1 /*
2 * Copyright (c) 2019-2021, ARM Limited. All rights reserved.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 */
6
7 #include <assert.h>
8
9 #include <common/debug.h>
10 #include <common/fdt_wrappers.h>
11 #include <drivers/io/io_storage.h>
12 #include <drivers/partition/partition.h>
13 #include <lib/object_pool.h>
14 #include <libfdt.h>
15 #include <tools_share/firmware_image_package.h>
16
17 #include <plat/arm/common/arm_fconf_getter.h>
18 #include <plat/arm/common/arm_fconf_io_storage.h>
19 #include <platform_def.h>
20
21 #if PSA_FWU_SUPPORT
22 /* metadata entry details */
23 static io_block_spec_t fwu_metadata_spec;
24 #endif /* PSA_FWU_SUPPORT */
25
26 io_block_spec_t fip_block_spec = {
27 /*
28 * This is fixed FIP address used by BL1, BL2 loads partition table
29 * to get FIP address.
30 */
31 #if ARM_GPT_SUPPORT
32 .offset = PLAT_ARM_FLASH_IMAGE_BASE + PLAT_ARM_FIP_OFFSET_IN_GPT,
33 #else
34 .offset = PLAT_ARM_FLASH_IMAGE_BASE,
35 #endif /* ARM_GPT_SUPPORT */
36 .length = PLAT_ARM_FLASH_IMAGE_MAX_SIZE
37 };
38
39 #if ARM_GPT_SUPPORT
40 static const io_block_spec_t gpt_spec = {
41 .offset = PLAT_ARM_FLASH_IMAGE_BASE,
42 /*
43 * PLAT_PARTITION_BLOCK_SIZE = 512
44 * PLAT_PARTITION_MAX_ENTRIES = 128
45 * each sector has 4 partition entries, and there are
46 * 2 reserved sectors i.e. protective MBR and primary
47 * GPT header hence length gets calculated as,
48 * length = 512 * (128/4 + 2)
49 */
50 .length = PLAT_PARTITION_BLOCK_SIZE *
51 (PLAT_PARTITION_MAX_ENTRIES / 4 + 2),
52 };
53 #endif /* ARM_GPT_SUPPORT */
54
55 const io_uuid_spec_t arm_uuid_spec[MAX_NUMBER_IDS] = {
56 [BL2_IMAGE_ID] = {UUID_TRUSTED_BOOT_FIRMWARE_BL2},
57 [TB_FW_CONFIG_ID] = {UUID_TB_FW_CONFIG},
58 [FW_CONFIG_ID] = {UUID_FW_CONFIG},
59 #if !ARM_IO_IN_DTB
60 [SCP_BL2_IMAGE_ID] = {UUID_SCP_FIRMWARE_SCP_BL2},
61 [BL31_IMAGE_ID] = {UUID_EL3_RUNTIME_FIRMWARE_BL31},
62 [BL32_IMAGE_ID] = {UUID_SECURE_PAYLOAD_BL32},
63 [BL32_EXTRA1_IMAGE_ID] = {UUID_SECURE_PAYLOAD_BL32_EXTRA1},
64 [BL32_EXTRA2_IMAGE_ID] = {UUID_SECURE_PAYLOAD_BL32_EXTRA2},
65 [BL33_IMAGE_ID] = {UUID_NON_TRUSTED_FIRMWARE_BL33},
66 [HW_CONFIG_ID] = {UUID_HW_CONFIG},
67 [SOC_FW_CONFIG_ID] = {UUID_SOC_FW_CONFIG},
68 [TOS_FW_CONFIG_ID] = {UUID_TOS_FW_CONFIG},
69 [NT_FW_CONFIG_ID] = {UUID_NT_FW_CONFIG},
70 [RMM_IMAGE_ID] = {UUID_REALM_MONITOR_MGMT_FIRMWARE},
71 #endif /* ARM_IO_IN_DTB */
72 #if TRUSTED_BOARD_BOOT
73 [TRUSTED_BOOT_FW_CERT_ID] = {UUID_TRUSTED_BOOT_FW_CERT},
74 #if !ARM_IO_IN_DTB
75 [TRUSTED_KEY_CERT_ID] = {UUID_TRUSTED_KEY_CERT},
76 [SCP_FW_KEY_CERT_ID] = {UUID_SCP_FW_KEY_CERT},
77 [SOC_FW_KEY_CERT_ID] = {UUID_SOC_FW_KEY_CERT},
78 [TRUSTED_OS_FW_KEY_CERT_ID] = {UUID_TRUSTED_OS_FW_KEY_CERT},
79 [NON_TRUSTED_FW_KEY_CERT_ID] = {UUID_NON_TRUSTED_FW_KEY_CERT},
80 [SCP_FW_CONTENT_CERT_ID] = {UUID_SCP_FW_CONTENT_CERT},
