TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / hafnium / hafnium.git / 0690edd656c69ca36f92a10bd1299bceb1e2d597 / . / src / manifest.c
blob: c6add6466ce90acf4e013be1af3a9a1dde4dc7c3 [file] [log] [blame]
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1/*
2 * Copyright 2019 The Hafnium Authors.
3 *
Andrew Walbrane959ec12020-06-17 15:01:09 +0100[diff] [blame]4 * Use of this source code is governed by a BSD-style
5 * license that can be found in the LICENSE file or at
6 * https://opensource.org/licenses/BSD-3-Clause.
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]7 */
8
9#include "hf/manifest.h"
10
J-Alvesd8a1d362023-03-08 11:15:28 +0000[diff] [blame]11#include <stddef.h>
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]12#include <stdint.h>
J-Alvesd8a1d362023-03-08 11:15:28 +0000[diff] [blame]13
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]14#include "hf/arch/types.h"
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]15#include "hf/arch/vmid_base.h"
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]16
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]17#include "hf/addr.h"
Daniel Boulbya2f8c662021-11-26 17:52:53 +0000[diff] [blame]18#include "hf/assert.h"
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]19#include "hf/boot_info.h"
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]20#include "hf/boot_params.h"
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]21#include "hf/check.h"
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]22#include "hf/dlog.h"
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]23#include "hf/fdt.h"
24#include "hf/mm.h"
25#include "hf/mpool.h"
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]26#include "hf/sp_pkg.h"
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]27#include "hf/static_assert.h"
28#include "hf/std.h"
29
30#define TRY(expr) \
31 do { \
32 enum manifest_return_code ret_code = (expr); \
33 if (ret_code != MANIFEST_SUCCESS) { \
34 return ret_code; \
35 } \
36 } while (0)
37
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]38#define VM_ID_MAX (HF_VM_ID_OFFSET + MAX_VMS - 1)
39#define VM_ID_MAX_DIGITS (5)
40#define VM_NAME_EXTRA_CHARS (3) /* "vm" + number + '\0' */
41#define VM_NAME_MAX_SIZE (VM_ID_MAX_DIGITS + VM_NAME_EXTRA_CHARS)
42static_assert(VM_NAME_MAX_SIZE <= STRING_MAX_SIZE,
43 "VM name does not fit into a struct string.");
44static_assert(VM_ID_MAX <= 99999, "Insufficient VM_NAME_BUF_SIZE");
Olivier Deprez2a8ee342020-08-03 15:10:44 +0200[diff] [blame]45static_assert((HF_OTHER_WORLD_ID > VM_ID_MAX) ||
46 (HF_OTHER_WORLD_ID < HF_VM_ID_BASE),
Andrew Walbran9daa57e2019-09-27 13:33:20 +0100[diff] [blame]47 "TrustZone VM ID clashes with normal VM range.");
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]48
Kathleen Capella4a2a6e72023-04-21 14:43:26 -0400[diff] [blame]49/* Bitmap to track boot order values in use. */
50#define BOOT_ORDER_ENTRY_BITS (sizeof(uint64_t) * 8)
51#define BOOT_ORDER_MAP_ENTRIES \
52 ((DEFAULT_BOOT_ORDER + (BOOT_ORDER_ENTRY_BITS - 1)) / \
53 BOOT_ORDER_ENTRY_BITS)
54
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]55/**
J-Alves596049f2023-03-15 11:40:24 +0000[diff] [blame]56 * A struct to keep track of the partitions properties during early boot
57 * manifest parsing:
58 * - Interrupts ID.
59 * - Physical memory ranges.
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]60 */
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]61struct manifest_data {
62 struct manifest manifest;
Daniel Boulby4ca50f02022-07-29 18:29:34 +0100[diff] [blame]63 struct interrupt_bitmap intids;
J-Alves596049f2023-03-15 11:40:24 +0000[diff] [blame]64 /*
65 * Allocate enough for the maximum amount of memory regions defined via
66 * the partitions manifest, and regions for each partition
67 * address-space.
68 */
69 struct mem_range
70 mem_regions[PARTITION_MAX_MEMORY_REGIONS * MAX_VMS + MAX_VMS];
Kathleen Capella4a2a6e72023-04-21 14:43:26 -0400[diff] [blame]71 uint64_t boot_order_values[BOOT_ORDER_MAP_ENTRIES];
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]72};
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]73
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]74/**
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]75 * Calculate the number of entries in the ppool that are required to
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]76 * store the manifest_data struct.
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]77 */
J-Alves596049f2023-03-15 11:40:24 +0000[diff] [blame]78static const size_t manifest_data_ppool_entries =
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]79 (align_up(sizeof(struct manifest_data), MM_PPOOL_ENTRY_SIZE) /
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]80 MM_PPOOL_ENTRY_SIZE);
81
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]82static struct manifest_data *manifest_data;
83/* Index used to track the number of memory regions allocated. */
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]84static size_t allocated_mem_regions_index = 0;
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]85
Kathleen Capella4a2a6e72023-04-21 14:43:26 -0400[diff] [blame]86static bool check_boot_order(uint16_t boot_order)
87{
88 uint16_t i;
89 uint64_t boot_order_mask;
90
91 if (boot_order == DEFAULT_BOOT_ORDER) {
92 return true;
93 }
94 if (boot_order > DEFAULT_BOOT_ORDER) {
95 dlog_error("Boot order should not exceed %x",
96 DEFAULT_BOOT_ORDER);
97 return false;
98 }
99
100 i = boot_order / BOOT_ORDER_ENTRY_BITS;
101 boot_order_mask = 1 << (boot_order % BOOT_ORDER_ENTRY_BITS);
102
103 if ((boot_order_mask & manifest_data->boot_order_values[i]) != 0U) {
104 dlog_error("Boot order must be a unique value.");
105 return false;
106 }
107
108 manifest_data->boot_order_values[i] |= boot_order_mask;
109
110 return true;
111}
112
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]113/**
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]114 * Allocates and clear memory for the manifest data in the given memory pool.
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]115 * Returns true if the memory is successfully allocated.
116 */
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]117static bool manifest_data_init(struct mpool *ppool)
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]118{
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]119 manifest_data = (struct manifest_data *)mpool_alloc_contiguous(
120 ppool, manifest_data_ppool_entries, 1);
121 memset_s(manifest_data, sizeof(struct manifest_data), 0,
122 sizeof(struct manifest_data));
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]123
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]124 return manifest_data != NULL;
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]125}
126
127/**
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]128 * Frees the memory used for the manifest data in the given memory pool.
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]129 */
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]130static void manifest_data_deinit(struct mpool *ppool)
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]131{
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]132 /**
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]133 * Clear and return the memory used for the manifest_data struct to the
134 * memory pool.
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]135 */
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]136 memset_s(manifest_data, sizeof(struct manifest_data), 0,
137 sizeof(struct manifest_data));
138 mpool_add_chunk(ppool, manifest_data, manifest_data_ppool_entries);
139
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]140 /**
141 * Reset the index used for tracking the number of memory regions
142 * allocated.
143 */
144 allocated_mem_regions_index = 0;
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]145}
146
Andrew Walbranb5ab43c2020-04-30 11:32:54 +0100[diff] [blame]147static inline size_t count_digits(ffa_vm_id_t vm_id)
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]148{
149 size_t digits = 0;
150
151 do {
152 digits++;
153 vm_id /= 10;
154 } while (vm_id);
155 return digits;
156}
157
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]158/**
159 * Generates a string with the two letters "vm" followed by an integer.
160 * Assumes `buf` is of size VM_NAME_BUF_SIZE.
161 */
Andrew Walbranb5ab43c2020-04-30 11:32:54 +0100[diff] [blame]162static void generate_vm_node_name(struct string *str, ffa_vm_id_t vm_id)
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]163{
164 static const char *digits = "0123456789";
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]165 size_t vm_id_digits = count_digits(vm_id);
166 char *base = str->data;
167 char *ptr = base + (VM_NAME_EXTRA_CHARS + vm_id_digits);
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]168
Daniel Boulbya2f8c662021-11-26 17:52:53 +0000[diff] [blame]169 assert(vm_id_digits <= VM_ID_MAX_DIGITS);
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]170 *(--ptr) = '\0';
171 do {
172 *(--ptr) = digits[vm_id % 10];
173 vm_id /= 10;
174 } while (vm_id);
175 *(--ptr) = 'm';
176 *(--ptr) = 'v';
Daniel Boulbya2f8c662021-11-26 17:52:53 +0000[diff] [blame]177 assert(ptr == base);
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]178}
179
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]180/**
Andrew Scullb2c3a242019-11-04 13:52:36 +0000[diff] [blame]181 * Read a boolean property: true if present; false if not. If present, the value
182 * of the property must be empty else it is considered malformed.
