From patchwork Thu Mar 25 09:30:07 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Peng Fan \(OSS\)" X-Patchwork-Id: 408770 Delivered-To: patch@linaro.org Received: by 2002:a02:8562:0:0:0:0:0 with SMTP id g89csp364969jai; Thu, 25 Mar 2021 02:33:35 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwmrkOuTydUrlHcXob5q1Qex9kcfBNaCXhSDD3TpH3DzTjrBAQlopRe56kcBtQhetHhmHXl X-Received: by 2002:a17:906:9501:: with SMTP id u1mr8492655ejx.324.1616664815442; Thu, 25 Mar 2021 02:33:35 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1616664815; cv=pass; d=google.com; s=arc-20160816; b=AEt6npd/Orkcwn+iFa2jxmiOXh16KH8hRtd37ZWeRKLeXtVOB0yykgCdaOo1qAoVw2 PIPaAtVX52nZyc/9w9sv9PIvNJSEHbw7tUC5ywC3+EuO2RzF3PscT3hqcFTkHtbeAQ/4 jSxrpoWQ/hnO9OCM+D0x05gcPkpYQvF+caeeuZbPhcof6pmKcCj614hoS/d33TlcmJq9 XCVODne+twnP6ZJb0xeOPdCf8+1IVF2/bpnl5OSjncTb0qEn6Bk/dUAKR94xtqnFt6O/ QbfqDL381Z3K/3nV2Jnm78IMdsB3o4sDjnRBJqbYZmn9fdsTeBDNIBjv9kCsHBEZZYNo FfGg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:mime-version :content-transfer-encoding:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=6HhNPcpeRDbnGxrGsGPsftJWBvlnkTtCB2LIZqv1bYc=; b=Qlv+ID5GblnFVPPqxgTZma5zu9SgkxZCecf26FRV+dhkPfq/Rb5EhwkawkdfzWhleQ cWpjhaQplHF9O1OBLhA+bWzpOXqbtvOyiiZ8YwRqZsE90YCJMJXvWDqf2SKxXnzgSHSh XKPb7ZtfZuw6DUmckKtCii2L4SElwq4pM1N1BQPoh6+HuRDdMYlK8v2rAVGkmbcuYjfx 5TiyrQfg3LDYo4SSL3h02uSt2vLlSNb0MT0Dxn5rCPfZ0Ei3abUfFYQueLy8sGFyFsEJ L5ysJzr2kXxCgSGAX1JBcShBzVLtfr3ugpWDCWxGXhmJmtaeU6t+gO3VcCZLpGs4vM0V 6O/Q== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@NXP1.onmicrosoft.com header.s=selector2-NXP1-onmicrosoft-com header.b=UoNv7rii; arc=pass (i=1 spf=pass spfdomain=oss.nxp.com dkim=pass dkdomain=oss.nxp.com dmarc=pass fromdomain=oss.nxp.com); spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=nxp.com Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id n22si3823874eju.124.2021.03.25.02.33.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 25 Mar 2021 02:33:35 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; dkim=pass header.i=@NXP1.onmicrosoft.com header.s=selector2-NXP1-onmicrosoft-com header.b=UoNv7rii; arc=pass (i=1 spf=pass spfdomain=oss.nxp.com dkim=pass dkdomain=oss.nxp.com dmarc=pass fromdomain=oss.nxp.com); spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=nxp.com Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 97503825BF; Thu, 25 Mar 2021 10:32:41 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=none (p=none dis=none) header.from=oss.nxp.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (1024-bit key; unprotected) header.d=NXP1.onmicrosoft.com header.i=@NXP1.onmicrosoft.com header.b="UoNv7rii"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 960658284D; Thu, 25 Mar 2021 10:32:26 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,FORGED_SPF_HELO,MSGID_FROM_MTA_HEADER,SPF_HELO_PASS autolearn=no autolearn_force=no version=3.4.2 Received: from EUR02-AM5-obe.outbound.protection.outlook.com (mail-am5eur02on062a.