plat/arm/common/arm_dyn_cfg.c - imx-atf - Git at Google

 /*
  * Copyright (c) 2018, ARM Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */

 #include <arm_dyn_cfg_helpers.h>
 #include <assert.h>
 #include <debug.h>
 #include <desc_image_load.h>
 #if TRUSTED_BOARD_BOOT
 #include <mbedtls_config.h>
 #endif
 #include <plat_arm.h>
 #include <platform.h>
 #include <platform_def.h>
 #include <string.h>
 #include <tbbr_img_def.h>


 /* Variable to store the address to TB_FW_CONFIG passed from BL1 */
 static void *tb_fw_cfg_dtb;
 static size_t tb_fw_cfg_dtb_size;


 #if TRUSTED_BOARD_BOOT

 static void *mbedtls_heap_addr;
 static size_t mbedtls_heap_size;

 /*
  * This function is the implementation of the shared Mbed TLS heap between
  * BL1 and BL2 for Arm platforms. The shared heap address is passed from BL1
  * to BL2 with a pointer. This pointer resides inside the TB_FW_CONFIG file
  * which is a DTB.
  *
  * This function is placed inside an #if directive for the below reasons:
  *   - To allocate space for the Mbed TLS heap --only if-- Trusted Board Boot
  *     is enabled.
  *   - This implementation requires the DTB to be present so that BL1 has a
  *     mechanism to pass the pointer to BL2.
  */
 int arm_get_mbedtls_heap(void **heap_addr, size_t *heap_size)
 {
 	assert(heap_addr != NULL);
 	assert(heap_size != NULL);

 #if defined(IMAGE_BL1) || BL2_AT_EL3

 	/* If in BL1 or BL2_AT_EL3 define a heap */
 	static unsigned char heap[TF_MBEDTLS_HEAP_SIZE];

 	*heap_addr = heap;
 	*heap_size = sizeof(heap);
 	mbedtls_heap_addr = heap;
 	mbedtls_heap_size = sizeof(heap);

 #elif defined(IMAGE_BL2)

 	int err;

 	/* If in BL2, retrieve the already allocated heap's info from DTB */
 	if (tb_fw_cfg_dtb != NULL) {
 		err = arm_get_dtb_mbedtls_heap_info(tb_fw_cfg_dtb, heap_addr,
 			heap_size);
 		if (err < 0) {
 			ERROR("BL2: unable to retrieve shared Mbed TLS heap information from DTB\n");
 			panic();
 		}
 	} else {
 		ERROR("BL2: DTB missing, cannot get Mbed TLS heap\n");
 		panic();
 	}
 #endif

 	return 0;
 }

 /*
  * Puts the shared Mbed TLS heap information to the DTB.
  * Executed only from BL1.
  */
 void arm_bl1_set_mbedtls_heap(void)
 {
 	int err;

 	/*
 	 * If tb_fw_cfg_dtb==NULL then DTB is not present for the current
 	 * platform. As such, we don't attempt to write to the DTB at all.
 	 *
 	 * If mbedtls_heap_addr==NULL, then it means we are using the default
 	 * heap implementation. As such, BL2 will have its own heap for sure
 	 * and hence there is no need to pass any information to the DTB.
 	 *
 	 * In the latter case, if we still wanted to write in the DTB the heap
 	 * information, we would need to call plat_get_mbedtls_heap to retrieve
 	 * the default heap's address and size.
 	 */
 	if ((tb_fw_cfg_dtb != NULL) && (mbedtls_heap_addr != NULL)) {
 		err = arm_set_dtb_mbedtls_heap_info(tb_fw_cfg_dtb,
 			mbedtls_heap_addr, mbedtls_heap_size);
 		if (err < 0) {
 			ERROR("BL1: unable to write shared Mbed TLS heap information to DTB\n");
 			panic();
 		}
 		/*
 		 * Ensure that the info written to the DTB is visible to other
 		 * images. It's critical because BL2 won't be able to proceed
 		 * without the heap info.
 		 */
 		flush_dcache_range((uintptr_t)tb_fw_cfg_dtb,
 			tb_fw_cfg_dtb_size);
 	}
 }

