feat(drtm): update drtm setup function

Updated DRTM setup functionality that mainly does below 2 things
1. Initialise the DRTM DMA protection, this function assumes the
   platform must support complete DMA protection.
2. Initialise the Crypto module that will be useful to calculate
   the hash of various DRTM element involved.

Signed-off-by: Manish V Badarkhe <manish.badarkhe@arm.com>
Signed-off-by: Lucian Paul-Trifu <lucian.paultrifu@gmail.com>
Change-Id: I3d6e4d534686d391fa7626094d2b2535dac74e00

diff --git a/bl31/bl31.mk b/bl31/bl31.mk
index 3e665c584bd63138c2999984fb103bef51fcc7a7..ec70627553916367143eb00d798a1360fc05e23e 100644 (file)
--- a/bl31/bl31.mk
+++ b/bl31/bl31.mk
@@ -149,6 +149,7 @@ endif
 
 ifeq (${DRTM_SUPPORT},1)
 BL31_SOURCES           +=      services/std_svc/drtm/drtm_main.c       \
+                               services/std_svc/drtm/drtm_dma_prot.c   \
                                ${MBEDTLS_SOURCES}
 endif
 

diff --git a/services/std_svc/drtm/drtm_dma_prot.c b/services/std_svc/drtm/drtm_dma_prot.c
new file mode 100644 (file)
index 0000000..9d014a0
--- /dev/null
+++ b/services/std_svc/drtm/drtm_dma_prot.c
@@ -0,0 +1,61 @@
+/*
+ * Copyright (c) 2022 Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier:    BSD-3-Clause
+ *
+ * DRTM DMA protection.
+ *
+ * Authors:
+ *      Lucian Paul-Trifu <lucian.paultrifu@gmail.com>
+ *
+ */
+
+#include <stdint.h>
+#include <string.h>
+
+#include <common/debug.h>
+
+#include "drtm_dma_prot.h"
+#include <plat/common/platform.h>
+
+/*
+ * This function checks that platform supports complete DMA protection.
+ * and returns false - if the platform supports complete DMA protection.
+ * and returns true - if the platform does not support complete DMA protection.
+ */
+bool drtm_dma_prot_init(void)
+{
+       bool must_init_fail = false;
+       const uintptr_t *smmus;
+       size_t num_smmus = 0;
+       unsigned int total_smmus;
+
+       /* Warns presence of non-host platforms */
+       if (plat_has_non_host_platforms()) {
+               WARN("DRTM: the platform includes trusted DMA-capable devices"
+                               " (non-host platforms)\n");
+       }
+
+       /*
+        * DLME protection is uncertain on platforms with peripherals whose
+        * DMA is not managed by an SMMU. DRTM doesn't work on such platforms.
+        */
+       if (plat_has_unmanaged_dma_peripherals()) {
+               ERROR("DRTM: this platform does not provide DMA protection\n");
+               must_init_fail = true;
+       }
+
+       /*
+        * Check that the platform reported all SMMUs.
+        * It is acceptable if the platform doesn't have any SMMUs when it
+        * doesn't have any DMA-capable devices.
+        */
+       total_smmus = plat_get_total_smmus();
+       plat_enumerate_smmus(&smmus, &num_smmus);
+       if (num_smmus != total_smmus) {
+               ERROR("DRTM: could not discover all SMMUs\n");
+               must_init_fail = true;
+       }
+
+       return must_init_fail;
+}

diff --git a/services/std_svc/drtm/drtm_dma_prot.h b/services/std_svc/drtm/drtm_dma_prot.h
new file mode 100644 (file)
index 0000000..e0c58b5
--- /dev/null
+++ b/services/std_svc/drtm/drtm_dma_prot.h
@@ -0,0 +1,14 @@
+/*
+ * Copyright (c) 2022 Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier:    BSD-3-Clause
+ *
+ */
+#ifndef DRTM_DMA_PROT_H
+#define DRTM_DMA_PROT_H
+
+#include <stdint.h>
+
+bool drtm_dma_prot_init(void);
+
+#endif /* DRTM_DMA_PROT_H */

diff --git a/services/std_svc/drtm/drtm_main.c b/services/std_svc/drtm/drtm_main.c
index c7fce5e165be64c5f1bfe676468118d8473070b0..adb929379575ec07ffa7aa54fcdcf87a401925df 100644 (file)
--- a/services/std_svc/drtm/drtm_main.c
+++ b/services/std_svc/drtm/drtm_main.c
@@ -12,15 +12,37 @@
 
 #include <stdint.h>
 
+#include <arch.h>
+#include <arch_helpers.h>
 #include <common/debug.h>
 #include <common/runtime_svc.h>
+#include <drivers/auth/crypto_mod.h>
 #include "drtm_main.h"
 #include <services/drtm_svc.h>
 
+/* This value is used by the SMC to advertise the boot PE */
+static uint64_t boot_pe_aff_value;
+
 int drtm_setup(void)
 {
+       bool rc;
+
        INFO("DRTM service setup\n");
 
+       boot_pe_aff_value = read_mpidr_el1() & MPIDR_AFFINITY_MASK;
+
+       rc = drtm_dma_prot_init();
+       if (rc) {
+               return INTERNAL_ERROR;
+       }
+
+       /*
+        * initialise the platform supported crypto module that will
+        * be used by the DRTM-service to calculate hash of DRTM-
+        * implementation specific components
+        */
+       crypto_mod_init();
+
        return 0;
 }
 

diff --git a/services/std_svc/drtm/drtm_main.h b/services/std_svc/drtm/drtm_main.h
index 39c67cecf686b65ec6147ca8183364ebee068ae7..4c1adac04a0a6968ddfb90eaa1d9f7d0260363b4 100644 (file)
--- a/services/std_svc/drtm/drtm_main.h
+++ b/services/std_svc/drtm/drtm_main.h
@@ -11,6 +11,8 @@
 
 #include <lib/smccc.h>
 
+#include "drtm_dma_prot.h"
+
 enum drtm_retc {
        SUCCESS = SMC_OK,
        NOT_SUPPORTED = SMC_UNK,