Add PoC of Arm DRTM specification version Beta-0
Change-Id: I26e6f2d4b2299edc246f5e8504d5d15b1399f640
diff --git a/include/arch/aarch64/arch_helpers.h b/include/arch/aarch64/arch_helpers.h
index a41b325..41616bc 100644
--- a/include/arch/aarch64/arch_helpers.h
+++ b/include/arch/aarch64/arch_helpers.h
@@ -263,6 +263,8 @@
DEFINE_SYSREG_RW_FUNCS(mdccsr_el0)
DEFINE_SYSREG_RW_FUNCS(dbgdtrrx_el0)
DEFINE_SYSREG_RW_FUNCS(dbgdtrtx_el0)
+DEFINE_SYSREG_RW_FUNCS(sp_el1)
+DEFINE_SYSREG_RW_FUNCS(sp_el2)
DEFINE_SYSOP_FUNC(wfi)
DEFINE_SYSOP_FUNC(wfe)
@@ -567,7 +569,7 @@
/*
* Check if an EL is implemented from AA64PFR0 register fields.
*/
-static inline uint64_t el_implemented(unsigned int el)
+static inline uint64_t nonsecure_el_implemented(unsigned int el)
{
if (el > 3U) {
return EL_IMPL_NONE;
@@ -578,6 +580,19 @@
}
}
+static inline uint64_t secure_el_implemented(unsigned int el)
+{
+ if (el == 2) {
+ unsigned int shift = ID_AA64PFR0_SEL2_SHIFT;
+
+ return (read_id_aa64pfr0_el1() >> shift) & ID_AA64PFR0_ELX_MASK;
+ } else {
+ return nonsecure_el_implemented(el);
+ }
+}
+
+#define el_implemented(el) nonsecure_el_implemented(el)
+
/* Previously defined accesor functions with incomplete register names */
#define read_current_el() read_CurrentEl()
diff --git a/include/drivers/arm/smmu_v3.h b/include/drivers/arm/smmu_v3.h
index a820a44..27ed16e 100644
--- a/include/drivers/arm/smmu_v3.h
+++ b/include/drivers/arm/smmu_v3.h
@@ -11,11 +11,21 @@
#include <lib/utils_def.h>
/* SMMUv3 register offsets from device base */
+#define SMMU_CR0 U(0x0020)
+#define SMMU_CR0ACK U(0x0024)
#define SMMU_GBPA U(0x0044)
#define SMMU_S_IDR1 U(0x8004)
#define SMMU_S_INIT U(0x803c)
#define SMMU_S_GBPA U(0x8044)
+/* SMMU_CR0 register fields */
+#define SMMU_CR0_VMW (7UL << 6)
+#define SMMU_CR0_ATSCHK (1UL << 4)
+#define SMMU_CR0_CMDQEN (1UL << 3)
+#define SMMU_CR0_EVENTQEN (1UL << 2)
+#define SMMU_CR0_PRIQEN (1UL << 1)
+#define SMMU_CR0_SMMUEN (1UL << 0)
+
/* SMMU_GBPA register fields */
#define SMMU_GBPA_UPDATE (1UL << 31)
#define SMMU_GBPA_ABORT (1UL << 20)
@@ -33,4 +43,7 @@
int smmuv3_init(uintptr_t smmu_base);
int smmuv3_security_init(uintptr_t smmu_base);
+int smmuv3_ns_set_abort_all(uintptr_t smmu_base);
+int smmuv3_ns_set_bypass_all(uintptr_t smmu_base);
+
#endif /* SMMU_V3_H */
diff --git a/include/drivers/measured_boot/event_log.h b/include/drivers/measured_boot/event_log.h
index efde117..aea418c 100644
--- a/include/drivers/measured_boot/event_log.h
+++ b/include/drivers/measured_boot/event_log.h
@@ -10,7 +10,6 @@
#include <stdint.h>
#include <common/debug.h>
-#include <drivers/measured_boot/tcg.h>
/*
* Set Event Log debug level to one of:
@@ -72,19 +71,19 @@
size_t log_size);
} measured_boot_data_t;
-#define ID_EVENT_SIZE (sizeof(id_event_headers_t) + \