 #endif /* TRUSTED_BOARD_BOOT */

 /*
  * Helper function to load TB_FW_CONFIG and populate the load information to
  * arg0 of BL2 entrypoint info.
  */
 void arm_load_tb_fw_config(void)
 {
 	int err;
 	uintptr_t config_base = 0;
 	image_desc_t *image_desc;

 	image_desc_t arm_tb_fw_info = {
 		.image_id = TB_FW_CONFIG_ID,
 		SET_STATIC_PARAM_HEAD(image_info, PARAM_IMAGE_BINARY,
 				VERSION_2, image_info_t, 0),
 		.image_info.image_base = ARM_TB_FW_CONFIG_BASE,
 		.image_info.image_max_size =
 			ARM_TB_FW_CONFIG_LIMIT - ARM_TB_FW_CONFIG_BASE
 	};

 	VERBOSE("BL1: Loading TB_FW_CONFIG\n");
 	err = load_auth_image(TB_FW_CONFIG_ID, &arm_tb_fw_info.image_info);
 	if (err != 0) {
 		/* Return if TB_FW_CONFIG is not loaded */
 		VERBOSE("Failed to load TB_FW_CONFIG\n");
 		return;
 	}

 	/* At this point we know that a DTB is indeed available */
 	config_base = arm_tb_fw_info.image_info.image_base;
 	tb_fw_cfg_dtb = (void *)config_base;
 	tb_fw_cfg_dtb_size = (size_t)arm_tb_fw_info.image_info.image_max_size;

 	/* The BL2 ep_info arg0 is modified to point to TB_FW_CONFIG */
 	image_desc = bl1_plat_get_image_desc(BL2_IMAGE_ID);
 	assert(image_desc != NULL);
 	image_desc->ep_info.args.arg0 = config_base;

 	INFO("BL1: TB_FW_CONFIG loaded at address = %p\n",
 			(void *) config_base);

 #if TRUSTED_BOARD_BOOT && defined(DYN_DISABLE_AUTH)
 	int tb_fw_node;
 	uint32_t disable_auth = 0;

 	err = arm_dyn_tb_fw_cfg_init((void *)config_base, &tb_fw_node);
 	if (err < 0) {
 		ERROR("Invalid TB_FW_CONFIG loaded\n");
 		panic();
 	}

 	err = arm_dyn_get_disable_auth((void *)config_base, tb_fw_node, &disable_auth);
 	if (err < 0)
 		return;

 	if (disable_auth == 1)
 		dyn_disable_auth();
 #endif
 }

 /*
  * BL2 utility function to set the address of TB_FW_CONFIG passed from BL1.
  */
 void arm_bl2_set_tb_cfg_addr(void *dtb)
 {
 	assert(dtb != NULL);
 	tb_fw_cfg_dtb = dtb;
 }

 /*
  * BL2 utility function to initialize dynamic configuration specified by
  * TB_FW_CONFIG. Populate the bl_mem_params_node_t of other FW_CONFIGs if
  * specified in TB_FW_CONFIG.
  */
 void arm_bl2_dyn_cfg_init(void)
 {
 	int err = 0, tb_fw_node;
 	unsigned int i;
 	bl_mem_params_node_t *cfg_mem_params = NULL;
 	uint64_t image_base;
 	uint32_t image_size;
 	const unsigned int config_ids[] = {
 			HW_CONFIG_ID,
 			SOC_FW_CONFIG_ID,
 			NT_FW_CONFIG_ID,
 #ifdef SPD_tspd
 			/* Currently tos_fw_config is only present for TSP */
 			TOS_FW_CONFIG_ID
 #endif
 	};

 	if (tb_fw_cfg_dtb == NULL) {
 		VERBOSE("No TB_FW_CONFIG specified\n");
 		return;
 	}

 	err = arm_dyn_tb_fw_cfg_init(tb_fw_cfg_dtb, &tb_fw_node);
 	if (err < 0) {
 		ERROR("Invalid TB_FW_CONFIG passed from BL1\n");
 		panic();
 	}

