TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / hafnium / hafnium.git / 14163a7169fb7ce928d30bb4c43ffebdc38301a3 / . / inc / hf / vm.h
blob: 05cd547fa445fc34553b6c07c6f819f129589642 [file] [log] [blame]
Andrew Scull18834872018-10-12 11:48:09 +0100[diff] [blame]1/*
Andrew Walbran692b3252019-03-07 15:51:31 +0000[diff] [blame]2 * Copyright 2018 The Hafnium Authors.
Andrew Scull18834872018-10-12 11:48:09 +0100[diff] [blame]3 *
Andrew Walbrane959ec12020-06-17 15:01:09 +0100[diff] [blame]4 * Use of this source code is governed by a BSD-style
5 * license that can be found in the LICENSE file or at
6 * https://opensource.org/licenses/BSD-3-Clause.
Andrew Scull18834872018-10-12 11:48:09 +0100[diff] [blame]7 */
8
Andrew Scullfbc938a2018-08-20 14:09:28 +0100[diff] [blame]9#pragma once
Wedson Almeida Filho987c0ff2018-06-20 16:34:38 +0100[diff] [blame]10
Andrew Scull9726c252019-01-23 13:44:19 +0000[diff] [blame]11#include <stdatomic.h>
12
Andrew Walbran1f32e722019-06-07 17:57:26 +0100[diff] [blame]13#include "hf/arch/types.h"
14
Andrew Scull18c78fc2018-08-20 12:57:41 +0100[diff] [blame]15#include "hf/cpu.h"
Madhukar Pappireddy464f2462021-08-03 11:23:07 -0500[diff] [blame]16#include "hf/interrupt_desc.h"
Wedson Almeida Filhoea62e2e2019-01-09 19:14:59 +0000[diff] [blame]17#include "hf/list.h"
Andrew Scull18c78fc2018-08-20 12:57:41 +0100[diff] [blame]18#include "hf/mm.h"
Wedson Almeida Filho22d5eaa2018-12-16 00:38:49 +0000[diff] [blame]19#include "hf/mpool.h"
Jose Marinho75509b42019-04-09 09:34:59 +0100[diff] [blame]20
Andrew Walbranb5ab43c2020-04-30 11:32:54 +0100[diff] [blame]21#include "vmapi/hf/ffa.h"
Wedson Almeida Filho987c0ff2018-06-20 16:34:38 +0100[diff] [blame]22
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]23#define MAX_SMCS 32
Andrew Walbranc1ad4ce2019-05-09 11:41:39 +0100[diff] [blame]24#define LOG_BUFFER_SIZE 256
Madhukar Pappireddy464f2462021-08-03 11:23:07 -0500[diff] [blame]25#define VM_MANIFEST_MAX_INTERRUPTS 32
Andrew Walbranc1ad4ce2019-05-09 11:41:39 +0100[diff] [blame]26
Andrew Walbrana36f7592019-12-13 18:43:38 +0000[diff] [blame]27/**
28 * The state of an RX buffer.
29 *
30 * EMPTY is the initial state. The follow state transitions are possible:
Olivier Deprezcf6e3862021-01-18 10:24:58 +0100[diff] [blame]31 * * EMPTY => RECEIVED: message sent to the VM.
32 * * RECEIVED => READ: secondary VM returns from FFA_MSG_WAIT or
Andrew Walbranb5ab43c2020-04-30 11:32:54 +0100[diff] [blame]33 * FFA_MSG_POLL, or primary VM returns from FFA_RUN with an FFA_MSG_SEND
Andrew Walbrana36f7592019-12-13 18:43:38 +0000[diff] [blame]34 * where the receiver is itself.
Olivier Deprezcf6e3862021-01-18 10:24:58 +0100[diff] [blame]35 * * READ => EMPTY: VM called FFA_RX_RELEASE.