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]183 */
Andrew Scullb2c3a242019-11-04 13:52:36 +0000[diff] [blame]184static enum manifest_return_code read_bool(const struct fdt_node *node,
185 const char *property, bool *out)
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]186{
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]187 struct memiter data;
188 bool present = fdt_read_property(node, property, &data);
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]189
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]190 if (present && memiter_size(&data) != 0) {
Andrew Scullb2c3a242019-11-04 13:52:36 +0000[diff] [blame]191 return MANIFEST_ERROR_MALFORMED_BOOLEAN;
192 }
193
194 *out = present;
195 return MANIFEST_SUCCESS;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]196}
197
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]198static enum manifest_return_code read_string(const struct fdt_node *node,
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]199 const char *property,
200 struct string *out)
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]201{
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]202 struct memiter data;
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]203
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]204 if (!fdt_read_property(node, property, &data)) {
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]205 return MANIFEST_ERROR_PROPERTY_NOT_FOUND;
206 }
207
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]208 switch (string_init(out, &data)) {
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]209 case STRING_SUCCESS:
210 return MANIFEST_SUCCESS;
211 case STRING_ERROR_INVALID_INPUT:
212 return MANIFEST_ERROR_MALFORMED_STRING;
213 case STRING_ERROR_TOO_LONG:
214 return MANIFEST_ERROR_STRING_TOO_LONG;
215 }
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]216}
217
218static enum manifest_return_code read_optional_string(
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]219 const struct fdt_node *node, const char *property, struct string *out)
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]220{
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]221 enum manifest_return_code ret;
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]222
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]223 ret = read_string(node, property, out);
224 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
225 string_init_empty(out);
226 ret = MANIFEST_SUCCESS;
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]227 }
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]228 return ret;
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]229}
230
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]231static enum manifest_return_code read_uint64(const struct fdt_node *node,
232 const char *property,
233 uint64_t *out)
234{
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]235 struct memiter data;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]236
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]237 if (!fdt_read_property(node, property, &data)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]238 return MANIFEST_ERROR_PROPERTY_NOT_FOUND;
239 }
240
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]241 if (!fdt_parse_number(&data, memiter_size(&data), out)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]242 return MANIFEST_ERROR_MALFORMED_INTEGER;
243 }
244
245 return MANIFEST_SUCCESS;
246}
247
David Brazdil080ee312020-02-25 15:30:30 -0800[diff] [blame]248static enum manifest_return_code read_optional_uint64(
249 const struct fdt_node *node, const char *property,
250 uint64_t default_value, uint64_t *out)
251{
252 enum manifest_return_code ret;
253
254 ret = read_uint64(node, property, out);
255 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
256 *out = default_value;
257 return MANIFEST_SUCCESS;
258 }
259 return ret;
260}
261
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]262static enum manifest_return_code read_uint32(const struct fdt_node *node,
263 const char *property,
264 uint32_t *out)
265{
266 uint64_t value;
267
268 TRY(read_uint64(node, property, &value));
269
270 if (value > UINT32_MAX) {
271 return MANIFEST_ERROR_INTEGER_OVERFLOW;
272 }
273
274 *out = (uint32_t)value;
275 return MANIFEST_SUCCESS;
276}
277
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]278static enum manifest_return_code read_optional_uint32(
279 const struct fdt_node *node, const char *property,
280 uint32_t default_value, uint32_t *out)
281{
282 enum manifest_return_code ret;
283
284 ret = read_uint32(node, property, out);
285 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
286 *out = default_value;
287 return MANIFEST_SUCCESS;
288 }
289 return ret;
290}
291
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]292static enum manifest_return_code read_uint16(const struct fdt_node *node,
293 const char *property,
294 uint16_t *out)
295{
296 uint64_t value;
297
298 TRY(read_uint64(node, property, &value));
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]299 if (value > UINT16_MAX) {
300 return MANIFEST_ERROR_INTEGER_OVERFLOW;
301 }
302
303 *out = (uint16_t)value;
304 return MANIFEST_SUCCESS;
305}
306
J-Alvesb37fd082020-10-22 12:29:21 +0100[diff] [blame]307static enum manifest_return_code read_optional_uint16(
308 const struct fdt_node *node, const char *property,
309 uint16_t default_value, uint16_t *out)
310{
311 enum manifest_return_code ret;
312
313 ret = read_uint16(node, property, out);
314 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
315 *out = default_value;
316 return MANIFEST_SUCCESS;
317 }
318
Kathleen Capella4a2a6e72023-04-21 14:43:26 -0400[diff] [blame]319 return ret;
J-Alvesb37fd082020-10-22 12:29:21 +0100[diff] [blame]320}
321
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]322static enum manifest_return_code read_uint8(const struct fdt_node *node,
323 const char *property, uint8_t *out)
324{
325 uint64_t value;
326
327 TRY(read_uint64(node, property, &value));
328
329 if (value > UINT8_MAX) {
330 return MANIFEST_ERROR_INTEGER_OVERFLOW;
331 }
332
333 *out = (uint8_t)value;
334 return MANIFEST_SUCCESS;
335}
336
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]337static enum manifest_return_code read_optional_uint8(
338 const struct fdt_node *node, const char *property,
339 uint8_t default_value, uint8_t *out)
340{
341 enum manifest_return_code ret;
342
343 ret = read_uint8(node, property, out);
344 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
345 *out = default_value;
346 return MANIFEST_SUCCESS;
347 }
348
349 return MANIFEST_SUCCESS;
350}
351
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]352struct uint32list_iter {
353 struct memiter mem_it;
354};
355
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]356static enum manifest_return_code read_uint32list(const struct fdt_node *node,
357 const char *property,
358 struct uint32list_iter *out)
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]359{
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]360 struct memiter data;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]361
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]362 if (!fdt_read_property(node, property, &data)) {
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]363 memiter_init(&out->mem_it, NULL, 0);
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]364 return MANIFEST_ERROR_PROPERTY_NOT_FOUND;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]365 }
366
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]367 if ((memiter_size(&data) % sizeof(uint32_t)) != 0) {
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]368 return MANIFEST_ERROR_MALFORMED_INTEGER_LIST;
369 }
370
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]371 out->mem_it = data;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]372 return MANIFEST_SUCCESS;
373}
374
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]375static enum manifest_return_code read_optional_uint32list(
376 const struct fdt_node *node, const char *property,
377 struct uint32list_iter *out)
378{
379 enum manifest_return_code ret = read_uint32list(node, property, out);
380
381 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
382 return MANIFEST_SUCCESS;
383 }
384 return ret;
385}
386
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]387static bool uint32list_has_next(const struct uint32list_iter *list)
388{
389 return memiter_size(&list->mem_it) > 0;
390}
391
David Brazdil5ea99462020-03-25 13:01:47 +0000[diff] [blame]392static enum manifest_return_code uint32list_get_next(
393 struct uint32list_iter *list, uint32_t *out)
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]394{
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]395 uint64_t num;
396
397 CHECK(uint32list_has_next(list));
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]398 if (!fdt_parse_number(&list->mem_it, sizeof(uint32_t), &num)) {
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]399 return MANIFEST_ERROR_MALFORMED_INTEGER;
400 }
401
David Brazdil5ea99462020-03-25 13:01:47 +0000[diff] [blame]402 *out = (uint32_t)num;
403 return MANIFEST_SUCCESS;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]404}
405
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]406static enum manifest_return_code parse_vm_common(const struct fdt_node *node,
407 struct manifest_vm *vm,
408 ffa_vm_id_t vm_id)
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]409{
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]410 struct uint32list_iter smcs;
David Brazdil5ea99462020-03-25 13:01:47 +0000[diff] [blame]411 size_t idx;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]412
