From 621eaab5cc3c9d98783700b7515b1da118b3d21c Mon Sep 17 00:00:00 2001 From: Bo-Chen Chen Date: Tue, 6 Dec 2022 15:20:31 +0800 Subject: [PATCH 1/3] feat(mediatek): add SiP service for OP-TEE Add SiP service for the SMC call from the secure world. Signed-off-by: Bo-Chen Chen Signed-off-by: jason-ch chen Change-Id: I7a5cfaac5c46ea65be793c3d291e4332cc0b2e54 --- plat/mediatek/common/mtk_smc_handlers.c | 29 ++++++++++++++++++++++--- plat/mediatek/include/mtk_sip_def.h | 5 ++++- plat/mediatek/include/mtk_sip_svc.h | 4 +++- 3 files changed, 33 insertions(+), 5 deletions(-) diff --git a/plat/mediatek/common/mtk_smc_handlers.c b/plat/mediatek/common/mtk_smc_handlers.c index 92b3873c3..7fd3402c7 100644 --- a/plat/mediatek/common/mtk_smc_handlers.c +++ b/plat/mediatek/common/mtk_smc_handlers.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022, MediaTek Inc. All rights reserved. + * Copyright (c) 2022-2023, MediaTek Inc. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -76,6 +76,7 @@ MTK_SIP_SMC_FROM_BL33_TABLE(SMC_ID_EXPAND_AS_DESCRIPTOR_INDEX); MTK_SIP_SMC_FROM_NS_EL1_TABLE(SMC_ID_EXPAND_AS_DESCRIPTOR_INDEX); +MTK_SIP_SMC_FROM_S_EL1_TABLE(SMC_ID_EXPAND_AS_DESCRIPTOR_INDEX); IMPORT_SYM(uintptr_t, __MTK_SMC_POOL_START__, MTK_SMC_POOL_START); IMPORT_SYM(uintptr_t, __MTK_SMC_POOL_END_UNALIGNED__, MTK_SMC_POOL_END_UNALIGNED); @@ -134,6 +135,28 @@ static int mtk_smc_handler_init(void) } MTK_EARLY_PLAT_INIT(mtk_smc_handler_init); +/* This function handles Mediatek defined SiP Calls from Secure world */ +static u_register_t mtk_smc_handler_sel1(uint32_t smc_id, + u_register_t x1, + u_register_t x2, + u_register_t x3, + u_register_t x4, + void *cookie, + void *handle, + u_register_t flags) +{ + u_register_t ret = MTK_SIP_E_SUCCESS; + struct smccc_res smc_ret = {0}; + + switch (smc_id) { + MTK_SIP_SMC_FROM_S_EL1_TABLE(SMC_ID_EXPAND_AS_SMC_OPERATION); + default: + INFO("SEL1 SMC ID:0x%x not support\n", smc_id); + ret = SMC_UNK; + } + SMC_RET4(handle, ret, smc_ret.a1, smc_ret.a2, smc_ret.a3); +} + /* This function handles Mediatek defined SiP Calls from Bootloader */ static uintptr_t mtk_smc_handler_bl33(uint32_t smc_id, u_register_t x1, @@ -209,8 +232,8 @@ static uintptr_t mtk_smc_handler(uint32_t smc_id, if (!ns) { /* SiP SMC service secure world's call */ - INFO("Secure SMC ID:0x%x not supported\n", smc_id); - SMC_RET1(handle, ret); + return mtk_smc_handler_sel1(smc_num, x1, x2, x3, x4, + cookie, handle, flags); } if (is_from_bl33(smc_ori)) { /* SiP SMC service secure bootloader's call */ diff --git a/plat/mediatek/include/mtk_sip_def.h b/plat/mediatek/include/mtk_sip_def.h index 2039017e3..a86a46cff 100644 --- a/plat/mediatek/include/mtk_sip_def.h +++ b/plat/mediatek/include/mtk_sip_def.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022, MediaTek Inc. All rights reserved. + * Copyright (c) 2022-2023, MediaTek Inc. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -19,6 +19,9 @@ _func(MTK_SIP_DP_CONTROL, 0x523) \ _func(MTK_SIP_KERNEL_GIC_OP, 0x526) +#define MTK_SIP_SMC_FROM_S_EL1_TABLE(_func) \ + _func(MTK_SIP_TEE_MPU_PERM_SET, 0x031) + #define MTK_SIP_SMC_FROM_BL33_TABLE(_func) \ _func(MTK_SIP_KERNEL_BOOT, 0x115) diff --git a/plat/mediatek/include/mtk_sip_svc.h b/plat/mediatek/include/mtk_sip_svc.h index ce51048e6..f67791572 100644 --- a/plat/mediatek/include/mtk_sip_svc.h +++ b/plat/mediatek/include/mtk_sip_svc.