diff --git a/docs/user-guide.rst b/docs/user-guide.rst
index 199f91249c71f8458f0fc46e154c7ab6dc78d51f..fe86f232bb40d2f7267395fee1b01ecbd1ef4a9b 100644
--- a/docs/user-guide.rst
+++ b/docs/user-guide.rst
@@ -256,6 +256,12 @@ Common build options
BL32 image for the ``fip`` target. In this case, the BL32 in the ARM
Trusted Firmware will not be built.
+- ``BL32_EXTRA1``: This is an optional build option which specifies the path to
+ Trusted OS Extra1 image for the ``fip`` target.
+
+- ``BL32_EXTRA2``: This is an optional build option which specifies the path to
+ Trusted OS Extra2 image for the ``fip`` target.
+
- ``BL32_KEY``: This option is used when ``GENERATE_COT=1``. It specifies the
file that contains the BL32 private key in PEM format. If ``SAVE_KEYS=1``,
this file name will be used to save the key.
diff --git a/drivers/auth/tbbr/tbbr_cot.c b/drivers/auth/tbbr/tbbr_cot.c
index a9a4b37fe3df8e30c971c3387827afcc636260a6..4aaab390fb4b9643e43349719305bf765fabfe17 100644
--- a/drivers/auth/tbbr/tbbr_cot.c
+++ b/drivers/auth/tbbr/tbbr_cot.c
@@ -30,6 +30,8 @@ static unsigned char tb_fw_hash_buf[HASH_DER_LEN];
static unsigned char scp_fw_hash_buf[HASH_DER_LEN];
static unsigned char soc_fw_hash_buf[HASH_DER_LEN];
static unsigned char tos_fw_hash_buf[HASH_DER_LEN];
+static unsigned char tos_fw_extra1_hash_buf[HASH_DER_LEN];
+static unsigned char tos_fw_extra2_hash_buf[HASH_DER_LEN];
static unsigned char nt_world_bl_hash_buf[HASH_DER_LEN];
static unsigned char trusted_world_pk_buf[PK_DER_LEN];
static unsigned char non_trusted_world_pk_buf[PK_DER_LEN];
@@ -74,6 +76,10 @@ static auth_param_type_desc_t soc_fw_hash = AUTH_PARAM_TYPE_DESC(
AUTH_PARAM_HASH, SOC_AP_FW_HASH_OID);
static auth_param_type_desc_t tos_fw_hash = AUTH_PARAM_TYPE_DESC(
AUTH_PARAM_HASH, TRUSTED_OS_FW_HASH_OID);
+static auth_param_type_desc_t tos_fw_extra1_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, TRUSTED_OS_FW_EXTRA1_HASH_OID);
+static auth_param_type_desc_t tos_fw_extra2_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, TRUSTED_OS_FW_EXTRA2_HASH_OID);
static auth_param_type_desc_t nt_world_bl_hash = AUTH_PARAM_TYPE_DESC(
AUTH_PARAM_HASH, NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID);
static auth_param_type_desc_t scp_bl2u_hash = AUTH_PARAM_TYPE_DESC(
@@ -404,6 +410,20 @@ static const auth_img_desc_t cot_desc[] = {
.ptr = (void *)tos_fw_hash_buf,
.len = (unsigned int)HASH_DER_LEN
}
+ },
+ [1] = {
+ .type_desc = &tos_fw_extra1_hash,
+ .data = {
+ .ptr = (void *)tos_fw_extra1_hash_buf,
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ },
+ [2] = {
+ .type_desc = &tos_fw_extra2_hash,
+ .data = {
+ .ptr = (void *)tos_fw_extra2_hash_buf,
+ .len = (unsigned int)HASH_DER_LEN
+ }
}
}
},
@@ -421,6 +441,34 @@ static const auth_img_desc_t cot_desc[] = {
}
}
},
+ [BL32_EXTRA1_IMAGE_ID] = {
+ .img_id = BL32_EXTRA1_IMAGE_ID,
+ .img_type = IMG_RAW,
+ .parent = &cot_desc[TRUSTED_OS_FW_CONTENT_CERT_ID],
+ .img_auth_methods = {
+ [0] = {
+ .type = AUTH_METHOD_HASH,
+ .param.hash = {
+ .data = &raw_data,
+ .hash = &tos_fw_extra1_hash,
+ }
+ }
+ }
+ },
+ [BL32_EXTRA2_IMAGE_ID] = {
+ .img_id = BL32_EXTRA2_IMAGE_ID,
+ .img_type = IMG_RAW,
+ .parent = &cot_desc[TRUSTED_OS_FW_CONTENT_CERT_ID],
+ .img_auth_methods = {
+ [0] = {
+ .type = AUTH_METHOD_HASH,
+ .param.hash = {
+ .data = &raw_data,
+ .hash = &tos_fw_extra2_hash,
+ }
+ }
+ }
+ },
/*
* Non-Trusted Firmware
*/
diff --git a/include/common/tbbr/tbbr_img_def.h b/include/common/tbbr/tbbr_img_def.h
index bf03c1c75b96b5ef04c84106cf5584b4a3e98a8e..3e68b6488452e4412894b2b953046cb568bc8c37 100644
--- a/include/common/tbbr/tbbr_img_def.h
+++ b/include/common/tbbr/tbbr_img_def.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -54,4 +54,10 @@
/* Non-Trusted FWU Firmware NS_BL2U */
#define NS_BL2U_IMAGE_ID 20
+/* Secure Payload BL32_EXTRA1 (Trusted OS Extra1) */
+#define BL32_EXTRA1_IMAGE_ID 21
+
+/* Secure Payload BL32_EXTRA2 (Trusted OS Extra2) */
+#define BL32_EXTRA2_IMAGE_ID 22
+
#endif /* __TBBR_IMG_DEF_H__ */
