Merge changes from topic "da_alp12"
* changes:
fix: allow partial success for DA test case
fix(realm): cleanup pdev after setup
chore(realm): rename rsi_ripas_respose_type to rsi_response_type
chore(real_da): move realm DA support functions
chore(host_da): move host RME DA related functions
feat(realm): added support to invoke RSI RDEV ABIs
feat(realm): align RSI ABIs with RMM spec 1.1-alp12
feat(realm_host_mgmt): added support to call RMI VDEV ABIs
feat(host_realm_mgmt): align DA RMI ABIs RMM spec 1.1-alp12
chore(include/runtime_services): update SMC RMI commands
diff --git a/include/runtime_services/host_realm_managment/host_da_helper.h b/include/runtime_services/host_realm_managment/host_da_helper.h
index 602c0f5..0f6bf6a 100644
--- a/include/runtime_services/host_realm_managment/host_da_helper.h
+++ b/include/runtime_services/host_realm_managment/host_da_helper.h
@@ -9,6 +9,89 @@
#include <host_realm_rmi.h>
+/* SPDM_MAX_CERTIFICATE_CHAIN_SIZE is 64KB */
+#define HOST_PDEV_CERT_LEN_MAX (64 * 1024)
+
+/*
+ * Measurement max supported is 4KB.
+ * todo: This will be increased if device supports returning more measurements
+ */
+#define HOST_PDEV_MEAS_LEN_MAX (4 * 1024)
+#define HOST_VDEV_MEAS_LEN_MAX (4 * 1024)
+#define HOST_VDEV_IFC_REPORT_LEN_MAX (8 * 1024)
+
+#define DEV_OBJ_CERT 0U
+#define DEV_OBJ_MEASUREMENTS 2U
+#define DEV_OBJ_INTERFACE_REPORT 3U
+
+struct host_pdev {
+ /* PDEV related fields */
+ void *pdev;
+ unsigned long pdev_flags;
+ void *pdev_aux[PDEV_PARAM_AUX_GRANULES_MAX];
+ uint32_t pdev_aux_num;
+ struct rmi_dev_comm_data *dev_comm_data;
+
+ /* Algorithm used to generate device digests */
+ uint8_t pdev_hash_algo;
+
+ /* Certificate, public key fields */
+ uint8_t cert_slot_id;
+ uint8_t *cert_chain;
+ size_t cert_chain_len;
+ void *public_key;
+ size_t public_key_len;
+ void *public_key_metadata;
+ size_t public_key_metadata_len;
+ unsigned char public_key_sig_algo;
+
+ /* PCIe details: bdf, DOE, Stream id, IO range */
+ uint32_t bdf;
+ uint32_t doe_cap_base;
+};
+
+struct host_vdev {
+ void *vdev_ptr;
+ void *pdev_ptr;
+
+ /*
+ * NS host assigns the vdev_id, and this same id is used by Realm when
+ * it enumerates the PCI devices
+ */
+ unsigned long vdev_id;
+
+ /*
+ * The TEE device interface ID. Currently NS host assigns the whole
+ * device, this value is same as PDEV's bdf.
+ */
+ unsigned long tdi_id;
+
+ unsigned long flags;
+
+ void *vdev_aux[VDEV_PARAM_AUX_GRANULES_MAX];
+ uint32_t vdev_aux_num;
+
+ struct rmi_dev_comm_data *dev_comm_data;
+
+ /* Fields related to cached device measurements. */
+ uint8_t *meas;
+ size_t meas_len;
+
+ /* Fields related to cached interface report. */
+ uint8_t *ifc_report;
+ size_t ifc_report_len;
+};
+
+int host_create_realm_with_feat_da(struct realm *realm);
+int host_pdev_create(struct host_pdev *h_pdev);
+int host_pdev_reclaim(struct host_pdev *h_pdev);
+int host_pdev_setup(struct host_pdev *h_pdev);
+int host_pdev_transition(struct host_pdev *h_pdev, unsigned char to_state);
+
+int host_assign_vdev_to_realm(struct realm *realm, struct host_pdev *h_pdev,
+ struct host_vdev *h_vdev);
+int host_unassign_vdev_from_realm(struct realm *realm, struct host_pdev *h_pdev,
+ struct host_vdev *h_vdev);
u_register_t host_dev_mem_map(struct realm *realm, u_register_t dev_pa,
long map_level, u_register_t *dev_ipa);
diff --git a/include/runtime_services/host_realm_managment/host_realm_helper.h b/include/runtime_services/host_realm_managment/host_realm_helper.h
index af8f834..3c94d02 100644
--- a/include/runtime_services/host_realm_managment/host_realm_helper.h
+++ b/include/runtime_services/host_realm_managment/host_realm_helper.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2022-2023, Arm Limited. All rights reserved.
+ * Copyright (c) 2022-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -101,4 +101,10 @@
return false;
}
+/* Handle REC exit due to VDEV request */
+void host_do_vdev_complete(u_register_t rec_ptr, unsigned long vdev_id);
+
+/* Handle REC exit due to VDEV communication */
+void host_do_vdev_communicate(u_register_t vdev_ptr, unsigned long vdev_action);
+
#endif /* HOST_REALM_HELPER_H */
diff --git a/include/runtime_services/host_realm_managment/host_realm_rmi.h b/include/runtime_services/host_realm_managment/host_realm_rmi.h
index 20054bd..18e47a1 100644
--- a/include/runtime_services/host_realm_managment/host_realm_rmi.h
+++ b/include/runtime_services/host_realm_managment/host_realm_rmi.h
@@ -52,99 +52,131 @@
/* RMI SMC64 FIDs handled by the RMMD */
/*
+ * FID: 0xC4000150
+ *
* arg0: Requested interface version
*
* ret0: Command return status
* ret1: Lower implemented interface revision
* ret2: Higher implemented interface revision
*/
-#define RMI_VERSION SMC64_RMI_FID(U(0x0))
+#define SMC_RMI_VERSION SMC64_RMI_FID(U(0x0))
/*
+ * FID: 0xC4000151
+ *
* arg0 == target granule address
*/
-#define RMI_GRANULE_DELEGATE SMC64_RMI_FID(U(0x1))
+#define SMC_RMI_GRANULE_DELEGATE SMC64_RMI_FID(U(0x1))
/*
+ * FID: 0xC4000152
+ *
* arg0 == target granule address
*/
-#define RMI_GRANULE_UNDELEGATE SMC64_RMI_FID(U(0x2))
+#define SMC_RMI_GRANULE_UNDELEGATE SMC64_RMI_FID(U(0x2))
+
+/* RmiDataMeasureContent type */
+#define RMI_NO_MEASURE_CONTENT U(0)
+#define RMI_MEASURE_CONTENT U(1)
/*
+ * FID: 0xC4000153
+ *
* arg0 == RD address
* arg1 == data address
* arg2 == map address
* arg3 == SRC address
* arg4 == flags
-*/
-#define RMI_DATA_CREATE SMC64_RMI_FID(U(0x3))
+ */
+#define SMC_RMI_DATA_CREATE SMC64_RMI_FID(U(0x3))
/*
+ * FID: 0xC4000154
+ *
* arg0 == RD address
* arg1 == data address
* arg2 == map address
*/
-#define RMI_DATA_CREATE_UNKNOWN SMC64_RMI_FID(U(0x4))
+#define SMC_RMI_DATA_CREATE_UNKNOWN SMC64_RMI_FID(U(0x4))
/*
+ * FID: 0xC4000155
+ *
* arg0 == RD address
* arg1 == map address
*
* ret1 == Address(PA) of the DATA granule, if ret0 == RMI_SUCCESS.
* Otherwise, undefined.
* ret2 == Top of the non-live address region. Only valid
- * if ret0 == RMI_SUCCESS or ret0 == (RMI_ERROR_RTT_WALK, x)
+ * if ret0 == RMI_SUCCESS or ret0 == (RMI_ERROR_RTT, x)
*/
-#define RMI_DATA_DESTROY SMC64_RMI_FID(U(0x5))
+#define SMC_RMI_DATA_DESTROY SMC64_RMI_FID(U(0x5))
/*
* FID: 0xC4000156
*/
-#define SMC_RMI_PDEV_AUX_COUNT SMC64_RMI_FID(U(0x6))
+#define SMC_RMI_PDEV_AUX_COUNT SMC64_RMI_FID(U(0x6))
/*
+ * FID: 0xC4000157
+ *
* arg0 == RD address
*/
-#define RMI_REALM_ACTIVATE SMC64_RMI_FID(U(0x7))
+#define SMC_RMI_REALM_ACTIVATE SMC64_RMI_FID(U(0x7))
/*
+ * FID: 0xC4000158
+ *
* arg0 == RD address
* arg1 == struct rmi_realm_params address
*/
-#define RMI_REALM_CREATE SMC64_RMI_FID(U(0x8))
+#define SMC_RMI_REALM_CREATE SMC64_RMI_FID(U(0x8))
/*
+ * FID: 0xC4000159
+ *
* arg0 == RD address
*/
-#define RMI_REALM_DESTROY SMC64_RMI_FID(U(0x9))
+#define SMC_RMI_REALM_DESTROY SMC64_RMI_FID(U(0x9))
/*
+ * FID: 0xC400015A
+ *
* arg0 == RD address
* arg1 == REC address
* arg2 == struct rmm_rec address
*/
-#define RMI_REC_CREATE SMC64_RMI_FID(U(0xA))
+#define SMC_RMI_REC_CREATE SMC64_RMI_FID(U(0xA))
/*
+ * FID: 0xC400015B
+ *
* arg0 == REC address
*/
-#define RMI_REC_DESTROY SMC64_RMI_FID(U(0xB))
+#define SMC_RMI_REC_DESTROY SMC64_RMI_FID(U(0xB))
/*
+ * FID: 0xC400015C
+ *
* arg0 == rec address
* arg1 == struct rec_run address
*/
-#define RMI_REC_ENTER SMC64_RMI_FID(U(0xC))
+#define SMC_RMI_REC_ENTER SMC64_RMI_FID(U(0xC))
/*
+ * FID: 0xC400015D
+ *
* arg0 == RD address
* arg1 == RTT address
* arg2 == map address
* arg3 == level
*/
-#define RMI_RTT_CREATE SMC64_RMI_FID(U(0xD))
+#define SMC_RMI_RTT_CREATE SMC64_RMI_FID(U(0xD))
/*
+ * FID: 0xC400015E
+ *
* arg0 == RD address
* arg1 == RTT address
* arg2 == map address
@@ -176,44 +208,28 @@
* ret1 == Address (PA) of the RTT, if ret0 == RMI_SUCCESS
* Otherwise, undefined.
* ret2 == Top of the non-live address region. Only valid
- * if ret0 == RMI_SUCCESS or ret0 == (RMI_ERROR_RTT_WALK, x)
+ * if ret0 == RMI_SUCCESS or ret0 == (RMI_ERROR_RTT, x)
*/
-#define RMI_RTT_DESTROY SMC64_RMI_FID(U(0xE))
+#define SMC_RMI_RTT_DESTROY SMC64_RMI_FID(U(0xE))
/*
+ * FID: 0xC400015F
+ *
* arg0 == RD address
* arg1 == map address
* arg2 == level
* arg3 == s2tte
*/
-#define RMI_RTT_MAP_UNPROTECTED SMC64_RMI_FID(U(0xF))
+#define SMC_RMI_RTT_MAP_UNPROTECTED SMC64_RMI_FID(U(0xF))
/*
- * arg0 == RD address
- * arg1 == map address
- * arg2 == RTT tree index
- *
- * ret0 == status/index
- * ret1 == fail_index
- * ret2 == primary level
- * ret3 == state
- * ret4 == ripas
+ * FID: 0xC4000160
*/
-#define RMI_RTT_AUX_MAP_PROTECTED SMC64_RMI_FID(U(0x30))
+#define SMC_RMI_VDEV_AUX_COUNT SMC64_RMI_FID(U(0x10))
/*
- * arg0 == RD address
- * arg1 == map address
- * arg2 == RTT tree index
+ * FID: 0xC4000161
*
- * ret0 == status/index
- * ret1 == fail_index
- * ret2 == primary level
- * ret3 == state
- */
-#define RMI_RTT_AUX_MAP_UNPROTECTED SMC64_RMI_FID(U(0x31))
-
-/*
* arg0 == RD address
* arg1 == map address
* arg2 == level
@@ -224,85 +240,53 @@
* ret4 == ripas
* if ret0 == RMI_SUCCESS, otherwise, undefined.
*/
-#define RMI_RTT_READ_ENTRY SMC64_RMI_FID(U(0x11))
+#define SMC_RMI_RTT_READ_ENTRY SMC64_RMI_FID(U(0x11))
/*
+ * FID: 0xC4000162
+ *
* arg0 == RD address
* arg1 == map address
* arg2 == level
*/
-#define RMI_RTT_UNMAP_UNPROTECTED SMC64_RMI_FID(U(0x12))
+#define SMC_RMI_RTT_UNMAP_UNPROTECTED SMC64_RMI_FID(U(0x12))
/*
- * arg0 == RD address
- * arg1 == map address
- * arg2 == RTT tree index
+ * FID: 0xC4000164
*
- * ret0 == status/index
- * ret1 == top
- * ret2 == level
- */
-#define RMI_RTT_AUX_UNMAP_PROTECTED SMC64_RMI_FID(U(0x33))
-
-/*
- * arg0 == RD address
- * arg1 == map address
- * arg2 == RTT tree index
- *
- * ret0 == status/index
- * ret1 == top
- * ret2 == level
- */
-#define RMI_RTT_AUX_UNMAP_UNPROTECTED SMC64_RMI_FID(U(0x34))
-
-/*
- * arg0 == RD address
- * arg1 == target rec
- * arg2 == base adr
- * arg3 == top adr
- *
- * ret0 == return code
- * ret1 == Top IPA of range whose S2AP was modified
- * ret2 == Index of RTT tree in which base alignment check failed
- */
-#define RMI_RTT_SET_S2AP SMC64_RMI_FID(U(0x3B))
-
-/*
* arg0 == calling rec address
* arg1 == target rec address
*/
-#define RMI_PSCI_COMPLETE SMC64_RMI_FID(U(0x14))
+#define SMC_RMI_PSCI_COMPLETE SMC64_RMI_FID(U(0x14))
/*
+ * FID: 0xC4000165
+ *
* arg0 == Feature register index
*/
-#define RMI_FEATURES SMC64_RMI_FID(U(0x15))
+#define SMC_RMI_FEATURES SMC64_RMI_FID(U(0x15))
/*
+ * FID: 0xC4000166
+ *
* arg0 == RD address
* arg1 == map address
* arg2 == level
*
* ret1 == Address(PA) of the RTT folded, if ret0 == RMI_SUCCESS
*/
-#define RMI_RTT_FOLD SMC64_RMI_FID(U(0x16))
+#define SMC_RMI_RTT_FOLD SMC64_RMI_FID(U(0x16))
/*
- * arg0 == RD address
- * arg1 == map address
- * arg2 == level
- * arg3 == RTT tree index
+ * FID: 0xC4000167
*
- * ret1 == Address(PA) of the RTT folded, if ret0 == RMI_SUCCESS
- */
-#define RMI_RTT_AUX_FOLD SMC64_RMI_FID(U(0x2F))
-
-/*
* arg0 == RD address
*/
-#define RMI_REC_AUX_COUNT SMC64_RMI_FID(U(0x17))
+#define SMC_RMI_REC_AUX_COUNT SMC64_RMI_FID(U(0x17))
/*
+ * FID: 0xC4000168
+ *
* arg0 == RD address
* arg1 == start address
* arg2 == end address
@@ -310,9 +294,11 @@
* ret1 == Top of the address range where the RIPAS was updated,
* if ret0 == RMI_SUCCESS
*/
-#define RMI_RTT_INIT_RIPAS SMC64_RMI_FID(U(0x18))
+#define SMC_RMI_RTT_INIT_RIPAS SMC64_RMI_FID(U(0x18))
/*
+ * FID: 0xC4000169
+ *
* arg0 == RD address
* arg1 == REC address
* arg2 == start address
@@ -321,17 +307,59 @@
* ret1 == Top of the address range where the RIPAS was updated,
* if ret0 == RMI_SUCCESS
*/
-#define RMI_RTT_SET_RIPAS SMC64_RMI_FID(U(0x19))
+#define SMC_RMI_RTT_SET_RIPAS SMC64_RMI_FID(U(0x19))
/*
+ * TODO: Update the documentation of new FIDs once the 1.1 spec has stabilized.
+ */
+
+/*
+ * FID: 0xC400016A
+ */
+#define SMC_RMI_VSMMU_CREATE SMC64_RMI_FID(U(0x1A))
+
+/*
+ * FID: 0xC400016B
+ */
+#define SMC_RMI_VSMMU_DESTROY SMC64_RMI_FID(U(0x1B))
+
+/*
+ * FID: 0xC400016C
+ */
+#define SMC_RMI_VSMMU_MAP SMC64_RMI_FID(U(0x1C))
+
+/*
+ * FID: 0xC400016D
+ */
+#define SMC_RMI_VSMMU_UNMAP SMC64_RMI_FID(U(0x1D))
+
+/*
+ * FID: 0xC400016E
+ */
+#define SMC_RMI_PSMMU_MSI_CONFIG SMC64_RMI_FID(U(0x1E))
+
+/*
+ * FID: 0xC400016F
+ */
+#define SMC_RMI_PSMMU_IRQ_NOTIFY SMC64_RMI_FID(U(0x1F))
+
+/*
+ * FID: 0xC4000170 and 0xC4000171 are not used.
+ */
+
+/*
+ * FID: 0xC4000172
+ *
* arg0 == RD address
* arg1 == map address
* arg2 == level
* arg3 == PA of the target device memory
*/
-#define SMC_RMI_DEV_MEM_MAP SMC64_RMI_FID(U(0x22))
+#define SMC_RMI_DEV_MEM_MAP SMC64_RMI_FID(U(0x22))
/*
+ * FID: 0xC4000173
+ *
* arg0 == RD address
* arg1 == map address
* arg2 == level
@@ -341,7 +369,7 @@
* ret2 == Top of the non-live address region. Only valid
* if ret0 == RMI_SUCCESS or ret0 == (RMI_ERROR_RTT, x)
*/
-#define SMC_RMI_DEV_MEM_UNMAP SMC64_RMI_FID(U(0x23))
+#define SMC_RMI_DEV_MEM_UNMAP SMC64_RMI_FID(U(0x23))
/*
* FID: 0xC4000174
@@ -414,12 +442,32 @@
#define SMC_RMI_RTT_AUX_MAP_UNPROTECTED SMC64_RMI_FID(U(0x31))
/*
+ * FID: 0xC4000182 is not used.
+ */
+
+/*
* FID: 0xC4000183
+ *
+ * arg0 == RD address
+ * arg1 == map address
+ * arg2 == RTT tree index
+ *
+ * ret0 == status/index
+ * ret1 == top
+ * ret2 == level
*/
#define SMC_RMI_RTT_AUX_UNMAP_PROTECTED SMC64_RMI_FID(U(0x33))
/*
* FID: 0xC4000184
+ *
+ * arg0 == RD address
+ * arg1 == map address
+ * arg2 == RTT tree index
+ *
+ * ret0 == status/index
+ * ret1 == top
+ * ret2 == level
*/
#define SMC_RMI_RTT_AUX_UNMAP_UNPROTECTED SMC64_RMI_FID(U(0x34))
@@ -455,6 +503,15 @@
/*
* FID: 0xC400018B
+ *
+ * arg0 == RD address
+ * arg1 == target rec
+ * arg2 == base adr
+ * arg3 == top adr
+ *
+ * ret0 == return code
+ * ret1 == Top IPA of range whose S2AP was modified
+ * ret2 == Index of RTT tree in which base alignment check failed
*/
#define SMC_RMI_RTT_SET_S2AP SMC64_RMI_FID(U(0x3B))
@@ -473,6 +530,10 @@
*/
#define SMC_RMI_VDEV_COMPLETE SMC64_RMI_FID(U(0x3E))
+/*
+ * FID: 0xC400018F is not used.
+ */
+
#define GRANULE_SIZE PAGE_SIZE_4KB
/* Maximum number of auxiliary granules required for a REC */
@@ -517,18 +578,18 @@
* RmiRecExitReason represents the reason for a REC exit.
* This is returned to NS hosts via RMI_REC_ENTER::run_ptr.
*/
-#define RMI_EXIT_SYNC 0U
-#define RMI_EXIT_IRQ 1U
-#define RMI_EXIT_FIQ 2U
-#define RMI_EXIT_PSCI 3U
-#define RMI_EXIT_RIPAS_CHANGE 4U
-#define RMI_EXIT_HOST_CALL 5U
-#define RMI_EXIT_SERROR 6U
-#define RMI_EXIT_IO 7U
-#define RMI_EXIT_RTT_REQUEST 8U
-#define RMI_EXIT_S2AP_CHANGE 9U
-#define RMI_EXIT_VDEV_REQUEST 10U
-#define RMI_EXIT_INVALID (RMI_EXIT_VDEV_REQUEST + 1U)
+#define RMI_EXIT_SYNC U(0)
+#define RMI_EXIT_IRQ U(1)
+#define RMI_EXIT_FIQ U(2)
+#define RMI_EXIT_PSCI U(3)
+#define RMI_EXIT_RIPAS_CHANGE U(4)
+#define RMI_EXIT_HOST_CALL U(5)
+#define RMI_EXIT_SERROR U(6)
+#define RMI_EXIT_S2AP_CHANGE U(7)
+#define RMI_EXIT_VDEV_REQUEST U(8)
+#define RMI_EXIT_VDEV_COMM U(9)
+#define RMI_EXIT_DEV_MEM_MAP U(10)
+#define RMI_EXIT_INVALID (RMI_EXIT_DEV_MEM_MAP + 1U)
/* RmiRecRunnable types */
#define RMI_NOT_RUNNABLE 0U
@@ -571,19 +632,24 @@
#define RMI_FEATURE_REGISTER_0_MAX_RECS_ORDER_SHIFT 38UL
#define RMI_FEATURE_REGISTER_0_MAX_RECS_ORDER_WIDTH 4UL
#define RMI_FEATURE_REGISTER_0_DA_EN BIT(42)
+#define RMI_FEATURE_REGISTER_0_PLANE_RTT_SHIFT 43UL
+#define RMI_FEATURE_REGISTER_0_PLANE_RTT_WIDTH 2UL
+#define RMI_FEATURE_REGISTER_0_MAX_NUM_AUX_PLANES_SHIFT 45UL
+#define RMI_FEATURE_REGISTER_0_MAX_NUM_AUX_PLANES_WIDTH 4UL
/*
* Format of feature_flag[63:32].
* Value -1 (0 in case of NUM_BPS and NUM_WPS) indicates not set field,
* and parameter will be set from the corresponding field of feature register 0.
*/
-#define RMI_FEATURE_REGISTER_0_DA BIT(42)
-
-#define RMI_FEATURE_REGISTER_0_PLANE_RTT_SHIFT 43UL
-#define RMI_FEATURE_REGISTER_0_PLANE_RTT_WIDTH 2UL
-
-#define RMI_FEATURE_REGISTER_0_MAX_NUM_AUX_PLANES_SHIFT 45UL
-#define RMI_FEATURE_REGISTER_0_MAX_NUM_AUX_PLANES_WIDTH 4UL
+#define FEATURE_SVE_VL_SHIFT 56UL
+#define FEATURE_SVE_VL_WIDTH 4UL
+#define FEATURE_NUM_BPS_SHIFT 14UL
+#define FEATURE_NUM_BPS_WIDTH 6UL
+#define FEATURE_NUM_WPS_SHIFT 20UL
+#define FEATURE_NUM_WPS_WIDTH 6UL
+#define FEATURE_PMU_NUM_CTRS_SHIFT 35UL
+#define FEATURE_PMU_NUM_CTRS_WIDTH 4UL
#define RMI_FEATURE_REGISTER_0_RTT_S2AP_INDIRECT BIT(49)
@@ -792,65 +858,104 @@
};
/*
+ * RmiVdevAction
+ * Represents realm action which triggered REC exit due to device communication.