81 [SOC_FW_CONTENT_CERT_ID] = {UUID_SOC_FW_CONTENT_CERT},
82 [TRUSTED_OS_FW_CONTENT_CERT_ID] = {UUID_TRUSTED_OS_FW_CONTENT_CERT},
83 [NON_TRUSTED_FW_CONTENT_CERT_ID] = {UUID_NON_TRUSTED_FW_CONTENT_CERT},
84 #if defined(SPD_spmd)
85 [SIP_SP_CONTENT_CERT_ID] = {UUID_SIP_SECURE_PARTITION_CONTENT_CERT},
86 [PLAT_SP_CONTENT_CERT_ID] = {UUID_PLAT_SECURE_PARTITION_CONTENT_CERT},
87 #endif
88 #endif /* ARM_IO_IN_DTB */
89 #endif /* TRUSTED_BOARD_BOOT */
90 };
91
92 /* By default, ARM platforms load images from the FIP */
93 struct plat_io_policy policies[MAX_NUMBER_IDS] = {
94 #if ARM_GPT_SUPPORT
95 [GPT_IMAGE_ID] = {
96 &memmap_dev_handle,
97 (uintptr_t)&gpt_spec,
98 open_memmap
99 },
100 #endif /* ARM_GPT_SUPPORT */
101 #if PSA_FWU_SUPPORT
102 [FWU_METADATA_IMAGE_ID] = {
103 &memmap_dev_handle,
104 /* filled runtime from partition information */
105 (uintptr_t)&fwu_metadata_spec,
106 open_memmap
107 },
108 [BKUP_FWU_METADATA_IMAGE_ID] = {
109 &memmap_dev_handle,
110 /* filled runtime from partition information */
111 (uintptr_t)&fwu_metadata_spec,
112 open_memmap
113 },
114 #endif /* PSA_FWU_SUPPORT */
115 [FIP_IMAGE_ID] = {
116 &memmap_dev_handle,
117 (uintptr_t)&fip_block_spec,
118 open_memmap
119 },
120 [BL2_IMAGE_ID] = {
121 &fip_dev_handle,
122 (uintptr_t)&arm_uuid_spec[BL2_IMAGE_ID],
123 open_fip
124 },
125 [TB_FW_CONFIG_ID] = {
126 &fip_dev_handle,
127 (uintptr_t)&arm_uuid_spec[TB_FW_CONFIG_ID],
128 open_fip
129 },
130 [FW_CONFIG_ID] = {
131 &fip_dev_handle,
132 (uintptr_t)&arm_uuid_spec[FW_CONFIG_ID],
133 open_fip
134 },
135 #if !ARM_IO_IN_DTB
136 [SCP_BL2_IMAGE_ID] = {
137 &fip_dev_handle,
138 (uintptr_t)&arm_uuid_spec[SCP_BL2_IMAGE_ID],
139 open_fip
140 },
141 [BL31_IMAGE_ID] = {
142 &fip_dev_handle,
143 (uintptr_t)&arm_uuid_spec[BL31_IMAGE_ID],
144 open_fip
145 },
146 [BL32_IMAGE_ID] = {
147 &fip_dev_handle,
148 (uintptr_t)&arm_uuid_spec[BL32_IMAGE_ID],
149 open_fip
150 },
151 [BL32_EXTRA1_IMAGE_ID] = {
152 &fip_dev_handle,
153 (uintptr_t)&arm_uuid_spec[BL32_EXTRA1_IMAGE_ID],
154 open_fip
155 },
156 [BL32_EXTRA2_IMAGE_ID] = {
157 &fip_dev_handle,
158 (uintptr_t)&arm_uuid_spec[BL32_EXTRA2_IMAGE_ID],
159 open_fip
160 },
161 [BL33_IMAGE_ID] = {
162 &fip_dev_handle,
163 (uintptr_t)&arm_uuid_spec[BL33_IMAGE_ID],
164 open_fip
165 },
166 [RMM_IMAGE_ID] = {
167 &fip_dev_handle,
168 (uintptr_t)&arm_uuid_spec[RMM_IMAGE_ID],
169 open_fip
170 },
171 [HW_CONFIG_ID] = {
172 &fip_dev_handle,
173 (uintptr_t)&arm_uuid_spec[HW_CONFIG_ID],
174 open_fip
175 },
176 [SOC_FW_CONFIG_ID] = {
177 &fip_dev_handle,
178 (uintptr_t)&arm_uuid_spec[SOC_FW_CONFIG_ID],
179 open_fip
180 },
181 [TOS_FW_CONFIG_ID] = {
182 &fip_dev_handle,
183 (uintptr_t)&arm_uuid_spec[TOS_FW_CONFIG_ID],
184 open_fip
185 },
186 [NT_FW_CONFIG_ID] = {
187 &fip_dev_handle,
188 (uintptr_t)&arm_uuid_spec[NT_FW_CONFIG_ID],
189 open_fip
190 },