- (sizeof(id_event_algorithm_size_t) * HASH_ALG_COUNT) + \
- sizeof(id_event_struct_data_t))
+#define ID_EVENT_SIZE (sizeof(id_event_container_t) + \
+ (sizeof(id_event_alg_info_t) * HASH_ALG_COUNT) + \
+ sizeof(id_event_vendor_data_t))
#define LOC_EVENT_SIZE (sizeof(event2_header_t) + \
- sizeof(tpmt_ha) + TCG_DIGEST_SIZE + \
+ sizeof(tpmt_ha_t) + TCG_DIGEST_SIZE + \
sizeof(event2_data_t) + \
- sizeof(startup_locality_event_t))
+ sizeof(startup_locality_event_data_t))
#define LOG_MIN_SIZE (ID_EVENT_SIZE + LOC_EVENT_SIZE)
#define EVENT2_HDR_SIZE (sizeof(event2_header_t) + \
- sizeof(tpmt_ha) + TCG_DIGEST_SIZE + \
+ sizeof(tpmt_ha_t) + TCG_DIGEST_SIZE + \
sizeof(event2_data_t))
/* Functions' declarations */
diff --git a/include/drivers/measured_boot/tcg.h b/include/drivers/measured_boot/tcg.h
deleted file mode 100644
index ab27a08..0000000
--- a/include/drivers/measured_boot/tcg.h
+++ /dev/null
@@ -1,304 +0,0 @@
-/*
- * Copyright (c) 2020, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef TCG_H
-#define TCG_H
-
-#include <stdint.h>
-
-#define TCG_ID_EVENT_SIGNATURE_03 "Spec ID Event03"
-#define TCG_STARTUP_LOCALITY_SIGNATURE "StartupLocality"
-
-#define TCG_SPEC_VERSION_MAJOR_TPM2 2
-#define TCG_SPEC_VERSION_MINOR_TPM2 0
-#define TCG_SPEC_ERRATA_TPM2 2
-
-/*
- * Event types
- * Ref. Table 9 Events
- * TCG PC Client Platform Firmware Profile Specification.
- */
-#define EV_PREBOOT_CERT U(0x00000000)
-#define EV_POST_CODE U(0x00000001)
-#define EV_UNUSED U(0x00000002)
-#define EV_NO_ACTION U(0x00000003)
-#define EV_SEPARATOR U(0x00000004)
-#define EV_ACTION U(0x00000005)
-#define EV_EVENT_TAG U(0x00000006)
-#define EV_S_CRTM_CONTENTS U(0x00000007)
-#define EV_S_CRTM_VERSION U(0x00000008)
-#define EV_CPU_MICROCODE U(0x00000009)
-#define EV_PLATFORM_CONFIG_FLAGS U(0x0000000A)
-#define EV_TABLE_OF_DEVICES U(0x0000000B)
-#define EV_COMPACT_HASH U(0x0000000C)
-#define EV_IPL U(0x0000000D)
-#define EV_IPL_PARTITION_DATA U(0x0000000E)
-#define EV_NONHOST_CODE U(0x0000000F)
-#define EV_NONHOST_CONFIG U(0x00000010)
-#define EV_NONHOST_INFO U(0x00000011)
-#define EV_OMIT_BOOT_DEVICE_EVENTS U(0x00000012)
-#define EV_EFI_EVENT_BASE U(0x80000000)
-#define EV_EFI_VARIABLE_DRIVER_CONFIG U(0x80000001)
-#define EV_EFI_VARIABLE_BOOT U(0x80000002)
-#define EV_EFI_BOOT_SERVICES_APPLICATION U(0x80000003)
-#define EV_EFI_BOOT_SERVICES_DRIVER U(0x80000004)
-#define EV_EFI_RUNTIME_SERVICES_DRIVER U(0x80000005)
-#define EV_EFI_GPT_EVENT U(0x80000006)
-#define EV_EFI_ACTION U(0x80000007)
-#define EV_EFI_PLATFORM_FIRMWARE_BLOB U(0x80000008)
-#define EV_EFI_HANDOFF_TABLES U(0x80000009)
-#define EV_EFI_HCRTM_EVENT U(0x80000010)
-#define EV_EFI_VARIABLE_AUTHORITY U(0x800000E0)
-
-/*
- * TPM_ALG_ID constants.
