lib/optee/optee_utils.c

*54fd6939SJiyong Park/*
*54fd6939SJiyong Park * Copyright (c) 2017-2021, ARM Limited and Contributors. All rights reserved.
*54fd6939SJiyong Park *
*54fd6939SJiyong Park * SPDX-License-Identifier: BSD-3-Clause
*54fd6939SJiyong Park */
*54fd6939SJiyong Park
*54fd6939SJiyong Park#include <assert.h>
*54fd6939SJiyong Park
*54fd6939SJiyong Park#include <common/debug.h>
*54fd6939SJiyong Park#include <lib/optee_utils.h>
*54fd6939SJiyong Park
*54fd6939SJiyong Park/*
*54fd6939SJiyong Park * load_addr_hi and load_addr_lo: image load address.
*54fd6939SJiyong Park * image_id: 0 - pager, 1 - paged
*54fd6939SJiyong Park * size: image size in bytes.
*54fd6939SJiyong Park */
*54fd6939SJiyong Parktypedef struct optee_image {
*54fd6939SJiyong Park	uint32_t load_addr_hi;
*54fd6939SJiyong Park	uint32_t load_addr_lo;
*54fd6939SJiyong Park	uint32_t image_id;
*54fd6939SJiyong Park	uint32_t size;
*54fd6939SJiyong Park} optee_image_t;
*54fd6939SJiyong Park
*54fd6939SJiyong Park#define OPTEE_PAGER_IMAGE_ID		0
*54fd6939SJiyong Park#define OPTEE_PAGED_IMAGE_ID		1
*54fd6939SJiyong Park
*54fd6939SJiyong Park#define OPTEE_MAX_NUM_IMAGES		2u
*54fd6939SJiyong Park
*54fd6939SJiyong Park#define TEE_MAGIC_NUM_OPTEE		0x4554504f
*54fd6939SJiyong Park/*
*54fd6939SJiyong Park * magic: header magic number.
*54fd6939SJiyong Park * version: OPTEE header version:
*54fd6939SJiyong Park *		1 - not supported
*54fd6939SJiyong Park *		2 - supported
*54fd6939SJiyong Park * arch: OPTEE os architecture type: 0 - AARCH32, 1 - AARCH64.
*54fd6939SJiyong Park * flags: unused currently.
*54fd6939SJiyong Park * nb_images: number of images.
*54fd6939SJiyong Park */
*54fd6939SJiyong Parktypedef struct optee_header {
*54fd6939SJiyong Park	uint32_t magic;
*54fd6939SJiyong Park	uint8_t version;
*54fd6939SJiyong Park	uint8_t arch;
*54fd6939SJiyong Park	uint16_t flags;
*54fd6939SJiyong Park	uint32_t nb_images;
*54fd6939SJiyong Park	optee_image_t optee_image_list[];
*54fd6939SJiyong Park} optee_header_t;
*54fd6939SJiyong Park
*54fd6939SJiyong Park/*******************************************************************************
*54fd6939SJiyong Park * Check if it is a valid tee header
*54fd6939SJiyong Park * Return true if valid
*54fd6939SJiyong Park * Return false if invalid
*54fd6939SJiyong Park ******************************************************************************/
*54fd6939SJiyong Parkstatic bool tee_validate_header(optee_header_t *header)
*54fd6939SJiyong Park{
*54fd6939SJiyong Park	if ((header->magic == TEE_MAGIC_NUM_OPTEE) &&
*54fd6939SJiyong Park		(header->version == 2u) &&
*54fd6939SJiyong Park		(header->nb_images > 0u) &&
*54fd6939SJiyong Park		(header->nb_images <= OPTEE_MAX_NUM_IMAGES)) {
*54fd6939SJiyong Park		return true;
*54fd6939SJiyong Park	}
*54fd6939SJiyong Park
*54fd6939SJiyong Park	return false;
*54fd6939SJiyong Park}
*54fd6939SJiyong Park
*54fd6939SJiyong Parkbool optee_header_is_valid(uintptr_t header_base)
*54fd6939SJiyong Park{
*54fd6939SJiyong Park	return tee_validate_header((optee_header_t *)header_base);
*54fd6939SJiyong Park}
*54fd6939SJiyong Park
*54fd6939SJiyong Park/*******************************************************************************
*54fd6939SJiyong Park * Parse the OPTEE image
*54fd6939SJiyong Park * Return 0 on success or a negative error code otherwise.
