TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / hafnium / hafnium.git / 035fa15eb062593d43ce332ce698c6a073885203 / . / src / manifest.c
blob: 0b8a824bf60addb8b410c13b7869077f62567fcc [file] [log] [blame]
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1/*
2 * Copyright 2019 The Hafnium Authors.
3 *
Andrew Walbrane959ec12020-06-17 15:01:09 +0100[diff] [blame]4 * Use of this source code is governed by a BSD-style
5 * license that can be found in the LICENSE file or at
6 * https://opensource.org/licenses/BSD-3-Clause.
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]7 */
8
9#include "hf/manifest.h"
10
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]11#include "hf/arch/types.h"
12
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]13#include "hf/addr.h"
Daniel Boulbya2f8c662021-11-26 17:52:53 +0000[diff] [blame]14#include "hf/assert.h"
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]15#include "hf/boot_info.h"
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]16#include "hf/check.h"
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]17#include "hf/dlog.h"
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]18#include "hf/sp_pkg.h"
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]19#include "hf/static_assert.h"
20#include "hf/std.h"
21
22#define TRY(expr) \
23 do { \
24 enum manifest_return_code ret_code = (expr); \
25 if (ret_code != MANIFEST_SUCCESS) { \
26 return ret_code; \
27 } \
28 } while (0)
29
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]30#define VM_ID_MAX (HF_VM_ID_OFFSET + MAX_VMS - 1)
31#define VM_ID_MAX_DIGITS (5)
32#define VM_NAME_EXTRA_CHARS (3) /* "vm" + number + '\0' */
33#define VM_NAME_MAX_SIZE (VM_ID_MAX_DIGITS + VM_NAME_EXTRA_CHARS)
34static_assert(VM_NAME_MAX_SIZE <= STRING_MAX_SIZE,
35 "VM name does not fit into a struct string.");
36static_assert(VM_ID_MAX <= 99999, "Insufficient VM_NAME_BUF_SIZE");
Olivier Deprez2a8ee342020-08-03 15:10:44 +0200[diff] [blame]37static_assert((HF_OTHER_WORLD_ID > VM_ID_MAX) ||
38 (HF_OTHER_WORLD_ID < HF_VM_ID_BASE),
Andrew Walbran9daa57e2019-09-27 13:33:20 +0100[diff] [blame]39 "TrustZone VM ID clashes with normal VM range.");
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]40
Andrew Walbranb5ab43c2020-04-30 11:32:54 +0100[diff] [blame]41static inline size_t count_digits(ffa_vm_id_t vm_id)
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]42{
43 size_t digits = 0;
44
45 do {
46 digits++;
47 vm_id /= 10;
48 } while (vm_id);
49 return digits;
50}
51
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]52/**
53 * Generates a string with the two letters "vm" followed by an integer.
54 * Assumes `buf` is of size VM_NAME_BUF_SIZE.
55 */
Andrew Walbranb5ab43c2020-04-30 11:32:54 +0100[diff] [blame]56static void generate_vm_node_name(struct string *str, ffa_vm_id_t vm_id)
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]57{
58 static const char *digits = "0123456789";
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]59 size_t vm_id_digits = count_digits(vm_id);
60 char *base = str->data;
61 char *ptr = base + (VM_NAME_EXTRA_CHARS + vm_id_digits);
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]62
Daniel Boulbya2f8c662021-11-26 17:52:53 +0000[diff] [blame]63 assert(vm_id_digits <= VM_ID_MAX_DIGITS);
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]64 *(--ptr) = '\0';
65 do {
66 *(--ptr) = digits[vm_id % 10];
67 vm_id /= 10;
68 } while (vm_id);
69 *(--ptr) = 'm';
70 *(--ptr) = 'v';
Daniel Boulbya2f8c662021-11-26 17:52:53 +0000[diff] [blame]71 assert(ptr == base);
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]72}
73
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]74/**
Andrew Scullb2c3a242019-11-04 13:52:36 +0000[diff] [blame]75 * Read a boolean property: true if present; false if not. If present, the value
76 * of the property must be empty else it is considered malformed.
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]77 */
Andrew Scullb2c3a242019-11-04 13:52:36 +0000[diff] [blame]78static enum manifest_return_code read_bool(const struct fdt_node *node,
79 const char *property, bool *out)
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]80{
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]81 struct memiter data;
82 bool present = fdt_read_property(node, property, &data);
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]83
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]84 if (present && memiter_size(&data) != 0) {
Andrew Scullb2c3a242019-11-04 13:52:36 +0000[diff] [blame]85 return MANIFEST_ERROR_MALFORMED_BOOLEAN;
86 }
87
88 *out = present;
89 return MANIFEST_SUCCESS;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]90}
91
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]92static enum manifest_return_code read_string(const struct fdt_node *node,
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]93 const char *property,
94 struct string *out)
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]95{
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]96 struct memiter data;
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]97
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]98 if (!fdt_read_property(node, property, &data)) {
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]99 return MANIFEST_ERROR_PROPERTY_NOT_FOUND;
100 }
101
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]102 switch (string_init(out, &data)) {
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]103 case STRING_SUCCESS:
104 return MANIFEST_SUCCESS;
105 case STRING_ERROR_INVALID_INPUT:
106 return MANIFEST_ERROR_MALFORMED_STRING;
107 case STRING_ERROR_TOO_LONG:
108 return MANIFEST_ERROR_STRING_TOO_LONG;
109 }
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]110}
111
112static enum manifest_return_code read_optional_string(
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]113 const struct fdt_node *node, const char *property, struct string *out)
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]114{