- * Ref. Table 9 - Definition of (UINT16) TPM_ALG_ID Constants
- * Trusted Platform Module Library. Part 2: Structures
- */
-#define TPM_ALG_SHA256 0x000B
-#define TPM_ALG_SHA384 0x000C
-#define TPM_ALG_SHA512 0x000D
-
-/* TCG Platform Type */
-#define PLATFORM_CLASS_CLIENT 0
-#define PLATFORM_CLASS_SERVER 1
-
-/* SHA digest sizes in bytes */
-#define SHA1_DIGEST_SIZE 20
-#define SHA256_DIGEST_SIZE 32
-#define SHA384_DIGEST_SIZE 48
-#define SHA512_DIGEST_SIZE 64
-
-enum {
- /*
- * SRTM, BIOS, Host Platform Extensions, Embedded
- * Option ROMs and PI Drivers
- */
- PCR_0 = 0,
- /* Host Platform Configuration */
- PCR_1,
- /* UEFI driver and application Code */
- PCR_2,
- /* UEFI driver and application Configuration and Data */
- PCR_3,
- /* UEFI Boot Manager Code (usually the MBR) and Boot Attempts */
- PCR_4,
- /*
- * Boot Manager Code Configuration and Data (for use
- * by the Boot Manager Code) and GPT/Partition Table
- */
- PCR_5,
- /* Host Platform Manufacturer Specific */
- PCR_6,
- /* Secure Boot Policy */
- PCR_7,
- /* 8-15: Defined for use by the Static OS */
- PCR_8,
- /* Debug */
- PCR_16 = 16
-};
-
-#pragma pack(push, 1)
-
-/*
- * PCR Event Header
- * TCG EFI Protocol Specification
- * 5.3 Event Log Header
- */
-typedef struct {
- /* PCRIndex:
- * The PCR Index to which this event is extended
- */
- uint32_t pcr_index;
-
- /* EventType:
- * SHALL be an EV_NO_ACTION event
- */
- uint32_t event_type;
-
- /* SHALL be 20 Bytes of 0x00 */
- uint8_t digest[SHA1_DIGEST_SIZE];
-
- /* The size of the event */
- uint32_t event_size;
-
- /* SHALL be a TCG_EfiSpecIdEvent */
- uint8_t event[]; /* [event_data_size] */
-} tcg_pcr_event_t;
-
-/*
- * Log Header Entry Data
- * Ref. Table 14 TCG_EfiSpecIdEventAlgorithmSize
- * TCG PC Client Platform Firmware Profile 9.4.5.1
- */
-typedef struct {
- /* Algorithm ID (hashAlg) of the Hash used by BIOS */
- uint16_t algorithm_id;
-
- /* The size of the digest produced by the implemented Hash algorithm */
- uint16_t digest_size;
-} id_event_algorithm_size_t;
-
-/*
- * TCG_EfiSpecIdEvent structure
- * Ref. Table 15 TCG_EfiSpecIdEvent
- * TCG PC Client Platform Firmware Profile 9.4.5.1
- */
-typedef struct {
- /*
- * The NUL-terminated ASCII string "Spec ID Event03".
- * SHALL be set to {0x53, 0x70, 0x65, 0x63, 0x20, 0x49, 0x44,
- * 0x20, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x30, 0x33, 0x00}.
- */
- uint8_t signature[16];
-
- /*
- * The value for the Platform Class.
- * The enumeration is defined in the TCG ACPI Specification Client
- * Common Header.
- */
- uint32_t platform_class;
-
- /*
- * The PC Client Platform Profile Specification minor version number
- * this BIOS supports.
- * Any BIOS supporting this version (2.0) MUST set this value to 0x00.
- */
- uint8_t spec_version_minor;
-
- /*
- * The PC Client Platform Profile Specification major version number
- * this BIOS supports.
- * Any BIOS supporting this version (2.0) MUST set this value to 0x02.
- */
- uint8_t spec_version_major;
-
- /*
- * The PC Client Platform Profile Specification errata version number
- * this BIOS supports.
- * Any BIOS supporting this version (2.0) MUST set this value to 0x02.
- */
- uint8_t spec_errata;
-
- /*
- * Specifies the size of the UINTN fields used in various data
- * structures used in this specification.
- * 0x01 indicates UINT32 and 0x02 indicates UINT64.
- */
- uint8_t uintn_size;
-
- /*
- * The number of Hash algorithms in the digestSizes field.
- * This field MUST be set to a value of 0x01 or greater.
- */
- uint32_t number_of_algorithms;
-
- /*
- * Each TCG_EfiSpecIdEventAlgorithmSize SHALL contain an algorithmId
- * and digestSize for each hash algorithm used in the TCG_PCR_EVENT2
- * structure, the first of which is a Hash algorithmID and the second
- * is the size of the respective digest.
- */
- id_event_algorithm_size_t digest_size[]; /* number_of_algorithms */
-} id_event_struct_header_t;
-
-typedef struct {
- /*
- * Size in bytes of the VendorInfo field.
