1 /*
2 * Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 */
6
7 #include <assert.h>
8 #include <inttypes.h>
9 #include <stdint.h>
10
11 #include <arch_features.h>
12 #include <arch_helpers.h>
13 #include <bl32/tsp/tsp.h>
14 #include <common/bl_common.h>
15 #include <common/debug.h>
16 #include <lib/spinlock.h>
17 #include <plat/common/platform.h>
18 #include <platform_def.h>
19 #include <platform_tsp.h>
20
21 #include "tsp_private.h"
22
23
24 /*******************************************************************************
25 * Lock to control access to the console
26 ******************************************************************************/
27 spinlock_t console_lock;
28
29 /*******************************************************************************
30 * Per cpu data structure to populate parameters for an SMC in C code and use
31 * a pointer to this structure in assembler code to populate x0-x7
32 ******************************************************************************/
33 static tsp_args_t tsp_smc_args[PLATFORM_CORE_COUNT];
34
35 /*******************************************************************************
36 * Per cpu data structure to keep track of TSP activity
37 ******************************************************************************/
38 work_statistics_t tsp_stats[PLATFORM_CORE_COUNT];
39
40 /*******************************************************************************
41 * The TSP memory footprint starts at address BL32_BASE and ends with the
42 * linker symbol __BL32_END__. Use these addresses to compute the TSP image
43 * size.
44 ******************************************************************************/
45 #define BL32_TOTAL_LIMIT BL32_END
46 #define BL32_TOTAL_SIZE (BL32_TOTAL_LIMIT - (unsigned long) BL32_BASE)
47
set_smc_args(uint64_t arg0,uint64_t arg1,uint64_t arg2,uint64_t arg3,uint64_t arg4,uint64_t arg5,uint64_t arg6,uint64_t arg7)48 static tsp_args_t *set_smc_args(uint64_t arg0,
49 uint64_t arg1,
50 uint64_t arg2,
51 uint64_t arg3,
52 uint64_t arg4,
53 uint64_t arg5,
54 uint64_t arg6,
55 uint64_t arg7)
56 {
57 uint32_t linear_id;
58 tsp_args_t *pcpu_smc_args;
59
60 /*
61 * Return to Secure Monitor by raising an SMC. The results of the
62 * service are passed as an arguments to the SMC
63 */
64 linear_id = plat_my_core_pos();
65 pcpu_smc_args = &tsp_smc_args[linear_id];
66 write_sp_arg(pcpu_smc_args, TSP_ARG0, arg0);
67 write_sp_arg(pcpu_smc_args, TSP_ARG1, arg1);
68 write_sp_arg(pcpu_smc_args, TSP_ARG2, arg2);
69 write_sp_arg(pcpu_smc_args, TSP_ARG3, arg3);
70 write_sp_arg(pcpu_smc_args, TSP_ARG4, arg4);
71 write_sp_arg(pcpu_smc_args, TSP_ARG5, arg5);
72 write_sp_arg(pcpu_smc_args, TSP_ARG6, arg6);
73 write_sp_arg(pcpu_smc_args, TSP_ARG7, arg7);
74
75 return pcpu_smc_args;
76 }
77
78 /*******************************************************************************
79 * Setup function for TSP.
80 ******************************************************************************/
tsp_setup(void)81 void tsp_setup(void)
82 {
83 /* Perform early platform-specific setup */
84 tsp_early_platform_setup();
85
86 /* Perform late platform-specific setup */
87 tsp_plat_arch_setup();
88
89 #if ENABLE_PAUTH
90 /*
91 * Assert that the ARMv8.3-PAuth registers are present or an access
92 * fault will be triggered when they are being saved or restored.
93 */
94 assert(is_armv8_3_pauth_present());
95 #endif /* ENABLE_PAUTH */
96 }
97
98 /*******************************************************************************
99 * TSP main entry point where it gets the opportunity to initialize its secure
100 * state/applications. Once the state is initialized, it must return to the
101 * SPD with a pointer to the 'tsp_vector_table' jump table.