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2022-2023, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -55,11 +55,13 @@ MTK_SIP_SMC_FROM_BL33_TABLE(SMC_ID_EXPAND_AS_EXTERN_SMC_INDEX); MTK_SIP_SMC_FROM_NS_EL1_TABLE(SMC_ID_EXPAND_AS_EXTERN_SMC_INDEX); +MTK_SIP_SMC_FROM_S_EL1_TABLE(SMC_ID_EXPAND_AS_EXTERN_SMC_INDEX); /* Expand SiP SMC ID table as enum */ enum { MTK_SIP_SMC_FROM_BL33_TABLE(SMC_ID_EXPAND_AS_ENUM) MTK_SIP_SMC_FROM_NS_EL1_TABLE(SMC_ID_EXPAND_AS_ENUM) + MTK_SIP_SMC_FROM_S_EL1_TABLE(SMC_ID_EXPAND_AS_ENUM) MTK_SIP_SMC_MAX_NUMBER }; From c842cc0e5d1432a681cbddce62a852ff282169ae Mon Sep 17 00:00:00 2001 From: Bo-Chen Chen Date: Tue, 6 Dec 2022 15:22:33 +0800 Subject: [PATCH 2/3] feat(mediatek): add SMC handler for EMI MPU EMI MPU will handle the SMC call from optee, so we need to add this patch to support it. Signed-off-by: Bo-Chen Chen Signed-off-by: jason-ch chen Change-Id: I22e128c4246814cbd5855f51a26e4e11ccfe3a6b --- plat/mediatek/drivers/emi_mpu/emi_mpu_common.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/plat/mediatek/drivers/emi_mpu/emi_mpu_common.c b/plat/mediatek/drivers/emi_mpu/emi_mpu_common.c index 27b2b07f9..bf777912d 100644 --- a/plat/mediatek/drivers/emi_mpu/emi_mpu_common.c +++ b/plat/mediatek/drivers/emi_mpu/emi_mpu_common.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2022-2023, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -9,6 +9,7 @@ #include #include #include +#include #if ENABLE_EMI_MPU_SW_LOCK static unsigned char region_lock_state[EMI_MPU_REGION_NUM]; @@ -111,6 +112,16 @@ int emi_mpu_set_protection(struct emi_region_info_t *region_info) return 0; } +u_register_t mtk_emi_mpu_sip_handler(u_register_t x1, u_register_t x2, + u_register_t x3, u_register_t x4, + void *handle, struct smccc_res *smccc_ret) +{ + /* TODO: implement emi mpu handler */ + + return 0; +} +DECLARE_SMC_HANDLER(MTK_SIP_TEE_MPU_PERM_SET, mtk_emi_mpu_sip_handler); + int emi_mpu_init(void) { INFO("[%s] emi mpu initialization\n", __func__); From ccc61e10029b8ddfcb5cb65201862a18ebbc953d Mon Sep 17 00:00:00 2001 From: Bo-Chen Chen Date: Wed, 1 Mar 2023 16:12:46 +0800 Subject: [PATCH 3/3] feat(mt8195): add support for SMC from OP-TEE - Add MTK_SIP_SMC_FROM_S_EL1_TABLE to handle the SMC call from OP-TEE. - Register optee SMC ID for EMI MPU. Signed-off-by: Bo-Chen Chen Signed-off-by: Ming Huang Signed-off-by: jason-ch chen Change-Id: I924ea85d29d4113e92d8f3d411c0fb77daa0c205 --- .../mediatek/mt8195/drivers/emi_mpu/emi_mpu.c | 45 ++++++++++++++++++- .../mediatek/mt8195/drivers/emi_mpu/emi_mpu.h | 11 ++++- plat/mediatek/mt8195/plat_sip_calls.c | 8 +++- 3 files changed, 60 insertions(+), 4 deletions(-) diff --git a/plat/mediatek/mt8195/drivers/emi_mpu/emi_mpu.c b/plat/mediatek/mt8195/drivers/emi_mpu/emi_mpu.c index 794e21ef8..b6e5a2d92 100644 --- a/plat/mediatek/mt8195/drivers/emi_mpu/emi_mpu.c +++ b/plat/mediatek/mt8195/drivers/emi_mpu/emi_mpu.