feat(tc): get the parent component provided DPE context_handle

Each client who wants to communicate with the DPE service
must own a valid context handle issued by the DPE service.
A context handle can be used for a single time then it will
be invalidated by the DPE service. In case of calls from
the same component, the next valid context handle is
returned in the response to a DPE command. When a component
finishes their job then the next component in the boot flow
inherits its first context handle from its parent.
How the inheritance is done can be client or
platform-dependent. It can be shared through shared
memory or be part of a DTB object passed to the next
bootloader stage.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Signed-off-by: David Vincze <david.vincze@arm.com>
Change-Id: Ic82f074f1c5b15953e78f9fa5404ed7f48674cbb

drivers/measured_boot/rss/dice_prot_env.c

@@ -67,7 +67,7 @@ void dpe_init(struct dpe_metadata *metadata)
 		metadata++;
 	}
 
-	/* TODO: Obtain ctx handle and assign it to initial_context_handle */
+	plat_dpe_get_context_handle(&initial_context_handle);
 }
 
 int dpe_measure_and_record(struct dpe_metadata *metadata,

include/drivers/measured_boot/rss/dice_prot_env.h

@@ -43,5 +43,6 @@ int dpe_set_signer_id(struct dpe_metadata *metadata,
  * How to share context handle is platform specific.
  */
 void plat_dpe_share_context_handle(int *ctx_handle);
+void plat_dpe_get_context_handle(int *ctx_handle);
 
 #endif /* DICE_PROT_ENV_H */

plat/arm/board/tc/platform.mk

@@ -193,7 +193,10 @@ ifeq (${MEASURED_BOOT},1)
 				${DPE_SOURCES} \
 				plat/arm/board/tc/tc_common_dpe.c \
 				plat/arm/board/tc/tc_bl1_dpe.c \
-				lib/psa/dice_protection_environment.c
+				lib/psa/dice_protection_environment.c \
+				drivers/arm/css/sds/sds.c \
+				drivers/delay_timer/delay_timer.c \
+				drivers/delay_timer/generic_delay_timer.c
 
 	BL2_SOURCES	+=	${QCBOR_SOURCES} \
 				${DPE_SOURCES} \

plat/arm/board/tc/tc_bl1_dpe.c

@@ -7,7 +7,10 @@
 #include <stdint.h>
 
 #include <common/debug.h>
+#include <drivers/arm/css/sds.h>
 #include <drivers/arm/rss_comms.h>
+#include <drivers/delay_timer.h>
+#include <drivers/generic_delay_timer.h>
 #include <drivers/measured_boot/metadata.h>
 #include <drivers/measured_boot/rss/dice_prot_env.h>
 #include <plat/arm/common/plat_arm.h>
@@ -44,6 +47,10 @@ struct dpe_metadata tc_dpe_metadata[] = {
 		.id = DPE_INVALID_ID }
 };
 
+/* Effective timeout of 10000 ms */
+#define RSS_DPE_BOOT_10US_RETRIES		1000000
+#define TC2_SDS_DPE_CTX_HANDLE_STRUCT_ID	0x0000000A
+
 /* Context handle is meant to be used by BL2. Sharing it via TB_FW_CONFIG */
 static int new_ctx_handle;
 
@@ -52,6 +59,53 @@ void plat_dpe_share_context_handle(int *ctx_handle)
 	new_ctx_handle = *ctx_handle;
 }
 
+void plat_dpe_get_context_handle(int *ctx_handle)
+{
+	int retry = RSS_DPE_BOOT_10US_RETRIES;
+	int ret;
+
+	/* Initialize System level generic or SP804 timer */
+	generic_delay_timer_init();
+
+	/* Check the initialization of the Shared Data Storage area between RSS
+	 * and AP. Since AP_BL1 is executed first then a bit later the RSS
+	 * runtime, which initialize this area, therefore AP needs to check it
+	 * in a loop until it gets written by RSS Secure Runtime.
+	 */
+	VERBOSE("Waiting for DPE service initialization in RSS Secure Runtime\n");
+	while (retry > 0) {
+		ret = sds_init(SDS_RSS_AP_REGION_ID);
+		if (ret != SDS_OK) {
+			udelay(10);
+			retry--;
+		} else {
+			break;
+		}
+	}
+
+	if (retry == 0) {
+		ERROR("DPE init timeout\n");
+		plat_panic_handler();
+	} else {
+		VERBOSE("DPE init succeeded in %dms.\n",
+			(RSS_DPE_BOOT_10US_RETRIES - retry) / 100);
+	}
+
+	/* TODO: call this in a loop to avoid reading unfinished data */
+	ret = sds_struct_read(SDS_RSS_AP_REGION_ID,
+			      TC2_SDS_DPE_CTX_HANDLE_STRUCT_ID,
+			      0,
+			      ctx_handle,
+			      sizeof(*ctx_handle),
+			      SDS_ACCESS_MODE_NON_CACHED);
+	if (ret != SDS_OK) {
+		ERROR("Unable to get DPE context handle from SDS area\n");
+		plat_panic_handler();
+	}
+
+	VERBOSE("Received DPE context handle: 0x%x\n", *ctx_handle);
+}
+
 void bl1_plat_mboot_init(void)
 {
 	/* Initialize the communication channel between AP and RSS */

plat/arm/board/tc/tc_bl2_dpe.c

@@ -173,6 +173,24 @@ void plat_dpe_share_context_handle(int *ctx_handle)
 	new_ctx_handle = *ctx_handle;
 }
 
+void plat_dpe_get_context_handle(int *ctx_handle)
+{
+	int rc;
+
+	rc = arm_get_tb_fw_info(ctx_handle);
+	if (rc != 0) {
+		ERROR("Unable to get DPE context handle from TB_FW_CONFIG\n");
+		/*
+		 * It is a fatal error because on FVP platform, BL2 software
+		 * assumes that a valid DPE context_handle is passed through
+		 * the DTB object by BL1.
+		 */
+		plat_panic_handler();
+	}
+
+	VERBOSE("Received DPE context handle: 0x%x\n", *ctx_handle);
+}
+
 void bl2_plat_mboot_init(void)
 {
 	/* Initialize the communication channel between AP and RSS */