TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-RMM / tf-rmm / bdd30ee3b7cf46f3af0988bef68e2c8b0ab5dff3 / . / plat / host / host_cbmc / src / tb_common.c
blob: 4f941745b835a4f8be92843ac5a5164e8b9ede65 [file] [log] [blame]
Mate Toth-Pal83a45bd2023-09-01 11:17:19 +0200[diff] [blame]1/*
2 * SPDX-License-Identifier: BSD-3-Clause
3 * SPDX-FileCopyrightText: Copyright TF-RMM Contributors.
4 */
5
Mate Toth-Pala18676e2023-10-27 17:05:01 +0200[diff] [blame]6#include "granule.h"
Mate Toth-Pal83a45bd2023-09-01 11:17:19 +0200[diff] [blame]7#include "host_defs.h"
8#include "host_utils.h"
Mate Toth-Pal83a45bd2023-09-01 11:17:19 +0200[diff] [blame]9#include "measurement.h"
Mate Toth-Pala18676e2023-10-27 17:05:01 +0200[diff] [blame]10#include "status.h"
11#include "string.h"
12#include "table.h"
13#include "tb_common.h"
14#include "tb_granules.h"
15#include "utils_def.h"
16
Soby Mathewbdd30ee2023-11-28 09:50:28 +0000[diff] [blame^]17/* This array holds information on the injected granule's status in the GPT. */
18static enum granule_gpt granule_gpt_array[RMM_MAX_GRANULES];
Mate Toth-Pal83a45bd2023-09-01 11:17:19 +0200[diff] [blame]19
20/* Declare a nondet function for registers information. */
21struct tb_regs nondet_tb_regs(void);
22
23struct tb_regs __tb_arb_regs(void)
24{
25 return nondet_tb_regs();
26}
27
28bool ResultEqual_2(unsigned int code, unsigned int expected)
29{
30 return code == expected;
31}
32
33/* TODO */
34bool ResultEqual_3(unsigned int code, unsigned int expected, unsigned int level)
35{
36 return true;
37}
38
39uint64_t Zeros(void)
40{
41 return UINT64_C(0);
42}
43
44bool __tb_arb_bool(void)
45{
46 return nondet_bool();
47}
48
49void __tb_lock_invariant(struct tb_lock_status *lock_status)
50{
51 /* TODO */
52}
53
54struct tb_lock_status __tb_lock_status(void)
55{
Mate Toth-Pala18676e2023-10-27 17:05:01 +0200[diff] [blame]56 struct tb_lock_status r = {0UL};
Mate Toth-Pal83a45bd2023-09-01 11:17:19 +0200[diff] [blame]57 return r;
58}
59
60extern struct granule granules[RMM_MAX_GRANULES];
61bool used_granules_buffer[HOST_NR_GRANULES] = { 0 };
62
63bool valid_pa(uint64_t addr)
64{
65 /*
66 * NOTE: the explicit pointer to integer type cast is necessary, as CBMC
67 * check fails without it.
68 */
69 if (GRANULE_ALIGNED(addr) && (uint64_t)granules_buffer <= addr &&
70 addr < (uint64_t)granules_buffer + sizeof(granules_buffer)) {
71 /*
72 * Keep these assserts for sanitary check, there was situation
73 * these asserts fail possibly due to CBMC dislike type
74 * conversion between number and pointer
75 */
76 ASSERT(GRANULE_ALIGNED(addr), "internal: `_valid_pa`, addr in alignment");
77 ASSERT(addr >= (uint64_t)granules_buffer,
78 "internal: `_valid_pa`, addr in lower range");
79 ASSERT(addr < (uint64_t)granules_buffer + sizeof(granules_buffer),
80 "internal: `_valid_pa`, addr in upper range");
81 return true;
82 }
83 return false;
84}
85
86struct granule *pa_to_granule_metadata_ptr(uint64_t addr)
87{
88 uint64_t idx = (addr - (uint64_t)granules_buffer)/GRANULE_SIZE;
89
90 __ASSERT(idx >= 0, "internal: `_pa_to_granule_metadata_ptr`, addr is in lower range");
91 __ASSERT(idx < RMM_MAX_GRANULES,
92 "internal: `_pa_to_granule_metadata_ptr`, addr is in upper range");
93
94 return &granules[idx];
95}
96
Mate Toth-Pal83a45bd2023-09-01 11:17:19 +0200[diff] [blame]97bool valid_granule_metadata_ptr(struct granule *p)
98{
99 return p >= granules
100 && p < granules + RMM_MAX_GRANULES;
101}
102
103/*
104 * Return the first index of `number` of unused continuous indice to both
105 * `granules` and `granules_buffer` arrays.