Andrew Walbrana36f7592019-12-13 18:43:38 +0000[diff] [blame]36 */
Andrew Scullaa039b32018-10-04 15:02:26 +0100[diff] [blame]37enum mailbox_state {
Andrew Walbranc3910f72018-11-27 14:24:36 +0000[diff] [blame]38 /** There is no message in the mailbox. */
Andrew Sculld6ee1102019-04-05 22:12:42 +0100[diff] [blame]39 MAILBOX_STATE_EMPTY,
Andrew Scullaa039b32018-10-04 15:02:26 +0100[diff] [blame]40
Andrew Walbranc3910f72018-11-27 14:24:36 +0000[diff] [blame]41 /** There is a message in the mailbox that is waiting for a reader. */
Andrew Sculld6ee1102019-04-05 22:12:42 +0100[diff] [blame]42 MAILBOX_STATE_RECEIVED,
Andrew Scullaa039b32018-10-04 15:02:26 +0100[diff] [blame]43
Andrew Walbranc3910f72018-11-27 14:24:36 +0000[diff] [blame]44 /** There is a message in the mailbox that has been read. */
Andrew Sculld6ee1102019-04-05 22:12:42 +0100[diff] [blame]45 MAILBOX_STATE_READ,
Wedson Almeida Filho2f94ec12018-07-26 16:00:48 +0100[diff] [blame]46};
47
Wedson Almeida Filhoea62e2e2019-01-09 19:14:59 +0000[diff] [blame]48struct wait_entry {
49 /** The VM that is waiting for a mailbox to become writable. */
50 struct vm *waiting_vm;
51
52 /**
53 * Links used to add entry to a VM's waiter_list. This is protected by
54 * the notifying VM's lock.
55 */
56 struct list_entry wait_links;
57
58 /**
59 * Links used to add entry to a VM's ready_list. This is protected by
60 * the waiting VM's lock.
61 */
62 struct list_entry ready_links;
63};
64
Andrew Scullaa039b32018-10-04 15:02:26 +0100[diff] [blame]65struct mailbox {
66 enum mailbox_state state;
Andrew Walbran70bc8622019-10-07 14:15:58 +0100[diff] [blame]67 void *recv;
68 const void *send;
69
70 /** The ID of the VM which sent the message currently in `recv`. */
Andrew Walbranb5ab43c2020-04-30 11:32:54 +0100[diff] [blame]71 ffa_vm_id_t recv_sender;
Andrew Walbran70bc8622019-10-07 14:15:58 +0100[diff] [blame]72
73 /** The size of the message currently in `recv`. */
74 uint32_t recv_size;
75
Andrew Walbrane7ad3c02019-12-24 17:03:04 +0000[diff] [blame]76 /**
Andrew Walbranb5ab43c2020-04-30 11:32:54 +0100[diff] [blame]77 * The FF-A function ID to use to deliver the message currently in
Andrew Walbrane7ad3c02019-12-24 17:03:04 +0000[diff] [blame]78 * `recv`.
79 */
80 uint32_t recv_func;
Wedson Almeida Filhoea62e2e2019-01-09 19:14:59 +0000[diff] [blame]81
82 /**
83 * List of wait_entry structs representing VMs that want to be notified
84 * when the mailbox becomes writable. Once the mailbox does become
85 * writable, the entry is removed from this list and added to the
86 * waiting VM's ready_list.
87 */
88 struct list_entry waiter_list;
89
90 /**
91 * List of wait_entry structs representing VMs whose mailboxes became
92 * writable since the owner of the mailbox registers for notification.
93 */
94 struct list_entry ready_list;
Wedson Almeida Filho2f94ec12018-07-26 16:00:48 +0100[diff] [blame]95};
96
J-Alves4ef6e842021-03-18 12:47:01 +0000[diff] [blame]97struct notifications_state {
98 /**
99 * To keep track of the notifications pending.
100 * Set on call to FFA_NOTIFICATION_SET, and cleared on call to
101 * FFA_NOTIFICATION_GET.
102 */
103 ffa_notifications_bitmap_t pending;
104
105 /**
106 * Set on FFA_NOTIFICATION_INFO_GET to keep track of the notifications
107 * whose information has been retrieved by the referred ABI.
108 * Cleared on call to FFA_NOTIFICATION_GET.
109 */
110 ffa_notifications_bitmap_t info_get_retrieved;
111};
112
113struct notifications {
114 /**
115 * The following array maps the notifications to the bound FF-A
116 * endpoint.
