From 7c3309c901f7336f4d459b99d180df0e6750c3d2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arve=20Hj=C3=B8nnev=C3=A5g?= Date: Tue, 28 Nov 2017 14:05:30 -0800 Subject: [PATCH 01/12] trusty: Restore working trusty setup code and include trusty image in build MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Change-Id: I081901e7df22f78dd9c4fc4c6bfad2aceb870a2d Signed-off-by: Arve Hjønnevåg --- services/spd/trusty/trusty.c | 44 +++++++++++++++++++++++++++-------- services/spd/trusty/trusty.mk | 2 ++ 2 files changed, 36 insertions(+), 10 deletions(-) diff --git a/services/spd/trusty/trusty.c b/services/spd/trusty/trusty.c index ecbcfaeabc..08767bb53f 100644 --- a/services/spd/trusty/trusty.c +++ b/services/spd/trusty/trusty.c @@ -385,11 +385,23 @@ static const spd_pm_ops_t trusty_pm = { .svc_suspend_finish = trusty_cpu_suspend_finish_handler, }; +void plat_trusty_set_boot_args(aapcs64_params_t *args); + +#ifdef TSP_SEC_MEM_SIZE +#pragma weak plat_trusty_set_boot_args +void plat_trusty_set_boot_args(aapcs64_params_t *args) +{ + args->arg0 = TSP_SEC_MEM_SIZE; +} +#endif + static int32_t trusty_setup(void) { entry_point_info_t *ep_info; + uint32_t instr; uint32_t flags; int ret; + int aarch32 = 0; /* Get trusty's entry point info */ ep_info = bl31_plat_get_next_image_ep_info(SECURE); @@ -398,17 +410,29 @@ static int32_t trusty_setup(void) return -1; } - /* Trusty runs in AARCH64 mode */ - SET_PARAM_HEAD(ep_info, PARAM_EP, VERSION_1, SECURE | EP_ST_ENABLE); - ep_info->spsr = SPSR_64(MODE_EL1, MODE_SP_ELX, DISABLE_ALL_EXCEPTIONS); + instr = *(uint32_t *)ep_info->pc; - /* - * arg0 = TZDRAM aperture available for BL32 - * arg1 = BL32 boot params - * arg2 = BL32 boot params length - */ - ep_info->args.arg1 = ep_info->args.arg2; - ep_info->args.arg2 = TRUSTY_PARAMS_LEN_BYTES; + if (instr >> 24 == 0xea) { + INFO("trusty: Found 32 bit image\n"); + aarch32 = 1; + } else if (instr >> 8 == 0xd53810 || instr >> 16 == 0x9400) { + INFO("trusty: Found 64 bit image\n"); + } else { + NOTICE("trusty: Found unknown image, 0x%x\n", instr); + } + + SET_PARAM_HEAD(ep_info, PARAM_EP, VERSION_1, SECURE | EP_ST_ENABLE); + if (!aarch32) + ep_info->spsr = SPSR_64(MODE_EL1, MODE_SP_ELX, + DISABLE_ALL_EXCEPTIONS); + else + ep_info->spsr = SPSR_MODE32(MODE32_svc, SPSR_T_ARM, + SPSR_E_LITTLE, + DAIF_FIQ_BIT | + DAIF_IRQ_BIT | + DAIF_ABT_BIT); + memset(&ep_info->args, 0, sizeof(ep_info->args)); + plat_trusty_set_boot_args(&ep_info->args); /* register init handler */ bl31_register_bl32_init(trusty_init); diff --git a/services/spd/trusty/trusty.mk b/services/spd/trusty/trusty.mk index beca875ea8..920504c709 100644 --- a/services/spd/trusty/trusty.mk +++ b/services/spd/trusty/trusty.mk @@ -8,3 +8,5 @@ SPD_INCLUDES := SPD_SOURCES := services/spd/trusty/trusty.c \ services/spd/trusty/trusty_helpers.S + +NEED_BL32 := yes From 61496151c0a1fc692ba0e58d34d1fde7c1c31808 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arve=20Hj=C3=B8nnev=C3=A5g?= Date: Tue, 12 May 2015 19:23:24 -0700 Subject: [PATCH 02/12] trusty: Add generic-arm64 support MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Add smc calls to return gic base address and print to the debug console. Allows running a generic trusty binary. Change-Id: I4b6540f140f11432cdff43c3f5a2097df09dc9d1 Signed-off-by: Arve Hjønnevåg --- services/spd/trusty/generic-arm64-smcall.c | 118 +++++++++++++++++++++ services/spd/trusty/generic-arm64-smcall.h | 51 +++++++++ services/spd/trusty/trusty.mk | 4 + 3 files changed, 173 insertions(+) create mode 100644 services/spd/trusty/generic-arm64-smcall.c create mode 100644 services/spd/trusty/generic-arm64-smcall.h diff --git a/services/spd/trusty/generic-arm64-smcall.c b/services/spd/trusty/generic-arm64-smcall.c new file mode 100644 index 0000000000..543aee5b7d --- /dev/null +++ b/services/spd/trusty/generic-arm64-smcall.c @@ -0,0 +1,118 @@ +/* + * Copyright (c) 2016, ARM Limited and Contributors. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * Neither the name of ARM nor the names of its contributors may be used + * to endorse or promote products derived from this software without specific + * prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include +#include + +#include "generic-arm64-smcall.h" + +int trusty_disable_serial_debug; + +struct dputc_state { + char linebuf[128]; + unsigned l; +}; + +static struct dputc_state dputc_state[2]; + +static void trusty_dputc(char ch, int secure) +{ + unsigned i; + struct dputc_state *s = &dputc_state[!secure]; + + if (trusty_disable_serial_debug) + return; + + s->linebuf[s->l++] = ch; + if (s->l == sizeof(s->linebuf) || ch == '\n') { + if (secure) + printf("secure os: "); + else + printf("non-secure os: "); + for (i = 0; i < s->l; i++) { + putchar(s->linebuf[i]); + } + if (ch != '\n') { + printf(" <...>\n"); + } + s->l = 0; + } +} + +static uint64_t trusty_get_reg_base(uint32_t reg) +{ + switch (reg) { + case 0: + return PLAT_ARM_GICD_BASE; + + case 1: + return PLAT_ARM_GICC_BASE; + + default: + NOTICE("%s(0x%x) unknown reg\n", __func__, reg); + return SMC_UNK; + } +} + +static uint64_t trusty_generic_platform_smc(uint32_t smc_fid, + uint64_t x1, + uint64_t x2, + uint64_t x3, + uint64_t x4, + void *cookie, + void *handle, + uint64_t flags) +{ + switch(smc_fid) { + case SMC_FC_DEBUG_PUTC: + trusty_dputc(x1, is_caller_secure(flags)); + SMC_RET1(handle, 0); + + case SMC_FC_GET_REG_BASE: + case SMC_FC64_GET_REG_BASE: + SMC_RET1(handle, trusty_get_reg_base(x1)); + + default: + NOTICE("%s(0x%x, 0x%lx) unknown smc\n", __func__, smc_fid, x1); + SMC_RET1(handle, SMC_UNK); + } +} + +/* Define a SPD runtime service descriptor for fast SMC calls */ +DECLARE_RT_SVC( + trusty_fast, + + SMC_ENTITY_PLATFORM_MONITOR, + SMC_ENTITY_PLATFORM_MONITOR, + SMC_TYPE_FAST, + NULL, + trusty_generic_platform_smc +); + diff --git a/services/spd/trusty/generic-arm64-smcall.h b/services/spd/trusty/generic-arm64-smcall.h new file mode 100644 index 0000000000..5b6a738fc1 --- /dev/null +++ b/services/spd/trusty/generic-arm64-smcall.h @@ -0,0 +1,51 @@ +/* + * Copyright (c) 2016, ARM Limited and Contributors. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * Neither the name of ARM nor the names of its contributors may be used + * to endorse or promote products derived from this software without specific + * prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include "smcall.h" + +#define SMC_ENTITY_PLATFORM_MONITOR 61 + +/* + * SMC calls implemented by EL3 monitor + */ + +/* + * Write character in r1 to debug console + */ +#define SMC_FC_DEBUG_PUTC SMC_FASTCALL_NR(SMC_ENTITY_PLATFORM_MONITOR, 0x0) + +/* + * Get register base address + * r1: SMC_GET_GIC_BASE_GICD or SMC_GET_GIC_BASE_GICC + */ +#define SMC_GET_GIC_BASE_GICD 0 +#define SMC_GET_GIC_BASE_GICC 1 +#define SMC_FC_GET_REG_BASE SMC_FASTCALL_NR(SMC_ENTITY_PLATFORM_MONITOR, 0x1) +#define SMC_FC64_GET_REG_BASE