102 ******************************************************************************/
tsp_main(void)103 uint64_t tsp_main(void)
104 {
105 NOTICE("TSP: %s\n", version_string);
106 NOTICE("TSP: %s\n", build_message);
107 INFO("TSP: Total memory base : 0x%lx\n", (unsigned long) BL32_BASE);
108 INFO("TSP: Total memory size : 0x%lx bytes\n", BL32_TOTAL_SIZE);
109
110 uint32_t linear_id = plat_my_core_pos();
111
112 /* Initialize the platform */
113 tsp_platform_setup();
114
115 /* Initialize secure/applications state here */
116 tsp_generic_timer_start();
117
118 /* Update this cpu's statistics */
119 tsp_stats[linear_id].smc_count++;
120 tsp_stats[linear_id].eret_count++;
121 tsp_stats[linear_id].cpu_on_count++;
122
123 #if LOG_LEVEL >= LOG_LEVEL_INFO
124 spin_lock(&console_lock);
125 INFO("TSP: cpu 0x%lx: %d smcs, %d erets %d cpu on requests\n",
126 read_mpidr(),
127 tsp_stats[linear_id].smc_count,
128 tsp_stats[linear_id].eret_count,
129 tsp_stats[linear_id].cpu_on_count);
130 spin_unlock(&console_lock);
131 #endif
132 return (uint64_t) &tsp_vector_table;
133 }
134
135 /*******************************************************************************
136 * This function performs any remaining book keeping in the test secure payload
137 * after this cpu's architectural state has been setup in response to an earlier
138 * psci cpu_on request.
139 ******************************************************************************/
tsp_cpu_on_main(void)140 tsp_args_t *tsp_cpu_on_main(void)
141 {
142 uint32_t linear_id = plat_my_core_pos();
143
144 /* Initialize secure/applications state here */
145 tsp_generic_timer_start();
146
147 /* Update this cpu's statistics */
148 tsp_stats[linear_id].smc_count++;
149 tsp_stats[linear_id].eret_count++;
150 tsp_stats[linear_id].cpu_on_count++;
151
152 #if LOG_LEVEL >= LOG_LEVEL_INFO
153 spin_lock(&console_lock);
154 INFO("TSP: cpu 0x%lx turned on\n", read_mpidr());
155 INFO("TSP: cpu 0x%lx: %d smcs, %d erets %d cpu on requests\n",
156 read_mpidr(),
157 tsp_stats[linear_id].smc_count,
158 tsp_stats[linear_id].eret_count,
159 tsp_stats[linear_id].cpu_on_count);
160 spin_unlock(&console_lock);
161 #endif
162 /* Indicate to the SPD that we have completed turned ourselves on */
163 return set_smc_args(TSP_ON_DONE, 0, 0, 0, 0, 0, 0, 0);
164 }
165
166 /*******************************************************************************
167 * This function performs any remaining book keeping in the test secure payload
168 * before this cpu is turned off in response to a psci cpu_off request.
169 ******************************************************************************/
tsp_cpu_off_main(uint64_t arg0,uint64_t arg1,uint64_t arg2,uint64_t arg3,uint64_t arg4,uint64_t arg5,uint64_t arg6,uint64_t arg7)170 tsp_args_t *tsp_cpu_off_main(uint64_t arg0,
171 uint64_t arg1,
172 uint64_t arg2,
173 uint64_t arg3,
174 uint64_t arg4,
175 uint64_t arg5,
176 uint64_t arg6,
177 uint64_t arg7)
178 {
179 uint32_t linear_id = plat_my_core_pos();
180
181 /*
182 * This cpu is being turned off, so disable the timer to prevent the
183 * secure timer interrupt from interfering with power down. A pending
184 * interrupt will be lost but we do not care as we are turning off.
