1*91f16700Schasinglulu /* 2*91f16700Schasinglulu * Copyright (c) 2015-2022, ARM Limited and Contributors. All rights reserved. 3*91f16700Schasinglulu * 4*91f16700Schasinglulu * SPDX-License-Identifier: BSD-3-Clause 5*91f16700Schasinglulu */ 6*91f16700Schasinglulu 7*91f16700Schasinglulu #include <assert.h> 8*91f16700Schasinglulu #include <string.h> 9*91f16700Schasinglulu 10*91f16700Schasinglulu #include <platform_def.h> 11*91f16700Schasinglulu 12*91f16700Schasinglulu #include <common/bl_common.h> 13*91f16700Schasinglulu #include <common/debug.h> 14*91f16700Schasinglulu #include <common/desc_image_load.h> 15*91f16700Schasinglulu #include <common/uuid.h> 16*91f16700Schasinglulu #include <drivers/io/io_driver.h> 17*91f16700Schasinglulu #include <drivers/io/io_encrypted.h> 18*91f16700Schasinglulu #include <drivers/io/io_fip.h> 19*91f16700Schasinglulu #include <drivers/io/io_memmap.h> 20*91f16700Schasinglulu #include <drivers/io/io_semihosting.h> 21*91f16700Schasinglulu #include <drivers/io/io_storage.h> 22*91f16700Schasinglulu #include <lib/semihosting.h> 23*91f16700Schasinglulu #include <tools_share/firmware_image_package.h> 24*91f16700Schasinglulu 25*91f16700Schasinglulu #include "qemu_private.h" 26*91f16700Schasinglulu 27*91f16700Schasinglulu /* Semihosting filenames */ 28*91f16700Schasinglulu #define BL2_IMAGE_NAME "bl2.bin" 29*91f16700Schasinglulu #define BL31_IMAGE_NAME "bl31.bin" 30*91f16700Schasinglulu #define BL32_IMAGE_NAME "bl32.bin" 31*91f16700Schasinglulu #define TB_FW_CONFIG_NAME "tb_fw_config.dtb" 32*91f16700Schasinglulu #define TOS_FW_CONFIG_NAME "tos_fw_config.dtb" 33*91f16700Schasinglulu #define BL32_EXTRA1_IMAGE_NAME "bl32_extra1.bin" 34*91f16700Schasinglulu #define BL32_EXTRA2_IMAGE_NAME "bl32_extra2.bin" 35*91f16700Schasinglulu #define BL33_IMAGE_NAME "bl33.bin" 36*91f16700Schasinglulu 37*91f16700Schasinglulu #if TRUSTED_BOARD_BOOT 38*91f16700Schasinglulu #define TRUSTED_BOOT_FW_CERT_NAME "tb_fw.crt" 39*91f16700Schasinglulu #define TRUSTED_KEY_CERT_NAME "trusted_key.crt" 40*91f16700Schasinglulu #define SOC_FW_KEY_CERT_NAME "soc_fw_key.crt" 41*91f16700Schasinglulu #define TOS_FW_KEY_CERT_NAME "tos_fw_key.crt" 42*91f16700Schasinglulu #define NT_FW_KEY_CERT_NAME "nt_fw_key.crt" 43*91f16700Schasinglulu #define SOC_FW_CONTENT_CERT_NAME "soc_fw_content.crt" 44*91f16700Schasinglulu #define TOS_FW_CONTENT_CERT_NAME "tos_fw_content.crt" 45*91f16700Schasinglulu #define NT_FW_CONTENT_CERT_NAME "nt_fw_content.crt" 46*91f16700Schasinglulu #endif /* TRUSTED_BOARD_BOOT */ 47*91f16700Schasinglulu 48*91f16700Schasinglulu 49*91f16700Schasinglulu 50*91f16700Schasinglulu /* IO devices */ 51*91f16700Schasinglulu static const io_dev_connector_t *fip_dev_con; 52*91f16700Schasinglulu static uintptr_t fip_dev_handle; 53*91f16700Schasinglulu static const io_dev_connector_t *memmap_dev_con; 54*91f16700Schasinglulu static uintptr_t memmap_dev_handle; 55*91f16700Schasinglulu static const io_dev_connector_t *sh_dev_con; 56*91f16700Schasinglulu static uintptr_t sh_dev_handle; 57*91f16700Schasinglulu #ifndef DECRYPTION_SUPPORT_none 58*91f16700Schasinglulu static const io_dev_connector_t *enc_dev_con; 59*91f16700Schasinglulu static uintptr_t enc_dev_handle; 60*91f16700Schasinglulu #endif 61*91f16700Schasinglulu 62*91f16700Schasinglulu static