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]115 enum manifest_return_code ret;
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]116
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]117 ret = read_string(node, property, out);
118 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
119 string_init_empty(out);
120 ret = MANIFEST_SUCCESS;
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]121 }
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]122 return ret;
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]123}
124
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]125static enum manifest_return_code read_uint64(const struct fdt_node *node,
126 const char *property,
127 uint64_t *out)
128{
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]129 struct memiter data;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]130
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]131 if (!fdt_read_property(node, property, &data)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]132 return MANIFEST_ERROR_PROPERTY_NOT_FOUND;
133 }
134
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]135 if (!fdt_parse_number(&data, memiter_size(&data), out)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]136 return MANIFEST_ERROR_MALFORMED_INTEGER;
137 }
138
139 return MANIFEST_SUCCESS;
140}
141
David Brazdil080ee312020-02-25 15:30:30 -0800[diff] [blame]142static enum manifest_return_code read_optional_uint64(
143 const struct fdt_node *node, const char *property,
144 uint64_t default_value, uint64_t *out)
145{
146 enum manifest_return_code ret;
147
148 ret = read_uint64(node, property, out);
149 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
150 *out = default_value;
151 return MANIFEST_SUCCESS;
152 }
153 return ret;
154}
155
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]156static enum manifest_return_code read_uint32(const struct fdt_node *node,
157 const char *property,
158 uint32_t *out)
159{
160 uint64_t value;
161
162 TRY(read_uint64(node, property, &value));
163
164 if (value > UINT32_MAX) {
165 return MANIFEST_ERROR_INTEGER_OVERFLOW;
166 }
167
168 *out = (uint32_t)value;
169 return MANIFEST_SUCCESS;
170}
171
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]172static enum manifest_return_code read_optional_uint32(
173 const struct fdt_node *node, const char *property,
174 uint32_t default_value, uint32_t *out)
175{
176 enum manifest_return_code ret;
177
178 ret = read_uint32(node, property, out);
179 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
180 *out = default_value;
181 return MANIFEST_SUCCESS;
182 }
183 return ret;
184}
185
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]186static enum manifest_return_code read_uint16(const struct fdt_node *node,
187 const char *property,
188 uint16_t *out)
189{
190 uint64_t value;
191
192 TRY(read_uint64(node, property, &value));
193
194 if (value > UINT16_MAX) {
195 return MANIFEST_ERROR_INTEGER_OVERFLOW;
196 }
197
198 *out = (uint16_t)value;
199 return MANIFEST_SUCCESS;
200}
201
J-Alvesb37fd082020-10-22 12:29:21 +0100[diff] [blame]202static enum manifest_return_code read_optional_uint16(
203 const struct fdt_node *node, const char *property,
204 uint16_t default_value, uint16_t *out)
205{
206 enum manifest_return_code ret;
207
208 ret = read_uint16(node, property, out);
209 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
210 *out = default_value;
211 return MANIFEST_SUCCESS;
212 }
213
214 return MANIFEST_SUCCESS;
215}
216
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]217static enum manifest_return_code read_uint8(const struct fdt_node *node,
218 const char *property, uint8_t *out)
219{
220 uint64_t value;
221
222 TRY(read_uint64(node, property, &value));
223
224 if (value > UINT8_MAX) {
225 return MANIFEST_ERROR_INTEGER_OVERFLOW;
226 }
227
228 *out = (uint8_t)value;
229 return MANIFEST_SUCCESS;
230}
231
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]232static enum manifest_return_code read_optional_uint8(
233 const struct fdt_node *node, const char *property,
234 uint8_t default_value, uint8_t *out)
235{
236 enum manifest_return_code ret;
237
238 ret = read_uint8(node, property, out);
239 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
240 *out = default_value;
241 return MANIFEST_SUCCESS;
242 }
243
244 return MANIFEST_SUCCESS;
245}
246
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]247struct uint32list_iter {
248 struct memiter mem_it;
249};
250
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]251static enum manifest_return_code read_uint32list(const struct fdt_node *node,
252 const char *property,
253 struct uint32list_iter *out)
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]254{
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]255 struct memiter data;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]256
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]257 if (!fdt_read_property(node, property, &data)) {
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]258 memiter_init(&out->mem_it, NULL, 0);
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]259 return MANIFEST_ERROR_PROPERTY_NOT_FOUND;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]260 }
261
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]262 if ((memiter_size(&data) % sizeof(uint32_t)) != 0) {
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]263 return MANIFEST_ERROR_MALFORMED_INTEGER_LIST;
264 }
265
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]266 out->mem_it = data;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]267 return MANIFEST_SUCCESS;
268}
269
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]270static enum manifest_return_code read_optional_uint32list(
271 const struct fdt_node *node, const char *property,
272 struct uint32list_iter *out)
273{
274 enum manifest_return_code ret = read_uint32list(node, property, out);
275
276 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
