andrius
/
arm-trusted-firmware
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

rpi3: add OPTEE support 

Support for loading optee images as BL32 secure payload.

Signed-off-by: Ying-Chun Liu (PaulLiu) <paul.liu@linaro.org>
This commit is contained in:
Ying-Chun Liu (PaulLiu) 2018-06-10 02:00:27 +08:00
parent 4a581b061c
commit 7812abac86
6 changed files with 86 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
plat/rpi3/aarch64/rpi3_bl2_mem_params_desc.c
View File

@ -99,6 +99,10 @@ static bl_mem_params_node_t bl2_mem_params_descs[] = {
SET_STATIC_PARAM_HEAD(image_info, PARAM_EP, SET_STATIC_PARAM_HEAD(image_info, PARAM_EP,
VERSION_2, image_info_t, VERSION_2, image_info_t,
IMAGE_ATTRIB_SKIP_LOADING), IMAGE_ATTRIB_SKIP_LOADING),
#ifdef SPD_opteed
.image_info.image_base = RPI3_OPTEE_PAGEABLE_LOAD_BASE,
.image_info.image_max_size = RPI3_OPTEE_PAGEABLE_LOAD_SIZE,
#endif
.next_handoff_image_id = INVALID_IMAGE_ID, .next_handoff_image_id = INVALID_IMAGE_ID,
}, },
# endif /* BL32_BASE */ # endif /* BL32_BASE */

7
plat/rpi3/include/platform_def.h
View File

@ -181,6 +181,13 @@
#define BL32_DRAM_BASE SEC_DRAM0_BASE #define BL32_DRAM_BASE SEC_DRAM0_BASE
#define BL32_DRAM_LIMIT (SEC_DRAM0_BASE + SEC_DRAM0_SIZE) #define BL32_DRAM_LIMIT (SEC_DRAM0_BASE + SEC_DRAM0_SIZE)
#ifdef SPD_opteed
/* Load pageable part of OP-TEE at end of allocated DRAM space for BL32 */
#define RPI3_OPTEE_PAGEABLE_LOAD_SIZE 0x080000 /* 512KB */
#define RPI3_OPTEE_PAGEABLE_LOAD_BASE (BL32_DRAM_LIMIT - \
RPI3_OPTEE_PAGEABLE_LOAD_SIZE)
#endif
#define SEC_SRAM_ID 0 #define SEC_SRAM_ID 0
#define SEC_DRAM_ID 1 #define SEC_DRAM_ID 1

14
plat/rpi3/platform.mk
View File

@ -120,3 +120,17 @@ endif
ifeq (${ARCH},aarch32) ifeq (${ARCH},aarch32)
$(error Error: AArch32 not supported on rpi3) $(error Error: AArch32 not supported on rpi3)
endif endif
ifeq (${SPD},opteed)
BL2_SOURCES += \
lib/optee/optee_utils.c
endif
# Add the build options to pack Trusted OS Extra1 and Trusted OS Extra2 images
# in the FIP if the platform requires.
ifneq ($(BL32_EXTRA1),)
$(eval $(call TOOL_ADD_IMG,BL32_EXTRA1,--tos-fw-extra1))
endif
ifneq ($(BL32_EXTRA2),)
$(eval $(call TOOL_ADD_IMG,BL32_EXTRA2,--tos-fw-extra2))
endif

18
plat/rpi3/rpi3_bl2_setup.c
View File

@ -9,6 +9,7 @@
#include <bl_common.h> #include <bl_common.h>
#include <debug.h> #include <debug.h>
#include <desc_image_load.h> #include <desc_image_load.h>
#include <optee_utils.h>
#include <platform_def.h> #include <platform_def.h>
#include <xlat_mmu_helpers.h> #include <xlat_mmu_helpers.h>
#include <xlat_tables_defs.h> #include <xlat_tables_defs.h>
@ -67,11 +68,28 @@ int bl2_plat_handle_post_image_load(unsigned int image_id)
{ {
int err = 0; int err = 0;
bl_mem_params_node_t *bl_mem_params = get_bl_mem_params_node(image_id); bl_mem_params_node_t *bl_mem_params = get_bl_mem_params_node(image_id);
#ifdef SPD_opteed
bl_mem_params_node_t *pager_mem_params = NULL;
bl_mem_params_node_t *paged_mem_params = NULL;
#endif
assert(bl_mem_params != NULL); assert(bl_mem_params != NULL);
switch (image_id) { switch (image_id) {
case BL32_IMAGE_ID: case BL32_IMAGE_ID:
#ifdef SPD_opteed
pager_mem_params = get_bl_mem_params_node(BL32_EXTRA1_IMAGE_ID);
assert(pager_mem_params);
paged_mem_params = get_bl_mem_params_node(BL32_EXTRA2_IMAGE_ID);
assert(paged_mem_params);
err = parse_optee_header(&bl_mem_params->ep_info,
&pager_mem_params->image_info,
&paged_mem_params->image_info);
if (err != 0)
WARN("OPTEE header parse error.\n");
#endif
bl_mem_params->ep_info.spsr = rpi3_get_spsr_for_bl32_entry(); bl_mem_params->ep_info.spsr = rpi3_get_spsr_for_bl32_entry();
break; break;

