TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / hafnium / hafnium.git / 801f8ef24a20e97b8f10c21c48907d82800c49dc / . / src / manifest.c
blob: cd70e118e81bea976acc87d8fb5cfc34d2a8a44d [file] [log] [blame]
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1/*
2 * Copyright 2019 The Hafnium Authors.
3 *
Andrew Walbrane959ec12020-06-17 15:01:09 +0100[diff] [blame]4 * Use of this source code is governed by a BSD-style
5 * license that can be found in the LICENSE file or at
6 * https://opensource.org/licenses/BSD-3-Clause.
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]7 */
8
9#include "hf/manifest.h"
10
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]11#include "hf/arch/types.h"
12
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]13#include "hf/addr.h"
Daniel Boulbya2f8c662021-11-26 17:52:53 +0000[diff] [blame]14#include "hf/assert.h"
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]15#include "hf/boot_info.h"
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]16#include "hf/check.h"
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]17#include "hf/dlog.h"
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]18#include "hf/sp_pkg.h"
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]19#include "hf/static_assert.h"
20#include "hf/std.h"
21
22#define TRY(expr) \
23 do { \
24 enum manifest_return_code ret_code = (expr); \
25 if (ret_code != MANIFEST_SUCCESS) { \
26 return ret_code; \
27 } \
28 } while (0)
29
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]30#define VM_ID_MAX (HF_VM_ID_OFFSET + MAX_VMS - 1)
31#define VM_ID_MAX_DIGITS (5)
32#define VM_NAME_EXTRA_CHARS (3) /* "vm" + number + '\0' */
33#define VM_NAME_MAX_SIZE (VM_ID_MAX_DIGITS + VM_NAME_EXTRA_CHARS)
34static_assert(VM_NAME_MAX_SIZE <= STRING_MAX_SIZE,
35 "VM name does not fit into a struct string.");
36static_assert(VM_ID_MAX <= 99999, "Insufficient VM_NAME_BUF_SIZE");
Olivier Deprez2a8ee342020-08-03 15:10:44 +0200[diff] [blame]37static_assert((HF_OTHER_WORLD_ID > VM_ID_MAX) ||
38 (HF_OTHER_WORLD_ID < HF_VM_ID_BASE),
Andrew Walbran9daa57e2019-09-27 13:33:20 +0100[diff] [blame]39 "TrustZone VM ID clashes with normal VM range.");
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]40
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame^]41/**
42 * A struct to keep track of fields that are allocated by partitions
43 * in the manifest.
44 */
45struct allocated_fields {
46 uint32_t intids[HF_NUM_INTIDS / INTERRUPT_REGISTER_BITS];
47};
48
49/**
50 * Ensure the allocated_fields struct will fit in the entry allocated from
51 * the mpool.
52 */
53static_assert(sizeof(struct allocated_fields) < MM_PPOOL_ENTRY_SIZE,
54 "More space required for the allocated_fields struct.");
55static struct allocated_fields *allocated_fields;
56
57/**
58 * Allocates memory for the allocated fields struct in the given memory
59 * pool.
60 * Returns true if the memory is successfully allocated.
61 */
62static bool manifest_allocated_fields_init(struct mpool *ppool)
63{
64 allocated_fields = (struct allocated_fields *)mpool_alloc(ppool);
65 return allocated_fields != NULL;
66}
67
68/**
69 * Frees the memory used for the allocated field struct in the given
70 * memory pool.
71 */
72static void manifest_allocated_fields_deinit(struct mpool *ppool)
73{
74 mpool_free(ppool, allocated_fields);
75}
76
Andrew Walbranb5ab43c2020-04-30 11:32:54 +0100[diff] [blame]77static inline size_t count_digits(ffa_vm_id_t vm_id)
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]78{
79 size_t digits = 0;
80
81 do {
82 digits++;
83 vm_id /= 10;
84 } while (vm_id);
85 return digits;
86}
87
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]88/**
89 * Generates a string with the two letters "vm" followed by an integer.
90 * Assumes `buf` is of size VM_NAME_BUF_SIZE.
91 */
Andrew Walbranb5ab43c2020-04-30 11:32:54 +0100[diff] [blame]92static void generate_vm_node_name(struct string *str, ffa_vm_id_t vm_id)
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]93{
94 static const char *digits = "0123456789";
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]95 size_t vm_id_digits = count_digits(vm_id);
96 char *base = str->data;
97 char *ptr = base + (VM_NAME_EXTRA_CHARS + vm_id_digits);
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]98
Daniel Boulbya2f8c662021-11-26 17:52:53 +0000[diff] [blame]99 assert(vm_id_digits <= VM_ID_MAX_DIGITS);
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]100 *(--ptr) = '\0';
101 do {
102 *(--ptr) = digits[vm_id % 10];
103 vm_id /= 10;
104 } while (vm_id);
105 *(--ptr) = 'm';
106 *(--ptr) = 'v';
Daniel Boulbya2f8c662021-11-26 17:52:53 +0000[diff] [blame]107 assert(ptr == base);
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]108}
109
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]110/**
Andrew Scullb2c3a242019-11-04 13:52:36 +0000[diff] [blame]111 * Read a boolean property: true if present; false if not. If present, the value
112 * of the property must be empty else it is considered malformed.