191 #endif /* ARM_IO_IN_DTB */
192 #if TRUSTED_BOARD_BOOT
193 [TRUSTED_BOOT_FW_CERT_ID] = {
194 &fip_dev_handle,
195 (uintptr_t)&arm_uuid_spec[TRUSTED_BOOT_FW_CERT_ID],
196 open_fip
197 },
198 #if !ARM_IO_IN_DTB
199 [TRUSTED_KEY_CERT_ID] = {
200 &fip_dev_handle,
201 (uintptr_t)&arm_uuid_spec[TRUSTED_KEY_CERT_ID],
202 open_fip
203 },
204 [SCP_FW_KEY_CERT_ID] = {
205 &fip_dev_handle,
206 (uintptr_t)&arm_uuid_spec[SCP_FW_KEY_CERT_ID],
207 open_fip
208 },
209 [SOC_FW_KEY_CERT_ID] = {
210 &fip_dev_handle,
211 (uintptr_t)&arm_uuid_spec[SOC_FW_KEY_CERT_ID],
212 open_fip
213 },
214 [TRUSTED_OS_FW_KEY_CERT_ID] = {
215 &fip_dev_handle,
216 (uintptr_t)&arm_uuid_spec[TRUSTED_OS_FW_KEY_CERT_ID],
217 open_fip
218 },
219 [NON_TRUSTED_FW_KEY_CERT_ID] = {
220 &fip_dev_handle,
221 (uintptr_t)&arm_uuid_spec[NON_TRUSTED_FW_KEY_CERT_ID],
222 open_fip
223 },
224 [SCP_FW_CONTENT_CERT_ID] = {
225 &fip_dev_handle,
226 (uintptr_t)&arm_uuid_spec[SCP_FW_CONTENT_CERT_ID],
227 open_fip
228 },
229 [SOC_FW_CONTENT_CERT_ID] = {
230 &fip_dev_handle,
231 (uintptr_t)&arm_uuid_spec[SOC_FW_CONTENT_CERT_ID],
232 open_fip
233 },
234 [TRUSTED_OS_FW_CONTENT_CERT_ID] = {
235 &fip_dev_handle,
236 (uintptr_t)&arm_uuid_spec[TRUSTED_OS_FW_CONTENT_CERT_ID],
237 open_fip
238 },
239 [NON_TRUSTED_FW_CONTENT_CERT_ID] = {
240 &fip_dev_handle,
241 (uintptr_t)&arm_uuid_spec[NON_TRUSTED_FW_CONTENT_CERT_ID],
242 open_fip
243 },
244 #if defined(SPD_spmd)
245 [SIP_SP_CONTENT_CERT_ID] = {
246 &fip_dev_handle,
247 (uintptr_t)&arm_uuid_spec[SIP_SP_CONTENT_CERT_ID],
248 open_fip
249 },
250 [PLAT_SP_CONTENT_CERT_ID] = {
251 &fip_dev_handle,
252 (uintptr_t)&arm_uuid_spec[PLAT_SP_CONTENT_CERT_ID],
253 open_fip
254 },
255 #endif
256 #endif /* ARM_IO_IN_DTB */
257 #endif /* TRUSTED_BOARD_BOOT */
258 };
259
260 #ifdef IMAGE_BL2
261
262 #if TRUSTED_BOARD_BOOT
263 #define FCONF_ARM_IO_UUID_NUMBER U(21)
264 #else
265 #define FCONF_ARM_IO_UUID_NUMBER U(10)
266 #endif
267
268 static io_uuid_spec_t fconf_arm_uuids[FCONF_ARM_IO_UUID_NUMBER];
269 static OBJECT_POOL_ARRAY(fconf_arm_uuids_pool, fconf_arm_uuids);
270
271 struct policies_load_info {
272 unsigned int image_id;
273 const char *name;
274 };
275
276 /* image id to property name table */
277 static const struct policies_load_info load_info[FCONF_ARM_IO_UUID_NUMBER] = {
278 {SCP_BL2_IMAGE_ID, "scp_bl2_uuid"},
279 {BL31_IMAGE_ID, "bl31_uuid"},
280 {BL32_IMAGE_ID, "bl32_uuid"},
281 {BL32_EXTRA1_IMAGE_ID, "bl32_extra1_uuid"},
282 {BL32_EXTRA2_IMAGE_ID, "bl32_extra2_uuid"},
283 {BL33_IMAGE_ID, "bl33_uuid"},
284 {HW_CONFIG_ID, "hw_cfg_uuid"},
285 {SOC_FW_CONFIG_ID, "soc_fw_cfg_uuid"},
286 {TOS_FW_CONFIG_ID, "tos_fw_cfg_uuid"},
287 {NT_FW_CONFIG_ID, "nt_fw_cfg_uuid"},
288 #if TRUSTED_BOARD_BOOT
289 {TRUSTED_KEY_CERT_ID, "t_key_cert_uuid"},
290 {SCP_FW_KEY_CERT_ID, "scp_fw_key_uuid"},
291 {SOC_FW_KEY_CERT_ID, "soc_fw_key_uuid"},