const io_block_spec_t fip_block_spec = { 63*91f16700Schasinglulu .offset = PLAT_QEMU_FIP_BASE, 64*91f16700Schasinglulu .length = PLAT_QEMU_FIP_MAX_SIZE 65*91f16700Schasinglulu }; 66*91f16700Schasinglulu 67*91f16700Schasinglulu static const io_uuid_spec_t bl2_uuid_spec = { 68*91f16700Schasinglulu .uuid = UUID_TRUSTED_BOOT_FIRMWARE_BL2, 69*91f16700Schasinglulu }; 70*91f16700Schasinglulu 71*91f16700Schasinglulu static const io_uuid_spec_t bl31_uuid_spec = { 72*91f16700Schasinglulu .uuid = UUID_EL3_RUNTIME_FIRMWARE_BL31, 73*91f16700Schasinglulu }; 74*91f16700Schasinglulu 75*91f16700Schasinglulu static const io_uuid_spec_t bl32_uuid_spec = { 76*91f16700Schasinglulu .uuid = UUID_SECURE_PAYLOAD_BL32, 77*91f16700Schasinglulu }; 78*91f16700Schasinglulu 79*91f16700Schasinglulu static const io_uuid_spec_t bl32_extra1_uuid_spec = { 80*91f16700Schasinglulu .uuid = UUID_SECURE_PAYLOAD_BL32_EXTRA1, 81*91f16700Schasinglulu }; 82*91f16700Schasinglulu 83*91f16700Schasinglulu static const io_uuid_spec_t bl32_extra2_uuid_spec = { 84*91f16700Schasinglulu .uuid = UUID_SECURE_PAYLOAD_BL32_EXTRA2, 85*91f16700Schasinglulu }; 86*91f16700Schasinglulu 87*91f16700Schasinglulu static const io_uuid_spec_t tb_fw_config_uuid_spec = { 88*91f16700Schasinglulu .uuid = UUID_TB_FW_CONFIG, 89*91f16700Schasinglulu }; 90*91f16700Schasinglulu 91*91f16700Schasinglulu static const io_uuid_spec_t tos_fw_config_uuid_spec = { 92*91f16700Schasinglulu .uuid = UUID_TOS_FW_CONFIG, 93*91f16700Schasinglulu }; 94*91f16700Schasinglulu 95*91f16700Schasinglulu static const io_uuid_spec_t bl33_uuid_spec = { 96*91f16700Schasinglulu .uuid = UUID_NON_TRUSTED_FIRMWARE_BL33, 97*91f16700Schasinglulu }; 98*91f16700Schasinglulu 99*91f16700Schasinglulu #if TRUSTED_BOARD_BOOT 100*91f16700Schasinglulu static const io_uuid_spec_t tb_fw_cert_uuid_spec = { 101*91f16700Schasinglulu .uuid = UUID_TRUSTED_BOOT_FW_CERT, 102*91f16700Schasinglulu }; 103*91f16700Schasinglulu 104*91f16700Schasinglulu static const io_uuid_spec_t trusted_key_cert_uuid_spec = { 105*91f16700Schasinglulu .uuid = UUID_TRUSTED_KEY_CERT, 106*91f16700Schasinglulu }; 107*91f16700Schasinglulu 108*91f16700Schasinglulu static const io_uuid_spec_t soc_fw_key_cert_uuid_spec = { 109*91f16700Schasinglulu .uuid = UUID_SOC_FW_KEY_CERT, 110*91f16700Schasinglulu }; 111*91f16700Schasinglulu 112*91f16700Schasinglulu static const io_uuid_spec_t tos_fw_key_cert_uuid_spec = { 113*91f16700Schasinglulu .uuid = UUID_TRUSTED_OS_FW_KEY_CERT, 114*91f16700Schasinglulu }; 115*91f16700Schasinglulu 116*91f16700Schasinglulu static const io_uuid_spec_t nt_fw_key_cert_uuid_spec = { 117*91f16700Schasinglulu .uuid = UUID_NON_TRUSTED_FW_KEY_CERT, 118*91f16700Schasinglulu }; 119*91f16700Schasinglulu 120*91f16700Schasinglulu static const io_uuid_spec_t soc_fw_cert_uuid_spec = { 121*91f16700Schasinglulu .uuid = UUID_SOC_FW_CONTENT_CERT, 122*91f16700Schasinglulu }; 123*91f16700Schasinglulu 124*91f16700Schasinglulu static const io_uuid_spec_t tos_fw_cert_uuid_spec = { 125*91f16700Schasinglulu .uuid = UUID_TRUSTED_OS_FW_CONTENT_CERT, 126*91f16700Schasinglulu }; 127*91f16700Schasinglulu 128*91f16700Schasinglulu static const io_uuid_spec_t nt_fw_cert_uuid_spec = { 129*91f16700Schasinglulu .uuid = UUID_NON_TRUSTED_FW_CONTENT_CERT, 130*91f16700Schasinglulu }; 131*91f16700Schasinglulu #endif /* TRUSTED_BOARD_BOOT */ 132*91f16700Schasinglulu 133*91f16700Schasinglulu static const io_file_spec_t sh_file_spec[] = { 134*91f16700Schasinglulu [BL2_IMAGE_ID] = { 135*91f16700Schasinglulu .path = BL2_IMAGE_NAME, 136*91f16700Schasinglulu .mode = FOPEN_MODE_RB 137*91f16700Schasinglulu }, 138*91f16700Schasinglulu [BL31_IMAGE_ID] = { 139*91f16700Schasinglulu .path = BL31_IMAGE_NAME, 140*91f16700Schasinglulu .mode = FOPEN_MODE_RB 141*91f16700Schasinglulu }, 142*91f16700Schasinglulu [BL32_IMAGE_ID] = { 143*91f16700Schasinglulu .path = BL32_IMAGE_NAME, 144*91f16700Schasinglulu .mode = FOPEN_MODE_RB 145*91f16700Schasinglulu }, 146*91f16700Schasinglulu [BL32_EXTRA1_IMAGE_ID] = { 147*91f16700Schasinglulu .path = BL32_EXTRA1_IMAGE_NAME, 148*91f16700Schasinglulu .mode = FOPEN_MODE_RB 149*91f16700Schasinglulu }, 150*91f16700Schasinglulu [BL32_EXTRA2_IMAGE_ID] = { 151*91f16700Schasinglulu .path = BL32_EXTRA2_IMAGE_NAME, 152*91f16700Schasinglulu .mode = FOPEN_MODE_RB 153*91f16700Schasinglulu }, 154*91f16700Schasinglulu [TB_FW_CONFIG_ID] = { 155*91f16700Schasinglulu .path = TB_FW_CONFIG_NAME, 156*91f16700Schasinglulu .mode = FOPEN_MODE_RB 157*91f16700Schasinglulu }, 158*91f16700Schasinglulu [TOS_FW_CONFIG_ID] = { 159*91f16700Schasinglulu .path = TOS_FW_CONFIG_NAME, 160*91f16700Schasinglulu .mode = FOPEN_MODE_RB 161*91f16700Schasinglulu }, 162*91f16700Schasinglulu [BL33_IMAGE_ID] = { 163*91f16700Schasinglulu .path = BL33_IMAGE_NAME, 164*91f16700Schasinglulu .mode = FOPEN_MODE_RB 165*91f16700Schasinglulu }, 166*91f16700Schasinglulu #if TRUSTED_BOARD_BOOT 167*91f16700Schasinglulu [TRUSTED_BOOT_FW_CERT_ID] = { 168*91f16700Schasinglulu .path = TRUSTED_BOOT_FW_CERT_NAME, 169*91f16700Schasinglulu .mode = FOPEN_MODE_RB 170*91f16700Schasinglulu }, 171*91f16700Schasinglulu [TRUSTED_KEY_CERT_ID] = { 172*91f16700Schasinglulu .path = TRUSTED_KEY_CERT_NAME, 173*91f16700Schasinglulu .mode = FOPEN_MODE_RB 174*91f16700Schasinglulu }, 175*91f16700Schasinglulu [SOC_FW_KEY_CERT_ID] = { 176*91f16700Schasinglulu .path = SOC_FW_KEY_CERT_NAME, 177*91f16700Schasinglulu .mode = FOPEN_MODE_RB 178*91f16700Schasinglulu }, 179*91f16700Schasinglulu [TRUSTED_OS_FW_KEY_CERT_ID] = { 180*91f16700Schasinglulu .path = TOS_FW_KEY_CERT_NAME, 181*91f16700Schasinglulu .mode = FOPEN_MODE_RB 182*91f16700Schasinglulu }, 183*91f16700Schasinglulu [NON_TRUSTED_FW_KEY_CERT_ID] = { 184*91f16700Schasinglulu .path = NT_FW_KEY_CERT_NAME, 185*91f16700Schasinglulu .mode = FOPEN_MODE_RB 186*91f16700Schasinglulu }, 187*91f16700Schasinglulu [SOC_FW_CONTENT_CERT_ID] = { 188*91f16700Schasinglulu .path = SOC_FW_CONTENT_CERT_NAME, 189*91f16700Schasinglulu .mode = FOPEN_MODE_RB 190*91f16700Schasinglulu }, 191*91f16700Schasinglulu [TRUSTED_OS_FW_CONTENT_CERT_ID] = { 192*91f16700Schasinglulu .path = TOS_FW_CONTENT_CERT_NAME, 193*91f16700Schasinglulu .mode = FOPEN_MODE_RB 194*91f16700Schasinglulu }, 195*91f16700Schasinglulu [NON_TRUSTED_FW_CONTENT_CERT_ID] = { 196*91f16700Schasinglulu .path = NT_FW_CONTENT_CERT_NAME, 197*91f16700Schasinglulu .mode = FOPEN_MODE_RB 198*91f16700Schasinglulu }, 199*91f16700Schasinglulu #endif /* TRUSTED_BOARD_BOOT */ 200*91f16700Schasinglulu }; 201*91f16700Schasinglulu 202*91f16700Schasinglulu static int open_fip(const uintptr_t spec); 203*91f16700Schasinglulu