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]113 */
Andrew Scullb2c3a242019-11-04 13:52:36 +0000[diff] [blame]114static enum manifest_return_code read_bool(const struct fdt_node *node,
115 const char *property, bool *out)
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]116{
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]117 struct memiter data;
118 bool present = fdt_read_property(node, property, &data);
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]119
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]120 if (present && memiter_size(&data) != 0) {
Andrew Scullb2c3a242019-11-04 13:52:36 +0000[diff] [blame]121 return MANIFEST_ERROR_MALFORMED_BOOLEAN;
122 }
123
124 *out = present;
125 return MANIFEST_SUCCESS;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]126}
127
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]128static enum manifest_return_code read_string(const struct fdt_node *node,
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]129 const char *property,
130 struct string *out)
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]131{
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]132 struct memiter data;
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]133
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]134 if (!fdt_read_property(node, property, &data)) {
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]135 return MANIFEST_ERROR_PROPERTY_NOT_FOUND;
136 }
137
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]138 switch (string_init(out, &data)) {
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]139 case STRING_SUCCESS:
140 return MANIFEST_SUCCESS;
141 case STRING_ERROR_INVALID_INPUT:
142 return MANIFEST_ERROR_MALFORMED_STRING;
143 case STRING_ERROR_TOO_LONG:
144 return MANIFEST_ERROR_STRING_TOO_LONG;
145 }
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]146}
147
148static enum manifest_return_code read_optional_string(
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]149 const struct fdt_node *node, const char *property, struct string *out)
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]150{
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]151 enum manifest_return_code ret;
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]152
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]153 ret = read_string(node, property, out);
154 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
155 string_init_empty(out);
156 ret = MANIFEST_SUCCESS;
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]157 }
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]158 return ret;
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]159}
160
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]161static enum manifest_return_code read_uint64(const struct fdt_node *node,
162 const char *property,
163 uint64_t *out)
164{
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]165 struct memiter data;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]166
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]167 if (!fdt_read_property(node, property, &data)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]168 return MANIFEST_ERROR_PROPERTY_NOT_FOUND;
169 }
170
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]171 if (!fdt_parse_number(&data, memiter_size(&data), out)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]172 return MANIFEST_ERROR_MALFORMED_INTEGER;
173 }
174
175 return MANIFEST_SUCCESS;
176}
177
David Brazdil080ee312020-02-25 15:30:30 -0800[diff] [blame]178static enum manifest_return_code read_optional_uint64(
179 const struct fdt_node *node, const char *property,
180 uint64_t default_value, uint64_t *out)
181{
182 enum manifest_return_code ret;
183
184 ret = read_uint64(node, property, out);
185 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
186 *out = default_value;
187 return MANIFEST_SUCCESS;
188 }
189 return ret;
190}
191
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]192static enum manifest_return_code read_uint32(const struct fdt_node *node,
193 const char *property,
194 uint32_t *out)
195{
196 uint64_t value;
197
198 TRY(read_uint64(node, property, &value));
199
200 if (value > UINT32_MAX) {
201 return MANIFEST_ERROR_INTEGER_OVERFLOW;
202 }
203
204 *out = (uint32_t)value;
205 return MANIFEST_SUCCESS;
206}
207
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]208static enum manifest_return_code read_optional_uint32(
209 const struct fdt_node *node, const char *property,
210 uint32_t default_value, uint32_t *out)
211{
212 enum manifest_return_code ret;
213
214 ret = read_uint32(node, property, out);
215 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
216 *out = default_value;
217 return MANIFEST_SUCCESS;
218 }
219 return ret;
220}
221
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]222static enum manifest_return_code read_uint16(const struct fdt_node *node,
223 const char *property,
224 uint16_t *out)
225{
226 uint64_t value;
227
228 TRY(read_uint64(node, property, &value));
229
230 if (value > UINT16_MAX) {
231 return MANIFEST_ERROR_INTEGER_OVERFLOW;
232 }
233
234 *out = (uint16_t)value;
235 return MANIFEST_SUCCESS;
236}
237
J-Alvesb37fd082020-10-22 12:29:21 +0100[diff] [blame]238static enum manifest_return_code read_optional_uint16(
239 const struct fdt_node *node, const char *property,
240 uint16_t default_value, uint16_t *out)
241{
242 enum manifest_return_code ret;
243
244 ret = read_uint16(node, property, out);
245 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
246 *out = default_value;
247 return MANIFEST_SUCCESS;
248 }
249
250 return MANIFEST_SUCCESS;
251}
252
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]253static enum manifest_return_code read_uint8(const struct fdt_node *node,
254 const char *property, uint8_t *out)
255{
256 uint64_t value;
257
258 TRY(read_uint64(node, property, &value));
259
260 if (value > UINT8_MAX) {
261 return MANIFEST_ERROR_INTEGER_OVERFLOW;
262 }
263
264 *out = (uint8_t)value;
265 return MANIFEST_SUCCESS;
266}
267
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]268static enum manifest_return_code read_optional_uint8(
269 const struct fdt_node *node, const char *property,
270 uint8_t default_value, uint8_t *out)
271{
272 enum manifest_return_code ret;
273
274 ret = read_uint8(node, property, out);
275 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
276 *out = default_value;
277 return MANIFEST_SUCCESS;
278 }
279
280 return MANIFEST_SUCCESS;
281}
282
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]283struct uint32list_iter {
284 struct memiter mem_it;
285};
286
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]287static enum manifest_return_code read_uint32list(const struct fdt_node *node,
288 const char *property,
289 struct uint32list_iter *out)
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]290{
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]291 struct memiter data;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]292