106 */
107size_t next_index(void)
108{
109 size_t index = nondet_size_t();
110
111 __ASSUME(unused_index(index));
112 if (!unused_index(index)) {
113 return -1;
114 }
115
Mate Toth-Pal83a45bd2023-09-01 11:17:19 +0200[diff] [blame]116 return index;
117}
118
119bool unused_index(size_t index)
120{
121 if (index < HOST_NR_GRANULES && !used_granules_buffer[index]) {
122 return true;
123 }
124 return false;
125}
126
127void init_pa_page(const void *content, size_t size)
128{
129 unsigned long index = next_index();
130 unsigned long offset = index * GRANULE_SIZE;
131
132 (void)memcpy(granules_buffer + offset, content, size);
133 used_granules_buffer[index] = true;
134}
135
136struct granule *inject_granule_at(const struct granule *granule_metadata,
137 const void *src_page,
138 size_t src_size,
139 size_t index)
140{
141 size_t offset = index * GRANULE_SIZE;
142
143 granules[index] = *granule_metadata;
144 (void)memcpy(granules_buffer + offset, src_page, src_size);
145 used_granules_buffer[index] = true;
146 return &granules[index];
147}
148
149struct granule *inject_granule(const struct granule *granule_metadata,
150 const void *src_page,
151 size_t src_size)
152{
153 size_t index = next_index();
154
Mate Toth-Pala18676e2023-10-27 17:05:01 +0200[diff] [blame]155 if (granule_metadata->state == GRANULE_STATE_NS) {
Soby Mathewbdd30ee2023-11-28 09:50:28 +0000[diff] [blame^]156 /* initialise the granules as either secure or non-secure */
157 granule_gpt_array[index] = nondet_bool() ? GPT_SECURE : GPT_NS;
158 } else {
159 granule_gpt_array[index] = GPT_REALM;
Mate Toth-Pala18676e2023-10-27 17:05:01 +0200[diff] [blame]160 }
Soby Mathewbdd30ee2023-11-28 09:50:28 +0000[diff] [blame^]161
Mate Toth-Pal83a45bd2023-09-01 11:17:19 +0200[diff] [blame]162 return inject_granule_at(granule_metadata, src_page, src_size, index);
163}
164
Soby Mathewbdd30ee2023-11-28 09:50:28 +0000[diff] [blame^]165enum granule_gpt get_granule_gpt(uint64_t addr)
Mate Toth-Pala18676e2023-10-27 17:05:01 +0200[diff] [blame]166{
167 uint64_t idx = (addr - (uint64_t)granules_buffer)/GRANULE_SIZE;
168
Soby Mathewbdd30ee2023-11-28 09:50:28 +0000[diff] [blame^]169 return granule_gpt_array[idx];
Mate Toth-Pala18676e2023-10-27 17:05:01 +0200[diff] [blame]170}
171
Soby Mathewbdd30ee2023-11-28 09:50:28 +0000[diff] [blame^]172void set_granule_gpt(uint64_t addr, enum granule_gpt granule_gpt)
Mate Toth-Pala18676e2023-10-27 17:05:01 +0200[diff] [blame]173{
174 uint64_t idx = (addr - (uint64_t)granules_buffer)/GRANULE_SIZE;
175
Soby Mathewbdd30ee2023-11-28 09:50:28 +0000[diff] [blame^]176 granule_gpt_array[idx] = granule_gpt;
Mate Toth-Pala18676e2023-10-27 17:05:01 +0200[diff] [blame]177}