TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / hafnium / hafnium.git / ec020910ad3b73d4b79236c183646aceeec26b01 / . / src / manifest.c
blob: f4865dfec79a6688720888afbcacc546280218ba [file] [log] [blame]
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1/*
2 * Copyright 2019 The Hafnium Authors.
3 *
Andrew Walbrane959ec12020-06-17 15:01:09 +0100[diff] [blame]4 * Use of this source code is governed by a BSD-style
5 * license that can be found in the LICENSE file or at
6 * https://opensource.org/licenses/BSD-3-Clause.
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]7 */
8
9#include "hf/manifest.h"
10
J-Alvesd8a1d362023-03-08 11:15:28 +0000[diff] [blame]11#include <stddef.h>
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]12#include <stdint.h>
J-Alvesd8a1d362023-03-08 11:15:28 +0000[diff] [blame]13
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]14#include "hf/arch/types.h"
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]15#include "hf/arch/vmid_base.h"
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]16
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]17#include "hf/addr.h"
Daniel Boulbya2f8c662021-11-26 17:52:53 +0000[diff] [blame]18#include "hf/assert.h"
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]19#include "hf/boot_info.h"
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]20#include "hf/boot_params.h"
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]21#include "hf/check.h"
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]22#include "hf/dlog.h"
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]23#include "hf/fdt.h"
24#include "hf/mm.h"
25#include "hf/mpool.h"
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]26#include "hf/sp_pkg.h"
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]27#include "hf/static_assert.h"
28#include "hf/std.h"
29
30#define TRY(expr) \
31 do { \
32 enum manifest_return_code ret_code = (expr); \
33 if (ret_code != MANIFEST_SUCCESS) { \
34 return ret_code; \
35 } \
36 } while (0)
37
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]38#define VM_ID_MAX (HF_VM_ID_OFFSET + MAX_VMS - 1)
39#define VM_ID_MAX_DIGITS (5)
40#define VM_NAME_EXTRA_CHARS (3) /* "vm" + number + '\0' */
41#define VM_NAME_MAX_SIZE (VM_ID_MAX_DIGITS + VM_NAME_EXTRA_CHARS)
42static_assert(VM_NAME_MAX_SIZE <= STRING_MAX_SIZE,
43 "VM name does not fit into a struct string.");
44static_assert(VM_ID_MAX <= 99999, "Insufficient VM_NAME_BUF_SIZE");
Olivier Deprez2a8ee342020-08-03 15:10:44 +0200[diff] [blame]45static_assert((HF_OTHER_WORLD_ID > VM_ID_MAX) ||
46 (HF_OTHER_WORLD_ID < HF_VM_ID_BASE),
Andrew Walbran9daa57e2019-09-27 13:33:20 +0100[diff] [blame]47 "TrustZone VM ID clashes with normal VM range.");
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]48
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]49/**
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]50 * A struct to keep track of a VM's properties during early boot
51 * manifest parsing.
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]52 */
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]53struct manifest_data {
54 struct manifest manifest;
Daniel Boulby4ca50f02022-07-29 18:29:34 +0100[diff] [blame]55 struct interrupt_bitmap intids;
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]56 struct mem_range mem_regions[PARTITION_MAX_MEMORY_REGIONS * MAX_VMS];
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]57};
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]58
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]59/**
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]60 * Calculate the number of entries in the ppool that are required to
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]61 * store the manifest_data struct.
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]62 */
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]63static size_t manifest_data_ppool_entries =
64 (align_up(sizeof(struct manifest_data), MM_PPOOL_ENTRY_SIZE) /
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]65 MM_PPOOL_ENTRY_SIZE);
66
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]67static struct manifest_data *manifest_data;
68/* Index used to track the number of memory regions allocated. */
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]69static size_t allocated_mem_regions_index = 0;
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]70
71/**
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]72 * Allocates and clear memory for the manifest data in the given memory pool.
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]73 * Returns true if the memory is successfully allocated.
74 */
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]75static bool manifest_data_init(struct mpool *ppool)
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]76{
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]77 manifest_data = (struct manifest_data *)mpool_alloc_contiguous(
78 ppool, manifest_data_ppool_entries, 1);
79 memset_s(manifest_data, sizeof(struct manifest_data), 0,
80 sizeof(struct manifest_data));
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]81
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]82 return manifest_data != NULL;
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]83}
84
85/**
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]86 * Frees the memory used for the manifest data in the given memory pool.
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]87 */
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]88static void manifest_data_deinit(struct mpool *ppool)
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]89{
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]90 /**
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]91 * Clear and return the memory used for the manifest_data struct to the
92 * memory pool.
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]93 */
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]94 memset_s(manifest_data, sizeof(struct manifest_data), 0,
95 sizeof(struct manifest_data));
96 mpool_add_chunk(ppool, manifest_data, manifest_data_ppool_entries);
97
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]98 /**
99 * Reset the index used for tracking the number of memory regions
100 * allocated.
101 */
102 allocated_mem_regions_index = 0;
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]103}
104
Andrew Walbranb5ab43c2020-04-30 11:32:54 +0100[diff] [blame]105static inline size_t count_digits(ffa_vm_id_t vm_id)
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]106{
107 size_t digits = 0;
108
109 do {
110 digits++;
111 vm_id /= 10;
112 } while (vm_id);
113 return digits;
114}
115
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]116/**
117 * Generates a string with the two letters "vm" followed by an integer.
118 * Assumes `buf` is of size VM_NAME_BUF_SIZE.
119 */
Andrew Walbranb5ab43c2020-04-30 11:32:54 +0100[diff] [blame]120static void generate_vm_node_name(struct string *str, ffa_vm_id_t vm_id)
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]121{
122 static const char *digits = "0123456789";
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]123 size_t vm_id_digits = count_digits(vm_id);
124 char *base = str->data;
125 char *ptr = base + (VM_NAME_EXTRA_CHARS + vm_id_digits);
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]126
Daniel Boulbya2f8c662021-11-26 17:52:53 +0000[diff] [blame]127 assert(vm_id_digits <= VM_ID_MAX_DIGITS);
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]128 *(--ptr) = '\0';
129 do {
130 *(--ptr) = digits[vm_id % 10];
131 vm_id /= 10;
132 } while (vm_id);
133 *(--ptr) = 'm';
134 *(--ptr) = 'v';
Daniel Boulbya2f8c662021-11-26 17:52:53 +0000[diff] [blame]135 assert(ptr == base);
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]136}
137
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]138/**
Andrew Scullb2c3a242019-11-04 13:52:36 +0000[diff] [blame]139 * Read a boolean property: true if present; false if not. If present, the value
140 * of the property must be empty else it is considered malformed.