 	/* Iterate through all the fw config IDs */
 	for (i = 0; i < ARRAY_SIZE(config_ids); i++) {
 		/* Get the config load address and size from TB_FW_CONFIG */
 		cfg_mem_params = get_bl_mem_params_node(config_ids[i]);
 		if (cfg_mem_params == NULL) {
 			VERBOSE("Couldn't find HW_CONFIG in bl_mem_params_node\n");
 			continue;
 		}

 		err = arm_dyn_get_config_load_info(tb_fw_cfg_dtb, tb_fw_node,
 				config_ids[i], &image_base, &image_size);
 		if (err < 0) {
 			VERBOSE("Couldn't find config_id %d load info in TB_FW_CONFIG\n",
 					config_ids[i]);
 			continue;
 		}

 		/*
 		 * Do some runtime checks on the load addresses of soc_fw_config,
 		 * tos_fw_config, nt_fw_config. This is not a comprehensive check
 		 * of all invalid addresses but to prevent trivial porting errors.
 		 */
 		if (config_ids[i] != HW_CONFIG_ID) {

 			if (check_uptr_overflow(image_base, image_size) != 0)
 				continue;

 			/* Ensure the configs don't overlap with BL31 */
 			if ((image_base > BL31_BASE) || ((image_base + image_size) > BL31_BASE))
 				continue;

 			/* Ensure the configs are loaded in a valid address */
 			if (image_base < ARM_BL_RAM_BASE)
 				continue;
 #ifdef BL32_BASE
 			/*
 			 * If BL32 is present, ensure that the configs don't
 			 * overlap with it.
 			 */
 			if (image_base >= BL32_BASE && image_base <= BL32_LIMIT)
 				continue;
 #endif
 		}


 		cfg_mem_params->image_info.image_base = (uintptr_t)image_base;
 		cfg_mem_params->image_info.image_max_size = image_size;

 		/* Remove the IMAGE_ATTRIB_SKIP_LOADING attribute from HW_CONFIG node */
 		cfg_mem_params->image_info.h.attr &= ~IMAGE_ATTRIB_SKIP_LOADING;
 	}

 #if TRUSTED_BOARD_BOOT && defined(DYN_DISABLE_AUTH)
 	uint32_t disable_auth = 0;

 	err = arm_dyn_get_disable_auth(tb_fw_cfg_dtb, tb_fw_node,
 					&disable_auth);
 	if (err < 0)
 		return;

 	if (disable_auth == 1)
 		dyn_disable_auth();
 #endif
 }
	/*
	* Copyright (c) 2018, ARM Limited and Contributors. All rights reserved.
	*
	* SPDX-License-Identifier: BSD-3-Clause
	*/

	#include <arm_dyn_cfg_helpers.h>
	#include <assert.h>
	#include <debug.h>
	#include <desc_image_load.h>
	#if TRUSTED_BOARD_BOOT
	#include <mbedtls_config.h>
	#endif
	#include <plat_arm.h>
	#include <platform.h>
	#include <platform_def.h>
	#include <string.h>
	#include <tbbr_img_def.h>


	/* Variable to store the address to TB_FW_CONFIG passed from BL1 */
	static void *tb_fw_cfg_dtb;
	static size_t tb_fw_cfg_dtb_size;


	#if TRUSTED_BOARD_BOOT

	static void *mbedtls_heap_addr;
	static size_t mbedtls_heap_size;

	/*
	* This function is the implementation of the shared Mbed TLS heap between
	* BL1 and BL2 for Arm platforms. The shared heap address is passed from BL1
	* to BL2 with a pointer. This pointer resides inside the TB_FW_CONFIG file
	* which is a DTB.
	*
	* This function is placed inside an #if directive for the below reasons:
	* - To allocate space for the Mbed TLS heap --only if-- Trusted Board Boot
	* is enabled.
	* - This implementation requires the DTB to be present so that BL1 has a
	* mechanism to pass the pointer to BL2.
	*/
	int arm_get_mbedtls_heap(void *heap_addr, size_t heap_size)
	{
	assert(heap_addr != NULL);
	assert(heap_size != NULL);

	#if defined(IMAGE_BL1) \|\| BL2_AT_EL3

	/* If in BL1 or BL2_AT_EL3 define a heap */
	static unsigned char heap[TF_MBEDTLS_HEAP_SIZE];