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]293 if (!fdt_read_property(node, property, &data)) {
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]294 memiter_init(&out->mem_it, NULL, 0);
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]295 return MANIFEST_ERROR_PROPERTY_NOT_FOUND;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]296 }
297
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]298 if ((memiter_size(&data) % sizeof(uint32_t)) != 0) {
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]299 return MANIFEST_ERROR_MALFORMED_INTEGER_LIST;
300 }
301
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]302 out->mem_it = data;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]303 return MANIFEST_SUCCESS;
304}
305
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]306static enum manifest_return_code read_optional_uint32list(
307 const struct fdt_node *node, const char *property,
308 struct uint32list_iter *out)
309{
310 enum manifest_return_code ret = read_uint32list(node, property, out);
311
312 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
313 return MANIFEST_SUCCESS;
314 }
315 return ret;
316}
317
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]318static bool uint32list_has_next(const struct uint32list_iter *list)
319{
320 return memiter_size(&list->mem_it) > 0;
321}
322
David Brazdil5ea99462020-03-25 13:01:47 +0000[diff] [blame]323static enum manifest_return_code uint32list_get_next(
324 struct uint32list_iter *list, uint32_t *out)
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]325{
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]326 uint64_t num;
327
328 CHECK(uint32list_has_next(list));
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]329 if (!fdt_parse_number(&list->mem_it, sizeof(uint32_t), &num)) {
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]330 return MANIFEST_ERROR_MALFORMED_INTEGER;
331 }
332
David Brazdil5ea99462020-03-25 13:01:47 +0000[diff] [blame]333 *out = (uint32_t)num;
334 return MANIFEST_SUCCESS;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]335}
336
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]337static enum manifest_return_code parse_vm_common(const struct fdt_node *node,
338 struct manifest_vm *vm,
339 ffa_vm_id_t vm_id)
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]340{
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]341 struct uint32list_iter smcs;
David Brazdil5ea99462020-03-25 13:01:47 +0000[diff] [blame]342 size_t idx;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]343
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]344 TRY(read_bool(node, "is_ffa_partition", &vm->is_ffa_partition));
345
Raghu Krishnamurthyb49549e2021-07-02 08:27:38 -0700[diff] [blame]346 TRY(read_bool(node, "hyp_loaded", &vm->is_hyp_loaded));
347
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]348 TRY(read_string(node, "debug_name", &vm->debug_name));
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]349
350 TRY(read_optional_uint32list(node, "smc_whitelist", &smcs));
351 while (uint32list_has_next(&smcs) &&
352 vm->smc_whitelist.smc_count < MAX_SMCS) {
David Brazdil5ea99462020-03-25 13:01:47 +0000[diff] [blame]353 idx = vm->smc_whitelist.smc_count++;
354 TRY(uint32list_get_next(&smcs, &vm->smc_whitelist.smcs[idx]));
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]355 }
356
357 if (uint32list_has_next(&smcs)) {
Andrew Walbran17eebf92020-02-05 16:35:49 +0000[diff] [blame]358 dlog_warning("%s SMC whitelist too long.\n", vm->debug_name);
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]359 }
360
Andrew Scullb2c3a242019-11-04 13:52:36 +0000[diff] [blame]361 TRY(read_bool(node, "smc_whitelist_permissive",
362 &vm->smc_whitelist.permissive));
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]363
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]364 if (vm_id != HF_PRIMARY_VM_ID) {
365 TRY(read_uint64(node, "mem_size", &vm->secondary.mem_size));
366 TRY(read_uint16(node, "vcpu_count", &vm->secondary.vcpu_count));
Fuad Tabba50469e02020-06-30 15:14:28 +0100[diff] [blame]367 TRY(read_optional_string(node, "fdt_filename",
368 &vm->secondary.fdt_filename));
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]369 }
370
371 return MANIFEST_SUCCESS;
372}
373
374static enum manifest_return_code parse_vm(struct fdt_node *node,
375 struct manifest_vm *vm,
376 ffa_vm_id_t vm_id)
377{
378 TRY(read_optional_string(node, "kernel_filename",
379 &vm->kernel_filename));
380
David Brazdile6f83222019-09-23 14:47:37 +0100[diff] [blame]381 if (vm_id == HF_PRIMARY_VM_ID) {
382 TRY(read_optional_string(node, "ramdisk_filename",
383 &vm->primary.ramdisk_filename));
David Brazdil080ee312020-02-25 15:30:30 -0800[diff] [blame]384 TRY(read_optional_uint64(node, "boot_address",
385 MANIFEST_INVALID_ADDRESS,
386 &vm->primary.boot_address));
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]387 }
Raghu Krishnamurthy988a5e72021-02-27 21:46:06 -0800[diff] [blame]388 TRY(read_optional_uint8(node, "exception-level", (uint8_t)EL1,
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]389 (uint8_t *)&vm->partition.run_time_el));
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]390
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]391 return MANIFEST_SUCCESS;
392}
393
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]394static enum manifest_return_code parse_ffa_memory_region_node(
Manish Pandeyfa1f2912020-05-05 12:57:01 +0100[diff] [blame]395 struct fdt_node *mem_node, struct memory_region *mem_regions,
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]396 uint16_t *count, struct rx_tx *rxtx)
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]397{
Manish Pandeyfa1f2912020-05-05 12:57:01 +0100[diff] [blame]398 uint32_t phandle;
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]399 uint16_t i = 0;
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]400
401 dlog_verbose(" Partition memory regions\n");
402
403 if (!fdt_is_compatible(mem_node, "arm,ffa-manifest-memory-regions")) {
404 return MANIFEST_ERROR_NOT_COMPATIBLE;
405 }
406
407 if (!fdt_first_child(mem_node)) {
408 return MANIFEST_ERROR_MEMORY_REGION_NODE_EMPTY;
409 }
410
411 do {
412 dlog_verbose(" Memory Region[%u]\n", i);
413
414 TRY(read_optional_string(mem_node, "description",
415 &mem_regions[i].name));
416 dlog_verbose(" Name: %s\n",
417 string_data(&mem_regions[i].name));
418
419 TRY(read_optional_uint64(mem_node, "base-address",
420 MANIFEST_INVALID_ADDRESS,
421 &mem_regions[i].base_address));
422 dlog_verbose(" Base address: %#x\n",
423 mem_regions[i].base_address);
424
425 TRY(read_uint32(mem_node, "pages-count",
426 &mem_regions[i].page_count));
427 dlog_verbose(" Pages_count: %u\n",
428 mem_regions[i].page_count);
429
430 TRY(read_uint32(mem_node, "attributes",
431 &mem_regions[i].attributes));
Raghu Krishnamurthy384693c2021-10-11 13:56:24 -0700[diff] [blame]432
Olivier Deprez035fa152022-03-14 11:19:10 +0100[diff] [blame]433 /*
434 * Check RWX permission attributes.
435 * Security attribute is checked at load phase.
