On Mon, Sep 26, 2022 at 03:08:21PM +0100, Abdellatif El Khlifi wrote:
Add the driver implementing Arm Firmware Framework for Armv8-A v1.0
The Firmware Framework for Arm A-profile processors (FF-A v1.0) [1] describes interfaces (ABIs) that standardize communication between the Secure World and Normal World leveraging TrustZone technology.
This driver uses 64-bit registers as per SMCCCv1.2 spec and comes on top of the SMCCC layer. The driver provides the FF-A ABIs needed for querying the FF-A framework from the secure world.
32-bit version of the ABIs is supported and 64-bit version of FFA_RXTX_MAP and FFA_MSG_SEND_DIRECT_{REQ, RESP}.
In u-boot FF-A design, FF-A is considered as a discoverable bus. The Secure World is considered as one entity to communicate with using the FF-A bus. FF-A communication is handled by one device and one instance (the bus). This FF-A driver takes care of all the interactions between Normal world and Secure World.
The driver exports its operations to be used by upper layers.
Exported operations:
- partition_info_get
- sync_send_receive
- rxtx_unmap
This implementation provides an optional feature to copy the driver data to EFI runtime area.
Signed-off-by: Abdellatif El Khlifi abdellatif.elkhlifi@arm.com Cc: Tom Rini trini@konsulko.com Cc: Simon Glass sjg@chromium.org Cc: Ilias Apalodimas ilias.apalodimas@linaro.org Cc: Jens Wiklander jens.wiklander@linaro.org
Changelog:
v4:
- add doc/README.ffa.drv
- moving the FF-A driver work to drivers/firmware/arm-ffa
- use less #ifdefs in lib/efi_loader/efi_boottime.c and replace #if defined by #if CONFIG_IS_ENABLED
- improving error handling by mapping the FF-A errors to standard errors and logs
- replacing panics with an error log and returning an error code
- improving features discovery in FFA_FEATURES by introducing rxtx_min_pages private data field
- add ffa_remove and ffa_bind functions
- improve how the driver behaves when bus discovery is done more than once
v3:
- align the interfaces of the u-boot FF-A driver with those in the linux FF-A driver
- remove the FF-A helper layer
- make the u-boot FF-A driver independent from EFI
- provide an optional config that enables copying the driver data to EFI runtime section at ExitBootServices service
- use 64-bit version of FFA_RXTX_MAP, FFA_MSG_SEND_DIRECT_{REQ, RESP}
v2:
- make FF-A bus discoverable using device_{bind, probe} APIs
- remove device tree support
v1:
- introduce FF-A bus driver with device tree support
MAINTAINERS | 7 + common/board_r.c | 9 + doc/README.ffa.drv | 160 ++ drivers/Kconfig | 2 + drivers/Makefile | 1 + drivers/firmware/arm-ffa/Kconfig | 39 + drivers/firmware/arm-ffa/Makefile | 7 + drivers/firmware/arm-ffa/arm-ffa-uclass.c | 16 + drivers/firmware/arm-ffa/arm_ffa_prv.h | 196 +++ drivers/firmware/arm-ffa/core.c | 1344 +++++++++++++++++ .../arm-ffa/efi_ffa_runtime_data_mgr.c | 94 ++ include/arm_ffa.h | 127 ++ include/dm/uclass-id.h | 4 + lib/efi_loader/efi_boottime.c | 15 + 14 files changed, 2021 insertions(+) create mode 100644 doc/README.ffa.drv create mode 100644 drivers/firmware/arm-ffa/Kconfig create mode 100644 drivers/firmware/arm-ffa/Makefile create mode 100644 drivers/firmware/arm-ffa/arm-ffa-uclass.c create mode 100644 drivers/firmware/arm-ffa/arm_ffa_prv.h create mode 100644 drivers/firmware/arm-ffa/core.c create mode 100644 drivers/firmware/arm-ffa/efi_ffa_runtime_data_mgr.c create mode 100644 include/arm_ffa.h
diff --git a/MAINTAINERS b/MAINTAINERS index 83346183ee..02b84d5074 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -248,6 +248,13 @@ F: drivers/net/cortina_ni.h F: drivers/net/phy/ca_phy.c F: configs/cortina_presidio-asic-pnand_defconfig
+ARM FF-A +M: Abdellatif El Khlifi abdellatif.elkhlifi@arm.com +S: Maintained +F: doc/README.ffa.drv +F: drivers/firmware/arm-ffa/ +F: include/arm_ffa.h
ARM FREESCALE IMX M: Stefano Babic sbabic@denx.de M: Fabio Estevam festevam@gmail.com diff --git a/common/board_r.c b/common/board_r.c index 56eb60fa27..8c99faddfd 100644 --- a/common/board_r.c +++ b/common/board_r.c @@ -7,6 +7,8 @@
- (C) Copyright 2002
- Sysgo Real-Time Solutions, GmbH <www.elinos.com>
- Marius Groeger mgroeger@sysgo.de
*/
- (C) Copyright 2022 ARM Limited
#include <common.h> @@ -66,6 +68,10 @@ #include <efi_loader.h> #include <relocate.h>
+#ifdef CONFIG_ARM_FFA_TRANSPORT +#include <arm_ffa.h> +#endif
DECLARE_GLOBAL_DATA_PTR;
ulong monitor_flash_len; @@ -770,6 +776,9 @@ static init_fnc_t init_sequence_r[] = { INIT_FUNC_WATCHDOG_RESET initr_net, #endif +#ifdef CONFIG_ARM_FFA_TRANSPORT
- ffa_bus_discover,
+#endif #ifdef CONFIG_POST initr_post, #endif diff --git a/doc/README.ffa.drv b/doc/README.ffa.drv new file mode 100644 index 0000000000..1c0a33deb8 --- /dev/null +++ b/doc/README.ffa.drv @@ -0,0 +1,160 @@ +Arm FF-A Driver +====================
+Introduction +--------------------
+FF-A stands for Firmware Framework for Arm A-profile processors.
+FF-A specifies interfaces that enable a pair of software sandboxes to communicate with each other. A sandbox aka partition could +be a VM in the Normal or Secure world, an application in S-EL0, or a Trusted OS in S-EL1.
These lines are a bit long, from the coding guide lines: The preferred limit on the length of a single line is 80 columns.
+This FF-A driver implements the interfaces to communicate with partitions in the Secure world aka Secure partitions (SPs).
+The driver specifically focuses on communicating with SPs that isolate portions of EFI runtime services that must run in a +protected environment which is inaccessible by the Host OS or Hypervisor. Examples of such services are set/get variables.
+FF-A driver uses the SMC ABIs defined by the FF-A specification to:
+- Discover the presence of SPs of interest. +- Access an SP's service through communication protocols e.g. EFI MM communication protocol.
+FF-A and SMC specifications +-------------------------------------------
+The current implementation of the driver relies on FF-A specification v1.0 and uses SMC32 calling convention.
+The driver has been tested with Optee OS which supports SMC32 for most of the SMC ABIs.
+For more details please refer to: https://developer.arm.com/documentation/den0077/a/?lang=en
+The FF-A driver uses 64-bit registers as per SMCCCv1.2 specification.
+For more details please refer to: https://documentation-service.arm.com/static/5f8edaeff86e16515cdbe4c6?token=
+Supported hardware +--------------------------------
+Aarch64 plaforms
+Configuration +----------------------
+CONFIG_ARM_FFA_TRANSPORT
- Enables the FF-A bus driver. Turn this on if you want to use FF-A communication.
+CONFIG_ARM_FFA_EFI_RUNTIME_MODE
- Optional config that enables EFI runtime support for FF-A data and code.
- ffa_copy_runtime_data allows to copy the FF-A driver data structures to EFI runtime data section.
- Turning the config on makes ffa_copy_runtime_data available for use and the driver code placed at EFI runtime code section.
- Call ffa_copy_runtime_data at the event on which you want the FF-A data to be copied (example: at ExitBootServices).
+CONFIG_SANDBOX_FFA
- Enables FF-A Sandbox driver. This emulates the FF-A ABIs handling under Sandbox and provides
- functional tests for FF-A.
+FF-A ABIs under the hood +---------------------------------------
+Invoking an FF-A ABI involves providing to the secure world/hypervisor the expected arguments from the ABI.
+The ABI arguments are stored in x0 to x7 registers. Then, an SMC instruction is executed.
+At the secure side level or hypervisor the ABI is handled at a higher exception level and the arguments are read and processed.
+The response is put back through x0 to x7 registers and control is giving back to the u-boot FF-A driver (non secure world).
U-Boot, non-secure
+The driver reads the response and processes it accordingly.
+This methodology applies to all the FF-A ABIs in the driver.
+FF-A bus discovery in u-boot
U-Boot, you might as well search and replace.
+-------------------------------------------
+When CONFIG_ARM_FFA_TRANSPORT is enabled, the FF-A bus is automatically discovered at initcall level (after u-boot relocation).
+The function that triggers the discovery process is ffa_bus_discover.
+ffa_bus_discover creates, binds and probes the arm_ffa device using device_{bind, probe} APIs.