diff --git a/include/lib/optee_utils.h b/include/lib/optee_utils.h
new file mode 100644
index 0000000000000000000000000000000000000000..3d35b190d9b9df029e31813014e33de2bd88c301
--- /dev/null
+++ b/include/lib/optee_utils.h
@@ -0,0 +1,15 @@
+/*
+ * Copyright (c) 2017, ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+#ifndef __OPTEE_UTILS_H__
+#define __OPTEE_UTILS_H__
+
+#include <bl_common.h>
+
+int parse_optee_header(entry_point_info_t *header_ep,
+ image_info_t *pager_image_info,
+ image_info_t *paged_image_info);
+
+#endif /* __OPTEE_UTILS_H__ */
diff --git a/include/plat/arm/common/arm_def.h b/include/plat/arm/common/arm_def.h
index 5dae30ec72f12914528e72fa900c029bca22cee2..55747bf4a9f2dcef153dc858d88692b7ab2d2b04 100644
--- a/include/plat/arm/common/arm_def.h
+++ b/include/plat/arm/common/arm_def.h
@@ -95,6 +95,23 @@
#define ARM_TZC_NS_DRAM_S_ACCESS TZC_REGION_S_NONE
#endif
+#ifdef SPD_opteed
+/*
+ * BL2 needs to map 3.5MB from 512KB offset in TZC_DRAM1 in order to
+ * load/authenticate the trusted os extra image. The first 512KB of TZC_DRAM1
+ * are reserved for trusted os (OPTEE). The extra image loading for OPTEE is
+ * paged image which only include the paging part using virtual memory but
+ * without "init" data. OPTEE will copy the "init" data (from pager image) to
+ * the first 512KB of TZC_DRAM, and then copy the extra image behind the "init"
+ * data.
+ */
+#define ARM_OPTEE_PAGEABLE_LOAD_BASE (ARM_AP_TZC_DRAM1_BASE + 0x80000)
+#define ARM_OPTEE_PAGEABLE_LOAD_SIZE 0x380000
+#define ARM_OPTEE_PAGEABLE_LOAD_MEM MAP_REGION_FLAT( \
+ ARM_OPTEE_PAGEABLE_LOAD_BASE, \
+ ARM_OPTEE_PAGEABLE_LOAD_SIZE, \
+ MT_MEMORY | MT_RW | MT_SECURE)
+#endif /* SPD_opteed */
#define ARM_NS_DRAM1_BASE ARM_DRAM1_BASE
#define ARM_NS_DRAM1_SIZE (ARM_DRAM1_SIZE - \
diff --git a/include/tools_share/firmware_image_package.h b/include/tools_share/firmware_image_package.h
index dcf16b48d7e27f108433b1c9f55b716ae3c07350..c39e6f02704385bb52f1e2583403d0642c765489 100644
--- a/include/tools_share/firmware_image_package.h
+++ b/include/tools_share/firmware_image_package.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2014-2015, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2014-2017, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -31,6 +31,10 @@
{0x6d08d447, 0xfe4c, 0x4698, 0x9b, 0x95, {0x29, 0x50, 0xcb, 0xbd, 0x5a, 0x00} }
#define UUID_SECURE_PAYLOAD_BL32 \
{0x89e1d005, 0xdc53, 0x4713, 0x8d, 0x2b, {0x50, 0x0a, 0x4b, 0x7a, 0x3e, 0x38} }
+#define UUID_SECURE_PAYLOAD_BL32_EXTRA1 \
+ {0x9bc2700b, 0x5a2a, 0x4078, 0x9f, 0x65, {0x0a, 0x56, 0x82, 0x73, 0x82, 0x88} }
+#define UUID_SECURE_PAYLOAD_BL32_EXTRA2 \
+ {0xb17ba88e, 0xa2cf, 0x4d3f, 0x85, 0xfd, {0xe7, 0xbb, 0xa5, 0x02, 0x20, 0xd9} }
#define UUID_NON_TRUSTED_FIRMWARE_BL33 \
{0xa7eed0d6, 0xeafc, 0x4bd5, 0x97, 0x82, {0x99, 0x34, 0xf2, 0x34, 0xb6, 0xe4} }
/* Key certificates */
diff --git a/include/tools_share/tbbr_oid.h b/include/tools_share/tbbr_oid.h
index 7a34087823aee63de1f1642f32ded43f1adc571c..e57790c6ae90a323aaf5c5cdffa21f5925717a78 100644
--- a/include/tools_share/tbbr_oid.h
+++ b/include/tools_share/tbbr_oid.h
@@ -119,6 +119,10 @@
/* TrustedOSFirmwareHash - BL32 */
#define TRUSTED_OS_FW_HASH_OID "1.3.6.1.4.1.4128.2100.1001"
+/* TrustedOSExtra1FirmwareHash - BL32 Extra1 */
+#define TRUSTED_OS_FW_EXTRA1_HASH_OID "1.3.6.1.4.1.4128.2100.1002"
+/* TrustedOSExtra2FirmwareHash - BL32 Extra2 */
+#define TRUSTED_OS_FW_EXTRA2_HASH_OID "1.3.6.1.4.1.4128.2100.1003"
/*
diff --git a/lib/optee/optee_utils.c b/lib/optee/optee_utils.c
new file mode 100644
index 0000000000000000000000000000000000000000..deb948c25cf07f5b9ced3c1bbcaaf9f011cc266d
--- /dev/null
+++ b/lib/optee/optee_utils.c
@@ -0,0 +1,217 @@
+/*
+ * Copyright (c) 2017, ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <arch_helpers.h>
+#include <assert.h>
+#include <debug.h>
+#include <desc_image_load.h>
+#include <errno.h>
+#include <optee_utils.h>
+
+/*
+ * load_addr_hi and load_addr_lo: image load address.