436 */
437 uint32_t permissions = mem_regions[i].attributes &
438 (MANIFEST_REGION_ATTR_READ |
439 MANIFEST_REGION_ATTR_WRITE |
440 MANIFEST_REGION_ATTR_EXEC);
441 if (permissions != MANIFEST_REGION_ATTR_READ &&
442 permissions != (MANIFEST_REGION_ATTR_READ |
443 MANIFEST_REGION_ATTR_WRITE) &&
444 permissions != (MANIFEST_REGION_ATTR_READ |
445 MANIFEST_REGION_ATTR_EXEC)) {
Raghu Krishnamurthy384693c2021-10-11 13:56:24 -0700[diff] [blame]446 return MANIFEST_ERROR_INVALID_MEM_PERM;
447 }
448
Olivier Deprez035fa152022-03-14 11:19:10 +0100[diff] [blame]449 /* Filter memory region attributes. */
450 mem_regions[i].attributes &= MANIFEST_REGION_ALL_ATTR_MASK;
451
452 dlog_verbose(" Attributes: %#x\n",
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]453 mem_regions[i].attributes);
Manish Pandeyfa1f2912020-05-05 12:57:01 +0100[diff] [blame]454
Manish Pandeya70a4192020-10-07 22:05:04 +0100[diff] [blame]455 if (rxtx->available) {
456 TRY(read_optional_uint32(
457 mem_node, "phandle",
458 (uint32_t)MANIFEST_INVALID_ADDRESS, &phandle));
459 if (phandle == rxtx->rx_phandle) {
460 dlog_verbose(" Assigned as RX buffer\n");
461 rxtx->rx_buffer = &mem_regions[i];
462 } else if (phandle == rxtx->tx_phandle) {
463 dlog_verbose(" Assigned as TX buffer\n");
464 rxtx->tx_buffer = &mem_regions[i];
465 }
Manish Pandeyfa1f2912020-05-05 12:57:01 +0100[diff] [blame]466 }
467
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]468 i++;
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]469 } while (fdt_next_sibling(mem_node) &&
470 (i < PARTITION_MAX_MEMORY_REGIONS));
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]471
Manish Pandeya70a4192020-10-07 22:05:04 +0100[diff] [blame]472 if (rxtx->available &&
473 (rxtx->rx_buffer->page_count != rxtx->tx_buffer->page_count)) {
Manish Pandeyf06c9072020-09-29 15:41:58 +0100[diff] [blame]474 return MANIFEST_ERROR_RXTX_SIZE_MISMATCH;
475 }
476
Manish Pandey2145c212020-05-01 16:04:22 +0100[diff] [blame]477 *count = i;
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]478
479 return MANIFEST_SUCCESS;
480}
481
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]482static enum manifest_return_code parse_ffa_device_region_node(
Manish Pandey2145c212020-05-01 16:04:22 +0100[diff] [blame]483 struct fdt_node *dev_node, struct device_region *dev_regions,
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]484 uint16_t *count)
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]485{
486 struct uint32list_iter list;
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]487 uint16_t i = 0;
Madhukar Pappireddy5fc8be12021-08-03 11:42:53 -0500[diff] [blame]488 uint32_t j = 0;
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame^]489 uint32_t *allocated_intids = allocated_fields->intids;
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]490
491 dlog_verbose(" Partition Device Regions\n");
492
493 if (!fdt_is_compatible(dev_node, "arm,ffa-manifest-device-regions")) {
494 return MANIFEST_ERROR_NOT_COMPATIBLE;
495 }
496
497 if (!fdt_first_child(dev_node)) {
498 return MANIFEST_ERROR_DEVICE_REGION_NODE_EMPTY;
499 }
500
501 do {
502 dlog_verbose(" Device Region[%u]\n", i);
503
504 TRY(read_optional_string(dev_node, "description",
505 &dev_regions[i].name));
506 dlog_verbose(" Name: %s\n",
507 string_data(&dev_regions[i].name));
508
509 TRY(read_uint64(dev_node, "base-address",
510 &dev_regions[i].base_address));
511 dlog_verbose(" Base address: %#x\n",
512 dev_regions[i].base_address);
513
514 TRY(read_uint32(dev_node, "pages-count",
515 &dev_regions[i].page_count));
516 dlog_verbose(" Pages_count: %u\n",
517 dev_regions[i].page_count);
518
519 TRY(read_uint32(dev_node, "attributes",
520 &dev_regions[i].attributes));
Raghu Krishnamurthy384693c2021-10-11 13:56:24 -0700[diff] [blame]521
Olivier Deprez035fa152022-03-14 11:19:10 +0100[diff] [blame]522 /*
523 * Check RWX permission attributes.
524 * Security attribute is checked at load phase.
525 */
526 uint32_t permissions = dev_regions[i].attributes &
527 (MANIFEST_REGION_ATTR_READ |
528 MANIFEST_REGION_ATTR_WRITE |
529 MANIFEST_REGION_ATTR_EXEC);
530
531 if (permissions != MANIFEST_REGION_ATTR_READ &&
532 permissions != (MANIFEST_REGION_ATTR_READ |
533 MANIFEST_REGION_ATTR_WRITE)) {
Raghu Krishnamurthy384693c2021-10-11 13:56:24 -0700[diff] [blame]534 return MANIFEST_ERROR_INVALID_MEM_PERM;
535 }
536
Olivier Deprez035fa152022-03-14 11:19:10 +0100[diff] [blame]537 /* Filer device region attributes. */
538 dev_regions[i].attributes = dev_regions[i].attributes &
539 MANIFEST_REGION_ALL_ATTR_MASK;
540
541 dlog_verbose(" Attributes: %#x\n",
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]542 dev_regions[i].attributes);
543
544 TRY(read_optional_uint32list(dev_node, "interrupts", &list));
545 dlog_verbose(" Interrupt List:\n");
546 j = 0;
547 while (uint32list_has_next(&list) &&
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]548 j < PARTITION_MAX_INTERRUPTS_PER_DEVICE) {
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame^]549 uint32_t intid;
550 uint32_t intid_index;
551 uint32_t intid_mask;
552
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]553 TRY(uint32list_get_next(
554 &list, &dev_regions[i].interrupts[j].id));
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame^]555 intid = dev_regions[i].interrupts[j].id;
556 intid_index = INTID_INDEX(intid);
557 intid_mask = INTID_MASK(1U, intid);
558
559 dlog_verbose(" ID = %u\n", intid);
560
561 if ((allocated_intids[intid_index] & intid_mask) !=
562 0U) {
563 return MANIFEST_ERROR_INTERRUPT_ID_REPEATED;
564 }
565
566 allocated_intids[intid_index] |= intid_mask;
567
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]568 if (uint32list_has_next(&list)) {
569 TRY(uint32list_get_next(&list,
570 &dev_regions[i]
571 .interrupts[j]
572 .attributes));
573 } else {
574 return MANIFEST_ERROR_MALFORMED_INTEGER_LIST;
575 }
576
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame^]577 dlog_verbose(" attributes = %u\n",
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]578 dev_regions[i].interrupts[j].attributes);
579 j++;
580 }
Madhukar Pappireddy5fc8be12021-08-03 11:42:53 -0500[diff] [blame]581
582 dev_regions[i].interrupt_count = j;
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]583 if (j == 0) {
584 dlog_verbose(" Empty\n");
585 }
586
587 TRY(read_optional_uint32(dev_node, "smmu-id",
Madhukar Pappireddy54680c72020-10-23 15:02:38 -0500[diff] [blame]588 MANIFEST_INVALID_ID,
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]589 &dev_regions[i].smmu_id));
Olivier Deprez86d87ae2021-08-19 14:27:46 +0200[diff] [blame]590 if (dev_regions[i].smmu_id != MANIFEST_INVALID_ID) {
591 dlog_verbose(" smmu-id: %u\n",
592 dev_regions[i].smmu_id);
593 }
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]594
595 TRY(read_optional_uint32list(dev_node, "stream-ids", &list));
596 dlog_verbose(" Stream IDs assigned:\n");
597
598 j = 0;
599 while (uint32list_has_next(&list) &&