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]413 TRY(read_bool(node, "is_ffa_partition", &vm->is_ffa_partition));
414
Raghu Krishnamurthyb49549e2021-07-02 08:27:38 -0700[diff] [blame]415 TRY(read_bool(node, "hyp_loaded", &vm->is_hyp_loaded));
416
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]417 TRY(read_string(node, "debug_name", &vm->debug_name));
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]418
419 TRY(read_optional_uint32list(node, "smc_whitelist", &smcs));
420 while (uint32list_has_next(&smcs) &&
421 vm->smc_whitelist.smc_count < MAX_SMCS) {
David Brazdil5ea99462020-03-25 13:01:47 +0000[diff] [blame]422 idx = vm->smc_whitelist.smc_count++;
423 TRY(uint32list_get_next(&smcs, &vm->smc_whitelist.smcs[idx]));
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]424 }
425
426 if (uint32list_has_next(&smcs)) {
Andrew Walbran17eebf92020-02-05 16:35:49 +0000[diff] [blame]427 dlog_warning("%s SMC whitelist too long.\n", vm->debug_name);
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]428 }
429
Andrew Scullb2c3a242019-11-04 13:52:36 +0000[diff] [blame]430 TRY(read_bool(node, "smc_whitelist_permissive",
431 &vm->smc_whitelist.permissive));
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]432
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]433 if (vm_id != HF_PRIMARY_VM_ID) {
434 TRY(read_uint64(node, "mem_size", &vm->secondary.mem_size));
435 TRY(read_uint16(node, "vcpu_count", &vm->secondary.vcpu_count));
Fuad Tabba50469e02020-06-30 15:14:28 +0100[diff] [blame]436 TRY(read_optional_string(node, "fdt_filename",
437 &vm->secondary.fdt_filename));
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]438 }
439
440 return MANIFEST_SUCCESS;
441}
442
443static enum manifest_return_code parse_vm(struct fdt_node *node,
444 struct manifest_vm *vm,
445 ffa_vm_id_t vm_id)
446{
447 TRY(read_optional_string(node, "kernel_filename",
448 &vm->kernel_filename));
449
David Brazdile6f83222019-09-23 14:47:37 +0100[diff] [blame]450 if (vm_id == HF_PRIMARY_VM_ID) {
451 TRY(read_optional_string(node, "ramdisk_filename",
452 &vm->primary.ramdisk_filename));
David Brazdil080ee312020-02-25 15:30:30 -0800[diff] [blame]453 TRY(read_optional_uint64(node, "boot_address",
454 MANIFEST_INVALID_ADDRESS,
455 &vm->primary.boot_address));
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]456 }
Raghu Krishnamurthy988a5e72021-02-27 21:46:06 -0800[diff] [blame]457 TRY(read_optional_uint8(node, "exception-level", (uint8_t)EL1,
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]458 (uint8_t *)&vm->partition.run_time_el));
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]459
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]460 return MANIFEST_SUCCESS;
461}
462
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]463static bool is_memory_region_within_ranges(uintptr_t base_address,
464 uint32_t page_count,
465 const struct mem_range *ranges,
466 const size_t ranges_size)
467{
468 uintptr_t region_end =
469 base_address + ((uintptr_t)page_count * PAGE_SIZE - 1);
470
471 for (size_t i = 0; i < ranges_size; i++) {
472 uintptr_t base = (uintptr_t)pa_addr(ranges[i].begin);
473 uintptr_t end = (uintptr_t)pa_addr(ranges[i].end);
474
475 if ((base_address >= base && base_address <= end) ||
476 (region_end >= base && region_end <= end)) {
477 return true;
478 }
479 }
480
481 return false;
482}
483
484void dump_memory_ranges(const struct mem_range *ranges,
485 const size_t ranges_size, bool ns)
486{
487 if (LOG_LEVEL < LOG_LEVEL_VERBOSE) {
488 return;
489 }
490
491 dlog("%s Memory ranges:\n", ns ? "NS" : "S");
492
493 for (size_t i = 0; i < ranges_size; i++) {
494 uintptr_t begin = pa_addr(ranges[i].begin);
495 uintptr_t end = pa_addr(ranges[i].end);
496 size_t page_count =
497 align_up(pa_difference(ranges[i].begin, ranges[i].end),
498 PAGE_SIZE) /
499 PAGE_SIZE;
500
501 dlog(" [%x - %x (%u pages)]\n", begin, end, page_count);
502 }
503}
504
505/**
506 * Check the partition's assigned memory is contained in the memory ranges
507 * configured for the SWd, in the SPMC's manifest.
508 */
509static enum manifest_return_code check_partition_memory_is_valid(
510 uintptr_t base_address, uint32_t page_count, uint32_t attributes,
511 const struct boot_params *params)
512{
513 bool is_secure_region =
514 (attributes & MANIFEST_REGION_ATTR_SECURITY) == 0U;
515 const struct mem_range *ranges_from_manifest =
516 is_secure_region ? params->mem_ranges : params->ns_mem_ranges;
517 size_t ranges_count = is_secure_region ? params->mem_ranges_count
518 : params->ns_mem_ranges_count;
519 bool within_ranges = is_memory_region_within_ranges(
520 base_address, page_count, ranges_from_manifest, ranges_count);
521
522 return within_ranges ? MANIFEST_SUCCESS
523 : MANIFEST_ERROR_MEM_REGION_INVALID;
524}
525
526/*
527 * Keep track of the memory allocated by partitions. This includes memory region
528 * nodes defined in their respective partition manifests, as well address space
529 * defined from their load address.
530 */
531static enum manifest_return_code check_and_record_memory_used(
Varun Wadekar4afbfd72022-10-13 14:30:18 +0100[diff] [blame]532 uintptr_t base_address, uint32_t page_count)
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]533{
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]534 bool overlap_of_regions;
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]535
Varun Wadekar4afbfd72022-10-13 14:30:18 +0100[diff] [blame]536 if (page_count == 0U) {
537 dlog_error(
Daniel Boulbyc1a613d2022-10-18 11:26:17 +0100[diff] [blame]538 "Empty memory region defined with base address: %#x.\n",
Varun Wadekar4afbfd72022-10-13 14:30:18 +0100[diff] [blame]539 base_address);
540 return MANIFEST_ERROR_MEM_REGION_EMPTY;
541 }
542
Daniel Boulbyc1a613d2022-10-18 11:26:17 +0100[diff] [blame]543 if (!is_aligned(base_address, PAGE_SIZE)) {
544 dlog_error("base_address (%#x) is not aligned to page size.\n",
545 base_address);
546 return MANIFEST_ERROR_MEM_REGION_UNALIGNED;
547 }
548
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]549 overlap_of_regions = is_memory_region_within_ranges(
550 base_address, page_count, manifest_data->mem_regions,
551 allocated_mem_regions_index);
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]552
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]553 if (!overlap_of_regions) {
554 paddr_t begin = pa_init(base_address);
555
556 manifest_data->mem_regions[allocated_mem_regions_index].begin =
557 begin;
558 manifest_data->mem_regions[allocated_mem_regions_index].end =
559 pa_add(begin, page_count * PAGE_SIZE - 1);
560 allocated_mem_regions_index++;
561
562 return MANIFEST_SUCCESS;
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]563 }
564
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]565 return MANIFEST_ERROR_MEM_REGION_OVERLAP;
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]566}
567
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]568static enum manifest_return_code parse_ffa_memory_region_node(
Karl Meakinf6d49402023-04-04 18:14:26 +0100[diff] [blame]569 struct fdt_node *mem_node, uintptr_t load_address,
570 struct memory_region *mem_regions, uint16_t *count, struct rx_tx *rxtx,
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]571 const struct boot_params *boot_params)
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]572{
Manish Pandeyfa1f2912020-05-05 12:57:01 +0100[diff] [blame]573 uint32_t phandle;
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]574 uint16_t i = 0;
Karl Meakinf6d49402023-04-04 18:14:26 +0100[diff] [blame]575 uintptr_t relative_address;
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]576
577 dlog_verbose(" Partition memory regions\n");
578
579 if (!fdt_is_compatible(mem_node, "arm,ffa-manifest-memory-regions")) {
580 return MANIFEST_ERROR_NOT_COMPATIBLE;
581 }
582
583 if (!fdt_first_child(mem_node)) {
584 return MANIFEST_ERROR_MEMORY_REGION_NODE_EMPTY;
585 }
586
587 do {
588 dlog_verbose(" Memory Region[%u]\n", i);
589
590 TRY(read_optional_string(mem_node, "description",
591 &mem_regions[i].name));
592 dlog_verbose(" Name: %s\n",
593 string_data(&mem_regions[i].name));
594
Karl Meakinf6d49402023-04-04 18:14:26 +0100[diff] [blame]595 TRY(read_optional_uint64(mem_node, "base-address",
596 MANIFEST_INVALID_ADDRESS,
597 &mem_regions[i].base_address));
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]598 dlog_verbose(" Base address: %#x\n",
599 mem_regions[i].base_address);
600
Karl Meakinf6d49402023-04-04 18:14:26 +0100[diff] [blame]601 TRY(read_optional_uint64(mem_node, "relative-address",
602 MANIFEST_INVALID_ADDRESS,
603 &relative_address));
604 dlog_verbose(" Relative address: %#x\n",
605 relative_address);
606
607 if (mem_regions[i].base_address == MANIFEST_INVALID_ADDRESS &&
608 relative_address == MANIFEST_INVALID_ADDRESS) {
609 return MANIFEST_ERROR_PROPERTY_NOT_FOUND;
610 }
611
612 if (mem_regions[i].base_address != MANIFEST_INVALID_ADDRESS &&
613 relative_address != MANIFEST_INVALID_ADDRESS) {
614 return MANIFEST_ERROR_BASE_ADDRESS_AND_RELATIVE_ADDRESS;
615 }
616
617 if (relative_address != MANIFEST_INVALID_ADDRESS &&
618 relative_address > UINT64_MAX - load_address) {
619 return MANIFEST_ERROR_INTEGER_OVERFLOW;
620 }
621
622 if (relative_address != MANIFEST_INVALID_ADDRESS) {
623 mem_regions[i].base_address =
624 load_address + relative_address;
625 }
626
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]627 TRY(read_uint32(mem_node, "pages-count",
628 &mem_regions[i].page_count));
629 dlog_verbose(" Pages_count: %u\n",
630 mem_regions[i].page_count);
631
632 TRY(read_uint32(mem_node, "attributes",
633 &mem_regions[i].attributes));
Raghu Krishnamurthy384693c2021-10-11 13:56:24 -0700[diff] [blame]634
Olivier Deprez035fa152022-03-14 11:19:10 +0100[diff] [blame]635 /*
636 * Check RWX permission attributes.
