bl1_main.c 8.56 KB
Newer Older
1
/*
2
 * Copyright (c) 2013-2015, ARM Limited and Contributors. All rights reserved.
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are met:
 *
 * Redistributions of source code must retain the above copyright notice, this
 * list of conditions and the following disclaimer.
 *
 * Redistributions in binary form must reproduce the above copyright notice,
 * this list of conditions and the following disclaimer in the documentation
 * and/or other materials provided with the distribution.
 *
 * Neither the name of ARM nor the names of its contributors may be used
 * to endorse or promote products derived from this software without specific
 * prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 * POSSIBILITY OF SUCH DAMAGE.
 */

31
#include <arch.h>
32
#include <arch_helpers.h>
33
#include <assert.h>
34
#include <auth.h>
35
#include <bl_common.h>
36
#include <debug.h>
37
#include <platform.h>
38
#include <platform_def.h>
39
#include "bl1_private.h"
40

41
42
43
44
/*******************************************************************************
 * Runs BL2 from the given entry point. It results in dropping the
 * exception level
 ******************************************************************************/
45
static void __dead2 bl1_run_bl2(entry_point_info_t *bl2_ep)
46
47
48
49
50
51
{
	bl1_arch_next_el_setup();

	/* Tell next EL what we want done */
	bl2_ep->args.arg0 = RUN_IMAGE;

52
53
	if (GET_SECURITY_STATE(bl2_ep->h.attr) == NON_SECURE)
		change_security_state(GET_SECURITY_STATE(bl2_ep->h.attr));
54
55

	write_spsr_el3(bl2_ep->spsr);
56
	write_elr_el3(bl2_ep->pc);
57
58
59
60
61
62
63
64
65
66
67

	eret(bl2_ep->args.arg0,
		bl2_ep->args.arg1,
		bl2_ep->args.arg2,
		bl2_ep->args.arg3,
		bl2_ep->args.arg4,
		bl2_ep->args.arg5,
		bl2_ep->args.arg6,
		bl2_ep->args.arg7);
}

68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
/*******************************************************************************
 * The next function has a weak definition. Platform specific code can override
 * it if it wishes to.
 ******************************************************************************/
#pragma weak bl1_init_bl2_mem_layout

/*******************************************************************************
 * Function that takes a memory layout into which BL2 has been loaded and
 * populates a new memory layout for BL2 that ensures that BL1's data sections
 * resident in secure RAM are not visible to BL2.
 ******************************************************************************/
void bl1_init_bl2_mem_layout(const meminfo_t *bl1_mem_layout,
			     meminfo_t *bl2_mem_layout)
{
	const size_t bl1_size = BL1_RAM_LIMIT - BL1_RAM_BASE;

	assert(bl1_mem_layout != NULL);
	assert(bl2_mem_layout != NULL);

	/* Check that BL1's memory is lying outside of the free memory */
	assert((BL1_RAM_LIMIT <= bl1_mem_layout->free_base) ||
	       (BL1_RAM_BASE >= bl1_mem_layout->free_base + bl1_mem_layout->free_size));

	/* Remove BL1 RW data from the scope of memory visible to BL2 */
	*bl2_mem_layout = *bl1_mem_layout;
	reserve_mem(&bl2_mem_layout->total_base,
		    &bl2_mem_layout->total_size,
		    BL1_RAM_BASE,
		    bl1_size);

	flush_dcache_range((unsigned long)bl2_mem_layout, sizeof(meminfo_t));
}
100

101
102
103
104
105
106
107
108
109
/*******************************************************************************
 * Function to perform late architectural and platform specific initialization.
 * It also locates and loads the BL2 raw binary image in the trusted DRAM. Only
 * called by the primary cpu after a cold boot.
 * TODO: Add support for alternative image load mechanism e.g using virtio/elf
 * loader etc.
  ******************************************************************************/
void bl1_main(void)
{
Dan Handley's avatar
Dan Handley committed
110
111
112
113
114
115
116
	/* Announce our arrival */
	NOTICE(FIRMWARE_WELCOME_STR);
	NOTICE("BL1: %s\n", version_string);
	NOTICE("BL1: %s\n", build_message);

	INFO("BL1: RAM 0x%lx - 0x%lx\n", BL1_RAM_BASE, BL1_RAM_LIMIT);

117
118
	image_info_t bl2_image_info = { {0} };
	entry_point_info_t bl2_ep = { {0} };
119
120
	meminfo_t *bl1_tzram_layout;
	meminfo_t *bl2_tzram_layout = 0x0;
121
	int err;
122

123
124
#if DEBUG
	unsigned long val;
125
126
127
	/*
	 * Ensure that MMU/Caches and coherency are turned on
	 */
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
	val = read_sctlr_el3();
	assert(val | SCTLR_M_BIT);
	assert(val | SCTLR_C_BIT);
	assert(val | SCTLR_I_BIT);
	/*
	 * Check that Cache Writeback Granule (CWG) in CTR_EL0 matches the
	 * provided platform value
	 */
	val = (read_ctr_el0() >> CTR_CWG_SHIFT) & CTR_CWG_MASK;
	/*
	 * If CWG is zero, then no CWG information is available but we can
	 * at least check the platform value is less than the architectural
	 * maximum.
	 */
	if (val != 0)
		assert(CACHE_WRITEBACK_GRANULE == SIZE_FROM_LOG2_WORDS(val));
	else
		assert(CACHE_WRITEBACK_GRANULE <= MAX_CACHE_LINE_SIZE);
#endif
147
148
149
150
151
152
153