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]141 */
Andrew Scullb2c3a242019-11-04 13:52:36 +0000[diff] [blame]142static enum manifest_return_code read_bool(const struct fdt_node *node,
143 const char *property, bool *out)
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]144{
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]145 struct memiter data;
146 bool present = fdt_read_property(node, property, &data);
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]147
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]148 if (present && memiter_size(&data) != 0) {
Andrew Scullb2c3a242019-11-04 13:52:36 +0000[diff] [blame]149 return MANIFEST_ERROR_MALFORMED_BOOLEAN;
150 }
151
152 *out = present;
153 return MANIFEST_SUCCESS;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]154}
155
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]156static enum manifest_return_code read_string(const struct fdt_node *node,
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]157 const char *property,
158 struct string *out)
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]159{
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]160 struct memiter data;
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]161
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]162 if (!fdt_read_property(node, property, &data)) {
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]163 return MANIFEST_ERROR_PROPERTY_NOT_FOUND;
164 }
165
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]166 switch (string_init(out, &data)) {
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]167 case STRING_SUCCESS:
168 return MANIFEST_SUCCESS;
169 case STRING_ERROR_INVALID_INPUT:
170 return MANIFEST_ERROR_MALFORMED_STRING;
171 case STRING_ERROR_TOO_LONG:
172 return MANIFEST_ERROR_STRING_TOO_LONG;
173 }
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]174}
175
176static enum manifest_return_code read_optional_string(
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]177 const struct fdt_node *node, const char *property, struct string *out)
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]178{
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]179 enum manifest_return_code ret;
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]180
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]181 ret = read_string(node, property, out);
182 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
183 string_init_empty(out);
184 ret = MANIFEST_SUCCESS;
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]185 }
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]186 return ret;
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]187}
188
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]189static enum manifest_return_code read_uint64(const struct fdt_node *node,
190 const char *property,
191 uint64_t *out)
192{
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]193 struct memiter data;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]194
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]195 if (!fdt_read_property(node, property, &data)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]196 return MANIFEST_ERROR_PROPERTY_NOT_FOUND;
197 }
198
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]199 if (!fdt_parse_number(&data, memiter_size(&data), out)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]200 return MANIFEST_ERROR_MALFORMED_INTEGER;
201 }
202
203 return MANIFEST_SUCCESS;
204}
205
David Brazdil080ee312020-02-25 15:30:30 -0800[diff] [blame]206static enum manifest_return_code read_optional_uint64(
207 const struct fdt_node *node, const char *property,
208 uint64_t default_value, uint64_t *out)
209{
210 enum manifest_return_code ret;
211
212 ret = read_uint64(node, property, out);
213 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
214 *out = default_value;
215 return MANIFEST_SUCCESS;
216 }
217 return ret;
218}
219
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]220static enum manifest_return_code read_uint32(const struct fdt_node *node,
221 const char *property,
222 uint32_t *out)
223{
224 uint64_t value;
225
226 TRY(read_uint64(node, property, &value));
227
228 if (value > UINT32_MAX) {
229 return MANIFEST_ERROR_INTEGER_OVERFLOW;
230 }
231
232 *out = (uint32_t)value;
233 return MANIFEST_SUCCESS;
234}
235
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]236static enum manifest_return_code read_optional_uint32(
237 const struct fdt_node *node, const char *property,
238 uint32_t default_value, uint32_t *out)
239{
240 enum manifest_return_code ret;
241
242 ret = read_uint32(node, property, out);
243 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
244 *out = default_value;
245 return MANIFEST_SUCCESS;
246 }
247 return ret;
248}
249
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]250static enum manifest_return_code read_uint16(const struct fdt_node *node,
251 const char *property,
252 uint16_t *out)
253{
254 uint64_t value;
255
256 TRY(read_uint64(node, property, &value));
257
258 if (value > UINT16_MAX) {
259 return MANIFEST_ERROR_INTEGER_OVERFLOW;
260 }
261
262 *out = (uint16_t)value;
263 return MANIFEST_SUCCESS;
264}
265
J-Alvesb37fd082020-10-22 12:29:21 +0100[diff] [blame]266static enum manifest_return_code read_optional_uint16(
267 const struct fdt_node *node, const char *property,
268 uint16_t default_value, uint16_t *out)
269{
270 enum manifest_return_code ret;
271
272 ret = read_uint16(node, property, out);
273 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
274 *out = default_value;
275 return MANIFEST_SUCCESS;
276 }
277
278 return MANIFEST_SUCCESS;
279}
280
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]281static enum manifest_return_code read_uint8(const struct fdt_node *node,
282 const char *property, uint8_t *out)
283{
284 uint64_t value;
285
286 TRY(read_uint64(node, property, &value));
287
288 if (value > UINT8_MAX) {
289 return MANIFEST_ERROR_INTEGER_OVERFLOW;
290 }
291
292 *out = (uint8_t)value;
293 return MANIFEST_SUCCESS;
294}
295
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]296static enum manifest_return_code read_optional_uint8(
297 const struct fdt_node *node, const char *property,
298 uint8_t default_value, uint8_t *out)
299{
300 enum manifest_return_code ret;
301
302 ret = read_uint8(node, property, out);
303 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
304 *out = default_value;
305 return MANIFEST_SUCCESS;
306 }
307
308 return MANIFEST_SUCCESS;
309}
310
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]311struct uint32list_iter {
312 struct memiter mem_it;
313};
314
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]315static enum manifest_return_code read_uint32list(const struct fdt_node *node,
316 const char *property,
317 struct uint32list_iter *out)
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]318{
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]319 struct memiter data;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]320
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]321 if (!fdt_read_property(node, property, &data)) {
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]322 memiter_init(&out->mem_it, NULL, 0);
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]323 return MANIFEST_ERROR_PROPERTY_NOT_FOUND;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]324 }
325
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]326 if ((memiter_size(&data) % sizeof(uint32_t)) != 0) {
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]327 return MANIFEST_ERROR_MALFORMED_INTEGER_LIST;
328 }
329
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]330 out->mem_it = data;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]331 return MANIFEST_SUCCESS;
332}
333
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]334static enum manifest_return_code read_optional_uint32list(
335 const struct fdt_node *node, const char *property,
336 struct uint32list_iter *out)
337{
338 enum manifest_return_code ret = read_uint32list(node, property, out);
339
340 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
341 return MANIFEST_SUCCESS;
342 }
343 return ret;
344}
345
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]346static bool uint32list_has_next(const struct uint32list_iter *list)
347{
348 return memiter_size(&list->mem_it) > 0;
349}
350
David Brazdil5ea99462020-03-25 13:01:47 +0000[diff] [blame]351static enum manifest_return_code uint32list_get_next(
352 struct uint32list_iter *list, uint32_t *out)
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]353{
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]354 uint64_t num;
355
356 CHECK(uint32list_has_next(list));
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]357 if (!fdt_parse_number(&list->mem_it, sizeof(uint32_t), &num)) {
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]358 return MANIFEST_ERROR_MALFORMED_INTEGER;
359 }
360
David Brazdil5ea99462020-03-25 13:01:47 +0000[diff] [blame]361 *out = (uint32_t)num;
362 return MANIFEST_SUCCESS;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]363}
364
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]365static enum manifest_return_code parse_vm_common(const struct fdt_node *node,
366 struct manifest_vm *vm,
367 ffa_vm_id_t vm_id)
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]368{
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]369 struct uint32list_iter smcs;
David Brazdil5ea99462020-03-25 13:01:47 +0000[diff] [blame]370 size_t idx;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]371
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]372 TRY(read_bool(node, "is_ffa_partition", &vm->is_ffa_partition));
373
Raghu Krishnamurthyb49549e2021-07-02 08:27:38 -0700[diff] [blame]374 TRY(read_bool(node, "hyp_loaded", &vm->is_hyp_loaded));
375
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]376 TRY(read_string(node, "debug_name", &vm->debug_name));
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]377
378 TRY(read_optional_uint32list(node, "smc_whitelist", &smcs));
379 while (uint32list_has_next(&smcs) &&
380 vm->smc_whitelist.smc_count < MAX_SMCS) {
David Brazdil5ea99462020-03-25 13:01:47 +0000[diff] [blame]381 idx = vm->smc_whitelist.smc_count++;
382 TRY(uint32list_get_next(&smcs, &vm->smc_whitelist.smcs[idx]));
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]383 }
384
385 if (uint32list_has_next(&smcs)) {
Andrew Walbran17eebf92020-02-05 16:35:49 +0000[diff] [blame]386 dlog_warning("%s SMC whitelist too long.\n", vm->debug_name);
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]387 }
388
Andrew Scullb2c3a242019-11-04 13:52:36 +0000[diff] [blame]389 TRY(read_bool(node, "smc_whitelist_permissive",
390 &vm->smc_whitelist.permissive));
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]391
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]392 if (vm_id != HF_PRIMARY_VM_ID) {
393 TRY(read_uint64(node, "mem_size", &vm->secondary.mem_size));
394 TRY(read_uint16(node, "vcpu_count", &vm->secondary.vcpu_count));
Fuad Tabba50469e02020-06-30 15:14:28 +0100[diff] [blame]395 TRY(read_optional_string(node, "fdt_filename",
396 &vm->secondary.fdt_filename));
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]397 }
398
399 return MANIFEST_SUCCESS;
400}
401
402static enum manifest_return_code parse_vm(struct fdt_node *node,
403 struct manifest_vm *vm,
404 ffa_vm_id_t vm_id)
405{
406 TRY(read_optional_string(node, "kernel_filename",
407 &vm->kernel_filename));
408
David Brazdile6f83222019-09-23 14:47:37 +0100[diff] [blame]409 if (vm_id == HF_PRIMARY_VM_ID) {
410 TRY(read_optional_string(node, "ramdisk_filename",
411 &vm->primary.ramdisk_filename));
David Brazdil080ee312020-02-25 15:30:30 -0800[diff] [blame]412 TRY(read_optional_uint64(node, "boot_address",
413 MANIFEST_INVALID_ADDRESS,
414 &vm->primary.boot_address));
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]415 }
Raghu Krishnamurthy988a5e72021-02-27 21:46:06 -0800[diff] [blame]416 TRY(read_optional_uint8(node, "exception-level", (uint8_t)EL1,
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]417 (uint8_t *)&vm->partition.run_time_el));
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]418
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]419 return MANIFEST_SUCCESS;
420}
421
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]422static bool is_memory_region_within_ranges(uintptr_t base_address,
423 uint32_t page_count,
424 const struct mem_range *ranges,
425 const size_t ranges_size)
426{
427 uintptr_t region_end =
428 base_address + ((uintptr_t)page_count * PAGE_SIZE - 1);
429
430 for (size_t i = 0; i < ranges_size; i++) {
431 uintptr_t base = (uintptr_t)pa_addr(ranges[i].begin);
432 uintptr_t end = (uintptr_t)pa_addr(ranges[i].end);
433
434 if ((base_address >= base && base_address <= end) ||
435 (region_end >= base && region_end <= end)) {
436 return true;
437 }
438 }
439
440 return false;
441}
442
443void dump_memory_ranges(const struct mem_range *ranges,
444 const size_t ranges_size, bool ns)
445{
446 if (LOG_LEVEL < LOG_LEVEL_VERBOSE) {
447 return;
448 }
449
450 dlog("%s Memory ranges:\n", ns ? "NS" : "S");
451
452 for (size_t i = 0; i < ranges_size; i++) {
453 uintptr_t begin = pa_addr(ranges[i].begin);
454 uintptr_t end = pa_addr(ranges[i].end);
455 size_t page_count =
456 align_up(pa_difference(ranges[i].begin, ranges[i].end),
457 PAGE_SIZE) /
458 PAGE_SIZE;
459
460 dlog(" [%x - %x (%u pages)]\n", begin, end, page_count);
461 }
462}
463
464/**
465 * Check the partition's assigned memory is contained in the memory ranges
466 * configured for the SWd, in the SPMC's manifest.
