1 /*
2 * Copyright (c) 2015-2022, ARM Limited and Contributors. All rights reserved.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 */
6
7 #include <assert.h>
8 #include <string.h>
9
10 #include <platform_def.h>
11
12 #include <common/bl_common.h>
13 #include <common/debug.h>
14 #include <common/desc_image_load.h>
15 #include <common/uuid.h>
16 #include <drivers/io/io_driver.h>
17 #include <drivers/io/io_encrypted.h>
18 #include <drivers/io/io_fip.h>
19 #include <drivers/io/io_memmap.h>
20 #include <drivers/io/io_semihosting.h>
21 #include <drivers/io/io_storage.h>
22 #include <lib/semihosting.h>
23 #include <tools_share/firmware_image_package.h>
24
25 #include "qemu_private.h"
26
27 /* Semihosting filenames */
28 #define BL2_IMAGE_NAME "bl2.bin"
29 #define BL31_IMAGE_NAME "bl31.bin"
30 #define BL32_IMAGE_NAME "bl32.bin"
31 #define TB_FW_CONFIG_NAME "tb_fw_config.dtb"
32 #define TOS_FW_CONFIG_NAME "tos_fw_config.dtb"
33 #define BL32_EXTRA1_IMAGE_NAME "bl32_extra1.bin"
34 #define BL32_EXTRA2_IMAGE_NAME "bl32_extra2.bin"
35 #define BL33_IMAGE_NAME "bl33.bin"
36
37 #if TRUSTED_BOARD_BOOT
38 #define TRUSTED_BOOT_FW_CERT_NAME "tb_fw.crt"
39 #define TRUSTED_KEY_CERT_NAME "trusted_key.crt"
40 #define SOC_FW_KEY_CERT_NAME "soc_fw_key.crt"
41 #define TOS_FW_KEY_CERT_NAME "tos_fw_key.crt"
42 #define NT_FW_KEY_CERT_NAME "nt_fw_key.crt"
43 #define SOC_FW_CONTENT_CERT_NAME "soc_fw_content.crt"
44 #define TOS_FW_CONTENT_CERT_NAME "tos_fw_content.crt"
45 #define NT_FW_CONTENT_CERT_NAME "nt_fw_content.crt"
46 #endif /* TRUSTED_BOARD_BOOT */
47
48
49
50 /* IO devices */
51 static const io_dev_connector_t *fip_dev_con;
52 static uintptr_t fip_dev_handle;
53 static const io_dev_connector_t *memmap_dev_con;
54 static uintptr_t memmap_dev_handle;
55 static const io_dev_connector_t *sh_dev_con;
56 static uintptr_t sh_dev_handle;
57 #ifndef DECRYPTION_SUPPORT_none
58 static const io_dev_connector_t *enc_dev_con;
59 static uintptr_t enc_dev_handle;
60 #endif
61
62 static const io_block_spec_t fip_block_spec = {
63 .offset = PLAT_QEMU_FIP_BASE,
64 .length = PLAT_QEMU_FIP_MAX_SIZE
65 };
66
67 static const io_uuid_spec_t bl2_uuid_spec = {
68 .uuid = UUID_TRUSTED_BOOT_FIRMWARE_BL2,
69 };
70
71 static const io_uuid_spec_t bl31_uuid_spec = {
72 .uuid = UUID_EL3_RUNTIME_FIRMWARE_BL31,
73 };
74
75 static const io_uuid_spec_t bl32_uuid_spec = {
76 .uuid = UUID_SECURE_PAYLOAD_BL32,
77 };
78
79 static const io_uuid_spec_t bl32_extra1_uuid_spec = {
80 .uuid = UUID_SECURE_PAYLOAD_BL32_EXTRA1,
81 };
82
83 static const io_uuid_spec_t bl32_extra2_uuid_spec = {
84 .uuid = UUID_SECURE_PAYLOAD_BL32_EXTRA2,
85 };
86
87 static const io_uuid_spec_t tb_fw_config_uuid_spec = {
88 .uuid = UUID_TB_FW_CONFIG,
89 };
90
91 static const io_uuid_spec_t tos_fw_config_uuid_spec = {
92 .uuid = UUID_TOS_FW_CONFIG,
93 };
94
95 static const io_uuid_spec_t bl33_uuid_spec = {
96 .uuid = UUID_NON_TRUSTED_FIRMWARE_BL33,
97 };
98
99 #if TRUSTED_BOARD_BOOT
100 static const io_uuid_spec_t tb_fw_cert_uuid_spec = {
101 .uuid = UUID_TRUSTED_BOOT_FW_CERT,