+When the device is probed, ffa_probe is called which tries to communicate with the secure world or hypervisor.
+The FF-A bus is usable when these checks succeed:
+- querying the FF-A framework version +- querying from secure world the u-boot endpoint ID +- querying from secure world the supported features of the specified FF-A calls +- mapping the RX/TX buffers +- querying from secure world all the partitions information
+Probing fails when any of these operations fail. The FF-A bus discovery succeeds when probing is successful.
+When discovery fails the arm_ffa device is destroyed.
+The bus driver layer +------------------------------
+The driver comes on top of the SMCCC layer and is implemented in drivers/firmware/arm-ffa/core.c
+The driver provides the following features:
+- Support for the 32-bit version of the following ABIs:
+FFA_VERSION +FFA_ID_GET +FFA_FEATURES +FFA_PARTITION_INFO_GET +FFA_RXTX_UNMAP +FFA_RX_RELEASE +FFA_RUN +FFA_ERROR +FFA_SUCCESS +FFA_INTERRUPT
+- Support for the 64-bit version of the following ABIs:
+FFA_RXTX_MAP +FFA_MSG_SEND_DIRECT_REQ +FFA_MSG_SEND_DIRECT_RESP
+- Processing the received data from the secure world/hypervisor and caching it
+- Hiding from upper layers the FF-A protocol and registers details. Upper layers focus on exchanged data, +the driver takes care of how to transport that to the secure world/hypervisor using FF-A.
+- The driver provides callbacks to be used by clients to access the FF-A bus:
+partition_info_get +sync_send_receive +rxtx_unmap
+- FF-A bus discovery at initcalls level (after u-boot relocation). The bus is up and running if the FF-A framework is responsive and compatible with the driver.
+- When EFI is enabled, unmap the RX/TX buffers at ExitBootServices() level.
+- When CONFIG_ARM_FFA_EFI_RUNTIME_MODE enabled, ffa_copy_runtime_data function is available for use.
+Using armffa command +-----------------------------------
+armffa is a command showcasing how to use the FF-A driver and how to invoke its operations.
+This provides a guidance to the client developers on how to call the FF-A bus interfaces.
+Usage:
+armffa <sub-command> <arguments>
+sub-commands:
getpart <partition UUID>lists the partition(s) infoping <partition ID>sends a data pattern to the specified partitiondevlistdisplays the arm_ffa device infodiff --git a/drivers/Kconfig b/drivers/Kconfig index 8b6fead351..b06b1ae481 100644 --- a/drivers/Kconfig +++ b/drivers/Kconfig @@ -6,6 +6,8 @@ source "drivers/core/Kconfig"
source "drivers/adc/Kconfig"
+source "drivers/firmware/arm-ffa/Kconfig"
source "drivers/ata/Kconfig"
source "drivers/axi/Kconfig" diff --git a/drivers/Makefile b/drivers/Makefile index eba9940231..c3bfad94ac 100644 --- a/drivers/Makefile +++ b/drivers/Makefile @@ -110,6 +110,7 @@ obj-y += iommu/ obj-y += smem/ obj-y += thermal/ obj-$(CONFIG_TEE) += tee/ +obj-$(CONFIG_ARM_FFA_TRANSPORT) += firmware/arm-ffa/ obj-y += axi/ obj-y += ufs/ obj-$(CONFIG_W1) += w1/ diff --git a/drivers/firmware/arm-ffa/Kconfig b/drivers/firmware/arm-ffa/Kconfig new file mode 100644 index 0000000000..aceb61cf49 --- /dev/null +++ b/drivers/firmware/arm-ffa/Kconfig @@ -0,0 +1,39 @@ +# SPDX-License-Identifier: GPL-2.0
+config ARM_FFA_TRANSPORT
- bool "Enable Arm Firmware Framework for Armv8-A driver"
- depends on DM && ARM64
- select ARM_SMCCC
- select LIB_UUID
- select DEVRES
- help
The Firmware Framework for Arm A-profile processors (FF-A)describes interfaces (ABIs) that standardize communicationbetween the Secure World and Normal World leveraging TrustZonetechnology.This driver is based on FF-A specification v1.0 and uses SMC32calling convention.FF-A specification:https://developer.arm.com/documentation/den0077/a/?lang=enIn u-boot FF-A design, FF-A is considered as a discoverable bus.The Secure World is considered as one entity to communicate withusing the FF-A bus.FF-A communication is handled by one device and one instance (the bus).This FF-A driver takes care of all the interactions between Normal worldand Secure World.For more details about the FF-A driver, please refer to doc/README.ffa.drv+config ARM_FFA_EFI_RUNTIME_MODE
- bool "Enable EFI runtime support for FF-A data and code"
- depends on ARM_FFA_TRANSPORT && EFI_LOADER
- help
Allows FF-A driver data structures and code to be accessible at EFI runtime.FF-A data is copied by ffa_copy_runtime_data function.The driver Code needed at runtime is placed at EFI runtime code section.Turning this on makes ffa_copy_runtime_data available for use and the drivercode placed at EFI runtime code section.diff --git a/drivers/firmware/arm-ffa/Makefile b/drivers/firmware/arm-ffa/Makefile new file mode 100644 index 0000000000..0b9b0a61b4 --- /dev/null +++ b/drivers/firmware/arm-ffa/Makefile @@ -0,0 +1,7 @@ +# SPDX-License-Identifier: GPL-2.0+ +# +# (C) Copyright 2022 Abdellatif El Khlifi abdellatif.elkhlifi@arm.com +#
+obj-y += arm-ffa-uclass.o core.o +obj-$(CONFIG_ARM_FFA_EFI_RUNTIME_MODE) += efi_ffa_runtime_data_mgr.o diff --git a/drivers/firmware/arm-ffa/arm-ffa-uclass.c b/drivers/firmware/arm-ffa/arm-ffa-uclass.c new file mode 100644 index 0000000000..7d9695d289 --- /dev/null +++ b/drivers/firmware/arm-ffa/arm-ffa-uclass.c @@ -0,0 +1,16 @@ +// SPDX-License-Identifier: GPL-2.0+ +/*
- (C) Copyright 2022 ARM Limited
- Abdellatif El Khlifi abdellatif.elkhlifi@arm.com
- */
+#include <common.h> +#include <dm.h> +#include <asm/global_data.h>
+DECLARE_GLOBAL_DATA_PTR;
+UCLASS_DRIVER(ffa) = {
- .name = "ffa",
- .id = UCLASS_FFA,
+}; diff --git a/drivers/firmware/arm-ffa/arm_ffa_prv.h b/drivers/firmware/arm-ffa/arm_ffa_prv.h new file mode 100644 index 0000000000..7bc90f7f66 --- /dev/null +++ b/drivers/firmware/arm-ffa/arm_ffa_prv.h @@ -0,0 +1,196 @@ +/* SPDX-License-Identifier: GPL-2.0+ */ +/*
- (C) Copyright 2022 ARM Limited
- Abdellatif El Khlifi abdellatif.elkhlifi@arm.com
- */
+#ifndef __ARM_FFA_PRV_H +#define __ARM_FFA_PRV_H
+#include <arm_ffa.h> +#include <linux/bitfield.h> +#include <linux/bitops.h> +#include <linux/arm-smccc.h>
+/*
- This header is private. It is exclusively used by the FF-A driver
- */
+/* FF-A core driver name */ +#define FFA_DRV_NAME "arm_ffa"
+/* FF-A driver version definitions */
+#define MAJOR_VERSION_MASK GENMASK(30, 16) +#define MINOR_VERSION_MASK GENMASK(15, 0) +#define GET_FFA_MAJOR_VERSION(x) \
((u16)(FIELD_GET(MAJOR_VERSION_MASK, (x))))+#define GET_FFA_MINOR_VERSION(x) \
((u16)(FIELD_GET(MINOR_VERSION_MASK, (x))))+#define PACK_VERSION_INFO(major, minor) \
- (FIELD_PREP(MAJOR_VERSION_MASK, (major)) | \
FIELD_PREP(MINOR_VERSION_MASK, (minor)))+#define FFA_MAJOR_VERSION (1) +#define FFA_MINOR_VERSION (0) +#define FFA_VERSION_1_0 \
PACK_VERSION_INFO(FFA_MAJOR_VERSION, FFA_MINOR_VERSION)+/* Endpoint ID mask (u-boot endpoint ID) */
+#define GET_SELF_ENDPOINT_ID_MASK GENMASK(15, 0) +#define GET_SELF_ENDPOINT_ID(x) \
((u16)(FIELD_GET(GET_SELF_ENDPOINT_ID_MASK, (x))))+#define PREP_SELF_ENDPOINT_ID_MASK GENMASK(31, 16) +#define PREP_SELF_ENDPOINT_ID(x) \
(FIELD_PREP(PREP_SELF_ENDPOINT_ID_MASK, (x)))+/* Partition endpoint ID mask (partition with which u-boot communicates with) */
+#define PREP_PART_ENDPOINT_ID_MASK GENMASK(15, 0) +#define PREP_PART_ENDPOINT_ID(x) \
(FIELD_PREP(PREP_PART_ENDPOINT_ID_MASK, (x)))+/*
- Definitions of the Arm FF-A interfaces supported by the Arm FF-A driver
- */