467 */
468static enum manifest_return_code check_partition_memory_is_valid(
469 uintptr_t base_address, uint32_t page_count, uint32_t attributes,
470 const struct boot_params *params)
471{
472 bool is_secure_region =
473 (attributes & MANIFEST_REGION_ATTR_SECURITY) == 0U;
474 const struct mem_range *ranges_from_manifest =
475 is_secure_region ? params->mem_ranges : params->ns_mem_ranges;
476 size_t ranges_count = is_secure_region ? params->mem_ranges_count
477 : params->ns_mem_ranges_count;
478 bool within_ranges = is_memory_region_within_ranges(
479 base_address, page_count, ranges_from_manifest, ranges_count);
480
481 return within_ranges ? MANIFEST_SUCCESS
482 : MANIFEST_ERROR_MEM_REGION_INVALID;
483}
484
485/*
486 * Keep track of the memory allocated by partitions. This includes memory region
487 * nodes defined in their respective partition manifests, as well address space
488 * defined from their load address.
489 */
490static enum manifest_return_code check_and_record_memory_used(
Varun Wadekar4afbfd72022-10-13 14:30:18 +0100[diff] [blame]491 uintptr_t base_address, uint32_t page_count)
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]492{
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]493 bool overlap_of_regions;
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]494
Varun Wadekar4afbfd72022-10-13 14:30:18 +0100[diff] [blame]495 if (page_count == 0U) {
496 dlog_error(
Daniel Boulbyc1a613d2022-10-18 11:26:17 +0100[diff] [blame]497 "Empty memory region defined with base address: %#x.\n",
Varun Wadekar4afbfd72022-10-13 14:30:18 +0100[diff] [blame]498 base_address);
499 return MANIFEST_ERROR_MEM_REGION_EMPTY;
500 }
501
Daniel Boulbyc1a613d2022-10-18 11:26:17 +0100[diff] [blame]502 if (!is_aligned(base_address, PAGE_SIZE)) {
503 dlog_error("base_address (%#x) is not aligned to page size.\n",
504 base_address);
505 return MANIFEST_ERROR_MEM_REGION_UNALIGNED;
506 }
507
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]508 overlap_of_regions = is_memory_region_within_ranges(
509 base_address, page_count, manifest_data->mem_regions,
510 allocated_mem_regions_index);
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]511
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]512 if (!overlap_of_regions) {
513 paddr_t begin = pa_init(base_address);
514
515 manifest_data->mem_regions[allocated_mem_regions_index].begin =
516 begin;
517 manifest_data->mem_regions[allocated_mem_regions_index].end =
518 pa_add(begin, page_count * PAGE_SIZE - 1);
519 allocated_mem_regions_index++;
520
521 return MANIFEST_SUCCESS;
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]522 }
523
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]524 return MANIFEST_ERROR_MEM_REGION_OVERLAP;
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]525}
526
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]527static enum manifest_return_code parse_ffa_memory_region_node(
Manish Pandeyfa1f2912020-05-05 12:57:01 +0100[diff] [blame]528 struct fdt_node *mem_node, struct memory_region *mem_regions,
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]529 uint16_t *count, struct rx_tx *rxtx,
530 const struct boot_params *boot_params)
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]531{
Manish Pandeyfa1f2912020-05-05 12:57:01 +0100[diff] [blame]532 uint32_t phandle;
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]533 uint16_t i = 0;
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]534
535 dlog_verbose(" Partition memory regions\n");
536
537 if (!fdt_is_compatible(mem_node, "arm,ffa-manifest-memory-regions")) {
538 return MANIFEST_ERROR_NOT_COMPATIBLE;
539 }
540
541 if (!fdt_first_child(mem_node)) {
542 return MANIFEST_ERROR_MEMORY_REGION_NODE_EMPTY;
543 }
544
545 do {
546 dlog_verbose(" Memory Region[%u]\n", i);
547
548 TRY(read_optional_string(mem_node, "description",
549 &mem_regions[i].name));
550 dlog_verbose(" Name: %s\n",
551 string_data(&mem_regions[i].name));
552
J-Alvesd8a1d362023-03-08 11:15:28 +0000[diff] [blame]553 TRY(read_uint64(mem_node, "base-address",
554 &mem_regions[i].base_address));
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]555 dlog_verbose(" Base address: %#x\n",
556 mem_regions[i].base_address);
557
558 TRY(read_uint32(mem_node, "pages-count",
559 &mem_regions[i].page_count));
560 dlog_verbose(" Pages_count: %u\n",
561 mem_regions[i].page_count);
562
563 TRY(read_uint32(mem_node, "attributes",
564 &mem_regions[i].attributes));
Raghu Krishnamurthy384693c2021-10-11 13:56:24 -0700[diff] [blame]565
Olivier Deprez035fa152022-03-14 11:19:10 +0100[diff] [blame]566 /*
567 * Check RWX permission attributes.
568 * Security attribute is checked at load phase.
