TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / hafnium / hafnium.git / f6d4940c4691940088873480a76f767045b77fc7 / . / src / manifest.c
blob: 9de465d155b95c446366fa7846c6e009a564565a [file] [log] [blame]
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1/*
2 * Copyright 2019 The Hafnium Authors.
3 *
Andrew Walbrane959ec12020-06-17 15:01:09 +0100[diff] [blame]4 * Use of this source code is governed by a BSD-style
5 * license that can be found in the LICENSE file or at
6 * https://opensource.org/licenses/BSD-3-Clause.
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]7 */
8
9#include "hf/manifest.h"
10
J-Alvesd8a1d362023-03-08 11:15:28 +0000[diff] [blame]11#include <stddef.h>
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]12#include <stdint.h>
J-Alvesd8a1d362023-03-08 11:15:28 +0000[diff] [blame]13
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]14#include "hf/arch/types.h"
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]15#include "hf/arch/vmid_base.h"
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]16
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]17#include "hf/addr.h"
Daniel Boulbya2f8c662021-11-26 17:52:53 +0000[diff] [blame]18#include "hf/assert.h"
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]19#include "hf/boot_info.h"
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]20#include "hf/boot_params.h"
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]21#include "hf/check.h"
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]22#include "hf/dlog.h"
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]23#include "hf/fdt.h"
24#include "hf/mm.h"
25#include "hf/mpool.h"
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]26#include "hf/sp_pkg.h"
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]27#include "hf/static_assert.h"
28#include "hf/std.h"
29
30#define TRY(expr) \
31 do { \
32 enum manifest_return_code ret_code = (expr); \
33 if (ret_code != MANIFEST_SUCCESS) { \
34 return ret_code; \
35 } \
36 } while (0)
37
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]38#define VM_ID_MAX (HF_VM_ID_OFFSET + MAX_VMS - 1)
39#define VM_ID_MAX_DIGITS (5)
40#define VM_NAME_EXTRA_CHARS (3) /* "vm" + number + '\0' */
41#define VM_NAME_MAX_SIZE (VM_ID_MAX_DIGITS + VM_NAME_EXTRA_CHARS)
42static_assert(VM_NAME_MAX_SIZE <= STRING_MAX_SIZE,
43 "VM name does not fit into a struct string.");
44static_assert(VM_ID_MAX <= 99999, "Insufficient VM_NAME_BUF_SIZE");
Olivier Deprez2a8ee342020-08-03 15:10:44 +0200[diff] [blame]45static_assert((HF_OTHER_WORLD_ID > VM_ID_MAX) ||
46 (HF_OTHER_WORLD_ID < HF_VM_ID_BASE),
Andrew Walbran9daa57e2019-09-27 13:33:20 +0100[diff] [blame]47 "TrustZone VM ID clashes with normal VM range.");
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]48
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]49/**
J-Alves596049f2023-03-15 11:40:24 +0000[diff] [blame]50 * A struct to keep track of the partitions properties during early boot
51 * manifest parsing:
52 * - Interrupts ID.
53 * - Physical memory ranges.
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]54 */
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]55struct manifest_data {
56 struct manifest manifest;
Daniel Boulby4ca50f02022-07-29 18:29:34 +0100[diff] [blame]57 struct interrupt_bitmap intids;
J-Alves596049f2023-03-15 11:40:24 +0000[diff] [blame]58 /*
59 * Allocate enough for the maximum amount of memory regions defined via
60 * the partitions manifest, and regions for each partition
61 * address-space.
62 */
63 struct mem_range
64 mem_regions[PARTITION_MAX_MEMORY_REGIONS * MAX_VMS + MAX_VMS];
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]65};
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]66
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]67/**
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]68 * Calculate the number of entries in the ppool that are required to
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]69 * store the manifest_data struct.
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]70 */
J-Alves596049f2023-03-15 11:40:24 +0000[diff] [blame]71static const size_t manifest_data_ppool_entries =
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]72 (align_up(sizeof(struct manifest_data), MM_PPOOL_ENTRY_SIZE) /
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]73 MM_PPOOL_ENTRY_SIZE);
74
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]75static struct manifest_data *manifest_data;
76/* Index used to track the number of memory regions allocated. */
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]77static size_t allocated_mem_regions_index = 0;
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]78
79/**
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]80 * Allocates and clear memory for the manifest data in the given memory pool.
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]81 * Returns true if the memory is successfully allocated.
82 */
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]83static bool manifest_data_init(struct mpool *ppool)
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]84{
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]85 manifest_data = (struct manifest_data *)mpool_alloc_contiguous(
86 ppool, manifest_data_ppool_entries, 1);
87 memset_s(manifest_data, sizeof(struct manifest_data), 0,
88 sizeof(struct manifest_data));
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]89
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]90 return manifest_data != NULL;
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]91}
92
93/**
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]94 * Frees the memory used for the manifest data in the given memory pool.
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]95 */
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]96static void manifest_data_deinit(struct mpool *ppool)
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]97{
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]98 /**
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]99 * Clear and return the memory used for the manifest_data struct to the
100 * memory pool.
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]101 */
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]102 memset_s(manifest_data, sizeof(struct manifest_data), 0,
103 sizeof(struct manifest_data));
104 mpool_add_chunk(ppool, manifest_data, manifest_data_ppool_entries);
105
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]106 /**
107 * Reset the index used for tracking the number of memory regions
108 * allocated.
109 */
110 allocated_mem_regions_index = 0;
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]111}
112
Andrew Walbranb5ab43c2020-04-30 11:32:54 +0100[diff] [blame]113static inline size_t count_digits(ffa_vm_id_t vm_id)
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]114{
115 size_t digits = 0;
116
117 do {
118 digits++;
119 vm_id /= 10;
120 } while (vm_id);
121 return digits;
122}
123
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]124/**
125 * Generates a string with the two letters "vm" followed by an integer.
126 * Assumes `buf` is of size VM_NAME_BUF_SIZE.
127 */
Andrew Walbranb5ab43c2020-04-30 11:32:54 +0100[diff] [blame]128static void generate_vm_node_name(struct string *str, ffa_vm_id_t vm_id)
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]129{
130 static const char *digits = "0123456789";
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]131 size_t vm_id_digits = count_digits(vm_id);
132 char *base = str->data;
133 char *ptr = base + (VM_NAME_EXTRA_CHARS + vm_id_digits);
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]134
Daniel Boulbya2f8c662021-11-26 17:52:53 +0000[diff] [blame]135 assert(vm_id_digits <= VM_ID_MAX_DIGITS);
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]136 *(--ptr) = '\0';
137 do {
138 *(--ptr) = digits[vm_id % 10];
139 vm_id /= 10;
140 } while (vm_id);
141 *(--ptr) = 'm';
142 *(--ptr) = 'v';
Daniel Boulbya2f8c662021-11-26 17:52:53 +0000[diff] [blame]143 assert(ptr == base);
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]144}
145
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]146/**
Andrew Scullb2c3a242019-11-04 13:52:36 +0000[diff] [blame]147 * Read a boolean property: true if present; false if not. If present, the value
148 * of the property must be empty else it is considered malformed.