117 * The index in the bindings array relates to the notification
118 * ID, and bit position in 'ffa_notifications_bitmap_t'.
119 */
120 ffa_vm_id_t bindings_sender_id[MAX_FFA_NOTIFICATIONS];
121 ffa_notifications_bitmap_t bindings_per_vcpu;
122
123 /* The index of the array below relates to the ID of the VCPU. */
124 struct notifications_state per_vcpu[MAX_CPUS];
125 struct notifications_state global;
126};
127
J-Alvesc8e8a222021-06-08 17:33:52 +0100[diff] [blame]128/**
129 * The following enum relates to a state machine to guide the insertion of
130 * IDs in the respective list as a result of a FFA_NOTIFICATION_INFO_GET call.
131 * As per the FF-A v1.1 specification, the return of the interface
132 * FFA_NOTIFICATION_INFO_GET, is a list of 16-bit values, regarding the VM ID
133 * and VCPU IDs of those with pending notifications.
134 * The overall list, is composed of "sub-lists", that starts with the VM ID, and
135 * can follow with up to 3 more VCPU IDs. A VM can have multiple 'sub-lists'.
136 * The states are traversed on a per VM basis, and should help with filling the
137 * list of IDs.
138 *
139 * INIT is the initial state. The following state transitions are possible:
140 * * INIT => INSERTING: no list has been created for the VM prior. There are
141 * notifications pending and VM ID should be inserted first. If it regards to
142 * a per VCPU notification the VCPU ID should follow. Only VCPU IDs should be
143 * inserted from this point, until reaching "sub-list" size limit.
144 * * INIT => FULL: There is no space in the ID list to insert IDs.
145 * * INSERTING => STARTING_NEW: list has been created. Adding only VCPU IDs,
146 * however "sub-list" limit has been reached. If there are more pending per VCPU
147 * notifications pending for the VM, a new list should be created starting with
148 * VM ID.
149 * * INSERTING => FULL: There is no space in the ID list to insert IDs.
150 * * STARTING_NEW => INSERTING: Started a new 'sub-list' for the given VM, for
151 * the remaining pending per VCPU notifications, only the VCPU ID should be
152 * inserted.
153 * * STARTING_NEW => FULL: There is no space in the ID list to insert IDs.
154 */
155enum notifications_info_get_state {
156 INIT,
157 INSERTING,
158 STARTING_NEW,
159 FULL,
160};
161
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]162struct smc_whitelist {
163 uint32_t smcs[MAX_SMCS];
164 uint16_t smc_count;
165 bool permissive;
166};
167
Wedson Almeida Filho987c0ff2018-06-20 16:34:38 +0100[diff] [blame]168struct vm {
Andrew Walbranb5ab43c2020-04-30 11:32:54 +0100[diff] [blame]169 ffa_vm_id_t id;
Fuad Tabbae4efcc32020-07-16 15:37:27 +0100[diff] [blame]170 struct ffa_uuid uuid;
Daniel Boulbybaeaf2e2021-12-09 11:42:36 +0000[diff] [blame]171 uint32_t ffa_version;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]172 struct smc_whitelist smc_whitelist;
173
Andrew Walbran0d7a0682018-12-06 16:48:47 +0000[diff] [blame]174 /** See api.c for the partial ordering on locks. */
Wedson Almeida Filho2f94ec12018-07-26 16:00:48 +0100[diff] [blame]175 struct spinlock lock;
Andrew Walbranb5ab43c2020-04-30 11:32:54 +0100[diff] [blame]176 ffa_vcpu_count_t vcpu_count;
Wedson Almeida Filho84a30a02018-07-23 20:05:05 +0100[diff] [blame]177 struct vcpu vcpus[MAX_CPUS];
Andrew Scull89a75242018-08-06 17:04:55 +0100[diff] [blame]178 struct mm_ptable ptable;
Andrew Scullaa039b32018-10-04 15:02:26 +0100[diff] [blame]179 struct mailbox mailbox;
J-Alves4ef6e842021-03-18 12:47:01 +0000[diff] [blame]180
181 struct {
182 /**
183 * State structures for notifications coming from VMs or coming
184 * from SPs. Both fields are maintained by the SPMC.