- * Maximum value MUST be FFh bytes.
- */
- uint8_t vendor_info_size;
-
- /*
- * Provided for use by Platform Firmware implementer. The value might
- * be used, for example, to provide more detailed information about the
- * specific BIOS such as BIOS revision numbers, etc. The values within
- * this field are not standardized and are implementer-specific.
- * Platform-specific or -unique information MUST NOT be provided in
- * this field.
- *
- */
- uint8_t vendor_info[]; /* [vendorInfoSize] */
-} id_event_struct_data_t;
-
-typedef struct {
- id_event_struct_header_t struct_header;
- id_event_struct_data_t struct_data;
-} id_event_struct_t;
-
-typedef struct {
- tcg_pcr_event_t header;
- id_event_struct_header_t struct_header;
-} id_event_headers_t;
-
-/* TPMT_HA Structure */
-typedef struct {
- /* Selector of the hash contained in the digest that implies
- * the size of the digest
- */
- uint16_t algorithm_id; /* AlgorithmId */
-
- /* Digest, depends on AlgorithmId */
- uint8_t digest[]; /* Digest[] */
-} tpmt_ha;
-
-/*
- * TPML_DIGEST_VALUES Structure
- */
-typedef struct {
- /* The number of digests in the list */
- uint32_t count; /* Count */
-
- /* The list of tagged digests, as sent to the TPM as part of a
- * TPM2_PCR_Extend or as received from a TPM2_PCR_Event command
- */
- tpmt_ha digests[]; /* Digests[Count] */
-} tpml_digest_values;
-
-/*
- * TCG_PCR_EVENT2 header
- */
-typedef struct {
- /* The PCR Index to which this event was extended */
- uint32_t pcr_index; /* PCRIndex */
-
- /* Type of event */
- uint32_t event_type; /* EventType */
-
- /* Digests:
- * A counted list of tagged digests, which contain the digest of
- * the event data (or external data) for all active PCR banks
- */
- tpml_digest_values digests; /* Digests */
-} event2_header_t;
-
-typedef struct event2_data {
- /* The size of the event data */
- uint32_t event_size; /* EventSize */
-
- /* The data of the event */
- uint8_t event[]; /* Event[EventSize] */
-} event2_data_t;
-
-/*
- * Startup Locality Event
- * Ref. TCG PC Client Platform Firmware Profile 9.4.5.3
- */
-typedef struct {
- /*
- * The NUL-terminated ASCII string "StartupLocality" SHALL be
- * set to {0x53 0x74 0x61 0x72 0x74 0x75 0x70 0x4C 0x6F 0x63
- * 0x61 0x6C 0x69 0x74 0x79 0x00}
- */
- uint8_t signature[16];
-
- /* The Locality Indicator which sent the TPM2_Startup command */
- uint8_t startup_locality;
-} startup_locality_event_t;
-
-#pragma pack(pop)
-
-#endif /* TCG_H */
diff --git a/include/lib/psci/psci.h b/include/lib/psci/psci.h
index b56e98b..da2efcc 100644
--- a/include/lib/psci/psci.h
+++ b/include/lib/psci/psci.h
@@ -196,17 +196,6 @@
}
/*
- * These are the states reported by the PSCI_AFFINITY_INFO API for the specified
- * CPU. The definitions of these states can be found in Section 5.7.1 in the
- * PSCI specification (ARM DEN 0022C).
- */
-typedef enum {
- AFF_STATE_ON = U(0),
- AFF_STATE_OFF = U(1),
- AFF_STATE_ON_PENDING = U(2)
-} aff_info_state_t;
-
-/*
* These are the power states reported by PSCI_NODE_HW_STATE API for the
* specified CPU. The definitions of these states can be found in Section 5.15.3
* of PSCI specification (ARM DEN 0022C).
diff --git a/include/lib/psci/psci_lib.h b/include/lib/psci/psci_lib.h
index 1ac45ad..d135a51 100644
--- a/include/lib/psci/psci_lib.h
+++ b/include/lib/psci/psci_lib.h
@@ -38,6 +38,17 @@
*/
typedef void (*mailbox_entrypoint_t)(void);
+/*
+ * These are the states reported by the PSCI_AFFINITY_INFO API for the specified
+ * CPU. The definitions of these states can be found in Section 5.7.1 in the
+ * PSCI specification (ARM DEN 0022C). Available for psci_lib clients.