+ * Width: 8 bits
+ */
+#define RMI_VDEV_ACTION_GET_INTERFACE_REPORT U(0)
+#define RMI_VDEV_ACTION_GET_MEASUREMENTS U(1)
+#define RMI_VDEV_ACTION_LOCK U(2)
+#define RMI_VDEV_ACTION_START U(3)
+#define RMI_VDEV_ACTION_STOP U(4)
+
+/*
+ * RmiRecExitFlags
+ * Fieldset contains flags provided by the RMM during REC exit.
+ * Width: 64 bits
+ */
+#define RMI_REC_EXIT_FLAGS_RIPAS_DEV_SHARED_SHIFT U(0)
+#define RMI_REC_EXIT_FLAGS_RIPAS_DEV_SHARED_WIDTH U(1)
+
+/*
* Structure contains data passed from the RMM to the Host on REC exit
*/
struct rmi_rec_exit {
/* Exit reason */
- SET_MEMBER(u_register_t exit_reason, 0, 0x100);/* Offset 0 */
- SET_MEMBER(struct {
- /* Exception Syndrome Register */
- u_register_t esr; /* 0x100 */
- /* Fault Address Register */
- u_register_t far; /* 0x108 */
- /* Hypervisor IPA Fault Address register */
- u_register_t hpfar; /* 0x110 */
- }, 0x100, 0x118);
- /* Index of RTT tree active at time of the exit */
- SET_MEMBER(u_register_t rtt_tree, 0x118, 0x120);/* Offset 0x118 */
- /* Level of requested RTT */
- SET_MEMBER(u_register_t rtt_level, 0x120, 0x200);/* Offset 0x120 */
+ SET_MEMBER_RMI(unsigned long exit_reason, 0, 0x8);/* Offset 0 */
+ /* RmiRecExitFlags: Flags */
+ SET_MEMBER_RMI(unsigned long flags, 0x8, 0x100);/* 0x8 */
+ SET_MEMBER_RMI(struct {
+ /* Exception Syndrome Register */
+ unsigned long esr; /* 0x100 */
+ /* Fault Address Register */
+ unsigned long far; /* 0x108 */
+ /* Hypervisor IPA Fault Address register */
+ unsigned long hpfar; /* 0x110 */
+ /* Index of RTT tree active at time of the exit */
+ unsigned long rtt_tree; /* 0x118 */
+ /* Level of requested RTT */
+ unsigned long rtt_level; /* 0x120 */
+ }, 0x100, 0x200);
/* General-purpose registers */
- SET_MEMBER(u_register_t gprs[REC_EXIT_NR_GPRS], 0x200, 0x300); /* 0x200 */
- SET_MEMBER(struct {
- /* GICv3 Hypervisor Control Register */
- u_register_t gicv3_hcr; /* 0x300 */
- /* GICv3 List Registers */
- u_register_t gicv3_lrs[REC_GIC_NUM_LRS]; /* 0x308 */
- /* GICv3 Maintenance Interrupt State Register */
- u_register_t gicv3_misr; /* 0x388 */
- /* GICv3 Virtual Machine Control Register */
- u_register_t gicv3_vmcr; /* 0x390 */
- }, 0x300, 0x400);
- SET_MEMBER(struct {
- /* Counter-timer Physical Timer Control Register */
- u_register_t cntp_ctl; /* 0x400 */
- /* Counter-timer Physical Timer CompareValue Register */
- u_register_t cntp_cval; /* 0x408 */
- /* Counter-timer Virtual Timer Control Register */
- u_register_t cntv_ctl; /* 0x410 */
- /* Counter-timer Virtual Timer CompareValue Register */
- u_register_t cntv_cval; /* 0x418 */
- }, 0x400, 0x500);
- SET_MEMBER(struct {
- /* Base address of pending RIPAS change */
- u_register_t ripas_base; /* 0x500 */
- /* Size of pending RIPAS change */
- u_register_t ripas_size; /* 0x508 */
- /* RIPAS value of pending RIPAS change */
- unsigned char ripas_value; /* 0x510 */
- }, 0x500, 0x518);
- /* Base PA of MMIO region, if RIPAS change
- * is pending due to exeception of RSI_RDEV_VALIDATE_IO
- */
- SET_MEMBER(u_register_t ripas_io_pa, 0x518, 0x520); /* Offset 0x518 */
- /* Base address of target region for pending S2AP change */
- SET_MEMBER(u_register_t s2ap_base, 0x520, 0x528); /* Offset 0x520 */
- /* Top address of target region for pending S2AP change */
- SET_MEMBER(u_register_t s2ap_top, 0x528, 0x600); /* Offset 0x528 */
+ SET_MEMBER_RMI(unsigned long gprs[REC_EXIT_NR_GPRS], 0x200, 0x300); /* 0x200 */
+ SET_MEMBER_RMI(struct {
+ /* GICv3 Hypervisor Control Register */
+ unsigned long gicv3_hcr; /* 0x300 */
+ /* GICv3 List Registers */
+ unsigned long gicv3_lrs[REC_GIC_NUM_LRS]; /* 0x308 */
+ /* GICv3 Maintenance Interrupt State Register */
+ unsigned long gicv3_misr; /* 0x388 */
+ /* GICv3 Virtual Machine Control Register */
+ unsigned long gicv3_vmcr; /* 0x390 */
+ }, 0x300, 0x400);
+ SET_MEMBER_RMI(struct {
+ /* Counter-timer Physical Timer Control Register */
+ unsigned long cntp_ctl; /* 0x400 */
+ /* Counter-timer Physical Timer CompareValue Register */
+ unsigned long cntp_cval; /* 0x408 */
+ /* Counter-timer Virtual Timer Control Register */
+ unsigned long cntv_ctl; /* 0x410 */
+ /* Counter-timer Virtual Timer CompareValue Register */
+ unsigned long cntv_cval; /* 0x418 */
+ }, 0x400, 0x500);
+ SET_MEMBER_RMI(struct {
+ /* Base address of pending RIPAS change */
+ unsigned long ripas_base; /* 0x500 */
+ /* Size of pending RIPAS change */
+ unsigned long ripas_top; /* 0x508 */
+ /* RIPAS value of pending RIPAS change */
+ unsigned char ripas_value; /* 0x510 */
+ /*
+ * Base PA of device memory region, if RIPAS change is
+ * pending due to execution of
+ * RSI_RDEV_VALIDATE_MAPPING
+ */
+ unsigned long ripas_dev_pa; /* 0x518 */
+ /* Base addr of target region for pending S2AP change */
+ unsigned long s2ap_base; /* 0x520 */
+ /* Top addr of target region for pending S2AP change */
+ unsigned long s2ap_top; /* 0x528 */
+ /* Virtual device ID */
+ unsigned long vdev_id; /* 0x530 */
+ }, 0x500, 0x600);
+
/* Host call immediate value */
- SET_MEMBER(unsigned int imm, 0x600, 0x700); /* 0x600 */
+ SET_MEMBER_RMI(unsigned int imm, 0x600, 0x608);
+ /* UInt64: Plane Index */
+ SET_MEMBER_RMI(unsigned long plane, 0x608, 0x610);
+ /* Address: VDEV which triggered REC exit due to device communication */
+ SET_MEMBER_RMI(unsigned long vdev, 0x610, 0x618);
+ /* RmiVdevAction: Action which triggered REC exit due to device comm */
+ SET_MEMBER_RMI(unsigned char vdev_action, 0x618, 0x620);
+ /* Bits64: Base IPA of target region for device mem mapping validation */
+ SET_MEMBER_RMI(unsigned long dev_mem_base, 0x620, 0x628);
+ /* Bits64: Top IPA of target region for device mem mapping validation */
+ SET_MEMBER_RMI(unsigned long dev_mem_top, 0x628, 0x630);
+ /* Addres: Base PA of device memory region */
+ SET_MEMBER_RMI(unsigned long dev_mem_pa, 0x630, 0x700);
+
/* PMU overflow status */
- SET_MEMBER(unsigned long pmu_ovf_status, 0x700, 0x800); /* 0x700 */
+ SET_MEMBER_RMI(unsigned long pmu_ovf_status, 0x700, 0x800);
};
/*
@@ -865,23 +970,46 @@
};
/*
- * RmiPdevProtConfig
- * Represents the protection between system and device.
- * Width: 2 bits
+ * RmiPdevSpdm
+ * Represents whether communication with the device uses SPDM.
+ * Width: 1 bit
*/
-#define RMI_PDEV_IOCOH_E2E_IDE U(0)
-#define RMI_PDEV_IOCOH_E2E_SYS U(1)
-#define RMI_PDEV_FCOH_E2E_IDE U(2)
-#define RMI_PDEV_FCOH_E2E_SYS U(3)
+#define RMI_PDEV_SPDM_FALSE U(0)
+#define RMI_PDEV_SPDM_TRUE U(1)
+
+/*
+ * RmiPdevIde
+ * Represents whether the link to the device is protected using IDE.
+ * Width: 1 bit
+ */
+#define RMI_PDEV_IDE_FALSE U(0)
+#define RMI_PDEV_IDE_TRUE U(1)
+
+/*
+ * RmiPdevCoherent
+ * Represents the device access is non-coherent or coherent
+ * Width: 1 bit
+ */
+#define RMI_PDEV_COHERENT_FALSE U(0)
+#define RMI_PDEV_COHERENT_TRUE U(1)
/*
* RmiPdevFlags
* Fieldset contains flags provided by the Host during PDEV creation
* Width: 64 bits
*/
-/* RmiPdevProtConfig Bits 1:0 */
-#define RMI_PDEV_FLAGS_PROT_CONFIG_SHIFT UL(0)
-#define RMI_PDEV_FLAGS_PROT_CONFIG_WIDTH UL(2)
+/* RmiPdevSpdm: Bit 0 */
+#define RMI_PDEV_FLAGS_SPDM_SHIFT UL(0)
+#define RMI_PDEV_FLAGS_SPDM_WIDTH UL(1)
+/* RmiPdevIde: Bit 1 */
+#define RMI_PDEV_FLAGS_IDE_SHIFT UL(1)
+#define RMI_PDEV_FLAGS_IDE_WIDTH UL(1)
+/* RmiPdevCoherent: Bit 2 */
+#define RMI_PDEV_FLAGS_COHERENT_SHIFT UL(2)
+#define RMI_PDEV_FLAGS_COHERENT_WIDTH UL(1)
+/* RmiFeature: Bit 3 */
+#define RMI_PDEV_FLAGS_P2P_SHIFT UL(3)
+#define RMI_PDEV_FLAGS_P2P_WIDTH UL(1)
/*
* RmiPdevEvent
@@ -899,10 +1027,11 @@
#define RMI_PDEV_STATE_NEEDS_KEY U(1)
#define RMI_PDEV_STATE_HAS_KEY U(2)
#define RMI_PDEV_STATE_READY U(3)
-#define RMI_PDEV_STATE_COMMUNICATING U(4)
-#define RMI_PDEV_STATE_STOPPING U(5)
-#define RMI_PDEV_STATE_STOPPED U(6)
-#define RMI_PDEV_STATE_ERROR U(7)
+#define RMI_PDEV_STATE_IDE_RESETTING U(4)
+#define RMI_PDEV_STATE_COMMUNICATING U(5)
+#define RMI_PDEV_STATE_STOPPING U(6)
+#define RMI_PDEV_STATE_STOPPED U(7)
+#define RMI_PDEV_STATE_ERROR U(8)
/*
* RmiSignatureAlgorithm
@@ -936,9 +1065,9 @@
* Represents status passed from the Host to the RMM during device communication.
* Width: 8 bits
*/
-#define RMI_DEV_COMM_ENTER_STATUS_SUCCESS U(0)
-#define RMI_DEV_COMM_ENTER_STATUS_ERROR U(1)
-#define RMI_DEV_COMM_ENTER_STATUS_NONE U(2)
+#define RMI_DEV_COMM_ENTER_STATUS_NONE U(0)
+#define RMI_DEV_COMM_ENTER_STATUS_RESPONSE U(1)
+#define RMI_DEV_COMM_ENTER_STATUS_ERROR U(2)
/*
* RmiDevCommEnter
@@ -962,16 +1091,29 @@
* Fieldset contains flags provided by the RMM during a device transaction.
* Width: 64 bits
*/
-#define RMI_DEV_COMM_EXIT_FLAGS_CACHE_SHIFT UL(0)
-#define RMI_DEV_COMM_EXIT_FLAGS_CACHE_WIDTH UL(1)
-#define RMI_DEV_COMM_EXIT_FLAGS_SEND_SHIFT UL(1)
+#define RMI_DEV_COMM_EXIT_FLAGS_CACHE_REQ_SHIFT UL(0)
+#define RMI_DEV_COMM_EXIT_FLAGS_CACHE_REQ_WIDTH UL(1)
+#define RMI_DEV_COMM_EXIT_FLAGS_CACHE_RSP_SHIFT UL(1)
+#define RMI_DEV_COMM_EXIT_FLAGS_CACHE_RSP_WIDTH UL(1)
+#define RMI_DEV_COMM_EXIT_FLAGS_SEND_SHIFT UL(2)
#define RMI_DEV_COMM_EXIT_FLAGS_SEND_WIDTH UL(1)
-#define RMI_DEV_COMM_EXIT_FLAGS_WAIT_SHIFT UL(2)
+#define RMI_DEV_COMM_EXIT_FLAGS_WAIT_SHIFT UL(3)
#define RMI_DEV_COMM_EXIT_FLAGS_WAIT_WIDTH UL(1)
-#define RMI_DEV_COMM_EXIT_FLAGS_MULTI_SHIFT UL(3)
+#define RMI_DEV_COMM_EXIT_FLAGS_MULTI_SHIFT UL(4)
#define RMI_DEV_COMM_EXIT_FLAGS_MULTI_WIDTH UL(1)
/*
+ * RmiDevCommObject
+ * This represents identifier of a device communication object which the Host is
+ * requested to cache.
+ * Width: 8 bits
+ */
+#define RMI_DEV_COMM_OBJECT_VCA U(0)
+#define RMI_DEV_COMM_OBJECT_CERTIFICATE U(1)
+#define RMI_DEV_COMM_OBJECT_MEASUREMENTS U(2)
+#define RMI_DEV_COMM_OBJECT_INTERFACE_REPORT U(3)
+
+/*
* RmiDevCommProtocol
* Represents the protocol used for device communication.
* Width: 8 bits
@@ -992,27 +1134,43 @@
*/
SET_MEMBER_RMI(unsigned long flags, 0, 0x8);
/*
- * UInt64: If flags.cache is true, offset in the device response buffer
- * to the start of data to be cached in bytes.
+ * UInt64: If flags.cache_req is true, offset in the device request
+ * buffer to the start of data to be cached, in bytes
*/
- SET_MEMBER_RMI(unsigned long cache_offset, 0x8, 0x10);
+ SET_MEMBER_RMI(unsigned long cache_req_offset, 0x8, 0x10);
/*
- * UInt64: If flags.cache is true, amount of data to be cached in
- * bytes.
+ * UInt64: If flags.cache_req is true, amount of device request data to
+ * be cached, in bytes
*/
- SET_MEMBER_RMI(unsigned long cache_len, 0x10, 0x18);
+ SET_MEMBER_RMI(unsigned long cache_req_len, 0x10, 0x18);
+ /*
+ * UInt64: If flags.cache_rsp is true, offset in the device response
+ * buffer to the start of data to be cached, in bytes
+ */
+ SET_MEMBER_RMI(unsigned long cache_rsp_offset, 0x18, 0x20);
+ /*
+ * UInt64: If flags.cache_rsp is true, amount of device response data to
+ * be cached, in bytes.
+ */
+ SET_MEMBER_RMI(unsigned long cache_rsp_len, 0x20, 0x28);
+ /*
+ * RmiDevCommObject: If flags.cache_req is true and / or flags.cache_rsp
+ * is true, identifier for the object to be cachedIf flags.cache_rsp is
+ * true, amount of device response data to be cached, in bytes.
+ */
+ SET_MEMBER_RMI(unsigned char cache_obj_id, 0x28, 0x30);
/* RmiDevCommProtocol: If flags.send is true, type of request */
- SET_MEMBER_RMI(unsigned char protocol, 0x18, 0x20);
+ SET_MEMBER_RMI(unsigned char protocol, 0x30, 0x38);
/*
* UInt64: If flags.send is true, amount of valid data in request buffer
* in bytes
*/
- SET_MEMBER_RMI(unsigned long req_len, 0x20, 0x28);
+ SET_MEMBER_RMI(unsigned long req_len, 0x38, 0x40);
/*
* UInt64: If flags.wait is true, amount of time to wait for device
* response in milliseconds
*/
- SET_MEMBER_RMI(unsigned long timeout, 0x28, 0x100);
+ SET_MEMBER_RMI(unsigned long timeout, 0x40, 0x100);
};
/*
@@ -1052,16 +1210,16 @@
#define PDEV_PARAM_AUX_GRANULES_MAX U(32)
/*
- * Maximum number of IO coherent RmiAddressRange parameter passed in
+ * Maximum number of device non-coherent RmiAddressRange parameter passed in
* rmi_pdev_params during PDEV create
*/
-#define PDEV_PARAM_IOCOH_ADDR_RANGE_MAX U(16)
+#define PDEV_PARAM_NCOH_ADDR_RANGE_MAX U(16)
/*
- * Maximum number of fully coherent RmiAddressRange parameter passed in
+ * Maximum number of device coherent RmiAddressRange parameter passed in
* rmi_pdev_params during PDEV create
*/
-#define PDEV_PARAM_FCOH_ADDR_RANGE_MAX U(4)
+#define PDEV_PARAM_COH_ADDR_RANGE_MAX U(4)
/*
* RmiPdevParams
@@ -1075,38 +1233,107 @@
SET_MEMBER_RMI(unsigned long pdev_id, 0x8, 0x10);
/* Bits16: Segment ID */
SET_MEMBER_RMI(unsigned short segment_id, 0x10, 0x18);
+ /* Address: ECAM base address of the PCIe configuration space */
+ SET_MEMBER_RMI(unsigned short ecam_addr, 0x18, 0x20);
/* Bits16: Root Port identifier */
- SET_MEMBER_RMI(unsigned short root_id, 0x18, 0x20);
+ SET_MEMBER_RMI(unsigned short root_id, 0x20, 0x28);
/* UInt64: Certificate identifier */
- SET_MEMBER_RMI(unsigned long cert_id, 0x20, 0x28);
+ SET_MEMBER_RMI(unsigned long cert_id, 0x28, 0x30);
/* UInt64: Base requester ID range (inclusive) */
- SET_MEMBER_RMI(unsigned long rid_base, 0x28, 0x30);
+ SET_MEMBER_RMI(unsigned long rid_base, 0x30, 0x38);
/* UInt64: Top of requester ID range (exclusive) */
- SET_MEMBER_RMI(unsigned long rid_top, 0x30, 0x38);
+ SET_MEMBER_RMI(unsigned long rid_top, 0x38, 0x40);
/* RmiHashAlgorithm: Algorithm used to generate device digests */
- SET_MEMBER_RMI(unsigned char hash_algo, 0x38, 0x40);
+ SET_MEMBER_RMI(unsigned char hash_algo, 0x40, 0x48);
/* UInt64: Number of auxiliary granules */
- SET_MEMBER_RMI(unsigned long num_aux, 0x40, 0x48);
+ SET_MEMBER_RMI(unsigned long num_aux, 0x48, 0x50);
/* UInt64: IDE stream identifier */
- SET_MEMBER_RMI(unsigned long ide_sid, 0x48, 0x50);
- /* UInt64: Number of IO-coherent address ranges */
- SET_MEMBER_RMI(unsigned long iocoh_num_addr_range, 0x50, 0x58);
- /* UInt64: Number of fully-coherent address ranges */
- SET_MEMBER_RMI(unsigned long fcoh_num_addr_range, 0x58, 0x100);
-
+ SET_MEMBER_RMI(unsigned long ide_sid, 0x50, 0x58);
+ /* UInt64: Number of device non-coherent address ranges */
+ SET_MEMBER_RMI(unsigned long ncoh_num_addr_range, 0x58, 0x60);
+ /* UInt64: Number of device coherent address ranges */
+ SET_MEMBER_RMI(unsigned long coh_num_addr_range, 0x60, 0x100);
/* Address: Addresses of auxiliary granules */
SET_MEMBER_RMI(unsigned long aux[PDEV_PARAM_AUX_GRANULES_MAX], 0x100,
0x200);
- /* RmiAddressRange: IO-coherent address range */
+ /* RmiAddressRange: Device non-coherent address range */
SET_MEMBER_RMI(struct rmi_address_range
- iocoh_addr_range[PDEV_PARAM_IOCOH_ADDR_RANGE_MAX],
+ ncoh_addr_range[PDEV_PARAM_NCOH_ADDR_RANGE_MAX],
0x200, 0x300);
- /* RmiAddressRange: Fully coherent address range */
+ /* RmiAddressRange: Device coherent address range */
SET_MEMBER_RMI(struct rmi_address_range
- fcoh_addr_range[PDEV_PARAM_FCOH_ADDR_RANGE_MAX],
+ coh_addr_range[PDEV_PARAM_COH_ADDR_RANGE_MAX],
0x300, 0x1000);
};
+/* Max length of public key data passed in rmi_public_key_params */
+#define PUBKEY_PARAM_KEY_LEN_MAX U(1024)
+
+/* Max length of public key metadata passed in rmi_public_key_params */
+#define PUBKEY_PARAM_METADATA_LEN_MAX U(1024)
+
+/*
+ * RmiPublicKeyParams
+ * This structure contains public key parameters.
+ * Width: 4096 (0x1000) bytes.
+ */
+struct rmi_public_key_params {
+ /* Bits8: Key data */
+ SET_MEMBER_RMI(unsigned char key[PUBKEY_PARAM_KEY_LEN_MAX], 0x0, 0x400);
+ /* Bits8: Key metadata */
+ SET_MEMBER_RMI(unsigned char metadata[PUBKEY_PARAM_METADATA_LEN_MAX],
+ 0x400, 0x800);
+ /* UInt64: Length of key data in bytes */
+ SET_MEMBER_RMI(unsigned long key_len, 0x800, 0x808);
+ /* UInt64: Length of metadata in bytes */
+ SET_MEMBER_RMI(unsigned long metadata_len, 0x808, 0x810);
+ /* RmiSignatureAlgorithm: Signature algorithm */
+ SET_MEMBER_RMI(unsigned char algo, 0x810, 0x1000);
+};
+
+/*
+ * RmiVdevFlags
+ * Fieldset contains flags provided by the Host during VDEV creation.
+ * Width: 64 bits
+ */
+#define RMI_VDEV_FLAGS_RES0_SHIFT UL(0)
+#define RMI_VDEV_FLAGS_RES0_WIDTH UL(63)
+
+/*
+ * RmiVdevState
+ * Represents the state of the VDEV
+ * Width: 8 bits
+ */
+#define RMI_VDEV_STATE_READY U(0)
+#define RMI_VDEV_STATE_COMMUNICATING U(1)
+#define RMI_VDEV_STATE_STOPPING U(2)
+#define RMI_VDEV_STATE_STOPPED U(3)
+#define RMI_VDEV_STATE_ERROR U(4)
+
+/* Maximum number of aux granules paramenter passed to VDEV create */
+#define VDEV_PARAM_AUX_GRANULES_MAX U(32)
+
+/*
+ * RmiVdevParams
+ * The RmiVdevParams structure contains parameters provided by the Host during
+ * VDEV creation.