SMC_FASTCALL64_NR(SMC_ENTITY_PLATFORM_MONITOR, 0x1) diff --git a/services/spd/trusty/trusty.mk b/services/spd/trusty/trusty.mk index 920504c709..2e51bd5cbc 100644 --- a/services/spd/trusty/trusty.mk +++ b/services/spd/trusty/trusty.mk @@ -9,4 +9,8 @@ SPD_INCLUDES := SPD_SOURCES := services/spd/trusty/trusty.c \ services/spd/trusty/trusty_helpers.S +ifeq (${TRUSTY_SPD_WITH_GENERIC_SERVICES},1) +SPD_SOURCES += services/spd/trusty/generic-arm64-smcall.c +endif + NEED_BL32 := yes From cb03c917658c551c9f63d5093b831a961560f224 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arve=20Hj=C3=B8nnev=C3=A5g?= Date: Tue, 4 Aug 2015 16:19:27 -0700 Subject: [PATCH 03/12] trusty: Add fpu/simd support MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The original patch has been partly merged. This adds the missing pieces. Change-Id: I77fd434feab396ff05d9b8e0c1761e4dd588a701 Signed-off-by: Arve Hjønnevåg --- services/spd/trusty/trusty.c | 7 +++---- services/spd/trusty/trusty.mk | 2 ++ 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/services/spd/trusty/trusty.c b/services/spd/trusty/trusty.c index 08767bb53f..6e80b7b723 100644 --- a/services/spd/trusty/trusty.c +++ b/services/spd/trusty/trusty.c @@ -105,10 +105,8 @@ static struct args trusty_context_switch(uint32_t security_state, uint64_t r0, * when it's needed the PSCI caller has preserved FP context before * going here. */ -#if CTX_INCLUDE_FPREGS if (r0 != SMC_FC_CPU_SUSPEND && r0 != SMC_FC_CPU_RESUME) fpregs_context_save(get_fpregs_ctx(cm_get_context(security_state))); -#endif cm_el1_sysregs_context_save(security_state); ctx->saved_security_state = security_state; @@ -117,10 +115,8 @@ static struct args trusty_context_switch(uint32_t security_state, uint64_t r0, assert(ctx->saved_security_state == !security_state); cm_el1_sysregs_context_restore(security_state); -#if CTX_INCLUDE_FPREGS if (r0 != SMC_FC_CPU_SUSPEND && r0 != SMC_FC_CPU_RESUME) fpregs_context_restore(get_fpregs_ctx(cm_get_context(security_state))); -#endif cm_set_next_eret_context(security_state); @@ -299,6 +295,7 @@ static int32_t trusty_init(void) ep_info = bl31_plat_get_next_image_ep_info(SECURE); assert(ep_info); + fpregs_context_save(get_fpregs_ctx(cm_get_context(NON_SECURE))); cm_el1_sysregs_context_save(NON_SECURE); cm_set_context(&ctx->cpu_ctx, SECURE); @@ -315,6 +312,7 @@ static int32_t trusty_init(void) } cm_el1_sysregs_context_restore(SECURE); + fpregs_context_restore(get_fpregs_ctx(cm_get_context(SECURE))); cm_set_next_eret_context(SECURE); ctx->saved_security_state = ~0; /* initial saved state is invalid */ @@ -323,6 +321,7 @@ static int32_t trusty_init(void) trusty_context_switch_helper(&ctx->saved_sp, &zero_args); cm_el1_sysregs_context_restore(NON_SECURE); + fpregs_context_restore(get_fpregs_ctx(cm_get_context(NON_SECURE))); cm_set_next_eret_context(NON_SECURE); return 0; diff --git a/services/spd/trusty/trusty.mk b/services/spd/trusty/trusty.mk index 2e51bd5cbc..a571fa2cdb 100644 --- a/services/spd/trusty/trusty.mk +++ b/services/spd/trusty/trusty.mk @@ -14,3 +14,5 @@ SPD_SOURCES += services/spd/trusty/generic-arm64-smcall.c endif NEED_BL32 := yes + +CTX_INCLUDE_FPREGS := 1 From 27d8e1e75a2f45d7c2357bc9b42e9dbea9db0321 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arve=20Hj=C3=B8nnev=C3=A5g?