637 * Security attribute is checked at load phase.
638 */
639 uint32_t permissions = mem_regions[i].attributes &
640 (MANIFEST_REGION_ATTR_READ |
641 MANIFEST_REGION_ATTR_WRITE |
642 MANIFEST_REGION_ATTR_EXEC);
643 if (permissions != MANIFEST_REGION_ATTR_READ &&
644 permissions != (MANIFEST_REGION_ATTR_READ |
645 MANIFEST_REGION_ATTR_WRITE) &&
646 permissions != (MANIFEST_REGION_ATTR_READ |
647 MANIFEST_REGION_ATTR_EXEC)) {
Raghu Krishnamurthy384693c2021-10-11 13:56:24 -0700[diff] [blame]648 return MANIFEST_ERROR_INVALID_MEM_PERM;
649 }
650
Olivier Deprez035fa152022-03-14 11:19:10 +0100[diff] [blame]651 /* Filter memory region attributes. */
652 mem_regions[i].attributes &= MANIFEST_REGION_ALL_ATTR_MASK;
653
654 dlog_verbose(" Attributes: %#x\n",
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]655 mem_regions[i].attributes);
Manish Pandeyfa1f2912020-05-05 12:57:01 +0100[diff] [blame]656
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]657 TRY(check_partition_memory_is_valid(
658 mem_regions[i].base_address, mem_regions[i].page_count,
659 mem_regions[i].attributes, boot_params));
660
661 TRY(check_and_record_memory_used(mem_regions[i].base_address,
662 mem_regions[i].page_count));
663
Manish Pandeya70a4192020-10-07 22:05:04 +0100[diff] [blame]664 if (rxtx->available) {
665 TRY(read_optional_uint32(
666 mem_node, "phandle",
667 (uint32_t)MANIFEST_INVALID_ADDRESS, &phandle));
668 if (phandle == rxtx->rx_phandle) {
669 dlog_verbose(" Assigned as RX buffer\n");
670 rxtx->rx_buffer = &mem_regions[i];
671 } else if (phandle == rxtx->tx_phandle) {
672 dlog_verbose(" Assigned as TX buffer\n");
673 rxtx->tx_buffer = &mem_regions[i];
674 }
Manish Pandeyfa1f2912020-05-05 12:57:01 +0100[diff] [blame]675 }
676
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]677 i++;
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]678 } while (fdt_next_sibling(mem_node) &&
679 (i < PARTITION_MAX_MEMORY_REGIONS));
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]680
Manish Pandeya70a4192020-10-07 22:05:04 +0100[diff] [blame]681 if (rxtx->available &&
682 (rxtx->rx_buffer->page_count != rxtx->tx_buffer->page_count)) {
Manish Pandeyf06c9072020-09-29 15:41:58 +0100[diff] [blame]683 return MANIFEST_ERROR_RXTX_SIZE_MISMATCH;
684 }
685
Manish Pandey2145c212020-05-01 16:04:22 +0100[diff] [blame]686 *count = i;
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]687
688 return MANIFEST_SUCCESS;
689}
690
Raghu Krishnamurthy98da1ca2022-10-04 08:59:01 -0700[diff] [blame]691static struct interrupt_info *device_region_get_interrupt_info(
692 struct device_region *dev_regions, uint32_t intid)
693{
694 for (uint32_t i = 0; i < ARRAY_SIZE(dev_regions->interrupts); i++) {
695 if (dev_regions->interrupts[i].id == intid) {
696 return &(dev_regions->interrupts[i]);
697 }
698 }
699 return NULL;
700}
701
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]702static enum manifest_return_code parse_ffa_device_region_node(
Manish Pandey2145c212020-05-01 16:04:22 +0100[diff] [blame]703 struct fdt_node *dev_node, struct device_region *dev_regions,
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]704 uint16_t *count)
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]705{
706 struct uint32list_iter list;
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]707 uint16_t i = 0;
Madhukar Pappireddy5fc8be12021-08-03 11:42:53 -0500[diff] [blame]708 uint32_t j = 0;
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]709 struct interrupt_bitmap allocated_intids = manifest_data->intids;
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]710
711 dlog_verbose(" Partition Device Regions\n");
712
713 if (!fdt_is_compatible(dev_node, "arm,ffa-manifest-device-regions")) {
714 return MANIFEST_ERROR_NOT_COMPATIBLE;
715 }
716
717 if (!fdt_first_child(dev_node)) {
718 return MANIFEST_ERROR_DEVICE_REGION_NODE_EMPTY;
719 }
720
721 do {
722 dlog_verbose(" Device Region[%u]\n", i);
723
724 TRY(read_optional_string(dev_node, "description",
725 &dev_regions[i].name));
726 dlog_verbose(" Name: %s\n",
727 string_data(&dev_regions[i].name));
728
729 TRY(read_uint64(dev_node, "base-address",
730 &dev_regions[i].base_address));
731 dlog_verbose(" Base address: %#x\n",
732 dev_regions[i].base_address);
733
734 TRY(read_uint32(dev_node, "pages-count",
735 &dev_regions[i].page_count));
736 dlog_verbose(" Pages_count: %u\n",
737 dev_regions[i].page_count);
738
739 TRY(read_uint32(dev_node, "attributes",
740 &dev_regions[i].attributes));
Raghu Krishnamurthy384693c2021-10-11 13:56:24 -0700[diff] [blame]741
Olivier Deprez035fa152022-03-14 11:19:10 +0100[diff] [blame]742 /*
743 * Check RWX permission attributes.
744 * Security attribute is checked at load phase.
745 */
746 uint32_t permissions = dev_regions[i].attributes &
747 (MANIFEST_REGION_ATTR_READ |
748 MANIFEST_REGION_ATTR_WRITE |
749 MANIFEST_REGION_ATTR_EXEC);
750
751 if (permissions != MANIFEST_REGION_ATTR_READ &&
752 permissions != (MANIFEST_REGION_ATTR_READ |
753 MANIFEST_REGION_ATTR_WRITE)) {
Raghu Krishnamurthy384693c2021-10-11 13:56:24 -0700[diff] [blame]754 return MANIFEST_ERROR_INVALID_MEM_PERM;
755 }
756
Olivier Deprez035fa152022-03-14 11:19:10 +0100[diff] [blame]757 /* Filer device region attributes. */
758 dev_regions[i].attributes = dev_regions[i].attributes &
759 MANIFEST_REGION_ALL_ATTR_MASK;
760
761 dlog_verbose(" Attributes: %#x\n",
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]762 dev_regions[i].attributes);
763
764 TRY(read_optional_uint32list(dev_node, "interrupts", &list));
765 dlog_verbose(" Interrupt List:\n");
766 j = 0;
767 while (uint32list_has_next(&list) &&
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]768 j < PARTITION_MAX_INTERRUPTS_PER_DEVICE) {
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]769 uint32_t intid;
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]770
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]771 TRY(uint32list_get_next(
772 &list, &dev_regions[i].interrupts[j].id));
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]773 intid = dev_regions[i].interrupts[j].id;
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]774
775 dlog_verbose(" ID = %u\n", intid);
776
Daniel Boulby4ca50f02022-07-29 18:29:34 +0100[diff] [blame]777 if (interrupt_bitmap_get_value(&allocated_intids,
778 intid) == 1U) {
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]779 return MANIFEST_ERROR_INTERRUPT_ID_REPEATED;
780 }
781
Daniel Boulby4ca50f02022-07-29 18:29:34 +0100[diff] [blame]782 interrupt_bitmap_set_value(&allocated_intids, intid);
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]783
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]784 if (uint32list_has_next(&list)) {
785 TRY(uint32list_get_next(&list,
786 &dev_regions[i]
787 .interrupts[j]
788 .attributes));
789 } else {
790 return MANIFEST_ERROR_MALFORMED_INTEGER_LIST;
791 }
792
Raghu Krishnamurthy98da1ca2022-10-04 08:59:01 -0700[diff] [blame]793 dev_regions[i].interrupts[j].mpidr_valid = false;
794 dev_regions[i].interrupts[j].mpidr = 0;
795
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]796 dlog_verbose(" attributes = %u\n",
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]797 dev_regions[i].interrupts[j].attributes);
798 j++;
799 }
Madhukar Pappireddy5fc8be12021-08-03 11:42:53 -0500[diff] [blame]800
801 dev_regions[i].interrupt_count = j;
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]802 if (j == 0) {
803 dlog_verbose(" Empty\n");
Raghu Krishnamurthy98da1ca2022-10-04 08:59:01 -0700[diff] [blame]804 } else {
805 TRY(read_optional_uint32list(
806 dev_node, "interrupts-target", &list));
807 dlog_verbose(" Interrupt Target List:\n");
808
809 while (uint32list_has_next(&list)) {
810 uint32_t intid;
811 uint64_t mpidr = 0;
812 uint32_t mpidr_lower = 0;
813 uint32_t mpidr_upper = 0;
814 struct interrupt_info *info = NULL;
815
816 TRY(uint32list_get_next(&list, &intid));
817
818 dlog_verbose(" ID = %u\n", intid);
819
820 if (interrupt_bitmap_get_value(
821 &allocated_intids, intid) != 1U) {
822 return MANIFEST_ERROR_INTERRUPT_ID_NOT_IN_LIST;
823 }
824
825 TRY(uint32list_get_next(&list, &mpidr_upper));
826 TRY(uint32list_get_next(&list, &mpidr_lower));
827 mpidr = mpidr_upper;
828 mpidr <<= 32;
829 mpidr |= mpidr_lower;
830
831 info = device_region_get_interrupt_info(
832 &dev_regions[i], intid);
833 /*
834 * We should find info since
835 * interrupt_bitmap_get_value already ensures
836 * that we saw the interrupt and allocated ids
837 * for it.