+ * Width: 4096 (0x1000) bytes.
+ */
+struct rmi_vdev_params {
+ /* RmiVdevFlags: Flags */
+ SET_MEMBER_RMI(unsigned long flags, 0, 0x8);
+ /* Bits64: Virtual device identifier */
+ SET_MEMBER_RMI(unsigned long vdev_id, 0x8, 0x10);
+ /* Bits64: TDI identifier */
+ SET_MEMBER_RMI(unsigned long tdi_id, 0x10, 0x18);
+ /* UInt64: Number of auxiliary granules */
+ SET_MEMBER_RMI(unsigned long num_aux, 0x18, 0x100);
+
+ /* Address: Addresses of auxiliary granules */
+ SET_MEMBER_RMI(unsigned long aux[VDEV_PARAM_AUX_GRANULES_MAX], 0x100,
+ 0x1000);
+};
+
struct rtt_entry {
long walk_level;
uint64_t out_addr;
@@ -1233,8 +1460,8 @@
u_register_t host_rmi_pdev_get_state(u_register_t pdev_ptr, u_register_t *state);
u_register_t host_rmi_pdev_communicate(u_register_t pdev_ptr,
u_register_t data_ptr);
-u_register_t host_rmi_pdev_set_pubkey(u_register_t pdev_ptr, u_register_t key,
- u_register_t len, uint8_t algo);
+u_register_t host_rmi_pdev_set_pubkey(u_register_t pdev_ptr,
+ u_register_t pubkey_params_ptr);
u_register_t host_rmi_pdev_stop(u_register_t pdev_ptr);
u_register_t host_rmi_pdev_destroy(u_register_t pdev_ptr);
@@ -1244,4 +1471,16 @@
u_register_t level, u_register_t *pa,
u_register_t *top);
+u_register_t host_rmi_vdev_create(u_register_t rd_ptr, u_register_t pdev_ptr,
+ u_register_t vdev_ptr,
+ u_register_t params_ptr);
+u_register_t host_rmi_vdev_complete(u_register_t rec_ptr, u_register_t vdev_ptr);
+u_register_t host_rmi_vdev_communicate(u_register_t pdev_ptr,
+ u_register_t vdev_ptr,
+ u_register_t dev_comm_data_ptr);
+u_register_t host_rmi_vdev_get_state(u_register_t vdev_ptr, u_register_t *state);
+u_register_t host_rmi_vdev_abort(u_register_t vdev_ptr);
+u_register_t host_rmi_vdev_stop(u_register_t vdev_ptr);
+u_register_t host_rmi_vdev_destroy(u_register_t rd_ptr, u_register_t pdev_ptr,
+ u_register_t vdev_ptr);
#endif /* HOST_REALM_RMI_H */
diff --git a/include/runtime_services/host_realm_managment/host_shared_data.h b/include/runtime_services/host_realm_managment/host_shared_data.h
index 71777c4..1f8d624 100644
--- a/include/runtime_services/host_realm_managment/host_shared_data.h
+++ b/include/runtime_services/host_realm_managment/host_shared_data.h
@@ -85,7 +85,8 @@
REALM_PLANE_N_REG_RW_CMD,
REALM_WRITE_BRBCR_EL1,
REALM_PLANE_N_INST_FETCH_ABORT,
- REALM_TEST_FEAT_TCR2
+ REALM_TEST_FEAT_TCR2,
+ REALM_DA_RSI_CALLS
};
/*
diff --git a/realm/include/realm_da_helpers.h b/realm/include/realm_da_helpers.h
new file mode 100644
index 0000000..65428b4
--- /dev/null
+++ b/realm/include/realm_da_helpers.h
@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 2025, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef REALM_DA_HELPERS_H
+#define REALM_DA_HELPERS_H
+
+#include <realm_rsi.h>
+
+/*
+ * Currently assigning one device is supported, for more than one device the VMM
+ * view of vdev_id and Realm view of device_id must match
+ */
+#define RDEV_ID (0x0UL)
+
+#define RDEV_TDISP_VERSION_MAX (0x10)
+
+struct rdev {
+ unsigned long id;
+ unsigned long inst_id;
+};
+
+unsigned long realm_rdev_init(struct rdev *rdev, unsigned long rdev_id);
+unsigned long realm_rsi_rdev_start(struct rdev *rdev);
+unsigned long realm_rsi_rdev_stop(struct rdev *rdev);
+unsigned long realm_rsi_rdev_get_interface_report(struct rdev *rdev);
+unsigned long realm_rsi_rdev_get_state(struct rdev *rdev);
+unsigned long realm_rsi_rdev_lock(struct rdev *rdev);
+int realm_verify_device_attestation(struct rdev *rdev,
+ struct rsi_dev_info *rdev_info);
+unsigned long realm_rsi_rdev_get_measurements(struct rdev *rdev,
+ struct rsi_dev_measure_params *mparams);
+unsigned long realm_rsi_rdev_get_info(struct rdev *rdev,
+ struct rsi_dev_info *rdev_info);
+
+#endif /* REALM_DA_HELPERS_H */
diff --git a/realm/include/realm_psi.h b/realm/include/realm_psi.h
index bab2896..173699c 100644
--- a/realm/include/realm_psi.h
+++ b/realm/include/realm_psi.h
@@ -20,8 +20,8 @@
#define PSI_RETURN_TO_PN 2U
/* PSI Commands to return back to P0 */
-#define PSI_P0_CALL RSI_HOST_CALL
-#define PSI_REALM_CONFIG RSI_REALM_CONFIG
+#define PSI_P0_CALL SMC_RSI_HOST_CALL
+#define PSI_REALM_CONFIG SMC_RSI_REALM_CONFIG
#define PSI_CALL_EXIT_PRINT_CMD HOST_CALL_EXIT_PRINT_CMD
#define PSI_CALL_EXIT_SUCCESS_CMD HOST_CALL_EXIT_SUCCESS_CMD
#define PSI_CALL_EXIT_FAILED_CMD HOST_CALL_EXIT_FAILED_CMD
diff --git a/realm/include/realm_rsi.h b/realm/include/realm_rsi.h
index 7139023..a6260e4 100644
--- a/realm/include/realm_rsi.h
+++ b/realm/include/realm_rsi.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2022-2024, Arm Limited. All rights reserved.
+ * Copyright (c) 2022-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -13,8 +13,15 @@
#include <host_shared_data.h>
#include <tftf_lib.h>
-#define SMC_RSI_CALL_BASE 0xC4000190
-#define SMC_RSI_FID(_x) (SMC_RSI_CALL_BASE + (_x))
+#define SMC64_RSI_CALL_BASE (0xC4000190)
+#define SMC64_RSI_FID(_x) (SMC64_RSI_CALL_BASE + (_x))
+
+/*
+ * Defines member of structure and reserves space
+ * for the next member with specified offset.
+ */
+#define SET_MEMBER_RSI SET_MEMBER
+
/*
* This file describes the Realm Services Interface (RSI) Application Binary
* Interface (ABI) for SMC calls made from within the Realm to the RMM and
@@ -62,7 +69,16 @@
/* The operation requested by the command is not complete */
RSI_INCOMPLETE = 3U,
- RSI_ERROR_COUNT
+ /* The operation requested by the command failed for an unknown reason */
+ RSI_ERROR_UNKNOWN = 4U,
+
+ /*
+ * The state of a Realm device does not match the state expected by the
+ * command.
+ */
+ RSI_ERROR_DEVICE = 5U,
+
+ RSI_ERROR_COUNT_MAX
} rsi_status_t;
#define RSI_EXIT_SYNC 0U
@@ -70,21 +86,30 @@
/* Size of Realm Personalization Value */
#define RSI_RPV_SIZE 64U
+/* RsiRealmConfig structure containing realm configuration */
struct rsi_realm_config {
/* IPA width in bits */
- SET_MEMBER(unsigned long ipa_width, 0, 8); /* Offset 0 */
+ SET_MEMBER_RSI(unsigned long ipa_width, 0, 8);
/* Hash algorithm */
- SET_MEMBER(unsigned long algorithm, 8, 0x10); /* Offset 8 */
+ SET_MEMBER_RSI(unsigned char algorithm, 0x8, 0x10);
/* Number of auxiliary Planes */
- SET_MEMBER(unsigned long num_aux_planes, 0x10, 0x200); /* Offset 0x10 */
+ SET_MEMBER_RSI(unsigned long num_aux_planes, 0x10, 0x18);
+ /* GICv3 VGIC Type Register value */
+ SET_MEMBER_RSI(unsigned long gicv3_vtr, 0x18, 0x20);
+ /*
+ * If ATS is enabled, determines the stage 2 translation used by devices
+ * assigned to the Realm
+ */
+ SET_MEMBER_RSI(unsigned long ats_plane, 0x20, 0x200);
+
/* Realm Personalization Value */
- SET_MEMBER(unsigned char rpv[RSI_RPV_SIZE], 0x200, 0x1000); /* Offset 0x200 */
+ SET_MEMBER_RSI(unsigned char rpv[RSI_RPV_SIZE], 0x200, 0x1000);
};
#define RSI_HOST_CALL_NR_GPRS 31U
struct rsi_host_call {
- SET_MEMBER(struct {
+ SET_MEMBER_RSI(struct {
/* Immediate value */
unsigned int imm; /* Offset 0 */
/* Registers */
@@ -93,59 +118,253 @@
};
/*
- * arg0 == struct rsi_host_call address
- * ret0 == Status / error
- */
-#define RSI_HOST_CALL SMC_RSI_FID(9U)
-
-/*
- * arg0: Requested interface version
+ * FID: 0xC4000190
+ *
+ * Returns RSI version.
+ * arg1: Requested interface version
* ret0: Status / error
* ret1: Lower implemented interface revision
* ret2: Higher implemented interface revision
*/
-#define RSI_VERSION SMC_RSI_FID(0U)
+#define SMC_RSI_VERSION SMC64_RSI_FID(U(0x0))
/*
- * arg0 == struct rsi_realm_config address
+ * FID: 0xC4000191
+ *
+ * Returns RSI Feature register requested by index.
+ * arg1: Feature register index
+ * ret0: Status / error
+ * ret1: Feature register value
+ */
+#define SMC_RSI_FEATURES SMC64_RSI_FID(U(0x1))
+
+/*
+ * FID: 0xC4000192
+ *
+ * Returns a measurement.
+ * arg1: Measurement index (0..4), measurement (RIM or REM) to read
+ * ret0: Status / error
+ * ret1: Measurement value, bytes: 0 - 7
+ * ret2: Measurement value, bytes: 8 - 15
+ * ret3: Measurement value, bytes: 16 - 23
+ * ret4: Measurement value, bytes: 24 - 31
+ * ret5: Measurement value, bytes: 32 - 39
+ * ret6: Measurement value, bytes: 40 - 47
+ * ret7: Measurement value, bytes: 48 - 55
+ * ret8: Measurement value, bytes: 56 - 63
+ */
+#define SMC_RSI_MEASUREMENT_READ SMC64_RSI_FID(U(0x2))
+
+/*
+ * FID: 0xC4000193
+ *
+ * Extends a REM.
+ * arg1: Measurement index (1..4), measurement (REM) to extend
+ * arg2: Measurement size in bytes
+ * arg3: Challenge value, bytes: 0 - 7
+ * arg4: Challenge value, bytes: 8 - 15
+ * arg5: Challenge value, bytes: 16 - 23
+ * arg6: Challenge value, bytes: 24 - 31
+ * arg7: Challenge value, bytes: 32 - 39
+ * arg8: Challenge value, bytes: 40 - 47
+ * arg9: Challenge value, bytes: 48 - 55
+ * arg10: Challenge value, bytes: 56 - 63
+ * ret0: Status / error
+ */
+#define SMC_RSI_MEASUREMENT_EXTEND SMC64_RSI_FID(U(0x3))
+
+/*
+ * FID: 0xC4000194
+ *
+ * Initialize the operation to retrieve an attestation token.
+ * arg1: Challenge value, bytes: 0 - 7
+ * arg2: Challenge value, bytes: 8 - 15
+ * arg3: Challenge value, bytes: 16 - 23
+ * arg4: Challenge value, bytes: 24 - 31
+ * arg5: Challenge value, bytes: 32 - 39
+ * arg6: Challenge value, bytes: 40 - 47
+ * arg7: Challenge value, bytes: 48 - 55
+ * arg8: Challenge value, bytes: 56 - 63
+ * ret0: Status / error
+ * ret1: Upper bound on attestation token size in bytes
+ */
+#define SMC_RSI_ATTEST_TOKEN_INIT SMC64_RSI_FID(U(0x4))
+
+/*
+ * FID: 0xC4000195
+ *
+ * Continue the operation to retrieve an attestation token.
+ * arg1: IPA of the Granule to which the token will be written
+ * arg2: Offset within Granule to start of buffer in bytes
+ * arg3: Size of buffer in bytes
+ * ret0: Status / error
+ * ret1: Number of bytes written to buffer
+ */
+#define SMC_RSI_ATTEST_TOKEN_CONTINUE SMC64_RSI_FID(U(0x5))
+
+/*
+ * FID: 0xC4000196
+ *
+ * Read configuration for the current Realm.
+ * arg1 == IPA of the Granule to which the configuration data will be written
* ret0 == Status / error
*/
-#define RSI_REALM_CONFIG SMC_RSI_FID(6U)
+#define SMC_RSI_REALM_CONFIG SMC64_RSI_FID(U(0x6))
/*
- * arg0 == Base IPA address of target region
- * arg1 == Top address of target region
- * arg2 == RIPAS value
- * arg3 == flags
+ * FID: 0xC4000197
+ *
+ * arg1 == Base IPA address of target region
+ * arg2 == Top address of target region
+ * arg3 == RIPAS value
+ * arg4 == flags
* ret0 == Status / error
* ret1 == Base of IPA region which was not modified by the command
* ret2 == RSI response
*/
-#define RSI_IPA_STATE_SET SMC_RSI_FID(7U)
+#define SMC_RSI_IPA_STATE_SET SMC64_RSI_FID(U(0x7))
/*
- * arg0 == Base of target IPA region
- * arg1 == End of target IPA region
+ * FID: 0xC4000198
+ *
+ * arg1 == Base of target IPA region
+ * arg2 == End of target IPA region
* ret0 == Status / error
* ret1 == Top of IPA region which has the reported RIPAS value
* ret2 == RIPAS value
*/
-#define RSI_IPA_STATE_GET SMC_RSI_FID(8U)
+#define SMC_RSI_IPA_STATE_GET SMC64_RSI_FID(U(0x8))
/*
+ * FID: 0xC4000199
+ *
+ * arg1 == IPA of the Host call data structure
* ret0 == Status / error
- * ret1 == Token maximum length
*/
-#define RSI_ATTEST_TOKEN_INIT SMC_RSI_FID(4U)
+#define SMC_RSI_HOST_CALL SMC64_RSI_FID(U(0x9))
/*
- * arg0 == Base of buffer to write the token to
- * arg1 == Offset within the buffer
- * arg2 == Size of the buffer
- * ret0 == Status / error
- * ret1 == Size of received token hunk
+ * TODO: Update the documentation of new FIDs once the 1.1 spec has stabilized.
*/
-#define RSI_ATTEST_TOKEN_CONTINUE SMC_RSI_FID(5U)
+
+/*
+ * FID: 0xC400019A
+ */
+#define SMC_RSI_VSMMU_GET_INFO SMC64_RSI_FID(U(0xA))
+
+/*
+ * FID: 0xC400019B
+ */
+#define SMC_RSI_VSMMU_ACTIVATE SMC64_RSI_FID(U(0xB))
+
+/*
+ * FID: 0xC400019C
+ */
+#define SMC_RSI_RDEV_GET_INSTANCE_ID SMC64_RSI_FID(U(0xC))
+
+/*
+ * FID: 0xC400019D - 0xC400019F are not used.
+ */
+
+/*
+ * FID: 0xC40001A0
+ *
+ * arg1 == plane index
+ * arg2 == perm index
+ *
+ * ret0 == status
+ * ret1 == perm value
+ */
+#define SMC_RSI_MEM_GET_PERM_VALUE SMC64_RSI_FID(U(0x10))
+
+/*
+ * FID: 0xC40001A1
+ *
+ * arg1 == base adr
+ * arg2 == top adr
+ * arg3 == perm index
+ * arg4 == cookie
+ *
+ * ret0 == status
+ * ret1 == new_base
+ * ret2 == response
+ * ret3 == new_cookie
+ */
+#define SMC_RSI_MEM_SET_PERM_INDEX SMC64_RSI_FID(U(0x11))
+
+/*
+ * FID: 0xC40001A2
+ *
+ * arg1 == plane index
+ * arg2 == perm index
+ *
+ * ret0 == status
+ */
+#define SMC_RSI_MEM_SET_PERM_VALUE SMC64_RSI_FID(U(0x12))
+
+/*
+ * FID: 0xC40001A3
+ */
+#define SMC_RSI_PLANE_ENTER SMC64_RSI_FID(U(0x13))
+
+/*
+ * FID: 0xC40001A4
+ */
+#define SMC_RSI_RDEV_CONTINUE SMC64_RSI_FID(U(0x14))
+
+/*
+ * FID: 0xC40001A5
+ */
+#define SMC_RSI_RDEV_GET_INFO SMC64_RSI_FID(U(0x15))
+
+/*
+ * FID: 0xC40001A6
+ */
+#define SMC_RSI_RDEV_GET_INTERFACE_REPORT SMC64_RSI_FID(U(0x16))
+
+/*
+ * FID: 0xC40001A7
+ */
+#define SMC_RSI_RDEV_GET_MEASUREMENTS SMC64_RSI_FID(U(0x17))
+
+/*
+ * FID: 0xC40001A8
+ */
+#define SMC_RSI_RDEV_GET_STATE SMC64_RSI_FID(U(0x18))
+
+/*
+ * FID: 0xC40001A9
+ */
+#define SMC_RSI_RDEV_LOCK SMC64_RSI_FID(U(0x19))
+
+/*
+ * FID: 0xC40001AA
+ */
+#define SMC_RSI_RDEV_START SMC64_RSI_FID(U(0x1A))
+
+/*
+ * FID: 0xC40001AB
+ */
+#define SMC_RSI_RDEV_STOP SMC64_RSI_FID(U(0x1B))
+
+/*
+ * FID: 0xC40001AC
+ */
+#define SMC_RSI_RDEV_VALIDATE_MAPPING SMC64_RSI_FID(U(0x1C))
+
+/*
+ * FID: 0xC40001AD is not used.
+ */
+
+/*
+ * FID: 0xC40001AE
+ */
+#define SMC_RSI_PLANE_REG_READ SMC64_RSI_FID(U(0x1E))
+
+/*
+ * FID: 0xC40001AF
+ */
+#define SMC_RSI_PLANE_REG_WRITE SMC64_RSI_FID(U(0x1F))
typedef enum {
RSI_EMPTY = 0U,
@@ -157,40 +376,175 @@
typedef enum {
RSI_ACCEPT = 0U,
RSI_REJECT
-} rsi_ripas_respose_type;
-
-#define RSI_NO_CHANGE_DESTROYED 0UL
-#define RSI_CHANGE_DESTROYED 1UL
+} rsi_response_type;
/*
- * arg1 == plane index
- * arg2 == perm index
- *
- * ret0 == status
- * ret1 == perm value
+ * RsiRipasChangeDestroyed:
+ * RIPAS change from DESTROYED should not be permitted
*/
-#define RSI_MEM_GET_PERM_VALUE SMC_RSI_FID(0x10U)
+#define RSI_NO_CHANGE_DESTROYED U(0)
+
+/* A RIPAS change from DESTROYED should be permitted */
+#define RSI_CHANGE_DESTROYED U(1)
+
/*
- * arg1 == base adr
- * arg2 == top adr
- * arg3 == perm index
- * arg4 == cookie
- *
- * ret0 == status
- * ret1 == new_base
- * ret2 == response
- * ret3 == new_cookie
+ * RsiFeature
+ * Represents whether a feature is enabled.
+ * Width: 1 bit
*/
-#define RSI_MEM_SET_PERM_INDEX SMC_RSI_FID(0x11U)
+#define RSI_FEATURE_FALSE U(0)
+#define RSI_FEATURE_TRUE U(1)
/*
- * arg1 == plane index
- * arg2 == perm index
- *
- * ret0 == status
+ * RsiFeatureRegister0
+ * Fieldset contains feature register 0
+ * Width: 64 bits
*/
-#define RSI_MEM_SET_PERM_VALUE SMC_RSI_FID(0x12U)
+#define RSI_FEATURE_REGISTER_0_INDEX UL(0)
+#define RSI_FEATURE_REGISTER_0_DA_SHIFT UL(0)
+#define RSI_FEATURE_REGISTER_0_DA_WIDTH UL(1)
+#define RSI_FEATURE_REGISTER_0_MRO_SHIFT UL(1)
+#define RSI_FEATURE_REGISTER_0_MRO_WIDTH UL(1)
+#define RSI_FEATURE_REGISTER_0_ATS_SHIFT UL(2)
+#define RSI_FEATURE_REGISTER_0_ATS_WIDTH UL(1)
+
+/*
+ * RsiDevMemShared
+ * Represents whether an device memory mapping is shared.
+ * Width: 1 bit
+ */
+#define RSI_DEV_MEM_MAPPING_PRIVATE U(0)
+#define RSI_DEV_MEM_MAPPING_SHARED U(1)
+
+/*
+ * RsiDevMemCoherent
+ * Represents whether a device memory location is within the system coherent
+ * memory space.
+ * Width: 1 bit
+ */
+#define RSI_DEV_MEM_NON_COHERENT U(0)
+#define RSI_DEV_MEM_COHERENT U(1)
+
+/*
+ * RsiRdevValidateIoFlags
+ * Fieldset contains flags provided when requesting validation of an IO mapping.
+ * Width: 64 bits
+ */
+/* RsiDevMemShared: Bits 0 to 1 */
+#define RSI_RDEV_VALIDATE_IO_FLAGS_SHARE_SHIFT UL(0)
+#define RSI_RDEV_VALIDATE_IO_FLAGS_SHARE_WIDTH UL(1)
+/* RsiDevMemCoherent: Bits 1 to 2 */
+#define RSI_RDEV_VALIDATE_IO_FLAGS_COH_SHIFT UL(1)
+#define RSI_RDEV_VALIDATE_IO_FLAGS_COH_WIDTH UL(1)
+
+/*
+ * RsiDeviceState
+ * This enumeration represents state of an assigned Realm device.
+ * Width: 64 bits.
+ */
+#define RSI_RDEV_STATE_UNLOCKED U(0)
+#define RSI_RDEV_STATE_UNLOCKED_BUSY U(1)
+#define RSI_RDEV_STATE_LOCKED U(2)
+#define RSI_RDEV_STATE_LOCKED_BUSY U(3)
+#define RSI_RDEV_STATE_STARTED U(4)
+#define RSI_RDEV_STATE_STARTED_BUSY U(5)
+#define RSI_RDEV_STATE_STOPPING U(6)
+#define RSI_RDEV_STATE_STOPPED U(7) /* unused will be removed */
+#define RSI_RDEV_STATE_ERROR U(8)
+
+/*
+ * RsiDevFlags
+ * Fieldset contains flags which describe properties of a device.
+ * Width: 64 bits
+ */
+#define RSI_DEV_FLAGS_P2P_SHIFT UL(0)
+#define RSI_DEV_FLAGS_P2P_WIDTH UL(1)
+
+/*
+ * RsiDevAttestType
+ * This enumeration represents attestation type of a device.