+#define FFA_SMC(calling_convention, func_num) \
- ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL, (calling_convention), \
ARM_SMCCC_OWNER_STANDARD, (func_num))+#define FFA_SMC_32(func_num) FFA_SMC(ARM_SMCCC_SMC_32, (func_num)) +#define FFA_SMC_64(func_num) FFA_SMC(ARM_SMCCC_SMC_64, (func_num))
+enum ffa_abis {
- FFA_ERROR = 0x60,
- FFA_SUCCESS = 0x61,
- FFA_INTERRUPT = 0x62,
- FFA_VERSION = 0x63,
- FFA_FEATURES = 0x64,
- FFA_RX_RELEASE = 0x65,
- FFA_RXTX_MAP = 0x66,
- FFA_RXTX_UNMAP = 0x67,
- FFA_PARTITION_INFO_GET = 0x68,
- FFA_ID_GET = 0x69,
- FFA_RUN = 0x6D,
- FFA_MSG_SEND_DIRECT_REQ = 0x6F,
- FFA_MSG_SEND_DIRECT_RESP = 0x70,
- /* to be updated when adding new FFA IDs */
- FFA_FIRST_ID = FFA_ERROR, /* lowest number ID*/
- FFA_LAST_ID = FFA_MSG_SEND_DIRECT_RESP, /* highest number ID*/
+};
+/* number of the errors supported by the FF-A specification */ +#define MAX_NUMBER_FFA_ERR 9
+/* container structure and helper macros to map between an FF-A error and relevant error log */ +struct ffa_abi_errmap {
- char *err_str[MAX_NUMBER_FFA_ERR];
+};
+#define FFA_ERRMAP_COUNT (FFA_LAST_ID - FFA_FIRST_ID + 1) +#define FFA_ID_TO_ERRMAP_ID(ffa_id) ((ffa_id) - FFA_FIRST_ID)
+/* The FF-A SMC function definitions */
+typedef struct arm_smccc_1_2_regs ffa_value_t; +typedef void (*invoke_ffa_fn_t)(ffa_value_t args, ffa_value_t *res);
+/*
- struct ffa_partition_uuid - 16 bytes UUID transmitted by FFA_PARTITION_INFO_GET
- @a1-4: 32-bit words access to the UUID data
- */
+struct ffa_partition_uuid {
- u32 a1; /* w1 */
- u32 a2; /* w2 */
- u32 a3; /* w3 */
- u32 a4; /* w4 */
+};
+/**
- enum ffa_rxtx_buf_sizes - minimum sizes supported
- for the RX/TX buffers
- */
+enum ffa_rxtx_buf_sizes {
- RXTX_4K,
- RXTX_64K,
- RXTX_16K
+};
+/**
- struct ffa_rxtxpair - structure hosting the RX/TX buffers virtual addresses
- @rxbuf: virtual address of the RX buffer
- @txbuf: virtual address of the TX buffer
- @rxtx_min_pages: RX/TX buffers minimum size in pages
- Data structure hosting the virtual addresses of the mapped RX/TX buffers
- These addresses are used by the FF-A functions that use the RX/TX buffers
- */
+struct ffa_rxtxpair {
- u64 rxbuf; /* virtual address */
- u64 txbuf; /* virtual address */
- size_t rxtx_min_pages; /* minimum number of pages in each of the RX/TX buffers */
+};
+/**
- struct ffa_partition_desc - the secure partition descriptor
- @info: partition information
- @sp_uuid: the secure partition UUID
- Each partition has its descriptor containing the partitions information and the UUID
- */
+struct ffa_partition_desc {
- struct ffa_partition_info info;
- struct ffa_partition_uuid sp_uuid;
+};
+/**
- struct ffa_partitions - descriptors for all secure partitions
- @count: The number of partitions descriptors
- @descs The partitions descriptors table
- This data structure contains the partitions descriptors table
- */
+struct ffa_partitions {
- u32 count;
- struct ffa_partition_desc *descs; /* virtual address */
+};
+/**
- struct ffa_prvdata - the driver private data structure
- @dev: The arm_ffa device under u-boot driver model
- @ffa_ops: The driver operations structure
- @fwk_version: FF-A framework version
- @id: u-boot endpoint ID
- @partitions: The partitions descriptors structure
- @pair: The RX/TX buffers pair
- @invoke_ffa_fn: The function executing the FF-A function
- The driver data structure hosting all resident data.
- */
+struct ffa_prvdata {
- struct udevice *dev;
- struct ffa_bus_ops ffa_ops;
- u32 fwk_version;
- u16 id;
- struct ffa_partitions partitions;
- struct ffa_rxtxpair pair;
- invoke_ffa_fn_t invoke_ffa_fn;
+};
+/**
- ffa_device_get - create, bind and probe the arm_ffa device
- */
+int ffa_device_get(void);
+/**
- ffa_bus_prvdata_get - bus driver private data getter
- */
+struct ffa_prvdata **ffa_bus_prvdata_get(void);
+#endif diff --git a/drivers/firmware/arm-ffa/core.c b/drivers/firmware/arm-ffa/core.c new file mode 100644 index 0000000000..41c7b96e68 --- /dev/null +++ b/drivers/firmware/arm-ffa/core.c @@ -0,0 +1,1344 @@ +// SPDX-License-Identifier: GPL-2.0+ +/*
- (C) Copyright 2022 ARM Limited
- Abdellatif El Khlifi abdellatif.elkhlifi@arm.com
- */
+#include "arm_ffa_prv.h" +#include <asm/global_data.h> +#include <common.h> +#include <dm.h> +#include <dm/device-internal.h> +#include <dm/devres.h> +#include <dm/root.h> +#include <linux/errno.h> +#include <linux/sizes.h> +#include <log.h> +#include <malloc.h> +#include <string.h> +#include <uuid.h>
+DECLARE_GLOBAL_DATA_PTR;
+/**
- The device private data structure containing all the resident
- data read from secure world
- */
+__ffa_runtime_data struct ffa_prvdata *ffa_priv_data;
+/* Error mapping declarations */
+__ffa_runtime_data int ffa_to_std_errmap[MAX_NUMBER_FFA_ERR] = {
- 0,
- -EOPNOTSUPP, /* NOT_SUPPORTED */
- -EINVAL, /* INVALID_PARAMETERS */
- -ENOMEM, /* NO_MEMORY */
- -EBUSY, /* BUSY */
- -EINTR, /* INTERRUPTED */
- -EACCES, /* DENIED */
- -EAGAIN, /* RETRY */
- -ECANCELED, /* ABORTED */
+};
+struct ffa_abi_errmap err_msg_map[FFA_ERRMAP_COUNT] = {
- [FFA_ID_TO_ERRMAP_ID(FFA_VERSION)] = {
{"","NOT_SUPPORTED: A Firmware Framework implementation does not exist","", /* INVALID_PARAMETERS */"", /* NO_MEMORY */"", /* BUSY */"", /* INTERRUPTED */"", /* DENIED */"", /* RETRY */"", /* ABORTED */},- },
- [FFA_ID_TO_ERRMAP_ID(FFA_ID_GET)] = {
{"","NOT_SUPPORTED: This function is not implemented at this FF-A instance","", /* INVALID_PARAMETERS */"", /* NO_MEMORY */"", /* BUSY */"", /* INTERRUPTED */"", /* DENIED */"", /* RETRY */"", /* ABORTED */},- },
- [FFA_ID_TO_ERRMAP_ID(FFA_FEATURES)] = {
{"","NOT_SUPPORTED: FFA_RXTX_MAP is not implemented at this FF-A instance","", /* INVALID_PARAMETERS */"", /* NO_MEMORY */"", /* BUSY */"", /* INTERRUPTED */"", /* DENIED */"", /* RETRY */"", /* ABORTED */},- },
- [FFA_ID_TO_ERRMAP_ID(FFA_PARTITION_INFO_GET)] = {
{"","NOT_SUPPORTED: This function is not implemented at this FF-A instance","INVALID_PARAMETERS: Unrecognized UUID","NO_MEMORY: Results cannot fit in RX buffer of the caller","BUSY: RX buffer of the caller is not free","", /* INTERRUPTED */"DENIED: Callee is not in a state to handle this request","", /* RETRY */"", /* ABORTED */},- },
- [FFA_ID_TO_ERRMAP_ID(FFA_RXTX_UNMAP)] = {
{"","NOT_SUPPORTED: FFA_RXTX_UNMAP is not implemented at this FF-A instance","INVALID_PARAMETERS: No buffer pair registered on behalf of the caller","", /* NO_MEMORY */"", /* BUSY */"", /* INTERRUPTED */"", /* DENIED */"", /* RETRY */"", /* ABORTED */},- },
- [FFA_ID_TO_ERRMAP_ID(FFA_RX_RELEASE)] = {
{"","NOT_SUPPORTED: FFA_RX_RELEASE is not implemented at this FF-A instance","", /* INVALID_PARAMETERS */"", /* NO_MEMORY */"", /* BUSY */"", /* INTERRUPTED */"DENIED: Caller did not have ownership of the RX buffer","", /* RETRY */"", /* ABORTED */},- },
- [FFA_ID_TO_ERRMAP_ID(FFA_RXTX_MAP)] = {
{"","NOT_SUPPORTED: This function is not implemented at this FF-A instance","INVALID_PARAMETERS: Field(s) in input parameters incorrectly encoded","NO_MEMORY: Not enough memory","", /* BUSY */"", /* INTERRUPTED */"DENIED: Buffer pair already registered","", /* RETRY */"", /* ABORTED */},- },
+};
+/**
- ffa_to_std_errno - convert FF-A error code to standard error code
- @ffa_errno: Error code returned by the FF-A ABI
- This runtime function maps the given FF-A error code as specified
- by the spec to a u-boot standard error code.