838 */
839 assert(info != NULL);
840 info->mpidr = mpidr;
841 info->mpidr_valid = true;
842 dlog_verbose(" MPIDR = %#x\n", mpidr);
843 }
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]844 }
845
846 TRY(read_optional_uint32(dev_node, "smmu-id",
Madhukar Pappireddy54680c72020-10-23 15:02:38 -0500[diff] [blame]847 MANIFEST_INVALID_ID,
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]848 &dev_regions[i].smmu_id));
Olivier Deprez86d87ae2021-08-19 14:27:46 +0200[diff] [blame]849 if (dev_regions[i].smmu_id != MANIFEST_INVALID_ID) {
850 dlog_verbose(" smmu-id: %u\n",
851 dev_regions[i].smmu_id);
852 }
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]853
854 TRY(read_optional_uint32list(dev_node, "stream-ids", &list));
855 dlog_verbose(" Stream IDs assigned:\n");
856
857 j = 0;
858 while (uint32list_has_next(&list) &&
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]859 j < PARTITION_MAX_STREAMS_PER_DEVICE) {
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]860 TRY(uint32list_get_next(&list,
861 &dev_regions[i].stream_ids[j]));
862 dlog_verbose(" %u\n",
863 dev_regions[i].stream_ids[j]);
864 j++;
865 }
866 if (j == 0) {
867 dlog_verbose(" None\n");
868 }
Madhukar Pappireddy54680c72020-10-23 15:02:38 -0500[diff] [blame]869 dev_regions[i].stream_count = j;
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]870
871 TRY(read_bool(dev_node, "exclusive-access",
872 &dev_regions[i].exclusive_access));
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]873 dlog_verbose(" Exclusive_access: %u\n",
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]874 dev_regions[i].exclusive_access);
875
876 i++;
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]877 } while (fdt_next_sibling(dev_node) &&
878 (i < PARTITION_MAX_DEVICE_REGIONS));
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]879
Manish Pandey2145c212020-05-01 16:04:22 +0100[diff] [blame]880 *count = i;
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]881
882 return MANIFEST_SUCCESS;
883}
884
J-Alvesabebe432022-05-31 14:40:50 +0100[diff] [blame]885static enum manifest_return_code sanity_check_ffa_manifest(
886 struct manifest_vm *vm)
887{
888 uint16_t ffa_version_major;
889 uint16_t ffa_version_minor;
890 enum manifest_return_code ret_code = MANIFEST_SUCCESS;
891 const char *error_string = "specified in manifest is unsupported";
892 uint32_t k = 0;
893
894 /* ensure that the SPM version is compatible */
895 ffa_version_major = (vm->partition.ffa_version & 0xffff0000) >>
896 FFA_VERSION_MAJOR_OFFSET;
897 ffa_version_minor = vm->partition.ffa_version & 0xffff;
898
899 if (ffa_version_major != FFA_VERSION_MAJOR ||
900 ffa_version_minor > FFA_VERSION_MINOR) {
901 dlog_error("FF-A partition manifest version %s: %u.%u\n",
902 error_string, ffa_version_major, ffa_version_minor);
903 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
904 }
905
906 if (vm->partition.xlat_granule != PAGE_4KB) {
907 dlog_error("Translation granule %s: %u\n", error_string,
908 vm->partition.xlat_granule);
909 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
910 }
911
912 if (vm->partition.execution_state != AARCH64) {
913 dlog_error("Execution state %s: %u\n", error_string,
914 vm->partition.execution_state);
915 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
916 }
917
918 if (vm->partition.run_time_el != EL1 &&
919 vm->partition.run_time_el != S_EL1 &&
920 vm->partition.run_time_el != S_EL0) {
921 dlog_error("Exception level %s: %d\n", error_string,
922 vm->partition.run_time_el);
923 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
924 }
925
926 if ((vm->partition.messaging_method &
927 ~(FFA_PARTITION_DIRECT_REQ_RECV | FFA_PARTITION_DIRECT_REQ_SEND |
928 FFA_PARTITION_INDIRECT_MSG)) != 0U) {
929 dlog_error("Messaging method %s: %x\n", error_string,
930 vm->partition.messaging_method);
931 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
932 }
933
934 if (vm->partition.run_time_el == S_EL0 &&
935 vm->partition.execution_ctx_count != 1) {
936 dlog_error(
937 "Exception level and execution context count %s: %d "
938 "%d\n",
939 error_string, vm->partition.run_time_el,
940 vm->partition.execution_ctx_count);
941 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
942 }
943
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]944 for (uint16_t i = 0; i < vm->partition.dev_region_count; i++) {
J-Alvesabebe432022-05-31 14:40:50 +0100[diff] [blame]945 struct device_region dev_region;
946
947 dev_region = vm->partition.dev_regions[i];
948
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]949 if (dev_region.interrupt_count >
950 PARTITION_MAX_INTERRUPTS_PER_DEVICE) {
J-Alvesabebe432022-05-31 14:40:50 +0100[diff] [blame]951 dlog_error(
952 "Interrupt count for device region exceeds "
953 "limit.\n");
954 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
955 continue;
956 }
957
958 for (uint8_t j = 0; j < dev_region.interrupt_count; j++) {
959 k++;
960 if (k > VM_MANIFEST_MAX_INTERRUPTS) {
961 dlog_error(
962 "Interrupt count for VM exceeds "
963 "limit.\n");
964 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
965 continue;
966 }
967 }
968 }
969
970 /* GP register is restricted to one of x0 - x3. */
971 if (vm->partition.gp_register_num != -1 &&
972 vm->partition.gp_register_num > 3) {
973 dlog_error("GP register number %s: %u\n", error_string,
974 vm->partition.gp_register_num);
975 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
976 }
977
978 return ret_code;
979}
980
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]981enum manifest_return_code parse_ffa_manifest(
982 struct fdt *fdt, struct manifest_vm *vm,
983 struct fdt_node *boot_info_node, const struct boot_params *boot_params)
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]984{
985 unsigned int i = 0;
986 struct uint32list_iter uuid;
987 uint32_t uuid_word;
988 struct fdt_node root;
989 struct fdt_node ffa_node;
990 struct string rxtx_node_name = STRING_INIT("rx_tx-info");
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]991 struct string mem_region_node_name = STRING_INIT("memory-regions");
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]992 struct string dev_region_node_name = STRING_INIT("device-regions");
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]993 struct string boot_info_node_name = STRING_INIT("boot-info");
Madhukar Pappireddy84154052022-06-21 18:30:25 -0500[diff] [blame]994 bool managed_exit_field_present = false;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]995
996 if (!fdt_find_node(fdt, "/", &root)) {
997 return MANIFEST_ERROR_NO_ROOT_NODE;
998 }
999
1000 /* Check "compatible" property. */
1001 if (!fdt_is_compatible(&root, "arm,ffa-manifest-1.0")) {
1002 return MANIFEST_ERROR_NOT_COMPATIBLE;
1003 }
1004
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1005 TRY(read_uint32(&root, "ffa-version", &vm->partition.ffa_version));
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]1006 dlog_verbose(" Expected FF-A version %u.%u\n",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1007 vm->partition.ffa_version >> 16,
1008 vm->partition.ffa_version & 0xffff);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1009
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]1010 TRY(read_uint32list(&root, "uuid", &uuid));
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1011
1012 while (uint32list_has_next(&uuid) && i < 4) {
1013 TRY(uint32list_get_next(&uuid, &uuid_word));
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1014 vm->partition.uuid.uuid[i] = uuid_word;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1015 i++;
1016 }
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1017 dlog_verbose(" UUID %#x-%x-%x-%x\n", vm->partition.uuid.uuid[0],
1018 vm->partition.uuid.uuid[1], vm->partition.uuid.uuid[2],
1019 vm->partition.uuid.uuid[3]);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1020
1021 TRY(read_uint16(&root, "execution-ctx-count",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1022 &vm->partition.execution_ctx_count));
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]1023 dlog_verbose(" Number of execution context %u\n",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1024 vm->partition.execution_ctx_count);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1025
1026 TRY(read_uint8(&root, "exception-level",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1027 (uint8_t *)&vm->partition.run_time_el));
1028 dlog_verbose(" Run-time EL %u\n", vm->partition.run_time_el);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1029
1030 TRY(read_uint8(&root, "execution-state",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1031 (uint8_t *)&vm->partition.execution_state));
1032 dlog_verbose(" Execution state %u\n", vm->partition.execution_state);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1033
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1034 TRY(read_optional_uint64(&root, "load-address", 0,
1035 &vm->partition.load_addr));
1036 dlog_verbose(" Load address %#x\n", vm->partition.load_addr);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1037
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]1038 TRY(read_optional_uint64(&root, "entrypoint-offset", 0,
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1039 &vm->partition.ep_offset));
1040 dlog_verbose(" Entry point offset %#x\n", vm->partition.ep_offset);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1041