102 };
103
104 static const io_uuid_spec_t trusted_key_cert_uuid_spec = {
105 .uuid = UUID_TRUSTED_KEY_CERT,
106 };
107
108 static const io_uuid_spec_t soc_fw_key_cert_uuid_spec = {
109 .uuid = UUID_SOC_FW_KEY_CERT,
110 };
111
112 static const io_uuid_spec_t tos_fw_key_cert_uuid_spec = {
113 .uuid = UUID_TRUSTED_OS_FW_KEY_CERT,
114 };
115
116 static const io_uuid_spec_t nt_fw_key_cert_uuid_spec = {
117 .uuid = UUID_NON_TRUSTED_FW_KEY_CERT,
118 };
119
120 static const io_uuid_spec_t soc_fw_cert_uuid_spec = {
121 .uuid = UUID_SOC_FW_CONTENT_CERT,
122 };
123
124 static const io_uuid_spec_t tos_fw_cert_uuid_spec = {
125 .uuid = UUID_TRUSTED_OS_FW_CONTENT_CERT,
126 };
127
128 static const io_uuid_spec_t nt_fw_cert_uuid_spec = {
129 .uuid = UUID_NON_TRUSTED_FW_CONTENT_CERT,
130 };
131 #endif /* TRUSTED_BOARD_BOOT */
132
133 static const io_file_spec_t sh_file_spec[] = {
134 [BL2_IMAGE_ID] = {
135 .path = BL2_IMAGE_NAME,
136 .mode = FOPEN_MODE_RB
137 },
138 [BL31_IMAGE_ID] = {
139 .path = BL31_IMAGE_NAME,
140 .mode = FOPEN_MODE_RB
141 },
142 [BL32_IMAGE_ID] = {
143 .path = BL32_IMAGE_NAME,
144 .mode = FOPEN_MODE_RB
145 },
146 [BL32_EXTRA1_IMAGE_ID] = {
147 .path = BL32_EXTRA1_IMAGE_NAME,
148 .mode = FOPEN_MODE_RB
149 },
150 [BL32_EXTRA2_IMAGE_ID] = {
151 .path = BL32_EXTRA2_IMAGE_NAME,
152 .mode = FOPEN_MODE_RB
153 },
154 [TB_FW_CONFIG_ID] = {
155 .path = TB_FW_CONFIG_NAME,
156 .mode = FOPEN_MODE_RB
157 },
158 [TOS_FW_CONFIG_ID] = {
159 .path = TOS_FW_CONFIG_NAME,
160 .mode = FOPEN_MODE_RB
161 },
162 [BL33_IMAGE_ID] = {
163 .path = BL33_IMAGE_NAME,
164 .mode = FOPEN_MODE_RB
165 },
166 #if TRUSTED_BOARD_BOOT
167 [TRUSTED_BOOT_FW_CERT_ID] = {
168 .path = TRUSTED_BOOT_FW_CERT_NAME,
169 .mode = FOPEN_MODE_RB
170 },
171 [TRUSTED_KEY_CERT_ID] = {
172 .path = TRUSTED_KEY_CERT_NAME,
173 .mode = FOPEN_MODE_RB
174 },
175 [SOC_FW_KEY_CERT_ID] = {
176 .path = SOC_FW_KEY_CERT_NAME,
177 .mode = FOPEN_MODE_RB
178 },
179 [TRUSTED_OS_FW_KEY_CERT_ID] = {
180 .path = TOS_FW_KEY_CERT_NAME,
181 .mode = FOPEN_MODE_RB
182 },
183 [NON_TRUSTED_FW_KEY_CERT_ID] = {
184 .path = NT_FW_KEY_CERT_NAME,
185 .mode = FOPEN_MODE_RB
186 },
187 [SOC_FW_CONTENT_CERT_ID] = {
188 .path = SOC_FW_CONTENT_CERT_NAME,
189 .mode = FOPEN_MODE_RB
190 },
191 [TRUSTED_OS_FW_CONTENT_CERT_ID] = {
192 .path = TOS_FW_CONTENT_CERT_NAME,
193 .mode = FOPEN_MODE_RB
194 },
195 [NON_TRUSTED_FW_CONTENT_CERT_ID] = {
196 .path = NT_FW_CONTENT_CERT_NAME,
197 .mode = FOPEN_MODE_RB
198 },
199 #endif /* TRUSTED_BOARD_BOOT */
200 };
201
202 static int open_fip(const uintptr_t spec);
203 static int open_memmap(const uintptr_t spec);
204 #ifndef DECRYPTION_SUPPORT_none
205 static int open_enc_fip(const uintptr_t spec);
206 #endif
207
208 struct plat_io_policy {
209 uintptr_t *dev_handle;
210 uintptr_t image_spec;
211 int (*check)(const uintptr_t spec);
212 };
213
214 /* By default, ARM platforms load images from the FIP */
215 static const struct plat_io_policy policies[] = {
216 [FIP_IMAGE_ID] = {
217 &memmap_dev_handle,
218 (uintptr_t)&fip_block_spec,