569 */
570 uint32_t permissions = mem_regions[i].attributes &
571 (MANIFEST_REGION_ATTR_READ |
572 MANIFEST_REGION_ATTR_WRITE |
573 MANIFEST_REGION_ATTR_EXEC);
574 if (permissions != MANIFEST_REGION_ATTR_READ &&
575 permissions != (MANIFEST_REGION_ATTR_READ |
576 MANIFEST_REGION_ATTR_WRITE) &&
577 permissions != (MANIFEST_REGION_ATTR_READ |
578 MANIFEST_REGION_ATTR_EXEC)) {
Raghu Krishnamurthy384693c2021-10-11 13:56:24 -0700[diff] [blame]579 return MANIFEST_ERROR_INVALID_MEM_PERM;
580 }
581
Olivier Deprez035fa152022-03-14 11:19:10 +0100[diff] [blame]582 /* Filter memory region attributes. */
583 mem_regions[i].attributes &= MANIFEST_REGION_ALL_ATTR_MASK;
584
585 dlog_verbose(" Attributes: %#x\n",
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]586 mem_regions[i].attributes);
Manish Pandeyfa1f2912020-05-05 12:57:01 +0100[diff] [blame]587
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]588 TRY(check_partition_memory_is_valid(
589 mem_regions[i].base_address, mem_regions[i].page_count,
590 mem_regions[i].attributes, boot_params));
591
592 TRY(check_and_record_memory_used(mem_regions[i].base_address,
593 mem_regions[i].page_count));
594
Manish Pandeya70a4192020-10-07 22:05:04 +0100[diff] [blame]595 if (rxtx->available) {
596 TRY(read_optional_uint32(
597 mem_node, "phandle",
598 (uint32_t)MANIFEST_INVALID_ADDRESS, &phandle));
599 if (phandle == rxtx->rx_phandle) {
600 dlog_verbose(" Assigned as RX buffer\n");
601 rxtx->rx_buffer = &mem_regions[i];
602 } else if (phandle == rxtx->tx_phandle) {
603 dlog_verbose(" Assigned as TX buffer\n");
604 rxtx->tx_buffer = &mem_regions[i];
605 }
Manish Pandeyfa1f2912020-05-05 12:57:01 +0100[diff] [blame]606 }
607
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]608 i++;
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]609 } while (fdt_next_sibling(mem_node) &&
610 (i < PARTITION_MAX_MEMORY_REGIONS));
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]611
Manish Pandeya70a4192020-10-07 22:05:04 +0100[diff] [blame]612 if (rxtx->available &&
613 (rxtx->rx_buffer->page_count != rxtx->tx_buffer->page_count)) {
Manish Pandeyf06c9072020-09-29 15:41:58 +0100[diff] [blame]614 return MANIFEST_ERROR_RXTX_SIZE_MISMATCH;
615 }
616
Manish Pandey2145c212020-05-01 16:04:22 +0100[diff] [blame]617 *count = i;
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]618
619 return MANIFEST_SUCCESS;
620}
621
Raghu Krishnamurthy98da1ca2022-10-04 08:59:01 -0700[diff] [blame]622static struct interrupt_info *device_region_get_interrupt_info(
623 struct device_region *dev_regions, uint32_t intid)
624{
625 for (uint32_t i = 0; i < ARRAY_SIZE(dev_regions->interrupts); i++) {
626 if (dev_regions->interrupts[i].id == intid) {
627 return &(dev_regions->interrupts[i]);
628 }
629 }
630 return NULL;
631}
632
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]633static enum manifest_return_code parse_ffa_device_region_node(
Manish Pandey2145c212020-05-01 16:04:22 +0100[diff] [blame]634 struct fdt_node *dev_node, struct device_region *dev_regions,
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]635 uint16_t *count)
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]636{
637 struct uint32list_iter list;
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]638 uint16_t i = 0;
Madhukar Pappireddy5fc8be12021-08-03 11:42:53 -0500[diff] [blame]639 uint32_t j = 0;
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]640 struct interrupt_bitmap allocated_intids = manifest_data->intids;
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]641
642 dlog_verbose(" Partition Device Regions\n");
643
644 if (!fdt_is_compatible(dev_node, "arm,ffa-manifest-device-regions")) {
645 return MANIFEST_ERROR_NOT_COMPATIBLE;
646 }
647
648 if (!fdt_first_child(dev_node)) {
649 return MANIFEST_ERROR_DEVICE_REGION_NODE_EMPTY;
650 }
651
652 do {
653 dlog_verbose(" Device Region[%u]\n", i);
654
655 TRY(read_optional_string(dev_node, "description",
656 &dev_regions[i].name));
657 dlog_verbose(" Name: %s\n",
658 string_data(&dev_regions[i].name));
659
660 TRY(read_uint64(dev_node, "base-address",
661 &dev_regions[i].base_address));
662 dlog_verbose(" Base address: %#x\n",
663 dev_regions[i].base_address);
664
665 TRY(read_uint32(dev_node, "pages-count",
666 &dev_regions[i].page_count));
667 dlog_verbose(" Pages_count: %u\n",
668 dev_regions[i].page_count);
669
670 TRY(read_uint32(dev_node, "attributes",
671 &dev_regions[i].attributes));
Raghu Krishnamurthy384693c2021-10-11 13:56:24 -0700[diff] [blame]672
Olivier Deprez035fa152022-03-14 11:19:10 +0100[diff] [blame]673 /*
674 * Check RWX permission attributes.
675 * Security attribute is checked at load phase.
676 */
677 uint32_t permissions = dev_regions[i].attributes &
678 (MANIFEST_REGION_ATTR_READ |
679 MANIFEST_REGION_ATTR_WRITE |
680 MANIFEST_REGION_ATTR_EXEC);
681
682 if (permissions != MANIFEST_REGION_ATTR_READ &&
683 permissions != (MANIFEST_REGION_ATTR_READ |
684 MANIFEST_REGION_ATTR_WRITE)) {
Raghu Krishnamurthy384693c2021-10-11 13:56:24 -0700[diff] [blame]685 return MANIFEST_ERROR_INVALID_MEM_PERM;
686 }
687
Olivier Deprez035fa152022-03-14 11:19:10 +0100[diff] [blame]688 /* Filer device region attributes. */
689 dev_regions[i].attributes = dev_regions[i].attributes &
690 MANIFEST_REGION_ALL_ATTR_MASK;
691
692 dlog_verbose(" Attributes: %#x\n",
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]693 dev_regions[i].attributes);
694
695 TRY(read_optional_uint32list(dev_node, "interrupts", &list));
696 dlog_verbose(" Interrupt List:\n");
697 j = 0;
698 while (uint32list_has_next(&list) &&
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]699 j < PARTITION_MAX_INTERRUPTS_PER_DEVICE) {
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]700 uint32_t intid;
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]701
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]702 TRY(uint32list_get_next(
703 &list, &dev_regions[i].interrupts[j].id));
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]704 intid = dev_regions[i].interrupts[j].id;
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]705
706 dlog_verbose(" ID = %u\n", intid);
707
Daniel Boulby4ca50f02022-07-29 18:29:34 +0100[diff] [blame]708 if (interrupt_bitmap_get_value(&allocated_intids,
709 intid) == 1U) {
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]710 return MANIFEST_ERROR_INTERRUPT_ID_REPEATED;
711 }
712
Daniel Boulby4ca50f02022-07-29 18:29:34 +0100[diff] [blame]713 interrupt_bitmap_set_value(&allocated_intids, intid);
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]714
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]715 if (uint32list_has_next(&list)) {
716 TRY(uint32list_get_next(&list,
717 &dev_regions[i]
718 .interrupts[j]
719 .attributes));
720 } else {
721 return MANIFEST_ERROR_MALFORMED_INTEGER_LIST;
722 }
723
Raghu Krishnamurthy98da1ca2022-10-04 08:59:01 -0700[diff] [blame]724 dev_regions[i].interrupts[j].mpidr_valid = false;
725 dev_regions[i].interrupts[j].mpidr = 0;
726
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]727 dlog_verbose(" attributes = %u\n",
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]728 dev_regions[i].interrupts[j].attributes);
729 j++;
730 }
Madhukar Pappireddy5fc8be12021-08-03 11:42:53 -0500[diff] [blame]731
732 dev_regions[i].interrupt_count = j;
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]733 if (j == 0) {
734 dlog_verbose(" Empty\n");
Raghu Krishnamurthy98da1ca2022-10-04 08:59:01 -0700[diff] [blame]735 } else {
736 TRY(read_optional_uint32list(
737 dev_node, "interrupts-target", &list));
738 dlog_verbose(" Interrupt Target List:\n");
739
740 while (uint32list_has_next(&list)) {
741 uint32_t intid;
742 uint64_t mpidr = 0;
743 uint32_t mpidr_lower = 0;
744 uint32_t mpidr_upper = 0;
745 struct interrupt_info *info = NULL;
746
747 TRY(uint32list_get_next(&list, &intid));
748
749 dlog_verbose(" ID = %u\n", intid);
750
751 if (interrupt_bitmap_get_value(
752 &allocated_intids, intid) != 1U) {
753 return MANIFEST_ERROR_INTERRUPT_ID_NOT_IN_LIST;
754 }
755
756 TRY(uint32list_get_next(&list, &mpidr_upper));
757 TRY(uint32list_get_next(&list, &mpidr_lower));
758 mpidr = mpidr_upper;
759 mpidr <<= 32;
760 mpidr |= mpidr_lower;
761
762 info = device_region_get_interrupt_info(
763 &dev_regions[i], intid);
764 /*
765 * We should find info since
766 * interrupt_bitmap_get_value already ensures
767 * that we saw the interrupt and allocated ids
768 * for it.
769 */
770 assert(info != NULL);
771 info->mpidr = mpidr;
772 info->mpidr_valid = true;
773 dlog_verbose(" MPIDR = %#x\n", mpidr);
774 }
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]775 }
776
777 TRY(read_optional_uint32(dev_node, "smmu-id",
Madhukar Pappireddy54680c72020-10-23 15:02:38 -0500[diff] [blame]778 MANIFEST_INVALID_ID,
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]779 &dev_regions[i].smmu_id));
Olivier Deprez86d87ae2021-08-19 14:27:46 +0200[diff] [blame]780 if (dev_regions[i].smmu_id != MANIFEST_INVALID_ID) {
781 dlog_verbose(" smmu-id: %u\n",
782 dev_regions[i].smmu_id);
783 }
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]784
785 TRY(read_optional_uint32list(dev_node, "stream-ids", &list));
786 dlog_verbose(" Stream IDs assigned:\n");
787
788 j = 0;
789 while (uint32list_has_next(&list) &&
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]790 j < PARTITION_MAX_STREAMS_PER_DEVICE) {
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]791 TRY(uint32list_get_next(&list,
792 &dev_regions[i].stream_ids[j]));
793 dlog_verbose(" %u\n",
794 dev_regions[i].stream_ids[j]);
795 j++;
796 }
797 if (j == 0) {
798 dlog_verbose(" None\n");
799 }
Madhukar Pappireddy54680c72020-10-23 15:02:38 -0500[diff] [blame]800 dev_regions[i].stream_count = j;
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]801
802 TRY(read_bool(dev_node, "exclusive-access",
803 &dev_regions[i].exclusive_access));
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]804 dlog_verbose(" Exclusive_access: %u\n",
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]805 dev_regions[i].exclusive_access);
806
807 i++;
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]808 } while (fdt_next_sibling(dev_node) &&
809 (i < PARTITION_MAX_DEVICE_REGIONS));
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]810
Manish Pandey2145c212020-05-01 16:04:22 +0100[diff] [blame]811 *count = i;
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]812
813 return MANIFEST_SUCCESS;
814}
815
J-Alvesabebe432022-05-31 14:40:50 +0100[diff] [blame]816static enum manifest_return_code sanity_check_ffa_manifest(
817 struct manifest_vm *vm)
818{
819 uint16_t ffa_version_major;
820 uint16_t ffa_version_minor;
821 enum manifest_return_code ret_code = MANIFEST_SUCCESS;
822 const char *error_string = "specified in manifest is unsupported";
823 uint32_t k = 0;
824
825 /* ensure that the SPM version is compatible */
826 ffa_version_major = (vm->partition.ffa_version & 0xffff0000) >>
827 FFA_VERSION_MAJOR_OFFSET;
828 ffa_version_minor = vm->partition.ffa_version & 0xffff;
829
830 if (ffa_version_major != FFA_VERSION_MAJOR ||
831 ffa_version_minor > FFA_VERSION_MINOR) {
832 dlog_error("FF-A partition manifest version %s: %u.%u\n",
833 error_string, ffa_version_major, ffa_version_minor);
834 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
835 }
836
837 if (vm->partition.xlat_granule != PAGE_4KB) {
838 dlog_error("Translation granule %s: %u\n", error_string,
839 vm->partition.xlat_granule);
840 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
841 }
842
843 if (vm->partition.execution_state != AARCH64) {
844 dlog_error("Execution state %s: %u\n", error_string,
845 vm->partition.execution_state);
846 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
847 }
848
849 if (vm->partition.run_time_el != EL1 &&
850 vm->partition.run_time_el != S_EL1 &&
851 vm->partition.run_time_el != S_EL0) {
852 dlog_error("Exception level %s: %d\n", error_string,
853 vm->partition.run_time_el);
854 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
855 }
856
857 if ((vm->partition.messaging_method &
858 ~(FFA_PARTITION_DIRECT_REQ_RECV | FFA_PARTITION_DIRECT_REQ_SEND |
859 FFA_PARTITION_INDIRECT_MSG)) != 0U) {
860 dlog_error("Messaging method %s: %x\n", error_string,
861 vm->partition.messaging_method);
862 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
863 }
864
865 if (vm->partition.run_time_el == S_EL0 &&
866 vm->partition.execution_ctx_count != 1) {
867 dlog_error(
868 "Exception level and execution context count %s: %d "
869 "%d\n",
870 error_string, vm->partition.run_time_el,
871 vm->partition.execution_ctx_count);
872 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
873 }
874
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]875 for (uint16_t i = 0; i < vm->partition.dev_region_count; i++) {
J-Alvesabebe432022-05-31 14:40:50 +0100[diff] [blame]876 struct device_region dev_region;
877
878 dev_region = vm->partition.dev_regions[i];
879
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]880 if (dev_region.interrupt_count >
881 PARTITION_MAX_INTERRUPTS_PER_DEVICE) {
J-Alvesabebe432022-05-31 14:40:50 +0100[diff] [blame]882 dlog_error(
883 "Interrupt count for device region exceeds "
884 "limit.\n");
885 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
886 continue;
887 }
888
889 for (uint8_t j = 0; j < dev_region.interrupt_count; j++) {
890 k++;
891 if (k > VM_MANIFEST_MAX_INTERRUPTS) {
892 dlog_error(
893 "Interrupt count for VM exceeds "
894 "limit.\n");
895 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
896 continue;
897 }
898 }
899 }
900
901 /* GP register is restricted to one of x0 - x3. */
902 if (vm->partition.gp_register_num != -1 &&
903 vm->partition.gp_register_num > 3) {
904 dlog_error("GP register number %s: %u\n", error_string,
905 vm->partition.gp_register_num);
906 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
907 }
908
909 return ret_code;
910}
911
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]912enum manifest_return_code parse_ffa_manifest(
913 struct fdt *fdt, struct manifest_vm *vm,
914 struct fdt_node *boot_info_node, const struct boot_params *boot_params)
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]915{
916 unsigned int i = 0;
917 struct uint32list_iter uuid;
918 uint32_t uuid_word;
919 struct fdt_node root;
920 struct fdt_node ffa_node;
921 struct string rxtx_node_name = STRING_INIT("rx_tx-info");
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]922 struct string mem_region_node_name = STRING_INIT("memory-regions");
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]923 struct string dev_region_node_name = STRING_INIT("device-regions");
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]924 struct string boot_info_node_name = STRING_INIT("boot-info");
Madhukar Pappireddy84154052022-06-21 18:30:25 -0500[diff] [blame]925 bool managed_exit_field_present = false;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]926
927 if (!fdt_find_node(fdt, "/", &root)) {
928 return MANIFEST_ERROR_NO_ROOT_NODE;
929 }
930
931 /* Check "compatible" property. */
932 if (!fdt_is_compatible(&root, "arm,ffa-manifest-1.0")) {
933 return MANIFEST_ERROR_NOT_COMPATIBLE;
934 }
935
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]936 TRY(read_uint32(&root, "ffa-version", &vm->partition.ffa_version));
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]937 dlog_verbose(" Expected FF-A version %u.%u\n",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]938 vm->partition.ffa_version >> 16,
939 vm->partition.ffa_version & 0xffff);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]940
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]941 TRY(read_uint32list(&root, "uuid", &uuid));
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]942
943 while (uint32list_has_next(&uuid) && i < 4) {
944 TRY(uint32list_get_next(&uuid, &uuid_word));
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]945 vm->partition.uuid.uuid[i] = uuid_word;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]946 i++;
947 }
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]948 dlog_verbose(" UUID %#x-%x-%x-%x\n", vm->partition.uuid.uuid[0],
949 vm->partition.uuid.uuid[1], vm->partition.uuid.uuid[2],
950 vm->partition.uuid.uuid[3]);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]951
952 TRY(read_uint16(&root, "execution-ctx-count",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]953 &vm->partition.execution_ctx_count));
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]954 dlog_verbose(" Number of execution context %u\n",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]955 vm->partition.execution_ctx_count);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]956
957 TRY(read_uint8(&root, "exception-level",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]958 (uint8_t *)&vm->partition.run_time_el));
959 dlog_verbose(" Run-time EL %u\n", vm->partition.run_time_el);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]960
961 TRY(read_uint8(&root, "execution-state",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]962 (uint8_t *)&vm->partition.execution_state));
963 dlog_verbose(" Execution state %u\n", vm->partition.execution_state);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]964
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]965 TRY(read_optional_uint64(&root, "load-address", 0,
966 &vm->partition.load_addr));
967 dlog_verbose(" Load address %#x\n", vm->partition.load_addr);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]968
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]969 TRY(read_optional_uint64(&root, "entrypoint-offset", 0,
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]970 &vm->partition.ep_offset));
971 dlog_verbose(" Entry point offset %#x\n", vm->partition.ep_offset);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]972
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]973 TRY(read_optional_uint32(&root, "gp-register-num",
974 DEFAULT_BOOT_GP_REGISTER,
975 &vm->partition.gp_register_num));
976 dlog_verbose(" Boot GP register: %#x\n",
977 vm->partition.gp_register_num);
978
J-Alvesb37fd082020-10-22 12:29:21 +0100[diff] [blame]979 TRY(read_optional_uint16(&root, "boot-order", DEFAULT_BOOT_ORDER,
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]980 &vm->partition.boot_order));
981 dlog_verbose(" Boot order %#u\n", vm->partition.boot_order);
J-Alvesb37fd082020-10-22 12:29:21 +0100[diff] [blame]982
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]983 TRY(read_optional_uint8(&root, "xlat-granule", 0,
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]984 (uint8_t *)&vm->partition.xlat_granule));
985 dlog_verbose(" Translation granule %u\n", vm->partition.xlat_granule);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]986
987 ffa_node = root;
988 if (fdt_find_child(&ffa_node, &rxtx_node_name)) {
989 if (!fdt_is_compatible(&ffa_node,
990 "arm,ffa-manifest-rx_tx-buffer")) {
991 return MANIFEST_ERROR_NOT_COMPATIBLE;
992 }
993
Manish Pandeyfa1f2912020-05-05 12:57:01 +0100[diff] [blame]994 /*
995 * Read only phandles for now, it will be used to update buffers
996 * while parsing memory regions.