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]1042 TRY(read_optional_uint32(&root, "gp-register-num",
1043 DEFAULT_BOOT_GP_REGISTER,
1044 &vm->partition.gp_register_num));
1045 dlog_verbose(" Boot GP register: %#x\n",
1046 vm->partition.gp_register_num);
1047
J-Alvesb37fd082020-10-22 12:29:21 +0100[diff] [blame]1048 TRY(read_optional_uint16(&root, "boot-order", DEFAULT_BOOT_ORDER,
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1049 &vm->partition.boot_order));
Kathleen Capella4a2a6e72023-04-21 14:43:26 -0400[diff] [blame]1050 if (vm->partition.boot_order != DEFAULT_BOOT_ORDER) {
1051 dlog_verbose(" Boot order %#u\n", vm->partition.boot_order);
1052 }
1053
1054 if (!check_boot_order(vm->partition.boot_order)) {
1055 return MANIFEST_ERROR_INVALID_BOOT_ORDER;
1056 }
J-Alvesb37fd082020-10-22 12:29:21 +0100[diff] [blame]1057
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]1058 TRY(read_optional_uint8(&root, "xlat-granule", 0,
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1059 (uint8_t *)&vm->partition.xlat_granule));
1060 dlog_verbose(" Translation granule %u\n", vm->partition.xlat_granule);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1061
1062 ffa_node = root;
1063 if (fdt_find_child(&ffa_node, &rxtx_node_name)) {
1064 if (!fdt_is_compatible(&ffa_node,
1065 "arm,ffa-manifest-rx_tx-buffer")) {
1066 return MANIFEST_ERROR_NOT_COMPATIBLE;
1067 }
1068
Manish Pandeyfa1f2912020-05-05 12:57:01 +0100[diff] [blame]1069 /*
1070 * Read only phandles for now, it will be used to update buffers
1071 * while parsing memory regions.
1072 */
1073 TRY(read_uint32(&ffa_node, "rx-buffer",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1074 &vm->partition.rxtx.rx_phandle));
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1075
Manish Pandeyfa1f2912020-05-05 12:57:01 +0100[diff] [blame]1076 TRY(read_uint32(&ffa_node, "tx-buffer",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1077 &vm->partition.rxtx.tx_phandle));
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1078
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1079 vm->partition.rxtx.available = true;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1080 }
1081
1082 TRY(read_uint8(&root, "messaging-method",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1083 (uint8_t *)&vm->partition.messaging_method));
1084 dlog_verbose(" Messaging method %u\n", vm->partition.messaging_method);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1085
Madhukar Pappireddy84154052022-06-21 18:30:25 -0500[diff] [blame]1086 TRY(read_bool(&root, "managed-exit", &managed_exit_field_present));
1087
1088 TRY(read_optional_uint8(
1089 &root, "ns-interrupts-action", NS_ACTION_SIGNALED,
1090 (uint8_t *)&vm->partition.ns_interrupts_action));
1091
1092 /*
1093 * An SP manifest can specify one of the fields listed below:
1094 * `managed-exit`: Introduced in FF-A v1.0 spec.
1095 * `ns-interrupts-action`: Introduced in FF-A v1.1 EAC0 spec.
1096 * If both are missing from the manifest, the default response is
1097 * NS_ACTION_SIGNALED.
1098 */
1099 if (managed_exit_field_present) {
1100 vm->partition.ns_interrupts_action = NS_ACTION_ME;
1101 }
1102
1103 if (vm->partition.ns_interrupts_action != NS_ACTION_QUEUED &&
1104 vm->partition.ns_interrupts_action != NS_ACTION_ME &&
1105 vm->partition.ns_interrupts_action != NS_ACTION_SIGNALED) {
Madhukar Pappireddy5c04a382022-12-28 11:29:26 -0600[diff] [blame]1106 return MANIFEST_ERROR_ILLEGAL_NS_INT_ACTION;
Madhukar Pappireddy84154052022-06-21 18:30:25 -0500[diff] [blame]1107 }
1108
1109 dlog_verbose(
1110 "NS Interrupts %s\n",
1111 (vm->partition.ns_interrupts_action == NS_ACTION_QUEUED)
1112 ? "Queued"
1113 : (vm->partition.ns_interrupts_action == NS_ACTION_SIGNALED)
1114 ? "Signaled"
1115 : "Managed exit");
1116
1117 if (vm->partition.ns_interrupts_action == NS_ACTION_ME) {
1118 /* Managed exit only supported by S_EL1 partitions. */
1119 if (vm->partition.run_time_el != S_EL1) {
1120 dlog_error(
1121 "Managed exit cannot be supported by this "
1122 "partition\n");
Madhukar Pappireddy5c04a382022-12-28 11:29:26 -0600[diff] [blame]1123 return MANIFEST_ERROR_ILLEGAL_NS_INT_ACTION;
Madhukar Pappireddy84154052022-06-21 18:30:25 -0500[diff] [blame]1124 }
Madhukar Pappireddy046dad02022-06-21 18:43:33 -0500[diff] [blame]1125
1126 TRY(read_bool(&root, "managed-exit-virq",
1127 &vm->partition.me_signal_virq));
1128 if (vm->partition.me_signal_virq) {
1129 dlog_verbose(" Managed Exit signaled through vIRQ\n");
1130 }
J-Alvesa4730db2021-11-02 10:31:01 +0000[diff] [blame]1131 }
1132
1133 TRY(read_bool(&root, "notification-support",
1134 &vm->partition.notification_support));
1135 if (vm->partition.notification_support) {
1136 dlog_verbose(" Notifications Receipt Supported\n");
1137 }
Maksims Svecovs9ddf86a2021-05-06 17:17:21 +0100[diff] [blame]1138
Madhukar Pappireddy5c04a382022-12-28 11:29:26 -0600[diff] [blame]1139 TRY(read_optional_uint8(
1140 &root, "other-s-interrupts-action", OTHER_S_INT_ACTION_SIGNALED,
1141 (uint8_t *)&vm->partition.other_s_interrupts_action));
1142
1143 if (vm->partition.other_s_interrupts_action ==
1144 OTHER_S_INT_ACTION_QUEUED) {
1145 if (vm->partition.ns_interrupts_action != NS_ACTION_QUEUED) {
1146 dlog_error(
1147 "Choice of the fields 'ns-interrupts-action' "
1148 "and 'other-s-interrupts-action' not "
1149 "compatible\n");
1150 return MANIFEST_ERROR_NOT_COMPATIBLE;
1151 }
1152 } else if (vm->partition.other_s_interrupts_action >
1153 OTHER_S_INT_ACTION_SIGNALED) {
1154 dlog_error(
1155 "Illegal value specified for the field"
1156 " 'other-s-interrupts-action': %u\n",
1157 vm->partition.other_s_interrupts_action);
1158 return MANIFEST_ERROR_ILLEGAL_OTHER_S_INT_ACTION;
1159 }
1160
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]1161 /* Parse boot info node. */
1162 if (boot_info_node != NULL) {
1163 ffa_node = root;
1164 vm->partition.boot_info =
1165 fdt_find_child(&ffa_node, &boot_info_node_name);
1166 if (vm->partition.boot_info) {
1167 *boot_info_node = ffa_node;
1168 }
1169 } else {
1170 vm->partition.boot_info = false;
1171 }
1172
Olivier Depreza15f2352022-09-26 09:17:24 +0200[diff] [blame]1173 TRY(read_optional_uint32(
1174 &root, "power-management-messages",
1175 MANIFEST_POWER_MANAGEMENT_CPU_OFF_SUPPORTED |
1176 MANIFEST_POWER_MANAGEMENT_CPU_ON_SUPPORTED,
1177 &vm->partition.power_management));
1178 vm->partition.power_management &= MANIFEST_POWER_MANAGEMENT_ALL_MASK;
1179 if (vm->partition.execution_ctx_count == 1 ||
1180 vm->partition.run_time_el == S_EL0) {
1181 vm->partition.power_management =
1182 MANIFEST_POWER_MANAGEMENT_NONE_MASK;
1183 }
1184
1185 dlog_verbose(" Power management messages %#x\n",
1186 vm->partition.power_management);
1187
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]1188 /* Parse memory-regions */
1189 ffa_node = root;
1190 if (fdt_find_child(&ffa_node, &mem_region_node_name)) {
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1191 TRY(parse_ffa_memory_region_node(
Karl Meakinf6d49402023-04-04 18:14:26 +0100[diff] [blame]1192 &ffa_node, vm->partition.load_addr,
1193 vm->partition.mem_regions,
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]1194 &vm->partition.mem_region_count, &vm->partition.rxtx,
1195 boot_params));
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]1196 }
Manish Pandey2145c212020-05-01 16:04:22 +0100[diff] [blame]1197 dlog_verbose(" Total %u memory regions found\n",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1198 vm->partition.mem_region_count);
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]1199
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]1200 /* Parse Device-regions */
1201 ffa_node = root;
1202 if (fdt_find_child(&ffa_node, &dev_region_node_name)) {
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1203 TRY(parse_ffa_device_region_node(
1204 &ffa_node, vm->partition.dev_regions,
1205 &vm->partition.dev_region_count));
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]1206 }
Manish Pandey2145c212020-05-01 16:04:22 +0100[diff] [blame]1207 dlog_verbose(" Total %u device regions found\n",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1208 vm->partition.dev_region_count);
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]1209
J-Alves4eb7b542022-03-02 15:21:52 +0000[diff] [blame]1210 return sanity_check_ffa_manifest(vm);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1211}
1212
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1213static enum manifest_return_code parse_ffa_partition_package(
1214 struct mm_stage1_locked stage1_locked, struct fdt_node *node,
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]1215 struct manifest_vm *vm, ffa_vm_id_t vm_id,
1216 const struct boot_params *boot_params, struct mpool *ppool)
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1217{
1218 enum manifest_return_code ret = MANIFEST_ERROR_NOT_COMPATIBLE;
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1219 uintpaddr_t load_address;
1220 struct sp_pkg_header header;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1221 struct fdt sp_fdt;
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1222 vaddr_t pkg_start;
1223 vaddr_t manifest_address;
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]1224 struct fdt_node boot_info_node;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1225
1226 /*
1227 * This must have been hinted as being an FF-A partition,
1228 * return straight with failure if this is not the case.