= Date: Thu, 28 Sep 2017 14:59:10 -0700 Subject: [PATCH 04/12] trusty: Run bl33 in EL1 instead of EL2 is trusty image is 32-bit MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The secure physical timer is inacessible from 32-bit S-EL1 (when EL3 is 64-bit) so trusty will use the non-secure physical timer in this case. Linux will use the virtual timer instead of the physical timer when started in EL1. Change-Id: Ie49348d9a27e5287676dd4a77f678ecbd6c2309f Signed-off-by: Arve Hjønnevåg --- services/spd/trusty/trusty.c | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/services/spd/trusty/trusty.c b/services/spd/trusty/trusty.c index 6e80b7b723..7fa207a384 100644 --- a/services/spd/trusty/trusty.c +++ b/services/spd/trusty/trusty.c @@ -448,6 +448,31 @@ static int32_t trusty_setup(void) if (ret) ERROR("trusty: failed to register fiq handler, ret = %d\n", ret); + if (aarch32) { + entry_point_info_t *ns_ep_info; + uint32_t spsr; + + ns_ep_info = bl31_plat_get_next_image_ep_info(NON_SECURE); + if (!ep_info) { + NOTICE("Trusty: non-secure image missing.\n"); + return -1; + } + spsr = ns_ep_info->spsr; + if (GET_RW(spsr) == MODE_RW_64 && GET_EL(spsr) == MODE_EL2) { + spsr &= ~(MODE_EL_MASK << MODE_EL_SHIFT); + spsr |= MODE_EL1 << MODE_EL_SHIFT; + } + if (GET_RW(spsr) == MODE_RW_32 && GET_M32(spsr) == MODE32_hyp) { + spsr &= ~(MODE32_MASK << MODE32_SHIFT); + spsr |= MODE32_svc << MODE32_SHIFT; + } + if (spsr != ns_ep_info->spsr) { + NOTICE("Trusty: Switch bl33 from EL2 to EL1 (spsr 0x%x -> 0x%x)\n", + ns_ep_info->spsr, spsr); + ns_ep_info->spsr = spsr; + } + } + return 0; } From fab2319ec8aa9532178c1c7b61035466e197f18e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arve=20Hj=C3=B8nnev=C3=A5g?= Date: Mon, 27 Nov 2017 11:05:46 -0800 Subject: [PATCH 05/12] trusty: Pass cpu suspend/resume reason to trusty MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Add off/on argument to SMC_FC_CPU_SUSPEND SMC_FC_CPU_RESUME and pass 1 when called from the cpu on/off hooks. Change-Id: Ie233c446fd38b3ff8546e445a8d86a15d2816093 Signed-off-by: Arve Hjønnevåg --- services/spd/trusty/trusty.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/services/spd/trusty/trusty.c b/services/spd/trusty/trusty.c index 7fa207a384..7836ebadcf 100644 --- a/services/spd/trusty/trusty.c +++ b/services/spd/trusty/trusty.c @@ -327,22 +327,22 @@ static int32_t trusty_init(void) return 0; } -static void trusty_cpu_suspend(void) +static void trusty_cpu_suspend(uint32_t off) { struct args ret; - ret = trusty_context_switch(NON_SECURE, SMC_FC_CPU_SUSPEND, 0, 0, 0); + ret = trusty_context_switch(NON_SECURE, SMC_FC_CPU_SUSPEND, off, 0, 0); if (ret.r0 != 0) { INFO("%s: cpu %d, SMC_FC_CPU_SUSPEND returned unexpected value, %ld\n", __func__, plat_my_core_pos(), ret.r0); } } -static void trusty_cpu_resume(void) +static void trusty_cpu_resume(uint32_t on) { struct args ret; - ret = trusty_context_switch(NON_SECURE, SMC_FC_CPU_RESUME, 0, 0, 0); + ret = trusty_context_switch(NON_SECURE, SMC_FC_CPU_RESUME, on, 0, 0); if (ret.r0 != 0) { INFO("%s: cpu %d, SMC_FC_CPU_RESUME returned unexpected value, %ld\n", __func__, plat_my_core_pos(), ret.r0); @@ -351,7 +351,7 @@ static void trusty_cpu_resume(void) static int32_t trusty_cpu_off_handler(uint64_t unused) { - trusty_cpu_suspend(); + trusty_cpu_suspend(1); return 0; } @@ -363,18 +363,18 @@ static void trusty_cpu_on_finish_handler(uint64_t unused) if (!ctx->saved_sp) { trusty_init(); } else { - trusty_cpu_resume(); + trusty_cpu_resume(1); } } static void trusty_cpu_suspend_handler(uint64_t unused) { - trusty_cpu_suspend(); + trusty_cpu_suspend(0); } static void trusty_cpu_suspend_finish_handler(uint64_t unused) { - trusty_cpu_resume(); + trusty_cpu_resume(0); } static const spd_pm_ops_t trusty_pm = { From 64b33235b7d815387918ca0ca66aa5cbe4c5811c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arve=20Hj=C3=B8nnev=C3=A5g?