+ */
+typedef enum {
+ AFF_STATE_ON = U(0),
+ AFF_STATE_OFF = U(1),
+ AFF_STATE_ON_PENDING = U(2)
+} aff_info_state_t;
+
/******************************************************************************
* Structure to pass PSCI Library arguments.
*****************************************************************************/
@@ -91,6 +102,8 @@
entry_point_info_t *next_image_info);
int psci_stop_other_cores(unsigned int wait_ms,
void (*stop_func)(u_register_t mpidr));
+unsigned int psci_is_last_on_core_safe(void);
+
#endif /* __ASSEMBLER__ */
#endif /* PSCI_LIB_H */
diff --git a/include/lib/tpm/tpm.h b/include/lib/tpm/tpm.h
new file mode 100644
index 0000000..ac17c0b
--- /dev/null
+++ b/include/lib/tpm/tpm.h
@@ -0,0 +1,116 @@
+/*
+ * Copyright (c) 2021 Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+#ifndef TPM_H
+#define TPM_H
+
+#include <lib/utils_def.h>
+
+/*
+ * TPM_ALG_ID constants.
+ * Ref. Table 9 - Definition of (UINT16) TPM_ALG_ID Constants
+ * Trusted Platform Module Library. Part 2: Structures,
+ * Family "2.0", Level 00 Revision 01.38, September 29 2016.
+ */
+enum tpm_hash_alg {
+ TPM_ALG_NONE = 0x0,
+ TPM_ALG_SHA256 = 0x000B,
+ TPM_ALG_SHA384 = 0x000C,
+ TPM_ALG_SHA512 = 0x000D,
+};
+static inline bool tpm_alg_is_valid(enum tpm_hash_alg alg)
+{
+ switch (alg) {
+ case TPM_ALG_SHA256:
+ case TPM_ALG_SHA384:
+ case TPM_ALG_SHA512:
+ return true;
+
+ default:
+ return false;
+ }
+}
+
+enum tpm_hash_alg_dsize {
+ TPM_ALG_SHA256_DSIZE = 32,
+ TPM_ALG_SHA384_DSIZE = 48,
+ TPM_ALG_SHA512_DSIZE = 64,
+
+ TPM_ALG_MAX_DSIZE = TPM_ALG_SHA512_DSIZE
+};
+static inline size_t tpm_alg_dsize(enum tpm_hash_alg alg)
+{
+ switch (alg) {
+ case TPM_ALG_SHA256:
+ return TPM_ALG_SHA256_DSIZE;
+
+ case TPM_ALG_SHA384:
+ return TPM_ALG_SHA384_DSIZE;
+
+ case TPM_ALG_SHA512:
+ return TPM_ALG_SHA512_DSIZE;
+
+ default:
+ return 0;
+ }
+}
+
+enum tpm_pcr_idx {
+ /*
+ * SRTM, BIOS, Host Platform Extensions, Embedded
+ * Option ROMs and PI Drivers
+ */
+ TPM_PCR_0 = 0,
+ /* Host Platform Configuration */
+ TPM_PCR_1,
+ /* UEFI driver and application Code */
+ TPM_PCR_2,
+ /* UEFI driver and application Configuration and Data */
+ TPM_PCR_3,
+ /* UEFI Boot Manager Code (usually the MBR) and Boot Attempts */
+ TPM_PCR_4,
+ /*
+ * Boot Manager Code Configuration and Data (for use
+ * by the Boot Manager Code) and GPT/Partition Table
+ */
+ TPM_PCR_5,
+ /* Host Platform Manufacturer Specific */
+ TPM_PCR_6,
+ /* Secure Boot Policy */
+ TPM_PCR_7,
+ /* 8-15: Defined for use by the Static OS */
+ TPM_PCR_8,
+ /* Debug */
+ TPM_PCR_16 = 16,
+
+ /* DRTM (1) */
+ TPM_PCR_17 = 17,
+ /* DRTM (2) */
+ TPM_PCR_18 = 18,
+};
+static bool inline tpm_pcr_idx_is_valid(enum tpm_pcr_idx pcr_idx)
+{
+ switch (pcr_idx) {
+ case TPM_PCR_0:
+ case TPM_PCR_1:
+ case TPM_PCR_2:
+ case TPM_PCR_3:
+ case TPM_PCR_4:
+ case TPM_PCR_5:
+ case TPM_PCR_6:
+ case TPM_PCR_7:
+ case TPM_PCR_8:
+ case TPM_PCR_16:
+ case TPM_PCR_17:
+ case TPM_PCR_18:
+ return true;
+
+ default:
+ return false;
+ }
+}
+
+#endif /* TPM_H */
diff --git a/include/lib/tpm/tpm_log.h b/include/lib/tpm/tpm_log.h
new file mode 100644
index 0000000..a9f8d3b
--- /dev/null
+++ b/include/lib/tpm/tpm_log.h
@@ -0,0 +1,90 @@
+/*
+ * Copyright (c) 2021 Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+#ifndef TPM_LOG_H
+#define TPM_LOG_H
+
+#include <stddef.h>
+
+#include <lib/tpm/tpm.h>
+#include <export/lib/utils_def_exp.h>
+
+/*
+ * Event types
+ * Ref. Table 9 Events
+ * TCG PC Client Platform Firmware Profile Specification,
+ * Family "2.0", Level 00 Revision 1.04, June 3 2019.