static int open_memmap(const uintptr_t spec); 204*91f16700Schasinglulu #ifndef DECRYPTION_SUPPORT_none 205*91f16700Schasinglulu static int open_enc_fip(const uintptr_t spec); 206*91f16700Schasinglulu #endif 207*91f16700Schasinglulu 208*91f16700Schasinglulu struct plat_io_policy { 209*91f16700Schasinglulu uintptr_t *dev_handle; 210*91f16700Schasinglulu uintptr_t image_spec; 211*91f16700Schasinglulu int (*check)(const uintptr_t spec); 212*91f16700Schasinglulu }; 213*91f16700Schasinglulu 214*91f16700Schasinglulu /* By default, ARM platforms load images from the FIP */ 215*91f16700Schasinglulu static const struct plat_io_policy policies[] = { 216*91f16700Schasinglulu [FIP_IMAGE_ID] = { 217*91f16700Schasinglulu &memmap_dev_handle, 218*91f16700Schasinglulu (uintptr_t)&fip_block_spec, 219*91f16700Schasinglulu open_memmap 220*91f16700Schasinglulu }, 221*91f16700Schasinglulu [ENC_IMAGE_ID] = { 222*91f16700Schasinglulu &fip_dev_handle, 223*91f16700Schasinglulu (uintptr_t)NULL, 224*91f16700Schasinglulu open_fip 225*91f16700Schasinglulu }, 226*91f16700Schasinglulu [BL2_IMAGE_ID] = { 227*91f16700Schasinglulu &fip_dev_handle, 228*91f16700Schasinglulu (uintptr_t)&bl2_uuid_spec, 229*91f16700Schasinglulu open_fip 230*91f16700Schasinglulu }, 231*91f16700Schasinglulu #if ENCRYPT_BL31 && !defined(DECRYPTION_SUPPORT_none) 232*91f16700Schasinglulu [BL31_IMAGE_ID] = { 233*91f16700Schasinglulu &enc_dev_handle, 234*91f16700Schasinglulu (uintptr_t)&bl31_uuid_spec, 235*91f16700Schasinglulu open_enc_fip 236*91f16700Schasinglulu }, 237*91f16700Schasinglulu #else 238*91f16700Schasinglulu [BL31_IMAGE_ID] = { 239*91f16700Schasinglulu &fip_dev_handle, 240*91f16700Schasinglulu (uintptr_t)&bl31_uuid_spec, 241*91f16700Schasinglulu open_fip 242*91f16700Schasinglulu }, 243*91f16700Schasinglulu #endif 244*91f16700Schasinglulu #if ENCRYPT_BL32 && !defined(DECRYPTION_SUPPORT_none) 245*91f16700Schasinglulu [BL32_IMAGE_ID] = { 246*91f16700Schasinglulu &enc_dev_handle, 247*91f16700Schasinglulu (uintptr_t)&bl32_uuid_spec, 248*91f16700Schasinglulu open_enc_fip 249*91f16700Schasinglulu }, 250*91f16700Schasinglulu [BL32_EXTRA1_IMAGE_ID] = { 251*91f16700Schasinglulu &enc_dev_handle, 252*91f16700Schasinglulu (uintptr_t)&bl32_extra1_uuid_spec, 253*91f16700Schasinglulu open_enc_fip 254*91f16700Schasinglulu }, 255*91f16700Schasinglulu [BL32_EXTRA2_IMAGE_ID] = { 256*91f16700Schasinglulu &enc_dev_handle, 257*91f16700Schasinglulu (uintptr_t)&bl32_extra2_uuid_spec, 258*91f16700Schasinglulu open_enc_fip 259*91f16700Schasinglulu }, 260*91f16700Schasinglulu #else 261*91f16700Schasinglulu [BL32_IMAGE_ID] = { 262*91f16700Schasinglulu &fip_dev_handle, 263*91f16700Schasinglulu (uintptr_t)&bl32_uuid_spec, 264*91f16700Schasinglulu open_fip 265*91f16700Schasinglulu }, 266*91f16700Schasinglulu [BL32_EXTRA1_IMAGE_ID] = { 267*91f16700Schasinglulu &fip_dev_handle, 268*91f16700Schasinglulu (uintptr_t)&bl32_extra1_uuid_spec, 269*91f16700Schasinglulu open_fip 270*91f16700Schasinglulu }, 271*91f16700Schasinglulu [BL32_EXTRA2_IMAGE_ID] = { 272*91f16700Schasinglulu &fip_dev_handle, 273*91f16700Schasinglulu (uintptr_t)&bl32_extra2_uuid_spec, 274*91f16700Schasinglulu open_fip 275*91f16700Schasinglulu }, 276*91f16700Schasinglulu #endif 277*91f16700Schasinglulu [TB_FW_CONFIG_ID] = { 278*91f16700Schasinglulu &fip_dev_handle, 279*91f16700Schasinglulu (uintptr_t)&tb_fw_config_uuid_spec, 280*91f16700Schasinglulu open_fip 281*91f16700Schasinglulu }, 282*91f16700Schasinglulu [TOS_FW_CONFIG_ID] = { 283*91f16700Schasinglulu &fip_dev_handle, 284*91f16700Schasinglulu (uintptr_t)&tos_fw_config_uuid_spec, 285*91f16700Schasinglulu open_fip 286*91f16700Schasinglulu }, 287*91f16700Schasinglulu [BL33_IMAGE_ID] = { 288*91f16700Schasinglulu &fip_dev_handle, 289*91f16700Schasinglulu (uintptr_t)&bl33_uuid_spec, 290*91f16700Schasinglulu open_fip 291*91f16700Schasinglulu }, 292*91f16700Schasinglulu #if TRUSTED_BOARD_BOOT 293*91f16700Schasinglulu [TRUSTED_BOOT_FW_CERT_ID] = { 294*91f16700Schasinglulu &fip_dev_handle, 295*91f16700Schasinglulu (uintptr_t)&tb_fw_cert_uuid_spec, 296*91f16700Schasinglulu open_fip 297*91f16700Schasinglulu }, 298*91f16700Schasinglulu [TRUSTED_KEY_CERT_ID] = { 299*91f16700Schasinglulu &fip_dev_handle, 300*91f16700Schasinglulu (uintptr_t)&trusted_key_cert_uuid_spec, 301*91f16700Schasinglulu open_fip 302*91f16700Schasinglulu }, 303*91f16700Schasinglulu [SOC_FW_KEY_CERT_ID] = { 304*91f16700Schasinglulu &fip_dev_handle, 305*91f16700Schasinglulu (uintptr_t)&soc_fw_key_cert_uuid_spec, 306*91f16700Schasinglulu open_fip 307*91f16700Schasinglulu }, 308*91f16700Schasinglulu [TRUSTED_OS_FW_KEY_CERT_ID] = { 309*91f16700Schasinglulu &fip_dev_handle, 310*91f16700Schasinglulu (uintptr_t)&tos_fw_key_cert_uuid_spec, 311*91f16700Schasinglulu open_fip 312*91f16700Schasinglulu }, 313*91f16700Schasinglulu [NON_TRUSTED_FW_KEY_CERT_ID] = { 314*91f16700Schasinglulu &fip_dev_handle, 315*91f16700Schasinglulu (uintptr_t)&nt_fw_key_cert_uuid_spec, 316*91f16700Schasinglulu open_fip 317*91f16700Schasinglulu }, 318*91f16700Schasinglulu [SOC_FW_CONTENT_CERT_ID] = { 319*91f16700Schasinglulu &fip_dev_handle, 320*91f16700Schasinglulu (uintptr_t)&soc_fw_cert_uuid_spec, 321*91f16700Schasinglulu open_fip 322*91f16700Schasinglulu }, 323*91f16700Schasinglulu [TRUSTED_OS_FW_CONTENT_CERT_ID] = { 324*91f16700Schasinglulu &fip_dev_handle, 325*91f16700Schasinglulu (uintptr_t)&tos_fw_cert_uuid_spec, 326*91f16700Schasinglulu open_fip 327*91f16700Schasinglulu }, 328*91f16700Schasinglulu [NON_TRUSTED_FW_CONTENT_CERT_ID] = { 329*91f16700Schasinglulu &fip_dev_handle, 330*91f16700Schasinglulu (uintptr_t)&nt_fw_cert_uuid_spec, 331*91f16700Schasinglulu open_fip 332*91f16700Schasinglulu }, 333*91f16700Schasinglulu #endif /* TRUSTED_BOARD_BOOT */ 334*91f16700Schasinglulu }; 335*91f16700Schasinglulu 336*91f16700Schasinglulu #if defined(SPD_spmd) 337*91f16700Schasinglulu static struct sp_pkg { 338*91f16700Schasinglulu struct plat_io_policy policy; 339*91f16700Schasinglulu io_file_spec_t sh_file_spec; 340*91f16700Schasinglulu uint8_t uuid[UUID_BYTES_LENGTH]; 341*91f16700Schasinglulu char path[80]; 342*91f16700Schasinglulu } sp_pkgs[MAX_SP_IDS]; 343*91f16700Schasinglulu static unsigned int sp_pkg_count; 344*91f16700Schasinglulu 345*91f16700Schasinglulu int qemu_io_register_sp_pkg(const char *name, const char *uuid, 346*91f16700Schasinglulu uintptr_t load_addr) 347*91f16700Schasinglulu { 348*91f16700Schasinglulu struct sp_pkg *pkg; 349*91f16700Schasinglulu bl_mem_params_node_t *mem_params; 350*91f16700Schasinglulu 351*91f16700Schasinglulu if (sp_pkg_count == MAX_SP_IDS) { 352*91f16700Schasinglulu