+ * image_id: 0 - pager, 1 - paged
+ * size: image size in bytes.
+ */
+typedef struct optee_image {
+ uint32_t load_addr_hi;
+ uint32_t load_addr_lo;
+ uint32_t image_id;
+ uint32_t size;
+} optee_image_t;
+
+#define OPTEE_PAGER_IMAGE_ID 0
+#define OPTEE_PAGED_IMAGE_ID 1
+#define OPTEE_MAX_IMAGE_NUM 2
+
+#define TEE_MAGIC_NUM_OPTEE 0x4554504f
+/*
+ * magic: header magic number.
+ * version: OPTEE header version:
+ * 1 - not supported
+ * 2 - supported
+ * arch: OPTEE os architecture type: 0 - AARCH32, 1 - AARCH64.
+ * flags: unused currently.
+ * nb_images: number of images.
+ */
+typedef struct optee_header {
+ uint32_t magic;
+ uint8_t version;
+ uint8_t arch;
+ uint16_t flags;
+ uint32_t nb_images;
+ optee_image_t optee_image[];
+} optee_header_t;
+
+/*******************************************************************************
+ * Check if it is a valid tee header
+ * Return 1 if valid
+ * Return 0 if invalid
+ ******************************************************************************/
+static inline int tee_validate_header(optee_header_t *optee_header)
+{
+ if ((optee_header->magic == TEE_MAGIC_NUM_OPTEE) &&
+ (optee_header->version == 2) &&
+ (optee_header->nb_images <= OPTEE_MAX_IMAGE_NUM)) {
+ return 1;
+ }
+
+ WARN("Not a known TEE, use default loading options.\n");
+ return 0;
+}
+
+/*******************************************************************************
+ * Parse the OPTEE image
+ * Return 0 on success or a negative error code otherwise.
+ ******************************************************************************/
+static int parse_optee_image(image_info_t *image_info,
+ optee_image_t *optee_image)
+{
+ uintptr_t init_load_addr, free_end, requested_end;
+ size_t init_size;
+
+ init_load_addr = ((uint64_t)optee_image->load_addr_hi << 32) |
+ optee_image->load_addr_lo;
+ init_size = optee_image->size;
+
+ /*
+ * -1 indicates loader decided address; take our pre-mapped area
+ * for current image since arm-tf could not allocate memory dynamically
+ */
+ if (init_load_addr == -1)
+ init_load_addr = image_info->image_base;
+
+ /* Check that the default end address doesn't overflow */
+ if (check_uptr_overflow(image_info->image_base,
+ image_info->image_max_size - 1))
+ return -1;
+ free_end = image_info->image_base + (image_info->image_max_size - 1);
+
+ /* Check that the image end address doesn't overflow */
+ if (check_uptr_overflow(init_load_addr, init_size - 1))
+ return -1;
+ requested_end = init_load_addr + (init_size - 1);
+ /*
+ * Check that the requested RAM location is within reserved
+ * space for OPTEE.
+ */
+ if (!((init_load_addr >= image_info->image_base) &&
+ (requested_end <= free_end))) {
+ WARN("The load address in optee header %p - %p is not in reserved area: %p - %p.\n",
+ (void *)init_load_addr,
+ (void *)(init_load_addr + init_size),
+ (void *)image_info->image_base,
+ (void *)(image_info->image_base +
+ image_info->image_max_size));
+ return -1;
+ }
+
+ /*
+ * Remove the skip attr from image_info, the image will be loaded.
+ * The default attr in image_info is "IMAGE_ATTRIB_SKIP_LOADING", which
+ * mean the image will not be loaded. Here, we parse the header image to
+ * know that the extra image need to be loaded, so remove the skip attr.
