From 89f5c753af8e5b8091543e8b1cae4d37e345ed7f Mon Sep 17 00:00:00 2001 From: Stuart Yoder Date: Tue, 9 Jan 2024 17:51:38 -0600 Subject: [PATCH 1/6] feat(drtm): add additional return codes Add additional return codes defined in the DRTM 1.0 spec. Signed-off-by: Stuart Yoder Change-Id: I1620e098edf4f070ac759a26ce3c7272faf2d8b2 --- services/std_svc/drtm/drtm_main.h | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/services/std_svc/drtm/drtm_main.h b/services/std_svc/drtm/drtm_main.h index 60051632e..e2b2ca9f9 100644 --- a/services/std_svc/drtm/drtm_main.h +++ b/services/std_svc/drtm/drtm_main.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Arm Limited. All rights reserved. + * Copyright (c) 2022-2024 Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause * @@ -55,6 +55,12 @@ enum drtm_retc { NOT_FOUND = -4, INTERNAL_ERROR = -5, MEM_PROTECT_INVALID = -6, + COPROCESSOR_ERROR = -7, + OUT_OF_RESOURCE = -8, + INVALID_DATA = -9, + SECONDARY_PE_NOT_OFF = -10, + ALREADY_CLOSED = -11, + TPM_ERROR = -12 }; typedef struct { From bc9064ae5c983aaca56102c2c0d3513ed022fd46 Mon Sep 17 00:00:00 2001 From: Stuart Yoder Date: Wed, 10 Jan 2024 14:03:03 -0600 Subject: [PATCH 2/6] feat(drtm): update return code if secondary PE is not off DRTM 1.0 specifies that if any secondary PEs are not off during a dynamic launch the return code must be SECONDARY_PE_NOT_OFF. Signed-off-by: Stuart Yoder Change-Id: Idcb1f3c60daa63a5bc994bdeacca8aab7066f628 --- services/std_svc/drtm/drtm_main.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/services/std_svc/drtm/drtm_main.c b/services/std_svc/drtm/drtm_main.c index 3acf6838e..6b997210e 100644 --- a/services/std_svc/drtm/drtm_main.c +++ b/services/std_svc/drtm/drtm_main.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Arm Limited. All rights reserved. + * Copyright (c) 2022-2024 Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause * @@ -211,7 +211,7 @@ static enum drtm_retc drtm_dl_check_cores(void) running_on_single_core = psci_is_last_on_cpu_safe(); if (!running_on_single_core) { ERROR("DRTM: invalid launch due to non-boot PE not being turned off\n"); - return DENIED; + return SECONDARY_PE_NOT_OFF; } return SUCCESS; From 5dde96b02490829d023b37931737c2ba2a6ed431 Mon Sep 17 00:00:00 2001 From: Stuart Yoder Date: Wed, 10 Jan 2024 14:10:45 -0600 Subject: [PATCH 3/6] feat(drtm): add ACPI table region size to the DLME header The DRTM 1.0 spec defines an additional field in the DLME header for an optional region in the DLME to hold ACPI tables. Signed-off-by: Stuart Yoder Change-Id: Idba7fa6bd0fb4ef2bdffc24f4588720e1661e58c --- services/std_svc/drtm/drtm_main.h | 1 + 1 file changed, 1 insertion(+) diff --git a/services/std_svc/drtm/drtm_main.h b/services/std_svc/drtm/drtm_main.h index e2b2ca9f9..a7d053f17 100644 --- a/services/std_svc/drtm/drtm_main.h +++ b/services/std_svc/drtm/drtm_main.h @@ -95,6 +95,7 @@ struct __packed dlme_data_header_v1 { uint64_t dlme_addr_map_size; uint64_t dlme_tpm_log_size; uint64_t dlme_tcb_hashes_table_size; + uint64_t dlme_acpi_tables_region_size; uint64_t dlme_impdef_region_size; } __aligned(__alignof(uint16_t /* First member's type, `uint16_t version'. */)); From c86cfa35975542d25d2192b81908074195aafe96 Mon Sep 17 00:00:00 2001 From: Stuart Yoder Date: Wed, 10 Jan 2024 14:16:26 -0600 Subject: [PATCH 4/6] feat(drtm): for TPM features fw hash algorithm should be 16-bits The DRTM 1.0 spec changed the Firmware hash algorithm field size from 32-bits to 16-bits. Signed-off-by: Stuart Yoder Change-Id: I713e32e01b1983bf21d97c93bbb28c77dc94a541 --- include/plat/common/plat_drtm.h | 4 ++-- include/services/drtm_svc.h | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/include/plat/common/plat_drtm.h b/include/plat/common/plat_drtm.h index e96e71958..81d6d464e 100644 --- a/include/plat/common/plat_drtm.h +++ b/include/plat/common/plat_drtm.