INFO("Reached Max number of SPs\n"); 353*91f16700Schasinglulu return -1; 354*91f16700Schasinglulu } 355*91f16700Schasinglulu mem_params = get_bl_mem_params_node(SP_PKG1_ID + sp_pkg_count); 356*91f16700Schasinglulu if (mem_params == NULL) { 357*91f16700Schasinglulu ERROR("Can't find SP_PKG ID %u (SP_PKG%u_ID)\n", 358*91f16700Schasinglulu SP_PKG1_ID + sp_pkg_count, sp_pkg_count); 359*91f16700Schasinglulu return -1; 360*91f16700Schasinglulu } 361*91f16700Schasinglulu pkg = sp_pkgs + sp_pkg_count; 362*91f16700Schasinglulu 363*91f16700Schasinglulu if (read_uuid(pkg->uuid, (char *)uuid)) { 364*91f16700Schasinglulu return -1; 365*91f16700Schasinglulu } 366*91f16700Schasinglulu 367*91f16700Schasinglulu strlcpy(pkg->path, name, sizeof(pkg->path)); 368*91f16700Schasinglulu strlcat(pkg->path, ".pkg", sizeof(pkg->path)); 369*91f16700Schasinglulu 370*91f16700Schasinglulu pkg->policy.dev_handle = &fip_dev_handle; 371*91f16700Schasinglulu pkg->policy.image_spec = (uintptr_t)&pkg->uuid; 372*91f16700Schasinglulu pkg->policy.check = open_fip; 373*91f16700Schasinglulu pkg->sh_file_spec.path = pkg->path; 374*91f16700Schasinglulu pkg->sh_file_spec.mode = FOPEN_MODE_RB; 375*91f16700Schasinglulu 376*91f16700Schasinglulu mem_params->image_info.image_base = load_addr; 377*91f16700Schasinglulu mem_params->image_info.image_max_size = SZ_4M; 378*91f16700Schasinglulu mem_params->image_info.h.attr &= ~IMAGE_ATTRIB_SKIP_LOADING; 379*91f16700Schasinglulu 380*91f16700Schasinglulu sp_pkg_count++; 381*91f16700Schasinglulu 382*91f16700Schasinglulu return 0; 383*91f16700Schasinglulu } 384*91f16700Schasinglulu #endif /*SPD_spmd*/ 385*91f16700Schasinglulu 386*91f16700Schasinglulu static const io_file_spec_t *get_io_file_spec(unsigned int image_id) 387*91f16700Schasinglulu { 388*91f16700Schasinglulu #if defined(SPD_spmd) 389*91f16700Schasinglulu if (image_id >= SP_PKG1_ID && image_id <= SP_PKG8_ID) { 390*91f16700Schasinglulu return &sp_pkgs[image_id - SP_PKG1_ID].sh_file_spec; 391*91f16700Schasinglulu } 392*91f16700Schasinglulu #endif 393*91f16700Schasinglulu 394*91f16700Schasinglulu assert(image_id < ARRAY_SIZE(sh_file_spec)); 395*91f16700Schasinglulu return &sh_file_spec[image_id]; 396*91f16700Schasinglulu } 397*91f16700Schasinglulu 398*91f16700Schasinglulu static const struct plat_io_policy *get_io_policy(unsigned int image_id) 399*91f16700Schasinglulu { 400*91f16700Schasinglulu #if defined(SPD_spmd) 401*91f16700Schasinglulu if (image_id >= SP_PKG1_ID && image_id <= SP_PKG8_ID) { 402*91f16700Schasinglulu return &sp_pkgs[image_id - SP_PKG1_ID].policy; 403*91f16700Schasinglulu } 404*91f16700Schasinglulu #endif 405*91f16700Schasinglulu 406*91f16700Schasinglulu assert(image_id < ARRAY_SIZE(policies)); 407*91f16700Schasinglulu return &policies[image_id]; 408*91f16700Schasinglulu } 409*91f16700Schasinglulu 410*91f16700Schasinglulu static int open_fip(const uintptr_t spec) 411*91f16700Schasinglulu { 412*91f16700Schasinglulu int result; 413*91f16700Schasinglulu uintptr_t local_image_handle; 414*91f16700Schasinglulu 415*91f16700Schasinglulu /* See if a Firmware Image Package is available */ 416*91f16700Schasinglulu result = io_dev_init(fip_dev_handle, (uintptr_t)FIP_IMAGE_ID); 417*91f16700Schasinglulu if (result == 0 && spec != (uintptr_t)NULL) { 418*91f16700Schasinglulu