+ */
+ image_info->h.attr &= ~IMAGE_ATTRIB_SKIP_LOADING;
+
+ /* Update image base and size of image_info */
+ image_info->image_base = init_load_addr;
+ image_info->image_size = init_size;
+
+ return 0;
+}
+
+/*******************************************************************************
+ * Parse the OPTEE header
+ * Return 0 on success or a negative error code otherwise.
+ ******************************************************************************/
+int parse_optee_header(entry_point_info_t *header_ep,
+ image_info_t *pager_image_info,
+ image_info_t *paged_image_info)
+
+{
+ optee_header_t *optee_header;
+ int num, ret;
+
+ assert(header_ep);
+ optee_header = (optee_header_t *)header_ep->pc;
+ assert(optee_header);
+
+ /*
+ * OPTEE image has 3 types:
+ *
+ * 1. Plain OPTEE bin without header.
+ * Original bin without header, return directly,
+ * BL32_EXTRA1_IMAGE_ID and BL32_EXTRA2_IMAGE_ID will be skipped.
+ *
+ * 2. OPTEE bin with header bin, but no paging.
+ * Header available and nb_images = 1, remove skip attr for
+ * BL32_EXTRA1_IMAGE_ID. BL32_EXTRA1_IMAGE_ID will be loaded,
+ * and BL32_EXTRA2_IMAGE_ID be skipped.
+ *
+ * 3. OPTEE image with paging support.
+ * Header available and nb_images = 2, there are 3 bins: header,
+ * pager and pageable. Remove skip attr for BL32_EXTRA1_IMAGE_ID
+ * and BL32_EXTRA2_IMAGE_ID to load pager and paged bin.
+ */
+ if (!tee_validate_header(optee_header)) {
+ INFO("Invalid OPTEE header, legacy mode.\n");
+ /* Set legacy OPTEE runtime arch - aarch64 */
+ header_ep->args.arg0 = MODE_RW_64;
+ return 0;
+ }
+
+ /* Print the OPTEE header information */
+ INFO("OPTEE ep=0x%x\n", (unsigned int)header_ep->pc);
+ INFO("OPTEE header info:\n");
+ INFO(" magic=0x%x\n", optee_header->magic);
+ INFO(" version=0x%x\n", optee_header->version);
+ INFO(" arch=0x%x\n", optee_header->arch);
+ INFO(" flags=0x%x\n", optee_header->flags);
+ INFO(" nb_images=0x%x\n", optee_header->nb_images);
+
+ /* Parse OPTEE image */
+ for (num = 0; num < optee_header->nb_images; num++) {
+ if (optee_header->optee_image[num].image_id ==
+ OPTEE_PAGER_IMAGE_ID) {
+ ret = parse_optee_image(pager_image_info,
+ &optee_header->optee_image[num]);
+ } else if (optee_header->optee_image[num].image_id ==
+ OPTEE_PAGED_IMAGE_ID) {
+ ret = parse_optee_image(paged_image_info,
+ &optee_header->optee_image[num]);
+ } else {
+ ERROR("Parse optee image failed.\n");
+ return -1;
+ }
+
+ if (ret != 0)
+ return -1;
+ }
+
+ /*
+ * Update "pc" value which should comes from pager image. After the
+ * header image is parsed, it will be unuseful, and the actual
+ * execution image after BL31 is pager image.
+ */
+ header_ep->pc = pager_image_info->image_base;
+
+ /*
+ * The paged load address and size are populated in
+ * header image arguments so that can be read by the
+ * BL32 SPD.
+ */
+ header_ep->args.arg1 = paged_image_info->image_base;
+ header_ep->args.arg2 = paged_image_info->image_size;
+
+ /* Set OPTEE runtime arch - aarch32/aarch64 */
+ if (optee_header->arch == 0)
+ header_ep->args.arg0 = MODE_RW_32;
+ else
+ header_ep->args.arg0 = MODE_RW_64;
+
+ return 0;
+}
diff --git a/make_helpers/tbbr/tbbr_tools.mk b/make_helpers/tbbr/tbbr_tools.mk
index 610ccb883fd0fbfbe4ac6f7d927b73b7bcb02a54..712fa6f6138a50b2fe661889b970b3db1c54d8d3 100644
--- a/make_helpers/tbbr/tbbr_tools.mk
+++ b/make_helpers/tbbr/tbbr_tools.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -95,6 +95,12 @@ ifeq (${NEED_BL32},yes)
$(eval $(call CERT_ADD_CMD_OPT,${BUILD_PLAT}/tos_fw_key.crt,--tos-fw-key-cert))
$(eval $(call FIP_ADD_PAYLOAD,${BUILD_PLAT}/tos_fw_content.crt,--tos-fw-cert))
$(eval $(call FIP_ADD_PAYLOAD,${BUILD_PLAT}/tos_fw_key.crt,--tos-fw-key-cert))
+ifneq (${BL32_EXTRA1},)
+ $(eval $(call CERT_ADD_CMD_OPT,${BL32_EXTRA1},--tos-fw-extra1,true))
+endif
+ifneq (${BL32_EXTRA2},)
+ $(eval $(call CERT_ADD_CMD_OPT,${BL32_EXTRA2},--tos-fw-extra2,true))
+endif
endif
# Add the BL33 CoT (key cert + img cert + image)
diff --git a/plat/arm/board/common/board_css_common.c b/plat/arm/board/common/board_css_common.c
index f6a554f324199d64aa229b546cd6445735cddcf2..139a3af84231c93b33d56b74612322dadeab0190 100644
--- a/plat/arm/board/common/board_css_common.c