- Return:
- The standard error code on success. . Otherwise, failure
- */
+__ffa_runtime int ffa_to_std_errno(int ffa_errno) +{
- int err_idx = -ffa_errno;
- /* map the FF-A error code to the standard u-boot error code */
- if (err_idx > 0 && err_idx < MAX_NUMBER_FFA_ERR)
return ffa_to_std_errmap[err_idx];- return -EINVAL;
+}
+/**
- ffa_print_error_log - print the error log corresponding to the selected FF-A ABI
- @ffa_id: FF-A ABI ID
- @ffa_errno: Error code returned by the FF-A ABI
- This boot time function maps the FF-A error code to the error log relevant to the
- selected FF-A ABI. Then the error log is printed.
- Return:
- 0 on success. . Otherwise, failure
- */
+int ffa_print_error_log(u32 ffa_id, int ffa_errno) +{
- int err_idx = -ffa_errno, abi_idx = 0;
- /* map the FF-A error code to the corresponding error log */
- if (err_idx <= 0 || err_idx >= MAX_NUMBER_FFA_ERR)
return -EINVAL;- if (ffa_id < FFA_FIRST_ID || ffa_id > FFA_LAST_ID)
return -EINVAL;- abi_idx = FFA_ID_TO_ERRMAP_ID(ffa_id);
- if (abi_idx < 0 || abi_idx >= FFA_ERRMAP_COUNT)
return -EINVAL;- if (!err_msg_map[abi_idx].err_str || !err_msg_map[abi_idx].err_str[err_idx])
return -EINVAL;- ffa_err("%s", err_msg_map[abi_idx].err_str[err_idx]);
- return 0;
+}
+/*
- Driver core functions
- */
+/**
- ffa_remove_device - removes the arm_ffa device
- @dev: the device to be removed
- This boot time function makes sure the arm_ffa device is removed
- No need to free the kmalloced data when the device is destroyed.
- It's automatically done by devm management by
- device_remove() -> device_free() -> devres_release_probe().
- Return:
- 0 on success. Otherwise, failure
- */
+int ffa_remove_device(struct udevice *dev) +{
- int ret;
- if (!dev) {
ffa_err("no udevice found");return -ENODEV;- }
- ret = device_remove(dev, DM_REMOVE_NORMAL);
- if (ret) {
ffa_err("unable to remove. err:%d\n", ret);return ret;- }
- ffa_info("device removed and freed");
- ret = device_unbind(dev);
- if (ret) {
ffa_err("unable to unbind. err:%d\n", ret);return ret;- }
- ffa_info("device unbound");
- return 0;
+}
+/**
- ffa_device_get - create, bind and probe the arm_ffa device
- This boot time function makes sure the arm_ffa device is
- created, bound to this driver, probed and ready to use.
- Arm FF-A transport is implemented through a single u-boot
- device managing the FF-A bus (arm_ffa).
- Return:
- 0 on success. Otherwise, failure
- */
+int ffa_device_get(void) +{
- int ret;
- struct udevice *dev = NULL;
- ret = device_bind(dm_root(),
DM_DRIVER_GET(arm_ffa),FFA_DRV_NAME,NULL,ofnode_null(),&dev);- if (ret)
return ret;- /* The FF-A bus discovery succeeds when probing is successful */
- ret = device_probe(dev);
- if (ret) {
ffa_err("arm_ffa device probing failed");ffa_remove_device(dev);return ret;- }
- return 0;
+}
+/**
- ffa_get_version - FFA_VERSION handler function
- This is the boot time function that implements FFA_VERSION FF-A function
- to get from the secure world the FF-A framework version
- Return:
- 0 on success. Otherwise, failure
- */
+static int ffa_get_version(void) +{
- u16 major, minor;
- ffa_value_t res = {0};
- int ffa_errno;
- ffa_priv_data->invoke_ffa_fn((ffa_value_t){
.a0 = FFA_SMC_32(FFA_VERSION),.a1 = FFA_VERSION_1_0, .a2 = 0, .a3 = 0, .a4 = 0, .a5 = 0, .a6 = 0, .a7 = 0,
Why not support the latest version, 1.1?
The zero initializations are done implicitly so you could just as well remove them.
}, &res);- ffa_errno = (int)res.a0;
Is this cast needed, or any of the other casts below in this function?
- if (ffa_errno < 0) {
ffa_print_error_log(FFA_VERSION, ffa_errno);return ffa_to_std_errno(ffa_errno);- }
- major = GET_FFA_MAJOR_VERSION((u32)res.a0);
- minor = GET_FFA_MINOR_VERSION((u32)res.a0);
- ffa_info("FF-A driver %d.%d\nFF-A framework %d.%d",
FFA_MAJOR_VERSION, FFA_MINOR_VERSION, major, minor);- if ((major == FFA_MAJOR_VERSION && minor >= FFA_MINOR_VERSION)) {
ffa_info("Versions are compatible ");ffa_priv_data->fwk_version = (u32)res.a0;return 0;- }
- ffa_err("versions are incompatible\nExpected: %d.%d , Found: %d.%d\n",
FFA_MAJOR_VERSION, FFA_MINOR_VERSION, major, minor);- return -EPROTONOSUPPORT;
+}
+/**
- ffa_get_endpoint_id - FFA_ID_GET handler function
- This is the boot time function that implements FFA_ID_GET FF-A function
- to get from the secure world u-boot endpoint ID
- Return:
- 0 on success. Otherwise, failure
- */
+static int ffa_get_endpoint_id(void) +{
- ffa_value_t res = {0};
- int ffa_errno;
- ffa_priv_data->invoke_ffa_fn((ffa_value_t){
.a0 = FFA_SMC_32(FFA_ID_GET),.a1 = 0, .a2 = 0, .a3 = 0, .a4 = 0, .a5 = 0, .a6 = 0, .a7 = 0,}, &res);- if (res.a0 == FFA_SMC_32(FFA_SUCCESS)) {
ffa_priv_data->id = GET_SELF_ENDPOINT_ID((u32)res.a2);ffa_info("endpoint ID is %u", ffa_priv_data->id);return 0;- }
- ffa_errno = (int)res.a2;
- ffa_print_error_log(FFA_ID_GET, ffa_errno);
- return ffa_to_std_errno(ffa_errno);
+}
+/**
- ffa_set_rxtx_buffers_pages_cnt - sets the minimum number of pages in each of the RX/TX buffers
- @prop_field: properties field obtained from FFA_FEATURES ABI
- This boot time function sets the minimum number of pages
- in each of the RX/TX buffers in the private data structure
- Return:
- buf_4k_pages points to the returned number of pages
- 0 on success. Otherwise, failure
- */
+static int ffa_set_rxtx_buffers_pages_cnt(u32 prop_field) +{
- if (!ffa_priv_data)
return -EINVAL;- switch (prop_field) {
- case RXTX_4K:
ffa_priv_data->pair.rxtx_min_pages = 1;break;- case RXTX_16K:
ffa_priv_data->pair.rxtx_min_pages = 4;break;- case RXTX_64K:
ffa_priv_data->pair.rxtx_min_pages = 16;break;- default:
ffa_err("RX/TX buffer size not supported");return -EINVAL;- }
- return 0;
+}
+/**
- ffa_get_rxtx_map_features - FFA_FEATURES handler function with FFA_RXTX_MAP argument
- This is the boot time function that implements FFA_FEATURES FF-A function
- to retrieve the FFA_RXTX_MAP features
- Return:
- 0 on success. Otherwise, failure
- */
+static int ffa_get_rxtx_map_features(void) +{
- ffa_value_t res = {0};
- int ffa_errno;
- ffa_priv_data->invoke_ffa_fn((ffa_value_t){
.a0 = FFA_SMC_32(FFA_FEATURES),.a1 = FFA_SMC_64(FFA_RXTX_MAP),.a2 = 0, .a3 = 0, .a4 = 0, .a5 = 0, .a6 = 0, .a7 = 0,}, &res);- if (res.a0 == FFA_SMC_32(FFA_SUCCESS))
return ffa_set_rxtx_buffers_pages_cnt((u32)res.a2);- ffa_errno = (int)res.a2;
- ffa_print_error_log(FFA_FEATURES, ffa_errno);
- return ffa_to_std_errno(ffa_errno);
+}
+/**
- ffa_free_rxtx_buffers - frees the RX/TX buffers
- This is the boot time function used to free the RX/TX buffers
- */
+static void ffa_free_rxtx_buffers(void) +{
- ffa_info("Freeing RX/TX buffers");
- if (ffa_priv_data->pair.rxbuf) {
free((void *)ffa_priv_data->pair.rxbuf);ffa_priv_data->pair.rxbuf = 0;- }
- if (ffa_priv_data->pair.txbuf) {
free((void *)ffa_priv_data->pair.txbuf);ffa_priv_data->pair.txbuf = 0;- }
+}
+/**
- ffa_alloc_rxtx_buffers - allocates the RX/TX buffers
- This is the boot time function used by ffa_map_rxtx_buffers to allocate
- the RX/TX buffers before mapping them. The allocated memory is physically
- contiguous since memalign ends up calling malloc which allocates
- contiguous memory in u-boot.