185 */
186 tsp_generic_timer_stop();
187
188 /* Update this cpu's statistics */
189 tsp_stats[linear_id].smc_count++;
190 tsp_stats[linear_id].eret_count++;
191 tsp_stats[linear_id].cpu_off_count++;
192
193 #if LOG_LEVEL >= LOG_LEVEL_INFO
194 spin_lock(&console_lock);
195 INFO("TSP: cpu 0x%lx off request\n", read_mpidr());
196 INFO("TSP: cpu 0x%lx: %d smcs, %d erets %d cpu off requests\n",
197 read_mpidr(),
198 tsp_stats[linear_id].smc_count,
199 tsp_stats[linear_id].eret_count,
200 tsp_stats[linear_id].cpu_off_count);
201 spin_unlock(&console_lock);
202 #endif
203
204 /* Indicate to the SPD that we have completed this request */
205 return set_smc_args(TSP_OFF_DONE, 0, 0, 0, 0, 0, 0, 0);
206 }
207
208 /*******************************************************************************
209 * This function performs any book keeping in the test secure payload before
210 * this cpu's architectural state is saved in response to an earlier psci
211 * cpu_suspend request.
212 ******************************************************************************/
tsp_cpu_suspend_main(uint64_t arg0,uint64_t arg1,uint64_t arg2,uint64_t arg3,uint64_t arg4,uint64_t arg5,uint64_t arg6,uint64_t arg7)213 tsp_args_t *tsp_cpu_suspend_main(uint64_t arg0,
214 uint64_t arg1,
215 uint64_t arg2,
216 uint64_t arg3,
217 uint64_t arg4,
218 uint64_t arg5,
219 uint64_t arg6,
220 uint64_t arg7)
221 {
222 uint32_t linear_id = plat_my_core_pos();
223
224 /*
225 * Save the time context and disable it to prevent the secure timer
226 * interrupt from interfering with wakeup from the suspend state.
227 */
228 tsp_generic_timer_save();
229 tsp_generic_timer_stop();
230
231 /* Update this cpu's statistics */
232 tsp_stats[linear_id].smc_count++;
233 tsp_stats[linear_id].eret_count++;
234 tsp_stats[linear_id].cpu_suspend_count++;
235
236 #if LOG_LEVEL >= LOG_LEVEL_INFO
237 spin_lock(&console_lock);
238 INFO("TSP: cpu 0x%lx: %d smcs, %d erets %d cpu suspend requests\n",
239 read_mpidr(),
240 tsp_stats[linear_id].smc_count,
241 tsp_stats[linear_id].eret_count,
242 tsp_stats[linear_id].cpu_suspend_count);
243 spin_unlock(&console_lock);
244 #endif
245
246 /* Indicate to the SPD that we have completed this request */
247 return set_smc_args(TSP_SUSPEND_DONE, 0, 0, 0, 0, 0, 0, 0);
248 }
249
250 /*******************************************************************************
251 * This function performs any book keeping in the test secure payload after this
252 * cpu's architectural state has been restored after wakeup from an earlier psci
253 * cpu_suspend request.
254 ******************************************************************************/
tsp_cpu_resume_main(uint64_t max_off_pwrlvl,uint64_t arg1,uint64_t arg2,uint64_t arg3,uint64_t arg4,uint64_t arg5,uint64_t arg6,uint64_t arg7)255 tsp_args_t *tsp_cpu_resume_main(uint64_t max_off_pwrlvl,
256 uint64_t arg1,
257 uint64_t arg2,
258 uint64_t arg3,
259 uint64_t arg4,
260 uint64_t arg5,
261 uint64_t arg6,
262 uint64_t arg7)
263 {
264 uint32_t linear_id = plat_my_core_pos();
265
266 /* Restore the generic timer context */
267 tsp_generic_timer_restore();
268
269 /* Update this cpu's statistics */
270 tsp_stats[linear_id].smc_count++;
271 tsp_stats[linear_id].eret_count++;
272 tsp_stats[linear_id].cpu_resume_count++;
273
274 #if LOG_LEVEL >= LOG_LEVEL_INFO
275 spin_lock(&console_lock);
276 INFO("TSP: cpu 0x%lx resumed. maximum off power level %" PRId64 "\n",