	*heap_addr = heap;
	*heap_size = sizeof(heap);
	mbedtls_heap_addr = heap;
	mbedtls_heap_size = sizeof(heap);

	#elif defined(IMAGE_BL2)

	int err;

	/* If in BL2, retrieve the already allocated heap's info from DTB */
	if (tb_fw_cfg_dtb != NULL) {
	err = arm_get_dtb_mbedtls_heap_info(tb_fw_cfg_dtb, heap_addr,
	heap_size);
	if (err < 0) {
	ERROR("BL2: unable to retrieve shared Mbed TLS heap information from DTB\n");
	panic();
	}
	} else {
	ERROR("BL2: DTB missing, cannot get Mbed TLS heap\n");
	panic();
	}
	#endif

	return 0;
	}

	/*
	* Puts the shared Mbed TLS heap information to the DTB.
	* Executed only from BL1.
	*/
	void arm_bl1_set_mbedtls_heap(void)
	{
	int err;

	/*
	* If tb_fw_cfg_dtb==NULL then DTB is not present for the current
	* platform. As such, we don't attempt to write to the DTB at all.
	*
	* If mbedtls_heap_addr==NULL, then it means we are using the default
	* heap implementation. As such, BL2 will have its own heap for sure
	* and hence there is no need to pass any information to the DTB.
	*
	* In the latter case, if we still wanted to write in the DTB the heap
	* information, we would need to call plat_get_mbedtls_heap to retrieve
	* the default heap's address and size.
	*/
	if ((tb_fw_cfg_dtb != NULL) && (mbedtls_heap_addr != NULL)) {
	err = arm_set_dtb_mbedtls_heap_info(tb_fw_cfg_dtb,
	mbedtls_heap_addr, mbedtls_heap_size);
	if (err < 0) {
	ERROR("BL1: unable to write shared Mbed TLS heap information to DTB\n");
	panic();
	}
	/*
	* Ensure that the info written to the DTB is visible to other
	* images. It's critical because BL2 won't be able to proceed
	* without the heap info.
	*/
	flush_dcache_range((uintptr_t)tb_fw_cfg_dtb,
	tb_fw_cfg_dtb_size);
	}
	}

	#endif /* TRUSTED_BOARD_BOOT */

	/*
	* Helper function to load TB_FW_CONFIG and populate the load information to
	* arg0 of BL2 entrypoint info.
	*/
	void arm_load_tb_fw_config(void)
	{
	int err;
	uintptr_t config_base = 0;
	image_desc_t *image_desc;

	image_desc_t arm_tb_fw_info = {
	.image_id = TB_FW_CONFIG_ID,
	SET_STATIC_PARAM_HEAD(image_info, PARAM_IMAGE_BINARY,
	VERSION_2, image_info_t, 0),
	.image_info.image_base = ARM_TB_FW_CONFIG_BASE,
	.image_info.image_max_size =
	ARM_TB_FW_CONFIG_LIMIT - ARM_TB_FW_CONFIG_BASE
	};

	VERBOSE("BL1: Loading TB_FW_CONFIG\n");
	err = load_auth_image(TB_FW_CONFIG_ID, &arm_tb_fw_info.image_info);
	if (err != 0) {
	/* Return if TB_FW_CONFIG is not loaded */
	VERBOSE("Failed to load TB_FW_CONFIG\n");
	return;
	}

	/* At this point we know that a DTB is indeed available */
	config_base = arm_tb_fw_info.image_info.image_base;
	tb_fw_cfg_dtb = (void *)config_base;
	tb_fw_cfg_dtb_size = (size_t)arm_tb_fw_info.image_info.image_max_size;

	/* The BL2 ep_info arg0 is modified to point to TB_FW_CONFIG */
	image_desc = bl1_plat_get_image_desc(BL2_IMAGE_ID);
	assert(image_desc != NULL);
	image_desc->ep_info.args.arg0 = config_base;

	INFO("BL1: TB_FW_CONFIG loaded at address = %p\n",
	(void *) config_base);