997 */
998 TRY(read_uint32(&ffa_node, "rx-buffer",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]999 &vm->partition.rxtx.rx_phandle));
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1000
Manish Pandeyfa1f2912020-05-05 12:57:01 +0100[diff] [blame]1001 TRY(read_uint32(&ffa_node, "tx-buffer",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1002 &vm->partition.rxtx.tx_phandle));
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1003
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1004 vm->partition.rxtx.available = true;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1005 }
1006
1007 TRY(read_uint8(&root, "messaging-method",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1008 (uint8_t *)&vm->partition.messaging_method));
1009 dlog_verbose(" Messaging method %u\n", vm->partition.messaging_method);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1010
Madhukar Pappireddy84154052022-06-21 18:30:25 -0500[diff] [blame]1011 TRY(read_bool(&root, "managed-exit", &managed_exit_field_present));
1012
1013 TRY(read_optional_uint8(
1014 &root, "ns-interrupts-action", NS_ACTION_SIGNALED,
1015 (uint8_t *)&vm->partition.ns_interrupts_action));
1016
1017 /*
1018 * An SP manifest can specify one of the fields listed below:
1019 * `managed-exit`: Introduced in FF-A v1.0 spec.
1020 * `ns-interrupts-action`: Introduced in FF-A v1.1 EAC0 spec.
1021 * If both are missing from the manifest, the default response is
1022 * NS_ACTION_SIGNALED.
1023 */
1024 if (managed_exit_field_present) {
1025 vm->partition.ns_interrupts_action = NS_ACTION_ME;
1026 }
1027
1028 if (vm->partition.ns_interrupts_action != NS_ACTION_QUEUED &&
1029 vm->partition.ns_interrupts_action != NS_ACTION_ME &&
1030 vm->partition.ns_interrupts_action != NS_ACTION_SIGNALED) {
Madhukar Pappireddy5c04a382022-12-28 11:29:26 -0600[diff] [blame]1031 return MANIFEST_ERROR_ILLEGAL_NS_INT_ACTION;
Madhukar Pappireddy84154052022-06-21 18:30:25 -0500[diff] [blame]1032 }
1033
1034 dlog_verbose(
1035 "NS Interrupts %s\n",
1036 (vm->partition.ns_interrupts_action == NS_ACTION_QUEUED)
1037 ? "Queued"
1038 : (vm->partition.ns_interrupts_action == NS_ACTION_SIGNALED)
1039 ? "Signaled"
1040 : "Managed exit");
1041
1042 if (vm->partition.ns_interrupts_action == NS_ACTION_ME) {
1043 /* Managed exit only supported by S_EL1 partitions. */
1044 if (vm->partition.run_time_el != S_EL1) {
1045 dlog_error(
1046 "Managed exit cannot be supported by this "
1047 "partition\n");
Madhukar Pappireddy5c04a382022-12-28 11:29:26 -0600[diff] [blame]1048 return MANIFEST_ERROR_ILLEGAL_NS_INT_ACTION;
Madhukar Pappireddy84154052022-06-21 18:30:25 -0500[diff] [blame]1049 }
Madhukar Pappireddy046dad02022-06-21 18:43:33 -0500[diff] [blame]1050
1051 TRY(read_bool(&root, "managed-exit-virq",
1052 &vm->partition.me_signal_virq));
1053 if (vm->partition.me_signal_virq) {
1054 dlog_verbose(" Managed Exit signaled through vIRQ\n");
1055 }
J-Alvesa4730db2021-11-02 10:31:01 +0000[diff] [blame]1056 }
1057
1058 TRY(read_bool(&root, "notification-support",
1059 &vm->partition.notification_support));
1060 if (vm->partition.notification_support) {
1061 dlog_verbose(" Notifications Receipt Supported\n");
1062 }
Maksims Svecovs9ddf86a2021-05-06 17:17:21 +0100[diff] [blame]1063
Madhukar Pappireddy5c04a382022-12-28 11:29:26 -0600[diff] [blame]1064 TRY(read_optional_uint8(
1065 &root, "other-s-interrupts-action", OTHER_S_INT_ACTION_SIGNALED,
1066 (uint8_t *)&vm->partition.other_s_interrupts_action));
1067
1068 if (vm->partition.other_s_interrupts_action ==
1069 OTHER_S_INT_ACTION_QUEUED) {
1070 if (vm->partition.ns_interrupts_action != NS_ACTION_QUEUED) {
1071 dlog_error(
1072 "Choice of the fields 'ns-interrupts-action' "
1073 "and 'other-s-interrupts-action' not "
1074 "compatible\n");
1075 return MANIFEST_ERROR_NOT_COMPATIBLE;
1076 }
1077 } else if (vm->partition.other_s_interrupts_action >
1078 OTHER_S_INT_ACTION_SIGNALED) {
1079 dlog_error(
1080 "Illegal value specified for the field"
1081 " 'other-s-interrupts-action': %u\n",
1082 vm->partition.other_s_interrupts_action);
1083 return MANIFEST_ERROR_ILLEGAL_OTHER_S_INT_ACTION;
1084 }
1085
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]1086 /* Parse boot info node. */
1087 if (boot_info_node != NULL) {
1088 ffa_node = root;
1089 vm->partition.boot_info =
1090 fdt_find_child(&ffa_node, &boot_info_node_name);
1091 if (vm->partition.boot_info) {
1092 *boot_info_node = ffa_node;
1093 }
1094 } else {
1095 vm->partition.boot_info = false;
1096 }
1097
Olivier Depreza15f2352022-09-26 09:17:24 +0200[diff] [blame]1098 TRY(read_optional_uint32(
1099 &root, "power-management-messages",
1100 MANIFEST_POWER_MANAGEMENT_CPU_OFF_SUPPORTED |
1101 MANIFEST_POWER_MANAGEMENT_CPU_ON_SUPPORTED,
1102 &vm->partition.power_management));
1103 vm->partition.power_management &= MANIFEST_POWER_MANAGEMENT_ALL_MASK;
1104 if (vm->partition.execution_ctx_count == 1 ||
1105 vm->partition.run_time_el == S_EL0) {
1106 vm->partition.power_management =
1107 MANIFEST_POWER_MANAGEMENT_NONE_MASK;
1108 }
1109
1110 dlog_verbose(" Power management messages %#x\n",
1111 vm->partition.power_management);
1112
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]1113 /* Parse memory-regions */
1114 ffa_node = root;
1115 if (fdt_find_child(&ffa_node, &mem_region_node_name)) {
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1116 TRY(parse_ffa_memory_region_node(
1117 &ffa_node, vm->partition.mem_regions,
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]1118 &vm->partition.mem_region_count, &vm->partition.rxtx,
1119 boot_params));
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]1120 }
Manish Pandey2145c212020-05-01 16:04:22 +0100[diff] [blame]1121 dlog_verbose(" Total %u memory regions found\n",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1122 vm->partition.mem_region_count);
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]1123
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]1124 /* Parse Device-regions */
1125 ffa_node = root;
1126 if (fdt_find_child(&ffa_node, &dev_region_node_name)) {
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1127 TRY(parse_ffa_device_region_node(
1128 &ffa_node, vm->partition.dev_regions,
1129 &vm->partition.dev_region_count));
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]1130 }
Manish Pandey2145c212020-05-01 16:04:22 +0100[diff] [blame]1131 dlog_verbose(" Total %u device regions found\n",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1132 vm->partition.dev_region_count);
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]1133
J-Alves4eb7b542022-03-02 15:21:52 +0000[diff] [blame]1134 return sanity_check_ffa_manifest(vm);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1135}
1136
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1137static enum manifest_return_code parse_ffa_partition_package(
1138 struct mm_stage1_locked stage1_locked, struct fdt_node *node,
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]1139 struct manifest_vm *vm, ffa_vm_id_t vm_id,
1140 const struct boot_params *boot_params, struct mpool *ppool)
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1141{
1142 enum manifest_return_code ret = MANIFEST_ERROR_NOT_COMPATIBLE;
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1143 uintpaddr_t load_address;
1144 struct sp_pkg_header header;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1145 struct fdt sp_fdt;
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1146 vaddr_t pkg_start;
1147 vaddr_t manifest_address;
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]1148 struct fdt_node boot_info_node;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1149
1150 /*
1151 * This must have been hinted as being an FF-A partition,
1152 * return straight with failure if this is not the case.
1153 */
1154 if (!vm->is_ffa_partition) {
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1155 return ret;
1156 }
1157
1158 TRY(read_uint64(node, "load_address", &load_address));
1159 if (!is_aligned(load_address, PAGE_SIZE)) {
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1160 return MANIFEST_ERROR_NOT_COMPATIBLE;
1161 }
1162
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1163 assert(load_address != 0U);
1164
1165 if (!sp_pkg_init(stage1_locked, pa_init(load_address), &header,