185 * The hypervisor ignores the 'from_sp' field, given VM
186 * notifications from SPs are managed by the SPMC.
187 */
188 struct notifications from_vm;
189 struct notifications from_sp;
J-Alves52578f82022-03-25 12:30:47 +0000[diff] [blame]190 struct notifications_state framework;
J-Alves4ef6e842021-03-18 12:47:01 +0000[diff] [blame]191 bool enabled;
J-Alves6e2abc62021-12-02 14:58:56 +0000[diff] [blame]192 bool npi_injected;
J-Alves4ef6e842021-03-18 12:47:01 +0000[diff] [blame]193 } notifications;
194
Andrew Walbranc1ad4ce2019-05-09 11:41:39 +0100[diff] [blame]195 char log_buffer[LOG_BUFFER_SIZE];
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]196 uint16_t log_buffer_length;
Wedson Almeida Filhoea62e2e2019-01-09 19:14:59 +0000[diff] [blame]197
Andrew Walbranf76f5752019-12-03 18:33:08 +0000[diff] [blame]198 /**
199 * Wait entries to be used when waiting on other VM mailboxes. See
200 * comments on `struct wait_entry` for the lock discipline of these.
201 */
Wedson Almeida Filhob790f652019-01-22 23:41:56 +0000[diff] [blame]202 struct wait_entry wait_entries[MAX_VMS];
Andrew Scull9726c252019-01-23 13:44:19 +0000[diff] [blame]203
204 atomic_bool aborting;
Andrew Walbran1f32e722019-06-07 17:57:26 +0100[diff] [blame]205
J-Alvesb37fd082020-10-22 12:29:21 +0100[diff] [blame]206 /**
Max Shvetsov40108e72020-08-27 12:39:50 +0100[diff] [blame]207 * Booting parameters (FF-A SP partitions).
J-Alvesb37fd082020-10-22 12:29:21 +0100[diff] [blame]208 */
209 bool initialized;
210 uint16_t boot_order;
J-Alves7d38f7b2022-04-13 13:22:30 +0100[diff] [blame]211
212 /** Entries to pass boot data to the VM. */
213 struct {
214 uint32_t gp_register_num;
215 ipaddr_t blob_addr;
216 } boot_info;
217
Maksims Svecovsb596eab2021-04-27 00:52:27 +0100[diff] [blame]218 uint8_t messaging_method;
Maksims Svecovs9ddf86a2021-05-06 17:17:21 +0100[diff] [blame]219 bool managed_exit;
J-Alvesb37fd082020-10-22 12:29:21 +0100[diff] [blame]220 struct vm *next_boot;
221
Max Shvetsov40108e72020-08-27 12:39:50 +0100[diff] [blame]222 /**
223 * Secondary entry point supplied by FFA_SECONDARY_EP_REGISTER used
224 * for cold and warm boot of SP execution contexts.
