Unverified Commit 0d018306 authored by Dimitris Papastamos's avatar Dimitris Papastamos Committed by GitHub
Browse files

Merge pull request #1386 from soby-mathew/sm/dyn_bl31

Extend dynamic configuration
parents 41e48fed 1d71ba14
......@@ -11,31 +11,57 @@
#include <libfdt.h>
#include <plat_arm.h>
typedef struct config_load_info_prop {
unsigned int config_id;
const char *config_addr;
const char *config_max_size;
} config_load_info_prop_t;
static const config_load_info_prop_t prop_names[] = {
{HW_CONFIG_ID, "hw_config_addr", "hw_config_max_size"},
{SOC_FW_CONFIG_ID, "soc_fw_config_addr", "soc_fw_config_max_size"},
{TOS_FW_CONFIG_ID, "tos_fw_config_addr", "tos_fw_config_max_size"},
{NT_FW_CONFIG_ID, "nt_fw_config_addr", "nt_fw_config_max_size"}
};
/*******************************************************************************
* Helper to read the `hw_config` property in config DTB. This function
* expects the following properties to be present in the config DTB.
* name : hw_config_addr size : 2 cells
* name : hw_config_max_size size : 1 cell
* Helper to read the load information corresponding to the `config_id` in
* TB_FW_CONFIG. This function expects the following properties to be defined :
* <config>_addr size : 2 cells
* <config>_max_size size : 1 cell
*
* Arguments:
* void *dtb - pointer to the TB_FW_CONFIG in memory
* int node - The node offset to appropriate node in the
* DTB.
* uint64_t *hw_config_addr - Returns the `hw_config` load address if read
* unsigned int config_id - The configuration id
* uint64_t *config_addr - Returns the `config` load address if read
* is successful.
* uint32_t *hw_config_size - Returns the `hw_config` size if read is
* uint32_t *config_size - Returns the `config` size if read is
* successful.
*
* Returns 0 on success and -1 on error.
******************************************************************************/
int arm_dyn_get_hwconfig_info(void *dtb, int node,
uint64_t *hw_config_addr, uint32_t *hw_config_size)
int arm_dyn_get_config_load_info(void *dtb, int node, unsigned int config_id,
uint64_t *config_addr, uint32_t *config_size)
{
int err;
unsigned int i;
assert(dtb != NULL);
assert(hw_config_addr != NULL);
assert(hw_config_size != NULL);
assert(config_addr != NULL);
assert(config_size != NULL);
for (i = 0; i < ARRAY_SIZE(prop_names); i++) {
if (prop_names[i].config_id == config_id)
break;
}
if (i == ARRAY_SIZE(prop_names)) {
WARN("Invalid config id %d\n", config_id);
return -1;
}
/* Check if the pointer to DT is correct */
assert(fdt_check_header(dtb) == 0);
......@@ -43,23 +69,68 @@ int arm_dyn_get_hwconfig_info(void *dtb, int node,
/* Assert the node offset point to "arm,tb_fw" compatible property */
assert(node == fdt_node_offset_by_compatible(dtb, -1, "arm,tb_fw"));
err = fdtw_read_cells(dtb, node, "hw_config_addr", 2,
(void *) hw_config_addr);
err = fdtw_read_cells(dtb, node, prop_names[i].config_addr, 2,
(void *) config_addr);
if (err < 0) {
WARN("Read cell failed for hw_config_addr\n");
WARN("Read cell failed for %s\n", prop_names[i].config_addr);
return -1;
}
err = fdtw_read_cells(dtb, node, "hw_config_max_size", 1,
(void *) hw_config_size);
err = fdtw_read_cells(dtb, node, prop_names[i].config_max_size, 1,
(void *) config_size);
if (err < 0) {
WARN("Read cell failed for hw_config_max_size\n");
WARN("Read cell failed for %s\n", prop_names[i].config_max_size);
return -1;
}
VERBOSE("Dyn cfg: Read hw_config address from TB_FW_CONFIG 0x%p %p\n",
hw_config_addr, hw_config_size);
VERBOSE("Dyn cfg: Read config_id %d load info from TB_FW_CONFIG 0x%llx 0x%x\n",
config_id, (unsigned long long)*config_addr, *config_size);
return 0;
}
/*******************************************************************************
* Helper to read the `disable_auth` property in config DTB. This function
* expects the following properties to be present in the config DTB.
* name : disable_auth size : 1 cell
*
* Arguments:
* void *dtb - pointer to the TB_FW_CONFIG in memory
* int node - The node offset to appropriate node in the
* DTB.