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]600 j < PARTITION_MAX_STREAMS_PER_DEVICE) {
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]601 TRY(uint32list_get_next(&list,
602 &dev_regions[i].stream_ids[j]));
603 dlog_verbose(" %u\n",
604 dev_regions[i].stream_ids[j]);
605 j++;
606 }
607 if (j == 0) {
608 dlog_verbose(" None\n");
609 }
Madhukar Pappireddy54680c72020-10-23 15:02:38 -0500[diff] [blame]610 dev_regions[i].stream_count = j;
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]611
612 TRY(read_bool(dev_node, "exclusive-access",
613 &dev_regions[i].exclusive_access));
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]614 dlog_verbose(" Exclusive_access: %u\n",
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]615 dev_regions[i].exclusive_access);
616
617 i++;
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]618 } while (fdt_next_sibling(dev_node) &&
619 (i < PARTITION_MAX_DEVICE_REGIONS));
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]620
Manish Pandey2145c212020-05-01 16:04:22 +0100[diff] [blame]621 *count = i;
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]622
623 return MANIFEST_SUCCESS;
624}
625
J-Alvesabebe432022-05-31 14:40:50 +0100[diff] [blame]626static enum manifest_return_code sanity_check_ffa_manifest(
627 struct manifest_vm *vm)
628{
629 uint16_t ffa_version_major;
630 uint16_t ffa_version_minor;
631 enum manifest_return_code ret_code = MANIFEST_SUCCESS;
632 const char *error_string = "specified in manifest is unsupported";
633 uint32_t k = 0;
634
635 /* ensure that the SPM version is compatible */
636 ffa_version_major = (vm->partition.ffa_version & 0xffff0000) >>
637 FFA_VERSION_MAJOR_OFFSET;
638 ffa_version_minor = vm->partition.ffa_version & 0xffff;
639
640 if (ffa_version_major != FFA_VERSION_MAJOR ||
641 ffa_version_minor > FFA_VERSION_MINOR) {
642 dlog_error("FF-A partition manifest version %s: %u.%u\n",
643 error_string, ffa_version_major, ffa_version_minor);
644 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
645 }
646
647 if (vm->partition.xlat_granule != PAGE_4KB) {
648 dlog_error("Translation granule %s: %u\n", error_string,
649 vm->partition.xlat_granule);
650 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
651 }
652
653 if (vm->partition.execution_state != AARCH64) {
654 dlog_error("Execution state %s: %u\n", error_string,
655 vm->partition.execution_state);
656 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
657 }
658
659 if (vm->partition.run_time_el != EL1 &&
660 vm->partition.run_time_el != S_EL1 &&
661 vm->partition.run_time_el != S_EL0) {
662 dlog_error("Exception level %s: %d\n", error_string,
663 vm->partition.run_time_el);
664 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
665 }
666
667 if ((vm->partition.messaging_method &
668 ~(FFA_PARTITION_DIRECT_REQ_RECV | FFA_PARTITION_DIRECT_REQ_SEND |
669 FFA_PARTITION_INDIRECT_MSG)) != 0U) {
670 dlog_error("Messaging method %s: %x\n", error_string,
671 vm->partition.messaging_method);
672 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
673 }
674
675 if (vm->partition.run_time_el == S_EL0 &&
676 vm->partition.execution_ctx_count != 1) {
677 dlog_error(
678 "Exception level and execution context count %s: %d "
679 "%d\n",
680 error_string, vm->partition.run_time_el,
681 vm->partition.execution_ctx_count);
682 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
683 }
684
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]685 for (uint16_t i = 0; i < vm->partition.dev_region_count; i++) {
J-Alvesabebe432022-05-31 14:40:50 +0100[diff] [blame]686 struct device_region dev_region;
687
688 dev_region = vm->partition.dev_regions[i];
689
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]690 if (dev_region.interrupt_count >
691 PARTITION_MAX_INTERRUPTS_PER_DEVICE) {
J-Alvesabebe432022-05-31 14:40:50 +0100[diff] [blame]692 dlog_error(
693 "Interrupt count for device region exceeds "
694 "limit.\n");
695 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
696 continue;
697 }
698
699 for (uint8_t j = 0; j < dev_region.interrupt_count; j++) {
700 k++;
701 if (k > VM_MANIFEST_MAX_INTERRUPTS) {
702 dlog_error(
703 "Interrupt count for VM exceeds "
704 "limit.\n");
705 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
706 continue;
707 }
708 }
709 }
710
711 /* GP register is restricted to one of x0 - x3. */
712 if (vm->partition.gp_register_num != -1 &&
713 vm->partition.gp_register_num > 3) {
714 dlog_error("GP register number %s: %u\n", error_string,
715 vm->partition.gp_register_num);
716 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
717 }
718
719 return ret_code;
720}
721
Raghu Krishnamurthyb49549e2021-07-02 08:27:38 -0700[diff] [blame]722enum manifest_return_code parse_ffa_manifest(struct fdt *fdt,
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]723 struct manifest_vm *vm,
724 struct fdt_node *boot_info_node)
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]725{
726 unsigned int i = 0;
727 struct uint32list_iter uuid;
728 uint32_t uuid_word;
729 struct fdt_node root;
730 struct fdt_node ffa_node;
731 struct string rxtx_node_name = STRING_INIT("rx_tx-info");
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]732 struct string mem_region_node_name = STRING_INIT("memory-regions");
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]733 struct string dev_region_node_name = STRING_INIT("device-regions");
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]734 struct string boot_info_node_name = STRING_INIT("boot-info");
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]735
736 if (!fdt_find_node(fdt, "/", &root)) {
737 return MANIFEST_ERROR_NO_ROOT_NODE;
738 }
739
740 /* Check "compatible" property. */
741 if (!fdt_is_compatible(&root, "arm,ffa-manifest-1.0")) {
742 return MANIFEST_ERROR_NOT_COMPATIBLE;
743 }
744
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]745 TRY(read_uint32(&root, "ffa-version", &vm->partition.ffa_version));
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]746 dlog_verbose(" Expected FF-A version %u.%u\n",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]747 vm->partition.ffa_version >> 16,
748 vm->partition.ffa_version & 0xffff);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]749
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]750 TRY(read_uint32list(&root, "uuid", &uuid));
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]751
752 while (uint32list_has_next(&uuid) && i < 4) {
753 TRY(uint32list_get_next(&uuid, &uuid_word));
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]754 vm->partition.uuid.uuid[i] = uuid_word;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]755 i++;
756 }
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]757 dlog_verbose(" UUID %#x-%x-%x-%x\n", vm->partition.uuid.uuid[0],
758 vm->partition.uuid.uuid[1], vm->partition.uuid.uuid[2],
759 vm->partition.uuid.uuid[3]);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]760