+++ b/plat/arm/board/common/board_css_common.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2016, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -34,6 +34,9 @@ const mmap_region_t plat_arm_mmap[] = {
SOC_CSS_MAP_DEVICE,
ARM_MAP_NS_DRAM1,
ARM_MAP_TSP_SEC_MEM,
+#ifdef SPD_opteed
+ ARM_OPTEE_PAGEABLE_LOAD_MEM,
+#endif
{0}
};
#endif
@@ -76,4 +79,3 @@ const mmap_region_t plat_arm_mmap[] = {
#endif
ARM_CASSERT_MMAP
-
diff --git a/plat/arm/board/juno/include/platform_def.h b/plat/arm/board/juno/include/platform_def.h
index 46afb71e5a80386f374e73d1e6b2a553c8921d6c..9452883e75d787276bb0b9dddded02615a287af5 100644
--- a/plat/arm/board/juno/include/platform_def.h
+++ b/plat/arm/board/juno/include/platform_def.h
@@ -67,9 +67,14 @@
#endif
#ifdef IMAGE_BL2
+#ifdef SPD_opteed
+# define PLAT_ARM_MMAP_ENTRIES 9
+# define MAX_XLAT_TABLES 4
+#else
# define PLAT_ARM_MMAP_ENTRIES 8
# define MAX_XLAT_TABLES 3
#endif
+#endif
#ifdef IMAGE_BL2U
# define PLAT_ARM_MMAP_ENTRIES 4
diff --git a/plat/arm/common/aarch64/arm_bl2_mem_params_desc.c b/plat/arm/common/aarch64/arm_bl2_mem_params_desc.c
index a60d533369981c36ab507359e89d072904042ecc..4376119ad662786356705819277e4a84957c9727 100644
--- a/plat/arm/common/aarch64/arm_bl2_mem_params_desc.c
+++ b/plat/arm/common/aarch64/arm_bl2_mem_params_desc.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2016, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2017, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -99,6 +99,43 @@ static bl_mem_params_node_t bl2_mem_params_descs[] = {
.next_handoff_image_id = BL33_IMAGE_ID,
},
+
+ /*
+ * Fill BL32 external 1 related information.
+ * A typical use for extra1 image is with OP-TEE where it is the pager image.
+ */
+ {
+ .image_id = BL32_EXTRA1_IMAGE_ID,
+
+ SET_STATIC_PARAM_HEAD(ep_info, PARAM_EP,
+ VERSION_2, entry_point_info_t, SECURE | NON_EXECUTABLE),
+
+ SET_STATIC_PARAM_HEAD(image_info, PARAM_EP,
+ VERSION_2, image_info_t, IMAGE_ATTRIB_SKIP_LOADING),
+ .image_info.image_base = BL32_BASE,
+ .image_info.image_max_size = BL32_LIMIT - BL32_BASE,
+
+ .next_handoff_image_id = INVALID_IMAGE_ID,
+ },
+
+ /*
+ * Fill BL32 external 2 related information.
+ * A typical use for extra2 image is with OP-TEE where it is the paged image.
+ */
+ {
+ .image_id = BL32_EXTRA2_IMAGE_ID,
+
+ SET_STATIC_PARAM_HEAD(ep_info, PARAM_EP,
+ VERSION_2, entry_point_info_t, SECURE | NON_EXECUTABLE),
+
+ SET_STATIC_PARAM_HEAD(image_info, PARAM_EP,
+ VERSION_2, image_info_t, IMAGE_ATTRIB_SKIP_LOADING),
+#ifdef SPD_opteed
+ .image_info.image_base = ARM_OPTEE_PAGEABLE_LOAD_BASE,
+ .image_info.image_max_size = ARM_OPTEE_PAGEABLE_LOAD_SIZE,
+#endif
+ .next_handoff_image_id = INVALID_IMAGE_ID,
+ },
# endif /* BL32_BASE */
/* Fill BL33 related information */
diff --git a/plat/arm/common/arm_bl2_setup.c b/plat/arm/common/arm_bl2_setup.c
index b7621b8539039536808794bf5bb9f1c05d020121..9182bd12843fc19b8398e7e0fe3589733f937793 100644
--- a/plat/arm/common/arm_bl2_setup.c
+++ b/plat/arm/common/arm_bl2_setup.c
@@ -11,6 +11,9 @@
#include <console.h>
#include <debug.h>
#include <desc_image_load.h>
+#ifdef SPD_opteed
+#include <optee_utils.h>
+#endif
#include <plat_arm.h>
#include <platform.h>
#include <platform_def.h>
@@ -230,11 +233,29 @@ int arm_bl2_handle_post_image_load(unsigned int image_id)
{
int err = 0;
bl_mem_params_node_t *bl_mem_params = get_bl_mem_params_node(image_id);
+#ifdef SPD_opteed
+ bl_mem_params_node_t *pager_mem_params = NULL;
+ bl_mem_params_node_t *paged_mem_params = NULL;
+#endif
assert(bl_mem_params);
switch (image_id) {
#ifdef AARCH64
case BL32_IMAGE_ID:
+#ifdef SPD_opteed
+ pager_mem_params = get_bl_mem_params_node(BL32_EXTRA1_IMAGE_ID);
+ assert(pager_mem_params);
+
+ paged_mem_params = get_bl_mem_params_node(BL32_EXTRA2_IMAGE_ID);
+ assert(paged_mem_params);
+
+ err = parse_optee_header(&bl_mem_params->ep_info,
+ &pager_mem_params->image_info,
+ &paged_mem_params->image_info);
+ if (err != 0) {
+ WARN("OPTEE header parse error.\n");
+ }
+#endif
bl_mem_params->ep_info.spsr = arm_get_spsr_for_bl32_entry();
break;
#endif
diff --git a/plat/arm/common/arm_common.mk b/plat/arm/common/arm_common.mk
index e0b7af409752f608d96351533f4d62ea90499fb7..20372c2036304fbeea89f4cabfeb586d8b4578e7 100644
--- a/plat/arm/common/arm_common.mk
+++ b/plat/arm/common/arm_common.mk
@@ -80,6 +80,15 @@ $(eval $(call add_define,ARM_XLAT_TABLES_LIB_V1))