+ * Width: 64 bits.
+ */
+#define RSI_DEV_ATTEST_TYPE_INDEPENDENTLY_ATTESTED U(0)
+#define RSI_DEV_ATTEST_TYPE_PLATFORM_ATTESTED U(1)
+
+/*
+ * RsiDevInfo
+ * Contains device configuration information.
+ * Width: 512 (0x200) bytes.
+ */
+struct rsi_dev_info {
+ /* RsiDevFlags: Flags */
+ SET_MEMBER_RSI(unsigned long flags, 0, 0x8);
+ /* RsiDevAttestType: Attestation type */
+ SET_MEMBER_RSI(unsigned long attest_type, 0x8, 0x10);
+ /* UInt64: Certificate identifier */
+ SET_MEMBER_RSI(unsigned long cert_id, 0x10, 0x18);
+ /* RsiHashAlgorithm: Algorithm used to generate device digests */
+ SET_MEMBER_RSI(unsigned char hash_algo, 0x18, 0x40);
+
+ /* Bits512: Certificate digest */
+ SET_MEMBER_RSI(unsigned char cert_digest[64], 0x40, 0x80);
+ /* Bits512: Measurement block digest */
+ SET_MEMBER_RSI(unsigned char meas_digest[64], 0x80, 0xc0);
+ /* Bits512: Interface report digest */
+ SET_MEMBER_RSI(unsigned char report_digest[64], 0xc0, 0x200);
+};
+
+/*
+ * RsiDevMeasureAll
+ * Represents whether all device measurements should be returned.
+ * Width: 1 bit
+ */
+#define RSI_DEV_MEASURE_NOT_ALL U(0)
+#define RSI_DEV_MEASURE_ALL U(1)
+
+/*
+ * RsiDevMeasureSigned
+ * Represents whether a device measurement is signed.
+ * Width: 1 bit
+ */
+#define RSI_DEV_MEASURE_NOT_SIGNED U(0)
+#define RSI_DEV_MEASURE_SIGNED U(1)
+
+/*
+ * RsiDevMeasureRaw
+ * Represents whether a device measurement is a raw bitstream.
+ * Width: 1 bit
+ */
+#define RSI_DEV_MEASURE_NOT_RAW U(0)
+#define RSI_DEV_MEASURE_RAW U(1)
+
+/*
+ * RsiDevMeasureFlags
+ * Fieldset contains flags which describe properties of device measurements.
+ * Width: 64 bits
+ */
+/* RsiDevMeasureAll */
+#define RSI_DEV_MEASURE_FLAGS_ALL_SHIFT U(0)
+#define RSI_DEV_MEASURE_FLAGS_ALL_WIDTH U(1)
+/* RsiDevMeasureSigned */
+#define RSI_DEV_MEASURE_FLAGS_SIGNED_SHIFT U(1)
+#define RSI_DEV_MEASURE_FLAGS_SIGNED_WIDTH U(1)
+/* RsiDevMeasureRaw */
+#define RSI_DEV_MEASURE_FLAGS_RAW_SHIFT U(2)
+#define RSI_DEV_MEASURE_FLAGS_RAW_WIDTH U(1)
+
+/*
+ * RsiDevMeasureParams
+ * This structure contains device measurement parameters.
+ * Width: 4096 (0x1000) bytes.
+ */
+struct rsi_dev_measure_params {
+ /* RsiDevMeasureFlags: Properties of device measurements */
+ SET_MEMBER_RSI(unsigned long flags, 0, 0x8);
+
+ /* RsiBoolean[256]: Measurement indices */
+ SET_MEMBER_RSI(unsigned char indices[32], 0x100, 0x200);
+ /* RsiBoolean[256]: Nonce value used in measurement requests */
+ SET_MEMBER_RSI(unsigned char nonce[32], 0x200, 0x1000);
+};
#define RSI_PLANE_NR_GPRS 31U
#define RSI_PLANE_GIC_NUM_LRS 16U
@@ -312,13 +666,13 @@
u_register_t *response,
u_register_t *new_cookie);
-/* Request RIPAS of a target IPA range to be changed to a specified value. */
+/* Request RIPAS of a target IPA range to be changed to a specified value */
u_register_t rsi_ipa_state_set(u_register_t base,
u_register_t top,
rsi_ripas_type ripas,
u_register_t flag,
u_register_t *new_base,
- rsi_ripas_respose_type *response);
+ rsi_response_type *response);
/* Request RIPAS of a target IPA range */
u_register_t rsi_ipa_state_get(u_register_t base,
@@ -329,6 +683,10 @@
/* This function return RSI_ABI_VERSION */
u_register_t rsi_get_version(u_register_t req_ver);
+/* This function returns RSI feature register at 'feature_reg_index' */
+u_register_t rsi_features(u_register_t feature_reg_index,
+ u_register_t *feature_reg_value_ret);
+
/* This function will initialize the attestation context */
u_register_t rsi_attest_token_init(u_register_t challenge_0,
u_register_t challenge_1,
@@ -355,4 +713,29 @@
/* Function to enter aux plane. See RSI_PLANE_ENTER */
u_register_t rsi_plane_enter(u_register_t plane_index, u_register_t run);
+u_register_t rsi_rdev_get_instance_id(u_register_t rdev_id,
+ u_register_t *rdev_inst_id);
+
+u_register_t rsi_rdev_get_state(u_register_t rdev_id, u_register_t rdev_inst_id,
+ u_register_t *rdev_rsi_state);
+
+u_register_t rsi_rdev_get_measurements(u_register_t rdev_id,
+ u_register_t rdev_inst_id,
+ u_register_t meas_params_ptr);
+
+u_register_t rsi_rdev_get_info(u_register_t rdev_id, u_register_t rdev_inst_id,
+ u_register_t rdev_info_ptr);
+
+u_register_t rsi_rdev_lock(u_register_t rdev_id, u_register_t rdev_inst_id);
+
+u_register_t rsi_rdev_get_interface_report(u_register_t rdev_id,
+ u_register_t rdev_inst_id,
+ u_register_t tdisp_version_max);
+
+u_register_t rsi_rdev_start(u_register_t rdev_id, u_register_t rdev_inst_id);
+
+u_register_t rsi_rdev_stop(u_register_t rdev_id, u_register_t rdev_inst_id);
+
+u_register_t rsi_rdev_continue(u_register_t rdev_id, u_register_t rdev_inst_id);
+
#endif /* REALM_RSI_H */
diff --git a/realm/include/realm_tests.h b/realm/include/realm_tests.h
index 4988f52..4ed3367 100644
--- a/realm/include/realm_tests.h
+++ b/realm/include/realm_tests.h
@@ -33,6 +33,6 @@
bool test_realm_attestation_fault(void);
bool test_realm_mpam_undef_abort(void);
bool test_realm_write_brbcr_el1_reg(void);
+bool test_realm_da_rsi_calls(void);
#endif /* REALM_TESTS_H */
-
diff --git a/realm/realm.mk b/realm/realm.mk
index d9c1bec..11e6a47 100644
--- a/realm/realm.mk
+++ b/realm/realm.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2022-2023, Arm Limited. All rights reserved.
+# Copyright (c) 2022-2025, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -27,10 +27,14 @@
aarch64/realm_entrypoint.S \
aarch64/realm_exceptions.S \
realm_attestation.c \
- realm_exception_report.c \
+ realm_brbe_tests.c \
+ realm_da.c \
+ realm_da_helpers.c \
realm_debug.c \
+ realm_exception_report.c \
realm_helpers.c \
realm_interrupt.c \
+ realm_mpam.c \
realm_multiple_rec.c \
realm_pauth.c \
realm_payload_main.c \
@@ -41,8 +45,6 @@
realm_rsi.c \
realm_shared_data.c \
realm_simd.c \
- realm_mpam.c \
- realm_brbe_tests.c \
)
REALM_SOURCES += lib/${ARCH}/cache_helpers.S \
diff --git a/realm/realm_da.c b/realm/realm_da.c
new file mode 100644
index 0000000..c442b21
--- /dev/null
+++ b/realm/realm_da.c
@@ -0,0 +1,115 @@
+/*
+ * Copyright (c) 2025, Arm Limited. All rights reserved.
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <assert.h>
+#include <stdlib.h>
+
+#include <realm_da_helpers.h>
+#include <realm_rsi.h>
+
+#include <arch.h>
+#include <arch_features.h>
+#include <arch_helpers.h>
+#include <debug.h>
+#include <host_shared_data.h>
+#include <sync.h>
+
+static struct rdev gbl_rdev;
+
+/* Measurement parameters */
+static struct rsi_dev_measure_params gbl_rdev_meas_params
+__aligned(GRANULE_SIZE);
+
+/* RDEV info. decice type and attestation evidence digest */
+static struct rsi_dev_info gbl_rdev_info __aligned(GRANULE_SIZE);
+
+/*
+ * If the Realm supports DA feature, this function calls series of RSI RDEV
+ * on the assigned device.
+ *
+ * Returns 'false' on success.
+ */
+bool test_realm_da_rsi_calls(void)
+{
+ struct rdev *rdev;
+ unsigned long rsi_rc;
+ u_register_t rsi_feature_reg0;
+ struct rsi_dev_measure_params *rdev_meas_params;
+ struct rsi_dev_info *rdev_info;
+
+ /* Check if RSI_FEATURES support DA */
+ rsi_rc = rsi_features(RSI_FEATURE_REGISTER_0_INDEX, &rsi_feature_reg0);
+ if (rsi_rc != RSI_SUCCESS) {
+ return false;
+ }
+
+ if (EXTRACT(RSI_FEATURE_REGISTER_0_DA, rsi_feature_reg0) !=
+ RSI_FEATURE_TRUE) {
+ realm_printf("RSI feature DA not supported for current Realm\n");
+ return false;
+ }
+
+ /* Get the global RDEV. Currently only one RDEV is supported */
+ rdev = &gbl_rdev;
+ rdev_meas_params = &gbl_rdev_meas_params;
+ rdev_info = &gbl_rdev_info;
+
+ rsi_rc = realm_rdev_init(rdev, RDEV_ID);
+ if (rdev == NULL) {
+ realm_printf("realm_rdev_init failed\n");
+ return false;
+ }
+
+ rsi_rc = realm_rsi_rdev_get_state(rdev);
+ if (rsi_rc != RSI_SUCCESS) {
+ return false;
+ }
+
+ /* Before lock get_measurement */
+ rsi_rc = realm_rsi_rdev_get_measurements(rdev, rdev_meas_params);
+ if (rsi_rc != RSI_SUCCESS) {
+ return false;
+ }
+
+ rsi_rc = realm_rsi_rdev_lock(rdev);
+ if (rsi_rc != RSI_SUCCESS) {
+ return false;
+ }
+
+ /* After lock get_measurement */
+ rsi_rc = realm_rsi_rdev_get_measurements(rdev, rdev_meas_params);
+ if (rsi_rc != RSI_SUCCESS) {
+ return false;
+ }
+
+ rsi_rc = realm_rsi_rdev_get_interface_report(rdev);
+ if (rsi_rc != RSI_SUCCESS) {
+ return false;
+ }
+
+ /* After meas and ifc_report, get device info */
+ rsi_rc = realm_rsi_rdev_get_info(rdev, rdev_info);
+ if (rsi_rc != RSI_SUCCESS) {
+ return false;
+ }
+
+ /*
+ * Get cached device attestation from Host and verify it with device
+ * attestation digest
+ */
+ (void)realm_verify_device_attestation(rdev, rdev_info);
+
+ rsi_rc = realm_rsi_rdev_start(rdev);
+ if (rsi_rc != RSI_SUCCESS) {
+ return false;
+ }
+
+ rsi_rc = realm_rsi_rdev_stop(rdev);
+ if (rsi_rc != RSI_SUCCESS) {
+ return false;
+ }
+
+ return true;
+}
diff --git a/realm/realm_da_helpers.c b/realm/realm_da_helpers.c
new file mode 100644
index 0000000..2c9fafb
--- /dev/null
+++ b/realm/realm_da_helpers.c
@@ -0,0 +1,235 @@
+/*
+ * Copyright (c) 2025, Arm Limited. All rights reserved.
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <assert.h>
+#include <stdlib.h>
+
+#include <realm_da_helpers.h>
+#include <realm_rsi.h>
+
+#include <arch.h>
+#include <arch_features.h>
+#include <arch_helpers.h>
+#include <debug.h>
+#include <host_shared_data.h>
+#include <sync.h>
+
+/* Get inst id for a known Realm device id RDEV_ID */
+unsigned long realm_rdev_init(struct rdev *rdev, unsigned long rdev_id)
+{
+ u_register_t rsi_rc;
+ u_register_t rdev_inst_id;
+
+ memset(rdev, 0, sizeof(struct rdev));
+ realm_printf("In test_realm_da_rsi_calls\n");
+
+ rsi_rc = rsi_rdev_get_instance_id(rdev_id, &rdev_inst_id);
+ if (rsi_rc != RSI_SUCCESS) {
+ realm_printf("RSI_RDEV_GET_INSTANCE_ID failed: rdev_id: 0x%lx"
+ " rsi_rc: 0x%lx\n", rdev_id, rsi_rc);
+ return rsi_rc;
+ }
+
+ rdev->id = rdev_id;
+ rdev->inst_id = rdev_inst_id;
+
+ realm_printf("RSI_RDEV_GET_INSTANCE_ID: rdev_id: 0x%lx, "
+ "inst_id: 0x%lx\n", rdev_id, rdev_inst_id);
+
+ return RSI_SUCCESS;
+}
+
+unsigned long realm_rsi_rdev_get_state(struct rdev *rdev)
+{
+ u_register_t rdev_rsi_state;
+ unsigned long rsi_rc;
+
+ rsi_rc = rsi_rdev_get_state(rdev->id, rdev->inst_id, &rdev_rsi_state);
+ if (rsi_rc != RSI_SUCCESS) {
+ ERROR("RSI_RDEV_GET_STATE failed 0x%lx\n", rsi_rc);
+ return rsi_rc;
+ }
+
+ INFO("Realm: RSI_RDEV_GET_STATE completed. RDEV state: 0x%lx\n",
+ rdev_rsi_state);
+
+ return RSI_SUCCESS;
+}
+
+int realm_verify_device_attestation(struct rdev *rdev,
+ struct rsi_dev_info *rdev_info)
+{
+ /*
+ * todo: Implement RHI call to get cached device certificate,
+ * measurement from host and verify the digest against RMM
+ */
+ return 0;
+}
+
+unsigned long realm_rsi_rdev_get_info(struct rdev *rdev,
+ struct rsi_dev_info *rdev_info)
+{
+ unsigned long rsi_rc;
+
+ memset(rdev_info, 0, sizeof(struct rsi_dev_info));
+ rsi_rc = rsi_rdev_get_info(rdev->id, rdev->inst_id,
+ (u_register_t)rdev_info);
+ if (rsi_rc != RSI_SUCCESS) {
+ ERROR("RSI_RDEV_GET_INFO failed 0x%lx\n", rsi_rc);
+ return rsi_rc;
+ }
+
+ /* Print RDEV info */
+ INFO("RSI_RDEV_GET_INFO:\n");
+ INFO("\tflags: 0x%lx\n", rdev_info->flags);
+ INFO("\tattest_type: 0x%lx\n", rdev_info->attest_type);
+ INFO("\tcert_id: 0x%lx\n", rdev_info->cert_id);
+ INFO("\thash_algo: 0x%lx\n", rdev_info->hash_algo);
+
+ return RSI_SUCCESS;
+}
+
+unsigned long realm_rsi_rdev_get_measurements(struct rdev *rdev,
+ struct rsi_dev_measure_params *mparams)
+{
+ unsigned long rsi_rc;
+
+ INFO("Realm: Call RSI_RDEV_GET_MEASUREMENTS\n");
+
+ /* Set measurement parameters */
+ memset(mparams, 0, sizeof(struct rsi_dev_measure_params));
+ mparams->flags = (INPLACE(RSI_DEV_MEASURE_FLAGS_ALL,
+ RSI_DEV_MEASURE_ALL) |
+ INPLACE(RSI_DEV_MEASURE_FLAGS_SIGNED,
+ RSI_DEV_MEASURE_NOT_SIGNED) |
+ INPLACE(RSI_DEV_MEASURE_FLAGS_RAW,
+ RSI_DEV_MEASURE_NOT_RAW));
+
+
+ rsi_rc = rsi_rdev_get_measurements(rdev->id, rdev->inst_id,
+ (u_register_t)mparams);
+ if (rsi_rc != RSI_SUCCESS) {
+ ERROR("RSI_RDEV_GET_MEASUREMENTS failed\n");
+ return RSI_ERROR_STATE;
+ }
+
+ INFO("Host Realm: RDEV state after submitting meas request\n");
+ (void)realm_rsi_rdev_get_state(rdev);
+
+ /* Do RSI RDEV continue call */
+ do {
+ rsi_rc = rsi_rdev_continue(rdev->id, rdev->inst_id);
+ } while (rsi_rc == RSI_INCOMPLETE);
+
+ INFO("Host Realm: RDEV state after host completing meas request\n");
+ (void)realm_rsi_rdev_get_state(rdev);
+
+ return rsi_rc;
+}
+
+unsigned long realm_rsi_rdev_lock(struct rdev *rdev)
+{
+ unsigned long rsi_rc;
+
+ INFO("Realm: Call RSI_RDEV_LOCK\n");
+
+ rsi_rc = rsi_rdev_lock(rdev->id, rdev->inst_id);
+ if (rsi_rc != RSI_SUCCESS) {
+ ERROR("RSI_RDEV_LOCK failed\n");
+ return RSI_ERROR_STATE;
+ }
+
+ INFO("Realm: RDEV state after submitting lock request\n");
+ (void)realm_rsi_rdev_get_state(rdev);
+
+ /* Do RSI RDEV continue call */
+ do {
+ rsi_rc = rsi_rdev_continue(rdev->id, rdev->inst_id);
+ } while (rsi_rc == RSI_INCOMPLETE);
+
+ INFO("Realm: RDEV state after host completing lock request\n");
+ (void)realm_rsi_rdev_get_state(rdev);
+
+ return rsi_rc;
+}
+
+unsigned long realm_rsi_rdev_get_interface_report(struct rdev *rdev)
+{
+ unsigned long rsi_rc;
+
+ INFO("Realm: Call RSI_RDEV_GET_IFC_REPORT\n");
+
+ rsi_rc = rsi_rdev_get_interface_report(rdev->id, rdev->inst_id,
+ RDEV_TDISP_VERSION_MAX);
+ if (rsi_rc != RSI_SUCCESS) {
+ ERROR("RSI_RDEV_GET_IFC_REPORT failed\n");
+ return RSI_ERROR_STATE;
+ }
+
+ INFO("Realm: RDEV state after submitting IFC_REPORT request\n");
+ (void)realm_rsi_rdev_get_state(rdev);
+
+ /* Do RSI RDEV continue call */
+ do {
+ rsi_rc = rsi_rdev_continue(rdev->id, rdev->inst_id);
+ } while (rsi_rc == RSI_INCOMPLETE);
+
+ INFO("Realm: RDEV state after host completing IFC_REPORT request\n");
+ (void)realm_rsi_rdev_get_state(rdev);
+
+ return rsi_rc;
+}
+
+unsigned long realm_rsi_rdev_start(struct rdev *rdev)
+{
+ unsigned long rsi_rc;
+
+ INFO("Realm: Call RSI_RDEV_start\n");
+
+ rsi_rc = rsi_rdev_start(rdev->id, rdev->inst_id);
+ if (rsi_rc != RSI_SUCCESS) {
+ ERROR("RSI_RDEV_START failed\n");
+ return RSI_ERROR_STATE;
+ }
+
+ INFO("Realm: RDEV state after submitting start request\n");
+ (void)realm_rsi_rdev_get_state(rdev);
+
+ /* Do RSI RDEV continue call */
+ do {
+ rsi_rc = rsi_rdev_continue(rdev->id, rdev->inst_id);
+ } while (rsi_rc == RSI_INCOMPLETE);
+
+ INFO("Realm: RDEV state after host completing start request\n");
+ (void)realm_rsi_rdev_get_state(rdev);
+
+ return rsi_rc;
+}
+
+unsigned long realm_rsi_rdev_stop(struct rdev *rdev)
+{
+ unsigned long rsi_rc;
+
+ INFO("Realm: Call RSI_RDEV_STOP\n");
+
+ rsi_rc = rsi_rdev_stop(rdev->id, rdev->inst_id);
+ if (rsi_rc != RSI_SUCCESS) {
+ ERROR("RSI_RDEV_STOP failed\n");
+ return RSI_ERROR_STATE;
+ }
+
+ INFO("Realm: RDEV state after submitting stop request\n");
+ (void)realm_rsi_rdev_get_state(rdev);
+
+ /* Do RSI RDEV continue call */
+ do {
+ rsi_rc = rsi_rdev_continue(rdev->id, rdev->inst_id);
+ } while (rsi_rc == RSI_INCOMPLETE);
+
+ INFO("Realm: RDEV state after host completing stop request\n");
+ (void)realm_rsi_rdev_get_state(rdev);
+
+ return rsi_rc;
+}
diff --git a/realm/realm_helpers.c b/realm/realm_helpers.c
index 1887164..e950d3a 100644
--- a/realm/realm_helpers.c
+++ b/realm/realm_helpers.c
@@ -27,7 +27,7 @@
struct rsi_host_call host_cal __aligned(sizeof(struct rsi_host_call));
host_cal.imm = HOST_CALL_GET_SHARED_BUFF_CMD;
- res = tftf_smc(&(smc_args) {RSI_HOST_CALL, (u_register_t)&host_cal,
+ res = tftf_smc(&(smc_args) {SMC_RSI_HOST_CALL, (u_register_t)&host_cal,
0UL, 0UL, 0UL, 0UL, 0UL, 0UL});
if (res.ret0 != RSI_SUCCESS) {
diff --git a/realm/realm_payload_main.c b/realm/realm_payload_main.c
index a18e474..50b78c8 100644
--- a/realm/realm_payload_main.c
+++ b/realm/realm_payload_main.c
@@ -180,7 +180,7 @@
bool test_realm_set_ripas(void)
{
u_register_t ret, base, new_base, top, new_top;
- rsi_ripas_respose_type response;
+ rsi_response_type response;
rsi_ripas_type ripas;
base = realm_shared_data_get_my_host_val(HOST_ARG1_INDEX);
@@ -222,7 +222,7 @@
bool test_realm_reject_set_ripas(void)
{
u_register_t ret, base, top, new_base, new_top;
- rsi_ripas_respose_type response;
+ rsi_response_type response;
rsi_ripas_type ripas;
base = realm_shared_data_get_my_host_val(HOST_ARG1_INDEX);
@@ -630,6 +630,9 @@
case REALM_WRITE_BRBCR_EL1:
test_succeed = test_realm_write_brbcr_el1_reg();
break;
+ case REALM_DA_RSI_CALLS:
+ test_succeed = test_realm_da_rsi_calls();
+ break;
case REALM_PLANE_N_INST_FETCH_ABORT:
test_succeed = test_realm_plane_n_inst_fetch();
break;
diff --git a/realm/realm_plane.c b/realm/realm_plane.c
index a29a1ca..ff42ba9 100644
--- a/realm/realm_plane.c
+++ b/realm/realm_plane.c
@@ -64,7 +64,7 @@
host_cal.imm = exit_code;
host_cal.gprs[0] = plane_num;
host_cal.gprs[1] = read_mpidr_el1();
- res = tftf_smc(&(smc_args) {RSI_HOST_CALL, (u_register_t)&host_cal,
+ res = tftf_smc(&(smc_args) {SMC_RSI_HOST_CALL, (u_register_t)&host_cal,
0UL, 0UL, 0UL, 0UL, 0UL, 0UL});
return res.ret0;
}
diff --git a/realm/realm_rsi.c b/realm/realm_rsi.c
index 4e223ca..163443e 100644
--- a/realm/realm_rsi.c
+++ b/realm/realm_rsi.c
@@ -1,6 +1,6 @@
/*
- * Copyright (c) 2022-2024, Arm Limited. All rights reserved.
