) & ~0xfff;
145 debug("SEC Firmware: Load address: 0x%llx\n",
146 sec_firmware_addr & SEC_FIRMWARE_ADDR_MASK);
147
148 ret = sec_firmware_parse_image(sec_firmware_img, &raw_image_addr,
149 &raw_image_size);
150 if (ret)
151 goto out;
152
153 /* TODO:
154 * Check if the end addr of SEC Firmware has been extend the secure
155 * memory.
156 */
157
158 /* Copy the secure firmware to secure memory */
159 ret = sec_firmware_copy_image("SEC Firmware", (u64)raw_image_addr,
160 raw_image_size, sec_firmware_addr &
161 SEC_FIRMWARE_ADDR_MASK);
162 if (ret)
163 goto out;
164
165 sec_firmware_addr |= SEC_FIRMWARE_LOADED;
166 debug("SEC Firmware: Entry point: 0x%llx\n",
167 sec_firmware_addr & SEC_FIRMWARE_ADDR_MASK);
168
169 return 0;
170
171out:
172 printf("SEC Firmware: error (%d)\n", ret);
173 sec_firmware_addr = 0;
174
175 return ret;
176}
177
178static int sec_firmware_entry(u32 *eret_hold_l, u32 *eret_hold_h)
179{
180 const void *entry = (void *)(sec_firmware_addr &
181 SEC_FIRMWARE_ADDR_MASK);
182
183 return _sec_firmware_entry(entry, eret_hold_l, eret_hold_h);
184}
185
186/* Check the secure firmware FIT image */
187__weak bool sec_firmware_is_valid(const void *sec_firmware_img)
188{
189 if (fdt_check_header(sec_firmware_img)) {
190 printf("SEC Firmware: Bad firmware image (not a FIT image)\n");
191 return false;
192 }
193
194 if (!fit_check_format(sec_firmware_img)) {
195 printf("SEC Firmware: Bad firmware image (bad FIT header)\n");
196 return false;
197 }
198
199 return true;
200}
201
202#ifdef CONFIG_ARMV8_PSCI
203/*
204 * The PSCI_VERSION function is added from PSCI v0.2. When the PSCI
205 * v0.1 received this function, the NOT_SUPPORTED (0xffff_ffff) error
206 * number will be returned according to SMC Calling Conventions. But
207 * when getting the NOT_SUPPORTED error number, we cannot ensure if
208 * the PSCI version is v0.1 or other error occurred. So, PSCI v0.1
209 * won't be supported by this framework.
210 * And if the secure firmware isn't running, return NOT_SUPPORTED.
211 *
212 * The return value on success is PSCI version in format
213 * major[31:16]:minor[15:0].
214 */
215unsigned int sec_firmware_support_psci_version(void)
216{
217 if (sec_firmware_addr & SEC_FIRMWARE_RUNNING)
218 return _sec_firmware_support_psci_version();
219
220 return 0xffffffff;
221}
222#endif
223
224/*
225 * sec_firmware_init - Initialize the SEC Firmware
226 * @sec_firmware_img: the SEC Firmware image address
227 * @eret_hold_l: the address to hold exception return address low
228 * @eret_hold_h: the address to hold exception return address high
229 */
230int sec_firmware_init(const void *sec_firmware_img,
231 u32 *eret_hold_l,
232 u32 *eret_hold_h)
233{
234 int ret;
235
236 if (!sec_firmware_is_valid(sec_firmware_img))
237 return -EINVAL;
238
239 ret = sec_firmware_load_image(sec_firmware_img);
240 if (ret) {
241 printf("SEC Firmware: Failed to load image\n");
242 return ret;
243 } else if (sec_firmware_addr & SEC_FIRMWARE_LOADED) {
244 ret = sec_firmware_entry(eret_hold_l, eret_hold_h);
245 if (ret) {
246 printf("SEC Firmware: Failed to initialize\n");
247 return ret;
248 }
249 }
250
251 debug("SEC Firmware: Return from SEC Firmware: current_el = %d\n",
252 current_el());
253
254 /*
255 * The PE will be turned into target EL when returned from
256 * SEC Firmware.
257 */
258 if (current_el() != SEC_FIRMWARE_TARGET_EL)
259 return -EACCES;
260
261 sec_firmware_addr |= SEC_FIRMWARE_RUNNING;
262
263 /* Set exception table and enable caches if it isn't EL3 */
264 if (current_el() != 3) {
265 c_runtime_cpu_setup();
266 enable_caches();
267 }
268
269 return 0;
270}