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]149 */
Andrew Scullb2c3a242019-11-04 13:52:36 +0000[diff] [blame]150static enum manifest_return_code read_bool(const struct fdt_node *node,
151 const char *property, bool *out)
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]152{
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]153 struct memiter data;
154 bool present = fdt_read_property(node, property, &data);
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]155
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]156 if (present && memiter_size(&data) != 0) {
Andrew Scullb2c3a242019-11-04 13:52:36 +0000[diff] [blame]157 return MANIFEST_ERROR_MALFORMED_BOOLEAN;
158 }
159
160 *out = present;
161 return MANIFEST_SUCCESS;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]162}
163
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]164static enum manifest_return_code read_string(const struct fdt_node *node,
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]165 const char *property,
166 struct string *out)
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]167{
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]168 struct memiter data;
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]169
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]170 if (!fdt_read_property(node, property, &data)) {
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]171 return MANIFEST_ERROR_PROPERTY_NOT_FOUND;
172 }
173
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]174 switch (string_init(out, &data)) {
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]175 case STRING_SUCCESS:
176 return MANIFEST_SUCCESS;
177 case STRING_ERROR_INVALID_INPUT:
178 return MANIFEST_ERROR_MALFORMED_STRING;
179 case STRING_ERROR_TOO_LONG:
180 return MANIFEST_ERROR_STRING_TOO_LONG;
181 }
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]182}
183
184static enum manifest_return_code read_optional_string(
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]185 const struct fdt_node *node, const char *property, struct string *out)
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]186{
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]187 enum manifest_return_code ret;
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]188
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]189 ret = read_string(node, property, out);
190 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
191 string_init_empty(out);
192 ret = MANIFEST_SUCCESS;
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]193 }
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]194 return ret;
Andrew Scull72b43c02019-09-18 13:53:45 +0100[diff] [blame]195}
196
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]197static enum manifest_return_code read_uint64(const struct fdt_node *node,
198 const char *property,
199 uint64_t *out)
200{
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]201 struct memiter data;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]202
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]203 if (!fdt_read_property(node, property, &data)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]204 return MANIFEST_ERROR_PROPERTY_NOT_FOUND;
205 }
206
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]207 if (!fdt_parse_number(&data, memiter_size(&data), out)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]208 return MANIFEST_ERROR_MALFORMED_INTEGER;
209 }
210
211 return MANIFEST_SUCCESS;
212}
213
David Brazdil080ee312020-02-25 15:30:30 -0800[diff] [blame]214static enum manifest_return_code read_optional_uint64(
215 const struct fdt_node *node, const char *property,
216 uint64_t default_value, uint64_t *out)
217{
218 enum manifest_return_code ret;
219
220 ret = read_uint64(node, property, out);
221 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
222 *out = default_value;
223 return MANIFEST_SUCCESS;
224 }
225 return ret;
226}
227
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]228static enum manifest_return_code read_uint32(const struct fdt_node *node,
229 const char *property,
230 uint32_t *out)
231{
232 uint64_t value;
233
234 TRY(read_uint64(node, property, &value));
235
236 if (value > UINT32_MAX) {
237 return MANIFEST_ERROR_INTEGER_OVERFLOW;
238 }
239
240 *out = (uint32_t)value;
241 return MANIFEST_SUCCESS;
242}
243
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]244static enum manifest_return_code read_optional_uint32(
245 const struct fdt_node *node, const char *property,
246 uint32_t default_value, uint32_t *out)
247{
248 enum manifest_return_code ret;
249
250 ret = read_uint32(node, property, out);
251 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
252 *out = default_value;
253 return MANIFEST_SUCCESS;
254 }
255 return ret;
256}
257
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]258static enum manifest_return_code read_uint16(const struct fdt_node *node,
259 const char *property,
260 uint16_t *out)
261{
262 uint64_t value;
263
264 TRY(read_uint64(node, property, &value));
265
266 if (value > UINT16_MAX) {
267 return MANIFEST_ERROR_INTEGER_OVERFLOW;
268 }
269
270 *out = (uint16_t)value;
271 return MANIFEST_SUCCESS;
272}
273
J-Alvesb37fd082020-10-22 12:29:21 +0100[diff] [blame]274static enum manifest_return_code read_optional_uint16(
275 const struct fdt_node *node, const char *property,
276 uint16_t default_value, uint16_t *out)
277{
278 enum manifest_return_code ret;
279
280 ret = read_uint16(node, property, out);
281 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
282 *out = default_value;
283 return MANIFEST_SUCCESS;
284 }
285
286 return MANIFEST_SUCCESS;
287}
288
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]289static enum manifest_return_code read_uint8(const struct fdt_node *node,
290 const char *property, uint8_t *out)
291{
292 uint64_t value;
293
294 TRY(read_uint64(node, property, &value));
295
296 if (value > UINT8_MAX) {
297 return MANIFEST_ERROR_INTEGER_OVERFLOW;
298 }
299
300 *out = (uint8_t)value;
301 return MANIFEST_SUCCESS;
302}
303
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]304static enum manifest_return_code read_optional_uint8(
305 const struct fdt_node *node, const char *property,
306 uint8_t default_value, uint8_t *out)
307{
308 enum manifest_return_code ret;
309
310 ret = read_uint8(node, property, out);
311 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
312 *out = default_value;
313 return MANIFEST_SUCCESS;
314 }
315
316 return MANIFEST_SUCCESS;
317}
318
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]319struct uint32list_iter {
320 struct memiter mem_it;
321};
322
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]323static enum manifest_return_code read_uint32list(const struct fdt_node *node,
324 const char *property,
325 struct uint32list_iter *out)
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]326{
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]327 struct memiter data;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]328
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]329 if (!fdt_read_property(node, property, &data)) {
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]330 memiter_init(&out->mem_it, NULL, 0);
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]331 return MANIFEST_ERROR_PROPERTY_NOT_FOUND;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]332 }
333
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]334 if ((memiter_size(&data) % sizeof(uint32_t)) != 0) {
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]335 return MANIFEST_ERROR_MALFORMED_INTEGER_LIST;
336 }
337
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]338 out->mem_it = data;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]339 return MANIFEST_SUCCESS;
340}
341
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]342static enum manifest_return_code read_optional_uint32list(
343 const struct fdt_node *node, const char *property,
344 struct uint32list_iter *out)
345{
346 enum manifest_return_code ret = read_uint32list(node, property, out);
347
348 if (ret == MANIFEST_ERROR_PROPERTY_NOT_FOUND) {
349 return MANIFEST_SUCCESS;
350 }
351 return ret;
352}
353
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]354static bool uint32list_has_next(const struct uint32list_iter *list)
355{
356 return memiter_size(&list->mem_it) > 0;
357}
358
David Brazdil5ea99462020-03-25 13:01:47 +0000[diff] [blame]359static enum manifest_return_code uint32list_get_next(
360 struct uint32list_iter *list, uint32_t *out)
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]361{
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]362 uint64_t num;
363
364 CHECK(uint32list_has_next(list));
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]365 if (!fdt_parse_number(&list->mem_it, sizeof(uint32_t), &num)) {
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]366 return MANIFEST_ERROR_MALFORMED_INTEGER;
367 }
368
David Brazdil5ea99462020-03-25 13:01:47 +0000[diff] [blame]369 *out = (uint32_t)num;
370 return MANIFEST_SUCCESS;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]371}
372
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]373static enum manifest_return_code parse_vm_common(const struct fdt_node *node,
374 struct manifest_vm *vm,
375 ffa_vm_id_t vm_id)
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]376{
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]377 struct uint32list_iter smcs;
David Brazdil5ea99462020-03-25 13:01:47 +0000[diff] [blame]378 size_t idx;
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]379
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]380 TRY(read_bool(node, "is_ffa_partition", &vm->is_ffa_partition));
381
Raghu Krishnamurthyb49549e2021-07-02 08:27:38 -0700[diff] [blame]382 TRY(read_bool(node, "hyp_loaded", &vm->is_hyp_loaded));
383
David Brazdil136f2942019-09-23 14:11:03 +0100[diff] [blame]384 TRY(read_string(node, "debug_name", &vm->debug_name));
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]385
386 TRY(read_optional_uint32list(node, "smc_whitelist", &smcs));
387 while (uint32list_has_next(&smcs) &&
388 vm->smc_whitelist.smc_count < MAX_SMCS) {
David Brazdil5ea99462020-03-25 13:01:47 +0000[diff] [blame]389 idx = vm->smc_whitelist.smc_count++;
390 TRY(uint32list_get_next(&smcs, &vm->smc_whitelist.smcs[idx]));
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]391 }
392
393 if (uint32list_has_next(&smcs)) {
Andrew Walbran17eebf92020-02-05 16:35:49 +0000[diff] [blame]394 dlog_warning("%s SMC whitelist too long.\n", vm->debug_name);
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]395 }
396
Andrew Scullb2c3a242019-11-04 13:52:36 +0000[diff] [blame]397 TRY(read_bool(node, "smc_whitelist_permissive",
398 &vm->smc_whitelist.permissive));
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]399
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]400 if (vm_id != HF_PRIMARY_VM_ID) {
401 TRY(read_uint64(node, "mem_size", &vm->secondary.mem_size));
402 TRY(read_uint16(node, "vcpu_count", &vm->secondary.vcpu_count));
Fuad Tabba50469e02020-06-30 15:14:28 +0100[diff] [blame]403 TRY(read_optional_string(node, "fdt_filename",
404 &vm->secondary.fdt_filename));
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]405 }
406
407 return MANIFEST_SUCCESS;
408}
409
410static enum manifest_return_code parse_vm(struct fdt_node *node,
411 struct manifest_vm *vm,
412 ffa_vm_id_t vm_id)
413{
414 TRY(read_optional_string(node, "kernel_filename",
415 &vm->kernel_filename));
416
David Brazdile6f83222019-09-23 14:47:37 +0100[diff] [blame]417 if (vm_id == HF_PRIMARY_VM_ID) {
418 TRY(read_optional_string(node, "ramdisk_filename",
419 &vm->primary.ramdisk_filename));
David Brazdil080ee312020-02-25 15:30:30 -0800[diff] [blame]420 TRY(read_optional_uint64(node, "boot_address",
421 MANIFEST_INVALID_ADDRESS,
422 &vm->primary.boot_address));
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]423 }
Raghu Krishnamurthy988a5e72021-02-27 21:46:06 -0800[diff] [blame]424 TRY(read_optional_uint8(node, "exception-level", (uint8_t)EL1,
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]425 (uint8_t *)&vm->partition.run_time_el));
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]426
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]427 return MANIFEST_SUCCESS;
428}
429
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]430static bool is_memory_region_within_ranges(uintptr_t base_address,
431 uint32_t page_count,
432 const struct mem_range *ranges,
433 const size_t ranges_size)
434{
435 uintptr_t region_end =
436 base_address + ((uintptr_t)page_count * PAGE_SIZE - 1);
437
438 for (size_t i = 0; i < ranges_size; i++) {
439 uintptr_t base = (uintptr_t)pa_addr(ranges[i].begin);
440 uintptr_t end = (uintptr_t)pa_addr(ranges[i].end);
441
442 if ((base_address >= base && base_address <= end) ||
443 (region_end >= base && region_end <= end)) {
444 return true;
445 }
446 }
447
448 return false;
449}
450
451void dump_memory_ranges(const struct mem_range *ranges,
452 const size_t ranges_size, bool ns)
453{
454 if (LOG_LEVEL < LOG_LEVEL_VERBOSE) {
455 return;
456 }
457
458 dlog("%s Memory ranges:\n", ns ? "NS" : "S");
459
460 for (size_t i = 0; i < ranges_size; i++) {
461 uintptr_t begin = pa_addr(ranges[i].begin);
462 uintptr_t end = pa_addr(ranges[i].end);
463 size_t page_count =
464 align_up(pa_difference(ranges[i].begin, ranges[i].end),
465 PAGE_SIZE) /
466 PAGE_SIZE;
467
468 dlog(" [%x - %x (%u pages)]\n", begin, end, page_count);
469 }
470}
471
472/**
473 * Check the partition's assigned memory is contained in the memory ranges
474 * configured for the SWd, in the SPMC's manifest.