+ * Copyright (c) 2022-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -18,7 +18,7 @@
smc_ret_values res = {};
res = tftf_smc(&(smc_args)
- {RSI_VERSION, req_ver, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL});
+ {SMC_RSI_VERSION, req_ver, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL});
if (res.ret0 == SMC_UNKNOWN) {
return SMC_UNKNOWN;
@@ -32,6 +32,22 @@
return res.ret1;
}
+/* This function returns RSI feature register at 'feature_reg_index' */
+u_register_t rsi_features(u_register_t feature_reg_index,
+ u_register_t *feature_reg_value_ret)
+{
+ smc_ret_values res = {};
+
+ res = tftf_smc(&(smc_args) {SMC_RSI_FEATURES, feature_reg_index,
+ 0UL, 0UL, 0UL, 0UL, 0UL, 0UL});
+ /* This command always returns RSI_SUCCESS */
+ if (res.ret0 == RSI_SUCCESS) {
+ *feature_reg_value_ret = res.ret1;
+ }
+
+ return res.ret0;
+}
+
/* This function call Host and request to exit Realm with proper exit code */
u_register_t rsi_exit_to_host(enum host_call_cmd exit_code)
{
@@ -41,7 +57,7 @@
host_cal.imm = exit_code;
host_cal.gprs[0] = realm_get_my_plane_num();
host_cal.gprs[1] = read_mpidr_el1();
- res = tftf_smc(&(smc_args) {RSI_HOST_CALL, (u_register_t)&host_cal,
+ res = tftf_smc(&(smc_args) {SMC_RSI_HOST_CALL, (u_register_t)&host_cal,
0UL, 0UL, 0UL, 0UL, 0UL, 0UL});
return res.ret0;
}
@@ -52,12 +68,12 @@
rsi_ripas_type ripas,
u_register_t flag,
u_register_t *new_base,
- rsi_ripas_respose_type *response)
+ rsi_response_type *response)
{
smc_ret_values res = {};
res = tftf_smc(&(smc_args)
- {RSI_IPA_STATE_SET, base, top, ripas, flag});
+ {SMC_RSI_IPA_STATE_SET, base, top, ripas, flag});
if (res.ret0 == RSI_SUCCESS) {
*new_base = res.ret1;
*response = res.ret2;
@@ -74,7 +90,7 @@
smc_ret_values res = {};
res = tftf_smc(&(smc_args)
- {RSI_IPA_STATE_GET, base, top});
+ {SMC_RSI_IPA_STATE_GET, base, top});
if (res.ret0 == RSI_SUCCESS) {
*out_top = res.ret1;
*ripas = res.ret2;
@@ -96,7 +112,7 @@
smc_ret_values_ext res = {};
tftf_smc_no_retval_x8(&(smc_args_ext) {
- RSI_ATTEST_TOKEN_INIT,
+ SMC_RSI_ATTEST_TOKEN_INIT,
challenge_0,
challenge_1,
challenge_2,
@@ -124,7 +140,7 @@
smc_ret_values res = {};
res = tftf_smc(&(smc_args) {
- RSI_ATTEST_TOKEN_CONTINUE,
+ SMC_RSI_ATTEST_TOKEN_CONTINUE,
buffer_addr,
offset,
buffer_size
@@ -141,7 +157,7 @@
smc_ret_values res = {};
res = tftf_smc(&(smc_args)
- {RSI_REALM_CONFIG, (u_register_t)s});
+ {SMC_RSI_REALM_CONFIG, (u_register_t)s});
return res.ret0;
}
@@ -152,7 +168,7 @@
smc_ret_values res = {};
res = tftf_smc(&(smc_args)
- {RSI_MEM_GET_PERM_VALUE, plane_index, perm_index});
+ {SMC_RSI_MEM_GET_PERM_VALUE, plane_index, perm_index});
if (res.ret0 == RSI_SUCCESS) {
*perm = res.ret1;
}
@@ -166,7 +182,8 @@
smc_ret_values res = {};
res = tftf_smc(&(smc_args)
- {RSI_MEM_SET_PERM_VALUE, plane_index, perm_index, perm});
+ {SMC_RSI_MEM_SET_PERM_VALUE, plane_index, perm_index,
+ perm});
return res.ret0;
}
@@ -181,7 +198,8 @@
smc_ret_values res = {};
res = tftf_smc(&(smc_args)
- {RSI_MEM_SET_PERM_INDEX, base, top, perm_index, cookie});
+ {SMC_RSI_MEM_SET_PERM_INDEX, base, top, perm_index,
+ cookie});
if (res.ret0 == RSI_SUCCESS) {
*new_base = res.ret1;
*response = res.ret2;
@@ -196,7 +214,7 @@
smc_ret_values res = {};
res = tftf_smc(&(smc_args)
- {RSI_PLANE_ENTER, plane_index, plane_run});
+ {SMC_RSI_PLANE_ENTER, plane_index, plane_run});
return res.ret0;
}
@@ -207,7 +225,8 @@
smc_ret_values res = {};
res = tftf_smc(&(smc_args)
- {RSI_PLANE_REG_READ, plane_index, register_encoding});
+ {SMC_RSI_PLANE_REG_READ, plane_index,
+ register_encoding});
if (res.ret0 == RSI_SUCCESS) {
*value = res.ret1;
}
@@ -221,6 +240,130 @@
smc_ret_values res = {};
res = tftf_smc(&(smc_args)
- {RSI_PLANE_REG_WRITE, plane_index, register_encoding, value});
+ {SMC_RSI_PLANE_REG_WRITE, plane_index,
+ register_encoding, value});
+ return res.ret0;
+}
+
+/* This function return instance ID of Realm device */
+u_register_t rsi_rdev_get_instance_id(u_register_t rdev_id,
+ u_register_t *rdev_inst_id)
+{
+ smc_ret_values res = {};
+
+ res = tftf_smc(&(smc_args)
+ {SMC_RSI_RDEV_GET_INSTANCE_ID, rdev_id, 0UL, 0UL, 0UL, 0UL,
+ 0UL, 0UL});
+
+ if (res.ret0 == RSI_SUCCESS) {
+ *rdev_inst_id = res.ret1;
+ }
+
+ return res.ret0;
+}
+
+/* This function return state of the Realm device */
+u_register_t rsi_rdev_get_state(u_register_t rdev_id, u_register_t rdev_inst_id,
+ u_register_t *rdev_rsi_state)
+{
+ smc_ret_values res = {};
+
+ res = tftf_smc(&(smc_args)
+ {SMC_RSI_RDEV_GET_STATE, rdev_id, rdev_inst_id, 0UL, 0UL, 0UL,
+ 0UL, 0UL});
+
+ if (res.ret0 == RSI_SUCCESS) {
+ *rdev_rsi_state = res.ret1;
+ }
+
+ return res.ret0;
+}
+
+/* This function triggers RDEV interruptible operation to get_measurements */
+u_register_t rsi_rdev_get_measurements(u_register_t rdev_id,
+ u_register_t rdev_inst_id,
+ u_register_t meas_params_ptr)
+{
+ smc_ret_values res = {};
+
+ res = tftf_smc(&(smc_args)
+ {SMC_RSI_RDEV_GET_MEASUREMENTS, rdev_id, rdev_inst_id,
+ meas_params_ptr, 0UL, 0UL, 0UL, 0UL});
+
+ return res.ret0;
+}
+
+/* This function triggers RDEV interruptible operation to get_measurements */
+u_register_t rsi_rdev_get_info(u_register_t rdev_id, u_register_t rdev_inst_id,
+ u_register_t rdev_info_ptr)
+{
+ smc_ret_values res = {};
+
+ res = tftf_smc(&(smc_args)
+ {SMC_RSI_RDEV_GET_INFO, rdev_id, rdev_inst_id,
+ rdev_info_ptr, 0UL, 0UL, 0UL, 0UL});
+
+ return res.ret0;
+}
+
+/* This function triggers RDEV interruptible operation to lock */
+u_register_t rsi_rdev_lock(u_register_t rdev_id, u_register_t rdev_inst_id)
+{
+ smc_ret_values res = {};
+
+ res = tftf_smc(&(smc_args)
+ {SMC_RSI_RDEV_LOCK, rdev_id, rdev_inst_id,
+ 0UL, 0UL, 0UL, 0UL, 0UL});
+
+ return res.ret0;
+}
+
+/* This function triggers RDEV interruptible operation to get interface report */
+u_register_t rsi_rdev_get_interface_report(u_register_t rdev_id,
+ u_register_t rdev_inst_id,
+ u_register_t tdisp_version_max)
+{
+ smc_ret_values res = {};
+
+ res = tftf_smc(&(smc_args)
+ {SMC_RSI_RDEV_GET_INTERFACE_REPORT, rdev_id, rdev_inst_id,
+ tdisp_version_max, 0UL, 0UL, 0UL, 0UL});
+
+ return res.ret0;
+}
+
+/* This function triggers RDEV interruptible operation to start */
+u_register_t rsi_rdev_start(u_register_t rdev_id, u_register_t rdev_inst_id)
+{
+ smc_ret_values res = {};
+
+ res = tftf_smc(&(smc_args)
+ {SMC_RSI_RDEV_START, rdev_id, rdev_inst_id,
+ 0UL, 0UL, 0UL, 0UL, 0UL});
+
+ return res.ret0;
+}
+
+/* This function triggers RDEV interruptible operation to stop the TDI */
+u_register_t rsi_rdev_stop(u_register_t rdev_id, u_register_t rdev_inst_id)
+{
+ smc_ret_values res = {};
+
+ res = tftf_smc(&(smc_args)
+ {SMC_RSI_RDEV_STOP, rdev_id, rdev_inst_id,
+ 0UL, 0UL, 0UL, 0UL, 0UL});
+
+ return res.ret0;
+}
+
+/* This function exits the REC to do vdev communicate */
+u_register_t rsi_rdev_continue(u_register_t rdev_id, u_register_t rdev_inst_id)
+{
+ smc_ret_values res = {};
+
+ res = tftf_smc(&(smc_args)
+ {SMC_RSI_RDEV_CONTINUE, rdev_id, rdev_inst_id, 0UL, 0UL,
+ 0UL, 0UL, 0UL});
+
return res.ret0;
}
diff --git a/tftf/tests/runtime_services/host_realm_managment/host_da_helper.c b/tftf/tests/runtime_services/host_realm_managment/host_da_helper.c
index 63c02c2..8bcf370 100644
--- a/tftf/tests/runtime_services/host_realm_managment/host_da_helper.c
+++ b/tftf/tests/runtime_services/host_realm_managment/host_da_helper.c
@@ -7,9 +7,885 @@
#include <stdint.h>
+#include <arch_features.h>
#include <debug.h>
+#include <heap/page_alloc.h>
#include <host_da_helper.h>
#include <host_realm_helper.h>
+#include <host_realm_mem_layout.h>
+#include <pcie_doe.h>
+
+extern struct host_pdev gbl_host_pdev;
+extern struct host_vdev gbl_host_vdev;
+
+static const char * const pdev_state_str[] = {
+ "PDEV_STATE_NEW",
+ "PDEV_STATE_NEEDS_KEY",
+ "PDEV_STATE_HAS_KEY",
+ "PDEV_STATE_READY",
+ "PDEV_STATE_COMMUNICATING",
+ "PDEV_STATE_STOPPED",
+ "RMI_PDEV_STATE_ERROR"
+};
+
+struct host_vdev *find_host_vdev_from_id(unsigned long vdev_id)
+{
+ struct host_vdev *h_vdev = &gbl_host_vdev;
+
+ if (h_vdev->vdev_id == vdev_id) {
+ return h_vdev;
+ }
+
+ return NULL;
+}
+
+struct host_pdev *find_host_pdev_from_pdev_ptr(unsigned long pdev_ptr)
+{
+ struct host_pdev *h_pdev = &gbl_host_pdev;
+
+ if (h_pdev->pdev == (void *)pdev_ptr) {
+ return h_pdev;
+ }
+
+ return NULL;
+}
+
+struct host_vdev *find_host_vdev_from_vdev_ptr(unsigned long vdev_ptr)
+{
+ struct host_vdev *h_vdev = &gbl_host_vdev;
+
+ if (h_vdev->vdev_ptr == (void *)vdev_ptr) {
+ return h_vdev;
+ }
+
+ return NULL;
+}
+
+struct host_pdev *find_host_pdev_from_vdev_ptr(unsigned long vdev_ptr)
+{
+ struct host_vdev *h_vdev = &gbl_host_vdev;
+
+ if (h_vdev->vdev_ptr == (void *)vdev_ptr) {
+ return find_host_pdev_from_pdev_ptr(
+ (unsigned long)h_vdev->pdev_ptr);
+ }
+
+ return NULL;
+}
+
+static int host_pdev_get_state(struct host_pdev *h_pdev, u_register_t *state)
+{
+ u_register_t ret;
+
+ ret = host_rmi_pdev_get_state((u_register_t)h_pdev->pdev, state);
+ if (ret != RMI_SUCCESS) {
+ return -1;
+ }
+ return 0;
+}
+
+static bool is_host_pdev_state(struct host_pdev *h_pdev, u_register_t exp_state)
+{
+ u_register_t cur_state;
+
+ if (host_pdev_get_state(h_pdev, &cur_state) != 0) {
+ return false;
+ }
+
+ if (cur_state != exp_state) {
+ return false;
+ }
+
+ return true;
+}
+
+static int host_vdev_get_state(struct host_vdev *h_vdev, u_register_t *state)
+{
+ u_register_t ret;
+
+ ret = host_rmi_vdev_get_state((u_register_t)h_vdev->vdev_ptr, state);
+ if (ret != RMI_SUCCESS) {
+ return -1;
+ }
+
+ return 0;
+}
+
+int host_pdev_create(struct host_pdev *h_pdev)
+{
+ struct rmi_pdev_params *pdev_params;
+ u_register_t ret;
+ uint32_t i;
+
+ pdev_params = (struct rmi_pdev_params *)page_alloc(PAGE_SIZE);
+ memset(pdev_params, 0, GRANULE_SIZE);
+
+ pdev_params->flags = h_pdev->pdev_flags;
+ pdev_params->cert_id = h_pdev->cert_slot_id;
+ pdev_params->pdev_id = h_pdev->bdf;
+ pdev_params->num_aux = h_pdev->pdev_aux_num;
+ pdev_params->hash_algo = h_pdev->pdev_hash_algo;
+ for (i = 0; i < h_pdev->pdev_aux_num; i++) {
+ pdev_params->aux[i] = (uintptr_t)h_pdev->pdev_aux[i];
+ }
+
+ ret = host_rmi_pdev_create((u_register_t)h_pdev->pdev,
+ (u_register_t)pdev_params);
+ if (ret != RMI_SUCCESS) {
+ return -1;
+ }
+
+ return 0;
+}
+
+static int host_pdev_set_pubkey(struct host_pdev *h_pdev)
+{
+ struct rmi_public_key_params *pubkey_params;
+ u_register_t ret;
+
+ pubkey_params = (struct rmi_public_key_params *)page_alloc(PAGE_SIZE);
+ memset(pubkey_params, 0, GRANULE_SIZE);
+
+ memcpy(pubkey_params->key, h_pdev->public_key, h_pdev->public_key_len);
+ memcpy(pubkey_params->metadata, h_pdev->public_key_metadata,
+ h_pdev->public_key_metadata_len);
+ pubkey_params->key_len = h_pdev->public_key_len;
+ pubkey_params->metadata_len = h_pdev->public_key_metadata_len;
+ pubkey_params->algo = h_pdev->public_key_sig_algo;
+
+ ret = host_rmi_pdev_set_pubkey((u_register_t)h_pdev->pdev,
+ (u_register_t)pubkey_params);
+ if (ret != RMI_SUCCESS) {
+ return -1;
+ }
+
+ return 0;
+}
+
+static int host_pdev_stop(struct host_pdev *h_pdev)
+{
+ u_register_t ret;
+
+ ret = host_rmi_pdev_stop((u_register_t)h_pdev->pdev);
+ if (ret != RMI_SUCCESS) {
+ return -1;
+ }
+
+ return 0;
+}
+
+static int host_pdev_destroy(struct host_pdev *h_pdev)
+{
+ u_register_t ret;
+
+ ret = host_rmi_pdev_destroy((u_register_t)h_pdev->pdev);
+ if (ret != RMI_SUCCESS) {
+ return -1;
+ }
+
+ return 0;
+}
+
+static int host_dev_get_state(struct host_pdev *h_pdev, struct host_vdev *h_vdev,
+ u_register_t *state)
+{
+ if (h_vdev) {
+ return host_vdev_get_state(h_vdev, state);
+ } else {
+ return host_pdev_get_state(h_pdev, state);
+ }
+}
+
+static u_register_t host_rmi_dev_communicate(struct host_pdev *h_pdev,
+ struct host_vdev *h_vdev)
+{
+ if (h_vdev) {
+ return host_rmi_vdev_communicate((u_register_t)h_vdev->pdev_ptr,
+ (u_register_t)h_vdev->vdev_ptr,
+ (u_register_t)
+ h_vdev->dev_comm_data);
+ } else {
+ return host_rmi_pdev_communicate((u_register_t)h_pdev->pdev,
+ (u_register_t)
+ h_pdev->dev_comm_data);
+ }
+}
+
+static int host_pdev_cache_device_object(struct host_pdev *h_pdev,
+ uint8_t dev_obj_id,
+ const uint8_t *dev_obj_buf,
+ unsigned long dev_obj_buf_len)
+{
+ int rc = -1;
+
+ /*
+ * During PDEV communicate only device object of type certificate is
+ * cached
+ */
+ if (dev_obj_id == RMI_DEV_COMM_OBJECT_CERTIFICATE) {
+ if ((h_pdev->cert_chain_len + dev_obj_buf_len) >
+ HOST_PDEV_CERT_LEN_MAX) {
+ return -1;
+ }
+
+ INFO("%s: cache_cert: offset: 0x%lx, len: 0x%lx\n",
+ __func__, h_pdev->cert_chain_len, dev_obj_buf_len);
+
+ memcpy((void *)(h_pdev->cert_chain + h_pdev->cert_chain_len),
+ dev_obj_buf, dev_obj_buf_len);
+ h_pdev->cert_chain_len += dev_obj_buf_len;
+ rc = 0;
+ }
+
+ return rc;
+}
+
+static int host_vdev_cache_device_object(struct host_vdev *h_vdev,
+ uint8_t dev_obj_id,
+ const uint8_t *dev_obj_buf,
+ unsigned long dev_obj_buf_len)
+{
+ int rc = -1;
+
+ /*
+ * During VDEV communicate either measurement or interface report is
+ * cached
+ */
+ if (dev_obj_id == RMI_DEV_COMM_OBJECT_MEASUREMENTS) {
+ if ((h_vdev->meas_len + dev_obj_buf_len) >
+ HOST_VDEV_MEAS_LEN_MAX) {
+ return -1;
+ }
+
+ INFO("%s: cache_meas: offset: 0x%lx, len: 0x%lx\n",
+ __func__, h_vdev->meas_len, dev_obj_buf_len);
+
+ memcpy((void *)(h_vdev->meas + h_vdev->meas_len), dev_obj_buf,
+ dev_obj_buf_len);
+ h_vdev->meas_len += dev_obj_buf_len;
+ rc = 0;
+ } else if (dev_obj_id == RMI_DEV_COMM_OBJECT_INTERFACE_REPORT) {
+ if ((h_vdev->ifc_report_len + dev_obj_buf_len) >
+ HOST_VDEV_IFC_REPORT_LEN_MAX) {
+ return -1;
+ }
+
+ INFO("%s: cache_ifc_report: offset: 0x%lx, len: 0x%lx\n",
+ __func__, h_vdev->ifc_report_len, dev_obj_buf_len);
+
+ memcpy((void *)(h_vdev->ifc_report + h_vdev->ifc_report_len),
+ dev_obj_buf, dev_obj_buf_len);
+ h_vdev->ifc_report_len += dev_obj_buf_len;
+ rc = 0;
+ }
+
+ return rc;
+}
+
+static int host_dev_cache_dev_object(struct host_pdev *h_pdev,
+ struct host_vdev *h_vdev,
+ struct rmi_dev_comm_enter *dcomm_enter,
+ struct rmi_dev_comm_exit *dcomm_exit)
+{
+ unsigned long dev_obj_buf_len;
+ uint8_t *dev_obj_buf;
+ int rc;
+
+ if ((dcomm_exit->cache_rsp_len == 0) ||
+ ((dcomm_exit->cache_rsp_offset + dcomm_exit->cache_rsp_len) >
+ GRANULE_SIZE)) {
+ ERROR("Invalid cache offset/length\n");
+ return -1;
+ }
+
+ dev_obj_buf = (uint8_t *)dcomm_enter->resp_addr +
+ dcomm_exit->cache_rsp_offset;
+ dev_obj_buf_len = dcomm_exit->cache_rsp_len;
+
+ if (h_vdev) {
+ rc = host_vdev_cache_device_object(h_vdev,
+ dcomm_exit->cache_obj_id,
+ dev_obj_buf,
+ dev_obj_buf_len);
+ } else {
+ rc = host_pdev_cache_device_object(h_pdev,
+ dcomm_exit->cache_obj_id,
+ dev_obj_buf,
+ dev_obj_buf_len);
+ }
+
+ if (rc != 0) {
+ ERROR("host_dev_cache_device_object failed\n");
+ }
+
+ return rc;
+}
+
+static int host_pdev_doe_communicate(struct host_pdev *h_pdev,
+ struct rmi_dev_comm_enter *dcomm_enter,
+ struct rmi_dev_comm_exit *dcomm_exit)
+{
+ uint32_t doe_header;
+ size_t resp_len;
+ int rc;
+
+ /* todo: validate DevCommExit flags */
+ if (dcomm_exit->protocol == RMI_DEV_COMM_PROTOCOL_SPDM) {
+ doe_header = DOE_HEADER_1;
+ } else if (dcomm_exit->protocol == RMI_DEV_COMM_PROTOCOL_SECURE_SPDM) {
+ doe_header = DOE_HEADER_2;
+ } else {
+ ERROR("Invalid dev_comm_exit.protocol\n");
+ return -1;
+ }
+
+ resp_len = 0UL;
+ rc = pcie_doe_communicate(doe_header, h_pdev->bdf, h_pdev->doe_cap_base,
+ (void *)dcomm_enter->req_addr,
+ dcomm_exit->req_len,
+ (void *)dcomm_enter->resp_addr, &resp_len);
+
+ /*
+ * Set IoEnter args for next pdev_communicate. Upon
+ * success or error call pdev_communicate
+ */
+ if (rc == 0) {
+ dcomm_enter->status = RMI_DEV_COMM_ENTER_STATUS_RESPONSE;
+ dcomm_enter->resp_len = resp_len;
+ } else {
+ dcomm_enter->status = RMI_DEV_COMM_ENTER_STATUS_ERROR;
+ dcomm_enter->resp_len = 0;
+ rc = -1;
+ }
+
+ return rc;
+}
+
+/*
+ * Call either PDEV or VDEV communicate until the target state is reached for
+ * either PDEV or VDEV
+ */
+static int host_dev_communicate(struct host_pdev *h_pdev,
+ struct host_vdev *h_vdev,
+ unsigned char target_state)
+{
+ int rc;
+ u_register_t state;
+ u_register_t error_state;
+ u_register_t ret;
+ struct rmi_dev_comm_enter *dcomm_enter;
+ struct rmi_dev_comm_exit *dcomm_exit;
+
+ if (h_vdev) {
+ dcomm_enter = &h_vdev->dev_comm_data->enter;
+ dcomm_exit = &h_vdev->dev_comm_data->exit;
+
+ error_state = RMI_VDEV_STATE_ERROR;
+ } else {
+ dcomm_enter = &h_pdev->dev_comm_data->enter;
+ dcomm_exit = &h_pdev->dev_comm_data->exit;
+
+ error_state = RMI_PDEV_STATE_ERROR;
+ }
+
+ dcomm_enter->status = RMI_DEV_COMM_ENTER_STATUS_NONE;
+ dcomm_enter->resp_len = 0;
+
+ rc = host_dev_get_state(h_pdev, h_vdev, &state);
+ if (rc != 0) {
+ return rc;
+ }
+
+ do {
+ ret = host_rmi_dev_communicate(h_pdev, h_vdev);
+ if (ret != RMI_SUCCESS) {
+ ERROR("rmi_pdev_communicate failed\n");
+ rc = -1;
+ break;
+ }
+
+ /*
+ * If cache is set, then response buffer has the device object
+ * to be cached.