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2021-2023, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -8,6 +8,7 @@ #include #include #include +#include #if ENABLE_EMI_MPU_SW_LOCK static unsigned char region_lock_state[EMI_MPU_REGION_NUM]; @@ -17,6 +18,7 @@ static unsigned char region_lock_state[EMI_MPU_REGION_NUM]; #define EMI_MPU_END_MASK (0x00FFFFFF) #define EMI_MPU_APC_SW_LOCK_MASK (0x00FFFFFF) #define EMI_MPU_APC_HW_LOCK_MASK (0x80FFFFFF) +#define MPU_PHYSICAL_ADDR_SHIFT_BITS (16) static int _emi_mpu_set_protection(unsigned int start, unsigned int end, unsigned int apc) @@ -139,7 +141,7 @@ void emi_mpu_init(void) /* Forbidden All */ region_info.start = 0x40000000ULL; /* dram base addr */ region_info.end = 0x1FFFF0000ULL; - region_info.region = 4; + region_info.region = 5; SET_ACCESS_PERMISSION(region_info.apc, 1, FORBIDDEN, FORBIDDEN, FORBIDDEN, FORBIDDEN, FORBIDDEN, FORBIDDEN, FORBIDDEN, FORBIDDEN, @@ -149,3 +151,42 @@ void emi_mpu_init(void) dump_emi_mpu_regions(); } + +static inline uint64_t get_decoded_phys_addr(uint64_t addr) +{ + return (addr << MPU_PHYSICAL_ADDR_SHIFT_BITS); +} + +static inline uint32_t get_decoded_zone_id(uint32_t info) +{ + return ((info & 0xFFFF0000) >> MPU_PHYSICAL_ADDR_SHIFT_BITS); +} + +int32_t emi_mpu_sip_handler(uint64_t encoded_addr, uint64_t zone_size, uint64_t zone_info) +{ + uint64_t phys_addr = get_decoded_phys_addr(encoded_addr); + struct emi_region_info_t region_info; + enum MPU_REQ_ORIGIN_ZONE_ID zone_id = get_decoded_zone_id(zone_info); + + INFO("encoded_addr = 0x%lx, zone_size = 0x%lx, zone_info = 0x%lx\n", + encoded_addr, zone_size, zone_info); + + if (zone_id != MPU_REQ_ORIGIN_TEE_ZONE_SVP) { + ERROR("Invalid param %s, %d\n", __func__, __LINE__); + return MTK_SIP_E_INVALID_PARAM; + } + + /* SVP DRAM */ + region_info.start = phys_addr; + region_info.end = phys_addr + zone_size; + region_info.region = 4; + SET_ACCESS_PERMISSION(region_info.apc, 1, + FORBIDDEN, FORBIDDEN, FORBIDDEN, FORBIDDEN, + FORBIDDEN, FORBIDDEN, FORBIDDEN, FORBIDDEN, + FORBIDDEN, FORBIDDEN, FORBIDDEN, FORBIDDEN, + FORBIDDEN, FORBIDDEN, FORBIDDEN, SEC_RW); + + emi_mpu_set_protection(®ion_info); + + return 0; +} diff --git a/plat/mediatek/mt8195/drivers/emi_mpu/emi_mpu.h b/plat/mediatek/mt8195/drivers/emi_mpu/emi_mpu.h index 415146ece..83bd6dee6 100644 --- a/plat/mediatek/mt8195/drivers/emi_mpu/emi_mpu.h +++ b/plat/mediatek/mt8195/drivers/emi_mpu/emi_mpu.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2021-2023, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -93,6 +93,15 @@ struct emi_region_info_t { unsigned int apc[EMI_MPU_DGROUP_NUM]; }; +enum MPU_REQ_ORIGIN_ZONE_ID { + MPU_REQ_ORIGIN_TEE_ZONE_SVP = 0, + MPU_REQ_ORIGIN_TEE_ZONE_TUI = 1, + MPU_REQ_ORIGIN_TEE_ZONE_WFD = 2, + MPU_REQ_ORIGIN_TEE_ZONE_MAX = 3, + MPU_REQ_ORIGIN_ZONE_INVALID = 0x7FFFFFFF, +}; + void emi_mpu_init(void); +int32_t emi_mpu_sip_handler(uint64_t encoded_addr, uint64_t zone_size, uint64_t zone_info); #endif diff --git a/plat/mediatek/mt8195/plat_sip_calls.c b/plat/mediatek/mt8195/plat_sip_calls.c index 1cdd62298..2debeffcd 100644 --- a/plat/mediatek/mt8195/plat_sip_calls.c +++ b/plat/mediatek/mt8195/plat_sip_calls.c @@ -1,11 +1,12 @@ /* - * Copyright (c) 2020-2022, MediaTek Inc. All rights reserved. + * Copyright (c) 2020-2023, MediaTek Inc. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ #include #include +#include #include #include #include @@ -27,6 +28,11 @@ uintptr_t mediatek_plat_sip_handler(uint32_t smc_fid, uint32_t ret_val; switch (smc_fid) { + case MTK_SIP_TEE_MPU_PERM_SET_AARCH64: + case MTK_SIP_TEE_MPU_PERM_SET_AARCH32: + ret = emi_mpu_sip_handler(x1, x2, x3); + SMC_RET2(handle, ret, ret_val); + break; case MTK_SIP_DP_CONTROL_AARCH32: case MTK_SIP_DP_CONTROL_AARCH64: ret = dp_secure_handler(x1, x2, &ret_val);