*54fd6939SJiyong Park ******************************************************************************/
*54fd6939SJiyong Parkstatic int parse_optee_image(image_info_t *image_info,
*54fd6939SJiyong Park		optee_image_t *image)
*54fd6939SJiyong Park{
*54fd6939SJiyong Park	uintptr_t init_load_addr, free_end, requested_end;
*54fd6939SJiyong Park	size_t init_size;
*54fd6939SJiyong Park
*54fd6939SJiyong Park	init_load_addr = ((uint64_t)image->load_addr_hi << 32) |
*54fd6939SJiyong Park					image->load_addr_lo;
*54fd6939SJiyong Park	init_size = image->size;
*54fd6939SJiyong Park
*54fd6939SJiyong Park	/*
*54fd6939SJiyong Park	 * image->load_addr_hi & image->load_addr_lo set to UINT32_MAX indicate
*54fd6939SJiyong Park	 * loader decided address; take our pre-mapped area for current image
*54fd6939SJiyong Park	 * since arm-tf could not allocate memory dynamically
*54fd6939SJiyong Park	 */
*54fd6939SJiyong Park	if ((image->load_addr_hi == UINT32_MAX) &&
*54fd6939SJiyong Park	    (image->load_addr_lo == UINT32_MAX)) {
*54fd6939SJiyong Park		init_load_addr = image_info->image_base;
*54fd6939SJiyong Park	}
*54fd6939SJiyong Park
*54fd6939SJiyong Park	/* Check that the default end address doesn't overflow */
*54fd6939SJiyong Park	if (check_uptr_overflow(image_info->image_base,
*54fd6939SJiyong Park				image_info->image_max_size - 1))
*54fd6939SJiyong Park		return -1;
*54fd6939SJiyong Park	free_end = image_info->image_base + (image_info->image_max_size - 1);
*54fd6939SJiyong Park
*54fd6939SJiyong Park	/* Check that the image end address doesn't overflow */
*54fd6939SJiyong Park	if (check_uptr_overflow(init_load_addr, init_size - 1))
*54fd6939SJiyong Park		return -1;
*54fd6939SJiyong Park	requested_end = init_load_addr + (init_size - 1);
*54fd6939SJiyong Park	/*
*54fd6939SJiyong Park	 * Check that the requested RAM location is within reserved
*54fd6939SJiyong Park	 * space for OPTEE.
*54fd6939SJiyong Park	 */
*54fd6939SJiyong Park	if (!((init_load_addr >= image_info->image_base) &&
*54fd6939SJiyong Park			(requested_end <= free_end))) {
*54fd6939SJiyong Park		WARN("The load address in optee header %p - %p is not in reserved area: %p - %p.\n",
*54fd6939SJiyong Park				(void *)init_load_addr,
*54fd6939SJiyong Park				(void *)(init_load_addr + init_size),
*54fd6939SJiyong Park				(void *)image_info->image_base,
*54fd6939SJiyong Park				(void *)(image_info->image_base +
*54fd6939SJiyong Park					image_info->image_max_size));
*54fd6939SJiyong Park		return -1;
*54fd6939SJiyong Park	}
*54fd6939SJiyong Park
*54fd6939SJiyong Park	/*
*54fd6939SJiyong Park	 * Remove the skip attr from image_info, the image will be loaded.