+ */
+ if (EXTRACT(RMI_DEV_COMM_EXIT_FLAGS_CACHE_RSP,
+ dcomm_exit->flags)) {
+ rc = host_dev_cache_dev_object(h_pdev, h_vdev,
+ dcomm_enter, dcomm_exit);
+ if (rc != 0) {
+ ERROR("host_dev_cache_dev_object failed\n");
+ break;
+ }
+ }
+
+ /* Send request to PDEV's DOE and get response */
+ if (EXTRACT(RMI_DEV_COMM_EXIT_FLAGS_SEND, dcomm_exit->flags)) {
+ rc = host_pdev_doe_communicate(h_pdev, dcomm_enter,
+ dcomm_exit);
+ if (rc != 0) {
+ ERROR("host_pdev_doe_communicate failed\n");
+ break;
+ }
+ }
+
+ rc = host_dev_get_state(h_pdev, h_vdev, &state);
+ if (rc != 0) {
+ break;
+ }
+ } while ((state != target_state) && (state != error_state));
+
+ return rc;
+}
+
+/*
+ * Invoke RMI handler to transition PDEV state to 'to_state'
+ */
+int host_pdev_transition(struct host_pdev *h_pdev,
+ unsigned char to_state)
+{
+ int rc;
+
+ switch (to_state) {
+ case RMI_PDEV_STATE_NEW:
+ rc = host_pdev_create(h_pdev);
+ break;
+ case RMI_PDEV_STATE_NEEDS_KEY:
+ /* Reset cached cert_chain */
+ h_pdev->cert_chain_len = 0UL;
+ rc = host_dev_communicate(h_pdev, NULL,
+ RMI_PDEV_STATE_NEEDS_KEY);
+ break;
+ case RMI_PDEV_STATE_HAS_KEY:
+ rc = host_pdev_set_pubkey(h_pdev);
+ break;
+ case RMI_PDEV_STATE_READY:
+ rc = host_dev_communicate(h_pdev, NULL, RMI_PDEV_STATE_READY);
+ break;
+ case RMI_PDEV_STATE_STOPPING:
+ rc = host_pdev_stop(h_pdev);
+ break;
+ case RMI_PDEV_STATE_STOPPED:
+ rc = host_dev_communicate(h_pdev, NULL, RMI_PDEV_STATE_STOPPED);
+ break;
+ default:
+ rc = -1;
+ }
+
+ if (rc != 0) {
+ ERROR("RMI command failed\n");
+ return rc;
+ }
+
+ if (!is_host_pdev_state(h_pdev, to_state)) {
+ ERROR("PDEV state not [%s]\n", pdev_state_str[to_state]);
+ return -1;
+ }
+
+ return 0;
+}
+
+/*
+ * Allocate granules needed for a PDEV object like device communication data,
+ * response buffer, PDEV AUX granules and memory required to store cert_chain
+ */
+int host_pdev_setup(struct host_pdev *h_pdev)
+{
+ u_register_t ret, count;
+ int i;
+
+ memset(h_pdev, 0, sizeof(struct host_pdev));
+
+ /* Allocate granule for PDEV and delegate */
+ h_pdev->pdev = page_alloc(PAGE_SIZE);
+ if (h_pdev->pdev == NULL) {
+ return -1;
+ }
+
+ memset(h_pdev->pdev, 0, GRANULE_SIZE);
+ ret = host_rmi_granule_delegate((u_register_t)h_pdev->pdev);
+ if (ret != RMI_SUCCESS) {
+ ERROR("PDEV delegate failed 0x%lx\n", ret);
+ goto err_undelegate_pdev;
+ }
+
+ /*
+ * Off chip PCIe device - set flags as non coherent device protected by
+ * end to end IDE, with SPDM.
+ */
+ h_pdev->pdev_flags = (INPLACE(RMI_PDEV_FLAGS_SPDM, RMI_PDEV_SPDM_TRUE) |
+ INPLACE(RMI_PDEV_FLAGS_IDE, RMI_PDEV_IDE_TRUE) |
+ INPLACE(RMI_PDEV_FLAGS_COHERENT,
+ RMI_PDEV_COHERENT_FALSE));
+
+ /* Get num of aux granules required for this PDEV */
+ ret = host_rmi_pdev_aux_count(h_pdev->pdev_flags, &count);
+ if (ret != RMI_SUCCESS) {
+ ERROR("host_rmi_pdev_aux_count() failed 0x%lx\n", ret);
+ return -1;
+ }
+ h_pdev->pdev_aux_num = count;
+
+ /* Allocate aux granules for PDEV and delegate */
+ INFO("PDEV create requires %u aux pages\n", h_pdev->pdev_aux_num);
+ for (i = 0; i < h_pdev->pdev_aux_num; i++) {
+ void *pdev_aux = page_alloc(PAGE_SIZE);
+
+ if (pdev_aux == NULL) {
+ goto err_undelegate_pdev_aux;
+ }
+
+ ret = host_rmi_granule_delegate((u_register_t)pdev_aux);
+ if (ret != RMI_SUCCESS) {
+ ERROR("Aux granule delegate failed 0x%lx\n", ret);
+ goto err_undelegate_pdev;
+ }
+
+ h_pdev->pdev_aux[i] = pdev_aux;
+ }
+
+ /* Allocate dev_comm_data and send/recv buffer for Dev communication */
+ h_pdev->dev_comm_data = (struct rmi_dev_comm_data *)page_alloc(PAGE_SIZE);
+ if (h_pdev->dev_comm_data == NULL) {
+ goto err_undelegate_pdev_aux;
+ }
+
+ memset(h_pdev->dev_comm_data, 0, sizeof(struct rmi_dev_comm_data));
+
+ h_pdev->dev_comm_data->enter.req_addr = (unsigned long)
+ page_alloc(PAGE_SIZE);
+ if (h_pdev->dev_comm_data->enter.req_addr == 0UL) {
+ goto err_undelegate_pdev_aux;
+ }
+
+ h_pdev->dev_comm_data->enter.resp_addr = (unsigned long)
+ page_alloc(PAGE_SIZE);
+ if (h_pdev->dev_comm_data->enter.resp_addr == 0UL) {
+ goto err_undelegate_pdev_aux;
+ }
+
+ /* Allocate buffer to cache device certificate */
+ h_pdev->cert_slot_id = 0;
+ h_pdev->cert_chain = (uint8_t *)page_alloc(HOST_PDEV_CERT_LEN_MAX);
+ h_pdev->cert_chain_len = 0;
+ if (h_pdev->cert_chain == NULL) {
+ goto err_undelegate_pdev_aux;
+ }
+
+ /* Allocate buffer to store extracted public key */
+ h_pdev->public_key = (void *)page_alloc(PAGE_SIZE);
+ if (h_pdev->public_key == NULL) {
+ goto err_undelegate_pdev_aux;
+ }
+ h_pdev->public_key_len = PAGE_SIZE;
+
+ /* Allocate buffer to store public key metadata */
+ h_pdev->public_key_metadata = (void *)page_alloc(PAGE_SIZE);
+ if (h_pdev->public_key_metadata == NULL) {
+ goto err_undelegate_pdev_aux;
+ }
+
+ h_pdev->public_key_metadata_len = PAGE_SIZE;
+
+ /* Set algorithm to use for device digests */
+ h_pdev->pdev_hash_algo = RMI_HASH_SHA_512;
+
+ return 0;
+
+err_undelegate_pdev_aux:
+ /* Undelegate all the delegated pages */
+ for (int i = 0; i < h_pdev->pdev_aux_num; i++) {
+ if (h_pdev->pdev_aux[i]) {
+ host_rmi_granule_undelegate((u_register_t)
+ h_pdev->pdev_aux[i]);
+ }
+ }
+
+err_undelegate_pdev:
+ host_rmi_granule_undelegate((u_register_t)h_pdev->pdev);
+
+ return -1;
+}
+
+
+/*
+ * Stop PDEV and ternimate secure session and call PDEV destroy
+ */
+int host_pdev_reclaim(struct host_pdev *h_pdev)
+{
+ u_register_t ret;
+ int rc, result = 0;
+
+ /* Move the device to STOPPING state */
+ rc = host_pdev_transition(h_pdev, RMI_PDEV_STATE_STOPPING);
+ if (rc != 0) {
+ ERROR("PDEV transition: to PDEV_STATE_STOPPING failed\n");
+ result = -1;
+ }
+
+ /* Do pdev_communicate to terminate secure session */
+ rc = host_pdev_transition(h_pdev, RMI_PDEV_STATE_STOPPED);
+ if (rc != 0) {
+ ERROR("PDEV transition: to PDEV_STATE_STOPPED failed\n");
+ result = -1;
+ }
+
+ rc = host_pdev_destroy(h_pdev);
+ if (rc != 0) {
+ ERROR("PDEV transition: to STATE_NULL failed\n");
+ result = -1;
+ }
+
+ /* Undelegate all aux granules */
+ for (int i = 0; i < h_pdev->pdev_aux_num; i++) {
+ ret = host_rmi_granule_undelegate((u_register_t)h_pdev->pdev_aux[i]);
+ if (ret != RMI_SUCCESS) {
+ ERROR("Aux granule undelegate failed 0x%lx\n", ret);
+ result = -1;
+ }
+ }
+
+ /* Undelegate PDEV granule */
+ ret = host_rmi_granule_undelegate((u_register_t)h_pdev->pdev);
+ if (ret != RMI_SUCCESS) {
+ ERROR("PDEV undelegate failed 0x%lx\n", ret);
+ result = -1;
+ }
+
+ return result;
+}
+
+int host_create_realm_with_feat_da(struct realm *realm)
+{
+ u_register_t feature_flag = 0UL;
+ long sl = RTT_MIN_LEVEL;
+ u_register_t rec_flag[1] = {RMI_RUNNABLE};
+
+ if (is_feat_52b_on_4k_2_supported() == true) {
+ feature_flag = RMI_FEATURE_REGISTER_0_LPA2;
+ sl = RTT_MIN_LEVEL_LPA2;
+ }
+
+ feature_flag |= RMI_FEATURE_REGISTER_0_DA_EN;
+
+ /* Initialise Realm payload */
+ if (!host_create_activate_realm_payload(realm,
+ (u_register_t)REALM_IMAGE_BASE,
+ feature_flag, 0UL, sl,
+ rec_flag, 1U, 0U)) {
+ return -1;
+ }
+
+ return 0;
+}
+
+/*
+ * Allocate granules needed for a VDEV object like device communication data,
+ * response buffer, VDEV AUX granules and memory required to device
+ * measurements, interface report.
+ */
+static int host_vdev_setup(struct host_pdev *h_pdev, struct host_vdev *h_vdev)
+{
+ u_register_t ret;
+
+ memset(h_vdev, 0, sizeof(struct host_vdev));
+
+ /*
+ * Currently assigning one device is supported, for more than one device
+ * the VMM view of vdev_id and Realm view of device_id must match.
+ */
+ h_vdev->vdev_id = 0UL;
+ h_vdev->tdi_id = h_pdev->bdf;
+ h_vdev->flags = 0UL;
+ h_vdev->pdev_ptr = h_pdev->pdev;
+
+ /* Allocate granule for VDEV and delegate */
+ h_vdev->vdev_ptr = (void *)page_alloc(PAGE_SIZE);
+ if (h_vdev->vdev_ptr == NULL) {
+ return -1;
+ }
+
+ memset(h_vdev->vdev_ptr, 0, GRANULE_SIZE);
+ ret = host_rmi_granule_delegate((u_register_t)h_vdev->vdev_ptr);
+ if (ret != RMI_SUCCESS) {
+ ERROR("VDEV delegate failed 0x%lx\n", ret);
+ return -1;
+ }
+
+ /* Allocate dev_comm_data and send/recv buffer for Dev communication */
+ h_vdev->dev_comm_data = (struct rmi_dev_comm_data *)page_alloc(PAGE_SIZE);
+ if (h_vdev->dev_comm_data == NULL) {
+ goto err_undel_vdev;
+ }
+ memset(h_vdev->dev_comm_data, 0, sizeof(struct rmi_dev_comm_data));
+ h_vdev->dev_comm_data->enter.req_addr = (unsigned long)
+ page_alloc(PAGE_SIZE);
+ if (h_vdev->dev_comm_data->enter.req_addr == 0UL) {
+ goto err_undel_vdev;
+ }
+
+ h_vdev->dev_comm_data->enter.resp_addr = (unsigned long)
+ page_alloc(PAGE_SIZE);
+ if (h_vdev->dev_comm_data->enter.resp_addr == 0UL) {
+ goto err_undel_vdev;
+ }
+
+ /* Allocate buffer to cache device measurements */
+ h_vdev->meas = (uint8_t *)page_alloc(HOST_VDEV_MEAS_LEN_MAX);
+ if (h_vdev->meas == NULL) {
+ goto err_undel_vdev;
+ }
+
+ h_vdev->meas_len = 0;
+
+ /* Allocate buffer to cache device interface report */
+ h_vdev->ifc_report = (uint8_t *)page_alloc(HOST_VDEV_IFC_REPORT_LEN_MAX);
+ h_vdev->ifc_report_len = 0;
+ if (h_vdev->ifc_report == NULL) {
+ goto err_undel_vdev;
+ }
+
+ return 0;
+
+err_undel_vdev:
+ host_rmi_granule_undelegate((u_register_t)h_vdev->vdev_ptr);
+ return -1;
+}
+
+int host_assign_vdev_to_realm(struct realm *realm,
+ struct host_pdev *h_pdev,
+ struct host_vdev *h_vdev)
+{
+ struct rmi_vdev_params *vdev_params;
+ u_register_t ret;
+ int rc;
+
+ rc = host_vdev_setup(h_pdev, h_vdev);
+ if (rc != 0) {
+ return rc;
+ }
+
+ /* Create vdev and bind it to the Realm */
+ vdev_params = (struct rmi_vdev_params *)page_alloc(PAGE_SIZE);
+ memset(vdev_params, 0, PAGE_SIZE);
+
+ /*
+ * Currently assigning one device is supported, for more than one device
+ * the VMM view of vdev_id and Realm view of device_id must match.
+ */
+ vdev_params->vdev_id = 0UL;
+
+ /*
+ * This is TDI id, this must be same as PDEV ID for assigning the whole
+ * device.
+ */
+ vdev_params->tdi_id = h_pdev->bdf;
+
+ vdev_params->flags = h_vdev->flags;
+ vdev_params->num_aux = 0UL;
+
+ ret = host_rmi_vdev_create(realm->rd, (u_register_t)h_pdev->pdev,
+ (u_register_t)h_vdev->vdev_ptr,
+ (u_register_t)vdev_params);
+ if (ret != RMI_SUCCESS) {
+ ERROR("VDEV create failed\n");
+ return -1;
+ }
+
+ return 0;
+}
+
+int host_unassign_vdev_from_realm(struct realm *realm,
+ struct host_pdev *h_pdev,
+ struct host_vdev *h_vdev)
+{
+ u_register_t ret, state;
+ int rc;
+
+ ret = host_rmi_vdev_stop((u_register_t)h_vdev->vdev_ptr);
+ if (ret != RMI_SUCCESS) {
+ ERROR("VDEV stop failed\n");
+ return -1;
+ }
+
+ rc = host_vdev_get_state(h_vdev, &state);
+ if (rc != 0) {
+ ERROR("VDEV get_state failed\n");
+ return rc;
+ }
+
+ if (state != RMI_VDEV_STATE_STOPPING) {
+ ERROR("VDEV not in STOPPING state\n");
+ return -1;
+ }
+
+ /* Do VDEV communicate to move VDEV from STOPPING to STOPPED state */
+ rc = host_dev_communicate(h_pdev, h_vdev, RMI_VDEV_STATE_STOPPED);
+ if (rc != 0) {
+ ERROR("VDEV STOPPING -> STOPPED failed\n");
+ return rc;
+ }
+
+ ret = host_rmi_vdev_destroy(realm->rd, (u_register_t)h_pdev->pdev,
+ (u_register_t)h_vdev->vdev_ptr);
+ if (ret != RMI_SUCCESS) {
+ ERROR("VDEV destroy failed\n");
+ return -1;
+ }
+
+ ret = host_rmi_granule_undelegate((u_register_t)(u_register_t)h_vdev->vdev_ptr);
+ if (ret != RMI_SUCCESS) {
+ ERROR("VDEV undelegate failed\n");
+ return -1;
+ }
+
+ return 0;
+}
+
+void host_do_vdev_complete(u_register_t rec_ptr, unsigned long vdev_id)
+{
+ struct host_vdev *h_vdev;
+ u_register_t ret;
+
+ h_vdev = find_host_vdev_from_id(vdev_id);
+ if (h_vdev == NULL) {
+ return;
+ }
+
+ /* Complete the VDEV request */
+ ret = host_rmi_vdev_complete(rec_ptr, (u_register_t)h_vdev->vdev_ptr);
+ if (ret != RMI_SUCCESS) {
+ ERROR("Handling VDEV request failed\n");
+ }
+}
+
+void host_do_vdev_communicate(u_register_t vdev_ptr, unsigned long vdev_action)
+{
+ struct host_vdev *h_vdev;
+ struct host_pdev *h_pdev;
+ int rc;
+
+ h_vdev = find_host_vdev_from_vdev_ptr(vdev_ptr);
+ if (h_vdev == NULL) {
+ return;
+ }
+
+ /* Reset cached measurement/interface report */
+ if (vdev_action == RMI_VDEV_ACTION_GET_MEASUREMENTS) {
+ h_vdev->meas_len = 0UL;
+ } else if (vdev_action == RMI_DEV_COMM_OBJECT_INTERFACE_REPORT) {
+ h_vdev->ifc_report_len = 0UL;
+ }
+
+ h_pdev = find_host_pdev_from_vdev_ptr(vdev_ptr);
+ if (h_pdev == NULL) {
+ return;
+ }
+
+ rc = host_dev_communicate(h_pdev, h_vdev, RMI_VDEV_STATE_READY);
+ if (rc != 0) {
+ ERROR("Handling VDEV communicate failed\n");
+ }
+}
u_register_t host_dev_mem_map(struct realm *realm, u_register_t dev_pa,
long map_level, u_register_t *dev_ipa)
diff --git a/tftf/tests/runtime_services/host_realm_managment/host_realm_helper.c b/tftf/tests/runtime_services/host_realm_managment/host_realm_helper.c
index d677ac2..7fe3f7e 100644
--- a/tftf/tests/runtime_services/host_realm_managment/host_realm_helper.c
+++ b/tftf/tests/runtime_services/host_realm_managment/host_realm_helper.c
@@ -30,15 +30,14 @@
RMI_EXIT(SYNC),
RMI_EXIT(IRQ),
RMI_EXIT(FIQ),
- RMI_EXIT(FIQ),
RMI_EXIT(PSCI),
RMI_EXIT(RIPAS_CHANGE),
RMI_EXIT(HOST_CALL),
RMI_EXIT(SERROR),
- RMI_EXIT(IO),
- RMI_EXIT(RTT_REQUEST),
RMI_EXIT(S2AP_CHANGE),
- RMI_EXIT(VDEV_REQUEST)
+ RMI_EXIT(VDEV_REQUEST),
+ RMI_EXIT(VDEV_COMM),
+ RMI_EXIT(DEV_MEM_MAP)
};
/*
diff --git a/tftf/tests/runtime_services/host_realm_managment/host_realm_rmi.c b/tftf/tests/runtime_services/host_realm_managment/host_realm_rmi.c
index 83ae1c4..376695e 100644
--- a/tftf/tests/runtime_services/host_realm_managment/host_realm_rmi.c
+++ b/tftf/tests/runtime_services/host_realm_managment/host_realm_rmi.c
@@ -76,7 +76,8 @@
* must be preserved unless they contain result,
* as specified in the function definition.