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe07::62a]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id EAE6082859 for ; Thu, 25 Mar 2021 10:32:09 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=none (p=none dis=none) header.from=oss.nxp.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=peng.fan@oss.nxp.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=GYYskv5+d0YgNCe4hvcDzHiNNk2o1iTtY5Zq2wT+GUYunnJ0th7jaDwF3GRWW1fhzivICVGK0V/F7p/bcIaF4ssKiBBp+Og9fWyy78lhuZrNSBAdbZhFuaXdxr1E5h/MDlxDrPOleosbv6DymFP2VS3a0sRuZ4RYhsw4ipaFaR0XYKOo6SAKh0lv6Dnxa/PWTh6AGpSmz44W0W6rMNHvquOmhwklXqHLbBB3WsHAJ6BgSQxPcSQ5YjCg959xpyVwNMfX/X0RzLYbxYcuGfdMxlxgG1N2w63+KgO4Fx4VkjYfOaJ8ColYYDlfBMIaRAB3Nan71BpeK2N1j9bKV4UMaA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6HhNPcpeRDbnGxrGsGPsftJWBvlnkTtCB2LIZqv1bYc=; b=G4QP83kR3dqvXUpkbMgrPPWu+cqvGk2hNarTXsF/BN3e/vKdbc+c9Jr5suUFojnKKsvMjzbl8gQdzZp7ezInhsqC2T1ftsTjdGs9gcn0dfyia1awrmoZt0UsQvz1zOh1E7EcVwdKx5oTvfRHBmEpplnUMd3hlJbXB/R3asKFhbW1aCnNqXXnFncaki4gOJlVLYQ0Q1CmCX8ibxTeUgZa5nO/UIBkfwI6QGqfxX/1hbEBZk2Bp5rI1NSkKXGUbSInBr14XFXqed+4X4PCqJudXkJVEjlBNScSYdgi7zzQMtIV51w1qKi7b4KLr8y1IJ4T8fyobPdWciTen3yUE5Ri5A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=oss.nxp.com; dmarc=pass action=none header.from=oss.nxp.com; dkim=pass header.d=oss.nxp.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=NXP1.onmicrosoft.com; s=selector2-NXP1-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6HhNPcpeRDbnGxrGsGPsftJWBvlnkTtCB2LIZqv1bYc=; b=UoNv7riinS3EO7qAuGX/ynDE7mHW+RV/r4fazgoqab4BpRWU7RF1mkEkY2fXRIBA3VNOxavTei8r3OHPcq5FfgyurtIDShefHdh3aZvXechTg6sF3KHBps3/yLntM+Guokn9niq5wYB5k7fwR7XGwE/pvAOBr0eRsOiS30Y8nZ0= Authentication-Results: denx.de; dkim=none (message not signed) header.d=none; denx.de; dmarc=none action=none header.from=oss.nxp.com; Received: from DB6PR0402MB2760.eurprd04.prod.outlook.com (2603:10a6:4:a1::14) by DB7PR04MB4092.eurprd04.prod.outlook.com (2603:10a6:5:27::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3955.27; Thu, 25 Mar 2021 09:32:08 +0000 Received: from DB6PR0402MB2760.eurprd04.prod.outlook.com ([fe80::d58c:d479:d094:43d0]) by DB6PR0402MB2760.eurprd04.prod.outlook.com ([fe80::d58c:d479:d094:43d0%9]) with mapi id 15.20.3955.025; Thu, 25 Mar 2021 09:32:08 +0000 From: "Peng Fan (OSS)" To: sbabic@denx.de, festevam@gmail.com Cc: uboot-imx@nxp.com, u-boot@lists.denx.de, Peng Fan , Ye Li Subject: [PATCH 08/37] imx: HAB: Update hab codes to support ARM64 and i.MX8M Date: Thu, 25 Mar 2021 17:30:07 +0800 Message-Id: <20210325093036.3270101-9-peng.fan@oss.nxp.