*54fd6939SJiyong Park	 * The default attr in image_info is "IMAGE_ATTRIB_SKIP_LOADING", which
*54fd6939SJiyong Park	 * mean the image will not be loaded. Here, we parse the header image to
*54fd6939SJiyong Park	 * know that the extra image need to be loaded, so remove the skip attr.
*54fd6939SJiyong Park	 */
*54fd6939SJiyong Park	image_info->h.attr &= ~IMAGE_ATTRIB_SKIP_LOADING;
*54fd6939SJiyong Park
*54fd6939SJiyong Park	/* Update image base and size of image_info */
*54fd6939SJiyong Park	image_info->image_base = init_load_addr;
*54fd6939SJiyong Park	image_info->image_size = init_size;
*54fd6939SJiyong Park
*54fd6939SJiyong Park	return 0;
*54fd6939SJiyong Park}
*54fd6939SJiyong Park
*54fd6939SJiyong Park/*******************************************************************************
*54fd6939SJiyong Park * Parse the OPTEE header
*54fd6939SJiyong Park * Return 0 on success or a negative error code otherwise.
*54fd6939SJiyong Park ******************************************************************************/
*54fd6939SJiyong Parkint parse_optee_header(entry_point_info_t *header_ep,
*54fd6939SJiyong Park		image_info_t *pager_image_info,
*54fd6939SJiyong Park		image_info_t *paged_image_info)
*54fd6939SJiyong Park
*54fd6939SJiyong Park{
*54fd6939SJiyong Park	optee_header_t *header;
*54fd6939SJiyong Park	uint32_t num;
*54fd6939SJiyong Park	int ret;
*54fd6939SJiyong Park
*54fd6939SJiyong Park	assert(header_ep);
*54fd6939SJiyong Park	header = (optee_header_t *)header_ep->pc;
*54fd6939SJiyong Park	assert(header);
*54fd6939SJiyong Park
*54fd6939SJiyong Park	/* Print the OPTEE header information */
*54fd6939SJiyong Park	INFO("OPTEE ep=0x%x\n", (unsigned int)header_ep->pc);
*54fd6939SJiyong Park	INFO("OPTEE header info:\n");
*54fd6939SJiyong Park	INFO("      magic=0x%x\n", header->magic);
*54fd6939SJiyong Park	INFO("      version=0x%x\n", header->version);
*54fd6939SJiyong Park	INFO("      arch=0x%x\n", header->arch);
*54fd6939SJiyong Park	INFO("      flags=0x%x\n", header->flags);
*54fd6939SJiyong Park	INFO("      nb_images=0x%x\n", header->nb_images);
*54fd6939SJiyong Park
*54fd6939SJiyong Park	/*
*54fd6939SJiyong Park	 * OPTEE image has 3 types:
*54fd6939SJiyong Park	 *
*54fd6939SJiyong Park	 * 1. Plain OPTEE bin without header.
*54fd6939SJiyong Park	 *	Original bin without header, return directly,
*54fd6939SJiyong Park	 *	BL32_EXTRA1_IMAGE_ID and BL32_EXTRA2_IMAGE_ID will be skipped.
*54fd6939SJiyong Park	 *
*54fd6939SJiyong Park	 * 2. OPTEE bin with header bin, but no paging.
*54fd6939SJiyong Park	 *	Header available and nb_images = 1, remove skip attr for
*54fd6939SJiyong Park	 *	BL32_EXTRA1_IMAGE_ID. BL32_EXTRA1_IMAGE_ID will be loaded,
*54fd6939SJiyong Park	 *	and BL32_EXTRA2_IMAGE_ID be skipped.
*54fd6939SJiyong Park	 *
*54fd6939SJiyong Park	 * 3. OPTEE image with paging support.
*54fd6939SJiyong Park	 *	Header available and nb_images = 2, there are 3 bins: header,
*54fd6939SJiyong Park	 *	pager and pageable. Remove skip attr for BL32_EXTRA1_IMAGE_ID
*54fd6939SJiyong Park	 *	and BL32_EXTRA2_IMAGE_ID to load pager and paged bin.