* uint64_t *disable_auth - The value of `disable_auth` property on
* successful read. Must be 0 or 1.
*
* Returns 0 on success and -1 on error.
******************************************************************************/
int arm_dyn_get_disable_auth(void *dtb, int node, uint32_t *disable_auth)
{
int err;
assert(dtb != NULL);
assert(disable_auth != NULL);
/* Check if the pointer to DT is correct */
assert(fdt_check_header(dtb) == 0);
/* Assert the node offset point to "arm,tb_fw" compatible property */
assert(node == fdt_node_offset_by_compatible(dtb, -1, "arm,tb_fw"));
/* Locate the disable_auth cell and read the value */
err = fdtw_read_cells(dtb, node, "disable_auth", 1, disable_auth);
if (err < 0) {
WARN("Read cell failed for `disable_auth`\n");
return -1;
}
/* Check if the value is boolean */
if ((*disable_auth != 0U) && (*disable_auth != 1U)) {
WARN("Invalid value for `disable_auth` cell %d\n", *disable_auth);
return -1;
}
VERBOSE("Dyn cfg: `disable_auth` cell found with value = %d\n",
*disable_auth);
return 0;
}
......
......@@ -63,6 +63,18 @@ static const io_uuid_spec_t hw_config_uuid_spec = {
.uuid = UUID_HW_CONFIG,
};
static const io_uuid_spec_t soc_fw_config_uuid_spec = {
.uuid = UUID_SOC_FW_CONFIG,
};
static const io_uuid_spec_t tos_fw_config_uuid_spec = {
.uuid = UUID_TOS_FW_CONFIG,
};
static const io_uuid_spec_t nt_fw_config_uuid_spec = {
.uuid = UUID_NT_FW_CONFIG,
};
#if TRUSTED_BOARD_BOOT
static const io_uuid_spec_t tb_fw_cert_uuid_spec = {
.uuid = UUID_TRUSTED_BOOT_FW_CERT,
......@@ -167,6 +179,21 @@ static const struct plat_io_policy policies[] = {
(uintptr_t)&hw_config_uuid_spec,
open_fip
},
[SOC_FW_CONFIG_ID] = {
&fip_dev_handle,
(uintptr_t)&soc_fw_config_uuid_spec,
open_fip
},
[TOS_FW_CONFIG_ID] = {
&fip_dev_handle,
(uintptr_t)&tos_fw_config_uuid_spec,
open_fip
},
[NT_FW_CONFIG_ID] = {
&fip_dev_handle,
(uintptr_t)&nt_fw_config_uuid_spec,
open_fip
},
#if TRUSTED_BOARD_BOOT
[TRUSTED_BOOT_FW_CERT_ID] = {
&fip_dev_handle,
......
......@@ -12,7 +12,7 @@
#include "ext.h"
#include "key.h"
#define CERT_MAX_EXT 4
#define CERT_MAX_EXT 5
/*
* This structure contains information related to the generation of the
......
......@@ -21,12 +21,15 @@ enum {
SCP_FW_HASH_EXT,
SOC_FW_CONTENT_CERT_PK_EXT,
SOC_AP_FW_HASH_EXT,
SOC_FW_CONFIG_HASH_EXT,
TRUSTED_OS_FW_CONTENT_CERT_PK_EXT,
TRUSTED_OS_FW_HASH_EXT,
TRUSTED_OS_FW_EXTRA1_HASH_EXT,
TRUSTED_OS_FW_EXTRA2_HASH_EXT,
TRUSTED_OS_FW_CONFIG_HASH_EXT,
NON_TRUSTED_FW_CONTENT_CERT_PK_EXT,
NON_TRUSTED_WORLD_BOOTLOADER_HASH_EXT,
NON_TRUSTED_FW_CONFIG_HASH_EXT,
SCP_FWU_CFG_HASH_EXT,
AP_FWU_CFG_HASH_EXT,
FWU_HASH_EXT
......