- Return:
- 0 on success. Otherwise, failure
- */
+static int ffa_alloc_rxtx_buffers(void) +{
- u64 bytes;
- ffa_info("Using %lu 4KB page(s) for RX/TX buffers size",
ffa_priv_data->pair.rxtx_min_pages);- bytes = ffa_priv_data->pair.rxtx_min_pages * SZ_4K;
- /* RX/TX buffers addresses should be PAGE_SIZE aligned */
- ffa_priv_data->pair.rxbuf = (u64)memalign(PAGE_SIZE, bytes);
Shouldn't this be "bytes" aligned too? Same below with the TX buffer.
- if (!ffa_priv_data->pair.rxbuf) {
ffa_err("failure to allocate RX buffer");return -ENOBUFS;- }
- ffa_info("RX buffer at virtual address 0x%llx", ffa_priv_data->pair.rxbuf);
- ffa_priv_data->pair.txbuf = (u64)memalign(PAGE_SIZE, bytes);
- if (!ffa_priv_data->pair.txbuf) {
free((void *)ffa_priv_data->pair.rxbuf);ffa_priv_data->pair.rxbuf = 0;ffa_err("failure to allocate the TX buffer");return -ENOBUFS;- }
- ffa_info("TX buffer at virtual address 0x%llx", ffa_priv_data->pair.txbuf);
- /*
* make sure the buffers are cleared before use*/- memset((void *)ffa_priv_data->pair.rxbuf, 0, bytes);
- memset((void *)ffa_priv_data->pair.txbuf, 0, bytes);
- return 0;
+}
+/**
- ffa_map_rxtx_buffers - FFA_RXTX_MAP handler function
- This is the boot time function that implements FFA_RXTX_MAP FF-A function
- to map the RX/TX buffers
- Return:
- 0 on success. Otherwise, failure
- */
+static int ffa_map_rxtx_buffers(void) +{
- int ret;
- ffa_value_t res = {0};
- int ffa_errno;
- ret = ffa_alloc_rxtx_buffers();
- if (ret)
return ret;- /*
* we need to pass the physical addresses of the RX/TX buffers* in u-boot physical/virtual mapping is 1:1*no need to convert from virtual to physical*/- ffa_priv_data->invoke_ffa_fn((ffa_value_t){
.a0 = FFA_SMC_64(FFA_RXTX_MAP),.a1 = ffa_priv_data->pair.txbuf,.a2 = ffa_priv_data->pair.rxbuf,.a3 = ffa_priv_data->pair.rxtx_min_pages,.a4 = 0, .a5 = 0, .a6 = 0, .a7 = 0,}, &res);- if (res.a0 == FFA_SMC_32(FFA_SUCCESS)) {
ffa_info("RX/TX buffers mapped");return 0;- }
- ffa_errno = (int)res.a2;
- ffa_print_error_log(FFA_RXTX_MAP, ffa_errno);
- ffa_free_rxtx_buffers();
- return ffa_to_std_errno(ffa_errno);
+}
+/**
- ffa_unmap_rxtx_buffers - FFA_RXTX_UNMAP handler function
- This is the boot time function that implements FFA_RXTX_UNMAP FF-A function
- to unmap the RX/TX buffers
- Return:
- 0 on success. Otherwise, failure
- */
+static int ffa_unmap_rxtx_buffers(void) +{
- ffa_value_t res = {0};
- int ffa_errno;
- ffa_priv_data->invoke_ffa_fn((ffa_value_t){
.a0 = FFA_SMC_32(FFA_RXTX_UNMAP),.a1 = PREP_SELF_ENDPOINT_ID(ffa_priv_data->id),.a2 = 0, .a3 = 0, .a4 = 0, .a5 = 0, .a6 = 0, .a7 = 0,}, &res);- if (res.a0 == FFA_SMC_32(FFA_SUCCESS)) {
ffa_free_rxtx_buffers();return 0;- }
- ffa_errno = (int)res.a2;
- ffa_print_error_log(FFA_RXTX_UNMAP, ffa_errno);
- return ffa_to_std_errno(ffa_errno);
+}
+/**
- ffa_release_rx_buffer - FFA_RX_RELEASE handler function
- This is the boot time function that invokes FFA_RX_RELEASE FF-A function
- to release the ownership of the RX buffer
- Return:
- 0 on success. Otherwise, failure
- */
+static int ffa_release_rx_buffer(void) +{
- ffa_value_t res = {0};
- int ffa_errno;
- ffa_priv_data->invoke_ffa_fn((ffa_value_t){
.a0 = FFA_SMC_32(FFA_RX_RELEASE),.a1 = 0, .a2 = 0, .a3 = 0, .a4 = 0, .a5 = 0, .a6 = 0, .a7 = 0,}, &res);- if (res.a0 == FFA_SMC_32(FFA_SUCCESS))
return 0;- ffa_errno = (int)res.a2;
- ffa_print_error_log(FFA_RX_RELEASE, ffa_errno);
- return ffa_to_std_errno(ffa_errno);
+}
+/**
- ffa_uuid_are_identical - checks whether two given UUIDs are identical
- @uuid1: first UUID
- @uuid2: second UUID
- This is a boot time function used by ffa_read_partitions_info to search
- for a UUID in the partitions descriptors table
- Return:
- 1 when UUIDs match. Otherwise, 0
- */
+int ffa_uuid_are_identical(const struct ffa_partition_uuid *uuid1,
const struct ffa_partition_uuid *uuid2)+{
- if (!uuid1 || !uuid2)
return 0;- return (!memcmp(uuid1, uuid2, sizeof(struct ffa_partition_uuid)));
Please drop the outer ().
+}
+/**
- ffa_read_partitions_info - reads the data queried by FFA_PARTITION_INFO_GET
and saves it in the private structure
- @count: The number of partitions queried
- @part_uuid: Pointer to the partition(s) UUID
- This is the boot time function that reads the partitions information
- returned by the FFA_PARTITION_INFO_GET and saves it in the private
- data structure.
- Return:
- The private data structure is updated with the partition(s) information
- 0 is returned on success. Otherwise, failure
- */
+static int ffa_read_partitions_info(u32 count, struct ffa_partition_uuid *part_uuid) +{
- if (!count) {
ffa_err("no partition detected");return -ENODATA;- }
- ffa_info("Reading partitions data from the RX buffer");
- if (!part_uuid) {
/** querying information of all partitions*/u64 buf_bytes;u64 data_bytes;u32 desc_idx;struct ffa_partition_info *parts_info;data_bytes = count * sizeof(struct ffa_partition_desc);buf_bytes = ffa_priv_data->pair.rxtx_min_pages * SZ_4K;if (data_bytes > buf_bytes) {ffa_err("partitions data size exceeds the RX buffer size:");ffa_err(" sizes in bytes: data %llu , RX buffer %llu ",data_bytes,buf_bytes);return -ENOMEM;}ffa_priv_data->partitions.descs = (struct ffa_partition_desc *)devm_kmalloc(ffa_priv_data->dev, data_bytes, __GFP_ZERO);
There's no need to cast the void pointer.
if (!ffa_priv_data->partitions.descs) {ffa_err("cannot allocate partitions data buffer");return -ENOMEM;}parts_info = (struct ffa_partition_info *)ffa_priv_data->pair.rxbuf;for (desc_idx = 0 ; desc_idx < count ; desc_idx++) {ffa_priv_data->partitions.descs[desc_idx].info =parts_info[desc_idx];ffa_info("Partition ID %x : info cached",ffa_priv_data->partitions.descs[desc_idx].info.id);}ffa_priv_data->partitions.count = count;ffa_info("%d partition(s) found and cached", count);- } else {
u32 rx_desc_idx, cached_desc_idx;struct ffa_partition_info *parts_info;u8 desc_found;parts_info = (struct ffa_partition_info *)ffa_priv_data->pair.rxbuf;/** search for the SP IDs read from the RX buffer* in the already cached SPs.* Update the UUID when ID found.*/for (rx_desc_idx = 0; rx_desc_idx < count ; rx_desc_idx++) {desc_found = 0;/** search the current ID in the cached partitions*/for (cached_desc_idx = 0;cached_desc_idx < ffa_priv_data->partitions.count;cached_desc_idx++) {/** save the UUID*/if (ffa_priv_data->partitions.descs[cached_desc_idx].info.id ==parts_info[rx_desc_idx].id) {ffa_priv_data->partitions.descs[cached_desc_idx].sp_uuid =*part_uuid;desc_found = 1;break;}}if (!desc_found)return -ENODATA;}- }
- return 0;
+}
+/**
- ffa_query_partitions_info - invokes FFA_PARTITION_INFO_GET and saves partitions data
- @part_uuid: Pointer to the partition(s) UUID
- @pcount: Pointer to the number of partitions variable filled when querying
- This is the boot time function that executes the FFA_PARTITION_INFO_GET
- to query the partitions data. Then, it calls ffa_read_partitions_info
- to save the data in the private data structure.