219 open_memmap
220 },
221 [ENC_IMAGE_ID] = {
222 &fip_dev_handle,
223 (uintptr_t)NULL,
224 open_fip
225 },
226 [BL2_IMAGE_ID] = {
227 &fip_dev_handle,
228 (uintptr_t)&bl2_uuid_spec,
229 open_fip
230 },
231 #if ENCRYPT_BL31 && !defined(DECRYPTION_SUPPORT_none)
232 [BL31_IMAGE_ID] = {
233 &enc_dev_handle,
234 (uintptr_t)&bl31_uuid_spec,
235 open_enc_fip
236 },
237 #else
238 [BL31_IMAGE_ID] = {
239 &fip_dev_handle,
240 (uintptr_t)&bl31_uuid_spec,
241 open_fip
242 },
243 #endif
244 #if ENCRYPT_BL32 && !defined(DECRYPTION_SUPPORT_none)
245 [BL32_IMAGE_ID] = {
246 &enc_dev_handle,
247 (uintptr_t)&bl32_uuid_spec,
248 open_enc_fip
249 },
250 [BL32_EXTRA1_IMAGE_ID] = {
251 &enc_dev_handle,
252 (uintptr_t)&bl32_extra1_uuid_spec,
253 open_enc_fip
254 },
255 [BL32_EXTRA2_IMAGE_ID] = {
256 &enc_dev_handle,
257 (uintptr_t)&bl32_extra2_uuid_spec,
258 open_enc_fip
259 },
260 #else
261 [BL32_IMAGE_ID] = {
262 &fip_dev_handle,
263 (uintptr_t)&bl32_uuid_spec,
264 open_fip
265 },
266 [BL32_EXTRA1_IMAGE_ID] = {
267 &fip_dev_handle,
268 (uintptr_t)&bl32_extra1_uuid_spec,
269 open_fip
270 },
271 [BL32_EXTRA2_IMAGE_ID] = {
272 &fip_dev_handle,
273 (uintptr_t)&bl32_extra2_uuid_spec,
274 open_fip
275 },
276 #endif
277 [TB_FW_CONFIG_ID] = {
278 &fip_dev_handle,
279 (uintptr_t)&tb_fw_config_uuid_spec,
280 open_fip
281 },
282 [TOS_FW_CONFIG_ID] = {
283 &fip_dev_handle,
284 (uintptr_t)&tos_fw_config_uuid_spec,
285 open_fip
286 },
287 [BL33_IMAGE_ID] = {
288 &fip_dev_handle,
289 (uintptr_t)&bl33_uuid_spec,
290 open_fip
291 },
292 #if TRUSTED_BOARD_BOOT
293 [TRUSTED_BOOT_FW_CERT_ID] = {
294 &fip_dev_handle,
295 (uintptr_t)&tb_fw_cert_uuid_spec,
296 open_fip
297 },
298 [TRUSTED_KEY_CERT_ID] = {
299 &fip_dev_handle,
300 (uintptr_t)&trusted_key_cert_uuid_spec,
301 open_fip
302 },
303 [SOC_FW_KEY_CERT_ID] = {
304 &fip_dev_handle,
305 (uintptr_t)&soc_fw_key_cert_uuid_spec,
306 open_fip
307 },
308 [TRUSTED_OS_FW_KEY_CERT_ID] = {
309 &fip_dev_handle,
310 (uintptr_t)&tos_fw_key_cert_uuid_spec,
311 open_fip
312 },
313 [NON_TRUSTED_FW_KEY_CERT_ID] = {
314 &fip_dev_handle,
315 (uintptr_t)&nt_fw_key_cert_uuid_spec,
316 open_fip
317 },
318 [SOC_FW_CONTENT_CERT_ID] = {
319 &fip_dev_handle,
320 (uintptr_t)&soc_fw_cert_uuid_spec,
321 open_fip
322 },
323 [TRUSTED_OS_FW_CONTENT_CERT_ID] = {
324 &fip_dev_handle,
325 (uintptr_t)&tos_fw_cert_uuid_spec,
326 open_fip
327 },
328 [NON_TRUSTED_FW_CONTENT_CERT_ID] = {
329 &fip_dev_handle,
330 (uintptr_t)&nt_fw_cert_uuid_spec,
331 open_fip
332 },
333 #endif /* TRUSTED_BOARD_BOOT */
334 };
335
336 #if defined(SPD_spmd)
337 static struct sp_pkg {
338 struct plat_io_policy policy;
339 io_file_spec_t sh_file_spec;
340 uint8_t uuid[UUID_BYTES_LENGTH];
341 char path[80];
342 } sp_pkgs[MAX_SP_IDS];
343 static unsigned int sp_pkg_count;
344
qemu_io_register_sp_pkg(const char * name,const char * uuid,uintptr_t load_addr)345 int qemu_io_register_sp_pkg(const char *name, const char *uuid,
346 uintptr_t load_addr)
347 {
348 struct sp_pkg *pkg;
349 bl_mem_params_node_t *mem_params;
350
