1 /*
2 * Copyright (c) 2015-2021, ARM Limited and Contributors. All rights reserved.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 */
6
7 #include <assert.h>
8 #include <string.h>
9
10 #include <platform_def.h>
11
12 #include <arch_features.h>
13 #include <arch_helpers.h>
14 #include <common/bl_common.h>
15 #include <common/debug.h>
16 #include <common/desc_image_load.h>
17 #include <drivers/generic_delay_timer.h>
18 #include <drivers/partition/partition.h>
19 #include <lib/fconf/fconf.h>
20 #include <lib/fconf/fconf_dyn_cfg_getter.h>
21 #if ENABLE_RME
22 #include <lib/gpt_rme/gpt_rme.h>
23 #endif /* ENABLE_RME */
24 #ifdef SPD_opteed
25 #include <lib/optee_utils.h>
26 #endif
27 #include <lib/utils.h>
28 #if ENABLE_RME
29 #include <plat/arm/common/arm_pas_def.h>
30 #endif /* ENABLE_RME */
31 #include <plat/arm/common/plat_arm.h>
32 #include <plat/common/platform.h>
33
34 /* Data structure which holds the extents of the trusted SRAM for BL2 */
35 static meminfo_t bl2_tzram_layout __aligned(CACHE_WRITEBACK_GRANULE);
36
37 /* Base address of fw_config received from BL1 */
38 static uintptr_t config_base;
39
40 /*
41 * Check that BL2_BASE is above ARM_FW_CONFIG_LIMIT. This reserved page is
42 * for `meminfo_t` data structure and fw_configs passed from BL1.
43 */
44 CASSERT(BL2_BASE >= ARM_FW_CONFIG_LIMIT, assert_bl2_base_overflows);
45
46 /* Weak definitions may be overridden in specific ARM standard platform */
47 #pragma weak bl2_early_platform_setup2
48 #pragma weak bl2_platform_setup
49 #pragma weak bl2_plat_arch_setup
50 #pragma weak bl2_plat_sec_mem_layout
51
52 #if ENABLE_RME
53 #define MAP_BL2_TOTAL MAP_REGION_FLAT( \
54 bl2_tzram_layout.total_base, \
55 bl2_tzram_layout.total_size, \
56 MT_MEMORY | MT_RW | MT_ROOT)
57 #else
58 #define MAP_BL2_TOTAL MAP_REGION_FLAT( \
59 bl2_tzram_layout.total_base, \
60 bl2_tzram_layout.total_size, \
61 MT_MEMORY | MT_RW | MT_SECURE)
62 #endif /* ENABLE_RME */
63
64 #pragma weak arm_bl2_plat_handle_post_image_load
65
66 /*******************************************************************************
67 * BL1 has passed the extents of the trusted SRAM that should be visible to BL2
68 * in x0. This memory layout is sitting at the base of the free trusted SRAM.
69 * Copy it to a safe location before its reclaimed by later BL2 functionality.
70 ******************************************************************************/
arm_bl2_early_platform_setup(uintptr_t fw_config,struct meminfo * mem_layout)71 void arm_bl2_early_platform_setup(uintptr_t fw_config,
72 struct meminfo *mem_layout)
73 {
74 /* Initialize the console to provide early debug support */
75 arm_console_boot_init();
76
77 /* Setup the BL2 memory layout */
78 bl2_tzram_layout = *mem_layout;
79
80 config_base = fw_config;
81
82 /* Initialise the IO layer and register platform IO devices */
83 plat_arm_io_setup();
84
85 /* Load partition table */
86 #if ARM_GPT_SUPPORT
87 partition_init(GPT_IMAGE_ID);
88 #endif /* ARM_GPT_SUPPORT */
89
90 }
91
bl2_early_platform_setup2(u_register_t arg0,u_register_t arg1,u_register_t arg2,u_register_t arg3)92 void bl2_early_platform_setup2(u_register_t arg0, u_register_t arg1, u_register_t arg2, u_register_t arg3)
93 {
94 arm_bl2_early_platform_setup((uintptr_t)arg0, (meminfo_t *)arg1);
95
96 generic_delay_timer_init();
97 }
98
99 /*
100 * Perform BL2 preload setup. Currently we initialise the dynamic
101 * configuration here.
102 */
bl2_plat_preload_setup(void)103 void bl2_plat_preload_setup(void)
104 {
105 arm_bl2_dyn_cfg_init();
106
107 #if ARM_GPT_SUPPORT && !PSA_FWU_SUPPORT
108 /* Always use the FIP from bank 0 */
109 arm_set_fip_addr(0U);
110 #endif /* ARM_GPT_SUPPORT && !PSA_FWU_SUPPORT */
111 }
112
113 /*
114 * Perform ARM standard platform setup.
115 */
arm_bl2_platform_setup(void)116 void arm_bl2_platform_setup(void)
117 {
118 #if !ENABLE_RME
119 /* Initialize the secure environment */
120 plat_arm_security_setup();
121 #endif
122
123 #if defined(PLAT_ARM_MEM_PROT_ADDR)
124 arm_nor_psci_do_static_mem_protect();
125 #endif
126 }
127
bl2_platform_setup(void)128 void bl2_platform_setup(void)
129 {
130 arm_bl2_platform_setup();
131 }
132
133 #if ENABLE_RME
134
arm_bl2_plat_gpt_setup(void)135 static void arm_bl2_plat_gpt_setup(void)
136 {
137 /*
138 * The GPT library might modify the gpt regions structure to optimize
139 * the layout, so the array cannot be constant.
140 */
141 pas_region_t pas_regions[] = {
142 ARM_PAS_KERNEL,
143 ARM_PAS_SECURE,
144 ARM_PAS_REALM,
145 ARM_PAS_EL3_DRAM,
146 ARM_PAS_GPTS
147 };
148
149 /* Initialize entire protected space to GPT_GPI_ANY. */
150 if (gpt_init_l0_tables(GPCCR_PPS_4GB, ARM_L0_GPT_ADDR_BASE,
151 ARM_L0_GPT_SIZE) < 0) {
152 ERROR("gpt_init_l0_tables() failed!\n");
153 panic();
154 }
155
156 /* Carve out defined PAS ranges. */
157 if (gpt_init_pas_l1_tables(GPCCR_PGS_4K,
158 ARM_L1_GPT_ADDR_BASE,
159 ARM_L1_GPT_SIZE,
160 pas_regions,
161 (unsigned int)(sizeof(pas_regions) /
162 sizeof(pas_region_t))) < 0) {
163 ERROR("gpt_init_pas_l1_tables() failed!\n");
164 panic();
165 }
166
167 INFO("Enabling Granule Protection Checks\n");
168 if (gpt_enable() < 0) {
169 ERROR("gpt_enable() failed!\n");
170 panic();
171 }
172 }
173
174 #endif /* ENABLE_RME */
175
176 /*******************************************************************************
177 * Perform the very early platform specific architectural setup here.
178 * When RME is enabled the secure environment is initialised before
179 * initialising and enabling Granule Protection.
180 * This function initialises the MMU in a quick and dirty way.
181 ******************************************************************************/
arm_bl2_plat_arch_setup(void)182 void arm_bl2_plat_arch_setup(void)
183 {
184 #if USE_COHERENT_MEM && !ARM_CRYPTOCELL_INTEG
185 /*
186 * Ensure ARM platforms don't use coherent memory in BL2 unless
187 * cryptocell integration is enabled.