475 */
476static enum manifest_return_code check_partition_memory_is_valid(
477 uintptr_t base_address, uint32_t page_count, uint32_t attributes,
478 const struct boot_params *params)
479{
480 bool is_secure_region =
481 (attributes & MANIFEST_REGION_ATTR_SECURITY) == 0U;
482 const struct mem_range *ranges_from_manifest =
483 is_secure_region ? params->mem_ranges : params->ns_mem_ranges;
484 size_t ranges_count = is_secure_region ? params->mem_ranges_count
485 : params->ns_mem_ranges_count;
486 bool within_ranges = is_memory_region_within_ranges(
487 base_address, page_count, ranges_from_manifest, ranges_count);
488
489 return within_ranges ? MANIFEST_SUCCESS
490 : MANIFEST_ERROR_MEM_REGION_INVALID;
491}
492
493/*
494 * Keep track of the memory allocated by partitions. This includes memory region
495 * nodes defined in their respective partition manifests, as well address space
496 * defined from their load address.
497 */
498static enum manifest_return_code check_and_record_memory_used(
Varun Wadekar4afbfd72022-10-13 14:30:18 +0100[diff] [blame]499 uintptr_t base_address, uint32_t page_count)
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]500{
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]501 bool overlap_of_regions;
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]502
Varun Wadekar4afbfd72022-10-13 14:30:18 +0100[diff] [blame]503 if (page_count == 0U) {
504 dlog_error(
Daniel Boulbyc1a613d2022-10-18 11:26:17 +0100[diff] [blame]505 "Empty memory region defined with base address: %#x.\n",
Varun Wadekar4afbfd72022-10-13 14:30:18 +0100[diff] [blame]506 base_address);
507 return MANIFEST_ERROR_MEM_REGION_EMPTY;
508 }
509
Daniel Boulbyc1a613d2022-10-18 11:26:17 +0100[diff] [blame]510 if (!is_aligned(base_address, PAGE_SIZE)) {
511 dlog_error("base_address (%#x) is not aligned to page size.\n",
512 base_address);
513 return MANIFEST_ERROR_MEM_REGION_UNALIGNED;
514 }
515
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]516 overlap_of_regions = is_memory_region_within_ranges(
517 base_address, page_count, manifest_data->mem_regions,
518 allocated_mem_regions_index);
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]519
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]520 if (!overlap_of_regions) {
521 paddr_t begin = pa_init(base_address);
522
523 manifest_data->mem_regions[allocated_mem_regions_index].begin =
524 begin;
525 manifest_data->mem_regions[allocated_mem_regions_index].end =
526 pa_add(begin, page_count * PAGE_SIZE - 1);
527 allocated_mem_regions_index++;
528
529 return MANIFEST_SUCCESS;
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]530 }
531
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]532 return MANIFEST_ERROR_MEM_REGION_OVERLAP;
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]533}
534
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]535static enum manifest_return_code parse_ffa_memory_region_node(
Karl Meakinf6d49402023-04-04 18:14:26 +0100[diff] [blame^]536 struct fdt_node *mem_node, uintptr_t load_address,
537 struct memory_region *mem_regions, uint16_t *count, struct rx_tx *rxtx,
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]538 const struct boot_params *boot_params)
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]539{
Manish Pandeyfa1f2912020-05-05 12:57:01 +0100[diff] [blame]540 uint32_t phandle;
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]541 uint16_t i = 0;
Karl Meakinf6d49402023-04-04 18:14:26 +0100[diff] [blame^]542 uintptr_t relative_address;
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]543
544 dlog_verbose(" Partition memory regions\n");
545
546 if (!fdt_is_compatible(mem_node, "arm,ffa-manifest-memory-regions")) {
547 return MANIFEST_ERROR_NOT_COMPATIBLE;
548 }
549
550 if (!fdt_first_child(mem_node)) {
551 return MANIFEST_ERROR_MEMORY_REGION_NODE_EMPTY;
552 }
553
554 do {
555 dlog_verbose(" Memory Region[%u]\n", i);
556
557 TRY(read_optional_string(mem_node, "description",
558 &mem_regions[i].name));
559 dlog_verbose(" Name: %s\n",
560 string_data(&mem_regions[i].name));
561
Karl Meakinf6d49402023-04-04 18:14:26 +0100[diff] [blame^]562 TRY(read_optional_uint64(mem_node, "base-address",
563 MANIFEST_INVALID_ADDRESS,
564 &mem_regions[i].base_address));
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]565 dlog_verbose(" Base address: %#x\n",
566 mem_regions[i].base_address);
567
Karl Meakinf6d49402023-04-04 18:14:26 +0100[diff] [blame^]568 TRY(read_optional_uint64(mem_node, "relative-address",
569 MANIFEST_INVALID_ADDRESS,
570 &relative_address));
571 dlog_verbose(" Relative address: %#x\n",
572 relative_address);
573
574 if (mem_regions[i].base_address == MANIFEST_INVALID_ADDRESS &&
575 relative_address == MANIFEST_INVALID_ADDRESS) {
576 return MANIFEST_ERROR_PROPERTY_NOT_FOUND;
577 }
578
579 if (mem_regions[i].base_address != MANIFEST_INVALID_ADDRESS &&
580 relative_address != MANIFEST_INVALID_ADDRESS) {
581 return MANIFEST_ERROR_BASE_ADDRESS_AND_RELATIVE_ADDRESS;
582 }
583
584 if (relative_address != MANIFEST_INVALID_ADDRESS &&
585 relative_address > UINT64_MAX - load_address) {
586 return MANIFEST_ERROR_INTEGER_OVERFLOW;
587 }
588
589 if (relative_address != MANIFEST_INVALID_ADDRESS) {
590 mem_regions[i].base_address =
591 load_address + relative_address;
592 }
593
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]594 TRY(read_uint32(mem_node, "pages-count",
595 &mem_regions[i].page_count));
596 dlog_verbose(" Pages_count: %u\n",
597 mem_regions[i].page_count);
598
599 TRY(read_uint32(mem_node, "attributes",
600 &mem_regions[i].attributes));
Raghu Krishnamurthy384693c2021-10-11 13:56:24 -0700[diff] [blame]601
Olivier Deprez035fa152022-03-14 11:19:10 +0100[diff] [blame]602 /*
603 * Check RWX permission attributes.
604 * Security attribute is checked at load phase.