225 */
226 ipaddr_t secondary_ep;
227
Andrew Walbran1f32e722019-06-07 17:57:26 +0100[diff] [blame]228 /** Arch-specific VM information. */
229 struct arch_vm arch;
Raghu Krishnamurthycd1eceb2021-01-04 12:20:48 -0800[diff] [blame]230 bool el0_partition;
Madhukar Pappireddy464f2462021-08-03 11:23:07 -0500[diff] [blame]231
232 /** Interrupt descriptor */
233 struct interrupt_descriptor interrupt_desc[VM_MANIFEST_MAX_INTERRUPTS];
Wedson Almeida Filhoea62e2e2019-01-09 19:14:59 +0000[diff] [blame]234};
235
236/** Encapsulates a VM whose lock is held. */
237struct vm_locked {
238 struct vm *vm;
Wedson Almeida Filho987c0ff2018-06-20 16:34:38 +0100[diff] [blame]239};
240
Jose Marinho75509b42019-04-09 09:34:59 +0100[diff] [blame]241/** Container for two vm_locked structures */
242struct two_vm_locked {
243 struct vm_locked vm1;
244 struct vm_locked vm2;
245};
246
Andrew Walbranb5ab43c2020-04-30 11:32:54 +0100[diff] [blame]247struct vm *vm_init(ffa_vm_id_t id, ffa_vcpu_count_t vcpu_count,
Raghu Krishnamurthycd1eceb2021-01-04 12:20:48 -0800[diff] [blame]248 struct mpool *ppool, bool el0_partition);
Andrew Walbranb5ab43c2020-04-30 11:32:54 +0100[diff] [blame]249bool vm_init_next(ffa_vcpu_count_t vcpu_count, struct mpool *ppool,
Raghu Krishnamurthycd1eceb2021-01-04 12:20:48 -0800[diff] [blame]250 struct vm **new_vm, bool el0_partition);
Andrew Walbranb5ab43c2020-04-30 11:32:54 +0100[diff] [blame]251ffa_vm_count_t vm_get_count(void);
252struct vm *vm_find(ffa_vm_id_t id);
J-Alves46ee0682021-07-26 15:17:53 +0100[diff] [blame]253struct vm_locked vm_find_locked(ffa_vm_id_t id);
Fuad Tabbae4efcc32020-07-16 15:37:27 +0100[diff] [blame]254struct vm *vm_find_index(uint16_t index);
Andrew Walbran7e932bd2019-04-29 16:47:06 +0100[diff] [blame]255struct vm_locked vm_lock(struct vm *vm);
Jose Marinho75509b42019-04-09 09:34:59 +0100[diff] [blame]256struct two_vm_locked vm_lock_both(struct vm *vm1, struct vm *vm2);
Wedson Almeida Filhoea62e2e2019-01-09 19:14:59 +0000[diff] [blame]257void vm_unlock(struct vm_locked *locked);
Andrew Walbranb5ab43c2020-04-30 11:32:54 +0100[diff] [blame]258struct vcpu *vm_get_vcpu(struct vm *vm, ffa_vcpu_index_t vcpu_index);
259struct wait_entry *vm_get_wait_entry(struct vm *vm, ffa_vm_id_t for_vm);
260ffa_vm_id_t vm_id_for_wait_entry(struct vm *vm, struct wait_entry *entry);
Andrew Walbran45633dd2020-10-07 17:59:54 +0100[diff] [blame]261bool vm_id_is_current_world(ffa_vm_id_t vm_id);
Andrew Scull3c257452019-11-26 13:32:50 +0000[diff] [blame]262
263bool vm_identity_map(struct vm_locked vm_locked, paddr_t begin, paddr_t end,
264 uint32_t mode, struct mpool *ppool, ipaddr_t *ipa);
265bool vm_identity_prepare(struct vm_locked vm_locked, paddr_t begin, paddr_t end,
266 uint32_t mode, struct mpool *ppool);
267void vm_identity_commit(struct vm_locked vm_locked, paddr_t begin, paddr_t end,
268 uint32_t mode, struct mpool *ppool, ipaddr_t *ipa);
269bool vm_unmap(struct vm_locked vm_locked, paddr_t begin, paddr_t end,
270 struct mpool *ppool);
Raghu Krishnamurthy7ad3d142021-03-28 00:47:35 -0700[diff] [blame]271void vm_ptable_defrag(struct vm_locked vm_locked, struct mpool *ppool);
Andrew Scull3c257452019-11-26 13:32:50 +0000[diff] [blame]272bool vm_unmap_hypervisor(struct vm_locked vm_locked, struct mpool *ppool);
J-Alvesb37fd082020-10-22 12:29:21 +0100[diff] [blame]273
274void vm_update_boot(struct vm *vm);
275struct vm *vm_get_first_boot(void);
J-Alves4ef6e842021-03-18 12:47:01 +0000[diff] [blame]276