- After reading the data the RX buffer is released using ffa_release_rx_buffer
- Return:
- When part_uuid is NULL, all partitions data are retrieved from secure world
- When part_uuid is non NULL, data for partitions matching the given UUID are
- retrieved and the number of partitions is returned
- 0 is returned on success. Otherwise, failure
- */
+static int ffa_query_partitions_info(struct ffa_partition_uuid *part_uuid,
u32 *pcount)+{
- struct ffa_partition_uuid query_uuid = {0};
- ffa_value_t res = {0};
- int ffa_errno;
- /*
* If a UUID is specified. Information for one or more* partitions in the system is queried. Otherwise, information* for all installed partitions is queried*/- if (part_uuid) {
if (!pcount)return -EINVAL;query_uuid = *part_uuid;- } else if (pcount) {
return -EINVAL;- }
- ffa_priv_data->invoke_ffa_fn((ffa_value_t){
.a0 = FFA_SMC_32(FFA_PARTITION_INFO_GET),.a1 = query_uuid.a1,.a2 = query_uuid.a2,.a3 = query_uuid.a3,.a4 = query_uuid.a4,.a5 = 0,.a6 = 0,.a7 = 0,}, &res);- if (res.a0 == FFA_SMC_32(FFA_SUCCESS)) {
int ret;/** res.a2 contains the count of partition information descriptors* populated in the RX buffer*/if (res.a2) {ret = ffa_read_partitions_info((u32)res.a2, part_uuid);if (ret) {ffa_err("failed to read partition(s) data , error (%d)", ret);ffa_release_rx_buffer();return -EINVAL;}}/** return the SP count (when querying using a UUID)*/if (pcount)*pcount = (u32)res.a2;/** After calling FFA_PARTITION_INFO_GET the buffer ownership* is assigned to the consumer (u-boot). So, we need to give* the ownership back to the SPM or hypervisor*/ret = ffa_release_rx_buffer();return ret;- }
- ffa_errno = (int)res.a2;
- ffa_print_error_log(FFA_PARTITION_INFO_GET, ffa_errno);
- return ffa_to_std_errno(ffa_errno);
+}
+/**
- ffa_get_partitions_info - FFA_PARTITION_INFO_GET handler function
- The passed arguments:
- Mode 1: When getting from the driver the number of
- secure partitions:
- @uuid_str: pointer to the UUID string
- @parts_size: pointer to the variable that contains the number of partitions
The variable will be set by the driver
- @buffer: NULL
- Mode 2: When requesting the driver to return the
- partitions information:
- @uuid_str: pointer to the UUID string
- @parts_size: pointer to the size of the SPs information buffer in bytes
- @buffer: pointer to SPs information buffer
(allocated by the client).
The buffer will be filled by the driver
- This is the boot time function that queries the secure partition data from
- the private data structure. If not found, it invokes FFA_PARTITION_INFO_GET
- FF-A function to query the partition information from secure world.
- A client of the FF-A driver should know the UUID of the service it wants to
- access. It should use the UUID to request the FF-A driver to provide the
- partition(s) information of the service. The FF-A driver uses
- PARTITION_INFO_GET to obtain this information. This is implemented through
- ffa_get_partitions_info function.
- A new FFA_PARTITION_INFO_GET call is issued (first one performed through
- ffa_cache_partitions_info) allowing to retrieve the partition(s) information.
- They are not saved (already done). We only update the UUID in the cached area.
- This assumes that partitions data does not change in the secure world.
- Otherwise u-boot will have an outdated partition data. The benefit of caching
- the information in the FF-A driver is to accommodate discovery after
- ExitBootServices().
- When invoked through a client request, ffa_get_partitions_info should be
- called twice. First call is to get from the driver the number of secure
- partitions (SPs) associated to a particular UUID.
- Then, the caller (client) allocates the buffer to host the SPs data and
- issues a 2nd call. Then, the driver fills the SPs data in the pre-allocated
- buffer.
- To achieve the mechanism described above, ffa_get_partitions_info uses the
- following functions:
ffa_read_partitions_info
ffa_query_partitions_info
- Return:
- @parts_size: When pointing to the number of partitions variable, the number is
- set by the driver.
- When pointing to the partitions information buffer size, the buffer will be
- filled by the driver.
- On success 0 is returned. Otherwise, failure
- */
+static int ffa_get_partitions_info(const char *uuid_str,
u32 *parts_size, struct ffa_partition_info *buffer)+{
- /*
* fill_data:* 0: return the SP count* 1: fill SP data and return it to the caller* -1: undefined mode*/- int fill_data = -1;
- u32 desc_idx, client_desc_idx;
- struct ffa_partition_uuid part_uuid = {0};
- u32 client_desc_max_cnt;
- u32 parts_found = 0;
- if (!ffa_priv_data->partitions.count || !ffa_priv_data->partitions.descs) {
ffa_err("no partition installed");return -EINVAL;- }
- if (!uuid_str) {
ffa_err("no UUID provided");return -EINVAL;- }
- if (!parts_size) {
ffa_err("no size/count provided");return -EINVAL;- }
- if (be_uuid_str_to_le_bin(uuid_str, (unsigned char *)&part_uuid)) {
ffa_err("invalid UUID");return -EINVAL;- }
- if (!buffer) {
/* Mode 1: getting the number of secure partitions */fill_data = 0;ffa_info("Preparing for checking partitions count");- } else if ((*parts_size >= sizeof(struct ffa_partition_info)) &&
!(*parts_size % sizeof(struct ffa_partition_info))) {/* Mode 2: retrieving the partitions information */fill_data = 1;client_desc_idx = 0;/** number of empty descriptors preallocated by the caller*/client_desc_max_cnt = *parts_size / sizeof(struct ffa_partition_info);ffa_info("Preparing for filling partitions info");- } else {
ffa_err("invalid function arguments provided");return -EINVAL;- }
- ffa_info("Searching partitions using the provided UUID");
- /*
* search in the cached partitions*/- for (desc_idx = 0;
desc_idx < ffa_priv_data->partitions.count;desc_idx++) {if (ffa_uuid_are_identical(&ffa_priv_data->partitions.descs[desc_idx].sp_uuid,&part_uuid)) {ffa_info("Partition ID %x matches the provided UUID",ffa_priv_data->partitions.descs[desc_idx].info.id);parts_found++;if (fill_data) {/** trying to fill the partition info in the input buffer*/if (client_desc_idx < client_desc_max_cnt) {buffer[client_desc_idx++] =ffa_priv_data->partitions.descs[desc_idx].info;continue;}ffa_err("failed to fill the current descriptor client buffer full");return -ENOBUFS;}}- }
- if (!parts_found) {
int ret;ffa_info("No partition found. Querying framework ...");ret = ffa_query_partitions_info(&part_uuid, &parts_found);if (ret == 0) {if (!fill_data) {*parts_size = parts_found;ffa_info("Number of partition(s) found matching the UUID: %d",parts_found);} else {/** If SPs data detected, they are already in the private data* structure, retry searching SP data again to return them* to the caller*/if (parts_found)ret = ffa_get_partitions_info(uuid_str, parts_size, buffer);elseret = -ENODATA;}}return ret;- }
- /* partition(s) found */
- if (!fill_data)
*parts_size = parts_found;- return 0;
+}
+/**
- ffa_cache_partitions_info - Queries and saves all secure partitions data
- This is a boot time function that invokes FFA_PARTITION_INFO_GET FF-A
- function to query from secure world all partitions information.
- The FFA_PARTITION_INFO_GET call is issued with nil UUID as an argument.
- All installed partitions information are returned. We cache them in the
- resident private data structure and we keep the UUID field empty
- (in FF-A 1.0 UUID is not provided by the partition descriptor)
- This function is called at the device probing level.
- ffa_cache_partitions_info uses ffa_query_partitions_info to get the data
- Return:
- 0 on success. Otherwise, failure
- */
+static int ffa_cache_partitions_info(void) +{
- return ffa_query_partitions_info(NULL, NULL);
+}
+/**
- ffa_msg_send_direct_req - FFA_MSG_SEND_DIRECT_{REQ,RESP} handler function
- @dst_part_id: destination partition ID
- @msg: pointer to the message data preallocated by the client (in/out)
- This is the runtime function that implements FFA_MSG_SEND_DIRECT_{REQ,RESP}
- FF-A functions.