*54fd6939SJiyong Park	 */
*54fd6939SJiyong Park	if (!tee_validate_header(header)) {
*54fd6939SJiyong Park		INFO("Invalid OPTEE header, set legacy mode.\n");
*54fd6939SJiyong Park#ifdef __aarch64__
*54fd6939SJiyong Park		header_ep->args.arg0 = MODE_RW_64;
*54fd6939SJiyong Park#else
*54fd6939SJiyong Park		header_ep->args.arg0 = MODE_RW_32;
*54fd6939SJiyong Park#endif
*54fd6939SJiyong Park		return 0;
*54fd6939SJiyong Park	}
*54fd6939SJiyong Park
*54fd6939SJiyong Park	/* Parse OPTEE image */
*54fd6939SJiyong Park	for (num = 0U; num < header->nb_images; num++) {
*54fd6939SJiyong Park		if (header->optee_image_list[num].image_id ==
*54fd6939SJiyong Park				OPTEE_PAGER_IMAGE_ID) {
*54fd6939SJiyong Park			ret = parse_optee_image(pager_image_info,
*54fd6939SJiyong Park				&header->optee_image_list[num]);
*54fd6939SJiyong Park		} else if (header->optee_image_list[num].image_id ==
*54fd6939SJiyong Park				OPTEE_PAGED_IMAGE_ID) {
*54fd6939SJiyong Park			ret = parse_optee_image(paged_image_info,
*54fd6939SJiyong Park				&header->optee_image_list[num]);
*54fd6939SJiyong Park		} else {
*54fd6939SJiyong Park			ERROR("Parse optee image failed.\n");
*54fd6939SJiyong Park			return -1;
*54fd6939SJiyong Park		}
*54fd6939SJiyong Park
*54fd6939SJiyong Park		if (ret != 0)
*54fd6939SJiyong Park			return -1;
*54fd6939SJiyong Park	}
*54fd6939SJiyong Park
*54fd6939SJiyong Park	/*
*54fd6939SJiyong Park	 * Update "pc" value which should comes from pager image. After the
*54fd6939SJiyong Park	 * header image is parsed, it will be unuseful, and the actual
*54fd6939SJiyong Park	 * execution image after BL31 is pager image.
*54fd6939SJiyong Park	 */
*54fd6939SJiyong Park	header_ep->pc =	pager_image_info->image_base;
*54fd6939SJiyong Park
*54fd6939SJiyong Park	/*
*54fd6939SJiyong Park	 * The paged load address and size are populated in
*54fd6939SJiyong Park	 * header image arguments so that can be read by the
*54fd6939SJiyong Park	 * BL32 SPD.
*54fd6939SJiyong Park	 */
*54fd6939SJiyong Park	header_ep->args.arg1 = paged_image_info->image_base;
*54fd6939SJiyong Park	header_ep->args.arg2 = paged_image_info->image_size;
*54fd6939SJiyong Park
*54fd6939SJiyong Park	/* Set OPTEE runtime arch - aarch32/aarch64 */
*54fd6939SJiyong Park	if (header->arch == 0) {
*54fd6939SJiyong Park		header_ep->args.arg0 = MODE_RW_32;
*54fd6939SJiyong Park	} else {
*54fd6939SJiyong Park#ifdef __aarch64__
*54fd6939SJiyong Park		header_ep->args.arg0 = MODE_RW_64;
*54fd6939SJiyong Park#else
*54fd6939SJiyong Park		ERROR("Cannot boot an AArch64 OP-TEE\n");
*54fd6939SJiyong Park		return -1;
*54fd6939SJiyong Park#endif
*54fd6939SJiyong Park	}
*54fd6939SJiyong Park
*54fd6939SJiyong Park	return 0;
*54fd6939SJiyong Park}