	/* Perform remaining generic architectural setup from EL3 */
	bl1_arch_setup();

	/* Perform platform setup in BL1. */
	bl1_platform_setup();

154
155
156
	SET_PARAM_HEAD(&bl2_image_info, PARAM_IMAGE_BINARY, VERSION_1, 0);
	SET_PARAM_HEAD(&bl2_ep, PARAM_EP, VERSION_1, 0);

157
	/* Find out how much free trusted ram remains after BL1 load */
158
	bl1_tzram_layout = bl1_plat_sec_mem_layout();
159

160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
#if TRUSTED_BOARD_BOOT
	/* Initialize authentication module */
	auth_init();

	/*
	 * Load the BL2 certificate into the BL2 region. This region will be
	 * overwritten by the image, so the authentication module is responsible
	 * for storing the relevant data from the certificate (keys, hashes,
	 * etc.) so it can be used later.
	 */
	err = load_image(bl1_tzram_layout,
			 BL2_CERT_NAME,
			 BL2_BASE,
			 &bl2_image_info,
			 NULL);
	if (err) {
		ERROR("Failed to load BL2 certificate.\n");
		panic();
	}

	err = auth_verify_obj(AUTH_BL2_IMG_CERT, bl2_image_info.image_base,
			bl2_image_info.image_size);
	if (err) {
		ERROR("Failed to validate BL2 certificate.\n");
		panic();
	}
#endif /* TRUSTED_BOARD_BOOT */

188
	/* Load the BL2 image */
189
	err = load_image(bl1_tzram_layout,
190
191
192
193
			 BL2_IMAGE_NAME,
			 BL2_BASE,
			 &bl2_image_info,
			 &bl2_ep);
194
195
196
197
198
	if (err) {
		/*
		 * TODO: print failure to load BL2 but also add a tzwdog timer
		 * which will reset the system eventually.
		 */
Dan Handley's avatar
Dan Handley committed
199
		ERROR("Failed to load BL2 firmware.\n");
200
201
		panic();
	}
202
203
204
205
206
207
208
209
210
211
212
213
214
215

#if TRUSTED_BOARD_BOOT
	err = auth_verify_obj(AUTH_BL2_IMG, bl2_image_info.image_base,
				bl2_image_info.image_size);
	if (err) {
		ERROR("Failed to validate BL2 image.\n");
		panic();
	}

	/* After working with data, invalidate the data cache */
	inv_dcache_range(bl2_image_info.image_base,
			(size_t)bl2_image_info.image_size);
#endif /* TRUSTED_BOARD_BOOT */

216
217
218
219
220
221
222
	/*
	 * Create a new layout of memory for BL2 as seen by BL1 i.e.
	 * tell it the amount of total and free memory available.
	 * This layout is created at the first free address visible
	 * to BL2. BL2 will read the memory layout before using its
	 * memory for other purposes.
	 */
223
	bl2_tzram_layout = (meminfo_t *) bl1_tzram_layout->free_base;
224
	bl1_init_bl2_mem_layout(bl1_tzram_layout, bl2_tzram_layout);
225
226
227

	bl1_plat_set_bl2_ep_info(&bl2_image_info, &bl2_ep);
	bl2_ep.args.arg1 = (unsigned long)bl2_tzram_layout;
Dan Handley's avatar
Dan Handley committed
228
229
	NOTICE("BL1: Booting BL2\n");
	INFO("BL1: BL2 address = 0x%llx\n",
230
		(unsigned long long) bl2_ep.pc);
Dan Handley's avatar
Dan Handley committed
231
232
233
234
	INFO("BL1: BL2 spsr = 0x%x\n", bl2_ep.spsr);
	VERBOSE("BL1: BL2 memory layout address = 0x%llx\n",
		(unsigned long long) bl2_tzram_layout);

235
	bl1_run_bl2(&bl2_ep);
236
237
238
239
240
241
242
243

	return;
}

/*******************************************************************************
 * Temporary function to print the fact that BL2 has done its job and BL31 is
 * about to be loaded. This is needed as long as printfs cannot be used
 ******************************************************************************/
244
void display_boot_progress(entry_point_info_t *bl31_ep_info)
245
{
Dan Handley's avatar
Dan Handley committed
246
247
248
249
250
251
252
253
254
	NOTICE("BL1: Booting BL3-1\n");
	INFO("BL1: BL3-1 address = 0x%llx\n",
		(unsigned long long)bl31_ep_info->pc);
	INFO("BL1: BL3-1 spsr = 0x%llx\n",
		(unsigned long long)bl31_ep_info->spsr);
	INFO("BL1: BL3-1 params address = 0x%llx\n",
		(unsigned long long)bl31_ep_info->args.arg0);
	INFO("BL1: BL3-1 plat params address = 0x%llx\n",
		(unsigned long long)bl31_ep_info->args.arg1);
255
}