277 return MANIFEST_SUCCESS;
278 }
279 return ret;
280}
281
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]282static bool uint32list_has_next(const struct uint32list_iter *list)
283{
284 return memiter_size(&list->mem_it) > 0;
285}
286
David Brazdil5ea99462020-03-25 13:01:47 +0000[diff] [blame]287static enum manifest_return_code uint32list_get_next(
288 struct uint32list_iter *list, uint32_t *out)
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]289{
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]290 uint64_t num;
291
292 CHECK(uint32list_has_next(list));
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]293 if (!fdt_parse_number(&list->mem_it, sizeof(uint32_t), &num)) {
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]294 return MANIFEST_ERROR_MALFORMED_INTEGER;
295 }
296
David Brazdil5ea99462020-03-25 13:01:47 +0000[diff] [blame]297 *out = (uint32_t)num;
298 return MANIFEST_SUCCESS;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]299}
300
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]301static enum manifest_return_code parse_vm_common(const struct fdt_node *node,
302 struct manifest_vm *vm,
303 ffa_vm_id_t vm_id)
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]304{
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]305 struct uint32list_iter smcs;
David Brazdil5ea99462020-03-25 13:01:47 +0000[diff] [blame]306 size_t idx;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]307
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]308 TRY(read_bool(node, "is_ffa_partition", &vm->is_ffa_partition));
309
Raghu Krishnamurthyb49549e2021-07-02 08:27:38 -0700[diff] [blame]310 TRY(read_bool(node, "hyp_loaded", &vm->is_hyp_loaded));
311
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]312 TRY(read_string(node, "debug_name", &vm->debug_name));
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]313
314 TRY(read_optional_uint32list(node, "smc_whitelist", &smcs));
315 while (uint32list_has_next(&smcs) &&
316 vm->smc_whitelist.smc_count < MAX_SMCS) {
David Brazdil5ea99462020-03-25 13:01:47 +0000[diff] [blame]317 idx = vm->smc_whitelist.smc_count++;
318 TRY(uint32list_get_next(&smcs, &vm->smc_whitelist.smcs[idx]));
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]319 }
320
321 if (uint32list_has_next(&smcs)) {
Andrew Walbran17eebf92020-02-05 16:35:49 +0000[diff] [blame]322 dlog_warning("%s SMC whitelist too long.\n", vm->debug_name);
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]323 }
324
Andrew Scullb2c3a242019-11-04 13:52:36 +0000[diff] [blame]325 TRY(read_bool(node, "smc_whitelist_permissive",
326 &vm->smc_whitelist.permissive));
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]327
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]328 if (vm_id != HF_PRIMARY_VM_ID) {
329 TRY(read_uint64(node, "mem_size", &vm->secondary.mem_size));
330 TRY(read_uint16(node, "vcpu_count", &vm->secondary.vcpu_count));
Fuad Tabba50469e02020-06-30 15:14:28 +0100[diff] [blame]331 TRY(read_optional_string(node, "fdt_filename",
332 &vm->secondary.fdt_filename));
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]333 }
334
335 return MANIFEST_SUCCESS;
336}
337
338static enum manifest_return_code parse_vm(struct fdt_node *node,
339 struct manifest_vm *vm,
340 ffa_vm_id_t vm_id)
341{
342 TRY(read_optional_string(node, "kernel_filename",
343 &vm->kernel_filename));
344
David Brazdile6f83222019-09-23 14:47:37 +0100[diff] [blame]345 if (vm_id == HF_PRIMARY_VM_ID) {
346 TRY(read_optional_string(node, "ramdisk_filename",
347 &vm->primary.ramdisk_filename));
David Brazdil080ee312020-02-25 15:30:30 -0800[diff] [blame]348 TRY(read_optional_uint64(node, "boot_address",
349 MANIFEST_INVALID_ADDRESS,
350 &vm->primary.boot_address));
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]351 }
Raghu Krishnamurthy988a5e72021-02-27 21:46:06 -0800[diff] [blame]352 TRY(read_optional_uint8(node, "exception-level", (uint8_t)EL1,
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]353 (uint8_t *)&vm->partition.run_time_el));
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]354
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]355 return MANIFEST_SUCCESS;
356}
357
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]358static enum manifest_return_code parse_ffa_memory_region_node(
Manish Pandeyfa1f2912020-05-05 12:57:01 +0100[diff] [blame]359 struct fdt_node *mem_node, struct memory_region *mem_regions,
Manish Pandey2145c212020-05-01 16:04:22 +0100[diff] [blame]360 uint8_t *count, struct rx_tx *rxtx)
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]361{
Manish Pandeyfa1f2912020-05-05 12:57:01 +0100[diff] [blame]362 uint32_t phandle;
Manish Pandey2145c212020-05-01 16:04:22 +0100[diff] [blame]363 uint8_t i = 0;
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]364
365 dlog_verbose(" Partition memory regions\n");
366
367 if (!fdt_is_compatible(mem_node, "arm,ffa-manifest-memory-regions")) {
368 return MANIFEST_ERROR_NOT_COMPATIBLE;
369 }
370
371 if (!fdt_first_child(mem_node)) {
372 return MANIFEST_ERROR_MEMORY_REGION_NODE_EMPTY;
373 }
374
375 do {
376 dlog_verbose(" Memory Region[%u]\n", i);
377
378 TRY(read_optional_string(mem_node, "description",
379 &mem_regions[i].name));
380 dlog_verbose(" Name: %s\n",
381 string_data(&mem_regions[i].name));
382
383 TRY(read_optional_uint64(mem_node, "base-address",
384 MANIFEST_INVALID_ADDRESS,
385 &mem_regions[i].base_address));
386 dlog_verbose(" Base address: %#x\n",
387 mem_regions[i].base_address);
388
389 TRY(read_uint32(mem_node, "pages-count",
390 &mem_regions[i].page_count));
391 dlog_verbose(" Pages_count: %u\n",
392 mem_regions[i].page_count);
393
394 TRY(read_uint32(mem_node, "attributes",
395 &mem_regions[i].attributes));
Raghu Krishnamurthy384693c2021-10-11 13:56:24 -0700[diff] [blame]396
Olivier Deprez035fa152022-03-14 11:19:10 +0100[diff] [blame^]397 /*
398 * Check RWX permission attributes.
399 * Security attribute is checked at load phase.
