sravan/system76-coreboot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

arm64: Add support for using ARM Trusted Firmware as secure monitor

Browse Source 
This patch adds support for integrating the runtime-resident component
of ARM Trusted Firmware (github.com/ARM-software/arm-trusted-firmware)
called BL31. It expects the ARM TF source tree to be checked out under
$(top)/3rdparty/arm-trusted-firmware, which will be set up in a later
patch.

Also include optional support for VBOOT2 verification (pretty hacky for
now, since CBFSv1 is just around the corner and will make all this so
much better).

BRANCH=None
BUG=None
TEST=Booted Oak with ARM TF and working PSCI (with additional platform
patches).

Change-Id: I8c923226135bdf88a9a30a7f5ff163510c35608d
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Original-Commit-Id: a1b3b2d56b25bfc1f3b2d19bf7876205075a987a
Original-Change-Id: I0714cc10b5b10779af53ecbe711ceeb89fb30da2
Original-Signed-off-by: Julius Werner <jwerner@chromium.org>
Original-Reviewed-on: https://chromium-review.googlesource.com/270784
Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/10249
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
This commit is contained in:
Julius Werner
2015-05-11 16:45:56 -07:00
committed by Patrick Georgi
parent bbca3a9cfa
commit 745a75faac
6 changed files with 295 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/arch/arm64/Kconfig
View File

@@ -33,8 +33,14 @@ config ARM64_USE_SECURE_MONITOR
default n default n
select RELOCATABLE_MODULES select RELOCATABLE_MODULES
depends on ARCH_RAMSTAGE_ARM64 depends on ARCH_RAMSTAGE_ARM64
depends on !ARM64_USE_ARM_TRUSTED_FIRMWARE
config ARM64_USE_SPINTABLE config ARM64_USE_SPINTABLE
bool bool
default n default n
depends on ARCH_RAMSTAGE_ARM64 depends on ARCH_RAMSTAGE_ARM64
config ARM64_USE_ARM_TRUSTED_FIRMWARE
bool
default n
depends on ARCH_RAMSTAGE_ARM64

43
src/arch/arm64/Makefile.inc
View File

@@ -154,6 +154,7 @@ ramstage-y += ../../lib/memmove.c
ramstage-y += stage_entry.S ramstage-y += stage_entry.S
ramstage-y += cpu-stubs.c ramstage-y += cpu-stubs.c
ramstage-$(CONFIG_ARM64_USE_SPINTABLE) += spintable.c spintable_asm.S ramstage-$(CONFIG_ARM64_USE_SPINTABLE) += spintable.c spintable_asm.S
ramstage-$(CONFIG_ARM64_USE_ARM_TRUSTED_FIRMWARE) += arm_tf.c
ramstage-y += transition.c transition_asm.S ramstage-y += transition.c transition_asm.S
rmodules_arm64-y += ../../lib/memset.c rmodules_arm64-y += ../../lib/memset.c
@@ -179,4 +180,46 @@ $(objcbfs)/ramstage.debug: $$(ramstage-objs)
@printf " CC $(subst $(obj)/,,$(@))\n" @printf " CC $(subst $(obj)/,,$(@))\n"
$(LD_ramstage) -nostdlib --gc-sections -o $@ -L$(obj) --start-group $(filter-out %.ld,$(ramstage-objs)) --end-group -T $(obj)/mainboard/$(MAINBOARDDIR)/memlayout.ramstage.ld $(LD_ramstage) -nostdlib --gc-sections -o $@ -L$(obj) --start-group $(filter-out %.ld,$(ramstage-objs)) --end-group -T $(obj)/mainboard/$(MAINBOARDDIR)/memlayout.ramstage.ld
# Build ARM Trusted Firmware (BL31)
ifeq ($(CONFIG_ARM64_USE_ARM_TRUSTED_FIRMWARE),y)
BL31_SOURCE := $(top)/3rdparty/arm-trusted-firmware
BL31_MAKEARGS := PLAT=$(call strip_quotes,$(CONFIG_ARM_TF_PLATFORM_NAME))
ifeq ($(V),1)
BL31_MAKEARGS += V=1
endif
# Build ARM TF in debug mode (with serial output) if coreboot uses serial
ifeq ($(CONFIG_CONSOLE_SERIAL),y)
BL31_MAKEARGS += DEBUG=1
endif # CONFIG_CONSOLE_SERIAL
# Avoid build/release|build/debug distinction by overriding BUILD_PLAT directly
BL31_MAKEARGS += BUILD_PLAT="$(top)/$(obj)/3rdparty/arm-trusted-firmware"
BL31_CFLAGS := -fno-pic -fno-stack-protector
BL31_LDFLAGS := --emit-relocs
BL31 := $(obj)/3rdparty/arm-trusted-firmware/bl31/bl31.elf
$(BL31):
@printf " MAKE $(subst $(obj)/,,$(@))\n"
CROSS_COMPILE="$(CROSS_COMPILE)" \
CFLAGS="$(BL31_CFLAGS)" \
LDFLAGS="$(BL31_LDFLAGS)" \
$(MAKE) -C $(BL31_SOURCE) $(BL31_MAKEARGS) bl31
.PHONY: $(BL31)
BL31_CBFS := $(call strip_quotes,$(CONFIG_CBFS_PREFIX))/bl31
$(BL31_CBFS)-file := $(BL31)
$(BL31_CBFS)-type := stage
$(BL31_CBFS)-compression := $(CBFS_COMPRESS_FLAG)
cbfs-files-y += $(BL31_CBFS)
endif # CONFIG_ARM64_USE_ARM_TRUSTED_FIRMWARE
endif # CONFIG_ARCH_RAMSTAGE_ARM64 endif # CONFIG_ARCH_RAMSTAGE_ARM64