result = io_open(fip_dev_handle, spec, &local_image_handle); 419*91f16700Schasinglulu if (result == 0) { 420*91f16700Schasinglulu VERBOSE("Using FIP\n"); 421*91f16700Schasinglulu io_close(local_image_handle); 422*91f16700Schasinglulu } 423*91f16700Schasinglulu } 424*91f16700Schasinglulu return result; 425*91f16700Schasinglulu } 426*91f16700Schasinglulu 427*91f16700Schasinglulu #ifndef DECRYPTION_SUPPORT_none 428*91f16700Schasinglulu static int open_enc_fip(const uintptr_t spec) 429*91f16700Schasinglulu { 430*91f16700Schasinglulu int result; 431*91f16700Schasinglulu uintptr_t local_image_handle; 432*91f16700Schasinglulu 433*91f16700Schasinglulu /* See if an encrypted FIP is available */ 434*91f16700Schasinglulu result = io_dev_init(enc_dev_handle, (uintptr_t)ENC_IMAGE_ID); 435*91f16700Schasinglulu if (result == 0) { 436*91f16700Schasinglulu result = io_open(enc_dev_handle, spec, &local_image_handle); 437*91f16700Schasinglulu if (result == 0) { 438*91f16700Schasinglulu VERBOSE("Using encrypted FIP\n"); 439*91f16700Schasinglulu io_close(local_image_handle); 440*91f16700Schasinglulu } 441*91f16700Schasinglulu } 442*91f16700Schasinglulu return result; 443*91f16700Schasinglulu } 444*91f16700Schasinglulu #endif 445*91f16700Schasinglulu 446*91f16700Schasinglulu static int open_memmap(const uintptr_t spec) 447*91f16700Schasinglulu { 448*91f16700Schasinglulu int result; 449*91f16700Schasinglulu uintptr_t local_image_handle; 450*91f16700Schasinglulu 451*91f16700Schasinglulu result = io_dev_init(memmap_dev_handle, (uintptr_t)NULL); 452*91f16700Schasinglulu if (result == 0) { 453*91f16700Schasinglulu result = io_open(memmap_dev_handle, spec, &local_image_handle); 454*91f16700Schasinglulu if (result == 0) { 455*91f16700Schasinglulu VERBOSE("Using Memmap\n"); 456*91f16700Schasinglulu io_close(local_image_handle); 457*91f16700Schasinglulu } 458*91f16700Schasinglulu } 459*91f16700Schasinglulu return result; 460*91f16700Schasinglulu } 461*91f16700Schasinglulu 462*91f16700Schasinglulu static int open_semihosting(const uintptr_t spec) 463*91f16700Schasinglulu { 464*91f16700Schasinglulu int result; 465*91f16700Schasinglulu uintptr_t local_image_handle; 466*91f16700Schasinglulu 467*91f16700Schasinglulu /* See if the file exists on semi-hosting.*/ 468*91f16700Schasinglulu result = io_dev_init(sh_dev_handle, (uintptr_t)NULL); 469*91f16700Schasinglulu if (result == 0) { 470*91f16700Schasinglulu result = io_open(sh_dev_handle, spec, &local_image_handle); 471*91f16700Schasinglulu if (result == 0) { 472*91f16700Schasinglulu VERBOSE("Using Semi-hosting IO\n"); 473*91f16700Schasinglulu io_close(local_image_handle); 474*91f16700Schasinglulu } 475*91f16700Schasinglulu } 476*91f16700Schasinglulu return result; 477*91f16700Schasinglulu } 478*91f16700Schasinglulu 479*91f16700Schasinglulu void plat_qemu_io_setup(void) 480*91f16700Schasinglulu { 481*91f16700Schasinglulu int io_result; 482*91f16700Schasinglulu 483*91f16700Schasinglulu io_result = register_io_dev_fip(&fip_dev_con); 484*91f16700Schasinglulu assert(io_result == 0); 485*91f16700Schasinglulu 486*91f16700Schasinglulu io_result = register_io_dev_memmap(&memmap_dev_con); 487*91f16700Schasinglulu assert(io_result == 0); 488*91f16700Schasinglulu 489*91f16700Schasinglulu /* Open connections to devices and