Raghu Krishnamurthyea195fa2021-02-12 23:29:00 -0800[diff] [blame]277bool vm_mem_get_mode(struct vm_locked vm_locked, ipaddr_t begin, ipaddr_t end,
278 uint32_t *mode);
J-Alvesa0f317d2021-06-09 13:31:59 +0100[diff] [blame]279
280void vm_notifications_init_bindings(struct notifications *n);
281bool vm_are_notifications_pending(struct vm_locked vm_locked, bool from_vm,
282 ffa_notifications_bitmap_t notifications);
J-Alves7461ef22021-10-18 17:21:33 +0100[diff] [blame]283bool vm_are_global_notifications_pending(struct vm_locked vm_locked);
284bool vm_are_per_vcpu_notifications_pending(struct vm_locked vm_locked,
285 ffa_vcpu_index_t vcpu_id);
J-Alves09ff9d82021-11-02 11:55:20 +0000[diff] [blame]286bool vm_are_notifications_enabled(struct vm *vm);
287bool vm_locked_are_notifications_enabled(struct vm_locked vm_locked);
J-Alvesc003a7a2021-03-18 13:06:53 +0000[diff] [blame]288bool vm_notifications_validate_per_vcpu(struct vm_locked vm_locked,
289 bool is_from_vm, bool is_per_vcpu,
290 ffa_notifications_bitmap_t notif);
291bool vm_notifications_validate_bound_sender(
292 struct vm_locked vm_locked, bool is_from_vm, ffa_vm_id_t sender_id,
293 ffa_notifications_bitmap_t notifications);
294bool vm_notifications_validate_binding(struct vm_locked vm_locked,
295 bool is_from_vm, ffa_vm_id_t sender_id,
296 ffa_notifications_bitmap_t notifications,
297 bool is_per_vcpu);
298void vm_notifications_update_bindings(struct vm_locked vm_locked,
299 bool is_from_vm, ffa_vm_id_t sender_id,
300 ffa_notifications_bitmap_t notifications,
301 bool is_per_vcpu);
J-Alves5a16c962022-03-25 12:32:51 +0000[diff] [blame]302void vm_notifications_partition_set_pending(
303 struct vm_locked vm_locked, bool is_from_vm,
304 ffa_notifications_bitmap_t notifications, ffa_vcpu_index_t vcpu_id,
305 bool is_per_vcpu);
J-Alves5136dda2022-03-25 12:26:38 +0000[diff] [blame]306ffa_notifications_bitmap_t vm_notifications_partition_get_pending(
307 struct vm_locked vm_locked, bool is_from_vm, ffa_vcpu_index_t vcpu_id);
J-Alves14163a72022-03-25 14:01:34 +0000[diff] [blame^]308void vm_notifications_framework_set_pending(
309 struct vm_locked vm_locked, ffa_notifications_bitmap_t notifications);
J-Alves663682a2022-03-25 13:56:51 +0000[diff] [blame]310ffa_notifications_bitmap_t vm_notifications_framework_get_pending(
311 struct vm_locked vm_locked);
J-Alvesc8e8a222021-06-08 17:33:52 +0100[diff] [blame]312void vm_notifications_info_get_pending(
313 struct vm_locked vm_locked, bool is_from_vm, uint16_t *ids,
314 uint32_t *ids_count, uint32_t *lists_sizes, uint32_t *lists_count,
315 const uint32_t ids_max_count,
316 enum notifications_info_get_state *info_get_state);
J-Alvesfe23ebe2021-10-13 16:07:07 +0100[diff] [blame]317bool vm_notifications_pending_not_retrieved_by_scheduler(void);
318bool vm_is_notifications_pending_count_zero(void);
J-Alvesc8e8a222021-06-08 17:33:52 +0100[diff] [blame]319bool vm_notifications_info_get(struct vm_locked vm_locked, uint16_t *ids,
320 uint32_t *ids_count, uint32_t *lists_sizes,
321 uint32_t *lists_count,
322 const uint32_t ids_max_count);
J-Alves439ac972021-11-18 17:32:03 +0000[diff] [blame]323bool vm_supports_messaging_method(struct vm *vm, uint8_t messaging_method);
J-Alves6e2abc62021-12-02 14:58:56 +0000[diff] [blame]324void vm_notifications_set_npi_injected(struct vm_locked vm_locked,
325 bool npi_injected);
326bool vm_notifications_is_npi_injected(struct vm_locked vm_locked);
J-Alves7d38f7b2022-04-13 13:22:30 +0100[diff] [blame]327void vm_set_boot_info_gp_reg(struct vm *vm, struct vcpu *vcpu);