# speed.
$(eval $(call add_define,MBEDTLS_SHA256_SMALLER))
+# Add the build options to pack Trusted OS Extra1 and Trusted OS Extra2 images
+# in the FIP if the platform requires.
+ifneq ($(BL32_EXTRA1),)
+$(eval $(call FIP_ADD_IMG,BL32_EXTRA1,--tos-fw-extra1))
+endif
+ifneq ($(BL32_EXTRA2),)
+$(eval $(call FIP_ADD_IMG,BL32_EXTRA2,--tos-fw-extra2))
+endif
+
# Enable PSCI_STAT_COUNT/RESIDENCY APIs on ARM platforms
ENABLE_PSCI_STAT := 1
ENABLE_PMF := 1
@@ -145,6 +154,9 @@ BL2_SOURCES += plat/arm/common/${ARCH}/arm_bl2_mem_params_desc.c
endif
BL2_SOURCES += plat/arm/common/arm_image_load.c \
common/desc_image_load.c
+ifeq (${SPD},opteed)
+BL2_SOURCES += lib/optee/optee_utils.c
+endif
endif
BL2U_SOURCES += plat/arm/common/arm_bl2u_setup.c
diff --git a/plat/arm/common/arm_io_storage.c b/plat/arm/common/arm_io_storage.c
index 74e68245240ab3050f38fdace41c62896b5a3fc3..794ef61927fca876e910792ec2195fd0ba57bb84 100644
--- a/plat/arm/common/arm_io_storage.c
+++ b/plat/arm/common/arm_io_storage.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2016, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -41,6 +41,14 @@ static const io_uuid_spec_t bl32_uuid_spec = {
.uuid = UUID_SECURE_PAYLOAD_BL32,
};
+static const io_uuid_spec_t bl32_extra1_uuid_spec = {
+ .uuid = UUID_SECURE_PAYLOAD_BL32_EXTRA1,
+};
+
+static const io_uuid_spec_t bl32_extra2_uuid_spec = {
+ .uuid = UUID_SECURE_PAYLOAD_BL32_EXTRA2,
+};
+
static const io_uuid_spec_t bl33_uuid_spec = {
.uuid = UUID_NON_TRUSTED_FIRMWARE_BL33,
};
@@ -124,6 +132,16 @@ static const struct plat_io_policy policies[] = {
(uintptr_t)&bl32_uuid_spec,
open_fip
},
+ [BL32_EXTRA1_IMAGE_ID] = {
+ &fip_dev_handle,
+ (uintptr_t)&bl32_extra1_uuid_spec,
+ open_fip
+ },
+ [BL32_EXTRA2_IMAGE_ID] = {
+ &fip_dev_handle,
+ (uintptr_t)&bl32_extra2_uuid_spec,
+ open_fip
+ },
[BL33_IMAGE_ID] = {
&fip_dev_handle,
(uintptr_t)&bl33_uuid_spec,
diff --git a/services/spd/opteed/opteed_common.c b/services/spd/opteed/opteed_common.c
index de9e8097fc1e85a435a00d9699e78489189ea3bb..a0cd86cb397b7ff3dfca973393b62f622efe9cc7 100644
--- a/services/spd/opteed/opteed_common.c
+++ b/services/spd/opteed/opteed_common.c
@@ -19,6 +19,7 @@
******************************************************************************/
void opteed_init_optee_ep_state(struct entry_point_info *optee_entry_point,
uint32_t rw, uint64_t pc,
+ uint64_t pageable_part, uint64_t mem_limit,
optee_context_t *optee_ctx)
{
uint32_t ep_attr;
@@ -51,6 +52,8 @@ void opteed_init_optee_ep_state(struct entry_point_info *optee_entry_point,
DAIF_IRQ_BIT |
DAIF_ABT_BIT);
zeromem(&optee_entry_point->args, sizeof(optee_entry_point->args));
+ optee_entry_point->args.arg0 = pageable_part;
+ optee_entry_point->args.arg1 = mem_limit;
}
/*******************************************************************************
diff --git a/services/spd/opteed/opteed_main.c b/services/spd/opteed/opteed_main.c
index e2a20352a76b6c19a8ebf6f04319e3c2bb35171b..b3031e4020caf2d455f09bc28ec974e5a6ca1aa7 100644
--- a/services/spd/opteed/opteed_main.c
+++ b/services/spd/opteed/opteed_main.c
@@ -42,8 +42,6 @@ optee_vectors_t *optee_vectors;
optee_context_t opteed_sp_context[OPTEED_CORE_COUNT];
uint32_t opteed_rw;
-
-
static int32_t opteed_init(void);
/*******************************************************************************
@@ -96,6 +94,8 @@ int32_t opteed_setup(void)
{
entry_point_info_t *optee_ep_info;
uint32_t linear_id;
+ uint64_t opteed_pageable_part;
+ uint64_t opteed_mem_limit;
linear_id = plat_my_core_pos();
@@ -122,13 +122,17 @@ int32_t opteed_setup(void)
/*
* We could inspect the SP image and determine it's execution
- * state i.e whether AArch32 or AArch64. Assuming it's AArch32
- * for the time being.