292 {TRUSTED_OS_FW_KEY_CERT_ID, "tos_fw_key_cert_uuid"},
293 {NON_TRUSTED_FW_KEY_CERT_ID, "nt_fw_key_cert_uuid"},
294 {SCP_FW_CONTENT_CERT_ID, "scp_fw_content_cert_uuid"},
295 {SOC_FW_CONTENT_CERT_ID, "soc_fw_content_cert_uuid"},
296 {TRUSTED_OS_FW_CONTENT_CERT_ID, "tos_fw_content_cert_uuid"},
297 {NON_TRUSTED_FW_CONTENT_CERT_ID, "nt_fw_content_cert_uuid"},
298 #if defined(SPD_spmd)
299 {SIP_SP_CONTENT_CERT_ID, "sip_sp_content_cert_uuid"},
300 {PLAT_SP_CONTENT_CERT_ID, "plat_sp_content_cert_uuid"},
301 #endif
302 #endif /* TRUSTED_BOARD_BOOT */
303 };
304
fconf_populate_arm_io_policies(uintptr_t config)305 int fconf_populate_arm_io_policies(uintptr_t config)
306 {
307 int err, node;
308 unsigned int i;
309
310 union uuid_helper_t uuid_helper;
311 io_uuid_spec_t *uuid_ptr;
312
313 /* As libfdt uses void *, we can't avoid this cast */
314 const void *dtb = (void *)config;
315
316 /* Assert the node offset point to "arm,io-fip-handle" compatible property */
317 const char *compatible_str = "arm,io-fip-handle";
318 node = fdt_node_offset_by_compatible(dtb, -1, compatible_str);
319 if (node < 0) {
320 ERROR("FCONF: Can't find %s compatible in dtb\n", compatible_str);
321 return node;
322 }
323
324 /* Locate the uuid cells and read the value for all the load info uuid */
325 for (i = 0; i < FCONF_ARM_IO_UUID_NUMBER; i++) {
326 uuid_ptr = pool_alloc(&fconf_arm_uuids_pool);
327 err = fdtw_read_uuid(dtb, node, load_info[i].name, 16,
328 (uint8_t *)&uuid_helper);
329 if (err < 0) {
330 WARN("FCONF: Read cell failed for %s\n", load_info[i].name);
331 return err;
332 }
333
334 VERBOSE("FCONF: arm-io_policies.%s cell found with value = "
335 "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x\n",
336 load_info[i].name,
337 uuid_helper.uuid_struct.time_low[0], uuid_helper.uuid_struct.time_low[1],
338 uuid_helper.uuid_struct.time_low[2], uuid_helper.uuid_struct.time_low[3],
339 uuid_helper.uuid_struct.time_mid[0], uuid_helper.uuid_struct.time_mid[1],
340 uuid_helper.uuid_struct.time_hi_and_version[0],
341 uuid_helper.uuid_struct.time_hi_and_version[1],
342 uuid_helper.uuid_struct.clock_seq_hi_and_reserved,
343 uuid_helper.uuid_struct.clock_seq_low,
344 uuid_helper.uuid_struct.node[0], uuid_helper.uuid_struct.node[1],
345 uuid_helper.uuid_struct.node[2], uuid_helper.uuid_struct.node[3],
346 uuid_helper.uuid_struct.node[4], uuid_helper.uuid_struct.node[5]);
347
348 uuid_ptr->uuid = uuid_helper.uuid_struct;
349 policies[load_info[i].image_id].image_spec = (uintptr_t)uuid_ptr;
350 policies[load_info[i].image_id].dev_handle = &fip_dev_handle;
351 policies[load_info[i].image_id].check = open_fip;
352 }
353 return 0;
354 }
355
356 #if ARM_IO_IN_DTB
357 FCONF_REGISTER_POPULATOR(TB_FW, arm_io, fconf_populate_arm_io_policies);
358 #endif /* ARM_IO_IN_DTB */
359
360 #endif /* IMAGE_BL2 */
361