761 TRY(read_uint16(&root, "execution-ctx-count",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]762 &vm->partition.execution_ctx_count));
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]763 dlog_verbose(" Number of execution context %u\n",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]764 vm->partition.execution_ctx_count);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]765
766 TRY(read_uint8(&root, "exception-level",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]767 (uint8_t *)&vm->partition.run_time_el));
768 dlog_verbose(" Run-time EL %u\n", vm->partition.run_time_el);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]769
770 TRY(read_uint8(&root, "execution-state",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]771 (uint8_t *)&vm->partition.execution_state));
772 dlog_verbose(" Execution state %u\n", vm->partition.execution_state);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]773
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]774 TRY(read_optional_uint64(&root, "load-address", 0,
775 &vm->partition.load_addr));
776 dlog_verbose(" Load address %#x\n", vm->partition.load_addr);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]777
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]778 TRY(read_optional_uint64(&root, "entrypoint-offset", 0,
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]779 &vm->partition.ep_offset));
780 dlog_verbose(" Entry point offset %#x\n", vm->partition.ep_offset);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]781
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]782 TRY(read_optional_uint32(&root, "gp-register-num",
783 DEFAULT_BOOT_GP_REGISTER,
784 &vm->partition.gp_register_num));
785 dlog_verbose(" Boot GP register: %#x\n",
786 vm->partition.gp_register_num);
787
J-Alvesb37fd082020-10-22 12:29:21 +0100[diff] [blame]788 TRY(read_optional_uint16(&root, "boot-order", DEFAULT_BOOT_ORDER,
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]789 &vm->partition.boot_order));
790 dlog_verbose(" Boot order %#u\n", vm->partition.boot_order);
J-Alvesb37fd082020-10-22 12:29:21 +0100[diff] [blame]791
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]792 TRY(read_optional_uint8(&root, "xlat-granule", 0,
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]793 (uint8_t *)&vm->partition.xlat_granule));
794 dlog_verbose(" Translation granule %u\n", vm->partition.xlat_granule);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]795
796 ffa_node = root;
797 if (fdt_find_child(&ffa_node, &rxtx_node_name)) {
798 if (!fdt_is_compatible(&ffa_node,
799 "arm,ffa-manifest-rx_tx-buffer")) {
800 return MANIFEST_ERROR_NOT_COMPATIBLE;
801 }
802
Manish Pandeyfa1f2912020-05-05 12:57:01 +0100[diff] [blame]803 /*
804 * Read only phandles for now, it will be used to update buffers
805 * while parsing memory regions.
806 */
807 TRY(read_uint32(&ffa_node, "rx-buffer",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]808 &vm->partition.rxtx.rx_phandle));
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]809
Manish Pandeyfa1f2912020-05-05 12:57:01 +0100[diff] [blame]810 TRY(read_uint32(&ffa_node, "tx-buffer",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]811 &vm->partition.rxtx.tx_phandle));
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]812
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]813 vm->partition.rxtx.available = true;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]814 }
815
816 TRY(read_uint8(&root, "messaging-method",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]817 (uint8_t *)&vm->partition.messaging_method));
818 dlog_verbose(" Messaging method %u\n", vm->partition.messaging_method);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]819
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]820 TRY(read_bool(&root, "managed-exit", &vm->partition.managed_exit));
J-Alvesa4730db2021-11-02 10:31:01 +0000[diff] [blame]821 if (vm->partition.managed_exit) {
822 dlog_verbose(" Managed Exit Supported\n");
823 }
824
825 TRY(read_bool(&root, "notification-support",
826 &vm->partition.notification_support));
827 if (vm->partition.notification_support) {
828 dlog_verbose(" Notifications Receipt Supported\n");
829 }
Maksims Svecovs9ddf86a2021-05-06 17:17:21 +0100[diff] [blame]830
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]831 /* Parse boot info node. */
832 if (boot_info_node != NULL) {
833 ffa_node = root;
834 vm->partition.boot_info =
835 fdt_find_child(&ffa_node, &boot_info_node_name);
836 if (vm->partition.boot_info) {
837 *boot_info_node = ffa_node;
838 }
839 } else {
840 vm->partition.boot_info = false;
841 }
842
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]843 /* Parse memory-regions */
844 ffa_node = root;
845 if (fdt_find_child(&ffa_node, &mem_region_node_name)) {
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]846 TRY(parse_ffa_memory_region_node(
847 &ffa_node, vm->partition.mem_regions,
848 &vm->partition.mem_region_count, &vm->partition.rxtx));
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]849 }
Manish Pandey2145c212020-05-01 16:04:22 +0100[diff] [blame]850 dlog_verbose(" Total %u memory regions found\n",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]851 vm->partition.mem_region_count);
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]852
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]853 /* Parse Device-regions */
854 ffa_node = root;
855 if (fdt_find_child(&ffa_node, &dev_region_node_name)) {
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]856 TRY(parse_ffa_device_region_node(
857 &ffa_node, vm->partition.dev_regions,
858 &vm->partition.dev_region_count));
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]859 }
Manish Pandey2145c212020-05-01 16:04:22 +0100[diff] [blame]860 dlog_verbose(" Total %u device regions found\n",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]861 vm->partition.dev_region_count);
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]862
J-Alves4eb7b542022-03-02 15:21:52 +0000[diff] [blame]863 return sanity_check_ffa_manifest(vm);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]864}
865
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]866static enum manifest_return_code parse_ffa_partition_package(
867 struct mm_stage1_locked stage1_locked, struct fdt_node *node,
868 struct manifest_vm *vm, ffa_vm_id_t vm_id, struct mpool *ppool)
869{
870 enum manifest_return_code ret = MANIFEST_ERROR_NOT_COMPATIBLE;
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]871 uintpaddr_t load_address;
872 struct sp_pkg_header header;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]873 struct fdt sp_fdt;
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]874 vaddr_t pkg_start;
875 vaddr_t manifest_address;
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]876 struct fdt_node boot_info_node;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]877
878 /*
879 * This must have been hinted as being an FF-A partition,
880 * return straight with failure if this is not the case.