400 */
401 uint32_t permissions = mem_regions[i].attributes &
402 (MANIFEST_REGION_ATTR_READ |
403 MANIFEST_REGION_ATTR_WRITE |
404 MANIFEST_REGION_ATTR_EXEC);
405 if (permissions != MANIFEST_REGION_ATTR_READ &&
406 permissions != (MANIFEST_REGION_ATTR_READ |
407 MANIFEST_REGION_ATTR_WRITE) &&
408 permissions != (MANIFEST_REGION_ATTR_READ |
409 MANIFEST_REGION_ATTR_EXEC)) {
Raghu Krishnamurthy384693c2021-10-11 13:56:24 -0700[diff] [blame]410 return MANIFEST_ERROR_INVALID_MEM_PERM;
411 }
412
Olivier Deprez035fa152022-03-14 11:19:10 +0100[diff] [blame^]413 /* Filter memory region attributes. */
414 mem_regions[i].attributes &= MANIFEST_REGION_ALL_ATTR_MASK;
415
416 dlog_verbose(" Attributes: %#x\n",
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]417 mem_regions[i].attributes);
Manish Pandeyfa1f2912020-05-05 12:57:01 +0100[diff] [blame]418
Manish Pandeya70a4192020-10-07 22:05:04 +0100[diff] [blame]419 if (rxtx->available) {
420 TRY(read_optional_uint32(
421 mem_node, "phandle",
422 (uint32_t)MANIFEST_INVALID_ADDRESS, &phandle));
423 if (phandle == rxtx->rx_phandle) {
424 dlog_verbose(" Assigned as RX buffer\n");
425 rxtx->rx_buffer = &mem_regions[i];
426 } else if (phandle == rxtx->tx_phandle) {
427 dlog_verbose(" Assigned as TX buffer\n");
428 rxtx->tx_buffer = &mem_regions[i];
429 }
Manish Pandeyfa1f2912020-05-05 12:57:01 +0100[diff] [blame]430 }
431
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]432 i++;
433 } while (fdt_next_sibling(mem_node) && (i < SP_MAX_MEMORY_REGIONS));
434
Manish Pandeya70a4192020-10-07 22:05:04 +0100[diff] [blame]435 if (rxtx->available &&
436 (rxtx->rx_buffer->page_count != rxtx->tx_buffer->page_count)) {
Manish Pandeyf06c9072020-09-29 15:41:58 +0100[diff] [blame]437 return MANIFEST_ERROR_RXTX_SIZE_MISMATCH;
438 }
439
Manish Pandey2145c212020-05-01 16:04:22 +0100[diff] [blame]440 *count = i;
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]441
442 return MANIFEST_SUCCESS;
443}
444
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]445static enum manifest_return_code parse_ffa_device_region_node(
Manish Pandey2145c212020-05-01 16:04:22 +0100[diff] [blame]446 struct fdt_node *dev_node, struct device_region *dev_regions,
447 uint8_t *count)
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]448{
449 struct uint32list_iter list;
Manish Pandey2145c212020-05-01 16:04:22 +0100[diff] [blame]450 uint8_t i = 0;
Madhukar Pappireddy5fc8be12021-08-03 11:42:53 -0500[diff] [blame]451 uint32_t j = 0;
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]452
453 dlog_verbose(" Partition Device Regions\n");
454
455 if (!fdt_is_compatible(dev_node, "arm,ffa-manifest-device-regions")) {
456 return MANIFEST_ERROR_NOT_COMPATIBLE;
457 }
458
459 if (!fdt_first_child(dev_node)) {
460 return MANIFEST_ERROR_DEVICE_REGION_NODE_EMPTY;
461 }
462
463 do {
464 dlog_verbose(" Device Region[%u]\n", i);
465
466 TRY(read_optional_string(dev_node, "description",
467 &dev_regions[i].name));
468 dlog_verbose(" Name: %s\n",
469 string_data(&dev_regions[i].name));
470
471 TRY(read_uint64(dev_node, "base-address",
472 &dev_regions[i].base_address));
473 dlog_verbose(" Base address: %#x\n",
474 dev_regions[i].base_address);
475
476 TRY(read_uint32(dev_node, "pages-count",
477 &dev_regions[i].page_count));
478 dlog_verbose(" Pages_count: %u\n",
479 dev_regions[i].page_count);
480
481 TRY(read_uint32(dev_node, "attributes",
482 &dev_regions[i].attributes));
Raghu Krishnamurthy384693c2021-10-11 13:56:24 -0700[diff] [blame]483
Olivier Deprez035fa152022-03-14 11:19:10 +0100[diff] [blame^]484 /*
485 * Check RWX permission attributes.
486 * Security attribute is checked at load phase.
487 */
488 uint32_t permissions = dev_regions[i].attributes &
489 (MANIFEST_REGION_ATTR_READ |
490 MANIFEST_REGION_ATTR_WRITE |
491 MANIFEST_REGION_ATTR_EXEC);
492
493 if (permissions != MANIFEST_REGION_ATTR_READ &&
494 permissions != (MANIFEST_REGION_ATTR_READ |
495 MANIFEST_REGION_ATTR_WRITE)) {
Raghu Krishnamurthy384693c2021-10-11 13:56:24 -0700[diff] [blame]496 return MANIFEST_ERROR_INVALID_MEM_PERM;
497 }
498
Olivier Deprez035fa152022-03-14 11:19:10 +0100[diff] [blame^]499 /* Filer device region attributes. */
500 dev_regions[i].attributes = dev_regions[i].attributes &
501 MANIFEST_REGION_ALL_ATTR_MASK;
502
503 dlog_verbose(" Attributes: %#x\n",
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]504 dev_regions[i].attributes);
505
506 TRY(read_optional_uint32list(dev_node, "interrupts", &list));
507 dlog_verbose(" Interrupt List:\n");
508 j = 0;
509 while (uint32list_has_next(&list) &&
510 j < SP_MAX_INTERRUPTS_PER_DEVICE) {
511 TRY(uint32list_get_next(
512 &list, &dev_regions[i].interrupts[j].id));
513 if (uint32list_has_next(&list)) {
514 TRY(uint32list_get_next(&list,
515 &dev_regions[i]
516 .interrupts[j]
517 .attributes));
518 } else {
519 return MANIFEST_ERROR_MALFORMED_INTEGER_LIST;
520 }
521
522 dlog_verbose(" ID = %u, attributes = %u\n",
523 dev_regions[i].interrupts[j].id,
524 dev_regions[i].interrupts[j].attributes);
525 j++;
526 }
Madhukar Pappireddy5fc8be12021-08-03 11:42:53 -0500[diff] [blame]527
528 dev_regions[i].interrupt_count = j;
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]529 if (j == 0) {
530 dlog_verbose(" Empty\n");
531 }
532
533 TRY(read_optional_uint32(dev_node, "smmu-id",
Madhukar Pappireddy54680c72020-10-23 15:02:38 -0500[diff] [blame]534 MANIFEST_INVALID_ID,
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]535 &dev_regions[i].smmu_id));
Olivier Deprez86d87ae2021-08-19 14:27:46 +0200[diff] [blame]536 if (dev_regions[i].smmu_id != MANIFEST_INVALID_ID) {
537 dlog_verbose(" smmu-id: %u\n",
538 dev_regions[i].smmu_id);
539 }
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]540
541 TRY(read_optional_uint32list(dev_node, "stream-ids", &list));
542 dlog_verbose(" Stream IDs assigned:\n");
543
544 j = 0;
545 while (uint32list_has_next(&list) &&
546 j < SP_MAX_STREAMS_PER_DEVICE) {
547 TRY(uint32list_get_next(&list,
548 &dev_regions[i].stream_ids[j]));