351 if (sp_pkg_count == MAX_SP_IDS) {
352 INFO("Reached Max number of SPs\n");
353 return -1;
354 }
355 mem_params = get_bl_mem_params_node(SP_PKG1_ID + sp_pkg_count);
356 if (mem_params == NULL) {
357 ERROR("Can't find SP_PKG ID %u (SP_PKG%u_ID)\n",
358 SP_PKG1_ID + sp_pkg_count, sp_pkg_count);
359 return -1;
360 }
361 pkg = sp_pkgs + sp_pkg_count;
362
363 if (read_uuid(pkg->uuid, (char *)uuid)) {
364 return -1;
365 }
366
367 strlcpy(pkg->path, name, sizeof(pkg->path));
368 strlcat(pkg->path, ".pkg", sizeof(pkg->path));
369
370 pkg->policy.dev_handle = &fip_dev_handle;
371 pkg->policy.image_spec = (uintptr_t)&pkg->uuid;
372 pkg->policy.check = open_fip;
373 pkg->sh_file_spec.path = pkg->path;
374 pkg->sh_file_spec.mode = FOPEN_MODE_RB;
375
376 mem_params->image_info.image_base = load_addr;
377 mem_params->image_info.image_max_size = SZ_4M;
378 mem_params->image_info.h.attr &= ~IMAGE_ATTRIB_SKIP_LOADING;
379
380 sp_pkg_count++;
381
382 return 0;
383 }
384 #endif /*SPD_spmd*/
385
get_io_file_spec(unsigned int image_id)386 static const io_file_spec_t *get_io_file_spec(unsigned int image_id)
387 {
388 #if defined(SPD_spmd)
389 if (image_id >= SP_PKG1_ID && image_id <= SP_PKG8_ID) {
390 return &sp_pkgs[image_id - SP_PKG1_ID].sh_file_spec;
391 }
392 #endif
393
394 assert(image_id < ARRAY_SIZE(sh_file_spec));
395 return &sh_file_spec[image_id];
396 }
397
get_io_policy(unsigned int image_id)398 static const struct plat_io_policy *get_io_policy(unsigned int image_id)
399 {
400 #if defined(SPD_spmd)
401 if (image_id >= SP_PKG1_ID && image_id <= SP_PKG8_ID) {
402 return &sp_pkgs[image_id - SP_PKG1_ID].policy;
403 }
404 #endif
405
406 assert(image_id < ARRAY_SIZE(policies));
407 return &policies[image_id];
408 }
409
open_fip(const uintptr_t spec)410 static int open_fip(const uintptr_t spec)
411 {
412 int result;
413 uintptr_t local_image_handle;
414
415 /* See if a Firmware Image Package is available */
416 result = io_dev_init(fip_dev_handle, (uintptr_t)FIP_IMAGE_ID);
417 if (result == 0 && spec != (uintptr_t)NULL) {
418 result = io_open(fip_dev_handle, spec, &local_image_handle);
419 if (result == 0) {
420 VERBOSE("Using FIP\n");
421 io_close(local_image_handle);
422 }
423 }
424 return result;
425 }
426
427 #ifndef DECRYPTION_SUPPORT_none
open_enc_fip(const uintptr_t spec)428 static int open_enc_fip(const uintptr_t spec)
429 {
430 int result;
431 uintptr_t local_image_handle;
432
433 /* See if an encrypted FIP is available */
434 result = io_dev_init(enc_dev_handle, (uintptr_t)ENC_IMAGE_ID);
435 if (result == 0) {
436 result = io_open(enc_dev_handle, spec, &local_image_handle);
437 if (result == 0) {
438 VERBOSE("Using encrypted FIP\n");
439 io_close(local_image_handle);
440 }
441 }
442 return result;
443 }
444 #endif
445
open_memmap(const uintptr_t spec)446 static int open_memmap(const uintptr_t spec)
447 {
448 int result;
449 uintptr_t local_image_handle;
450
451 result = io_dev_init(memmap_dev_handle, (uintptr_t)NULL);
452 if (result == 0) {
453 result = io_open(memmap_dev_handle, spec, &local_image_handle);
