TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TS / trusted-services / b849247f173f648ae7a2b17f7ea4986a86a275ba / . / deployments / ftpm / env / commonsp / ftpm_sp.c
blob: a8cf25e767781e4985a131af9a5f053af8f190bf [file] [log] [blame]
Balint Dobszayad82efb2024-11-21 13:53:09 +0100[diff] [blame]1// SPDX-License-Identifier: BSD-3-Clause
2/*
3 * Copyright (c) 2024, Arm Limited and Contributors. All rights reserved.
4 */
5
6#include "common/trace/include/trace.h"
7#include "config/ramstore/config_ramstore.h"
8#include "config/interface/config_store.h"
9#include "config/loader/sp/sp_config_loader.h"
10#include "platform/interface/device_region.h"
11#include "rpc/common/endpoint/rpc_service_interface.h"
12#include "rpc/tpm_crb_ffa/endpoint/sp/tpm_crb_ffa_endpoint.h"
13#include "service/crypto/backend/mbedcrypto/trng_adapter/trng_adapter.h"
14#include "service/log/factory/log_factory.h"
15#include "service/secure_storage/factory/storage_factory.h"
16#include "service/secure_storage/frontend/psa/ps/ps_frontend.h"
17#include "service/tpm/backend/ms_tpm/ms_tpm_backend.h"
18#include "service/tpm/provider/tpm_crb_provider.h"
19#include "service_locator.h"
20#include "sp_api.h"
21#include "sp_discovery.h"
22#include "sp_messaging.h"
23#include "sp_rxtx.h"
24
25#include "ftpm_sp.h"
26
27#define CONFIG_NAME_TPM_CRB_NS_REGION "tpm-crb-ns"
28#define CONFIG_NAME_TPM_CRB_S_REGION "tpm-crb-s"
29
30static uint8_t tx_buffer[4096] __aligned(4096);
31static uint8_t rx_buffer[4096] __aligned(4096);
32
33void __noreturn sp_main(union ffa_boot_info *boot_info)
34{
35 struct tpm_crb_provider service_provider = { 0 };
36 struct device_region tpm_crb_ns_region = { 0 };
37 struct device_region tpm_crb_s_region = { 0 };
38 struct tpm_crb_ffa_ep rpc_endpoint = { 0 };
39 struct rpc_service_interface *service_iface = NULL;
40 struct storage_backend *storage_backend = NULL;
41 psa_status_t status = PSA_ERROR_GENERIC_ERROR;
42 sp_result sp_res = SP_RESULT_INTERNAL_ERROR;
43 struct sp_msg resp_msg = { 0 };
44 struct sp_msg req_msg = { 0 };
45 uint16_t own_id = 0;
46
47 /* Boot phase */
48 sp_res = sp_rxtx_buffer_map(tx_buffer, rx_buffer, sizeof(rx_buffer));
49 if (sp_res != SP_RESULT_OK) {
50 EMSG("Failed to map RXTX buffers: %d", sp_res);
51 goto fatal_error;
52 }
53
54 IMSG("Start discovering logging service");
55 if (log_factory_create()) {
56 IMSG("Logging service discovery successful");
57 } else {
58 EMSG("Logging service discovery failed, falling back to console log");
59 }
60
61 sp_res = sp_discovery_own_id_get(&own_id);
62 if (sp_res != SP_RESULT_OK) {
63 EMSG("Failed to query own ID: %d", sp_res);
64 goto fatal_error;
65 }
66
67 config_ramstore_init();
68
69 if (!sp_config_load(boot_info)) {
70 EMSG("Failed to load SP config");
71 goto fatal_error;
72 }
73
74 if (!config_store_query(CONFIG_CLASSIFIER_DEVICE_REGION, CONFIG_NAME_TPM_CRB_NS_REGION, 0,
75 &tpm_crb_ns_region, sizeof(tpm_crb_ns_region))) {