1229 */
1230 if (!vm->is_ffa_partition) {
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1231 return ret;
1232 }
1233
1234 TRY(read_uint64(node, "load_address", &load_address));
1235 if (!is_aligned(load_address, PAGE_SIZE)) {
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1236 return MANIFEST_ERROR_NOT_COMPATIBLE;
1237 }
1238
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1239 assert(load_address != 0U);
1240
1241 if (!sp_pkg_init(stage1_locked, pa_init(load_address), &header,
1242 ppool)) {
1243 return ret;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1244 }
1245
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1246 pkg_start = va_init(load_address);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1247
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1248 if (vm_id != HF_PRIMARY_VM_ID &&
1249 sp_pkg_get_mem_size(&header) >= vm->secondary.mem_size) {
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]1250 dlog_error("Invalid package header or DT size.\n");
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1251 goto out;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1252 }
1253
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1254 manifest_address = va_add(va_init(load_address), header.pm_offset);
1255 if (!fdt_init_from_ptr(&sp_fdt, ptr_from_va(manifest_address),
1256 header.pm_size)) {
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1257 dlog_error("FDT failed validation.\n");
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1258 goto out;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1259 }
1260
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]1261 ret = parse_ffa_manifest(&sp_fdt, vm, &boot_info_node, boot_params);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1262 if (ret != MANIFEST_SUCCESS) {
J-Alves4eb7b542022-03-02 15:21:52 +0000[diff] [blame]1263 dlog_error("Error parsing partition manifest: %s.\n",
1264 manifest_strerror(ret));
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1265 goto out;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1266 }
1267
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1268 if (vm->partition.load_addr != load_address) {
J-Alvesa26ea212021-03-22 14:33:47 +0000[diff] [blame]1269 dlog_warning(
1270 "Partition's load address at its manifest differs"
1271 " from specified in partition's package.\n");
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1272 vm->partition.load_addr = load_address;
J-Alvesa26ea212021-03-22 14:33:47 +0000[diff] [blame]1273 }
1274
J-Alves889a1d72022-05-13 11:38:27 +0100[diff] [blame]1275 if (vm->partition.gp_register_num != DEFAULT_BOOT_GP_REGISTER) {
1276 if (header.version == SP_PKG_HEADER_VERSION_2 &&
1277 vm->partition.boot_info &&
1278 !ffa_boot_info_node(&boot_info_node, pkg_start, &header)) {
1279 dlog_error("Failed to process boot information.\n");
1280 }
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]1281 }
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1282out:
1283 sp_pkg_deinit(stage1_locked, pkg_start, &header, ppool);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1284 return ret;
1285}
1286
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1287/**
1288 * Parse manifest from FDT.
1289 */
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1290enum manifest_return_code manifest_init(struct mm_stage1_locked stage1_locked,
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]1291 struct manifest **manifest_ret,
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1292 struct memiter *manifest_fdt,
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]1293 struct boot_params *boot_params,
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1294 struct mpool *ppool)
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1295{
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]1296 struct manifest *manifest;
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]1297 struct string vm_name;
1298 struct fdt fdt;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1299 struct fdt_node hyp_node;
1300 size_t i = 0;
1301 bool found_primary_vm = false;
1302
J-Alvescd438fa2023-04-26 10:13:12 +0100[diff] [blame]1303 if (boot_params->mem_ranges_count == 0 &&
1304 boot_params->ns_mem_ranges_count == 0) {
1305 return MANIFEST_ERROR_MEMORY_MISSING;
1306 }
1307
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]1308 dump_memory_ranges(boot_params->mem_ranges,
1309 boot_params->mem_ranges_count, false);
1310 dump_memory_ranges(boot_params->ns_mem_ranges,
1311 boot_params->ns_mem_ranges_count, true);
1312
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]1313 /* Allocate space in the ppool for the manifest data. */
1314 if (!manifest_data_init(ppool)) {
1315 panic("Unable to allocate manifest data.\n");
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]1316 }
1317
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]1318 manifest = &manifest_data->manifest;
1319 *manifest_ret = manifest;
1320
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]1321 if (!fdt_init_from_memiter(&fdt, manifest_fdt)) {
1322 return MANIFEST_ERROR_FILE_SIZE; /* TODO */
David Brazdila2358d42020-01-27 18:51:38 +0000[diff] [blame]1323 }
1324
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1325 /* Find hypervisor node. */
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]1326 if (!fdt_find_node(&fdt, "/hypervisor", &hyp_node)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1327 return MANIFEST_ERROR_NO_HYPERVISOR_FDT_NODE;
1328 }
1329
David Brazdil74e9c3b2019-08-28 11:09:08 +0100[diff] [blame]1330 /* Check "compatible" property. */
David Brazdilf4925382020-03-25 13:33:51 +0000[diff] [blame]1331 if (!fdt_is_compatible(&hyp_node, "hafnium,hafnium")) {
David Brazdil74e9c3b2019-08-28 11:09:08 +0100[diff] [blame]1332 return MANIFEST_ERROR_NOT_COMPATIBLE;
1333 }
1334
Olivier Deprez622ab8d2021-08-02 12:15:45 +0200[diff] [blame]1335 TRY(read_bool(&hyp_node, "ffa_tee_enabled",
1336 &manifest->ffa_tee_enabled));
Andrew Walbran41a49d82020-01-10 17:46:38 +0000[diff] [blame]1337
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1338 /* Iterate over reserved VM IDs and check no such nodes exist. */
Olivier Deprez2a8ee342020-08-03 15:10:44 +0200[diff] [blame]1339 for (i = HF_VM_ID_BASE; i < HF_VM_ID_OFFSET; i++) {
1340 ffa_vm_id_t vm_id = (ffa_vm_id_t)i - HF_VM_ID_BASE;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1341 struct fdt_node vm_node = hyp_node;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1342
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]1343 generate_vm_node_name(&vm_name, vm_id);
1344 if (fdt_find_child(&vm_node, &vm_name)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1345 return MANIFEST_ERROR_RESERVED_VM_ID;
1346 }
1347 }
1348
1349 /* Iterate over VM nodes until we find one that does not exist. */
1350 for (i = 0; i <= MAX_VMS; ++i) {
Andrew Walbranb5ab43c2020-04-30 11:32:54 +0100[diff] [blame]1351 ffa_vm_id_t vm_id = HF_VM_ID_OFFSET + i;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1352 struct fdt_node vm_node = hyp_node;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1353
Olivier Deprez2a8ee342020-08-03 15:10:44 +0200[diff] [blame]1354 generate_vm_node_name(&vm_name, vm_id - HF_VM_ID_BASE);
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]1355 if (!fdt_find_child(&vm_node, &vm_name)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1356 break;
1357 }
1358
1359 if (i == MAX_VMS) {
1360 return MANIFEST_ERROR_TOO_MANY_VMS;
1361 }
1362
1363 if (vm_id == HF_PRIMARY_VM_ID) {
1364 CHECK(found_primary_vm == false); /* sanity check */
1365 found_primary_vm = true;
1366 }
1367
David Brazdil0251b942019-09-10 15:59:50 +0100[diff] [blame]1368 manifest->vm_count = i + 1;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1369
1370 TRY(parse_vm_common(&vm_node, &manifest->vm[i], vm_id));
1371
Raghu Krishnamurthyb49549e2021-07-02 08:27:38 -0700[diff] [blame]1372 CHECK(!manifest->vm[i].is_hyp_loaded ||
1373 manifest->vm[i].is_ffa_partition);
1374
1375 if (manifest->vm[i].is_ffa_partition &&
1376 !manifest->vm[i].is_hyp_loaded) {
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1377 TRY(parse_ffa_partition_package(stage1_locked, &vm_node,
1378 &manifest->vm[i], vm_id,
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]1379 boot_params, ppool));
J-Alves596049f2023-03-15 11:40:24 +0000[diff] [blame]1380 size_t page_count =
1381 align_up(manifest->vm[i].secondary.mem_size,
1382 PAGE_SIZE) /
1383 PAGE_SIZE;
1384
1385 if (vm_id == HF_PRIMARY_VM_ID) {
1386 continue;
1387 }
1388
1389 TRY(check_partition_memory_is_valid(
1390 manifest->vm[i].partition.load_addr, page_count,
1391 0, boot_params));
1392
1393 /*
1394 * Check if memory from load-address until (load-address
1395 * + memory size) has been used by other partition.