277 read_mpidr(), max_off_pwrlvl);
278 INFO("TSP: cpu 0x%lx: %d smcs, %d erets %d cpu resume requests\n",
279 read_mpidr(),
280 tsp_stats[linear_id].smc_count,
281 tsp_stats[linear_id].eret_count,
282 tsp_stats[linear_id].cpu_resume_count);
283 spin_unlock(&console_lock);
284 #endif
285 /* Indicate to the SPD that we have completed this request */
286 return set_smc_args(TSP_RESUME_DONE, 0, 0, 0, 0, 0, 0, 0);
287 }
288
289 /*******************************************************************************
290 * This function performs any remaining bookkeeping in the test secure payload
291 * before the system is switched off (in response to a psci SYSTEM_OFF request)
292 ******************************************************************************/
tsp_system_off_main(uint64_t arg0,uint64_t arg1,uint64_t arg2,uint64_t arg3,uint64_t arg4,uint64_t arg5,uint64_t arg6,uint64_t arg7)293 tsp_args_t *tsp_system_off_main(uint64_t arg0,
294 uint64_t arg1,
295 uint64_t arg2,
296 uint64_t arg3,
297 uint64_t arg4,
298 uint64_t arg5,
299 uint64_t arg6,
300 uint64_t arg7)
301 {
302 uint32_t linear_id = plat_my_core_pos();
303
304 /* Update this cpu's statistics */
305 tsp_stats[linear_id].smc_count++;
306 tsp_stats[linear_id].eret_count++;
307
308 #if LOG_LEVEL >= LOG_LEVEL_INFO
309 spin_lock(&console_lock);
310 INFO("TSP: cpu 0x%lx SYSTEM_OFF request\n", read_mpidr());
311 INFO("TSP: cpu 0x%lx: %d smcs, %d erets requests\n", read_mpidr(),
312 tsp_stats[linear_id].smc_count,
313 tsp_stats[linear_id].eret_count);
314 spin_unlock(&console_lock);
315 #endif
316
317 /* Indicate to the SPD that we have completed this request */
318 return set_smc_args(TSP_SYSTEM_OFF_DONE, 0, 0, 0, 0, 0, 0, 0);
319 }
320
321 /*******************************************************************************
322 * This function performs any remaining bookkeeping in the test secure payload
323 * before the system is reset (in response to a psci SYSTEM_RESET request)
324 ******************************************************************************/
tsp_system_reset_main(uint64_t arg0,uint64_t arg1,uint64_t arg2,uint64_t arg3,uint64_t arg4,uint64_t arg5,uint64_t arg6,uint64_t arg7)325 tsp_args_t *tsp_system_reset_main(uint64_t arg0,
326 uint64_t arg1,
327 uint64_t arg2,
328 uint64_t arg3,
329 uint64_t arg4,
330 uint64_t arg5,
331 uint64_t arg6,
332 uint64_t arg7)
333 {
334 uint32_t linear_id = plat_my_core_pos();
335
336 /* Update this cpu's statistics */
337 tsp_stats[linear_id].smc_count++;
338 tsp_stats[linear_id].eret_count++;
339
340 #if LOG_LEVEL >= LOG_LEVEL_INFO
341 spin_lock(&console_lock);
342 INFO("TSP: cpu 0x%lx SYSTEM_RESET request\n", read_mpidr());
343 INFO("TSP: cpu 0x%lx: %d smcs, %d erets requests\n", read_mpidr(),
344 tsp_stats[linear_id].smc_count,
345 tsp_stats[linear_id].eret_count);
346 spin_unlock(&console_lock);
347 #endif
348
349 /* Indicate to the SPD that we have completed this request */
350 return set_smc_args(TSP_SYSTEM_RESET_DONE, 0, 0, 0, 0, 0, 0, 0);
351 }
352
353 /*******************************************************************************
354 * TSP fast smc handler. The secure monitor jumps to this function by
355 * doing the ERET after populating X0-X7 registers. The arguments are received
356 * in the function arguments in order. Once the service is rendered, this
357 * function returns to Secure Monitor by raising SMC.