549 dlog_verbose(" %u\n",
550 dev_regions[i].stream_ids[j]);
551 j++;
552 }
553 if (j == 0) {
554 dlog_verbose(" None\n");
555 }
Madhukar Pappireddy54680c72020-10-23 15:02:38 -0500[diff] [blame]556 dev_regions[i].stream_count = j;
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]557
558 TRY(read_bool(dev_node, "exclusive-access",
559 &dev_regions[i].exclusive_access));
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]560 dlog_verbose(" Exclusive_access: %u\n",
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]561 dev_regions[i].exclusive_access);
562
563 i++;
564 } while (fdt_next_sibling(dev_node) && (i < SP_MAX_DEVICE_REGIONS));
565
Manish Pandey2145c212020-05-01 16:04:22 +0100[diff] [blame]566 *count = i;
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]567
568 return MANIFEST_SUCCESS;
569}
570
Raghu Krishnamurthyb49549e2021-07-02 08:27:38 -0700[diff] [blame]571enum manifest_return_code parse_ffa_manifest(struct fdt *fdt,
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]572 struct manifest_vm *vm,
573 struct fdt_node *boot_info_node)
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]574{
575 unsigned int i = 0;
576 struct uint32list_iter uuid;
577 uint32_t uuid_word;
578 struct fdt_node root;
579 struct fdt_node ffa_node;
580 struct string rxtx_node_name = STRING_INIT("rx_tx-info");
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]581 struct string mem_region_node_name = STRING_INIT("memory-regions");
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]582 struct string dev_region_node_name = STRING_INIT("device-regions");
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]583 struct string boot_info_node_name = STRING_INIT("boot-info");
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]584
585 if (!fdt_find_node(fdt, "/", &root)) {
586 return MANIFEST_ERROR_NO_ROOT_NODE;
587 }
588
589 /* Check "compatible" property. */
590 if (!fdt_is_compatible(&root, "arm,ffa-manifest-1.0")) {
591 return MANIFEST_ERROR_NOT_COMPATIBLE;
592 }
593
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]594 TRY(read_uint32(&root, "ffa-version", &vm->partition.ffa_version));
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]595 dlog_verbose(" Expected FF-A version %u.%u\n",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]596 vm->partition.ffa_version >> 16,
597 vm->partition.ffa_version & 0xffff);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]598
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]599 TRY(read_uint32list(&root, "uuid", &uuid));
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]600
601 while (uint32list_has_next(&uuid) && i < 4) {
602 TRY(uint32list_get_next(&uuid, &uuid_word));
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]603 vm->partition.uuid.uuid[i] = uuid_word;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]604 i++;
605 }
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]606 dlog_verbose(" UUID %#x-%x-%x-%x\n", vm->partition.uuid.uuid[0],
607 vm->partition.uuid.uuid[1], vm->partition.uuid.uuid[2],
608 vm->partition.uuid.uuid[3]);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]609
610 TRY(read_uint16(&root, "execution-ctx-count",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]611 &vm->partition.execution_ctx_count));
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]612 dlog_verbose(" Number of execution context %u\n",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]613 vm->partition.execution_ctx_count);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]614
615 TRY(read_uint8(&root, "exception-level",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]616 (uint8_t *)&vm->partition.run_time_el));
617 dlog_verbose(" Run-time EL %u\n", vm->partition.run_time_el);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]618
619 TRY(read_uint8(&root, "execution-state",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]620 (uint8_t *)&vm->partition.execution_state));
621 dlog_verbose(" Execution state %u\n", vm->partition.execution_state);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]622
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]623 TRY(read_optional_uint64(&root, "load-address", 0,
624 &vm->partition.load_addr));
625 dlog_verbose(" Load address %#x\n", vm->partition.load_addr);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]626
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]627 TRY(read_optional_uint64(&root, "entrypoint-offset", 0,
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]628 &vm->partition.ep_offset));
629 dlog_verbose(" Entry point offset %#x\n", vm->partition.ep_offset);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]630
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]631 TRY(read_optional_uint32(&root, "gp-register-num",
632 DEFAULT_BOOT_GP_REGISTER,
633 &vm->partition.gp_register_num));
634 dlog_verbose(" Boot GP register: %#x\n",
635 vm->partition.gp_register_num);
636
J-Alvesb37fd082020-10-22 12:29:21 +0100[diff] [blame]637 TRY(read_optional_uint16(&root, "boot-order", DEFAULT_BOOT_ORDER,
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]638 &vm->partition.boot_order));
639 dlog_verbose(" Boot order %#u\n", vm->partition.boot_order);
J-Alvesb37fd082020-10-22 12:29:21 +0100[diff] [blame]640
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]641 TRY(read_optional_uint8(&root, "xlat-granule", 0,
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]642 (uint8_t *)&vm->partition.xlat_granule));
643 dlog_verbose(" Translation granule %u\n", vm->partition.xlat_granule);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]644
645 ffa_node = root;
646 if (fdt_find_child(&ffa_node, &rxtx_node_name)) {
647 if (!fdt_is_compatible(&ffa_node,
648 "arm,ffa-manifest-rx_tx-buffer")) {
649 return MANIFEST_ERROR_NOT_COMPATIBLE;
650 }
651
Manish Pandeyfa1f2912020-05-05 12:57:01 +0100[diff] [blame]652 /*
653 * Read only phandles for now, it will be used to update buffers
654 * while parsing memory regions.
655 */
656 TRY(read_uint32(&ffa_node, "rx-buffer",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]657 &vm->partition.rxtx.rx_phandle));
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]658
Manish Pandeyfa1f2912020-05-05 12:57:01 +0100[diff] [blame]659 TRY(read_uint32(&ffa_node, "tx-buffer",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]660 &vm->partition.rxtx.tx_phandle));
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]661
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]662 vm->partition.rxtx.available = true;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]663 }
664
665 TRY(read_uint8(&root, "messaging-method",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]666 (uint8_t *)&vm->partition.messaging_method));
667 dlog_verbose(" Messaging method %u\n", vm->partition.messaging_method);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]668
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]669 TRY(read_bool(&root, "managed-exit", &vm->partition.managed_exit));
J-Alvesa4730db2021-11-02 10:31:01 +0000[diff] [blame]670 if (vm->partition.managed_exit) {
671 dlog_verbose(" Managed Exit Supported\n");
672 }
673
674 TRY(read_bool(&root, "notification-support",
675 &vm->partition.notification_support));
676 if (vm->partition.notification_support) {
677 dlog_verbose(" Notifications Receipt Supported\n");
678 }
Maksims Svecovs9ddf86a2021-05-06 17:17:21 +0100[diff] [blame]679
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]680 /* Parse boot info node. */
681 if (boot_info_node != NULL) {
682 ffa_node = root;
683 vm->partition.boot_info =
684 fdt_find_child(&ffa_node, &boot_info_node_name);
685 if (vm->partition.boot_info) {
686 *boot_info_node = ffa_node;
687 }
688 } else {
689 vm->partition.boot_info = false;
690 }
691
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]692 /* Parse memory-regions */
693 ffa_node = root;
694 if (fdt_find_child(&ffa_node, &mem_region_node_name)) {
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]695 TRY(parse_ffa_memory_region_node(
696 &ffa_node, vm->partition.mem_regions,
697 &vm->partition.mem_region_count, &vm->partition.rxtx));
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]698 }
Manish Pandey2145c212020-05-01 16:04:22 +0100[diff] [blame]699 dlog_verbose(" Total %u memory regions found\n",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]700 vm->partition.mem_region_count);
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]701
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]702 /* Parse Device-regions */
703 ffa_node = root;
704 if (fdt_find_child(&ffa_node, &dev_region_node_name)) {
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]705 TRY(parse_ffa_device_region_node(
706 &ffa_node, vm->partition.dev_regions,
707 &vm->partition.dev_region_count));
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]708 }
Manish Pandey2145c212020-05-01 16:04:22 +0100[diff] [blame]709 dlog_verbose(" Total %u device regions found\n",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]710 vm->partition.dev_region_count);
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]711
J-Alves4eb7b542022-03-02 15:21:52 +0000[diff] [blame]712 return sanity_check_ffa_manifest(vm);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]713}
714
Raghu Krishnamurthyb49549e2021-07-02 08:27:38 -0700[diff] [blame]715enum manifest_return_code sanity_check_ffa_manifest(struct manifest_vm *vm)
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]716{
717 uint16_t ffa_version_major;
718 uint16_t ffa_version_minor;
719 enum manifest_return_code ret_code = MANIFEST_SUCCESS;
720 const char *error_string = "specified in manifest is unsupported";
Madhukar Pappireddy5fc8be12021-08-03 11:42:53 -0500[diff] [blame]721 uint32_t k = 0;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]722
723 /* ensure that the SPM version is compatible */
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]724 ffa_version_major = (vm->partition.ffa_version & 0xffff0000) >>
725 FFA_VERSION_MAJOR_OFFSET;
726 ffa_version_minor = vm->partition.ffa_version & 0xffff;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]727
728 if (ffa_version_major != FFA_VERSION_MAJOR ||
729 ffa_version_minor > FFA_VERSION_MINOR) {
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]730 dlog_error("FF-A partition manifest version %s: %u.%u\n",
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]731 error_string, ffa_version_major, ffa_version_minor);
732 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
733 }
734
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]735 if (vm->partition.xlat_granule != PAGE_4KB) {
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]736 dlog_error("Translation granule %s: %u\n", error_string,
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]737 vm->partition.xlat_granule);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]738 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
739 }
740
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]741 if (vm->partition.execution_state != AARCH64) {
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]742 dlog_error("Execution state %s: %u\n", error_string,
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]743 vm->partition.execution_state);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]744 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
745 }
746
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]747 if (vm->partition.run_time_el != EL1 &&
748 vm->partition.run_time_el != S_EL1 &&
749 vm->partition.run_time_el != S_EL0) {
Raghu Krishnamurthyac5a8092021-01-03 14:23:51 -0800[diff] [blame]750 dlog_error("Exception level %s: %d\n", error_string,
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]751 vm->partition.run_time_el);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]752 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
753 }
754
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]755 if ((vm->partition.messaging_method &
Maksims Svecovsb596eab2021-04-27 00:52:27 +0100[diff] [blame]756 ~(FFA_PARTITION_DIRECT_REQ_RECV | FFA_PARTITION_DIRECT_REQ_SEND |
Maksims Svecovs9ddf86a2021-05-06 17:17:21 +0100[diff] [blame]757 FFA_PARTITION_INDIRECT_MSG)) != 0U) {
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]758 dlog_error("Messaging method %s: %x\n", error_string,
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]759 vm->partition.messaging_method);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]760 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
761 }
762
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]763 if (vm->partition.run_time_el == S_EL0 &&
764 vm->partition.execution_ctx_count != 1) {
Raghu Krishnamurthycd1eceb2021-01-04 12:20:48 -0800[diff] [blame]765 dlog_error(
766 "Exception level and execution context count %s: %d "
767 "%d\n",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]768 error_string, vm->partition.run_time_el,
769 vm->partition.execution_ctx_count);
Raghu Krishnamurthycd1eceb2021-01-04 12:20:48 -0800[diff] [blame]770 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
771 }
772
Madhukar Pappireddy5fc8be12021-08-03 11:42:53 -0500[diff] [blame]773 for (uint8_t i = 0; i < vm->partition.dev_region_count; i++) {
774 struct device_region dev_region;
775
776 dev_region = vm->partition.dev_regions[i];
777
778 if (dev_region.interrupt_count > SP_MAX_INTERRUPTS_PER_DEVICE) {
779 dlog_error(
780 "Interrupt count for device region exceeds "
781 "limit.\n");
782 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
783 continue;
784 }
785
786 for (uint8_t j = 0; j < dev_region.interrupt_count; j++) {
787 k++;
788 if (k > VM_MANIFEST_MAX_INTERRUPTS) {
789 dlog_error(
790 "Interrupt count for VM exceeds "
791 "limit.\n");
792 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
793 continue;
794 }
795 }
796 }
797
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]798 /* GP register is restricted to one of x0 - x3. */
799 if (vm->partition.gp_register_num != -1 &&
800 vm->partition.gp_register_num > 3) {
801 dlog_error("GP register number %s: %u\n", error_string,
802 vm->partition.gp_register_num);
803 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
804 }
805
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]806 return ret_code;
807}
808
809static enum manifest_return_code parse_ffa_partition_package(
810 struct mm_stage1_locked stage1_locked, struct fdt_node *node,
811 struct manifest_vm *vm, ffa_vm_id_t vm_id, struct mpool *ppool)
812{
813 enum manifest_return_code ret = MANIFEST_ERROR_NOT_COMPATIBLE;
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]814 uintpaddr_t load_address;
815 struct sp_pkg_header header;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]816 struct fdt sp_fdt;
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]817 vaddr_t pkg_start;
818 vaddr_t manifest_address;
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]819 struct fdt_node boot_info_node;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]820
821 /*
822 * This must have been hinted as being an FF-A partition,
823 * return straight with failure if this is not the case.