454 if (result == 0) {
455 VERBOSE("Using Memmap\n");
456 io_close(local_image_handle);
457 }
458 }
459 return result;
460 }
461
open_semihosting(const uintptr_t spec)462 static int open_semihosting(const uintptr_t spec)
463 {
464 int result;
465 uintptr_t local_image_handle;
466
467 /* See if the file exists on semi-hosting.*/
468 result = io_dev_init(sh_dev_handle, (uintptr_t)NULL);
469 if (result == 0) {
470 result = io_open(sh_dev_handle, spec, &local_image_handle);
471 if (result == 0) {
472 VERBOSE("Using Semi-hosting IO\n");
473 io_close(local_image_handle);
474 }
475 }
476 return result;
477 }
478
plat_qemu_io_setup(void)479 void plat_qemu_io_setup(void)
480 {
481 int io_result;
482
483 io_result = register_io_dev_fip(&fip_dev_con);
484 assert(io_result == 0);
485
486 io_result = register_io_dev_memmap(&memmap_dev_con);
487 assert(io_result == 0);
488
489 /* Open connections to devices and cache the handles */
490 io_result = io_dev_open(fip_dev_con, (uintptr_t)NULL,
491 &fip_dev_handle);
492 assert(io_result == 0);
493
494 io_result = io_dev_open(memmap_dev_con, (uintptr_t)NULL,
495 &memmap_dev_handle);
496 assert(io_result == 0);
497
498 #ifndef DECRYPTION_SUPPORT_none
499 io_result = register_io_dev_enc(&enc_dev_con);
500 assert(io_result == 0);
501
502 io_result = io_dev_open(enc_dev_con, (uintptr_t)NULL,
503 &enc_dev_handle);
504 assert(io_result == 0);
505 #endif
506
507 /* Register the additional IO devices on this platform */
508 io_result = register_io_dev_sh(&sh_dev_con);
509 assert(io_result == 0);
510
511 /* Open connections to devices and cache the handles */
512 io_result = io_dev_open(sh_dev_con, (uintptr_t)NULL, &sh_dev_handle);
513 assert(io_result == 0);
514
515 /* Ignore improbable errors in release builds */
516 (void)io_result;
517 }
518
get_alt_image_source(unsigned int image_id,uintptr_t * dev_handle,uintptr_t * image_spec)519 static int get_alt_image_source(unsigned int image_id, uintptr_t *dev_handle,
520 uintptr_t *image_spec)
521 {
522 const io_file_spec_t *spec = get_io_file_spec(image_id);
523 int result;
524
525 result = open_semihosting((const uintptr_t)spec);
526 if (result == 0) {
527 *dev_handle = sh_dev_handle;
528 *image_spec = (uintptr_t)spec;
529 }
530
531 return result;
532 }
533
534 /*
535 * Return an IO device handle and specification which can be used to access
536 * an image. Use this to enforce platform load policy
537 */
plat_get_image_source(unsigned int image_id,uintptr_t * dev_handle,uintptr_t * image_spec)538 int plat_get_image_source(unsigned int image_id, uintptr_t *dev_handle,
539 uintptr_t *image_spec)
540 {
541 const struct plat_io_policy *policy = get_io_policy(image_id);
542 int result;
543
544 result = policy->check(policy->image_spec);
545 if (result == 0) {
546 *image_spec = policy->image_spec;
547 *dev_handle = *(policy->dev_handle);
548 } else {
549 VERBOSE("Trying alternative IO\n");
550 result = get_alt_image_source(image_id, dev_handle, image_spec);
551 }
552
553 return result;
554 }
555