+ * state i.e whether AArch32 or AArch64.
*/
- opteed_rw = OPTEE_AARCH64;
+ opteed_rw = optee_ep_info->args.arg0;
+ opteed_pageable_part = optee_ep_info->args.arg1;
+ opteed_mem_limit = optee_ep_info->args.arg2;
+
opteed_init_optee_ep_state(optee_ep_info,
opteed_rw,
optee_ep_info->pc,
+ opteed_pageable_part,
+ opteed_mem_limit,
&opteed_sp_context[linear_id]);
/*
diff --git a/services/spd/opteed/opteed_pm.c b/services/spd/opteed/opteed_pm.c
index 26c7b2e83c3438ed7e388403c4641f228d724b95..5a1dd4fd6263f2a4bdaa0b5dcf6236223e71c15b 100644
--- a/services/spd/opteed/opteed_pm.c
+++ b/services/spd/opteed/opteed_pm.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2015, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2017, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -99,7 +99,7 @@ static void opteed_cpu_on_finish_handler(uint64_t unused)
opteed_init_optee_ep_state(&optee_on_entrypoint, opteed_rw,
(uint64_t)&optee_vectors->cpu_on_entry,
- optee_ctx);
+ 0, 0, optee_ctx);
/* Initialise this cpu's secure context */
cm_init_my_context(&optee_on_entrypoint);
@@ -216,4 +216,3 @@ const spd_pm_ops_t opteed_pm = {
.svc_system_off = opteed_system_off,
.svc_system_reset = opteed_system_reset,
};
-
diff --git a/services/spd/opteed/opteed_private.h b/services/spd/opteed/opteed_private.h
index 70cc9250cafa02bd22773a2ec6d9b555977dfa32..11c1a1fa1aa0d45926f695966e2ce57c6e332042 100644
--- a/services/spd/opteed/opteed_private.h
+++ b/services/spd/opteed/opteed_private.h
@@ -147,6 +147,8 @@ void __dead2 opteed_synchronous_sp_exit(optee_context_t *optee_ctx, uint64_t ret
void opteed_init_optee_ep_state(struct entry_point_info *optee_ep,
uint32_t rw,
uint64_t pc,
+ uint64_t pageable_part,
+ uint64_t mem_limit,
optee_context_t *optee_ctx);
extern optee_context_t opteed_sp_context[OPTEED_CORE_COUNT];
diff --git a/tools/cert_create/include/tbbr/tbb_ext.h b/tools/cert_create/include/tbbr/tbb_ext.h
index 72d338540c779780524bef9429481b15da9a496e..85ad3595e0916ace1fe2248007f195b571b6fd41 100644
--- a/tools/cert_create/include/tbbr/tbb_ext.h
+++ b/tools/cert_create/include/tbbr/tbb_ext.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -21,6 +21,8 @@ enum {
SOC_AP_FW_HASH_EXT,
TRUSTED_OS_FW_CONTENT_CERT_PK_EXT,
TRUSTED_OS_FW_HASH_EXT,
+ TRUSTED_OS_FW_EXTRA1_HASH_EXT,
+ TRUSTED_OS_FW_EXTRA2_HASH_EXT,
NON_TRUSTED_FW_CONTENT_CERT_PK_EXT,
NON_TRUSTED_WORLD_BOOTLOADER_HASH_EXT,
SCP_FWU_CFG_HASH_EXT,
diff --git a/tools/cert_create/src/tbbr/tbb_cert.c b/tools/cert_create/src/tbbr/tbb_cert.c
index 376096b644368a0f767868309cac0c7ce905482b..c815178cf04f7f5c5b59a5ba4e3fda57dc8048ed 100644
--- a/tools/cert_create/src/tbbr/tbb_cert.c
+++ b/tools/cert_create/src/tbbr/tbb_cert.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -125,9 +125,11 @@ static cert_t tbb_certs[] = {
.issuer = TRUSTED_OS_FW_CONTENT_CERT,
.ext = {
TRUSTED_FW_NVCOUNTER_EXT,
- TRUSTED_OS_FW_HASH_EXT