+ */
+#define TPM_LOG_EV_PREBOOT_CERT U(0x00000000)
+#define TPM_LOG_EV_POST_CODE U(0x00000001)
+#define TPM_LOG_EV_UNUSED U(0x00000002)
+#define TPM_LOG_EV_NO_ACTION U(0x00000003)
+#define TPM_LOG_EV_SEPARATOR U(0x00000004)
+#define TPM_LOG_EV_ACTION U(0x00000005)
+#define TPM_LOG_EV_EVENT_TAG U(0x00000006)
+#define TPM_LOG_EV_S_CRTM_CONTENTS U(0x00000007)
+#define TPM_LOG_EV_S_CRTM_VERSION U(0x00000008)
+#define TPM_LOG_EV_CPU_MICROCODE U(0x00000009)
+#define TPM_LOG_EV_PLATFORM_CONFIG_FLAGS U(0x0000000A)
+#define TPM_LOG_EV_TABLE_OF_DEVICES U(0x0000000B)
+#define TPM_LOG_EV_COMPACT_HASH U(0x0000000C)
+#define TPM_LOG_EV_IPL U(0x0000000D)
+#define TPM_LOG_EV_IPL_PARTITION_DATA U(0x0000000E)
+#define TPM_LOG_EV_NONHOST_CODE U(0x0000000F)
+#define TPM_LOG_EV_NONHOST_CONFIG U(0x00000010)
+#define TPM_LOG_EV_NONHOST_INFO U(0x00000011)
+#define TPM_LOG_EV_OMIT_BOOT_DEVICE_EVENTS U(0x00000012)
+#define TPM_LOG_EV_EFI_EVENT_BASE U(0x80000000)
+#define TPM_LOG_EV_EFI_VARIABLE_DRIVER_CONFIG U(0x80000001)
+#define TPM_LOG_EV_EFI_VARIABLE_BOOT U(0x80000002)
+#define TPM_LOG_EV_EFI_BOOT_SERVICES_APPLICATION U(0x80000003)
+#define TPM_LOG_EV_EFI_BOOT_SERVICES_DRIVER U(0x80000004)
+#define TPM_LOG_EV_EFI_RUNTIME_SERVICES_DRIVER U(0x80000005)
+#define TPM_LOG_EV_EFI_GPT_EVENT U(0x80000006)
+#define TPM_LOG_EV_EFI_ACTION U(0x80000007)
+#define TPM_LOG_EV_EFI_PLATFORM_FIRMWARE_BLOB U(0x80000008)
+#define TPM_LOG_EV_EFI_HANDOFF_TABLES U(0x80000009)
+#define TPM_LOG_EV_EFI_HCRTM_EVENT U(0x80000010)
+#define TPM_LOG_EV_EFI_VARIABLE_AUTHORITY U(0x800000E0)
+
+
+struct tpm_log_digest {
+ enum tpm_hash_alg h_alg;
+ size_t buf_bytes;
+ char buf[];
+};
+
+struct tpm_log_digests {
+ size_t count;
+ struct tpm_log_digest d[];
+};
+
+struct tpm_log_info {
+ char *buf;
+ size_t buf_bytes;
+
+ /* Running cursor, into the buffer. */
+ char *cursor;
+
+ /* */
+ char *startup_locality_event_data;
+};
+/* Opaque / encapsulated type */
+typedef struct tpm_log_info tpm_log_info_t;
+
+
+int tpm_log_init(uint32_t *const tpm_log_buf, size_t tpm_log_buf_bytes,
+ enum tpm_hash_alg alg[], size_t num_algs,
+ tpm_log_info_t *log_info_out);
+int tpm_log_add_event(tpm_log_info_t *tpm_log_info,
+ uint32_t event_type, enum tpm_pcr_idx pcr,
+ struct tpm_log_digests *digests,
+ const unsigned char *event_data, size_t event_data_bytes);
+void tpm_log_serialise(char *dst, const tpm_log_info_t *tpm_log,
+ size_t *tpm_log_size_out);
+
+
+#endif /* TPM_LOG_H */
diff --git a/include/lib/utils.h b/include/lib/utils.h
index 17ee9369..cd402c1 100644
--- a/include/lib/utils.h
+++ b/include/lib/utils.h
@@ -21,6 +21,11 @@
size_t nbytes;
} mem_region_t;
+typedef struct p_mem_region {
+ unsigned long long base;
+ unsigned long long nbytes;
+} p_mem_region_t;
+
/*
* zero_normalmem all the regions defined in tbl.