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210325093036.3270101-1-peng.fan@oss.nxp.com> References: <20210325093036.3270101-1-peng.fan@oss.nxp.com> X-Originating-IP: [119.31.174.66] X-ClientProxiedBy: HK2PR0302CA0021.apcprd03.prod.outlook.com (2603:1096:202::31) To DB6PR0402MB2760.eurprd04.prod.outlook.com (2603:10a6:4:a1::14) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from localhost.localdomain (119.31.174.66) by HK2PR0302CA0021.apcprd03.prod.outlook.com (2603:1096:202::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3999.16 via Frontend Transport; Thu, 25 Mar 2021 09:32:05 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 6040a51a-81f7-4a8a-f1fc-08d8ef70dbf0 X-MS-TrafficTypeDiagnostic: DB7PR04MB4092: X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:6790; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: mQ+5R3xK+WTXjqHly+U2JTpKR7J3bJO4ZItp+wZnpfzTPGUvJEWAfFUgb/GDw0EczYhj0E/6zDqvNnTKj0BMDXlOaan35uYapmZua7+77DuZs0YuwvId7GxlGadkFPeDD0EKoGe+QWFMCkzNW5rzuqKghlN+eHyDPFoNNE2XmU1nY5v+k2uTBDgdpuzV+aUyFYlw3UvwGM8iC2ENJn5z45TL6iXSbv4TTXlbC7wg2qYEKqkXuL5vegztiMahpBBOiAOwhaU59X+spRP/hKAPtZ43IuTyR8EO6EhqRQ+ACVj7Tp2omGLKIugkKNvVB4F8R5sjS+TwfIuUchQwU9D2mjwoSoRROc+kCHHqMOym9D5X4O227wrkfFX7IJ5iWNvO8jEZS5yXOtzFdFiWOUCcbr722j7jbPDA5MjXeEcMXP6SJQR+Un70c1sq4vhtkOjbrlMUvKFtAw7kyPHr4kdUSY3YAdfke3GXWkuKuMcEVZEMpOfmayuLni3QTAXUeqCotkHOlaflJcm6/ZLIZs/UIxYCWwlHba4cLSp9cA4YQQb5w38brv48CzUGbn50rlrJD1XeWdLjMdKAB4MQwGWRUGbwz3KSon7dhq50v30xgsYF+I/qfrLLAQnv1saqVxYQjLlx4mquOS9QyDMYk8YFhZgjn2KHvepGe0eCfFrbrnRGf01TnP/WTCE9IzNdCaKq X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB6PR0402MB2760.eurprd04.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(396003)(366004)(346002)(39860400002)(376002)(136003)(4326008)(8936002)(478600001)(316002)(69590400012)(2616005)(8676002)(54906003)(956004)(86362001)(16526019)(38100700001)(83380400001)(186003)(52116002)(66476007)(2906002)(6512007)(30864003)(6486002)(5660300002)(66946007)(15650500001)(66556008)(26005)(1076003)(6506007); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData: Ndh5h+VBY+tVAVqhY2b3mZ6rF5FcgmXevCQ7u0Y+C6QkWKT5QlbnYp2tlXIO5eNxgVsVcIcfomDE+6hTReNLlu65ipU4wWx7ZugjTXAXNGT2Qpqvj2IXc09VQ7hZn+AHhtdoZ6TGKKOIqoj1w7w5YKGp9Z+J7yvFehph3oIW2VDmkuFpiqNvPwTAL8iG1PHrVIXgqh+UPU2iuUvHJ3YyBquV4RAKLKpUnKgcpg2ZuXm7jSY7xeDxIQ66hiNcIMnTEhFH3oQW5MYgRivRNoe4h958D5iDmmlUGOXGenoTb+tp3b9byMv7VvJUXWhGPaMHMy4u4Te0EgfSiPWRtqFN2WqqGI5igrpXFBShl8MipEwhL4UK0r8ZNwgTSPFWASaEIrgPvmVT8Odm4h0ERJMnUGf9drHt6wl5MErqyoJVNHHi/QKFnHi3nkbg9uoskYABbNUn71HE9df1XtM17zbH5IyKqoRUNReLgWL45w7Mpf5P45GUJGoUyBOPw2ZbXdwSkj4eiWbco5AeZOoTvMo3B5GByOcfxbKPbpn27d/VPYnn1xBDEx9BCLvAMaAGqmzzMbMXdYfNBMbwMeXYd6pssnSMEhtCwIJ5VVY5dGWUhFKXJupqS0KWO/Us++nhAbs24BHwoufnS3+2CpiV1X7ST8qS+Up8biMewpjF+v6qrN7ssfHNw1u9mBHz0ZmQQSS50J1gkTazbOQv6/iHk1hLVJXUbZFB4+V+oRrCB2BErfEjcHPgFPsJ0Nv+rYj2/ebpwO/b5IgSJQmdHsMw/SGheoYzkQwMgrrCU1fkyQTsDvOLUR3IU9UoviwgxmLB0msuTWU3H7T1NqXRyUFRTJZY0ncUEjtTrEOxV8YH5tpoHwfNGvjDj6cnjk2Q7ZmZXu6UvltI9DnkdYZliC7kRcGkdjc2/qVzojeQ0XSjyzOUEEHRLlsoUS9X56auYt5BBdu2OepX6B7/KGQL54P+oj/UukZ8T50GZ60dlI462kRe4SqH+Iez7wBJThtwClsDRm7TaZSVl+9HX3YDKw4f7IqKup0irNp+5aCHeO2z8MibKpL+3gymda5dZz/vsmeSqgZT+fLVF8mdNaeAAyZzJBnaiGytDf0uTSfBtHDDlaP6r43xqc9g6kcPAamwYz2bVkAOXsFv4axyN54C0CBEK/zmclEay3L9e07vRNrPHYDKnOk4Py2l9LiNhsgExLW6jmWEqbHyq3XsCaTtVJBIusg4W6coY+LNVv4t2JxkNSfy5EtaTkTAfOw1I50ZcRMJgKaj3fxhRynm0Meh+qw82rfghA3yUqJQwvVc1iN+qeXCAMGiEuB8OC2KT+okzj4sNKz4aD8qCxjuYvPjZd0ckFlUOA== X-OriginatorOrg: oss.nxp.com X-MS-Exchange-CrossTenant-Network-Message-Id: 6040a51a-81f7-4a8a-f1fc-08d8ef70dbf0 X-MS-Exchange-CrossTenant-AuthSource: DB6PR0402MB2760.