188 */
189 assert((BL_COHERENT_RAM_END - BL_COHERENT_RAM_BASE) == 0U);
190 #endif
191
192 const mmap_region_t bl_regions[] = {
193 MAP_BL2_TOTAL,
194 ARM_MAP_BL_RO,
195 #if USE_ROMLIB
196 ARM_MAP_ROMLIB_CODE,
197 ARM_MAP_ROMLIB_DATA,
198 #endif
199 #if ARM_CRYPTOCELL_INTEG
200 ARM_MAP_BL_COHERENT_RAM,
201 #endif
202 ARM_MAP_BL_CONFIG_REGION,
203 #if ENABLE_RME
204 ARM_MAP_L0_GPT_REGION,
205 #endif
206 {0}
207 };
208
209 #if ENABLE_RME
210 /* Initialise the secure environment */
211 plat_arm_security_setup();
212 #endif
213 setup_page_tables(bl_regions, plat_arm_get_mmap());
214
215 #ifdef __aarch64__
216 #if ENABLE_RME
217 /* BL2 runs in EL3 when RME enabled. */
218 assert(get_armv9_2_feat_rme_support() != 0U);
219 enable_mmu_el3(0);
220
221 /* Initialise and enable granule protection after MMU. */
222 arm_bl2_plat_gpt_setup();
223 #else
224 enable_mmu_el1(0);
225 #endif
226 #else
227 enable_mmu_svc_mon(0);
228 #endif
229
230 arm_setup_romlib();
231 }
232
bl2_plat_arch_setup(void)233 void bl2_plat_arch_setup(void)
234 {
235 const struct dyn_cfg_dtb_info_t *tb_fw_config_info;
236
237 arm_bl2_plat_arch_setup();
238
239 /* Fill the properties struct with the info from the config dtb */
240 fconf_populate("FW_CONFIG", config_base);
241
242 /* TB_FW_CONFIG was also loaded by BL1 */
243 tb_fw_config_info = FCONF_GET_PROPERTY(dyn_cfg, dtb, TB_FW_CONFIG_ID);
244 assert(tb_fw_config_info != NULL);
245
246 fconf_populate("TB_FW", tb_fw_config_info->config_addr);
247 }
248
arm_bl2_handle_post_image_load(unsigned int image_id)249 int arm_bl2_handle_post_image_load(unsigned int image_id)
250 {
251 int err = 0;
252 bl_mem_params_node_t *bl_mem_params = get_bl_mem_params_node(image_id);
253 #ifdef SPD_opteed
254 bl_mem_params_node_t *pager_mem_params = NULL;
255 bl_mem_params_node_t *paged_mem_params = NULL;
256 #endif
257 assert(bl_mem_params != NULL);
258
259 switch (image_id) {
260 #ifdef __aarch64__
261 case BL32_IMAGE_ID:
262 #ifdef SPD_opteed
263 pager_mem_params = get_bl_mem_params_node(BL32_EXTRA1_IMAGE_ID);
264 assert(pager_mem_params);
265
266 paged_mem_params = get_bl_mem_params_node(BL32_EXTRA2_IMAGE_ID);
267 assert(paged_mem_params);
268
269 err = parse_optee_header(&bl_mem_params->ep_info,
270 &pager_mem_params->image_info,
271 &paged_mem_params->image_info);
272 if (err != 0) {
273 WARN("OPTEE header parse error.\n");
274 }
275 #endif
276 bl_mem_params->ep_info.spsr = arm_get_spsr_for_bl32_entry();
277 break;
278 #endif
279
280 case BL33_IMAGE_ID:
281 /* BL33 expects to receive the primary CPU MPID (through r0) */
282 bl_mem_params->ep_info.args.arg0 = 0xffff & read_mpidr();
283 bl_mem_params->ep_info.spsr = arm_get_spsr_for_bl33_entry();
284 break;
285
286 #ifdef SCP_BL2_BASE
287 case SCP_BL2_IMAGE_ID:
288 /* The subsequent handling of SCP_BL2 is platform specific */
289 err = plat_arm_bl2_handle_scp_bl2(&bl_mem_params->image_info);
290 if (err) {
291 WARN("Failure in platform-specific handling of SCP_BL2 image.\n");
292 }
293 break;
294 #endif
295 default:
296 /* Do nothing in default case */
297 break;
298 }
299
300 return err;
301 }
302
303 /*******************************************************************************
304 * This function can be used by the platforms to update/use image
305 * information for given `image_id`.
306 ******************************************************************************/
arm_bl2_plat_handle_post_image_load(unsigned int image_id)307 int arm_bl2_plat_handle_post_image_load(unsigned int image_id)
308 {
309 #if defined(SPD_spmd) && BL2_ENABLE_SP_LOAD
310 /* For Secure Partitions we don't need post processing */
311 if ((image_id >= (MAX_NUMBER_IDS - MAX_SP_IDS)) &&
312 (image_id < MAX_NUMBER_IDS)) {
313 return 0;
314 }
315 #endif
316 return arm_bl2_handle_post_image_load(image_id);
317 }
318
bl2_plat_handle_post_image_load(unsigned int image_id)319 int bl2_plat_handle_post_image_load(unsigned int image_id)
320 {
321 return arm_bl2_plat_handle_post_image_load(image_id);
322 }
323