- FFA_MSG_SEND_DIRECT_REQ is used to send the data to the secure partition.
- The response from the secure partition is handled by reading the
- FFA_MSG_SEND_DIRECT_RESP arguments.
- The maximum size of the data that can be exchanged is 40 bytes which is
- sizeof(struct ffa_send_direct_data) as defined by the FF-A specification 1.0
- in the section relevant to FFA_MSG_SEND_DIRECT_{REQ,RESP}
- Return:
- 0 on success. Otherwise, failure
- */
+static int __ffa_runtime ffa_msg_send_direct_req(u16 dst_part_id, struct ffa_send_direct_data *msg) +{
- ffa_value_t res = {0};
- int ffa_errno;
- if (!ffa_priv_data || !ffa_priv_data->invoke_ffa_fn)
return -EINVAL;- /* No partition installed */
- if (!ffa_priv_data->partitions.count || !ffa_priv_data->partitions.descs)
return -ENODEV;- ffa_priv_data->invoke_ffa_fn((ffa_value_t){
.a0 = FFA_SMC_64(FFA_MSG_SEND_DIRECT_REQ),.a1 = PREP_SELF_ENDPOINT_ID(ffa_priv_data->id) |PREP_PART_ENDPOINT_ID(dst_part_id),.a2 = 0,.a3 = msg->data0,.a4 = msg->data1,.a5 = msg->data2,.a6 = msg->data3,.a7 = msg->data4,}, &res);- while (res.a0 == FFA_SMC_32(FFA_INTERRUPT))
ffa_priv_data->invoke_ffa_fn((ffa_value_t){.a0 = FFA_SMC_32(FFA_RUN),.a1 = res.a1, .a2 = 0, .a3 = 0, .a4 = 0, .a5 = 0, .a6 = 0, .a7 = 0,}, &res);- if (res.a0 == FFA_SMC_32(FFA_SUCCESS)) {
How can the caller tell this response apart from a FFA_MSG_SEND_DIRECT_RESP?
/* Message sent with no response */return 0;- }
- if (res.a0 == FFA_SMC_64(FFA_MSG_SEND_DIRECT_RESP)) {
/** Message sent with response* extract the return data*/msg->data0 = res.a3;msg->data1 = res.a4;msg->data2 = res.a5;msg->data3 = res.a6;msg->data4 = res.a7;return 0;- }
- ffa_errno = (int)res.a2;
- return ffa_to_std_errno(ffa_errno);
+}
+/**
- __arm_ffa_fn_smc - SMC wrapper
- @args: FF-A ABI arguments to be copied to Xn registers
- @res: FF-A ABI return data to be copied from Xn registers
- Calls low level SMC assembly function
- Return: void
- */
+void __ffa_runtime __arm_ffa_fn_smc(ffa_value_t args, ffa_value_t *res) +{
- arm_smccc_1_2_smc(&args, res);
+}
+/**
- ffa_set_smc_conduit - Set the SMC conduit
- This boot time function selects the SMC conduit by setting the driver invoke function
- to SMC assembly function
- Return:
- 0 on success. Otherwise, failure
- */
+static int ffa_set_smc_conduit(void) +{
- ffa_priv_data->invoke_ffa_fn = __arm_ffa_fn_smc;
- if (!ffa_priv_data->invoke_ffa_fn) {
ffa_err("failure to set the invoke function");return -EINVAL;- }
- ffa_info("Conduit is SMC");
- return 0;
+}
+/**
- ffa_set_bus_ops - Set the bus driver operations
- Setting the driver callbacks.
- */
+static void ffa_set_bus_ops(void) +{
- ffa_priv_data->ffa_ops.partition_info_get = ffa_get_partitions_info;
- ffa_priv_data->ffa_ops.sync_send_receive = ffa_msg_send_direct_req;
- ffa_priv_data->ffa_ops.rxtx_unmap = ffa_unmap_rxtx_buffers;
+}
+/**
- ffa_alloc_prvdata - allocate the driver main data structure and sets the device
- @dev: the arm_ffa device
- This boot time function creates the main data structure embedding all the driver data.
- Return:
- 0 on success. Otherwise, failure
- */
+static int ffa_alloc_prvdata(struct udevice *dev) +{
- if (!dev) {
ffa_err("no udevice found");return -ENODEV;- }
- /* The device is registered with the DM. Let's create the driver main data structure*/
- ffa_priv_data = devm_kmalloc(dev, sizeof(struct ffa_prvdata), __GFP_ZERO);
- if (!ffa_priv_data) {
ffa_err("can not allocate the driver main data structure");return -ENOMEM;- }
- ffa_priv_data->dev = dev;
- return 0;
+}
+/**
- ffa_probe - The driver probe function
- @dev: the arm_ffa device
- Probing is done at boot time and triggered by the uclass device discovery.
- At probe level the following actions are done:
- setting the conduit
- querying the FF-A framework version
- querying from secure world the u-boot endpoint ID
- querying from secure world the supported features of FFA_RXTX_MAP
- mapping the RX/TX buffers
- querying from secure world all the partitions information
- All data queried from secure world is saved in the resident private data structure.
- The probe will fail if either FF-A framework is not detected or the
- FF-A requests are not behaving correctly. This ensures that the
- driver is not installed and its operations are not exported to the clients.
- Return:
- 0 on success. Otherwise, failure
- */
+static int ffa_probe(struct udevice *dev) +{
- int ret;
- ret = ffa_alloc_prvdata(dev);
- if (ret != 0)
return ret;- ffa_set_bus_ops();
- ret = ffa_set_smc_conduit();
What if there's a hypervisor involved and HVC would be expected intead?
- if (ret != 0)
return ret;- ret = ffa_get_version();
- if (ret != 0)
return ret;- ret = ffa_get_endpoint_id();
- if (ret != 0)
return ret;- ret = ffa_get_rxtx_map_features();
- if (ret != 0)
return ret;- ret = ffa_map_rxtx_buffers();
- if (ret != 0)
return ret;- ret = ffa_cache_partitions_info();
Why are we saving all the found partitions in a cache? It seems that FFA_PARTITION_INFO_GET could be called each time when needed instead without any noticeable overhead. Or is the result cached for some other reason?
- if (ret != 0) {
ffa_free_rxtx_buffers();return ret;- }
- return 0;
+}
+/**
- ffa_remove - The driver remove function
- @dev: the arm_ffa device
- When the device is about to be removed , unmap the RX/TX buffers and free the memory
- Return:
- 0 on success.
- */
+static int ffa_remove(struct udevice *dev) +{
- ffa_info("removing the device");
- ffa_unmap_rxtx_buffers();
- if (ffa_priv_data->pair.rxbuf || ffa_priv_data->pair.txbuf)
ffa_free_rxtx_buffers();- return 0;
+}
+/**
- ffa_unbind - The driver unbind function
- @dev: the arm_ffa device
- After the device is removed and memory freed the device is unbound
- Return:
- 0 on success.
- */
+static int ffa_unbind(struct udevice *dev) +{
- ffa_info("unbinding the device , private data already released");
- ffa_priv_data = NULL;
- return 0;
+}
+/**
- ffa_bus_ops_get - bus driver operations getter
- Return:
- This runtime function returns a pointer to the driver operations structure
- */
+const struct ffa_bus_ops * __ffa_runtime ffa_bus_ops_get(void) +{
- return &ffa_priv_data->ffa_ops;
+}
+/**
- ffa_bus_prvdata_get - bus driver private data getter
- Return:
- This boot time function returns a pointer to the main private data structure
- */
+struct ffa_prvdata **ffa_bus_prvdata_get(void) +{
- return &ffa_priv_data;
+}
+/**
- ffa_bus_discover - discover FF-A bus and probe the arm_ffa device
- This boot time function makes sure the FF-A bus is discoverable.
- Then, the arm_ffa device is probed and ready to use.
- This function is called automatically at initcalls
- level (after u-boot relocation).
- When the bus was already discovered successfully the discovery will not run again.
- Arm FF-A transport is implemented through arm_ffa u-boot device managing the FF-A
- communication.
- All FF-A clients should use the arm_ffa device to use the FF-A transport.
- Return:
- 0 on success. Otherwise, failure
- */
+int ffa_bus_discover(void) +{
- int ret = 0;
- if (!ffa_priv_data)
ret = ffa_device_get();- return ret;
+}
+/**
- Declaring the arm_ffa driver under UCLASS_FFA
- */
+U_BOOT_DRIVER(arm_ffa) = {
- .name = FFA_DRV_NAME,
- .id = UCLASS_FFA,
- .probe = ffa_probe,
- .remove = ffa_remove,
- .unbind = ffa_unbind,
+}; diff --git a/drivers/firmware/arm-ffa/efi_ffa_runtime_data_mgr.c b/drivers/firmware/arm-ffa/efi_ffa_runtime_data_mgr.c new file mode 100644 index 0000000000..c76cf2147b --- /dev/null +++ b/drivers/firmware/arm-ffa/efi_ffa_runtime_data_mgr.c @@ -0,0 +1,94 @@ +// SPDX-License-Identifier: GPL-2.0+ +/*
- (C) Copyright 2022 ARM Limited
- Abdellatif El Khlifi abdellatif.elkhlifi@arm.com
- */
+#include "arm_ffa_prv.h"
+/**
- ffa_copy_runtime_data - copy the private data structure to the runtime area
- This boot time function copies the arm_ffa driver data structures including
- partitions data to the EFI runtime data section.