= Date: Thu, 1 Feb 2018 15:44:04 -0800 Subject: [PATCH 06/12] trusty: generic-arm64-smcall: Use SPDX license identifiers MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Arve Hjønnevåg --- services/spd/trusty/generic-arm64-smcall.c | 26 +--------------------- services/spd/trusty/generic-arm64-smcall.h | 26 +--------------------- 2 files changed, 2 insertions(+), 50 deletions(-) diff --git a/services/spd/trusty/generic-arm64-smcall.c b/services/spd/trusty/generic-arm64-smcall.c index 543aee5b7d..7916fca24c 100644 --- a/services/spd/trusty/generic-arm64-smcall.c +++ b/services/spd/trusty/generic-arm64-smcall.c @@ -1,31 +1,7 @@ /* * Copyright (c) 2016, ARM Limited and Contributors. All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * Neither the name of ARM nor the names of its contributors may be used - * to endorse or promote products derived from this software without specific - * prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. + * SPDX-License-Identifier: BSD-3-Clause */ #include diff --git a/services/spd/trusty/generic-arm64-smcall.h b/services/spd/trusty/generic-arm64-smcall.h index 5b6a738fc1..06efc722f7 100644 --- a/services/spd/trusty/generic-arm64-smcall.h +++ b/services/spd/trusty/generic-arm64-smcall.h @@ -1,31 +1,7 @@ /* * Copyright (c) 2016, ARM Limited and Contributors. All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * Neither the name of ARM nor the names of its contributors may be used - * to endorse or promote products derived from this software without specific - * prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. + * SPDX-License-Identifier: BSD-3-Clause */ #include "smcall.h" From 06ff251ec1372a0b946cda4c243a3685375d95dc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arve=20Hj=C3=B8nnev=C3=A5g?= Date: Wed, 21 Feb 2018 17:36:44 -0800 Subject: [PATCH 07/12] tegra/trusty: Setup tegra specific trusty args in platform code Fixes tegra build with SPD=trusty. Not tested. Change-Id: I851a2b00b8b1cc65112b6088980a811d8eda1a99 --- plat/nvidia/tegra/common/tegra_bl31_setup.c | 19 ++++++++++++++++++- services/spd/trusty/trusty.c | 3 --- 2 files changed, 18 insertions(+), 4 deletions(-) diff --git a/plat/nvidia/tegra/common/tegra_bl31_setup.c b/plat/nvidia/tegra/common/tegra_bl31_setup.c index d5d3d530d4..d89ad7b94b 100644 --- a/plat/nvidia/tegra/common/tegra_bl31_setup.c +++ b/plat/nvidia/tegra/common/tegra_bl31_setup.c @@ -24,6 +24,9 @@ #include #include +/* length of Trusty's input parameters (in bytes) */ +#define TRUSTY_PARAMS_LEN_BYTES (4096*2) + extern void zeromem16(void *mem, unsigned int length); /******************************************************************************* @@ -58,6 +61,8 @@ static entry_point_info_t bl33_image_ep_info, bl32_image_ep_info; static plat_params_from_bl2_t plat_bl31_params_from_bl2 = { .tzdram_size = (uint64_t)TZDRAM_SIZE }; +static unsigned long bl32_mem_size; +static unsigned long bl32_boot_params; /******************************************************************************* * This variable holds the non-secure image entry address @@ -147,8 +152,11 @@ void bl31_early_platform_setup(bl31_params_t *from_bl2, assert(from_bl2->bl33_ep_info); bl33_image_ep_info = *from_bl2->bl33_ep_info; - if (from_bl2->bl32_ep_info) + if (from_bl2->bl32_ep_info) { bl32_image_ep_info = *from_bl2->bl32_ep_info; + bl32_mem_size = from_bl2->bl32_ep_info->args.arg0; + bl32_boot_params = from_bl2->bl32_ep_info->args.arg2; + } /* * Parse platform specific parameters - TZDRAM aperture base and size @@ -234,6 +242,15 @@ void bl31_early_platform_setup(bl31_params_t *from_bl2, "Denver" : "ARM", read_mpidr()); } +#ifdef SPD_trusty +void plat_trusty_set_boot_args(aapcs64_params_t *args) +{ + args->arg0 = bl32_mem_size; + args->arg1 = bl32_boot_params; + args->arg2 = TRUSTY_PARAMS_LEN_BYTES; +} +#endif + /******************************************************************************* * Initialize the gic, configure the SCR. ******************************************************************************/ diff --git a/services/spd/trusty/trusty.c b/services/spd/trusty/trusty.c index 7836ebadcf..1d6d0748f0 100644 --- a/services/spd/trusty/trusty.c +++ b/services/spd/trusty/trusty.c @@ -21,9 +21,6 @@ /* macro to check if Hypervisor is enabled in the HCR_EL2 register */ #define HYP_ENABLE_FLAG 0x286001 -/* length of Trusty's input parameters (in bytes) */ -#define TRUSTY_PARAMS_LEN_BYTES (4096*2) - struct trusty_stack { uint8_t space[PLATFORM_STACK_SIZE] __aligned(16); uint32_t end; From 8ef782df8b6be2150de9e4568995d26c20b32617 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arve=20Hj=C3=B8nnev=C3=A5g?= Date: Wed, 28 Feb 2018 17:15:06 -0800 Subject: [PATCH 08/12] trusty: Change type of aarch32 flag t bool Change-Id: Ie4f937808d24c9b45066c6582c4eee61699ef6df --- services/spd/trusty/trusty.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/services/spd/trusty/trusty.c b/services/spd/trusty/trusty.c index 1d6d0748f0..e62f7396f4 100644 --- a/services/spd/trusty/trusty.c +++ b/services/spd/trusty/trusty.c @@ -13,6 +13,7 @@ #include #include #include +#include #include #include "sm_err.h" @@ -397,7 +398,7 @@ static int32_t trusty_setup(void) uint32_t instr; uint32_t flags; int ret; - int aarch32 = 0; + bool aarch32 = false; /* Get trusty's entry point info */ ep_info = bl31_plat_get_next_image_ep_info(SECURE); @@ -410,7 +411,7 @@ static int32_t trusty_setup(void) if (instr >> 24 == 0xea) { INFO("trusty: Found 32 bit image\n"); - aarch32 = 1; + aarch32 = true; } else if (instr >> 8 == 0xd53810 || instr >> 16 == 0x9400) { INFO("trusty: Found 64 bit image\n"); } else { From daf0a726eadbc6b8a09b3e3ae7a94dcdac20664e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arve=20Hj=C3=B8nnev=C3=A5g?= Date: Wed, 28 Feb 2018 17:18:55 -0800 Subject: [PATCH 09/12] trusty: Fix reported static check errors Change-Id: I9f9a8a159b41be1c865a20801d03a1b2934c3cac --- services/spd/trusty/generic-arm64-smcall.c | 2 +- services/spd/trusty/trusty.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/services/spd/trusty/generic-arm64-smcall.c b/services/spd/trusty/generic-arm64-smcall.c index 7916fca24c..38da279e4c 100644 --- a/services/spd/trusty/generic-arm64-smcall.c +++ b/services/spd/trusty/generic-arm64-smcall.c @@ -66,7 +66,7 @@ static uint64_t trusty_generic_platform_smc(uint32_t smc_fid, void *handle, uint64_t flags) { - switch(smc_fid) { + switch (smc_fid) { case SMC_FC_DEBUG_PUTC: trusty_dputc(x1, is_caller_secure(flags)); SMC_RET1(handle, 0); diff --git a/services/spd/trusty/trusty.c b/services/spd/trusty/trusty.c index e62f7396f4..e27df154a6 100644 --- a/services/spd/trusty/trusty.c +++ b/services/spd/trusty/trusty.c @@ -409,7 +409,7 @@ static int32_t trusty_setup(void) instr = *(uint32_t *)ep_info->pc; - if (instr >> 24 == 0xea) { + if (instr >> 24 == 0xeaU) { INFO("trusty: Found 32 bit image\n"); aarch32 = true; } else if (instr >> 8 == 0xd53810 || instr >> 16 == 0x9400) { From be1b5d48fa7826d93a173ae9b48e2df9a2e7bca1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arve=20Hj=C3=B8nnev=C3=A5g?