20
plat/rpi3/rpi3_common.c
View File

@ -34,6 +34,13 @@
#define MAP_BL32_MEM MAP_REGION_FLAT(BL32_MEM_BASE, BL32_MEM_SIZE, \ #define MAP_BL32_MEM MAP_REGION_FLAT(BL32_MEM_BASE, BL32_MEM_SIZE, \
MT_MEMORY | MT_RW | MT_SECURE) MT_MEMORY | MT_RW | MT_SECURE)
#ifdef SPD_opteed
#define MAP_OPTEE_PAGEABLE MAP_REGION_FLAT( \
RPI3_OPTEE_PAGEABLE_LOAD_BASE, \
RPI3_OPTEE_PAGEABLE_LOAD_SIZE, \
MT_MEMORY | MT_RW | MT_SECURE)
#endif
/* /*
* Table of regions for various BL stages to map using the MMU. * Table of regions for various BL stages to map using the MMU.
*/ */
@ -42,6 +49,9 @@ static const mmap_region_t plat_rpi3_mmap[] = {
MAP_SHARED_RAM, MAP_SHARED_RAM,
MAP_DEVICE0, MAP_DEVICE0,
MAP_FIP, MAP_FIP,
#ifdef SPD_opteed
MAP_OPTEE_PAGEABLE,
#endif
{0} {0}
}; };
#endif #endif
@ -190,3 +200,13 @@ uint32_t plat_ic_get_pending_interrupt_type(void)
{ {
return INTR_TYPE_INVAL; return INTR_TYPE_INVAL;
} }
uint32_t plat_interrupt_type_to_line(uint32_t type,
uint32_t security_state)
{
/* It is not expected to receive an interrupt route to EL3.
* Hence panic() to flag error.
*/
ERROR("Interrupt not expected to be routed to EL3");
panic();
}

23
plat/rpi3/rpi3_io_storage.c
View File

@ -54,6 +54,14 @@ static const io_uuid_spec_t bl32_uuid_spec = {
.uuid = UUID_SECURE_PAYLOAD_BL32, .uuid = UUID_SECURE_PAYLOAD_BL32,
}; };
static const io_uuid_spec_t bl32_extra1_uuid_spec = {
.uuid = UUID_SECURE_PAYLOAD_BL32_EXTRA1,
};
static const io_uuid_spec_t bl32_extra2_uuid_spec = {
.uuid = UUID_SECURE_PAYLOAD_BL32_EXTRA2,
};
static const io_uuid_spec_t bl33_uuid_spec = { static const io_uuid_spec_t bl33_uuid_spec = {
.uuid = UUID_NON_TRUSTED_FIRMWARE_BL33, .uuid = UUID_NON_TRUSTED_FIRMWARE_BL33,
}; };
@ -123,6 +131,21 @@ static const struct plat_io_policy policies[] = {
(uintptr_t)&bl32_uuid_spec, (uintptr_t)&bl32_uuid_spec,
open_fip open_fip
}, },
[BL32_IMAGE_ID] = {
&fip_dev_handle,
(uintptr_t)&bl32_uuid_spec,
open_fip
},
[BL32_EXTRA1_IMAGE_ID] = {
&fip_dev_handle,
(uintptr_t)&bl32_extra1_uuid_spec,
open_fip
},
[BL32_EXTRA2_IMAGE_ID] = {
&fip_dev_handle,
(uintptr_t)&bl32_extra2_uuid_spec,
open_fip
},
[BL33_IMAGE_ID] = { [BL33_IMAGE_ID] = {
&fip_dev_handle, &fip_dev_handle,
(uintptr_t)&bl33_uuid_spec, (uintptr_t)&bl33_uuid_spec,