98
src/arch/arm64/arm_tf.c Normal file
View File

@@ -0,0 +1,98 @@
/*
* This file is part of the coreboot project.
*
* Copyright 2015 Google Inc.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; version 2 of the License.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA, 02110-1301 USA
*/
#include <arch/cache.h>
#include <arm_tf.h>
#include <assert.h>
#include <cbfs.h>
#include <cbmem.h>
#include <vendorcode/google/chromeos/vboot_handoff.h>
/*
* TODO: Many of these structures are currently unused. Better not fill them out
* to make future changes fail fast, rather than try to come up with content
* that might turn out to not make sense. Implement later as required.
*
static image_info_t bl31_image_info;
static image_info_t bl32_image_info;
static image_info_t bl33_image_info;
static entry_point_info_t bl32_ep_info;
*/
static entry_point_info_t bl33_ep_info;
static bl31_params_t bl31_params;
/* TODO: Replace with glorious new CBFSv1 solution when it's available. */
static void *vboot_get_bl31(void)
{
void *bl31_entry;
struct cbfs_media *media;
struct firmware_component *component;
struct vboot_handoff *handoff = cbmem_find(CBMEM_ID_VBOOT_HANDOFF);
if (!handoff)
return NULL;
assert(CONFIG_VBOOT_BL31_INDEX < MAX_PARSED_FW_COMPONENTS);
component = &handoff->components[CONFIG_VBOOT_BL31_INDEX];
/* components[] is zeroed out before filling, so size == 0 -> missing */
if (!component->size)
return NULL;
init_default_cbfs_media(media);
bl31_entry = cbfs_load_stage_by_offset(media, component->address);
if (bl31_entry == CBFS_LOAD_ERROR)
return NULL;
printk(BIOS_INFO, "Loaded %u bytes verified BL31 from %#.8x to EP %p\n",
component->size, component->address, bl31_entry);
return bl31_entry;
}
void arm_tf_run_bl31(u64 payload_entry, u64 payload_arg0, u64 payload_spsr)
{
const char *bl31_filename = CONFIG_CBFS_PREFIX"/bl31";
void (*bl31_entry)(bl31_params_t *params, void *plat_params) = NULL;
if (IS_ENABLED(CONFIG_VBOOT2_VERIFY_FIRMWARE))
bl31_entry = vboot_get_bl31();
if (!bl31_entry) {
bl31_entry = cbfs_load_stage(CBFS_DEFAULT_MEDIA, bl31_filename);
if (bl31_entry == CBFS_LOAD_ERROR)
die("BL31 not found in CBFS");
}
SET_PARAM_HEAD(&bl31_params, PARAM_BL31, VERSION_1, 0);
bl31_params.bl33_ep_info = &bl33_ep_info;
SET_PARAM_HEAD(&bl33_ep_info, PARAM_EP, VERSION_1, PARAM_EP_NON_SECURE);
bl33_ep_info.pc = payload_entry;
bl33_ep_info.spsr = payload_spsr;
bl33_ep_info.args.arg0 = payload_arg0;
/* May update bl31_params if necessary. Must flush all added structs. */
void *bl31_plat_params = soc_get_bl31_plat_params(&bl31_params);
dcache_clean_by_mva(&bl31_params, sizeof(bl31_params));
dcache_clean_by_mva(&bl33_ep_info, sizeof(bl33_ep_info));
dcache_mmu_disable();
bl31_entry(&bl31_params, bl31_plat_params);
die("BL31 returned!");
}