= Date: Thu, 1 Mar 2018 11:38:18 -0800 Subject: [PATCH 10/12] trusty: Fix reported misra violation memset does not return a useful result here, so explitcitly ignore it Change-Id: I33cd2228cadc280ee8e5ce3a4f8682dde9a7c16c --- services/spd/trusty/trusty.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/spd/trusty/trusty.c b/services/spd/trusty/trusty.c index e27df154a6..6d9cc28a6d 100644 --- a/services/spd/trusty/trusty.c +++ b/services/spd/trusty/trusty.c @@ -428,7 +428,7 @@ static int32_t trusty_setup(void) DAIF_FIQ_BIT | DAIF_IRQ_BIT | DAIF_ABT_BIT); - memset(&ep_info->args, 0, sizeof(ep_info->args)); + (void)memset(&ep_info->args, 0, sizeof(ep_info->args)); plat_trusty_set_boot_args(&ep_info->args); /* register init handler */ From 2686f9fdc38b7b2033def9cc1e5f7ff5bfb5dc54 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arve=20Hj=C3=B8nnev=C3=A5g?= Date: Fri, 2 Mar 2018 10:10:00 -0800 Subject: [PATCH 11/12] trusty: Fix another reported misra violation Change-Id: I822ccf5852dce4c01f98382cc393331f29e1e256 --- services/spd/trusty/trusty.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/spd/trusty/trusty.c b/services/spd/trusty/trusty.c index 6d9cc28a6d..d6e5726796 100644 --- a/services/spd/trusty/trusty.c +++ b/services/spd/trusty/trusty.c @@ -412,7 +412,7 @@ static int32_t trusty_setup(void) if (instr >> 24 == 0xeaU) { INFO("trusty: Found 32 bit image\n"); aarch32 = true; - } else if (instr >> 8 == 0xd53810 || instr >> 16 == 0x9400) { + } else if (instr >> 8 == 0xd53810U || instr >> 16 == 0x9400U) { INFO("trusty: Found 64 bit image\n"); } else { NOTICE("trusty: Found unknown image, 0x%x\n", instr); From 0e9c7f27cdc11bc83d6ef0572e6b0aba43a91c22 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arve=20Hj=C3=B8nnev=C3=A5g?= Date: Mon, 5 Mar 2018 12:13:22 -0800 Subject: [PATCH 12/12] trusty: Add boot parameter documentation Change-Id: Ibfb75145e3a31ae2106eedfbe4a91c2e31bb9f2a --- docs/spd/trusty-dispatcher.rst | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/docs/spd/trusty-dispatcher.rst b/docs/spd/trusty-dispatcher.rst index f1982ea794..10b111d611 100644 --- a/docs/spd/trusty-dispatcher.rst +++ b/docs/spd/trusty-dispatcher.rst @@ -8,6 +8,23 @@ Detailed information and build instructions can be found on the Android Open Source Project (AOSP) webpage for Trusty hosted at https://source.android.com/security/trusty +Boot parameters +=============== + +Custom boot parameters can be passed to Trusty by providing a platform +specific function: + +.. code:: c + + void plat_trusty_set_boot_args(aapcs64_params_t *args) + +If this function is provided ``args->arg0`` must be set to the memory +size allocated to trusty. If the platform does not provide this +function, but defines ``TSP_SEC_MEM_SIZE``, a default implementation +will pass the memory size from ``TSP_SEC_MEM_SIZE``. ``args->arg1`` +can be set to a platform specific parameter block, and ``args->arg2`` +should then be set to the size of that block. + Supported platforms ===================