	#if TRUSTED_BOARD_BOOT && defined(DYN_DISABLE_AUTH)
	int tb_fw_node;
	uint32_t disable_auth = 0;

	err = arm_dyn_tb_fw_cfg_init((void *)config_base, &tb_fw_node);
	if (err < 0) {
	ERROR("Invalid TB_FW_CONFIG loaded\n");
	panic();
	}

	err = arm_dyn_get_disable_auth((void *)config_base, tb_fw_node, &disable_auth);
	if (err < 0)
	return;

	if (disable_auth == 1)
	dyn_disable_auth();
	#endif
	}

	/*
	* BL2 utility function to set the address of TB_FW_CONFIG passed from BL1.
	*/
	void arm_bl2_set_tb_cfg_addr(void *dtb)
	{
	assert(dtb != NULL);
	tb_fw_cfg_dtb = dtb;
	}

	/*
	* BL2 utility function to initialize dynamic configuration specified by
	* TB_FW_CONFIG. Populate the bl_mem_params_node_t of other FW_CONFIGs if
	* specified in TB_FW_CONFIG.
	*/
	void arm_bl2_dyn_cfg_init(void)
	{
	int err = 0, tb_fw_node;
	unsigned int i;
	bl_mem_params_node_t *cfg_mem_params = NULL;
	uint64_t image_base;
	uint32_t image_size;
	const unsigned int config_ids[] = {
	HW_CONFIG_ID,
	SOC_FW_CONFIG_ID,
	NT_FW_CONFIG_ID,
	#ifdef SPD_tspd
	/* Currently tos_fw_config is only present for TSP */
	TOS_FW_CONFIG_ID
	#endif
	};

	if (tb_fw_cfg_dtb == NULL) {
	VERBOSE("No TB_FW_CONFIG specified\n");
	return;
	}

	err = arm_dyn_tb_fw_cfg_init(tb_fw_cfg_dtb, &tb_fw_node);
	if (err < 0) {
	ERROR("Invalid TB_FW_CONFIG passed from BL1\n");
	panic();
	}

	/* Iterate through all the fw config IDs */
	for (i = 0; i < ARRAY_SIZE(config_ids); i++) {
	/* Get the config load address and size from TB_FW_CONFIG */
	cfg_mem_params = get_bl_mem_params_node(config_ids[i]);
	if (cfg_mem_params == NULL) {
	VERBOSE("Couldn't find HW_CONFIG in bl_mem_params_node\n");
	continue;
	}

	err = arm_dyn_get_config_load_info(tb_fw_cfg_dtb, tb_fw_node,
	config_ids[i], &image_base, &image_size);
	if (err < 0) {
	VERBOSE("Couldn't find config_id %d load info in TB_FW_CONFIG\n",
	config_ids[i]);
	continue;
	}

	/*
	* Do some runtime checks on the load addresses of soc_fw_config,
	* tos_fw_config, nt_fw_config. This is not a comprehensive check
	* of all invalid addresses but to prevent trivial porting errors.
	*/
	if (config_ids[i] != HW_CONFIG_ID) {

	if (check_uptr_overflow(image_base, image_size) != 0)
	continue;

	/* Ensure the configs don't overlap with BL31 */
	if ((image_base > BL31_BASE) \|\| ((image_base + image_size) > BL31_BASE))
	continue;

	/* Ensure the configs are loaded in a valid address */
	if (image_base < ARM_BL_RAM_BASE)
	continue;
	#ifdef BL32_BASE
	/*
	* If BL32 is present, ensure that the configs don't
	* overlap with it.
	*/
	if (image_base >= BL32_BASE && image_base <= BL32_LIMIT)
	continue;
	#endif
	}


	cfg_mem_params->image_info.image_base = (uintptr_t)image_base;
	cfg_mem_params->image_info.image_max_size = image_size;

	/* Remove the IMAGE_ATTRIB_SKIP_LOADING attribute from HW_CONFIG node */
	cfg_mem_params->image_info.h.attr &= ~IMAGE_ATTRIB_SKIP_LOADING;
	}

	#if TRUSTED_BOARD_BOOT && defined(DYN_DISABLE_AUTH)
	uint32_t disable_auth = 0;

	err = arm_dyn_get_disable_auth(tb_fw_cfg_dtb, tb_fw_node,
	&disable_auth);
	if (err < 0)
	return;

	if (disable_auth == 1)
	dyn_disable_auth();
	#endif
	}