605 */
606 uint32_t permissions = mem_regions[i].attributes &
607 (MANIFEST_REGION_ATTR_READ |
608 MANIFEST_REGION_ATTR_WRITE |
609 MANIFEST_REGION_ATTR_EXEC);
610 if (permissions != MANIFEST_REGION_ATTR_READ &&
611 permissions != (MANIFEST_REGION_ATTR_READ |
612 MANIFEST_REGION_ATTR_WRITE) &&
613 permissions != (MANIFEST_REGION_ATTR_READ |
614 MANIFEST_REGION_ATTR_EXEC)) {
Raghu Krishnamurthy384693c2021-10-11 13:56:24 -0700[diff] [blame]615 return MANIFEST_ERROR_INVALID_MEM_PERM;
616 }
617
Olivier Deprez035fa152022-03-14 11:19:10 +0100[diff] [blame]618 /* Filter memory region attributes. */
619 mem_regions[i].attributes &= MANIFEST_REGION_ALL_ATTR_MASK;
620
621 dlog_verbose(" Attributes: %#x\n",
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]622 mem_regions[i].attributes);
Manish Pandeyfa1f2912020-05-05 12:57:01 +0100[diff] [blame]623
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]624 TRY(check_partition_memory_is_valid(
625 mem_regions[i].base_address, mem_regions[i].page_count,
626 mem_regions[i].attributes, boot_params));
627
628 TRY(check_and_record_memory_used(mem_regions[i].base_address,
629 mem_regions[i].page_count));
630
Manish Pandeya70a4192020-10-07 22:05:04 +0100[diff] [blame]631 if (rxtx->available) {
632 TRY(read_optional_uint32(
633 mem_node, "phandle",
634 (uint32_t)MANIFEST_INVALID_ADDRESS, &phandle));
635 if (phandle == rxtx->rx_phandle) {
636 dlog_verbose(" Assigned as RX buffer\n");
637 rxtx->rx_buffer = &mem_regions[i];
638 } else if (phandle == rxtx->tx_phandle) {
639 dlog_verbose(" Assigned as TX buffer\n");
640 rxtx->tx_buffer = &mem_regions[i];
641 }
Manish Pandeyfa1f2912020-05-05 12:57:01 +0100[diff] [blame]642 }
643
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]644 i++;
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]645 } while (fdt_next_sibling(mem_node) &&
646 (i < PARTITION_MAX_MEMORY_REGIONS));
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]647
Manish Pandeya70a4192020-10-07 22:05:04 +0100[diff] [blame]648 if (rxtx->available &&
649 (rxtx->rx_buffer->page_count != rxtx->tx_buffer->page_count)) {
Manish Pandeyf06c9072020-09-29 15:41:58 +0100[diff] [blame]650 return MANIFEST_ERROR_RXTX_SIZE_MISMATCH;
651 }
652
Manish Pandey2145c212020-05-01 16:04:22 +0100[diff] [blame]653 *count = i;
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]654
655 return MANIFEST_SUCCESS;
656}
657
Raghu Krishnamurthy98da1ca2022-10-04 08:59:01 -0700[diff] [blame]658static struct interrupt_info *device_region_get_interrupt_info(
659 struct device_region *dev_regions, uint32_t intid)
660{
661 for (uint32_t i = 0; i < ARRAY_SIZE(dev_regions->interrupts); i++) {
662 if (dev_regions->interrupts[i].id == intid) {
663 return &(dev_regions->interrupts[i]);
664 }
665 }
666 return NULL;
667}
668
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]669static enum manifest_return_code parse_ffa_device_region_node(
Manish Pandey2145c212020-05-01 16:04:22 +0100[diff] [blame]670 struct fdt_node *dev_node, struct device_region *dev_regions,
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]671 uint16_t *count)
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]672{
673 struct uint32list_iter list;
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]674 uint16_t i = 0;
Madhukar Pappireddy5fc8be12021-08-03 11:42:53 -0500[diff] [blame]675 uint32_t j = 0;
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]676 struct interrupt_bitmap allocated_intids = manifest_data->intids;
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]677
678 dlog_verbose(" Partition Device Regions\n");
679
680 if (!fdt_is_compatible(dev_node, "arm,ffa-manifest-device-regions")) {
681 return MANIFEST_ERROR_NOT_COMPATIBLE;
682 }
683
684 if (!fdt_first_child(dev_node)) {
685 return MANIFEST_ERROR_DEVICE_REGION_NODE_EMPTY;
686 }
687
688 do {
689 dlog_verbose(" Device Region[%u]\n", i);
690
691 TRY(read_optional_string(dev_node, "description",
692 &dev_regions[i].name));
693 dlog_verbose(" Name: %s\n",
694 string_data(&dev_regions[i].name));
695
696 TRY(read_uint64(dev_node, "base-address",
697 &dev_regions[i].base_address));
698 dlog_verbose(" Base address: %#x\n",
699 dev_regions[i].base_address);
700
701 TRY(read_uint32(dev_node, "pages-count",
702 &dev_regions[i].page_count));
703 dlog_verbose(" Pages_count: %u\n",
704 dev_regions[i].page_count);
705
706 TRY(read_uint32(dev_node, "attributes",
707 &dev_regions[i].attributes));
Raghu Krishnamurthy384693c2021-10-11 13:56:24 -0700[diff] [blame]708
Olivier Deprez035fa152022-03-14 11:19:10 +0100[diff] [blame]709 /*
710 * Check RWX permission attributes.
711 * Security attribute is checked at load phase.
712 */
713 uint32_t permissions = dev_regions[i].attributes &
714 (MANIFEST_REGION_ATTR_READ |
715 MANIFEST_REGION_ATTR_WRITE |
716 MANIFEST_REGION_ATTR_EXEC);
717
718 if (permissions != MANIFEST_REGION_ATTR_READ &&
719 permissions != (MANIFEST_REGION_ATTR_READ |
720 MANIFEST_REGION_ATTR_WRITE)) {
Raghu Krishnamurthy384693c2021-10-11 13:56:24 -0700[diff] [blame]721 return MANIFEST_ERROR_INVALID_MEM_PERM;
722 }
723
Olivier Deprez035fa152022-03-14 11:19:10 +0100[diff] [blame]724 /* Filer device region attributes. */
725 dev_regions[i].attributes = dev_regions[i].attributes &
726 MANIFEST_REGION_ALL_ATTR_MASK;
727
728 dlog_verbose(" Attributes: %#x\n",
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]729 dev_regions[i].attributes);
730
731 TRY(read_optional_uint32list(dev_node, "interrupts", &list));
732 dlog_verbose(" Interrupt List:\n");
733 j = 0;
734 while (uint32list_has_next(&list) &&
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]735 j < PARTITION_MAX_INTERRUPTS_PER_DEVICE) {
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]736 uint32_t intid;
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]737
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]738 TRY(uint32list_get_next(
739 &list, &dev_regions[i].interrupts[j].id));
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]740 intid = dev_regions[i].interrupts[j].id;
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]741
742 dlog_verbose(" ID = %u\n", intid);
743
Daniel Boulby4ca50f02022-07-29 18:29:34 +0100[diff] [blame]744 if (interrupt_bitmap_get_value(&allocated_intids,
745 intid) == 1U) {
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]746 return MANIFEST_ERROR_INTERRUPT_ID_REPEATED;
747 }
748
Daniel Boulby4ca50f02022-07-29 18:29:34 +0100[diff] [blame]749 interrupt_bitmap_set_value(&allocated_intids, intid);
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]750
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]751 if (uint32list_has_next(&list)) {
752 TRY(uint32list_get_next(&list,
753 &dev_regions[i]
754 .interrupts[j]
755 .attributes));
756 } else {
757 return MANIFEST_ERROR_MALFORMED_INTEGER_LIST;
758 }
759
Raghu Krishnamurthy98da1ca2022-10-04 08:59:01 -0700[diff] [blame]760 dev_regions[i].interrupts[j].mpidr_valid = false;
761 dev_regions[i].interrupts[j].mpidr = 0;
762
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]763 dlog_verbose(" attributes = %u\n",
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]764 dev_regions[i].interrupts[j].attributes);
765 j++;
766 }
Madhukar Pappireddy5fc8be12021-08-03 11:42:53 -0500[diff] [blame]767
768 dev_regions[i].interrupt_count = j;
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]769 if (j == 0) {
770 dlog_verbose(" Empty\n");
Raghu Krishnamurthy98da1ca2022-10-04 08:59:01 -0700[diff] [blame]771 } else {
772 TRY(read_optional_uint32list(
773 dev_node, "interrupts-target", &list));
774 dlog_verbose(" Interrupt Target List:\n");
775
776 while (uint32list_has_next(&list)) {
777 uint32_t intid;
778 uint64_t mpidr = 0;
779 uint32_t mpidr_lower = 0;
780 uint32_t mpidr_upper = 0;
781 struct interrupt_info *info = NULL;
782
783 TRY(uint32list_get_next(&list, &intid));
784
785 dlog_verbose(" ID = %u\n", intid);
786
787 if (interrupt_bitmap_get_value(
788 &allocated_intids, intid) != 1U) {
789 return MANIFEST_ERROR_INTERRUPT_ID_NOT_IN_LIST;
790 }
791
792 TRY(uint32list_get_next(&list, &mpidr_upper));
793 TRY(uint32list_get_next(&list, &mpidr_lower));
794 mpidr = mpidr_upper;
795 mpidr <<= 32;
796 mpidr |= mpidr_lower;
797
798 info = device_region_get_interrupt_info(
799 &dev_regions[i], intid);
800 /*
801 * We should find info since
802 * interrupt_bitmap_get_value already ensures
803 * that we saw the interrupt and allocated ids
804 * for it.