824 */
825 if (!vm->is_ffa_partition) {
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]826 return ret;
827 }
828
829 TRY(read_uint64(node, "load_address", &load_address));
830 if (!is_aligned(load_address, PAGE_SIZE)) {
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]831 return MANIFEST_ERROR_NOT_COMPATIBLE;
832 }
833
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]834 assert(load_address != 0U);
835
836 if (!sp_pkg_init(stage1_locked, pa_init(load_address), &header,
837 ppool)) {
838 return ret;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]839 }
840
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]841 pkg_start = va_init(load_address);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]842
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]843 if (vm_id != HF_PRIMARY_VM_ID &&
844 sp_pkg_get_mem_size(&header) >= vm->secondary.mem_size) {
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]845 dlog_error("Invalid package header or DT size.\n");
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]846 goto out;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]847 }
848
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]849 manifest_address = va_add(va_init(load_address), header.pm_offset);
850 if (!fdt_init_from_ptr(&sp_fdt, ptr_from_va(manifest_address),
851 header.pm_size)) {
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]852 dlog_error("FDT failed validation.\n");
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]853 goto out;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]854 }
855
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]856 ret = parse_ffa_manifest(&sp_fdt, vm, &boot_info_node);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]857 if (ret != MANIFEST_SUCCESS) {
J-Alves4eb7b542022-03-02 15:21:52 +0000[diff] [blame]858 dlog_error("Error parsing partition manifest: %s.\n",
859 manifest_strerror(ret));
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]860 goto out;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]861 }
862
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]863 if (vm->partition.load_addr != load_address) {
J-Alvesa26ea212021-03-22 14:33:47 +0000[diff] [blame]864 dlog_warning(
865 "Partition's load address at its manifest differs"
866 " from specified in partition's package.\n");
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]867 vm->partition.load_addr = load_address;
J-Alvesa26ea212021-03-22 14:33:47 +0000[diff] [blame]868 }
869
J-Alves889a1d72022-05-13 11:38:27 +0100[diff] [blame]870 if (vm->partition.gp_register_num != DEFAULT_BOOT_GP_REGISTER) {
871 if (header.version == SP_PKG_HEADER_VERSION_2 &&
872 vm->partition.boot_info &&
873 !ffa_boot_info_node(&boot_info_node, pkg_start, &header)) {
874 dlog_error("Failed to process boot information.\n");
875 }
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]876 }
877
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]878out:
879 sp_pkg_deinit(stage1_locked, pkg_start, &header, ppool);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]880 return ret;
881}
882
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]883/**
884 * Parse manifest from FDT.
885 */
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]886enum manifest_return_code manifest_init(struct mm_stage1_locked stage1_locked,
887 struct manifest *manifest,
888 struct memiter *manifest_fdt,
889 struct mpool *ppool)
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]890{
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]891 struct string vm_name;
892 struct fdt fdt;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]893 struct fdt_node hyp_node;
894 size_t i = 0;
895 bool found_primary_vm = false;
896
897 memset_s(manifest, sizeof(*manifest), 0, sizeof(*manifest));
898
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]899 if (!fdt_init_from_memiter(&fdt, manifest_fdt)) {
900 return MANIFEST_ERROR_FILE_SIZE; /* TODO */
David Brazdila2358d42020-01-27 18:51:38 +0000[diff] [blame]901 }
902
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]903 /* Find hypervisor node. */
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]904 if (!fdt_find_node(&fdt, "/hypervisor", &hyp_node)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]905 return MANIFEST_ERROR_NO_HYPERVISOR_FDT_NODE;
906 }
907
David Brazdil74e9c3b2019-08-28 11:09:08 +0100[diff] [blame]908 /* Check "compatible" property. */
David Brazdilf4925382020-03-25 13:33:51 +0000[diff] [blame]909 if (!fdt_is_compatible(&hyp_node, "hafnium,hafnium")) {
David Brazdil74e9c3b2019-08-28 11:09:08 +0100[diff] [blame]910 return MANIFEST_ERROR_NOT_COMPATIBLE;
911 }
912
Olivier Deprez622ab8d2021-08-02 12:15:45 +0200[diff] [blame]913 TRY(read_bool(&hyp_node, "ffa_tee_enabled",
914 &manifest->ffa_tee_enabled));
Andrew Walbran41a49d82020-01-10 17:46:38 +0000[diff] [blame]915
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]916 /* Iterate over reserved VM IDs and check no such nodes exist. */
Olivier Deprez2a8ee342020-08-03 15:10:44 +0200[diff] [blame]917 for (i = HF_VM_ID_BASE; i < HF_VM_ID_OFFSET; i++) {
918 ffa_vm_id_t vm_id = (ffa_vm_id_t)i - HF_VM_ID_BASE;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]919 struct fdt_node vm_node = hyp_node;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]920