......@@ -99,9 +99,10 @@ static cert_t tbb_certs[] = {
.issuer = SOC_FW_CONTENT_CERT,
.ext = {
TRUSTED_FW_NVCOUNTER_EXT,
SOC_AP_FW_HASH_EXT
SOC_AP_FW_HASH_EXT,
SOC_FW_CONFIG_HASH_EXT,
},
.num_ext = 2
.num_ext = 3
},
[TRUSTED_OS_FW_KEY_CERT] = {
.id = TRUSTED_OS_FW_KEY_CERT,
......@@ -129,9 +130,10 @@ static cert_t tbb_certs[] = {
TRUSTED_FW_NVCOUNTER_EXT,
TRUSTED_OS_FW_HASH_EXT,
TRUSTED_OS_FW_EXTRA1_HASH_EXT,
TRUSTED_OS_FW_EXTRA2_HASH_EXT
TRUSTED_OS_FW_EXTRA2_HASH_EXT,
TRUSTED_OS_FW_CONFIG_HASH_EXT,
},
.num_ext = 4
.num_ext = 5
},
[NON_TRUSTED_FW_KEY_CERT] = {
.id = NON_TRUSTED_FW_KEY_CERT,
......@@ -157,9 +159,10 @@ static cert_t tbb_certs[] = {
.issuer = NON_TRUSTED_FW_CONTENT_CERT,
.ext = {
NON_TRUSTED_FW_NVCOUNTER_EXT,
NON_TRUSTED_WORLD_BOOTLOADER_HASH_EXT
NON_TRUSTED_WORLD_BOOTLOADER_HASH_EXT,
NON_TRUSTED_FW_CONFIG_HASH_EXT,
},
.num_ext = 2
.num_ext = 3
},
[FWU_CERT] = {
.id = FWU_CERT,
......
......@@ -123,6 +123,16 @@ static ext_t tbb_ext[] = {
.asn1_type = V_ASN1_OCTET_STRING,
.type = EXT_TYPE_HASH
},
[SOC_FW_CONFIG_HASH_EXT] = {
.oid = SOC_FW_CONFIG_HASH_OID,
.opt = "soc-fw-config",
.help_msg = "SoC Firmware Config file",
.sn = "SocFirmwareConfigHash",
.ln = "SoC Firmware Config hash",
.asn1_type = V_ASN1_OCTET_STRING,
.type = EXT_TYPE_HASH,
.optional = 1
},
[TRUSTED_OS_FW_CONTENT_CERT_PK_EXT] = {
.oid = TRUSTED_OS_FW_CONTENT_CERT_PK_OID,
.sn = "TrustedOSFirmwareContentCertPK",
......@@ -160,6 +170,16 @@ static ext_t tbb_ext[] = {
.type = EXT_TYPE_HASH,
.optional = 1
},
[TRUSTED_OS_FW_CONFIG_HASH_EXT] = {
.oid = TRUSTED_OS_FW_CONFIG_HASH_OID,
.opt = "tos-fw-config",
.help_msg = "Trusted OS Firmware Config file",
.sn = "TrustedOSFirmwareConfigHash",
.ln = "Trusted OS Firmware Config hash",
.asn1_type = V_ASN1_OCTET_STRING,
.type = EXT_TYPE_HASH,
.optional = 1
},
[NON_TRUSTED_FW_CONTENT_CERT_PK_EXT] = {
.oid = NON_TRUSTED_FW_CONTENT_CERT_PK_OID,
.sn = "NonTrustedFirmwareContentCertPK",
......@@ -177,6 +197,16 @@ static ext_t tbb_ext[] = {
.asn1_type = V_ASN1_OCTET_STRING,
.type = EXT_TYPE_HASH
},
[NON_TRUSTED_FW_CONFIG_HASH_EXT] = {
.oid = NON_TRUSTED_FW_CONFIG_HASH_OID,
.opt = "nt-fw-config",
.help_msg = "Non Trusted OS Firmware Config file",
.sn = "NonTrustedOSFirmwareConfigHash",
.ln = "Non-Trusted OS Firmware Config hash",
.asn1_type = V_ASN1_OCTET_STRING,
.type = EXT_TYPE_HASH,
.optional = 1
},
[SCP_FWU_CFG_HASH_EXT] = {
.oid = SCP_FWU_CFG_HASH_OID,
.opt = "scp-fwu-cfg",
......
......@@ -78,6 +78,21 @@ toc_entry_t toc_entries[] = {
.uuid = UUID_TB_FW_CONFIG,
.cmdline_name = "tb-fw-config"
},
{
.name = "SOC_FW_CONFIG",
.uuid = UUID_SOC_FW_CONFIG,
.cmdline_name = "soc-fw-config"
},
{
.name = "TOS_FW_CONFIG",
.uuid = UUID_TOS_FW_CONFIG,
.cmdline_name = "tos-fw-config"
},
{
.name = "NT_FW_CONFIG",
.uuid = UUID_NT_FW_CONFIG,
.cmdline_name = "nt-fw-config"
},
/* Key Certificates */
{
.name = "Root Of Trust key certificate",
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment