xref: /arm-trusted-firmware/include/arch/aarch32/smccc_helpers.h (revision 91f16700b400a8c0651d24a598fc48ee2997a0d7) 
1*91f16700Schasinglulu /*
2*91f16700Schasinglulu  * Copyright (c) 2016-2019, ARM Limited and Contributors. All rights reserved.
3*91f16700Schasinglulu  *
4*91f16700Schasinglulu  * SPDX-License-Identifier: BSD-3-Clause
5*91f16700Schasinglulu  */
6*91f16700Schasinglulu 
7*91f16700Schasinglulu #ifndef SMCCC_HELPERS_H
8*91f16700Schasinglulu #define SMCCC_HELPERS_H
9*91f16700Schasinglulu 
10*91f16700Schasinglulu #include <lib/smccc.h>
11*91f16700Schasinglulu 
12*91f16700Schasinglulu /* These are offsets to registers in smc_ctx_t */
13*91f16700Schasinglulu #define SMC_CTX_GPREG_R0	U(0x0)
14*91f16700Schasinglulu #define SMC_CTX_GPREG_R1	U(0x4)
15*91f16700Schasinglulu #define SMC_CTX_GPREG_R2	U(0x8)
16*91f16700Schasinglulu #define SMC_CTX_GPREG_R3	U(0xC)
17*91f16700Schasinglulu #define SMC_CTX_GPREG_R4	U(0x10)
18*91f16700Schasinglulu #define SMC_CTX_GPREG_R5	U(0x14)
19*91f16700Schasinglulu #define SMC_CTX_SP_USR		U(0x34)
20*91f16700Schasinglulu #define SMC_CTX_SPSR_MON	U(0x78)
21*91f16700Schasinglulu #define SMC_CTX_SP_MON		U(0x7C)
22*91f16700Schasinglulu #define SMC_CTX_LR_MON		U(0x80)
23*91f16700Schasinglulu #define SMC_CTX_SCR		U(0x84)
24*91f16700Schasinglulu #define SMC_CTX_PMCR		U(0x88)
25*91f16700Schasinglulu #define SMC_CTX_SIZE		U(0x90)
26*91f16700Schasinglulu 
27*91f16700Schasinglulu #ifndef __ASSEMBLER__
28*91f16700Schasinglulu 
29*91f16700Schasinglulu #include <stdint.h>
30*91f16700Schasinglulu 
31*91f16700Schasinglulu #include <lib/cassert.h>
32*91f16700Schasinglulu 
33*91f16700Schasinglulu /*
34*91f16700Schasinglulu  * The generic structure to save arguments and callee saved registers during
35*91f16700Schasinglulu  * an SMC. Also this structure is used to store the result return values after
36*91f16700Schasinglulu  * the completion of SMC service.
37*91f16700Schasinglulu  */
38*91f16700Schasinglulu typedef struct smc_ctx {
39*91f16700Schasinglulu 	u_register_t r0;
40*91f16700Schasinglulu 	u_register_t r1;
41*91f16700Schasinglulu 	u_register_t r2;
42*91f16700Schasinglulu 	u_register_t r3;
43*91f16700Schasinglulu 	u_register_t r4;
44*91f16700Schasinglulu 	u_register_t r5;
45*91f16700Schasinglulu 	u_register_t r6;
46*91f16700Schasinglulu 	u_register_t r7;
47*91f16700Schasinglulu 	u_register_t r8;
48*91f16700Schasinglulu 	u_register_t r9;
49*91f16700Schasinglulu 	u_register_t r10;
50*91f16700Schasinglulu 	u_register_t r11;
51*91f16700Schasinglulu 	u_register_t r12;
52*91f16700Schasinglulu 	/* spsr_usr doesn't exist */
53*91f16700Schasinglulu 	u_register_t sp_usr;
54*91f16700Schasinglulu 	u_register_t lr_usr;
55*91f16700Schasinglulu 	u_register_t spsr_irq;
56*91f16700Schasinglulu 	u_register_t sp_irq;
57*91f16700Schasinglulu 	u_register_t lr_irq;
58*91f16700Schasinglulu 	u_register_t spsr_fiq;
59*91f16700Schasinglulu 	u_register_t sp_fiq;
60*91f16700Schasinglulu 	u_register_t lr_fiq;
61*91f16700Schasinglulu 	u_register_t spsr_svc;
62*91f16700Schasinglulu 	u_register_t sp_svc;
63*91f16700Schasinglulu 	u_register_t lr_svc;
64*91f16700Schasinglulu 	u_register_t spsr_abt;
65*91f16700Schasinglulu 	u_register_t sp_abt;
66*91f16700Schasinglulu 	u_register_t lr_abt;
67*91f16700Schasinglulu 	u_register_t spsr_und;
68*91f16700Schasinglulu 	u_register_t sp_und;
69*91f16700Schasinglulu 	u_register_t lr_und;
70*91f16700Schasinglulu 	u_register_t spsr_mon;
71*91f16700Schasinglulu 	/*
72*91f16700Schasinglulu 	 * `sp_mon` will point to the C runtime stack in monitor mode. But prior
73*91f16700Schasinglulu 	 * to exit from SMC, this will point to the `smc_ctx_t` so that
74*91f16700Schasinglulu 	 * on next entry due to SMC, the `smc_ctx_t` can be easily accessed.
75*91f16700Schasinglulu 	 */
76*91f16700Schasinglulu 	u_register_t sp_mon;
77*91f16700Schasinglulu 	u_register_t lr_mon;
78*91f16700Schasinglulu 	u_register_t scr;
79*91f16700Schasinglulu 	u_register_t pmcr;
80*91f16700Schasinglulu 	/*
81*91f16700Schasinglulu 	 * The workaround for CVE-2017-5715 requires storing information in
82*91f16700Schasinglulu 	 * the bottom 3 bits of the stack pointer.  Add a padding field to
83*91f16700Schasinglulu 	 * force the size of the struct to be a multiple of 8.
84*91f16700Schasinglulu 	 */
85*91f16700Schasinglulu 	u_register_t pad;
86*91f16700Schasinglulu } smc_ctx_t __aligned(8);
87*91f16700Schasinglulu 
88*91f16700Schasinglulu /*
89*91f16700Schasinglulu  * Compile time assertions related to the 'smc_context' structure to
90*91f16700Schasinglulu  * ensure that the assembler and the compiler view of the offsets of
91*91f16700Schasinglulu  * the structure members is the same.
92*91f16700Schasinglulu  */
93*91f16700Schasinglulu CASSERT(SMC_CTX_GPREG_R0 == __builtin_offsetof(smc_ctx_t, r0),
94*91f16700Schasinglulu 	assert_smc_ctx_greg_r0_offset_mismatch);
95*91f16700Schasinglulu CASSERT(SMC_CTX_GPREG_R1 == __builtin_offsetof(smc_ctx_t, r1),
96*91f16700Schasinglulu 	assert_smc_ctx_greg_r1_offset_mismatch);
97*91f16700Schasinglulu CASSERT(SMC_CTX_GPREG_R2 == __builtin_offsetof(smc_ctx_t, r2),
98*91f16700Schasinglulu 	assert_smc_ctx_greg_r2_offset_mismatch);
99*91f16700Schasinglulu CASSERT(SMC_CTX_GPREG_R3 == __builtin_offsetof(smc_ctx_t, r3),
100*91f16700Schasinglulu 	assert_smc_ctx_greg_r3_offset_mismatch);
101*91f16700Schasinglulu CASSERT(SMC_CTX_GPREG_R4 == __builtin_offsetof(smc_ctx_t, r4),
102*91f16700Schasinglulu 	assert_smc_ctx_greg_r4_offset_mismatch);
103*91f16700Schasinglulu CASSERT(SMC_CTX_SP_USR == __builtin_offsetof(smc_ctx_t, sp_usr),
104*91f16700Schasinglulu 	assert_smc_ctx_sp_usr_offset_mismatch);
105*91f16700Schasinglulu CASSERT(SMC_CTX_LR_MON == __builtin_offsetof(smc_ctx_t, lr_mon),
106*91f16700Schasinglulu 	assert_smc_ctx_lr_mon_offset_mismatch);
107*91f16700Schasinglulu CASSERT(SMC_CTX_SPSR_MON == __builtin_offsetof(smc_ctx_t, spsr_mon),
108*91f16700Schasinglulu 	assert_smc_ctx_spsr_mon_offset_mismatch);
109*91f16700Schasinglulu 
110*91f16700Schasinglulu CASSERT((sizeof(smc_ctx_t) & 0x7U) == 0U, assert_smc_ctx_not_aligned);
111*91f16700Schasinglulu CASSERT(SMC_CTX_SIZE == sizeof(smc_ctx_t), assert_smc_ctx_size_mismatch);
112*91f16700Schasinglulu 
113*91f16700Schasinglulu /* Convenience macros to return from SMC handler */
114*91f16700Schasinglulu #define SMC_RET0(_h) {				\
115*91f16700Schasinglulu 	return (uintptr_t)(_h);			\
116*91f16700Schasinglulu }
117*91f16700Schasinglulu #define SMC_RET1(_h, _r0) {			\
118*91f16700Schasinglulu 	((smc_ctx_t *)(_h))->r0 = (_r0);	\
119*91f16700Schasinglulu 	SMC_RET0(_h);				\
120*91f16700Schasinglulu }
121*91f16700Schasinglulu #define SMC_RET2(_h, _r0, _r1) {		\
122*91f16700Schasinglulu 	((smc_ctx_t *)(_h))->r1 = (_r1);	\
123*91f16700Schasinglulu 	SMC_RET1(_h, (_r0));			\
124*91f16700Schasinglulu }
125*91f16700Schasinglulu #define SMC_RET3(_h, _r0, _r1, _r2) {		\
126*91f16700Schasinglulu 	((smc_ctx_t *)(_h))->r2 = (_r2);	\
127*91f16700Schasinglulu 	SMC_RET2(_h, (_r0), (_r1));		\
128*91f16700Schasinglulu }
129*91f16700Schasinglulu #define SMC_RET4(_h, _r0, _r1, _r2, _r3) {	\
130*91f16700Schasinglulu 	((smc_ctx_t *)(_h))->r3 = (_r3);	\
131*91f16700Schasinglulu 	SMC_RET3(_h, (_r0), (_r1), (_r2));	\
132*91f16700Schasinglulu }
133*91f16700Schasinglulu #define SMC_RET5(_h, _r0, _r1, _r2, _r3, _r4) {	\
134*91f16700Schasinglulu 	((smc_ctx_t *)(_h))->r4 = (_r4);	\
135*91f16700Schasinglulu 	SMC_RET4(_h, (_r0), (_r1), (_r2), (_r3));	\
136*91f16700Schasinglulu }
137*91f16700Schasinglulu #define SMC_RET6(_h, _r0, _r1, _r2, _r3, _r4, _r5) {	\
138*91f16700Schasinglulu 	((smc_ctx_t *)(_h))->r5 = (_r5);	\
139*91f16700Schasinglulu 	SMC_RET5(_h, (_r0), (_r1), (_r2), (_r3), (_r4));	\
140*91f16700Schasinglulu }
141*91f16700Schasinglulu #define SMC_RET7(_h, _r0, _r1, _r2, _r3, _r4, _r5, _r6) {	\
142*91f16700Schasinglulu 	((smc_ctx_t *)(_h))->r6 = (_r6);	\
143*91f16700Schasinglulu 	SMC_RET6(_h, (_r0), (_r1), (_r2), (_r3), (_r4), (_r5));	\
144*91f16700Schasinglulu }
145*91f16700Schasinglulu #define SMC_RET8(_h, _r0, _r1, _r2, _r3, _r4, _r5, _r6, _r7) {	\
146*91f16700Schasinglulu 	((smc_ctx_t *)(_h))->r7 = (_r7);	\
147*91f16700Schasinglulu 	SMC_RET7(_h, (_r0), (_r1), (_r2), (_r3), (_r4), (_r5), (_r6));	\
148*91f16700Schasinglulu }
149*91f16700Schasinglulu 
150*91f16700Schasinglulu /*
151*91f16700Schasinglulu  * Helper macro to retrieve the SMC parameters from smc_ctx_t.
152*91f16700Schasinglulu  */
153*91f16700Schasinglulu #define get_smc_params_from_ctx(_hdl, _r1, _r2, _r3, _r4) {	\
154*91f16700Schasinglulu 		_r1 = ((smc_ctx_t *)_hdl)->r1;		\
155*91f16700Schasinglulu 		_r2 = ((smc_ctx_t *)_hdl)->r2;		\
156*91f16700Schasinglulu 		_r3 = ((smc_ctx_t *)_hdl)->r3;		\
157*91f16700Schasinglulu 		_r4 = ((smc_ctx_t *)_hdl)->r4;		\
158*91f16700Schasinglulu 		}
159*91f16700Schasinglulu 
160*91f16700Schasinglulu /* ------------------------------------------------------------------------
161*91f16700Schasinglulu  * Helper APIs for setting and retrieving appropriate `smc_ctx_t`.
162*91f16700Schasinglulu  * These functions need to implemented by the BL including this library.
163*91f16700Schasinglulu  * ------------------------------------------------------------------------
164*91f16700Schasinglulu  */
165*91f16700Schasinglulu 
166*91f16700Schasinglulu /* Get the pointer to `smc_ctx_t` corresponding to the security state. */
167*91f16700Schasinglulu void *smc_get_ctx(unsigned int security_state);
168*91f16700Schasinglulu 
169*91f16700Schasinglulu /* Set the next `smc_ctx_t` corresponding to the security state. */
170*91f16700Schasinglulu void smc_set_next_ctx(unsigned int security_state);
171*91f16700Schasinglulu 
172*91f16700Schasinglulu /* Get the pointer to next `smc_ctx_t` already set by `smc_set_next_ctx()`. */
173*91f16700Schasinglulu void *smc_get_next_ctx(void);
174*91f16700Schasinglulu 
175*91f16700Schasinglulu #endif /*__ASSEMBLER__*/
176*91f16700Schasinglulu 
177*91f16700Schasinglulu #endif /* SMCCC_HELPERS_H */
178