+ TRUSTED_OS_FW_HASH_EXT,
+ TRUSTED_OS_FW_EXTRA1_HASH_EXT,
+ TRUSTED_OS_FW_EXTRA2_HASH_EXT
},
- .num_ext = 2
+ .num_ext = 4
},
[NON_TRUSTED_FW_KEY_CERT] = {
.id = NON_TRUSTED_FW_KEY_CERT,
diff --git a/tools/cert_create/src/tbbr/tbb_ext.c b/tools/cert_create/src/tbbr/tbb_ext.c
index d9a8ea265394f0bfc6fe821db7fdd1eff5aee96c..504b0fc0a5f67f8fb0a156bc17498b0b79a59639 100644
--- a/tools/cert_create/src/tbbr/tbb_ext.c
+++ b/tools/cert_create/src/tbbr/tbb_ext.c
@@ -120,6 +120,26 @@ static ext_t tbb_ext[] = {
.asn1_type = V_ASN1_OCTET_STRING,
.type = EXT_TYPE_HASH
},
+ [TRUSTED_OS_FW_EXTRA1_HASH_EXT] = {
+ .oid = TRUSTED_OS_FW_EXTRA1_HASH_OID,
+ .opt = "tos-fw-extra1",
+ .help_msg = "Trusted OS Extra1 image file",
+ .sn = "TrustedOSExtra1Hash",
+ .ln = "Trusted OS Extra1 hash (SHA256)",
+ .asn1_type = V_ASN1_OCTET_STRING,
+ .type = EXT_TYPE_HASH,
+ .optional = 1
+ },
+ [TRUSTED_OS_FW_EXTRA2_HASH_EXT] = {
+ .oid = TRUSTED_OS_FW_EXTRA2_HASH_OID,
+ .opt = "tos-fw-extra2",
+ .help_msg = "Trusted OS Extra2 image file",
+ .sn = "TrustedOSExtra2Hash",
+ .ln = "Trusted OS Extra2 hash (SHA256)",
+ .asn1_type = V_ASN1_OCTET_STRING,
+ .type = EXT_TYPE_HASH,
+ .optional = 1
+ },
[NON_TRUSTED_FW_CONTENT_CERT_PK_EXT] = {
.oid = NON_TRUSTED_FW_CONTENT_CERT_PK_OID,
.sn = "NonTrustedFirmwareContentCertPK",
diff --git a/tools/fiptool/fip_create.sh b/tools/fiptool/fip_create.sh
index f1e1f451906e994fe72e9e80dae97b643be77b71..0e80199f31948920fda75c22082242318aeb627f 100644
--- a/tools/fiptool/fip_create.sh
+++ b/tools/fiptool/fip_create.sh
@@ -28,6 +28,8 @@ Components that can be added/updated:
--scp-fw FILENAME SCP Firmware SCP_BL2
--soc-fw FILENAME EL3 Runtime Firmware BL31
--tos-fw FILENAME Secure Payload BL32 (Trusted OS)
+ --tos-fw-extra1 FILENAME Secure Payload BL32 Extra1 (Trusted OS Extra1)
+ --tos-fw-extra2 FILENAME Secure Payload BL32 Extra2 (Trusted OS Extra2)
--nt-fw FILENAME Non-Trusted Firmware BL33
--rot-cert FILENAME Root Of Trust key certificate
--trusted-key-cert FILENAME Trusted key certificate
@@ -69,6 +71,8 @@ while :; do
--scp-fw | \
--soc-fw | \
--tos-fw | \
+ --tos-fw-extra1 | \
+ --tos-fw-extra2 | \
--nt-fw | \
--rot-cert | \
--trusted-key-cert | \
diff --git a/tools/fiptool/tbbr_config.c b/tools/fiptool/tbbr_config.c
index 7c6c24be4ff179c7b4cbfb5ebbcb23823ae3de8d..827cab2800e1535481d5eca622008e21a3c77048 100644
--- a/tools/fiptool/tbbr_config.c
+++ b/tools/fiptool/tbbr_config.c
@@ -52,6 +52,16 @@ toc_entry_t toc_entries[] = {
.uuid = UUID_SECURE_PAYLOAD_BL32,
.cmdline_name = "tos-fw"
},
+ {
+ .name = "Secure Payload BL32 Extra1 (Trusted OS Extra1)",
+ .uuid = UUID_SECURE_PAYLOAD_BL32_EXTRA1,
+ .cmdline_name = "tos-fw-extra1"
+ },
+ {
+ .name = "Secure Payload BL32 Extra2 (Trusted OS Extra2)",
+ .uuid = UUID_SECURE_PAYLOAD_BL32_EXTRA2,
+ .cmdline_name = "tos-fw-extra2"
+ },
{
.name = "Non-Trusted Firmware BL33",
.uuid = UUID_NON_TRUSTED_FIRMWARE_BL33,