*/
diff --git a/include/plat/common/platform.h b/include/plat/common/platform.h
index 1def86e..dc16ce1 100644
--- a/include/plat/common/platform.h
+++ b/include/plat/common/platform.h
@@ -63,6 +63,7 @@
uintptr_t plat_get_ns_image_entrypoint(void);
unsigned int plat_my_core_pos(void);
int plat_core_pos_by_mpidr(u_register_t mpidr);
+unsigned int plat_is_my_cpu_primary(void);
int plat_get_mbedtls_heap(void **heap_addr, size_t *heap_size);
#if STACK_PROTECTOR_ENABLED
diff --git a/include/services/drtm_cache.h b/include/services/drtm_cache.h
new file mode 100644
index 0000000..c18fdf2
--- /dev/null
+++ b/include/services/drtm_cache.h
@@ -0,0 +1,31 @@
+/*
+ * Copyright (c) 2021 Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef __DRTM_CACHE_H
+#define __DRTM_CACHE_H
+
+#include <stdbool.h>
+
+/*
+ * XXX Note: the generic protected DRTM resources are being specialised into
+ * DRTM TCB hashes. Platform resources retrieved through the generic DRTM cache
+ * are going to be retrieved through bespoke interfaces instead.
+ * This file will be removed once the transition is complete.
+ */
+
+void drtm_cache_init(void);
+
+int drtm_cache_resource_opt(const char *id, size_t bytes, const char *data, bool cache_data);
+#define drtm_cache_resource(id, bytes, data) \
+ drtm_cache_resource_opt(id, bytes, data, true)
+#define drtm_cache_resource_ptr(id, bytes, data) \
+ drtm_cache_resource_opt(id, bytes, data, false)
+
+void drtm_cache_get_resource(const char *id,
+ const char **res_out, size_t *res_out_bytes);
+
+#endif /* __DRTM_CACHE_H */
diff --git a/include/services/drtm_svc.h b/include/services/drtm_svc.h
new file mode 100644
index 0000000..7943d99
--- /dev/null
+++ b/include/services/drtm_svc.h
@@ -0,0 +1,61 @@
+/*
+ * Copyright (c) 2021 Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ * DRTM service
+ *
+ * Authors:
+ * Lucian Paul-Trifu <lucian.paultrifu@gmail.com>
+ * Brian Nezvadovitz
+ *
+ */
+
+#ifndef ARM_DRTM_SVC_H
+#define ARM_DRTM_SVC_H
+
+/*
+ * SMC function IDs for DRTM Service
+ * Upper word bits set: Fast call, SMC64, Standard Secure Svc. Call (OEN = 4)
+ */
+
+#define ARM_DRTM_SVC_VERSION 0xC4000110u
+#define ARM_DRTM_SVC_FEATURES 0xC4000111u
+#define ARM_DRTM_SVC_UNPROTECT_MEM 0xC4000113u
+#define ARM_DRTM_SVC_DYNAMIC_LAUNCH 0xC4000114u
+#define ARM_DRTM_SVC_CLOSE_LOCALITY 0xC4000115u
+#define ARM_DRTM_SVC_GET_ERROR 0xC4000116u
+#define ARM_DRTM_SVC_SET_ERROR 0xC4000117u
+#define ARM_DRTM_SVC_SET_TCB_HASH 0xC4000118u
+#define ARM_DRTM_SVC_LOCK_TCB_HASHES 0xC4000119u
+
+#define ARM_DRTM_FEATURES_TPM 0x1u
+#define ARM_DRTM_FEATURES_MEM_REQ 0x2u
+#define ARM_DRTM_FEATURES_DMA_PROT 0x3u
+#define ARM_DRTM_FEATURES_BOOT_PE_ID 0x4u
+#define ARM_DRTM_FEATURES_TCB_HASHES 0x5u
+
+#define is_drtm_fid(_fid) \
+ (((_fid) >= ARM_DRTM_SVC_VERSION) && ((_fid) <= ARM_DRTM_SVC_SET_ERROR))