805 */
806 assert(info != NULL);
807 info->mpidr = mpidr;
808 info->mpidr_valid = true;
809 dlog_verbose(" MPIDR = %#x\n", mpidr);
810 }
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]811 }
812
813 TRY(read_optional_uint32(dev_node, "smmu-id",
Madhukar Pappireddy54680c72020-10-23 15:02:38 -0500[diff] [blame]814 MANIFEST_INVALID_ID,
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]815 &dev_regions[i].smmu_id));
Olivier Deprez86d87ae2021-08-19 14:27:46 +0200[diff] [blame]816 if (dev_regions[i].smmu_id != MANIFEST_INVALID_ID) {
817 dlog_verbose(" smmu-id: %u\n",
818 dev_regions[i].smmu_id);
819 }
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]820
821 TRY(read_optional_uint32list(dev_node, "stream-ids", &list));
822 dlog_verbose(" Stream IDs assigned:\n");
823
824 j = 0;
825 while (uint32list_has_next(&list) &&
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]826 j < PARTITION_MAX_STREAMS_PER_DEVICE) {
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]827 TRY(uint32list_get_next(&list,
828 &dev_regions[i].stream_ids[j]));
829 dlog_verbose(" %u\n",
830 dev_regions[i].stream_ids[j]);
831 j++;
832 }
833 if (j == 0) {
834 dlog_verbose(" None\n");
835 }
Madhukar Pappireddy54680c72020-10-23 15:02:38 -0500[diff] [blame]836 dev_regions[i].stream_count = j;
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]837
838 TRY(read_bool(dev_node, "exclusive-access",
839 &dev_regions[i].exclusive_access));
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]840 dlog_verbose(" Exclusive_access: %u\n",
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]841 dev_regions[i].exclusive_access);
842
843 i++;
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]844 } while (fdt_next_sibling(dev_node) &&
845 (i < PARTITION_MAX_DEVICE_REGIONS));
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]846
Manish Pandey2145c212020-05-01 16:04:22 +0100[diff] [blame]847 *count = i;
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]848
849 return MANIFEST_SUCCESS;
850}
851
J-Alvesabebe432022-05-31 14:40:50 +0100[diff] [blame]852static enum manifest_return_code sanity_check_ffa_manifest(
853 struct manifest_vm *vm)
854{
855 uint16_t ffa_version_major;
856 uint16_t ffa_version_minor;
857 enum manifest_return_code ret_code = MANIFEST_SUCCESS;
858 const char *error_string = "specified in manifest is unsupported";
859 uint32_t k = 0;
860
861 /* ensure that the SPM version is compatible */
862 ffa_version_major = (vm->partition.ffa_version & 0xffff0000) >>
863 FFA_VERSION_MAJOR_OFFSET;
864 ffa_version_minor = vm->partition.ffa_version & 0xffff;
865
866 if (ffa_version_major != FFA_VERSION_MAJOR ||
867 ffa_version_minor > FFA_VERSION_MINOR) {
868 dlog_error("FF-A partition manifest version %s: %u.%u\n",
869 error_string, ffa_version_major, ffa_version_minor);
870 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
871 }
872
873 if (vm->partition.xlat_granule != PAGE_4KB) {
874 dlog_error("Translation granule %s: %u\n", error_string,
875 vm->partition.xlat_granule);
876 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
877 }
878
879 if (vm->partition.execution_state != AARCH64) {
880 dlog_error("Execution state %s: %u\n", error_string,
881 vm->partition.execution_state);
882 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
883 }
884
885 if (vm->partition.run_time_el != EL1 &&
886 vm->partition.run_time_el != S_EL1 &&
887 vm->partition.run_time_el != S_EL0) {
888 dlog_error("Exception level %s: %d\n", error_string,
889 vm->partition.run_time_el);
890 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
891 }
892
893 if ((vm->partition.messaging_method &
894 ~(FFA_PARTITION_DIRECT_REQ_RECV | FFA_PARTITION_DIRECT_REQ_SEND |
895 FFA_PARTITION_INDIRECT_MSG)) != 0U) {
896 dlog_error("Messaging method %s: %x\n", error_string,
897 vm->partition.messaging_method);
898 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
899 }
900
901 if (vm->partition.run_time_el == S_EL0 &&
902 vm->partition.execution_ctx_count != 1) {
903 dlog_error(
904 "Exception level and execution context count %s: %d "
905 "%d\n",
906 error_string, vm->partition.run_time_el,
907 vm->partition.execution_ctx_count);
908 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
909 }
910
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]911 for (uint16_t i = 0; i < vm->partition.dev_region_count; i++) {
J-Alvesabebe432022-05-31 14:40:50 +0100[diff] [blame]912 struct device_region dev_region;
913
914 dev_region = vm->partition.dev_regions[i];
915
Raghu Krishnamurthy641dcd82022-07-19 23:21:20 -0700[diff] [blame]916 if (dev_region.interrupt_count >
917 PARTITION_MAX_INTERRUPTS_PER_DEVICE) {
J-Alvesabebe432022-05-31 14:40:50 +0100[diff] [blame]918 dlog_error(
919 "Interrupt count for device region exceeds "
920 "limit.\n");
921 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
922 continue;
923 }
924
925 for (uint8_t j = 0; j < dev_region.interrupt_count; j++) {
926 k++;
927 if (k > VM_MANIFEST_MAX_INTERRUPTS) {
928 dlog_error(
929 "Interrupt count for VM exceeds "
930 "limit.\n");
931 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
932 continue;
933 }
934 }
935 }
936
937 /* GP register is restricted to one of x0 - x3. */
938 if (vm->partition.gp_register_num != -1 &&
939 vm->partition.gp_register_num > 3) {
940 dlog_error("GP register number %s: %u\n", error_string,
941 vm->partition.gp_register_num);
942 ret_code = MANIFEST_ERROR_NOT_COMPATIBLE;
943 }
944
945 return ret_code;
946}
947
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]948enum manifest_return_code parse_ffa_manifest(
949 struct fdt *fdt, struct manifest_vm *vm,
950 struct fdt_node *boot_info_node, const struct boot_params *boot_params)
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]951{
952 unsigned int i = 0;
953 struct uint32list_iter uuid;
954 uint32_t uuid_word;
955 struct fdt_node root;
956 struct fdt_node ffa_node;
957 struct string rxtx_node_name = STRING_INIT("rx_tx-info");
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]958 struct string mem_region_node_name = STRING_INIT("memory-regions");
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]959 struct string dev_region_node_name = STRING_INIT("device-regions");
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]960 struct string boot_info_node_name = STRING_INIT("boot-info");
Madhukar Pappireddy84154052022-06-21 18:30:25 -0500[diff] [blame]961 bool managed_exit_field_present = false;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]962
963 if (!fdt_find_node(fdt, "/", &root)) {
964 return MANIFEST_ERROR_NO_ROOT_NODE;
965 }
966
967 /* Check "compatible" property. */
968 if (!fdt_is_compatible(&root, "arm,ffa-manifest-1.0")) {
969 return MANIFEST_ERROR_NOT_COMPATIBLE;
970 }
971
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]972 TRY(read_uint32(&root, "ffa-version", &vm->partition.ffa_version));
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]973 dlog_verbose(" Expected FF-A version %u.%u\n",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]974 vm->partition.ffa_version >> 16,
975 vm->partition.ffa_version & 0xffff);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]976
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]977 TRY(read_uint32list(&root, "uuid", &uuid));
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]978
979 while (uint32list_has_next(&uuid) && i < 4) {
980 TRY(uint32list_get_next(&uuid, &uuid_word));
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]981 vm->partition.uuid.uuid[i] = uuid_word;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]982 i++;
983 }
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]984 dlog_verbose(" UUID %#x-%x-%x-%x\n", vm->partition.uuid.uuid[0],
985 vm->partition.uuid.uuid[1], vm->partition.uuid.uuid[2],
986 vm->partition.uuid.uuid[3]);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]987
988 TRY(read_uint16(&root, "execution-ctx-count",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]989 &vm->partition.execution_ctx_count));
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]990 dlog_verbose(" Number of execution context %u\n",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]991 vm->partition.execution_ctx_count);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]992
993 TRY(read_uint8(&root, "exception-level",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]994 (uint8_t *)&vm->partition.run_time_el));
995 dlog_verbose(" Run-time EL %u\n", vm->partition.run_time_el);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]996
997 TRY(read_uint8(&root, "execution-state",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]998 (uint8_t *)&vm->partition.execution_state));
999 dlog_verbose(" Execution state %u\n", vm->partition.execution_state);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1000
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1001 TRY(read_optional_uint64(&root, "load-address", 0,
1002 &vm->partition.load_addr));
1003 dlog_verbose(" Load address %#x\n", vm->partition.load_addr);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1004
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]1005 TRY(read_optional_uint64(&root, "entrypoint-offset", 0,
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1006 &vm->partition.ep_offset));
1007 dlog_verbose(" Entry point offset %#x\n", vm->partition.ep_offset);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1008
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]1009 TRY(read_optional_uint32(&root, "gp-register-num",
1010 DEFAULT_BOOT_GP_REGISTER,
1011 &vm->partition.gp_register_num));
1012 dlog_verbose(" Boot GP register: %#x\n",
1013 vm->partition.gp_register_num);
1014
J-Alvesb37fd082020-10-22 12:29:21 +0100[diff] [blame]1015 TRY(read_optional_uint16(&root, "boot-order", DEFAULT_BOOT_ORDER,
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1016 &vm->partition.boot_order));
1017 dlog_verbose(" Boot order %#u\n", vm->partition.boot_order);
J-Alvesb37fd082020-10-22 12:29:21 +0100[diff] [blame]1018
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]1019 TRY(read_optional_uint8(&root, "xlat-granule", 0,
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1020 (uint8_t *)&vm->partition.xlat_granule));
1021 dlog_verbose(" Translation granule %u\n", vm->partition.xlat_granule);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1022
1023 ffa_node = root;
1024 if (fdt_find_child(&ffa_node, &rxtx_node_name)) {
1025 if (!fdt_is_compatible(&ffa_node,
1026 "arm,ffa-manifest-rx_tx-buffer")) {
1027 return MANIFEST_ERROR_NOT_COMPATIBLE;
1028 }
1029
Manish Pandeyfa1f2912020-05-05 12:57:01 +0100[diff] [blame]1030 /*
1031 * Read only phandles for now, it will be used to update buffers
1032 * while parsing memory regions.
1033 */
1034 TRY(read_uint32(&ffa_node, "rx-buffer",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1035 &vm->partition.rxtx.rx_phandle));
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1036
Manish Pandeyfa1f2912020-05-05 12:57:01 +0100[diff] [blame]1037 TRY(read_uint32(&ffa_node, "tx-buffer",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1038 &vm->partition.rxtx.tx_phandle));
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1039
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1040 vm->partition.rxtx.available = true;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1041 }
1042
1043 TRY(read_uint8(&root, "messaging-method",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1044 (uint8_t *)&vm->partition.messaging_method));
1045 dlog_verbose(" Messaging method %u\n", vm->partition.messaging_method);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1046
Madhukar Pappireddy84154052022-06-21 18:30:25 -0500[diff] [blame]1047 TRY(read_bool(&root, "managed-exit", &managed_exit_field_present));
1048
1049 TRY(read_optional_uint8(
1050 &root, "ns-interrupts-action", NS_ACTION_SIGNALED,
1051 (uint8_t *)&vm->partition.ns_interrupts_action));
1052
1053 /*
1054 * An SP manifest can specify one of the fields listed below:
1055 * `managed-exit`: Introduced in FF-A v1.0 spec.
1056 * `ns-interrupts-action`: Introduced in FF-A v1.1 EAC0 spec.
1057 * If both are missing from the manifest, the default response is
1058 * NS_ACTION_SIGNALED.
1059 */
1060 if (managed_exit_field_present) {
1061 vm->partition.ns_interrupts_action = NS_ACTION_ME;
1062 }
1063
1064 if (vm->partition.ns_interrupts_action != NS_ACTION_QUEUED &&
1065 vm->partition.ns_interrupts_action != NS_ACTION_ME &&
1066 vm->partition.ns_interrupts_action != NS_ACTION_SIGNALED) {
Madhukar Pappireddy5c04a382022-12-28 11:29:26 -0600[diff] [blame]1067 return MANIFEST_ERROR_ILLEGAL_NS_INT_ACTION;
Madhukar Pappireddy84154052022-06-21 18:30:25 -0500[diff] [blame]1068 }
1069
1070 dlog_verbose(
1071 "NS Interrupts %s\n",
1072 (vm->partition.ns_interrupts_action == NS_ACTION_QUEUED)
1073 ? "Queued"
1074 : (vm->partition.ns_interrupts_action == NS_ACTION_SIGNALED)
1075 ? "Signaled"
1076 : "Managed exit");
1077
1078 if (vm->partition.ns_interrupts_action == NS_ACTION_ME) {
1079 /* Managed exit only supported by S_EL1 partitions. */
1080 if (vm->partition.run_time_el != S_EL1) {
1081 dlog_error(
1082 "Managed exit cannot be supported by this "
1083 "partition\n");
Madhukar Pappireddy5c04a382022-12-28 11:29:26 -0600[diff] [blame]1084 return MANIFEST_ERROR_ILLEGAL_NS_INT_ACTION;
Madhukar Pappireddy84154052022-06-21 18:30:25 -0500[diff] [blame]1085 }
Madhukar Pappireddy046dad02022-06-21 18:43:33 -0500[diff] [blame]1086
1087 TRY(read_bool(&root, "managed-exit-virq",
1088 &vm->partition.me_signal_virq));
1089 if (vm->partition.me_signal_virq) {
1090 dlog_verbose(" Managed Exit signaled through vIRQ\n");
1091 }
J-Alvesa4730db2021-11-02 10:31:01 +0000[diff] [blame]1092 }
1093
1094 TRY(read_bool(&root, "notification-support",
1095 &vm->partition.notification_support));
1096 if (vm->partition.notification_support) {
1097 dlog_verbose(" Notifications Receipt Supported\n");
1098 }
Maksims Svecovs9ddf86a2021-05-06 17:17:21 +0100[diff] [blame]1099
Madhukar Pappireddy5c04a382022-12-28 11:29:26 -0600[diff] [blame]1100 TRY(read_optional_uint8(
1101 &root, "other-s-interrupts-action", OTHER_S_INT_ACTION_SIGNALED,
1102 (uint8_t *)&vm->partition.other_s_interrupts_action));
1103
1104 if (vm->partition.other_s_interrupts_action ==
1105 OTHER_S_INT_ACTION_QUEUED) {
1106 if (vm->partition.ns_interrupts_action != NS_ACTION_QUEUED) {
1107 dlog_error(
1108 "Choice of the fields 'ns-interrupts-action' "
1109 "and 'other-s-interrupts-action' not "
1110 "compatible\n");
1111 return MANIFEST_ERROR_NOT_COMPATIBLE;
1112 }
1113 } else if (vm->partition.other_s_interrupts_action >
1114 OTHER_S_INT_ACTION_SIGNALED) {
1115 dlog_error(
1116 "Illegal value specified for the field"
1117 " 'other-s-interrupts-action': %u\n",
1118 vm->partition.other_s_interrupts_action);
1119 return MANIFEST_ERROR_ILLEGAL_OTHER_S_INT_ACTION;
1120 }
1121
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]1122 /* Parse boot info node. */
1123 if (boot_info_node != NULL) {
1124 ffa_node = root;
1125 vm->partition.boot_info =
1126 fdt_find_child(&ffa_node, &boot_info_node_name);
1127 if (vm->partition.boot_info) {
1128 *boot_info_node = ffa_node;
1129 }
1130 } else {
1131 vm->partition.boot_info = false;
1132 }
1133
Olivier Depreza15f2352022-09-26 09:17:24 +0200[diff] [blame]1134 TRY(read_optional_uint32(
1135 &root, "power-management-messages",
1136 MANIFEST_POWER_MANAGEMENT_CPU_OFF_SUPPORTED |
1137 MANIFEST_POWER_MANAGEMENT_CPU_ON_SUPPORTED,
1138 &vm->partition.power_management));
1139 vm->partition.power_management &= MANIFEST_POWER_MANAGEMENT_ALL_MASK;
1140 if (vm->partition.execution_ctx_count == 1 ||
1141 vm->partition.run_time_el == S_EL0) {
1142 vm->partition.power_management =
1143 MANIFEST_POWER_MANAGEMENT_NONE_MASK;
1144 }
1145
1146 dlog_verbose(" Power management messages %#x\n",
1147 vm->partition.power_management);
1148
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]1149 /* Parse memory-regions */
1150 ffa_node = root;
1151 if (fdt_find_child(&ffa_node, &mem_region_node_name)) {
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1152 TRY(parse_ffa_memory_region_node(
Karl Meakinf6d49402023-04-04 18:14:26 +0100[diff] [blame^]1153 &ffa_node, vm->partition.load_addr,
1154 vm->partition.mem_regions,
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]1155 &vm->partition.mem_region_count, &vm->partition.rxtx,
1156 boot_params));
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]1157 }
Manish Pandey2145c212020-05-01 16:04:22 +0100[diff] [blame]1158 dlog_verbose(" Total %u memory regions found\n",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1159 vm->partition.mem_region_count);
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]1160
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]1161 /* Parse Device-regions */
1162 ffa_node = root;
1163 if (fdt_find_child(&ffa_node, &dev_region_node_name)) {
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1164 TRY(parse_ffa_device_region_node(
1165 &ffa_node, vm->partition.dev_regions,
1166 &vm->partition.dev_region_count));
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]1167 }
Manish Pandey2145c212020-05-01 16:04:22 +0100[diff] [blame]1168 dlog_verbose(" Total %u device regions found\n",
Raghu Krishnamurthy8c250a92021-07-02 12:16:42 -0700[diff] [blame]1169 vm->partition.dev_region_count);
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]1170
J-Alves4eb7b542022-03-02 15:21:52 +0000[diff] [blame]1171 return sanity_check_ffa_manifest(vm);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1172}
1173
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1174static enum manifest_return_code parse_ffa_partition_package(
1175 struct mm_stage1_locked stage1_locked, struct fdt_node *node,
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]1176 struct manifest_vm *vm, ffa_vm_id_t vm_id,
1177 const struct boot_params *boot_params, struct mpool *ppool)
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1178{
1179 enum manifest_return_code ret = MANIFEST_ERROR_NOT_COMPATIBLE;
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1180 uintpaddr_t load_address;
1181 struct sp_pkg_header header;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1182 struct fdt sp_fdt;
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1183 vaddr_t pkg_start;
1184 vaddr_t manifest_address;
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]1185 struct fdt_node boot_info_node;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1186
1187 /*
1188 * This must have been hinted as being an FF-A partition,
1189 * return straight with failure if this is not the case.
1190 */
1191 if (!vm->is_ffa_partition) {
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1192 return ret;
1193 }
1194
1195 TRY(read_uint64(node, "load_address", &load_address));
1196 if (!is_aligned(load_address, PAGE_SIZE)) {
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1197 return MANIFEST_ERROR_NOT_COMPATIBLE;
1198 }
1199
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1200 assert(load_address != 0U);
1201
1202 if (!sp_pkg_init(stage1_locked, pa_init(load_address), &header,
1203 ppool)) {
1204 return ret;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1205 }
1206
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1207 pkg_start = va_init(load_address);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1208
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1209 if (vm_id != HF_PRIMARY_VM_ID &&
1210 sp_pkg_get_mem_size(&header) >= vm->secondary.mem_size) {
J-Alves4369bd92020-08-07 16:35:36 +0100[diff] [blame]1211 dlog_error("Invalid package header or DT size.\n");
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1212 goto out;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1213 }
1214
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1215 manifest_address = va_add(va_init(load_address), header.pm_offset);
1216 if (!fdt_init_from_ptr(&sp_fdt, ptr_from_va(manifest_address),
1217 header.pm_size)) {
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1218 dlog_error("FDT failed validation.\n");
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1219 goto out;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1220 }
1221
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]1222 ret = parse_ffa_manifest(&sp_fdt, vm, &boot_info_node, boot_params);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1223 if (ret != MANIFEST_SUCCESS) {
J-Alves4eb7b542022-03-02 15:21:52 +0000[diff] [blame]1224 dlog_error("Error parsing partition manifest: %s.\n",
1225 manifest_strerror(ret));
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1226 goto out;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1227 }
1228
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1229 if (vm->partition.load_addr != load_address) {
J-Alvesa26ea212021-03-22 14:33:47 +0000[diff] [blame]1230 dlog_warning(
1231 "Partition's load address at its manifest differs"
1232 " from specified in partition's package.\n");
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1233 vm->partition.load_addr = load_address;
J-Alvesa26ea212021-03-22 14:33:47 +0000[diff] [blame]1234 }
1235
J-Alves889a1d72022-05-13 11:38:27 +0100[diff] [blame]1236 if (vm->partition.gp_register_num != DEFAULT_BOOT_GP_REGISTER) {
1237 if (header.version == SP_PKG_HEADER_VERSION_2 &&
1238 vm->partition.boot_info &&
1239 !ffa_boot_info_node(&boot_info_node, pkg_start, &header)) {
1240 dlog_error("Failed to process boot information.\n");
1241 }
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]1242 }
J-Alves2f86c1e2022-02-23 18:44:19 +0000[diff] [blame]1243out:
1244 sp_pkg_deinit(stage1_locked, pkg_start, &header, ppool);
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1245 return ret;
1246}
1247
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1248/**
1249 * Parse manifest from FDT.
1250 */
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1251enum manifest_return_code manifest_init(struct mm_stage1_locked stage1_locked,
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]1252 struct manifest **manifest_ret,
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1253 struct memiter *manifest_fdt,
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]1254 struct boot_params *boot_params,
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1255 struct mpool *ppool)
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1256{
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]1257 struct manifest *manifest;
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]1258 struct string vm_name;
1259 struct fdt fdt;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1260 struct fdt_node hyp_node;
1261 size_t i = 0;
1262 bool found_primary_vm = false;
1263
J-Alvescd438fa2023-04-26 10:13:12 +0100[diff] [blame]1264 if (boot_params->mem_ranges_count == 0 &&
1265 boot_params->ns_mem_ranges_count == 0) {
1266 return MANIFEST_ERROR_MEMORY_MISSING;
1267 }
1268
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]1269 dump_memory_ranges(boot_params->mem_ranges,
1270 boot_params->mem_ranges_count, false);
1271 dump_memory_ranges(boot_params->ns_mem_ranges,
1272 boot_params->ns_mem_ranges_count, true);
1273
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]1274 /* Allocate space in the ppool for the manifest data. */
1275 if (!manifest_data_init(ppool)) {
1276 panic("Unable to allocate manifest data.\n");
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]1277 }
1278
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]1279 manifest = &manifest_data->manifest;
1280 *manifest_ret = manifest;
1281
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]1282 if (!fdt_init_from_memiter(&fdt, manifest_fdt)) {
1283 return MANIFEST_ERROR_FILE_SIZE; /* TODO */
David Brazdila2358d42020-01-27 18:51:38 +0000[diff] [blame]1284 }
1285
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1286 /* Find hypervisor node. */
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]1287 if (!fdt_find_node(&fdt, "/hypervisor", &hyp_node)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1288 return MANIFEST_ERROR_NO_HYPERVISOR_FDT_NODE;
1289 }
1290
David Brazdil74e9c3b2019-08-28 11:09:08 +0100[diff] [blame]1291 /* Check "compatible" property. */
David Brazdilf4925382020-03-25 13:33:51 +0000[diff] [blame]1292 if (!fdt_is_compatible(&hyp_node, "hafnium,hafnium")) {
David Brazdil74e9c3b2019-08-28 11:09:08 +0100[diff] [blame]1293 return MANIFEST_ERROR_NOT_COMPATIBLE;
1294 }
1295
Olivier Deprez622ab8d2021-08-02 12:15:45 +0200[diff] [blame]1296 TRY(read_bool(&hyp_node, "ffa_tee_enabled",
1297 &manifest->ffa_tee_enabled));
Andrew Walbran41a49d82020-01-10 17:46:38 +0000[diff] [blame]1298
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1299 /* Iterate over reserved VM IDs and check no such nodes exist. */
Olivier Deprez2a8ee342020-08-03 15:10:44 +0200[diff] [blame]1300 for (i = HF_VM_ID_BASE; i < HF_VM_ID_OFFSET; i++) {
1301 ffa_vm_id_t vm_id = (ffa_vm_id_t)i - HF_VM_ID_BASE;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1302 struct fdt_node vm_node = hyp_node;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1303
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]1304 generate_vm_node_name(&vm_name, vm_id);
1305 if (fdt_find_child(&vm_node, &vm_name)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1306 return MANIFEST_ERROR_RESERVED_VM_ID;
1307 }
1308 }
1309
1310 /* Iterate over VM nodes until we find one that does not exist. */
1311 for (i = 0; i <= MAX_VMS; ++i) {
Andrew Walbranb5ab43c2020-04-30 11:32:54 +0100[diff] [blame]1312 ffa_vm_id_t vm_id = HF_VM_ID_OFFSET + i;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1313 struct fdt_node vm_node = hyp_node;
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1314
Olivier Deprez2a8ee342020-08-03 15:10:44 +0200[diff] [blame]1315 generate_vm_node_name(&vm_name, vm_id - HF_VM_ID_BASE);
David Brazdilb856be62020-03-25 10:14:55 +0000[diff] [blame]1316 if (!fdt_find_child(&vm_node, &vm_name)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1317 break;
1318 }
1319
1320 if (i == MAX_VMS) {
1321 return MANIFEST_ERROR_TOO_MANY_VMS;
1322 }
1323
1324 if (vm_id == HF_PRIMARY_VM_ID) {
1325 CHECK(found_primary_vm == false); /* sanity check */
1326 found_primary_vm = true;
1327 }
1328
David Brazdil0251b942019-09-10 15:59:50 +0100[diff] [blame]1329 manifest->vm_count = i + 1;
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1330
1331 TRY(parse_vm_common(&vm_node, &manifest->vm[i], vm_id));
1332
Raghu Krishnamurthyb49549e2021-07-02 08:27:38 -0700[diff] [blame]1333 CHECK(!manifest->vm[i].is_hyp_loaded ||
1334 manifest->vm[i].is_ffa_partition);
1335
1336 if (manifest->vm[i].is_ffa_partition &&
1337 !manifest->vm[i].is_hyp_loaded) {
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1338 TRY(parse_ffa_partition_package(stage1_locked, &vm_node,
1339 &manifest->vm[i], vm_id,
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]1340 boot_params, ppool));
J-Alves596049f2023-03-15 11:40:24 +0000[diff] [blame]1341 size_t page_count =
1342 align_up(manifest->vm[i].secondary.mem_size,
1343 PAGE_SIZE) /
1344 PAGE_SIZE;
1345
1346 if (vm_id == HF_PRIMARY_VM_ID) {
1347 continue;
1348 }
1349
1350 TRY(check_partition_memory_is_valid(
1351 manifest->vm[i].partition.load_addr, page_count,
1352 0, boot_params));
1353
1354 /*
1355 * Check if memory from load-address until (load-address
1356 * + memory size) has been used by other partition.