9
src/arch/arm64/boot.c
View File

@@ -23,6 +23,8 @@
#include <arch/stages.h> #include <arch/stages.h>
#include <arch/spintable.h> #include <arch/spintable.h>
#include <arch/transition.h> #include <arch/transition.h>
#include <arm_tf.h>
#include <cbmem.h>
#include <console/console.h> #include <console/console.h>
#include <program_loading.h> #include <program_loading.h>
#include <rules.h> #include <rules.h>
@@ -35,8 +37,11 @@ static void run_payload(struct prog *prog)
doit = prog_entry(prog); doit = prog_entry(prog);
arg = prog_entry_arg(prog); arg = prog_entry_arg(prog);
u64 payload_spsr = get_eret_el(EL2, SPSR_USE_L);
if (IS_ENABLED(CONFIG_ARM64_USE_SECURE_MONITOR)) if (IS_ENABLED(CONFIG_ARM64_USE_ARM_TRUSTED_FIRMWARE))
arm_tf_run_bl31((u64)doit, (u64)arg, payload_spsr);
else if (IS_ENABLED(CONFIG_ARM64_USE_SECURE_MONITOR))
secmon_run(doit, arg); secmon_run(doit, arg);
else { else {
uint8_t current_el = get_current_el(); uint8_t current_el = get_current_el();
@@ -56,7 +61,7 @@ static void run_payload(struct prog *prog)
/* If current EL is EL3, we transition to payload in EL2. */ /* If current EL is EL3, we transition to payload in EL2. */
struct exc_state exc_state; struct exc_state exc_state;
memset(&exc_state, 0, sizeof(exc_state)); memset(&exc_state, 0, sizeof(exc_state));
exc_state.elx.spsr = get_eret_el(EL2, SPSR_USE_L); exc_state.elx.spsr = payload_spsr;
transition_with_entry(doit, arg, &exc_state); transition_with_entry(doit, arg, &exc_state);
} }

34
src/arch/arm64/include/arm_tf.h Normal file
View File

@@ -0,0 +1,34 @@
/*
* This file is part of the coreboot project.
*
* Copyright 2015 Google Inc.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; version 2 of the License.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA, 02110-1301 USA
*/
#ifndef __ARM_TF_H__
#define __ARM_TF_H__
#include <types.h>
/* TODO: Pull in directly from ARM TF once its headers have been reorganized. */
#include <arm_tf_temp.h>
/* Load and enter BL31, set it up to exit to payload according to arguments. */
void arm_tf_run_bl31(u64 payload_entry, u64 payload_arg0, u64 payload_spsr);
/* Return platform-specific bl31_plat_params. May update bl31_params. */
void *soc_get_bl31_plat_params(bl31_params_t *bl31_params);
#endif /* __ARM_TF_H__ */

107
src/arch/arm64/include/arm_tf_temp.h Normal file
View File

@@ -0,0 +1,107 @@
/*
* Copyright (c) 2013-2014, ARM Limited and Contributors. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* Redistributions of source code must retain the above copyright notice, this
* list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
*
* Neither the name of ARM nor the names of its contributors may be used
* to endorse or promote products derived from this software without specific
* prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef __ARM_TF_TEMP_H__
#define __ARM_TF_TEMP_H__
#include <types.h>
/*
* Code temporarily copied from arm-trusted-firmware/include/common/bl_common.h,
* since it tries to pull in a few too many standard C headers and needs to be
* cleaned up a bit before we can include it directly.
*/
#define PARAM_EP_SECURE 0x0
#define PARAM_EP_NON_SECURE 0x1
#define PARAM_EP_SECURITY_MASK 0x1
#define PARAM_EP_EE_MASK 0x2
#define PARAM_EP_EE_LITTLE 0x0
#define PARAM_EP_EE_BIG 0x2
#define PARAM_EP_ST_MASK 0x4
#define PARAM_EP_ST_DISABLE 0x0
#define PARAM_EP_ST_ENABLE 0x4
#define PARAM_EP 0x01
#define PARAM_IMAGE_BINARY 0x02
#define PARAM_BL31 0x03
#define VERSION_1 0x01
#define SET_PARAM_HEAD(_p, _type, _ver, _attr) do { \
(_p)->h.type = (uint8_t)(_type); \
(_p)->h.version = (uint8_t)(_ver); \
(_p)->h.size = (uint16_t)sizeof(*_p); \
(_p)->h.attr = (uint32_t)(_attr) ; \
} while (0)
typedef struct aapcs64_params {
unsigned long arg0;
unsigned long arg1;
unsigned long arg2;
unsigned long arg3;
unsigned long arg4;
unsigned long arg5;
unsigned long arg6;
unsigned long arg7;
} aapcs64_params_t;
typedef struct param_header {
uint8_t type; /* type of the structure */
uint8_t version; /* version of this structure */
uint16_t size; /* size of this structure in bytes */
uint32_t attr; /* attributes: unused bits SBZ */
} param_header_t;
typedef struct entry_point_info {
param_header_t h;
uintptr_t pc;
uint32_t spsr;
aapcs64_params_t args;
} entry_point_info_t;
typedef struct image_info {
param_header_t h;
uintptr_t image_base; /* physical address of base of image */
uint32_t image_size; /* bytes read from image file */
} image_info_t;
typedef struct bl31_params {
param_header_t h;
image_info_t *bl31_image_info;
entry_point_info_t *bl32_ep_info;
image_info_t *bl32_image_info;
entry_point_info_t *bl33_ep_info;
image_info_t *bl33_image_info;
} bl31_params_t;
#endif /* __ARM_TF_H__ */