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Mar 2021 09:32:07.9950 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: K+skUP7+HN7LLe/3I2JIYgdyI5IdMrEr/SLlq8yU35e6DCUzwOuYqhMirVDNKQnwq4HCtpa/JBCyXeXpzNb8AQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB7PR04MB4092 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.102.4 at phobos.denx.de X-Virus-Status: Clean From: Peng Fan There are some changes to support ARM64 i.MX8M platform in this patches: 1. The hab_rvt base and function vectors are different as i.MX6/7 2. Need to bypass an workaround for i.MX6 to fix problem in MMU. 3. The x18 register needed save & restore before calling any HAB API. According to ARM procedure call spec, the x18 is caller saved when it is used as temporary register. So calling HAB API may scratch this register, and cause crash once accessing the gd pointer. On ARMv7, the r9 is callee saved when it is used as variable register. So no need to save & restore it. 4. Add SEC_CONFIG fuse for iMX8M When current EL is not EL3, the direct calling to HAB will fail because CAAM/SNVS can't initialize at non-secure mode. In this case, we use SIP call to run the HAB in ATF. Signed-off-by: Ye Li Signed-off-by: Peng Fan --- arch/arm/include/asm/mach-imx/hab.h | 14 ++ arch/arm/mach-imx/hab.c | 229 +++++++++++++++++++++++++--- 2 files changed, 218 insertions(+), 25 deletions(-) -- 2.25.1 diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h index d8bd77075a..c4393ef443 100644 --- a/arch/arm/include/asm/mach-imx/hab.h +++ b/arch/arm/include/asm/mach-imx/hab.h @@ -165,6 +165,18 @@ typedef void hapi_clock_init_t(void); #define HAB_ENG_RTL 0x77 /* RTL simulation engine */ #define HAB_ENG_SW 0xff /* Software engine */ +#ifdef CONFIG_ARM64 +#define HAB_RVT_BASE 0x00000880 + +#define HAB_RVT_ENTRY (*(ulong *)(HAB_RVT_BASE + 0x08)) +#define HAB_RVT_EXIT (*(ulong *)(HAB_RVT_BASE + 0x10)) +#define HAB_RVT_CHECK_TARGET (*(ulong *)(HAB_RVT_BASE + 0x18)) +#define HAB_RVT_AUTHENTICATE_IMAGE (*(ulong *)(HAB_RVT_BASE + 0x20)) +#define HAB_RVT_REPORT_EVENT (*(ulong *)(HAB_RVT_BASE + 0x40)) +#define HAB_RVT_REPORT_STATUS (*(ulong *)(HAB_RVT_BASE + 0x48)) +#define HAB_RVT_FAILSAFE (*(ulong *)(HAB_RVT_BASE + 0x50)) +#else + #ifdef CONFIG_ROM_UNIFIED_SECTIONS #define HAB_RVT_BASE 0x00000100 #else @@ -186,6 +198,8 @@ typedef void hapi_clock_init_t(void); #define HAB_RVT_REPORT_STATUS (*(uint32_t *)(HAB_RVT_BASE + 0x24)) #define HAB_RVT_FAILSAFE (*(uint32_t *)(HAB_RVT_BASE + 0x28)) +#endif /*CONFIG_ARM64*/ + #define HAB_CID_ROM 0 /**< ROM Caller ID */ #define HAB_CID_UBOOT 1 /**< UBOOT Caller ID*/ diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 66ac440349..9ebdbe6ac3 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -10,10 +10,14 @@ #include #include #include +#include #include #include #include #include +#include + +DECLARE_GLOBAL_DATA_PTR; #define ALIGN_SIZE 0x1000 #define MX6DQ_PU_IROM_MMU_EN_VAR 0x009024a8 @@ -21,7 +25,7 @@ #define MX6SL_PU_IROM_MMU_EN_VAR 0x00901c60 #define IS_HAB_ENABLED_BIT \ (is_soc_type(MXC_SOC_MX7ULP) ? 