*/
- if ((regs[0] != RMI_RTT_READ_ENTRY) && (regs[0] != RMI_RTT_AUX_MAP_PROTECTED)) {
+ if ((regs[0] != SMC_RMI_RTT_READ_ENTRY) &&
+ (regs[0] != SMC_RMI_RTT_AUX_MAP_PROTECTED)) {
CHECK_RET(4);
}
@@ -111,7 +112,7 @@
u_register_t host_rmi_psci_complete(u_register_t calling_rec, u_register_t target_rec,
unsigned long status)
{
- return (host_rmi_handler(&(smc_args) {RMI_PSCI_COMPLETE, calling_rec,
+ return (host_rmi_handler(&(smc_args) {SMC_RMI_PSCI_COMPLETE, calling_rec,
target_rec, status}, 4U)).ret0;
}
@@ -122,10 +123,10 @@
u_register_t src)
{
if (unknown) {
- return host_rmi_handler(&(smc_args) {RMI_DATA_CREATE_UNKNOWN,
+ return host_rmi_handler(&(smc_args) {SMC_RMI_DATA_CREATE_UNKNOWN,
rd, data, map_addr}, 4U).ret0;
} else {
- return host_rmi_handler(&(smc_args) {RMI_DATA_CREATE,
+ return host_rmi_handler(&(smc_args) {SMC_RMI_DATA_CREATE,
/* X5 = flags */
rd, data, map_addr, src, 0UL}, 6U).ret0;
}
@@ -133,18 +134,20 @@
static inline u_register_t host_rmi_realm_activate(u_register_t rd)
{
- return host_rmi_handler(&(smc_args) {RMI_REALM_ACTIVATE, rd}, 2U).ret0;
+ return host_rmi_handler(&(smc_args) {SMC_RMI_REALM_ACTIVATE,
+ rd}, 2U).ret0;
}
u_register_t host_rmi_realm_create(u_register_t rd, u_register_t params_ptr)
{
- return host_rmi_handler(&(smc_args) {RMI_REALM_CREATE, rd, params_ptr},
+ return host_rmi_handler(&(smc_args) {SMC_RMI_REALM_CREATE, rd, params_ptr},
3U).ret0;
}
u_register_t host_rmi_realm_destroy(u_register_t rd)
{
- return host_rmi_handler(&(smc_args) {RMI_REALM_DESTROY, rd}, 2U).ret0;
+ return host_rmi_handler(&(smc_args) {SMC_RMI_REALM_DESTROY, rd},
+ 2U).ret0;
}
u_register_t host_rmi_data_destroy(u_register_t rd,
@@ -154,7 +157,7 @@
{
smc_ret_values rets;
- rets = host_rmi_handler(&(smc_args) {RMI_DATA_DESTROY, rd, map_addr,
+ rets = host_rmi_handler(&(smc_args) {SMC_RMI_DATA_DESTROY, rd, map_addr,
(u_register_t)&rets}, 4U);
*data = rets.ret1;
@@ -166,13 +169,13 @@
u_register_t rec,
u_register_t params_ptr)
{
- return host_rmi_handler(&(smc_args) {RMI_REC_CREATE,
+ return host_rmi_handler(&(smc_args) {SMC_RMI_REC_CREATE,
rd, rec, params_ptr}, 4U).ret0;
}
static inline u_register_t host_rmi_rec_destroy(u_register_t rec)
{
- return host_rmi_handler(&(smc_args) {RMI_REC_DESTROY, rec}, 2U).ret0;
+ return host_rmi_handler(&(smc_args) {SMC_RMI_REC_DESTROY, rec}, 2U).ret0;
}
static inline u_register_t host_rmi_rtt_create(u_register_t rd,
@@ -180,7 +183,7 @@
u_register_t map_addr,
long level)
{
- return host_rmi_handler(&(smc_args) {RMI_RTT_CREATE,
+ return host_rmi_handler(&(smc_args) {SMC_RMI_RTT_CREATE,
rd, rtt, map_addr, (u_register_t)level}, 5U).ret0;
}
@@ -202,7 +205,7 @@
{
smc_ret_values rets;
- rets = host_rmi_handler(&(smc_args) {RMI_RTT_DESTROY,
+ rets = host_rmi_handler(&(smc_args) {SMC_RMI_RTT_DESTROY,
rd, map_addr, (u_register_t)level,
(u_register_t)&rets}, 5U);
*rtt = rets.ret1;
@@ -232,7 +235,7 @@
{
smc_ret_values rets;
- rets = host_rmi_handler(&(smc_args) {RMI_FEATURES, index}, 2U);
+ rets = host_rmi_handler(&(smc_args) {SMC_RMI_FEATURES, index}, 2U);
*features = rets.ret1;
return rets.ret0;
}
@@ -245,7 +248,7 @@
{
smc_ret_values rets;
- rets = host_rmi_handler(&(smc_args) {RMI_RTT_INIT_RIPAS,
+ rets = host_rmi_handler(&(smc_args) {SMC_RMI_RTT_INIT_RIPAS,
rd, start, end}, 4U);
*top = rets.ret1;
return rets.ret0;
@@ -264,7 +267,7 @@
{
smc_ret_values rets;
- rets = host_rmi_handler(&(smc_args) {RMI_RTT_FOLD,
+ rets = host_rmi_handler(&(smc_args) {SMC_RMI_RTT_FOLD,
rd, map_addr, (u_register_t)level,
(u_register_t)&rets}, 5U);
*pa = rets.ret1;
@@ -279,7 +282,7 @@
{
smc_ret_values rets;
- rets = host_rmi_handler(&(smc_args) {RMI_RTT_AUX_FOLD,
+ rets = host_rmi_handler(&(smc_args) {SMC_RMI_RTT_AUX_FOLD,
rd, map_addr, (u_register_t)level,
tree_index,
(u_register_t)&rets}, 6U);
@@ -292,7 +295,7 @@
{
smc_ret_values rets;
- rets = host_rmi_handler(&(smc_args) {RMI_REC_AUX_COUNT, rd}, 2U);
+ rets = host_rmi_handler(&(smc_args) {SMC_RMI_REC_AUX_COUNT, rd}, 2U);
*aux_count = rets.ret1;
return rets.ret0;
}
@@ -305,7 +308,7 @@
{
smc_ret_values rets;
- rets = host_rmi_handler(&(smc_args) {RMI_RTT_SET_RIPAS,
+ rets = host_rmi_handler(&(smc_args) {SMC_RMI_RTT_SET_RIPAS,
rd, rec, start, end}, 5U);
*top = rets.ret1;
return rets.ret0;
@@ -316,7 +319,7 @@
long level,
u_register_t ns_pa)
{
- return host_rmi_handler(&(smc_args) {RMI_RTT_MAP_UNPROTECTED,
+ return host_rmi_handler(&(smc_args) {SMC_RMI_RTT_MAP_UNPROTECTED,
rd, map_addr, (u_register_t)level, ns_pa}, 5U).ret0;
}
@@ -329,7 +332,7 @@
{
smc_ret_values rets;
- rets = host_rmi_handler(&(smc_args) {RMI_RTT_AUX_MAP_UNPROTECTED,
+ rets = host_rmi_handler(&(smc_args) {SMC_RMI_RTT_AUX_MAP_UNPROTECTED,
rd, map_addr, tree_index}, 4U);
*fail_index = rets.ret1;
*level_pri = rets.ret2;
@@ -347,7 +350,7 @@
{
smc_ret_values rets;
- rets = host_rmi_handler(&(smc_args) {RMI_RTT_AUX_MAP_PROTECTED,
+ rets = host_rmi_handler(&(smc_args) {SMC_RMI_RTT_AUX_MAP_PROTECTED,
rd, map_addr, tree_index}, 4U);
*fail_index = rets.ret1;
*level_pri = rets.ret2;
@@ -363,7 +366,7 @@
{
smc_ret_values rets;
- rets = host_rmi_handler(&(smc_args) {RMI_RTT_READ_ENTRY,
+ rets = host_rmi_handler(&(smc_args) {SMC_RMI_RTT_READ_ENTRY,
rd, map_addr, (u_register_t)level}, 4U);
rtt->walk_level = (long)rets.ret1;
rtt->state = rets.ret2;
@@ -379,7 +382,7 @@
{
smc_ret_values rets;
- rets = host_rmi_handler(&(smc_args) {RMI_RTT_UNMAP_UNPROTECTED,
+ rets = host_rmi_handler(&(smc_args) {SMC_RMI_RTT_UNMAP_UNPROTECTED,
rd, map_addr, (u_register_t)level}, 4U);
*top = rets.ret1;
return rets.ret0;
@@ -393,7 +396,7 @@
{
smc_ret_values rets;
- rets = host_rmi_handler(&(smc_args) {RMI_RTT_AUX_UNMAP_UNPROTECTED,
+ rets = host_rmi_handler(&(smc_args) {SMC_RMI_RTT_AUX_UNMAP_UNPROTECTED,
rd, map_addr, tree_index}, 4U);
*top = rets.ret1;
*level = rets.ret2;
@@ -408,7 +411,7 @@
{
smc_ret_values rets;
- rets = host_rmi_handler(&(smc_args) {RMI_RTT_AUX_UNMAP_PROTECTED,
+ rets = host_rmi_handler(&(smc_args) {SMC_RMI_RTT_AUX_UNMAP_PROTECTED,
rd, map_addr, tree_index}, 4U);
*top = rets.ret1;
*level = rets.ret2;
@@ -1030,19 +1033,21 @@
u_register_t host_rmi_granule_delegate(u_register_t addr)
{
- return host_rmi_handler(&(smc_args) {RMI_GRANULE_DELEGATE, addr}, 2U).ret0;
+ return host_rmi_handler(&(smc_args) {SMC_RMI_GRANULE_DELEGATE, addr},
+ 2U).ret0;
}
u_register_t host_rmi_granule_undelegate(u_register_t addr)
{
- return host_rmi_handler(&(smc_args) {RMI_GRANULE_UNDELEGATE, addr}, 2U).ret0;
+ return host_rmi_handler(&(smc_args) {SMC_RMI_GRANULE_UNDELEGATE, addr},
+ 2U).ret0;
}
u_register_t host_rmi_version(u_register_t requested_ver)
{
smc_ret_values ret;
- ret = host_rmi_handler(&(smc_args) {RMI_VERSION, requested_ver}, 2U);
+ ret = host_rmi_handler(&(smc_args) {SMC_RMI_VERSION, requested_ver}, 2U);
if (ret.ret0 == (u_register_t)SMC_UNKNOWN) {
return SMC_UNKNOWN;
}
@@ -1059,7 +1064,7 @@
{
smc_ret_values rets;
- rets = host_rmi_handler(&(smc_args) {RMI_RTT_SET_S2AP,
+ rets = host_rmi_handler(&(smc_args) {SMC_RMI_RTT_SET_S2AP,
rd, rec, base, top,
(u_register_t)&rets}, 6U);
*out_top = rets.ret1;
@@ -1199,6 +1204,11 @@
params->flags0 |= RMI_REALM_FLAGS0_LPA2;
}
+ /* Enabled RMI FEAT_DA */
+ if ((realm->rmm_feat_reg0 & RMI_FEATURE_REGISTER_0_DA_EN) != 0UL) {
+ params->flags0 |= RMI_REALM_FLAGS0_DA;
+ }
+
params->rtt_level_start = realm->start_level;
params->algorithm = RMI_HASH_SHA_256;
params->vmid = vmid++;
@@ -1861,7 +1871,7 @@
realm->host_mpidr[rec_num] = read_mpidr_el1();
do {
re_enter_rec = false;
- ret = host_rmi_handler(&(smc_args) {RMI_REC_ENTER,
+ ret = host_rmi_handler(&(smc_args) {SMC_RMI_REC_ENTER,
realm->rec[rec_num], realm->run[rec_num]}, 3U).ret0;
VERBOSE("%s() ret=%lu run->exit.exit_reason=%lu "
"run->exit.esr=0x%lx EC_BITS=%u ISS_DFSC_MASK=0x%lx\n",
@@ -1924,6 +1934,18 @@
break;
}
}
+
+ if (run->exit.exit_reason == RMI_EXIT_VDEV_REQUEST) {
+ host_do_vdev_complete(realm->rec[rec_num],
+ run->exit.vdev_id);
+ re_enter_rec = true;
+ }
+
+ if (run->exit.exit_reason == RMI_EXIT_VDEV_COMM) {
+ host_do_vdev_communicate(run->exit.vdev,
+ run->exit.vdev_action);
+ re_enter_rec = true;
+ }
} while (re_enter_rec);
*exit_reason = run->exit.exit_reason;
@@ -1960,14 +1982,14 @@
u_register_t data_ptr)
{
return host_rmi_handler(&(smc_args) {SMC_RMI_PDEV_COMMUNICATE, pdev_ptr,
- data_ptr}, 3U).ret0;
+ data_ptr}, 3U).ret0;
}
-u_register_t host_rmi_pdev_set_pubkey(u_register_t pdev_ptr, u_register_t key,
- u_register_t len, uint8_t algo)
+u_register_t host_rmi_pdev_set_pubkey(u_register_t pdev_ptr,
+ u_register_t pubkey_params_ptr)
{
return host_rmi_handler(&(smc_args) {SMC_RMI_PDEV_SET_PUBKEY, pdev_ptr,
- key, len, algo}, 5U).ret0;
+ pubkey_params_ptr}, 3U).ret0;
}
u_register_t host_rmi_pdev_stop(u_register_t pdev_ptr)
@@ -2006,3 +2028,54 @@
*top = rets.ret2;
return rets.ret0;
}
+
+u_register_t host_rmi_vdev_create(u_register_t rd_ptr, u_register_t pdev_ptr,
+ u_register_t vdev_ptr,
+ u_register_t params_ptr)
+{
+ return host_rmi_handler(&(smc_args) {SMC_RMI_VDEV_CREATE, rd_ptr,
+ pdev_ptr, vdev_ptr, params_ptr}, 5U).ret0;
+}
+
+u_register_t host_rmi_vdev_complete(u_register_t rec_ptr, u_register_t vdev_ptr)
+{
+ return host_rmi_handler(&(smc_args) {SMC_RMI_VDEV_COMPLETE, rec_ptr,
+ vdev_ptr}, 3U).ret0;
+}
+
+u_register_t host_rmi_vdev_communicate(u_register_t pdev_ptr,
+ u_register_t vdev_ptr,
+ u_register_t dev_comm_data_ptr)
+{
+ return host_rmi_handler(&(smc_args) {SMC_RMI_VDEV_COMMUNICATE, pdev_ptr,
+ vdev_ptr, dev_comm_data_ptr}, 4U).ret0;
+}
+
+u_register_t host_rmi_vdev_get_state(u_register_t vdev_ptr, u_register_t *state)
+{
+ smc_ret_values rets;
+
+ rets = host_rmi_handler(&(smc_args) {SMC_RMI_VDEV_GET_STATE, vdev_ptr},
+ 2U);
+ *state = rets.ret1;
+ return rets.ret0;
+}
+
+u_register_t host_rmi_vdev_abort(u_register_t vdev_ptr)
+{
+ return host_rmi_handler(&(smc_args) {SMC_RMI_VDEV_ABORT, vdev_ptr},
+ 2U).ret0;
+}
+
+u_register_t host_rmi_vdev_stop(u_register_t vdev_ptr)
+{
+ return host_rmi_handler(&(smc_args) {SMC_RMI_VDEV_STOP, vdev_ptr},
+ 2U).ret0;
+}
+
+u_register_t host_rmi_vdev_destroy(u_register_t rd_ptr, u_register_t pdev_ptr,
+ u_register_t vdev_ptr)
+{
+ return host_rmi_handler(&(smc_args) {SMC_RMI_VDEV_DESTROY, rd_ptr,
+ pdev_ptr, vdev_ptr}, 4U).ret0;
+}
diff --git a/tftf/tests/runtime_services/host_realm_managment/host_rmi_da_flow.c b/tftf/tests/runtime_services/host_realm_managment/host_rmi_da_flow.c
new file mode 100644
index 0000000..ce85080
--- /dev/null
+++ b/tftf/tests/runtime_services/host_realm_managment/host_rmi_da_flow.c
@@ -0,0 +1,229 @@
+/*
+ * Copyright (c) 2024-2025, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <string.h>
+
+#include <heap/page_alloc.h>
+#include <host_crypto_utils.h>
+#include <host_da_helper.h>
+#include <host_realm_helper.h>
+#include <host_realm_mem_layout.h>
+#include <host_shared_data.h>
+#include <mmio.h>
+#include <pcie.h>
+#include <pcie_doe.h>
+#include <pcie_spec.h>
+#include <platform.h>
+#include <spdm.h>
+#include <test_helpers.h>
+
+struct host_pdev gbl_host_pdev;
+struct host_vdev gbl_host_vdev;
+
+/*
+ * This invokes various RMI calls related to PDEV, VDEV management that does
+ * PDEV create/communicate/set_key/abort/stop/destroy and assigns the device
+ * to a Realm using RMI VDEV ABIs
+ *
+ * 1. Create a Realm with DA feature enabled
+ * 2. Find a known PCIe endpoint and connect with TSM to get_cert and establish
+ * secure session
+ * 3. Assign the PCIe endpoint (a PF) to the Realm
+ * 4. Call Realm to do DA related RSI calls
+ * 5. Unassign the PCIe endpoint from the Realm
+ * 6. Delete the Realm
+ * 7. Reclaim the PCIe TDI from TSM
+ */
+test_result_t host_invoke_rmi_da_flow(void)
+{
+ u_register_t rmi_feat_reg0;
+ uint32_t pdev_bdf, doe_cap_base;
+ struct host_pdev *h_pdev;
+ struct host_vdev *h_vdev;
+ uint8_t public_key_algo;
+ int rc;
+ bool realm_rc;
+ struct realm realm;
+ test_result_t result = TEST_RESULT_FAIL;
+
+ CHECK_DA_SUPPORT_IN_RMI(rmi_feat_reg0);
+ SKIP_TEST_IF_DOE_NOT_SUPPORTED(pdev_bdf, doe_cap_base);
+
+ INFO("DA on bdf: 0x%x, doe_cap_base: 0x%x\n", pdev_bdf, doe_cap_base);
+
+ /*
+ * Create a Realm with DA feature enabled
+ *
+ * todo: creating this after host_pdev_setup causes Realm create to
+ * fail.
+ */
+ rc = host_create_realm_with_feat_da(&realm);
+ if (rc != 0) {
+ INFO("Realm create with feat_da failed\n");
+ return TEST_RESULT_FAIL;
+ }
+
+ INFO("Realm created with feat_da enabled\n");
+
+ h_pdev = &gbl_host_pdev;
+ h_vdev = &gbl_host_vdev;
+
+ /* Allocate granules. Skip DA ABIs if host_pdev_setup fails */
+ rc = host_pdev_setup(h_pdev);
+ if (rc == -1) {
+ INFO("host_pdev_setup failed.\n");
+ (void)host_destroy_realm(&realm);
+ return TEST_RESULT_FAIL;
+ }
+
+ /* todo: move to tdi_pdev_setup */
+ h_pdev->bdf = pdev_bdf;
+ h_pdev->doe_cap_base = doe_cap_base;
+
+ /* Call rmi_pdev_create to transition PDEV to STATE_NEW */
+ rc = host_pdev_transition(h_pdev, RMI_PDEV_STATE_NEW);
+ if (rc != 0) {
+ ERROR("PDEV transition: NULL -> STATE_NEW failed\n");
+ goto err_pdev_reclaim;
+ }
+
+ /* Call rmi_pdev_communicate to transition PDEV to NEEDS_KEY */
+ rc = host_pdev_transition(h_pdev, RMI_PDEV_STATE_NEEDS_KEY);
+ if (rc != 0) {
+ ERROR("PDEV transition: PDEV_NEW -> PDEV_NEEDS_KEY failed\n");
+ goto err_pdev_reclaim;
+ }
+
+ /* Get public key. Verifying cert_chain not done by host but by Realm? */
+ rc = host_get_public_key_from_cert_chain(h_pdev->cert_chain,
+ h_pdev->cert_chain_len,
+ h_pdev->public_key,
+ &h_pdev->public_key_len,
+ h_pdev->public_key_metadata,
+ &h_pdev->public_key_metadata_len,
+ &public_key_algo);
+ if (rc != 0) {
+ ERROR("Get public key failed\n");
+ /* TF-RMM has support till here. Change error code temporarily */
+ result = TEST_RESULT_SUCCESS;
+ goto err_pdev_reclaim;
+ }
+
+ if (public_key_algo == PUBLIC_KEY_ALGO_ECDSA_ECC_NIST_P256) {
+ h_pdev->public_key_sig_algo = RMI_SIGNATURE_ALGORITHM_ECDSA_P256;
+ } else if (public_key_algo == PUBLIC_KEY_ALGO_ECDSA_ECC_NIST_P384) {
+ h_pdev->public_key_sig_algo = RMI_SIGNATURE_ALGORITHM_ECDSA_P384;
+ } else {
+ h_pdev->public_key_sig_algo = RMI_SIGNATURE_ALGORITHM_RSASSA_3072;
+ }
+ INFO("DEV public key len/sig_algo: %ld/%d\n", h_pdev->public_key_len,
+ h_pdev->public_key_sig_algo);
+
+ /* Call rmi_pdev_set_key transition PDEV to HAS_KEY */
+ rc = host_pdev_transition(h_pdev, RMI_PDEV_STATE_HAS_KEY);
+ if (rc != 0) {
+ INFO("PDEV transition: PDEV_NEEDS_KEY -> PDEV_HAS_KEY failed\n");
+ goto err_pdev_reclaim;
+ }
+
+ /* Call rmi_pdev_comminucate to transition PDEV to READY state */
+ rc = host_pdev_transition(h_pdev, RMI_PDEV_STATE_READY);
+ if (rc != 0) {
+ INFO("PDEV transition: PDEV_HAS_KEY -> PDEV_READY failed\n");
+ goto err_pdev_reclaim;
+ }
+
+
+ /*
+ * 3 Assign VDEV (the PCIe endpoint) from the Realm
+ */
+ rc = host_assign_vdev_to_realm(&realm, h_pdev, h_vdev);
+ if (rc != 0) {
+ INFO("VDEV assign to realm failed\n");
+ goto err_pdev_reclaim;
+ }
+
+ /*
+ * 4 Call Realm to do DA related RSI calls
+ */
+ realm_rc = host_enter_realm_execute(&realm, REALM_DA_RSI_CALLS,
+ RMI_EXIT_HOST_CALL, 0U);
+ if (!realm_rc) {
+ INFO("Realm DA_RSI_CALLS failed\n");
+ goto err_pdev_reclaim;
+ }
+
+ /*
+ * 5 Unassign VDEV (the PCIe endpoint) from the Realm
+ */
+ rc = host_unassign_vdev_from_realm(&realm, h_pdev, h_vdev);
+ if (rc != 0) {
+ INFO("VDEV unassign to realm failed\n");
+ goto err_pdev_reclaim;
+ }
+
+ /*
+ * 6 Destroy the Realm
+ */
+ if (!host_destroy_realm(&realm)) {
+ INFO("Realm destroy failed\n");
+ (void)host_pdev_reclaim(h_pdev);
+ return TEST_RESULT_FAIL;
+ }
+
+ /*
+ * 7 Reclaim PDEV (the PCIe TDI) from TSM
+ */
+ rc = host_pdev_reclaim(h_pdev);
+ if (rc != 0) {
+ INFO("Reclaim PDEV from TSM failed\n");
+ return TEST_RESULT_FAIL;
+ }
+
+ return TEST_RESULT_SUCCESS;
+
+err_pdev_reclaim:
+ (void)host_destroy_realm(&realm);
+ (void)host_pdev_reclaim(h_pdev);
+ return result;
+}
+
+/*
+ * This function invokes PDEV_CREATE on TRP and tries to test
+ * the EL3 RMM-EL3 IDE KM interface. Will be skipped on TF-RMM.
+ */
+test_result_t host_realm_test_root_port_key_management(void)
+{
+ struct host_pdev *h_pdev;
+ int ret;
+
+ if (host_rmi_version(RMI_ABI_VERSION_VAL) != 0U) {
+ tftf_testcase_printf("RMM is not TRP\n");
+ return TEST_RESULT_SKIPPED;
+ }
+
+ /* Initialize Host NS heap memory */
+ ret = page_pool_init((u_register_t)PAGE_POOL_BASE,
+ (u_register_t)PAGE_POOL_MAX_SIZE);
+ if (ret != HEAP_INIT_SUCCESS) {
+ ERROR("Failed to init heap pool %d\n", ret);
+ return TEST_RESULT_FAIL;
+ }
+
+ h_pdev = &gbl_host_pdev;
+
+ /*
+ * Call rmi_pdev_create with invalid pdev, expect an error
+ * to be returned from TRP.
+ */
+ ret = host_pdev_create(h_pdev);
+ if (ret != 0) {
+ return TEST_RESULT_SUCCESS;
+ }
+
+ ERROR("RMI_PDEV_CREATE did not return error as expected\n");
+ return TEST_RESULT_FAIL;
+}
diff --git a/tftf/tests/runtime_services/host_realm_managment/host_rmi_pdev.c b/tftf/tests/runtime_services/host_realm_managment/host_rmi_pdev.c
deleted file mode 100644
index 572bc2a..0000000
--- a/tftf/tests/runtime_services/host_realm_managment/host_rmi_pdev.c
+++ /dev/null
@@ -1,655 +0,0 @@
-/*
- * Copyright (c) 2024, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <string.h>
-
-#include <heap/page_alloc.h>
-#include <host_crypto_utils.h>
-#include <host_realm_helper.h>
-#include <host_realm_mem_layout.h>
-#include <host_shared_data.h>
-#include <mmio.h>
-#include <pcie.h>
-#include <pcie_doe.h>
-#include <pcie_spec.h>
-#include <platform.h>
-#include <spdm.h>
-#include <test_helpers.h>
-
-/* SPDM_MAX_CERTIFICATE_CHAIN_SIZE is 64KB */
-#define HOST_PDEV_CERT_LEN_MAX (64 * 1024)
-
-/*
- * Measurement max supported is 4KB.