1396 */
1397 TRY(check_and_record_memory_used(
1398 manifest->vm[i].partition.load_addr,
1399 page_count));
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1400 } else {
1401 TRY(parse_vm(&vm_node, &manifest->vm[i], vm_id));
1402 }
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1403 }
1404
Olivier Deprezfb05f3c2020-11-10 17:48:04 +0100[diff] [blame]1405 if (!found_primary_vm && vm_id_is_current_world(HF_PRIMARY_VM_ID)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1406 return MANIFEST_ERROR_NO_PRIMARY_VM;
1407 }
1408
1409 return MANIFEST_SUCCESS;
1410}
1411
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]1412/**
1413 * Free manifest data resources, called once manifest parsing has
1414 * completed and VMs are loaded.
1415 */
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]1416void manifest_deinit(struct mpool *ppool)
1417{
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]1418 manifest_data_deinit(ppool);
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]1419}
1420
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1421const char *manifest_strerror(enum manifest_return_code ret_code)
1422{
1423 switch (ret_code) {
1424 case MANIFEST_SUCCESS:
1425 return "Success";
David Brazdila2358d42020-01-27 18:51:38 +0000[diff] [blame]1426 case MANIFEST_ERROR_FILE_SIZE:
1427 return "Total size in header does not match file size";
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1428 case MANIFEST_ERROR_MALFORMED_DTB:
1429 return "Malformed device tree blob";
David Brazdila2358d42020-01-27 18:51:38 +0000[diff] [blame]1430 case MANIFEST_ERROR_NO_ROOT_NODE:
1431 return "Could not find root node in manifest";
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1432 case MANIFEST_ERROR_NO_HYPERVISOR_FDT_NODE:
1433 return "Could not find \"hypervisor\" node in manifest";
David Brazdil74e9c3b2019-08-28 11:09:08 +0100[diff] [blame]1434 case MANIFEST_ERROR_NOT_COMPATIBLE:
1435 return "Hypervisor manifest entry not compatible with Hafnium";
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1436 case MANIFEST_ERROR_RESERVED_VM_ID:
1437 return "Manifest defines a VM with a reserved ID";
1438 case MANIFEST_ERROR_NO_PRIMARY_VM:
1439 return "Manifest does not contain a primary VM entry";
1440 case MANIFEST_ERROR_TOO_MANY_VMS:
1441 return "Manifest specifies more VMs than Hafnium has "
1442 "statically allocated space for";
1443 case MANIFEST_ERROR_PROPERTY_NOT_FOUND:
1444 return "Property not found";
1445 case MANIFEST_ERROR_MALFORMED_STRING:
1446 return "Malformed string property";
David Brazdil0dbb41f2019-09-09 18:03:35 +0100[diff] [blame]1447 case MANIFEST_ERROR_STRING_TOO_LONG:
1448 return "String too long";
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1449 case MANIFEST_ERROR_MALFORMED_INTEGER:
1450 return "Malformed integer property";
1451 case MANIFEST_ERROR_INTEGER_OVERFLOW:
1452 return "Integer overflow";
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]1453 case MANIFEST_ERROR_MALFORMED_INTEGER_LIST:
1454 return "Malformed integer list property";
Andrew Scullb2c3a242019-11-04 13:52:36 +0000[diff] [blame]1455 case MANIFEST_ERROR_MALFORMED_BOOLEAN:
1456 return "Malformed boolean property";
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]1457 case MANIFEST_ERROR_MEMORY_REGION_NODE_EMPTY:
1458 return "Memory-region node should have at least one entry";
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]1459 case MANIFEST_ERROR_DEVICE_REGION_NODE_EMPTY:
1460 return "Device-region node should have at least one entry";
Manish Pandeyf06c9072020-09-29 15:41:58 +0100[diff] [blame]1461 case MANIFEST_ERROR_RXTX_SIZE_MISMATCH:
1462 return "RX and TX buffers should be of same size";
Varun Wadekar4afbfd72022-10-13 14:30:18 +0100[diff] [blame]1463 case MANIFEST_ERROR_MEM_REGION_EMPTY:
1464 return "Memory region should have at least one page";
Karl Meakinf6d49402023-04-04 18:14:26 +0100[diff] [blame]1465 case MANIFEST_ERROR_BASE_ADDRESS_AND_RELATIVE_ADDRESS:
1466 return "Base and relative addresses are mutually exclusive";
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]1467 case MANIFEST_ERROR_MEM_REGION_OVERLAP:
1468 return "Memory region overlaps with one already allocated";
Daniel Boulbyc1a613d2022-10-18 11:26:17 +0100[diff] [blame]1469 case MANIFEST_ERROR_MEM_REGION_UNALIGNED:
1470 return "Memory region is not aligned to a page boundary";
Raghu Krishnamurthy384693c2021-10-11 13:56:24 -0700[diff] [blame]1471 case MANIFEST_ERROR_INVALID_MEM_PERM:
1472 return "Memory permission should be RO, RW or RX";
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]1473 case MANIFEST_ERROR_ARGUMENTS_LIST_EMPTY:
1474 return "Arguments-list node should have at least one argument";
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]1475 case MANIFEST_ERROR_INTERRUPT_ID_REPEATED:
1476 return "Interrupt ID already assigned to another endpoint";
Madhukar Pappireddy5c04a382022-12-28 11:29:26 -0600[diff] [blame]1477 case MANIFEST_ERROR_ILLEGAL_NS_INT_ACTION:
Madhukar Pappireddy84154052022-06-21 18:30:25 -0500[diff] [blame]1478 return "Illegal value specidied for the field: Action in "
1479 "response to NS Interrupt";
Raghu Krishnamurthy98da1ca2022-10-04 08:59:01 -0700[diff] [blame]1480 case MANIFEST_ERROR_INTERRUPT_ID_NOT_IN_LIST:
1481 return "Interrupt ID is not in the list of interrupts";
Madhukar Pappireddy5c04a382022-12-28 11:29:26 -0600[diff] [blame]1482 case MANIFEST_ERROR_ILLEGAL_OTHER_S_INT_ACTION:
1483 return "Illegal value specified for the field: Action in "
1484 "response to Other-S Interrupt";
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]1485 case MANIFEST_ERROR_MEMORY_MISSING:
1486 return "Memory nodes must be defined in the SPMC manifest "
1487 "('memory' and 'ns-memory').";
1488 case MANIFEST_ERROR_PARTITION_ADDRESS_OVERLAP:
1489 return "Partition's memory [load address: load address + "
1490 "memory size[ overlap with other allocated "
1491 "regions.";
1492 case MANIFEST_ERROR_MEM_REGION_INVALID:
1493 return "Memory region must within memory ranges defined "
1494 "in the SPMC manifest.";
Kathleen Capella4a2a6e72023-04-21 14:43:26 -0400[diff] [blame]1495 case MANIFEST_ERROR_INVALID_BOOT_ORDER:
1496 return "Boot order should be a unique value less than "
1497 "default largest value";
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1498 }
1499
1500 panic("Unexpected manifest return code.");
1501}