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]921 generate_vm_node_name(&vm_name, vm_id);
922 if (fdt_find_child(&vm_node, &vm_name)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]923 return MANIFEST_ERROR_RESERVED_VM_ID;
924 }
925 }
926
927 /* Iterate over VM nodes until we find one that does not exist. */
928 for (i = 0; i <= MAX_VMS; ++i) {
Andrew Walbranb5ab43c2020-04-30 11:32:54 +0100[diff] [blame]929 ffa_vm_id_t vm_id = HF_VM_ID_OFFSET + i;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]930 struct fdt_node vm_node = hyp_node;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]931
Olivier Deprez2a8ee342020-08-03 15:10:44 +0200[diff] [blame]932 generate_vm_node_name(&vm_name, vm_id - HF_VM_ID_BASE);
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]933 if (!fdt_find_child(&vm_node, &vm_name)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]934 break;
935 }
936
937 if (i == MAX_VMS) {
938 return MANIFEST_ERROR_TOO_MANY_VMS;
939 }
940
941 if (vm_id == HF_PRIMARY_VM_ID) {
942 CHECK(found_primary_vm == false); /* sanity check */
943 found_primary_vm = true;
944 }
945
David Brazdil0251b942019-09-10 15:59:50 +0100[diff] [blame]946 manifest->vm_count = i + 1;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]947
948 TRY(parse_vm_common(&vm_node, &manifest->vm[i], vm_id));
949
Raghu Krishnamurthyb49549e2021-07-02 08:27:38 -0700[diff] [blame]950 CHECK(!manifest->vm[i].is_hyp_loaded ||
951 manifest->vm[i].is_ffa_partition);
952
953 if (manifest->vm[i].is_ffa_partition &&
954 !manifest->vm[i].is_hyp_loaded) {
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]955 TRY(parse_ffa_partition_package(stage1_locked, &vm_node,
956 &manifest->vm[i], vm_id,
957 ppool));
958 } else {
959 TRY(parse_vm(&vm_node, &manifest->vm[i], vm_id));
960 }
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]961 }
962
Olivier Deprezfb05f3c2020-11-10 17:48:04 +0100[diff] [blame]963 if (!found_primary_vm && vm_id_is_current_world(HF_PRIMARY_VM_ID)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]964 return MANIFEST_ERROR_NO_PRIMARY_VM;
965 }
966
967 return MANIFEST_SUCCESS;
968}
969
970const char *manifest_strerror(enum manifest_return_code ret_code)
971{
972 switch (ret_code) {
973 case MANIFEST_SUCCESS:
974 return "Success";
David Brazdila2358d42020-01-27 18:51:38 +0000[diff] [blame]975 case MANIFEST_ERROR_FILE_SIZE:
976 return "Total size in header does not match file size";
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]977 case MANIFEST_ERROR_MALFORMED_DTB:
978 return "Malformed device tree blob";
David Brazdila2358d42020-01-27 18:51:38 +0000[diff] [blame]979 case MANIFEST_ERROR_NO_ROOT_NODE:
980 return "Could not find root node in manifest";
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]981 case MANIFEST_ERROR_NO_HYPERVISOR_FDT_NODE:
982 return "Could not find \"hypervisor\" node in manifest";
David Brazdil74e9c3b2019-08-28 11:09:08 +0100[diff] [blame]983 case MANIFEST_ERROR_NOT_COMPATIBLE:
984 return "Hypervisor manifest entry not compatible with Hafnium";
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]985 case MANIFEST_ERROR_RESERVED_VM_ID:
986 return "Manifest defines a VM with a reserved ID";
987 case MANIFEST_ERROR_NO_PRIMARY_VM:
988 return "Manifest does not contain a primary VM entry";
989 case MANIFEST_ERROR_TOO_MANY_VMS:
990 return "Manifest specifies more VMs than Hafnium has "
991 "statically allocated space for";
992 case MANIFEST_ERROR_PROPERTY_NOT_FOUND:
993 return "Property not found";
994 case MANIFEST_ERROR_MALFORMED_STRING:
995 return "Malformed string property";
David Brazdil0dbb41f2019-09-09 18:03:35 +0100[diff] [blame]996 case MANIFEST_ERROR_STRING_TOO_LONG:
997 return "String too long";
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]998 case MANIFEST_ERROR_MALFORMED_INTEGER:
999 return "Malformed integer property";
1000 case MANIFEST_ERROR_INTEGER_OVERFLOW:
1001 return "Integer overflow";
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]1002 case MANIFEST_ERROR_MALFORMED_INTEGER_LIST:
1003 return "Malformed integer list property";
Andrew Scullb2c3a242019-11-04 13:52:36 +0000[diff] [blame]1004 case MANIFEST_ERROR_MALFORMED_BOOLEAN:
1005 return "Malformed boolean property";
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]1006 case MANIFEST_ERROR_MEMORY_REGION_NODE_EMPTY:
1007 return "Memory-region node should have at least one entry";
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]1008 case MANIFEST_ERROR_DEVICE_REGION_NODE_EMPTY:
1009 return "Device-region node should have at least one entry";
Manish Pandeyf06c9072020-09-29 15:41:58 +0100[diff] [blame]1010 case MANIFEST_ERROR_RXTX_SIZE_MISMATCH:
1011 return "RX and TX buffers should be of same size";
Raghu Krishnamurthy384693c2021-10-11 13:56:24 -0700[diff] [blame]1012 case MANIFEST_ERROR_INVALID_MEM_PERM:
1013 return "Memory permission should be RO, RW or RX";
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]1014 case MANIFEST_ERROR_ARGUMENTS_LIST_EMPTY:
1015 return "Arguments-list node should have at least one argument";
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1016 }
1017
1018 panic("Unexpected manifest return code.");
1019}