- * todo: This will be increased if device supports returning more measurements
- */
-#define HOST_PDEV_MEAS_LEN_MAX (4 * 1024)
-
-#define DEV_OBJ_CERT 0U
-#define DEV_OBJ_MEASUREMENTS 2U
-#define DEV_OBJ_INTERFACE_REPORT 3U
-
-struct host_tdi {
- /* PDEV related fields */
- void *pdev;
- unsigned long pdev_flags;
- void *pdev_aux[PDEV_PARAM_AUX_GRANULES_MAX];
- uint32_t pdev_aux_num;
- struct rmi_dev_comm_data *dev_comm_data;
-
- /* Algorithm used to generate device digests */
- uint8_t pdev_hash_algo;
-
- /* Certificate, public key fields */
- uint8_t cert_slot_id;
- uint8_t *cert_chain;
- size_t cert_chain_len;
- void *public_key;
- size_t public_key_len;
- void *public_key_metadata;
- size_t public_key_metadata_len;
- unsigned char public_key_sig_algo;
-
- /*
- * Fields related to cached device measurements.
- * todo: This will be moved to vdev scope
- */
- uint8_t *meas;
- size_t meas_len;
-
- /* PCIe details: bdf, DOE, Stream id, IO range */
- uint32_t bdf;
- uint32_t doe_cap_base;
-};
-
-static struct host_tdi g_tdi;
-
-static const char * const pdev_state_str[] = {
- "PDEV_STATE_NEW",
- "PDEV_STATE_NEEDS_KEY",
- "PDEV_STATE_HAS_KEY",
- "PDEV_STATE_READY",
- "PDEV_STATE_COMMUNICATING",
- "PDEV_STATE_STOPPED",
- "RMI_PDEV_STATE_ERROR"
-};
-
-static int host_tdi_pdev_get_state(struct host_tdi *tdi, u_register_t *state)
-{
- u_register_t ret;
-
- ret = host_rmi_pdev_get_state((u_register_t)tdi->pdev, state);
- if (ret != RMI_SUCCESS) {
- return -1;
- }
- return 0;
-}
-
-static bool is_host_tdi_pdev_state(struct host_tdi *tdi, u_register_t exp_state)
-{
- u_register_t cur_state;
-
- if (host_tdi_pdev_get_state(tdi, &cur_state) != 0) {
- return false;
- }
-
- if (cur_state != exp_state) {
- return false;
- }
-
- return true;
-}
-
-static int host_tdi_pdev_create(struct host_tdi *tdi)
-{
- struct rmi_pdev_params *pdev_params;
- u_register_t ret;
- uint32_t i;
-
- pdev_params = (struct rmi_pdev_params *)page_alloc(PAGE_SIZE);
- memset(pdev_params, 0, GRANULE_SIZE);
-
- pdev_params->flags = tdi->pdev_flags;
- pdev_params->cert_id = tdi->cert_slot_id;
- pdev_params->pdev_id = tdi->bdf;
- pdev_params->num_aux = tdi->pdev_aux_num;
- pdev_params->hash_algo = tdi->pdev_hash_algo;
- for (i = 0; i < tdi->pdev_aux_num; i++) {
- pdev_params->aux[i] = (uintptr_t)tdi->pdev_aux[i];
- }
-
- ret = host_rmi_pdev_create((u_register_t)tdi->pdev,
- (u_register_t)pdev_params);
- if (ret != RMI_SUCCESS) {
- return -1;
- }
-
- return 0;
-}
-
-static int host_tdi_pdev_set_pubkey(struct host_tdi *tdi)
-{
- u_register_t ret;
-
- ret = host_rmi_pdev_set_pubkey((u_register_t)tdi->pdev,
- (u_register_t)tdi->public_key,
- (u_register_t)tdi->public_key_len,
- (u_register_t)tdi->public_key_sig_algo);
- if (ret != RMI_SUCCESS) {
- return -1;
- }
-
- return 0;
-}
-
-static int host_tdi_pdev_stop(struct host_tdi *tdi)
-{
- u_register_t ret;
-
- ret = host_rmi_pdev_stop((u_register_t)tdi->pdev);
- if (ret != RMI_SUCCESS) {
- return -1;
- }
-
- return 0;
-}
-
-static int host_tdi_pdev_destroy(struct host_tdi *tdi)
-{
- u_register_t ret;
-
- ret = host_rmi_pdev_destroy((u_register_t)tdi->pdev);
- if (ret != RMI_SUCCESS) {
- return -1;
- }
-
- return 0;
-}
-
-static int host_tdi_pdev_cache_device_object(struct host_tdi *tdi,
- uint8_t obj_type,
- const uint8_t *obj_buf,
- size_t obj_len)
-{
- int rc = -1;
-
- if (obj_type == DEV_OBJ_CERT) {
- if ((tdi->cert_chain_len + obj_len) > HOST_PDEV_CERT_LEN_MAX) {
- return -1;
- }
-
- INFO("%s: cache_cert: offset: 0x%lx, len: 0x%lx\n",
- __func__, tdi->cert_chain_len, obj_len);
-
- memcpy((void *)(tdi->cert_chain + tdi->cert_chain_len),
- obj_buf, obj_len);
- tdi->cert_chain_len += obj_len;
- rc = 0;
- } else if (obj_type == DEV_OBJ_MEASUREMENTS) {
- if ((tdi->meas_len + obj_len) > HOST_PDEV_MEAS_LEN_MAX) {
- return -1;
- }
-
- INFO("%s: cache_meas: offset: 0x%lx, len: 0x%lx\n",
- __func__, tdi->meas_len, obj_len);
-
- memcpy((void *)(tdi->meas + tdi->meas_len), obj_buf, obj_len);
- tdi->meas_len += obj_len;
- rc = 0;
- }
-
- return rc;
-}
-
-/* Call RMI PDEV communicate until the target state is reached */
-static int host_tdi_pdev_communicate(struct host_tdi *tdi,
- unsigned char target_state)
-{
- int rc;
- u_register_t state;
- u_register_t ret;
- struct rmi_dev_comm_enter *dev_comm_enter;
- struct rmi_dev_comm_exit *dev_comm_exit;
- size_t resp_len;
-
- dev_comm_enter = &tdi->dev_comm_data->enter;
- dev_comm_exit = &tdi->dev_comm_data->exit;
-
- dev_comm_enter->status = RMI_DEV_COMM_ENTER_STATUS_NONE;
- dev_comm_enter->resp_len = 0;
-
- if (host_tdi_pdev_get_state(tdi, &state) != 0) {
- return -1;
- }
-
- do {
- ret = host_rmi_pdev_communicate((u_register_t)tdi->pdev,
- (u_register_t)tdi->dev_comm_data);
- if (ret != RMI_SUCCESS) {
- INFO("rmi_pdev_communicate failed\n");
- rc = -1;
- break;
- }
-
- /*
- * If cache is set, then response buffer has the device object
- * to be cached.
- */
- if (EXTRACT(RMI_DEV_COMM_EXIT_FLAGS_CACHE,
- dev_comm_exit->flags)) {
- uint8_t *obj_buf;
- uint8_t obj_type;
-
- if (dev_comm_exit->cache_len == 0 ||
- (dev_comm_exit->cache_offset +
- dev_comm_exit->cache_len) >
- GRANULE_SIZE) {
- INFO("Invalid cache offset/length\n");
- rc = -1;
- break;
- }
-
- if (state == RMI_PDEV_STATE_NEW) {
- obj_type = DEV_OBJ_CERT;
- } else if (state == RMI_PDEV_STATE_HAS_KEY) {
- /* todo: replace with RMI_PDEV_STATE_READY */
- obj_type = DEV_OBJ_MEASUREMENTS;
- } else {
- rc = -1;
- break;
- }
-
- obj_buf = (uint8_t *)dev_comm_enter->resp_addr +
- dev_comm_exit->cache_offset;
- rc = host_tdi_pdev_cache_device_object(tdi, obj_type,
- obj_buf,
- dev_comm_exit->cache_len);
- if (rc != 0) {
- INFO("host_pdev_cache_device_object failed\n");
- rc = -1;
- break;
- }
- }
-
- /* Send request to spdm responder */
- if (EXTRACT(RMI_DEV_COMM_EXIT_FLAGS_SEND,
- dev_comm_exit->flags)) {
- uint32_t doe_header;
-
- /* todo: validate DevCommExit flags */
- if (dev_comm_exit->protocol ==
- RMI_DEV_COMM_PROTOCOL_SPDM) {
- doe_header = DOE_HEADER_1;
- } else if (dev_comm_exit->protocol ==
- RMI_DEV_COMM_PROTOCOL_SECURE_SPDM) {
- doe_header = DOE_HEADER_2;
- } else {
- INFO("Invalid dev_comm_exit.protocol\n");
- rc = -1;
- break;
- }
-
- rc = pcie_doe_communicate(doe_header, tdi->bdf, tdi->doe_cap_base,
- (void *)dev_comm_enter->req_addr,
- dev_comm_exit->req_len,
- (void *)dev_comm_enter->resp_addr,
- &resp_len);
-
- /*
- * Set IoEnter args for next pdev_communicate. Upon
- * success or error call pdev_communicate
- */
- if (rc == 0) {
- dev_comm_enter->status =
- RMI_DEV_COMM_ENTER_STATUS_SUCCESS;
- dev_comm_enter->resp_len = resp_len;
- } else {
- dev_comm_enter->status =
- RMI_DEV_COMM_ENTER_STATUS_ERROR;
- dev_comm_enter->resp_len = 0;
- }
- }
-
- rc = host_tdi_pdev_get_state(tdi, &state);
- if (rc != 0) {
- break;
- }
- } while ((state != target_state) && (state != RMI_PDEV_STATE_ERROR));
-
- return rc;
-}
-
-/*
- * Invoke RMI handler to transition PDEV state to 'to_state'
- */
-static int host_tdi_pdev_transition(struct host_tdi *tdi, unsigned char to_state)
-{
- int rc;
-
- switch (to_state) {
- case RMI_PDEV_STATE_NEW:
- rc = host_tdi_pdev_create(tdi);
- break;
- case RMI_PDEV_STATE_NEEDS_KEY:
- rc = host_tdi_pdev_communicate(tdi, RMI_PDEV_STATE_NEEDS_KEY);
- break;
- case RMI_PDEV_STATE_HAS_KEY:
- rc = host_tdi_pdev_set_pubkey(tdi);
- break;
- case RMI_PDEV_STATE_READY:
- rc = host_tdi_pdev_communicate(tdi, RMI_PDEV_STATE_READY);
- break;
- case RMI_PDEV_STATE_STOPPING:
- rc = host_tdi_pdev_stop(tdi);
- break;
- case RMI_PDEV_STATE_STOPPED:
- rc = host_tdi_pdev_communicate(tdi, RMI_PDEV_STATE_STOPPED);
- break;
- default:
- rc = -1;
- }
-
- if (rc != 0) {
- INFO("RMI command failed\n");
- return -1;
- }
-
- if (!is_host_tdi_pdev_state(tdi, to_state)) {
- ERROR("PDEV state not [%s]\n", pdev_state_str[to_state]);
- return -1;
- }
-
- return 0;
-}
-
-/*
- * Allocate granules needed for a PDEV object like device communication data,
- * response buffer, PDEV AUX granules and memory required to store cert_chain
- */
-static int host_tdi_pdev_setup(struct host_tdi *tdi)
-{
- u_register_t ret, count;
- int i;
-
- memset(tdi, 0, sizeof(struct host_tdi));
-
- /* Allocate granule for PDEV and delegate */
- tdi->pdev = page_alloc(PAGE_SIZE);
- if (tdi->pdev == NULL) {
- return -1;
- }
-
- memset(tdi->pdev, 0, GRANULE_SIZE);
- ret = host_rmi_granule_delegate((u_register_t)tdi->pdev);
- if (ret != RMI_SUCCESS) {
- ERROR("PDEV delegate failed 0x%lx\n", ret);
- return -1;
- }
-
- /* Set flags as IO coherent device protected by end to end IDE. */
- tdi->pdev_flags = INPLACE(RMI_PDEV_FLAGS_PROT_CONFIG,
- RMI_PDEV_IOCOH_E2E_IDE);
-
- /* Get num of aux granules required for this PDEV */
- ret = host_rmi_pdev_aux_count(tdi->pdev_flags, &count);
- if (ret != RMI_SUCCESS) {
- ERROR("host_rmi_pdev_aux_count() failed 0x%lx\n", ret);
- goto err_undelegate_pdev;
- }
- tdi->pdev_aux_num = count;
-
- /* Allocate aux granules for PDEV and delegate */
- INFO("PDEV create requires %u aux pages\n", tdi->pdev_aux_num);
- for (i = 0; i < tdi->pdev_aux_num; i++) {
- void *pdev_aux = page_alloc(PAGE_SIZE);
-
- if (pdev_aux == NULL) {
- goto err_undelegate_pdev_aux;
- }
-
- ret = host_rmi_granule_delegate((u_register_t)pdev_aux);
- if (ret != RMI_SUCCESS) {
- ERROR("Aux granule delegate failed 0x%lx\n", ret);
- goto err_undelegate_pdev_aux;
- }
-
- tdi->pdev_aux[i] = pdev_aux;
- }
-
- /* Allocate dev_comm_data and send/recv buffer for Dev communication */
- tdi->dev_comm_data = (struct rmi_dev_comm_data *)page_alloc(PAGE_SIZE);
- if (tdi->dev_comm_data == NULL) {
- goto err_undelegate_pdev_aux;
- }
-
- memset(tdi->dev_comm_data, 0, sizeof(struct rmi_dev_comm_data));
-
- tdi->dev_comm_data->enter.req_addr = (unsigned long)
- page_alloc(PAGE_SIZE);
- if (tdi->dev_comm_data->enter.req_addr == 0UL) {
- goto err_undelegate_pdev_aux;
- }
-
- tdi->dev_comm_data->enter.resp_addr = (unsigned long)
- page_alloc(PAGE_SIZE);
- if (tdi->dev_comm_data->enter.resp_addr == 0UL) {
- goto err_undelegate_pdev_aux;
- }
-
- /* Allocate buffer to cache device certificate */
- tdi->cert_slot_id = 0;
- tdi->cert_chain = (uint8_t *)page_alloc(HOST_PDEV_CERT_LEN_MAX);
- tdi->cert_chain_len = 0;
- if (tdi->cert_chain == NULL) {
- goto err_undelegate_pdev_aux;
- }
-
- /* Allocate buffer to store extracted public key */
- tdi->public_key = (void *)page_alloc(PAGE_SIZE);
- if (tdi->public_key == NULL) {
- goto err_undelegate_pdev_aux;
- }
- tdi->public_key_len = PAGE_SIZE;
-
- /* Allocate buffer to store public key metadata */
- tdi->public_key_metadata = (void *)page_alloc(PAGE_SIZE);
- if (tdi->public_key_metadata == NULL) {
- goto err_undelegate_pdev_aux;
- }
- tdi->public_key_metadata_len = PAGE_SIZE;
-
- /* Allocate buffer to cache device measurements */
- tdi->meas = (uint8_t *)page_alloc(HOST_PDEV_MEAS_LEN_MAX);
- tdi->meas_len = 0;
- if (tdi->meas == NULL) {
- goto err_undelegate_pdev_aux;
- }
-
- /* Set algorithm to use for device digests */
- tdi->pdev_hash_algo = RMI_HASH_SHA_512;
-
- return 0;
-
-err_undelegate_pdev_aux:
- /* Undelegate all the delegated pages */
- for (int i = 0; i < tdi->pdev_aux_num; i++) {
- if (tdi->pdev_aux[i]) {
- host_rmi_granule_undelegate((u_register_t)
- tdi->pdev_aux[i]);
- }
- }
-
-err_undelegate_pdev:
- host_rmi_granule_undelegate((u_register_t)tdi->pdev);
-
- return -1;
-}
-
-/*
- * Stop PDEV and ternimate secure session and call PDEV destroy
- */
-static int host_tdi_pdev_reclaim(struct host_tdi *tdi)
-{
- int rc;
-
- /* Move the device to STOPPING state */
- rc = host_tdi_pdev_transition(tdi, RMI_PDEV_STATE_STOPPING);
- if (rc != 0) {
- INFO("PDEV transition: to PDEV_STATE_STOPPING failed\n");
- return -1;
- }
-
- /* Do pdev_communicate to terminate secure session */
- rc = host_tdi_pdev_transition(tdi, RMI_PDEV_STATE_STOPPED);
- if (rc != 0) {
- INFO("PDEV transition: to PDEV_STATE_STOPPED failed\n");
- return -1;
- }
-
- rc = host_tdi_pdev_destroy(tdi);
- if (rc != 0) {
- INFO("PDEV transition: to STATE_NULL failed\n");
- return -1;
- }
-
- /* Undelegate all the delegated pages */
- for (int i = 0; i < tdi->pdev_aux_num; i++) {
- host_rmi_granule_undelegate((u_register_t)tdi->pdev_aux[i]);
- }
- host_rmi_granule_undelegate((u_register_t)tdi->pdev);
-
- return rc;
-}
-
-/*
- * This invokes various RMI calls related to PDEV management that does
- * PDEV create/communicate/set_key/abort/stop/destroy on a device.
- */
-test_result_t host_test_rmi_pdev_calls(void)
-{
- u_register_t rmi_feat_reg0;
- uint32_t pdev_bdf, doe_cap_base;
- struct host_tdi *tdi;
- uint8_t public_key_algo;
- int ret, rc;
-
- CHECK_DA_SUPPORT_IN_RMI(rmi_feat_reg0);
- SKIP_TEST_IF_DOE_NOT_SUPPORTED(pdev_bdf, doe_cap_base);
-
- /* Initialize Host NS heap memory */
- ret = page_pool_init((u_register_t)PAGE_POOL_BASE,
- (u_register_t)PAGE_POOL_MAX_SIZE);
- if (ret != HEAP_INIT_SUCCESS) {
- ERROR("Failed to init heap pool %d\n", ret);
- return TEST_RESULT_FAIL;
- }
-
- tdi = &g_tdi;
-
- /* Allocate granules. Skip DA ABIs if host_pdev_setup fails */
- rc = host_tdi_pdev_setup(tdi);
- if (rc == -1) {
- INFO("host_pdev_setup failed. skipping DA ABIs...\n");
- return TEST_RESULT_SKIPPED;
- }
-
- /* todo: move to tdi_pdev_setup */
- tdi->bdf = pdev_bdf;
- tdi->doe_cap_base = doe_cap_base;
-
- /* Call rmi_pdev_create to transition PDEV to STATE_NEW */
- rc = host_tdi_pdev_transition(tdi, RMI_PDEV_STATE_NEW);
- if (rc != 0) {
- ERROR("PDEV transition: NULL -> STATE_NEW failed\n");
- return TEST_RESULT_FAIL;
- }
-
- /* Call rmi_pdev_communicate to transition PDEV to NEEDS_KEY */
- rc = host_tdi_pdev_transition(tdi, RMI_PDEV_STATE_NEEDS_KEY);
- if (rc != 0) {
- ERROR("PDEV transition: PDEV_NEW -> PDEV_NEEDS_KEY failed\n");
- return TEST_RESULT_FAIL;
- }
-
- /* Get public key. Verifying cert_chain not done by host but by Realm? */
- rc = host_get_public_key_from_cert_chain(tdi->cert_chain,
- tdi->cert_chain_len,
- tdi->public_key,
- &tdi->public_key_len,
- tdi->public_key_metadata,
- &tdi->public_key_metadata_len,
- &public_key_algo);
- if (rc != 0) {
- ERROR("Get public key failed\n");
- return TEST_RESULT_FAIL;
- }
-
- if (public_key_algo == PUBLIC_KEY_ALGO_ECDSA_ECC_NIST_P256) {
- tdi->public_key_sig_algo = RMI_SIGNATURE_ALGORITHM_ECDSA_P256;
- } else if (public_key_algo == PUBLIC_KEY_ALGO_ECDSA_ECC_NIST_P384) {
- tdi->public_key_sig_algo = RMI_SIGNATURE_ALGORITHM_ECDSA_P384;
- } else {
- tdi->public_key_sig_algo = RMI_SIGNATURE_ALGORITHM_RSASSA_3072;
- }
- INFO("DEV public key len/sig_algo: %ld/%d\n", tdi->public_key_len,
- tdi->public_key_sig_algo);
-
- /* Call rmi_pdev_set_key transition PDEV to HAS_KEY */
- rc = host_tdi_pdev_transition(tdi, RMI_PDEV_STATE_HAS_KEY);
- if (rc != 0) {
- INFO("PDEV transition: PDEV_NEEDS_KEY -> PDEV_HAS_KEY failed\n");
- return TEST_RESULT_FAIL;
- }
-
- /* Call rmi_pdev_comminucate to transition PDEV to READY state */
- rc = host_tdi_pdev_transition(tdi, RMI_PDEV_STATE_READY);
- if (rc != 0) {
- INFO("PDEV transition: PDEV_HAS_KEY -> PDEV_READY failed\n");
- return TEST_RESULT_FAIL;
- }
-
- host_tdi_pdev_reclaim(tdi);
-
- return TEST_RESULT_SUCCESS;
-}
-
-
-/*
- * This function invokes PDEV_CREATE on TRP and tries to test
- * the EL3 RMM-EL3 IDE KM interface. Will be skipped on TF-RMM.
- */
-test_result_t host_realm_test_root_port_key_management(void)
-{
- struct host_tdi *tdi;
- int ret;
-
- if (host_rmi_version(RMI_ABI_VERSION_VAL) != 0U) {
- tftf_testcase_printf("RMM is not TRP\n");
- return TEST_RESULT_SKIPPED;
- }
-
- /* Initialize Host NS heap memory */
- ret = page_pool_init((u_register_t)PAGE_POOL_BASE,
- (u_register_t)PAGE_POOL_MAX_SIZE);
- if (ret != HEAP_INIT_SUCCESS) {
- ERROR("Failed to init heap pool %d\n", ret);
- return TEST_RESULT_FAIL;
- }
-
- tdi = &g_tdi;
-
- /*
- * Call rmi_pdev_create with invalid pdev, expect an error
- * to be returned from TRP.
- */
- ret = host_tdi_pdev_create(tdi);
- if (ret != 0) {
- return TEST_RESULT_SUCCESS;
- }
-
- ERROR("RMI_PDEV_CREATE did not return error as expected\n");
- return TEST_RESULT_FAIL;
-}
diff --git a/tftf/tests/tests-realm-payload.mk b/tftf/tests/tests-realm-payload.mk
index 92a710b..add6a7f 100644
--- a/tftf/tests/tests-realm-payload.mk
+++ b/tftf/tests/tests-realm-payload.mk
@@ -27,7 +27,7 @@
host_pmuv3.c \
host_realm_helper.c \
host_realm_rmi.c \
- host_rmi_pdev.c \
+ host_rmi_da_flow.c \
host_shared_data.c \
rmi_delegate_tests.c \
rmi_dev_delegate_tests.c \
diff --git a/tftf/tests/tests-realm-payload.xml b/tftf/tests/tests-realm-payload.xml
index 22c0c76..064f988 100644
--- a/tftf/tests/tests-realm-payload.xml
+++ b/tftf/tests/tests-realm-payload.xml
@@ -152,9 +152,6 @@
function="doe_discovery_test" />
<testcase name="SPDM Get Version"
function="spdm_version_test" />
- <!-- Invoke RMI calls related to PDEV management -->
- <testcase name="Invoke RMI PDEV calls "
- function="host_test_rmi_pdev_calls" />
<!-- Test cases related to FEAT_MPAM -->
<testcase name="Test that FEAT_MPAM is hidden to the Realm"
function="host_realm_hide_feat_mpam" />
@@ -176,5 +173,8 @@
<!-- Test cases related to Dev Mem Map and Unmap -->
<testcase name="Realm payload Dev Mem Map and Unmap"
function="host_realm_dev_mem_map_unmap" />
+ <!-- Invoke RMI calls related to DA PDEV/VDEV management -->
+ <testcase name="Invoke RMI DA ABIs "
+ function="host_invoke_rmi_da_flow" />
</testsuite>
</testsuites>