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022, Arm Limited. All rights reserved. + * Copyright (c) 2022-2024, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -17,7 +17,7 @@ typedef struct { typedef struct { bool tpm_based_hash_support; - uint32_t firmware_hash_algorithm; + uint16_t firmware_hash_algorithm; } plat_drtm_tpm_features_t; typedef struct { diff --git a/include/services/drtm_svc.h b/include/services/drtm_svc.h index 69b314f08..5474509c2 100644 --- a/include/services/drtm_svc.h +++ b/include/services/drtm_svc.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Arm Limited. All rights reserved. + * Copyright (c) 2022-2024 Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause * @@ -87,7 +87,7 @@ #define ARM_DRTM_TPM_FEATURES_TPM_HASH_SUPPORTED ULL(0x1) #define ARM_DRTM_TPM_FEATURES_FW_HASH_SHIFT U(0) -#define ARM_DRTM_TPM_FEATURES_FW_HASH_MASK ULL(0xFFFFFFFF) +#define ARM_DRTM_TPM_FEATURES_FW_HASH_MASK ULL(0xFFFF) #define ARM_DRTM_TPM_FEATURES_FW_HASH_SHA256 ULL(0xB) #define ARM_DRTM_TPM_FEATURES_FW_HASH_SHA384 ULL(0xC) #define ARM_DRTM_TPM_FEATURES_FW_HASH_SHA512 ULL(0xD) From b94d59099f0addb32389952dc6ecf35136a23859 Mon Sep 17 00:00:00 2001 From: Stuart Yoder Date: Wed, 10 Jan 2024 14:22:03 -0600 Subject: [PATCH 5/6] feat(drtm): update references to DRTM beta0 Update all references to DRTM beta0 to be 1.0 instead. Signed-off-by: Stuart Yoder Change-Id: Ieda70f26f3be42f4705e9b267706674c94f120f2 --- include/plat/common/plat_drtm.h | 2 +- include/services/drtm_svc.h | 2 +- services/std_svc/drtm/drtm_main.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/include/plat/common/plat_drtm.h b/include/plat/common/plat_drtm.h index 81d6d464e..07545a68f 100644 --- a/include/plat/common/plat_drtm.h +++ b/include/plat/common/plat_drtm.h @@ -26,7 +26,7 @@ typedef struct { } __attribute__((packed)) drtm_mem_region_t; /* - * Memory region descriptor table structure as per DRTM beta0 section 3.13 + * Memory region descriptor table structure as per DRTM 1.0 section 3.13 * Table 11 MEMORY_REGION_DESCRIPTOR_TABLE */ typedef struct { diff --git a/include/services/drtm_svc.h b/include/services/drtm_svc.h index 5474509c2..dcbe790ff 100644 --- a/include/services/drtm_svc.h +++ b/include/services/drtm_svc.h @@ -74,7 +74,7 @@ #define ARM_DRTM_FEAT_ID_MASK ULL(0xff) /* - * Definitions for DRTM features as per DRTM beta0 section 3.3, + * Definitions for DRTM features as per DRTM 1.0 section 3.3, * Table 6 DRTM_FEATURES */ #define ARM_DRTM_TPM_FEATURES_PCR_SCHEMA_SHIFT U(33) diff --git a/services/std_svc/drtm/drtm_main.c b/services/std_svc/drtm/drtm_main.c index 6b997210e..b9c83fa08 100644 --- a/services/std_svc/drtm/drtm_main.c +++ b/services/std_svc/drtm/drtm_main.c @@ -658,7 +658,7 @@ static uint64_t drtm_dynamic_launch(uint64_t x1, void *handle) drtm_dl_prepare_eret_to_dlme(&args, dlme_el); /* - * As per DRTM beta0 spec table #28 invalidate the instruction cache + * As per DRTM 1.0 spec table #30 invalidate the instruction cache * before jumping to the DLME. This is required to defend against * potentially-malicious cache contents. */ From 9c36b900f904642f41e201024df584c0eaef9fc5 Mon Sep 17 00:00:00 2001 From: Stuart Yoder Date: Wed, 10 Jan 2024 14:26:10 -0600 Subject: [PATCH 6/6] feat(drtm): update DRTM version to 1.0 Update DRTM version from 0.1 to 1.0. Signed-off-by: Stuart Yoder Change-Id: Ic37fd29e4c2de1a29c2808870addba049d488773 --- include/services/drtm_svc.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/services/drtm_svc.h b/include/services/drtm_svc.h index dcbe790ff..f0d3c63bc 100644 --- a/include/services/drtm_svc.h +++ b/include/services/drtm_svc.h @@ -54,10 +54,10 @@ (((_fid) >= ARM_DRTM_SVC_VERSION) && ((_fid) <= ARM_DRTM_SVC_LOCK_TCB_HASH)) /* ARM DRTM Service Calls version numbers */ -#define ARM_DRTM_VERSION_MAJOR U(0) +#define ARM_DRTM_VERSION_MAJOR U(1) #define ARM_DRTM_VERSION_MAJOR_SHIFT 16 #define ARM_DRTM_VERSION_MAJOR_MASK U(0x7FFF) -#define ARM_DRTM_VERSION_MINOR U(1) +#define ARM_DRTM_VERSION_MINOR U(0) #define ARM_DRTM_VERSION_MINOR_SHIFT 0 #define ARM_DRTM_VERSION_MINOR_MASK U(0xFFFF)