0x80000000 : \ - (is_soc_type(MXC_SOC_MX7) ? 0x2000000 : 0x2)) + ((is_soc_type(MXC_SOC_MX7) || is_soc_type(MXC_SOC_IMX8M)) ? 0x2000000 : 0x2)) static int ivt_header_error(const char *err_str, struct ivt_header *ivt_hdr) { @@ -48,6 +52,194 @@ static int verify_ivt_header(struct ivt_header *ivt_hdr) return result; } +#ifdef CONFIG_ARM64 +#define FSL_SIP_HAB 0xC2000007 +#define FSL_SIP_HAB_AUTHENTICATE 0x00 +#define FSL_SIP_HAB_ENTRY 0x01 +#define FSL_SIP_HAB_EXIT 0x02 +#define FSL_SIP_HAB_REPORT_EVENT 0x03 +#define FSL_SIP_HAB_REPORT_STATUS 0x04 +#define FSL_SIP_HAB_FAILSAFE 0x05 +#define FSL_SIP_HAB_CHECK_TARGET 0x06 +static volatile gd_t *gd_save; +#endif + +static inline void save_gd(void) +{ +#ifdef CONFIG_ARM64 + gd_save = gd; +#endif +} + +static inline void restore_gd(void) +{ +#ifdef CONFIG_ARM64 + /* + * Make will already error that reserving x18 is not supported at the + * time of writing, clang: error: unknown argument: '-ffixed-x18' + */ + __asm__ volatile("mov x18, %0\n" : : "r" (gd_save)); +#endif +} + +enum hab_status hab_rvt_report_event(enum hab_status status, u32 index, + u8 *event, size_t *bytes) +{ + enum hab_status ret; + hab_rvt_report_event_t *hab_rvt_report_event_func; + struct arm_smccc_res res __maybe_unused; + + hab_rvt_report_event_func = (hab_rvt_report_event_t *)HAB_RVT_REPORT_EVENT; +#if defined(CONFIG_ARM64) + if (current_el() != 3) { + /* call sip */ + arm_smccc_smc(FSL_SIP_HAB, FSL_SIP_HAB_REPORT_EVENT, (unsigned long)index, + (unsigned long)event, (unsigned long)bytes, 0, 0, 0, &res); + return (enum hab_status)res.a0; + } +#endif + + save_gd(); + ret = hab_rvt_report_event_func(status, index, event, bytes); + restore_gd(); + + return ret; + +} + +enum hab_status hab_rvt_report_status(enum hab_config *config, enum hab_state *state) +{ + enum hab_status ret; + hab_rvt_report_status_t *hab_rvt_report_status_func; + struct arm_smccc_res res __maybe_unused; + + hab_rvt_report_status_func = (hab_rvt_report_status_t *)HAB_RVT_REPORT_STATUS; +#if defined(CONFIG_ARM64) + if (current_el() != 3) { + /* call sip */ + arm_smccc_smc(FSL_SIP_HAB, FSL_SIP_HAB_REPORT_STATUS, (unsigned long)config, + (unsigned long)state, 0, 0, 0, 0, &res); + return (enum hab_status)res.a0; + } +#endif + + save_gd(); + ret = hab_rvt_report_status_func(config, state); + restore_gd(); + + return ret; +} + +enum hab_status hab_rvt_entry(void) +{ + enum hab_status ret; + hab_rvt_entry_t *hab_rvt_entry_func; + struct arm_smccc_res res __maybe_unused; + + hab_rvt_entry_func = (hab_rvt_entry_t *)HAB_RVT_ENTRY; +#if defined(CONFIG_ARM64) + if (current_el() != 3) { + /* call sip */ + arm_smccc_smc(FSL_SIP_HAB, FSL_SIP_HAB_ENTRY, 0, 0, 0, 0, 0, 0, &res); + return (enum hab_status)res.a0; + } +#endif + + save_gd(); + ret = hab_rvt_entry_func(); + restore_gd(); + + return ret; +} + +enum hab_status hab_rvt_exit(void) +{ + enum hab_status ret; + hab_rvt_exit_t *hab_rvt_exit_func; + struct arm_smccc_res res __maybe_unused; + + hab_rvt_exit_func = (hab_rvt_exit_t *)HAB_RVT_EXIT; +#if defined(CONFIG_ARM64) + if (current_el() != 3) { + /* call sip */ + arm_smccc_smc(FSL_SIP_HAB, FSL_SIP_HAB_EXIT, 0, 0, 0, 0, 0, 0, &res); + return (enum hab_status)res.a0; + } +#endif + + save_gd(); + ret = hab_rvt_exit_func(); + restore_gd(); + + return ret; +} + +void hab_rvt_failsafe(void) +{ + hab_rvt_failsafe_t *hab_rvt_failsafe_func; + + hab_rvt_failsafe_func = (hab_rvt_failsafe_t *)HAB_RVT_FAILSAFE; +#if defined(CONFIG_ARM64) + if (current_el() != 3) { + /* call sip */ + arm_smccc_smc(FSL_SIP_HAB, FSL_SIP_HAB_FAILSAFE, 0, 0, 0, 0, 0, 0, NULL); + return; + } +#endif + + save_gd(); + hab_rvt_failsafe_func(); + restore_gd(); +} + +enum hab_status hab_rvt_check_target(enum hab_target type, const void *start, + size_t bytes) +{ + enum hab_status ret; + hab_rvt_check_target_t *hab_rvt_check_target_func; + struct arm_smccc_res res __maybe_unused; + + hab_rvt_check_target_func = (hab_rvt_check_target_t *)HAB_RVT_CHECK_TARGET; +#if defined(CONFIG_ARM64) + if (current_el() != 3) { + /* call sip */ + arm_smccc_smc(FSL_SIP_HAB, FSL_SIP_HAB_CHECK_TARGET, (unsigned long)type, + (unsigned long)start, (unsigned long)bytes, 0, 0, 0, &res); + return (enum hab_status)res.a0; + } +#endif + + save_gd(); + ret = hab_rvt_check_target_func(type, start, bytes); + restore_gd(); + + return ret; +} + +void *hab_rvt_authenticate_image(uint8_t cid, ptrdiff_t ivt_offset, + void **start, size_t *bytes, hab_loader_callback_f_t loader) +{ + void *ret; + hab_rvt_authenticate_image_t *hab_rvt_authenticate_image_func; + struct arm_smccc_res res __maybe_unused; + + hab_rvt_authenticate_image_func = (hab_rvt_authenticate_image_t *)HAB_RVT_AUTHENTICATE_IMAGE; +#if defined(CONFIG_ARM64) + if (current_el() != 3) { + /* call sip */ + arm_smccc_smc(FSL_SIP_HAB, FSL_SIP_HAB_AUTHENTICATE, (unsigned long)ivt_offset, + (unsigned long)start, (unsigned long)bytes, 0, 0, 0, &res); + return (void *)res.a0; + } +#endif + + save_gd(); + ret = hab_rvt_authenticate_image_func(cid, ivt_offset, start, bytes, loader); + restore_gd(); + + return ret; +} + #if !defined(CONFIG_SPL_BUILD) #define MAX_RECORD_BYTES (8*1024) /* 4 kbytes */ @@ -253,12 +445,6 @@ static int get_hab_status(void) size_t bytes = sizeof(event_data); /* Event size in bytes */ enum hab_config config = 0; enum hab_state state = 0; - hab_rvt_report_event_t *hab_rvt_report_event; - hab_rvt_report_status_t *hab_rvt_report_status; - - hab_rvt_report_event = (hab_rvt_report_event_t *)HAB_RVT_REPORT_EVENT; - hab_rvt_report_status = - (hab_rvt_report_status_t *)HAB_RVT_REPORT_STATUS; if (imx_hab_is_enabled()) puts("\nSecure boot enabled\n"); @@ -493,7 +679,7 @@ static bool csf_is_valid(struct ivt *ivt, ulong start_addr, size_t bytes) return false; } - csf_hdr = (u8 *)ivt->csf; + csf_hdr = (u8 *)(ulong)ivt->csf; /* Verify if CSF Header exist */ if (*csf_hdr != HAB_CMD_HDR) { @@ -561,25 +747,15 @@ bool imx_hab_is_enabled(void) int imx_hab_authenticate_image(uint32_t ddr_start, uint32_t image_size, uint32_t ivt_offset) { - uint32_t load_addr = 0; + ulong load_addr = 0; size_t bytes; - uint32_t ivt_addr = 0; + ulong ivt_addr = 0; int result = 1; ulong start; - hab_rvt_authenticate_image_t *hab_rvt_authenticate_image; - hab_rvt_entry_t *hab_rvt_entry; - hab_rvt_exit_t *hab_rvt_exit; - hab_rvt_check_target_t *hab_rvt_check_target; struct ivt *ivt; struct ivt_header *ivt_hdr; enum hab_status status; - hab_rvt_authenticate_image = - (hab_rvt_authenticate_image_t *)HAB_RVT_AUTHENTICATE_IMAGE; - hab_rvt_entry = (hab_rvt_entry_t *)HAB_RVT_ENTRY; - hab_rvt_exit = (hab_rvt_exit_t *)HAB_RVT_EXIT; - hab_rvt_check_target = (hab_rvt_check_target_t *)HAB_RVT_CHECK_TARGET; - if (!imx_hab_is_enabled()) { puts("hab fuse not enabled\n"); return 0; @@ -591,7 +767,7 @@ int imx_hab_authenticate_image(uint32_t ddr_start, uint32_t image_size, hab_caam_clock_enable(1); /* Calculate IVT address header */ - ivt_addr = ddr_start + ivt_offset; + ivt_addr = (ulong) (ddr_start + ivt_offset); ivt = (struct ivt *)ivt_addr; ivt_hdr = &ivt->hdr; @@ -601,7 +777,7 @@ int imx_hab_authenticate_image(uint32_t ddr_start, uint32_t image_size, /* Verify IVT body */ if (ivt->self != ivt_addr) { - printf("ivt->self 0x%08x pointer is 0x%08x\n", + printf("ivt->self 0x%08x pointer is 0x%08lx\n", ivt->self, ivt_addr); goto hab_authentication_exit; } @@ -624,9 +800,9 @@ int imx_hab_authenticate_image(uint32_t ddr_start, uint32_t image_size, goto hab_exit_failure_print_status; } - status = hab_rvt_check_target(HAB_TGT_MEMORY, (void *)ddr_start, bytes); + status = hab_rvt_check_target(HAB_TGT_MEMORY, (void *)(ulong)ddr_start, bytes); if (status != HAB_SUCCESS) { - printf("HAB check target 0x%08x-0x%08x fail\n", + printf("HAB check target 0x%08x-0x%08lx fail\n", ddr_start, ddr_start + bytes); goto hab_exit_failure_print_status; } @@ -649,6 +825,8 @@ int imx_hab_authenticate_image(uint32_t ddr_start, uint32_t image_size, printf("\tstart = 0x%08lx\n", start); printf("\tbytes = 0x%x\n", bytes); #endif + +#ifndef CONFIG_ARM64 /* * If the MMU is enabled, we have to notify the ROM * code, or it won't flush the caches when needed. @@ -676,8 +854,9 @@ int imx_hab_authenticate_image(uint32_t ddr_start, uint32_t image_size, writel(1, MX6SL_PU_IROM_MMU_EN_VAR); } } +#endif - load_addr = (uint32_t)hab_rvt_authenticate_image( + load_addr = (ulong)hab_rvt_authenticate_image( HAB_CID_UBOOT, ivt_offset, (void **)&start, (size_t *)&bytes, NULL);