358 ******************************************************************************/
tsp_smc_handler(uint64_t func,uint64_t arg1,uint64_t arg2,uint64_t arg3,uint64_t arg4,uint64_t arg5,uint64_t arg6,uint64_t arg7)359 tsp_args_t *tsp_smc_handler(uint64_t func,
360 uint64_t arg1,
361 uint64_t arg2,
362 uint64_t arg3,
363 uint64_t arg4,
364 uint64_t arg5,
365 uint64_t arg6,
366 uint64_t arg7)
367 {
368 uint128_t service_args;
369 uint64_t service_arg0;
370 uint64_t service_arg1;
371 uint64_t results[2];
372 uint32_t linear_id = plat_my_core_pos();
373 u_register_t dit;
374
375 /* Update this cpu's statistics */
376 tsp_stats[linear_id].smc_count++;
377 tsp_stats[linear_id].eret_count++;
378
379 #if LOG_LEVEL >= LOG_LEVEL_INFO
380 spin_lock(&console_lock);
381 INFO("TSP: cpu 0x%lx received %s smc 0x%" PRIx64 "\n", read_mpidr(),
382 ((func >> 31) & 1) == 1 ? "fast" : "yielding",
383 func);
384 INFO("TSP: cpu 0x%lx: %d smcs, %d erets\n", read_mpidr(),
385 tsp_stats[linear_id].smc_count,
386 tsp_stats[linear_id].eret_count);
387 spin_unlock(&console_lock);
388 #endif
389
390 /* Render secure services and obtain results here */
391 results[0] = arg1;
392 results[1] = arg2;
393
394 /*
395 * Request a service back from dispatcher/secure monitor.
396 * This call returns and thereafter resumes execution.
397 */
398 service_args = tsp_get_magic();
399 service_arg0 = (uint64_t)service_args;
400 service_arg1 = (uint64_t)(service_args >> 64U);
401
402 #if CTX_INCLUDE_MTE_REGS
403 /*
404 * Write a dummy value to an MTE register, to simulate usage in the
405 * secure world
406 */
407 write_gcr_el1(0x99);
408 #endif
409
410 /* Determine the function to perform based on the function ID */
411 switch (TSP_BARE_FID(func)) {
412 case TSP_ADD:
413 results[0] += service_arg0;
414 results[1] += service_arg1;
415 break;
416 case TSP_SUB:
417 results[0] -= service_arg0;
418 results[1] -= service_arg1;
419 break;
420 case TSP_MUL:
421 results[0] *= service_arg0;
422 results[1] *= service_arg1;
423 break;
424 case TSP_DIV:
425 results[0] /= service_arg0 ? service_arg0 : 1;
426 results[1] /= service_arg1 ? service_arg1 : 1;
427 break;
428 case TSP_CHECK_DIT:
429 if (!is_armv8_4_dit_present()) {
430 #if LOG_LEVEL >= LOG_LEVEL_ERROR
431 spin_lock(&console_lock);
432 ERROR("DIT not supported\n");
433 spin_unlock(&console_lock);
434 #endif
435 results[0] = 0;
436 results[1] = 0xffff;
437 break;
438 }
439 dit = read_dit();
440 results[0] = dit == service_arg0;
441 results[1] = dit;
442 /* Toggle the dit bit */
443 write_dit(service_arg0 != 0U ? 0 : DIT_BIT);
444 break;
445 default:
446 break;
447 }
448
449 return set_smc_args(func, 0,
450 results[0],
451 results[1],
452 0, 0, 0, 0);
453 }
454
455 /*******************************************************************************
456 * TSP smc abort handler. This function is called when aborting a preempted
457 * yielding SMC request. It should cleanup all resources owned by the SMC
458 * handler such as locks or dynamically allocated memory so following SMC
459 * request are executed in a clean environment.
460 ******************************************************************************/
tsp_abort_smc_handler(uint64_t func,uint64_t arg1,uint64_t arg2,uint64_t arg3,uint64_t arg4,uint64_t arg5,uint64_t arg6,uint64_t arg7)461 tsp_args_t *tsp_abort_smc_handler(uint64_t func,
462 uint64_t arg1,
463 uint64_t arg2,
464 uint64_t arg3,
465 uint64_t arg4,
466 uint64_t arg5,
467 uint64_t arg6,
468 uint64_t arg7)
469 {
470 return set_smc_args(TSP_ABORT_DONE, 0, 0, 0, 0, 0, 0, 0);
471 }
472