1166 ppool)) {
1167 return ret;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1168 }
1169
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1170 pkg_start = va_init(load_address);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1171
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1172 if (vm_id != HF_PRIMARY_VM_ID &&
1173 sp_pkg_get_mem_size(&header) >= vm->secondary.mem_size) {
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]1174 dlog_error("Invalid package header or DT size.\n");
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1175 goto out;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1176 }
1177
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1178 manifest_address = va_add(va_init(load_address), header.pm_offset);
1179 if (!fdt_init_from_ptr(&sp_fdt, ptr_from_va(manifest_address),
1180 header.pm_size)) {
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1181 dlog_error("FDT failed validation.\n");
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1182 goto out;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1183 }
1184
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]1185 ret = parse_ffa_manifest(&sp_fdt, vm, &boot_info_node, boot_params);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1186 if (ret != MANIFEST_SUCCESS) {
J-Alves4eb7b542022-03-02 15:21:52 +0000[diff] [blame]1187 dlog_error("Error parsing partition manifest: %s.\n",
1188 manifest_strerror(ret));
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1189 goto out;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1190 }
1191
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1192 if (vm->partition.load_addr != load_address) {
J-Alvesa26ea212021-03-22 14:33:47 +0000[diff] [blame]1193 dlog_warning(
1194 "Partition's load address at its manifest differs"
1195 " from specified in partition's package.\n");
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1196 vm->partition.load_addr = load_address;
J-Alvesa26ea212021-03-22 14:33:47 +0000[diff] [blame]1197 }
1198
J-Alves889a1d72022-05-13 11:38:27 +0100[diff] [blame]1199 if (vm->partition.gp_register_num != DEFAULT_BOOT_GP_REGISTER) {
1200 if (header.version == SP_PKG_HEADER_VERSION_2 &&
1201 vm->partition.boot_info &&
1202 !ffa_boot_info_node(&boot_info_node, pkg_start, &header)) {
1203 dlog_error("Failed to process boot information.\n");
1204 }
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]1205 }
1206
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1207out:
1208 sp_pkg_deinit(stage1_locked, pkg_start, &header, ppool);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1209 return ret;
1210}
1211
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1212/**
1213 * Parse manifest from FDT.
1214 */
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1215enum manifest_return_code manifest_init(struct mm_stage1_locked stage1_locked,
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]1216 struct manifest **manifest_ret,
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1217 struct memiter *manifest_fdt,
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]1218 struct boot_params *boot_params,
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1219 struct mpool *ppool)
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1220{
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]1221 struct manifest *manifest;
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]1222 struct string vm_name;
1223 struct fdt fdt;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1224 struct fdt_node hyp_node;
1225 size_t i = 0;
1226 bool found_primary_vm = false;
1227
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]1228 dump_memory_ranges(boot_params->mem_ranges,
1229 boot_params->mem_ranges_count, false);
1230 dump_memory_ranges(boot_params->ns_mem_ranges,
1231 boot_params->ns_mem_ranges_count, true);
1232
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]1233 /* Allocate space in the ppool for the manifest data. */
1234 if (!manifest_data_init(ppool)) {
1235 panic("Unable to allocate manifest data.\n");
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]1236 }
1237
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]1238 manifest = &manifest_data->manifest;
1239 *manifest_ret = manifest;
1240
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]1241 if (!fdt_init_from_memiter(&fdt, manifest_fdt)) {
1242 return MANIFEST_ERROR_FILE_SIZE; /* TODO */
David Brazdila2358d42020-01-27 18:51:38 +0000[diff] [blame]1243 }
1244
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1245 /* Find hypervisor node. */
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]1246 if (!fdt_find_node(&fdt, "/hypervisor", &hyp_node)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1247 return MANIFEST_ERROR_NO_HYPERVISOR_FDT_NODE;
1248 }
1249
David Brazdil74e9c3b2019-08-28 11:09:08 +0100[diff] [blame]1250 /* Check "compatible" property. */
David Brazdilf4925382020-03-25 13:33:51 +0000[diff] [blame]1251 if (!fdt_is_compatible(&hyp_node, "hafnium,hafnium")) {
David Brazdil74e9c3b2019-08-28 11:09:08 +0100[diff] [blame]1252 return MANIFEST_ERROR_NOT_COMPATIBLE;
1253 }
1254
Olivier Deprez622ab8d2021-08-02 12:15:45 +0200[diff] [blame]1255 TRY(read_bool(&hyp_node, "ffa_tee_enabled",
1256 &manifest->ffa_tee_enabled));
Andrew Walbran41a49d82020-01-10 17:46:38 +0000[diff] [blame]1257
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1258 /* Iterate over reserved VM IDs and check no such nodes exist. */
Olivier Deprez2a8ee342020-08-03 15:10:44 +0200[diff] [blame]1259 for (i = HF_VM_ID_BASE; i < HF_VM_ID_OFFSET; i++) {
1260 ffa_vm_id_t vm_id = (ffa_vm_id_t)i - HF_VM_ID_BASE;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1261 struct fdt_node vm_node = hyp_node;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1262
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]1263 generate_vm_node_name(&vm_name, vm_id);
1264 if (fdt_find_child(&vm_node, &vm_name)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1265 return MANIFEST_ERROR_RESERVED_VM_ID;
1266 }
1267 }
1268
1269 /* Iterate over VM nodes until we find one that does not exist. */
1270 for (i = 0; i <= MAX_VMS; ++i) {
Andrew Walbranb5ab43c2020-04-30 11:32:54 +0100[diff] [blame]1271 ffa_vm_id_t vm_id = HF_VM_ID_OFFSET + i;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1272 struct fdt_node vm_node = hyp_node;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1273
Olivier Deprez2a8ee342020-08-03 15:10:44 +0200[diff] [blame]1274 generate_vm_node_name(&vm_name, vm_id - HF_VM_ID_BASE);
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]1275 if (!fdt_find_child(&vm_node, &vm_name)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1276 break;
1277 }
1278
1279 if (i == MAX_VMS) {
1280 return MANIFEST_ERROR_TOO_MANY_VMS;
1281 }
1282
1283 if (vm_id == HF_PRIMARY_VM_ID) {
1284 CHECK(found_primary_vm == false); /* sanity check */
1285 found_primary_vm = true;
1286 }
1287
David Brazdil0251b942019-09-10 15:59:50 +0100[diff] [blame]1288 manifest->vm_count = i + 1;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1289
1290 TRY(parse_vm_common(&vm_node, &manifest->vm[i], vm_id));
1291
Raghu Krishnamurthyb49549e2021-07-02 08:27:38 -0700[diff] [blame]1292 CHECK(!manifest->vm[i].is_hyp_loaded ||
1293 manifest->vm[i].is_ffa_partition);
1294
1295 if (manifest->vm[i].is_ffa_partition &&
1296 !manifest->vm[i].is_hyp_loaded) {
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1297 TRY(parse_ffa_partition_package(stage1_locked, &vm_node,
1298 &manifest->vm[i], vm_id,
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]1299 boot_params, ppool));
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1300 } else {
1301 TRY(parse_vm(&vm_node, &manifest->vm[i], vm_id));
1302 }
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1303 }
1304
Olivier Deprezfb05f3c2020-11-10 17:48:04 +0100[diff] [blame]1305 if (!found_primary_vm && vm_id_is_current_world(HF_PRIMARY_VM_ID)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1306 return MANIFEST_ERROR_NO_PRIMARY_VM;
1307 }
1308
1309 return MANIFEST_SUCCESS;
1310}
1311
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]1312/**
1313 * Free manifest data resources, called once manifest parsing has
1314 * completed and VMs are loaded.