cache the handles */ 490*91f16700Schasinglulu io_result = io_dev_open(fip_dev_con, (uintptr_t)NULL, 491*91f16700Schasinglulu &fip_dev_handle); 492*91f16700Schasinglulu assert(io_result == 0); 493*91f16700Schasinglulu 494*91f16700Schasinglulu io_result = io_dev_open(memmap_dev_con, (uintptr_t)NULL, 495*91f16700Schasinglulu &memmap_dev_handle); 496*91f16700Schasinglulu assert(io_result == 0); 497*91f16700Schasinglulu 498*91f16700Schasinglulu #ifndef DECRYPTION_SUPPORT_none 499*91f16700Schasinglulu io_result = register_io_dev_enc(&enc_dev_con); 500*91f16700Schasinglulu assert(io_result == 0); 501*91f16700Schasinglulu 502*91f16700Schasinglulu io_result = io_dev_open(enc_dev_con, (uintptr_t)NULL, 503*91f16700Schasinglulu &enc_dev_handle); 504*91f16700Schasinglulu assert(io_result == 0); 505*91f16700Schasinglulu #endif 506*91f16700Schasinglulu 507*91f16700Schasinglulu /* Register the additional IO devices on this platform */ 508*91f16700Schasinglulu io_result = register_io_dev_sh(&sh_dev_con); 509*91f16700Schasinglulu assert(io_result == 0); 510*91f16700Schasinglulu 511*91f16700Schasinglulu /* Open connections to devices and cache the handles */ 512*91f16700Schasinglulu io_result = io_dev_open(sh_dev_con, (uintptr_t)NULL, &sh_dev_handle); 513*91f16700Schasinglulu assert(io_result == 0); 514*91f16700Schasinglulu 515*91f16700Schasinglulu /* Ignore improbable errors in release builds */ 516*91f16700Schasinglulu (void)io_result; 517*91f16700Schasinglulu } 518*91f16700Schasinglulu 519*91f16700Schasinglulu static int get_alt_image_source(unsigned int image_id, uintptr_t *dev_handle, 520*91f16700Schasinglulu uintptr_t *image_spec) 521*91f16700Schasinglulu { 522*91f16700Schasinglulu const io_file_spec_t *spec = get_io_file_spec(image_id); 523*91f16700Schasinglulu int result; 524*91f16700Schasinglulu 525*91f16700Schasinglulu result = open_semihosting((const uintptr_t)spec); 526*91f16700Schasinglulu if (result == 0) { 527*91f16700Schasinglulu *dev_handle = sh_dev_handle; 528*91f16700Schasinglulu *image_spec = (uintptr_t)spec; 529*91f16700Schasinglulu } 530*91f16700Schasinglulu 531*91f16700Schasinglulu return result; 532*91f16700Schasinglulu } 533*91f16700Schasinglulu 534*91f16700Schasinglulu /* 535*91f16700Schasinglulu * Return an IO device handle and specification which can be used to access 536*91f16700Schasinglulu * an image. Use this to enforce platform load policy 537*91f16700Schasinglulu */ 538*91f16700Schasinglulu int plat_get_image_source(unsigned int image_id, uintptr_t *dev_handle, 539*91f16700Schasinglulu uintptr_t *image_spec) 540*91f16700Schasinglulu { 541*91f16700Schasinglulu const struct plat_io_policy *policy = get_io_policy(image_id); 542*91f16700Schasinglulu int result; 543*91f16700Schasinglulu 544*91f16700Schasinglulu result = policy->check(policy->image_spec); 545*91f16700Schasinglulu if (result == 0) { 546*91f16700Schasinglulu *image_spec = policy->image_spec; 547*91f16700Schasinglulu *dev_handle = *(policy->dev_handle); 548*91f16700Schasinglulu } else { 549*91f16700Schasinglulu VERBOSE("Trying alternative IO\n"); 550*91f16700Schasinglulu result = get_alt_image_source(image_id, dev_handle, image_spec); 551*91f16700Schasinglulu } 552*91f16700Schasinglulu 553*91f16700Schasinglulu return result; 554*91f16700Schasinglulu } 555