76 EMSG(CONFIG_NAME_TPM_CRB_NS_REGION " is not set in SP configuration");
77 goto fatal_error;
78 }
79
80 DMSG("Found TPM CRB NS careveout with address: 0x%lx, size: %ld",
81 tpm_crb_ns_region.base_addr, tpm_crb_ns_region.io_region_size);
82
83 if (!config_store_query(CONFIG_CLASSIFIER_DEVICE_REGION, CONFIG_NAME_TPM_CRB_S_REGION, 0,
84 &tpm_crb_s_region, sizeof(tpm_crb_s_region))) {
85 EMSG(CONFIG_NAME_TPM_CRB_S_REGION " is not set in SP configuration");
86 goto fatal_error;
87 }
88
89 DMSG("Found TPM CRB S careveout with address: 0x%lx, size: %ld",
90 tpm_crb_s_region.base_addr, tpm_crb_s_region.io_region_size);
91
92 /* Create a storage backend for persistent key storage - prefer PS */
93 storage_backend = storage_factory_create(storage_factory_security_class_PROTECTED);
94 if (!storage_backend) {
95 EMSG("Failed to create storage factory");
96 goto fatal_error;
97 }
98
99 status = psa_ps_frontend_init(storage_backend);
100 if (status != PSA_SUCCESS) {
101 EMSG("Failed to init protected storage frontend: %d", status);
102 goto fatal_error;
103 }
104
105 /* Initialize TRNG */
106 status = trng_adapter_init(0);
107 if (status != PSA_SUCCESS) {
108 EMSG("Failed to init TRNG adapter: %d", status);
109 goto fatal_error;
110 }
111
112 if (!ms_tpm_backend_init()) {
113 EMSG("ms_tpm backend init failed");
114 goto fatal_error;
115 }
116
117 service_iface = tpm_provider_init(&service_provider,
118 (uint8_t *)tpm_crb_ns_region.base_addr,
119 tpm_crb_ns_region.io_region_size,
120 (uint8_t *)tpm_crb_s_region.base_addr,
121 tpm_crb_s_region.io_region_size);
122 if (!service_iface) {
123 EMSG("Failed to init service provider");
124 goto fatal_error;
125 }
126
127 if (!tpm_crb_ffa_endpoint_init(&rpc_endpoint)) {
128 EMSG("Failed to initialize RPC endpoint");
129 goto fatal_error;
130 }
131
132 if (!tpm_crb_ffa_endpoint_add_service(&rpc_endpoint, service_iface)) {
133 EMSG("Failed to add service to RPC endpoint");
134 goto fatal_error;
135 }
136
137 /* End of boot phase */
138
139 sp_res = sp_msg_wait(&req_msg);
140 if (sp_res != SP_RESULT_OK) {
141 EMSG("Failed to send message wait %d", sp_res);
142 goto fatal_error;
143 }
144
145 while (1) {
146 tpm_crb_ffa_endpoint_receive(&rpc_endpoint, &req_msg, &resp_msg);
147
148 sp_res = sp_msg_send_direct_resp(&resp_msg, &req_msg);
149 if (sp_res != SP_RESULT_OK) {
150 EMSG("Failed to send direct response %d", sp_res);
151 sp_res = sp_msg_wait(&req_msg);
152 if (sp_res != SP_RESULT_OK) {
153 EMSG("Failed to send message wait %d", sp_res);
154 goto fatal_error;
155 }
156 }
157 }
158
159fatal_error:
160 EMSG("fTPM SP error");
161 while (1) {}
162}
163
164void sp_interrupt_handler(uint32_t interrupt_id)
165{
166 (void)interrupt_id;
167}
168
169ffa_result ffa_vm_created_handler(uint16_t vm_id, uint64_t handle)
170{
171 (void)vm_id;
172 (void)handle;
173
174 return FFA_OK;
175}
176
177ffa_result ffa_vm_destroyed_handler(uint16_t vm_id, uint64_t handle)
178{
179 (void)vm_id;
180 (void)handle;
181
182 return FFA_OK;
183}