1315 */
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]1316void manifest_deinit(struct mpool *ppool)
1317{
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]1318 manifest_data_deinit(ppool);
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]1319}
1320
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1321const char *manifest_strerror(enum manifest_return_code ret_code)
1322{
1323 switch (ret_code) {
1324 case MANIFEST_SUCCESS:
1325 return "Success";
David Brazdila2358d42020-01-27 18:51:38 +0000[diff] [blame]1326 case MANIFEST_ERROR_FILE_SIZE:
1327 return "Total size in header does not match file size";
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1328 case MANIFEST_ERROR_MALFORMED_DTB:
1329 return "Malformed device tree blob";
David Brazdila2358d42020-01-27 18:51:38 +0000[diff] [blame]1330 case MANIFEST_ERROR_NO_ROOT_NODE:
1331 return "Could not find root node in manifest";
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1332 case MANIFEST_ERROR_NO_HYPERVISOR_FDT_NODE:
1333 return "Could not find \"hypervisor\" node in manifest";
David Brazdil74e9c3b2019-08-28 11:09:08 +0100[diff] [blame]1334 case MANIFEST_ERROR_NOT_COMPATIBLE:
1335 return "Hypervisor manifest entry not compatible with Hafnium";
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1336 case MANIFEST_ERROR_RESERVED_VM_ID:
1337 return "Manifest defines a VM with a reserved ID";
1338 case MANIFEST_ERROR_NO_PRIMARY_VM:
1339 return "Manifest does not contain a primary VM entry";
1340 case MANIFEST_ERROR_TOO_MANY_VMS:
1341 return "Manifest specifies more VMs than Hafnium has "
1342 "statically allocated space for";
1343 case MANIFEST_ERROR_PROPERTY_NOT_FOUND:
1344 return "Property not found";
1345 case MANIFEST_ERROR_MALFORMED_STRING:
1346 return "Malformed string property";
David Brazdil0dbb41f2019-09-09 18:03:35 +0100[diff] [blame]1347 case MANIFEST_ERROR_STRING_TOO_LONG:
1348 return "String too long";
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1349 case MANIFEST_ERROR_MALFORMED_INTEGER:
1350 return "Malformed integer property";
1351 case MANIFEST_ERROR_INTEGER_OVERFLOW:
1352 return "Integer overflow";
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]1353 case MANIFEST_ERROR_MALFORMED_INTEGER_LIST:
1354 return "Malformed integer list property";
Andrew Scullb2c3a242019-11-04 13:52:36 +0000[diff] [blame]1355 case MANIFEST_ERROR_MALFORMED_BOOLEAN:
1356 return "Malformed boolean property";
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]1357 case MANIFEST_ERROR_MEMORY_REGION_NODE_EMPTY:
1358 return "Memory-region node should have at least one entry";
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]1359 case MANIFEST_ERROR_DEVICE_REGION_NODE_EMPTY:
1360 return "Device-region node should have at least one entry";
Manish Pandeyf06c9072020-09-29 15:41:58 +0100[diff] [blame]1361 case MANIFEST_ERROR_RXTX_SIZE_MISMATCH:
1362 return "RX and TX buffers should be of same size";
Varun Wadekar4afbfd72022-10-13 14:30:18 +0100[diff] [blame]1363 case MANIFEST_ERROR_MEM_REGION_EMPTY:
1364 return "Memory region should have at least one page";
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]1365 case MANIFEST_ERROR_MEM_REGION_OVERLAP:
1366 return "Memory region overlaps with one already allocated";
Daniel Boulbyc1a613d2022-10-18 11:26:17 +0100[diff] [blame]1367 case MANIFEST_ERROR_MEM_REGION_UNALIGNED:
1368 return "Memory region is not aligned to a page boundary";
Raghu Krishnamurthy384693c2021-10-11 13:56:24 -0700[diff] [blame]1369 case MANIFEST_ERROR_INVALID_MEM_PERM:
1370 return "Memory permission should be RO, RW or RX";
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]1371 case MANIFEST_ERROR_ARGUMENTS_LIST_EMPTY:
1372 return "Arguments-list node should have at least one argument";
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]1373 case MANIFEST_ERROR_INTERRUPT_ID_REPEATED:
1374 return "Interrupt ID already assigned to another endpoint";
Madhukar Pappireddy5c04a382022-12-28 11:29:26 -0600[diff] [blame]1375 case MANIFEST_ERROR_ILLEGAL_NS_INT_ACTION:
Madhukar Pappireddy84154052022-06-21 18:30:25 -0500[diff] [blame]1376 return "Illegal value specidied for the field: Action in "
1377 "response to NS Interrupt";
Raghu Krishnamurthy98da1ca2022-10-04 08:59:01 -0700[diff] [blame]1378 case MANIFEST_ERROR_INTERRUPT_ID_NOT_IN_LIST:
1379 return "Interrupt ID is not in the list of interrupts";
Madhukar Pappireddy5c04a382022-12-28 11:29:26 -0600[diff] [blame]1380 case MANIFEST_ERROR_ILLEGAL_OTHER_S_INT_ACTION:
1381 return "Illegal value specified for the field: Action in "
1382 "response to Other-S Interrupt";
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]1383 case MANIFEST_ERROR_MEMORY_MISSING:
1384 return "Memory nodes must be defined in the SPMC manifest "
1385 "('memory' and 'ns-memory').";
1386 case MANIFEST_ERROR_PARTITION_ADDRESS_OVERLAP:
1387 return "Partition's memory [load address: load address + "
1388 "memory size[ overlap with other allocated "
1389 "regions.";
1390 case MANIFEST_ERROR_MEM_REGION_INVALID:
1391 return "Memory region must within memory ranges defined "
1392 "in the SPMC manifest.";
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1393 }
1394
1395 panic("Unexpected manifest return code.");
1396}