1357 */
1358 TRY(check_and_record_memory_used(
1359 manifest->vm[i].partition.load_addr,
1360 page_count));
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1361 } else {
1362 TRY(parse_vm(&vm_node, &manifest->vm[i], vm_id));
1363 }
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1364 }
1365
Olivier Deprezfb05f3c2020-11-10 17:48:04 +0100[diff] [blame]1366 if (!found_primary_vm && vm_id_is_current_world(HF_PRIMARY_VM_ID)) {
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1367 return MANIFEST_ERROR_NO_PRIMARY_VM;
1368 }
1369
1370 return MANIFEST_SUCCESS;
1371}
1372
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]1373/**
1374 * Free manifest data resources, called once manifest parsing has
1375 * completed and VMs are loaded.
1376 */
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]1377void manifest_deinit(struct mpool *ppool)
1378{
Olivier Deprez93644652022-09-09 11:01:12 +0200[diff] [blame]1379 manifest_data_deinit(ppool);
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]1380}
1381
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1382const char *manifest_strerror(enum manifest_return_code ret_code)
1383{
1384 switch (ret_code) {
1385 case MANIFEST_SUCCESS:
1386 return "Success";
David Brazdila2358d42020-01-27 18:51:38 +0000[diff] [blame]1387 case MANIFEST_ERROR_FILE_SIZE:
1388 return "Total size in header does not match file size";
Olivier Deprez62d99e32020-01-09 15:58:07 +0100[diff] [blame]1389 case MANIFEST_ERROR_MALFORMED_DTB:
1390 return "Malformed device tree blob";
David Brazdila2358d42020-01-27 18:51:38 +0000[diff] [blame]1391 case MANIFEST_ERROR_NO_ROOT_NODE:
1392 return "Could not find root node in manifest";
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1393 case MANIFEST_ERROR_NO_HYPERVISOR_FDT_NODE:
1394 return "Could not find \"hypervisor\" node in manifest";
David Brazdil74e9c3b2019-08-28 11:09:08 +0100[diff] [blame]1395 case MANIFEST_ERROR_NOT_COMPATIBLE:
1396 return "Hypervisor manifest entry not compatible with Hafnium";
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1397 case MANIFEST_ERROR_RESERVED_VM_ID:
1398 return "Manifest defines a VM with a reserved ID";
1399 case MANIFEST_ERROR_NO_PRIMARY_VM:
1400 return "Manifest does not contain a primary VM entry";
1401 case MANIFEST_ERROR_TOO_MANY_VMS:
1402 return "Manifest specifies more VMs than Hafnium has "
1403 "statically allocated space for";
1404 case MANIFEST_ERROR_PROPERTY_NOT_FOUND:
1405 return "Property not found";
1406 case MANIFEST_ERROR_MALFORMED_STRING:
1407 return "Malformed string property";
David Brazdil0dbb41f2019-09-09 18:03:35 +0100[diff] [blame]1408 case MANIFEST_ERROR_STRING_TOO_LONG:
1409 return "String too long";
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1410 case MANIFEST_ERROR_MALFORMED_INTEGER:
1411 return "Malformed integer property";
1412 case MANIFEST_ERROR_INTEGER_OVERFLOW:
1413 return "Integer overflow";
Andrew Scullae9962e2019-10-03 16:51:16 +0100[diff] [blame]1414 case MANIFEST_ERROR_MALFORMED_INTEGER_LIST:
1415 return "Malformed integer list property";
Andrew Scullb2c3a242019-11-04 13:52:36 +0000[diff] [blame]1416 case MANIFEST_ERROR_MALFORMED_BOOLEAN:
1417 return "Malformed boolean property";
Manish Pandey6542f5c2020-04-27 14:37:46 +0100[diff] [blame]1418 case MANIFEST_ERROR_MEMORY_REGION_NODE_EMPTY:
1419 return "Memory-region node should have at least one entry";
Manish Pandeye68e7932020-04-23 15:29:28 +0100[diff] [blame]1420 case MANIFEST_ERROR_DEVICE_REGION_NODE_EMPTY:
1421 return "Device-region node should have at least one entry";
Manish Pandeyf06c9072020-09-29 15:41:58 +0100[diff] [blame]1422 case MANIFEST_ERROR_RXTX_SIZE_MISMATCH:
1423 return "RX and TX buffers should be of same size";
Varun Wadekar4afbfd72022-10-13 14:30:18 +0100[diff] [blame]1424 case MANIFEST_ERROR_MEM_REGION_EMPTY:
1425 return "Memory region should have at least one page";
Karl Meakinf6d49402023-04-04 18:14:26 +0100[diff] [blame^]1426 case MANIFEST_ERROR_BASE_ADDRESS_AND_RELATIVE_ADDRESS:
1427 return "Base and relative addresses are mutually exclusive";
Daniel Boulbya7e9e182022-06-27 14:21:01 +0100[diff] [blame]1428 case MANIFEST_ERROR_MEM_REGION_OVERLAP:
1429 return "Memory region overlaps with one already allocated";
Daniel Boulbyc1a613d2022-10-18 11:26:17 +0100[diff] [blame]1430 case MANIFEST_ERROR_MEM_REGION_UNALIGNED:
1431 return "Memory region is not aligned to a page boundary";
Raghu Krishnamurthy384693c2021-10-11 13:56:24 -0700[diff] [blame]1432 case MANIFEST_ERROR_INVALID_MEM_PERM:
1433 return "Memory permission should be RO, RW or RX";
J-Alves35315782022-01-25 17:58:32 +0000[diff] [blame]1434 case MANIFEST_ERROR_ARGUMENTS_LIST_EMPTY:
1435 return "Arguments-list node should have at least one argument";
Daniel Boulby801f8ef2022-06-27 14:21:01 +0100[diff] [blame]1436 case MANIFEST_ERROR_INTERRUPT_ID_REPEATED:
1437 return "Interrupt ID already assigned to another endpoint";
Madhukar Pappireddy5c04a382022-12-28 11:29:26 -0600[diff] [blame]1438 case MANIFEST_ERROR_ILLEGAL_NS_INT_ACTION:
Madhukar Pappireddy84154052022-06-21 18:30:25 -0500[diff] [blame]1439 return "Illegal value specidied for the field: Action in "
1440 "response to NS Interrupt";
Raghu Krishnamurthy98da1ca2022-10-04 08:59:01 -0700[diff] [blame]1441 case MANIFEST_ERROR_INTERRUPT_ID_NOT_IN_LIST:
1442 return "Interrupt ID is not in the list of interrupts";
Madhukar Pappireddy5c04a382022-12-28 11:29:26 -0600[diff] [blame]1443 case MANIFEST_ERROR_ILLEGAL_OTHER_S_INT_ACTION:
1444 return "Illegal value specified for the field: Action in "
1445 "response to Other-S Interrupt";
J-Alves77b6f4f2023-03-15 11:34:49 +0000[diff] [blame]1446 case MANIFEST_ERROR_MEMORY_MISSING:
1447 return "Memory nodes must be defined in the SPMC manifest "
1448 "('memory' and 'ns-memory').";
1449 case MANIFEST_ERROR_PARTITION_ADDRESS_OVERLAP:
1450 return "Partition's memory [load address: load address + "
1451 "memory size[ overlap with other allocated "
1452 "regions.";
1453 case MANIFEST_ERROR_MEM_REGION_INVALID:
1454 return "Memory region must within memory ranges defined "
1455 "in the SPMC manifest.";
David Brazdil7a462ec2019-08-15 12:27:47 +0100[diff] [blame]1456 }
1457
1458 panic("Unexpected manifest return code.");
1459}