+
+/* ARM DRTM Service Calls version numbers */
+#define ARM_DRTM_VERSION_MAJOR 0x0000u
+#define ARM_DRTM_VERSION_MINOR 0x0001u
+#define ARM_DRTM_VERSION \
+ ((ARM_DRTM_VERSION_MAJOR << 16) | ARM_DRTM_VERSION_MINOR)
+
+/* Initialization routine for the DRTM service */
+int drtm_setup(void);
+
+/* Handler to be called to handle DRTM SMC calls */
+uint64_t drtm_smc_handler(uint32_t smc_fid,
+ uint64_t x1,
+ uint64_t x2,
+ uint64_t x3,
+ uint64_t x4,
+ void *cookie,
+ void *handle,
+ uint64_t flags);
+
+
+#endif /* ARM_DRTM_SVC_H */
diff --git a/include/services/drtm_svc_plat.h b/include/services/drtm_svc_plat.h
new file mode 100644
index 0000000..be4cedf
--- /dev/null
+++ b/include/services/drtm_svc_plat.h
@@ -0,0 +1,82 @@
+/*
+ * Copyright (c) 2021 Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ * DRTM service's dependencies on the platform.
+ *
+ */
+#ifndef ARM_DRTM_SVC_PLAT_H
+#define ARM_DRTM_SVC_PLAT_H
+
+#include <stdbool.h>
+#include <stddef.h>
+#include <stdint.h>
+
+#if !defined(DRTM_SHA_ALG)
+#error "The DRTM service requires definition of the DRTM_SHA_ALG macro"
+#else
+
+#if DRTM_SHA_ALG == 256
+#define DRTM_SHA_ALG_DSIZE 32
+#elif DRTM_SHA_ALG == 384
+#define DRTM_SHA_ALG_DSIZE 48
+#elif DRTM_SHA_ALG == 512
+#define DRTM_SHA_ALG_DSIZE 64
+#else
+#warning "Unrecognised DRTM_SHA_ALG"
+#define DRTM_SHA_ALG_DSIZE 64
+#endif
+
+#endif
+
+
+/***
+ * DRTM's dependency on platform DMA protection.
+ */
+
+/* Sanity checks. */
+bool plat_has_non_host_platforms(void);
+bool plat_has_unmanaged_dma_peripherals(void);
+unsigned int plat_get_total_num_smmus(void);
+
+/* Dependency on Arm-compliant SMMUs. */
+void plat_enumerate_smmus(const uintptr_t (*smmus_out)[],
+ size_t *smmu_count_out);
+
+struct drtm_mem_region_descr_table_v1;
+typedef struct drtm_mem_region_descr_table_v1 struct_drtm_mem_region_descr_table;
+
+/* Dependencies on platform-specific region-based DMA protection. */
+struct drtm_dma_protector_ops {
+ int (*protect_regions)(void *data,
+ const struct_drtm_mem_region_descr_table *regions);
+};
+struct drtm_dma_protector {
+ void *data;
+ struct drtm_dma_protector_ops *ops;
+};
+struct drtm_dma_protector plat_get_dma_protector(void);
+
+
+/***
+ * DRTM's platform-specific DRTM TCB hashes.
+ */
+
+struct plat_drtm_tcb_hash {
+ union {
+#define _HASH_ID_TYPE uint32_t
+ _HASH_ID_TYPE uint32;
+ unsigned char uchars[sizeof(_HASH_ID_TYPE)];
+#undef _HASH_ID_TYPE
+ } hash_id;
+ size_t hash_bytes;
+ unsigned char hash_val[DRTM_SHA_ALG_DSIZE];
+};
+#define PLAT_DRTM_TCB_HASH_VAL_AND_SIZE(...) \
+ .hash_bytes = sizeof((unsigned char[]){ __VA_ARGS__ }), .hash_val = { __VA_ARGS__ }
+
+void plat_enumerate_drtm_tcb_hashes(const struct plat_drtm_tcb_hash **hashes_out,
+ size_t *hashes_count_out);
+
+#endif /* ARM_DRTM_SVC_PLAT_H */