881 */
882 if (!vm->is_ffa_partition) {
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]883 return ret;
884 }
885
886 TRY(read_uint64(node, "load_address", &load_address));
887 if (!is_aligned(load_address, PAGE_SIZE)) {
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]888 return MANIFEST_ERROR_NOT_COMPATIBLE;
889 }
890
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]891 assert(load_address != 0U);
892
893 if (!sp_pkg_init(stage1_locked, pa_init(load_address), &header,
894 ppool)) {
895 return ret;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]896 }
897
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]898 pkg_start = va_init(load_address);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]899
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]900 if (vm_id != HF_PRIMARY_VM_ID &&
901 sp_pkg_get_mem_size(&header) >= vm->secondary.mem_size) {
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]902 dlog_error("Invalid package header or DT size.\n");
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]903 goto out;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]904 }
905
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]906 manifest_address = va_add(va_init(load_address), header.pm_offset);
907 if (!fdt_init_from_ptr(&sp_fdt, ptr_from_va(manifest_address),
908 header.pm_size)) {
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]909 dlog_error("FDT failed validation.\n");
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]910 goto out;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]911 }
912
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]913 ret = parse_ffa_manifest(&sp_fdt, vm, &boot_info_node);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]914 if (ret != MANIFEST_SUCCESS) {
J-Alves4eb7b542022-03-02 15:21:52 +0000[diff] [blame]915 dlog_error("Error parsing partition manifest: %s.\n",
916 manifest_strerror(ret));
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]917 goto out;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]918 }
919
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]920 if (vm->partition.load_addr != load_address) {
J-Alvesa26ea212021-03-22 14:33:47 +0000[diff] [blame]921 dlog_warning(
922 "Partition's load address at its manifest differs"
923 " from specified in partition's package.\n");
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]924 vm->partition.load_addr = load_address;
J-Alvesa26ea212021-03-22 14:33:47 +0000[diff] [blame]925 }
926
J-Alves889a1d72022-05-13 11:38:27 +0100[diff] [blame]927 if (vm->partition.gp_register_num != DEFAULT_BOOT_GP_REGISTER) {
928 if (header.version == SP_PKG_HEADER_VERSION_2 &&
929 vm->partition.boot_info &&
930 !ffa_boot_info_node(&boot_info_node, pkg_start, &header)) {
931 dlog_error("Failed to process boot information.\n");
932 }
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]933 }
934
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]935out:
936 sp_pkg_deinit(stage1_locked, pkg_start, &header, ppool);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]937 return ret;
938}
939
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]940/**
941 * Parse manifest from FDT.
942 */
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]943enum manifest_return_code manifest_init(struct mm_stage1_locked stage1_locked,
944 struct manifest *manifest,
945 struct memiter *manifest_fdt,
946 struct mpool *ppool)
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]947{
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]948 struct string vm_name;
949 struct fdt fdt;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]950 struct fdt_node hyp_node;
951 size_t i = 0;
952 bool found_primary_vm = false;
953
954 memset_s(manifest, sizeof(*manifest), 0, sizeof(*manifest));
955
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame^]956 /* Allocate space in the ppool for tracking the allocated fields. */
957 if (!manifest_allocated_fields_init(ppool)) {
958 panic("Unable to allocated space for allocated fields "
959 "struct.\n");
960 }
961
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]962 if (!fdt_init_from_memiter(&fdt, manifest_fdt)) {
963 return MANIFEST_ERROR_FILE_SIZE; /* TODO */
David Brazdila2358d42020-01-27 18:51:38 +0000[diff] [blame]964 }
965
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]966 /* Find hypervisor node. */
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]967 if (!fdt_find_node(&fdt, "/hypervisor", &hyp_node)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]968 return MANIFEST_ERROR_NO_HYPERVISOR_FDT_NODE;
969 }
970
David Brazdil74e9c3b2019-08-28 11:09:08 +0100[diff] [blame]971 /* Check "compatible" property. */
David Brazdilf4925382020-03-25 13:33:51 +0000[diff] [blame]972 if (!fdt_is_compatible(&hyp_node, "hafnium,hafnium")) {
David Brazdil74e9c3b2019-08-28 11:09:08 +0100[diff] [blame]973 return MANIFEST_ERROR_NOT_COMPATIBLE;
974 }
975
Olivier Deprez622ab8d2021-08-02 12:15:45 +0200[diff] [blame]976 TRY(read_bool(&hyp_node, "ffa_tee_enabled",
977 &manifest->ffa_tee_enabled));
Andrew Walbran41a49d82020-01-10 17:46:38 +0000[diff] [blame]978
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]979 /* Iterate over reserved VM IDs and check no such nodes exist. */
Olivier Deprez2a8ee342020-08-03 15:10:44 +0200[diff] [blame]980 for (i = HF_VM_ID_BASE; i < HF_VM_ID_OFFSET; i++) {
981 ffa_vm_id_t vm_id = (ffa_vm_id_t)i - HF_VM_ID_BASE;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]982 struct fdt_node vm_node = hyp_node;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]983
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]984 generate_vm_node_name(&vm_name, vm_id);
985 if (fdt_find_child(&vm_node, &vm_name)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]986 return MANIFEST_ERROR_RESERVED_VM_ID;
987 }
988 }
989
990 /* Iterate over VM nodes until we find one that does not exist. */
991 for (i = 0; i <= MAX_VMS; ++i) {
Andrew Walbranb5ab43c2020-04-30 11:32:54 +0100[diff] [blame]992 ffa_vm_id_t vm_id = HF_VM_ID_OFFSET + i;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]993 struct fdt_node vm_node = hyp_node;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]994
Olivier Deprez2a8ee342020-08-03 15:10:44 +0200[diff] [blame]995 generate_vm_node_name(&vm_name, vm_id - HF_VM_ID_BASE);
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]996 if (!fdt_find_child(&vm_node, &vm_name)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]997 break;
998 }
999
1000 if (i == MAX_VMS) {
1001 return MANIFEST_ERROR_TOO_MANY_VMS;
1002 }
1003
1004 if (vm_id == HF_PRIMARY_VM_ID) {
1005 CHECK(found_primary_vm == false); /* sanity check */
1006 found_primary_vm = true;
1007 }
1008
David Brazdil0251b942019-09-10 15:59:50 +0100[diff] [blame]1009 manifest->vm_count = i + 1;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1010
1011 TRY(parse_vm_common(&vm_node, &manifest->vm[i], vm_id));
1012
Raghu Krishnamurthyb49549e2021-07-02 08:27:38 -0700[diff] [blame]1013 CHECK(!manifest->vm[i].is_hyp_loaded ||
1014 manifest->vm[i].is_ffa_partition);
1015
1016 if (manifest->vm[i].is_ffa_partition &&
1017 !manifest->vm[i].is_hyp_loaded) {
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1018 TRY(parse_ffa_partition_package(stage1_locked, &vm_node,
1019 &manifest->vm[i], vm_id,
1020 ppool));
1021 } else {
1022 TRY(parse_vm(&vm_node, &manifest->vm[i], vm_id));
1023 }
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1024 }
1025
Olivier Deprezfb05f3c2020-11-10 17:48:04 +0100[diff] [blame]1026 if (!found_primary_vm && vm_id_is_current_world(HF_PRIMARY_VM_ID)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1027 return MANIFEST_ERROR_NO_PRIMARY_VM;
1028 }
1029
1030 return MANIFEST_SUCCESS;
1031}
1032
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame^]1033/* Free resources used when parsing the manifest. */
1034void manifest_deinit(struct mpool *ppool)
1035{
1036 manifest_allocated_fields_deinit(ppool);
1037}
1038
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1039const char *manifest_strerror(enum manifest_return_code ret_code)
1040{
1041 switch (ret_code) {
1042 case MANIFEST_SUCCESS:
1043 return "Success";
David Brazdila2358d42020-01-27 18:51:38 +0000[diff] [blame]1044 case MANIFEST_ERROR_FILE_SIZE:
1045 return "Total size in header does not match file size";
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1046 case MANIFEST_ERROR_MALFORMED_DTB:
1047 return "Malformed device tree blob";
David Brazdila2358d42020-01-27 18:51:38 +0000[diff] [blame]1048 case MANIFEST_ERROR_NO_ROOT_NODE:
1049 return "Could not find root node in manifest";
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1050 case MANIFEST_ERROR_NO_HYPERVISOR_FDT_NODE:
1051 return "Could not find \"hypervisor\" node in manifest";
David Brazdil74e9c3b2019-08-28 11:09:08 +0100[diff] [blame]1052 case MANIFEST_ERROR_NOT_COMPATIBLE:
1053 return "Hypervisor manifest entry not compatible with Hafnium";
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1054 case MANIFEST_ERROR_RESERVED_VM_ID:
1055 return "Manifest defines a VM with a reserved ID";
1056 case MANIFEST_ERROR_NO_PRIMARY_VM:
1057 return "Manifest does not contain a primary VM entry";
1058 case MANIFEST_ERROR_TOO_MANY_VMS:
1059 return "Manifest specifies more VMs than Hafnium has "
1060 "statically allocated space for";
1061 case MANIFEST_ERROR_PROPERTY_NOT_FOUND:
1062 return "Property not found";
1063 case MANIFEST_ERROR_MALFORMED_STRING:
1064 return "Malformed string property";
David Brazdil0dbb41f2019-09-09 18:03:35 +0100[diff] [blame]1065 case MANIFEST_ERROR_STRING_TOO_LONG:
1066 return "String too long";
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1067 case MANIFEST_ERROR_MALFORMED_INTEGER:
1068 return "Malformed integer property";
1069 case MANIFEST_ERROR_INTEGER_OVERFLOW:
1070 return "Integer overflow";
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]1071 case MANIFEST_ERROR_MALFORMED_INTEGER_LIST:
1072 return "Malformed integer list property";
Andrew Scullb2c3a242019-11-04 13:52:36 +0000[diff] [blame]1073 case MANIFEST_ERROR_MALFORMED_BOOLEAN:
1074 return "Malformed boolean property";
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]1075 case MANIFEST_ERROR_MEMORY_REGION_NODE_EMPTY:
1076 return "Memory-region node should have at least one entry";
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]1077 case MANIFEST_ERROR_DEVICE_REGION_NODE_EMPTY:
1078 return "Device-region node should have at least one entry";
Manish Pandeyf06c9072020-09-29 15:41:58 +0100[diff] [blame]1079 case MANIFEST_ERROR_RXTX_SIZE_MISMATCH:
1080 return "RX and TX buffers should be of same size";
Raghu Krishnamurthy384693c2021-10-11 13:56:24 -0700[diff] [blame]1081 case MANIFEST_ERROR_INVALID_MEM_PERM:
1082 return "Memory permission should be RO, RW or RX";
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]1083 case MANIFEST_ERROR_ARGUMENTS_LIST_EMPTY:
1084 return "Arguments-list node should have at least one argument";
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame^]1085 case MANIFEST_ERROR_INTERRUPT_ID_REPEATED:
1086 return "Interrupt ID already assigned to another endpoint";
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1087 }
1088
1089 panic("Unexpected manifest return code.");
1090}