- Return:
- 0 on success. Otherwise, failure
- */
+efi_status_t ffa_copy_runtime_data(void) +{
- efi_status_t efi_ret;
- efi_uintn_t prvdata_pages;
- efi_uintn_t descs_pages;
- struct ffa_prvdata **prvdata = NULL; /* Pointer to the current structure */
- struct ffa_prvdata *runtime_prvdata = NULL; /* Pointer to the structure runtime copy */
- u64 runtime_descs = 0;
- prvdata = ffa_bus_prvdata_get();
- printf("INFO: EFI: FFA: prv data area at 0x%llx\n", (u64)prvdata);
- /* allocate private data runtime area */
- prvdata_pages = efi_size_in_pages(sizeof(struct ffa_prvdata));
- efi_ret = efi_allocate_pages(EFI_ALLOCATE_ANY_PAGES,
EFI_RUNTIME_SERVICES_DATA,prvdata_pages,(u64 *)&runtime_prvdata);
Better to use a temporary u64 instead of casting the pointer.
- if (efi_ret != EFI_SUCCESS) {
printf("ERROR: EFI: FFA: allocating runtime data (err: 0x%lx, addr 0x%llx)\n",efi_ret, (u64)runtime_prvdata);return efi_ret;- }
- printf("INFO: EFI: FFA: runtime data area at 0x%llx\n", (u64)runtime_prvdata);
- if (!runtime_prvdata)
return EFI_INVALID_PARAMETER;- /* allocate the partition data runtime area */
- descs_pages = efi_size_in_pages((*prvdata)->partitions.count *
sizeof(struct ffa_partition_desc));- efi_ret = efi_allocate_pages(EFI_ALLOCATE_ANY_PAGES,
EFI_RUNTIME_SERVICES_DATA,descs_pages,&runtime_descs);- if (efi_ret != EFI_SUCCESS) {
printf("ERROR: EFI: FFA: allocating runtime SPs data (err: 0x%lx, addr 0x%llx)\n",efi_ret, runtime_descs);efi_free_pages((u64)runtime_prvdata, prvdata_pages);return efi_ret;- }
- printf("INFO: EFI: FFA: SPs runtime area at 0x%llx\n", (u64)runtime_descs);
- if (!runtime_descs)
return EFI_INVALID_PARAMETER;- *runtime_prvdata = **prvdata;
With this you copy fwk_versien. This field will become out of data if the kernel driver negotiates a different framework version.
- runtime_prvdata->dev = NULL;
- runtime_prvdata->ffa_ops.partition_info_get = NULL;
- runtime_prvdata->ffa_ops.rxtx_unmap = NULL;
- runtime_prvdata->partitions.descs = (struct ffa_partition_desc *)runtime_descs;
- runtime_prvdata->pair.rxbuf = 0;
- runtime_prvdata->pair.txbuf = 0;
- /*
* Update the private data structure pointer in the driver* no need to free the old structure. devm takes care of that*/- *prvdata = runtime_prvdata;
- printf("INFO: EFI: FFA: runtime prv data now at 0x%llx , SPs count %d\n",
(u64)*prvdata, (*prvdata)->partitions.count);- return 0;
+} diff --git a/include/arm_ffa.h b/include/arm_ffa.h new file mode 100644 index 0000000000..f17b100497 --- /dev/null +++ b/include/arm_ffa.h @@ -0,0 +1,127 @@ +/* SPDX-License-Identifier: GPL-2.0+ */ +/*
- (C) Copyright 2022 ARM Limited
- Abdellatif El Khlifi abdellatif.elkhlifi@arm.com
- */
+#ifndef __ARM_FFA_H +#define __ARM_FFA_H
+#include <linux/printk.h>
+/*
- This header is public. It can be used by clients to access
- data structures and definitions they need
- */
+/*
- Macros for displaying logs
- */
+#define ffa_info(fmt, ...) pr_info("[FFA] " fmt "\n", ##__VA_ARGS__) +#define ffa_err(fmt, ...) pr_err("[FFA] " fmt "\n", ##__VA_ARGS__)
+/*
- struct ffa_partition_info - Partition information descriptor
- @id: Partition ID
- @exec_ctxt: Execution context count
- @properties: Partition properties
- Data structure containing information about partitions instantiated in the system
- This structure is filled with the data queried by FFA_PARTITION_INFO_GET
- */
+struct __packed ffa_partition_info {
- u16 id;
- u16 exec_ctxt;
+/* partition supports receipt of direct requests */ +#define FFA_PARTITION_DIRECT_RECV BIT(0) +/* partition can send direct requests. */ +#define FFA_PARTITION_DIRECT_SEND BIT(1) +/* partition can send and receive indirect messages. */ +#define FFA_PARTITION_INDIRECT_MSG BIT(2)
- u32 properties;
+};
+/*
- struct ffa_send_direct_data - Data structure hosting the data
used by FFA_MSG_SEND_DIRECT_{REQ,RESP}
- @data0-4: Data read/written from/to x3-x7 registers
- Data structure containing the data to be sent by FFA_MSG_SEND_DIRECT_REQ
- or read from FFA_MSG_SEND_DIRECT_RESP
- */
+/* For use with FFA_MSG_SEND_DIRECT_{REQ,RESP} which pass data via registers */ +struct __packed ffa_send_direct_data {
- unsigned long data0; /* w3/x3 */
- unsigned long data1; /* w4/x4 */
- unsigned long data2; /* w5/x5 */
- unsigned long data3; /* w6/x6 */
- unsigned long data4; /* w7/x7 */
+};
+#if CONFIG_IS_ENABLED(ARM_FFA_EFI_RUNTIME_MODE)
+#include <efi_loader.h>
+/*
- __ffa_runtime - controls whether functions are
- available after calling the EFI ExitBootServices service.
- Functions tagged with these keywords are resident (available at boot time and
- at runtime)
- */
+#define __ffa_runtime_data __efi_runtime_data +#define __ffa_runtime __efi_runtime
+#else
+/*
- The FF-A driver is independent from EFI
- */
+#define __ffa_runtime_data +#define __ffa_runtime
+#endif
+/**
- struct ffa_bus_ops - The driver operations structure
- @partition_info_get: callback for the FFA_PARTITION_INFO_GET
- @sync_send_receive: callback for the FFA_MSG_SEND_DIRECT_REQ
- @rxtx_unmap: callback for the FFA_RXTX_UNMAP
- The data structure providing all the operations supported by the driver.
- This structure is EFI runtime resident.
- */
+struct ffa_bus_ops {
- int (*partition_info_get)(const char *uuid_str,
u32 *parts_size, struct ffa_partition_info *buffer);- int (*sync_send_receive)(u16 dst_part_id, struct ffa_send_direct_data *msg);
- int (*rxtx_unmap)(void);
+};
+/**
- The device driver and the Uclass driver public functions
- */
+/**
- ffa_bus_ops_get - driver operations getter
- */
+const struct ffa_bus_ops * __ffa_runtime ffa_bus_ops_get(void);
+/**
- ffa_bus_discover - discover FF-A bus and probes the arm_ffa device
- */
+int ffa_bus_discover(void);
+#if CONFIG_IS_ENABLED(ARM_FFA_EFI_RUNTIME_MODE)
+/**
- ffa_copy_runtime_data - copy the private data structure and the SPs data to the runtime area
- */
+efi_status_t ffa_copy_runtime_data(void);
+#endif
+#endif diff --git a/include/dm/uclass-id.h b/include/dm/uclass-id.h index a432e43871..5dd698b7a9 100644 --- a/include/dm/uclass-id.h +++ b/include/dm/uclass-id.h @@ -4,6 +4,9 @@
- (C) Copyright 2012
- Pavel Herrmann morpheus.ibis@gmail.com
- (C) Copyright 2022 ARM Limited
*/
- Abdellatif El Khlifi abdellatif.elkhlifi@arm.com
#ifndef _DM_UCLASS_ID_H @@ -55,6 +58,7 @@ enum uclass_id { UCLASS_EFI_MEDIA, /* Devices provided by UEFI firmware */ UCLASS_ETH, /* Ethernet device */ UCLASS_ETH_PHY, /* Ethernet PHY device */
- UCLASS_FFA, /* Arm Firmware Framework for Armv8-A */ UCLASS_FIRMWARE, /* Firmware */ UCLASS_FUZZING_ENGINE, /* Fuzzing engine */ UCLASS_FS_FIRMWARE_LOADER, /* Generic loader */
diff --git a/lib/efi_loader/efi_boottime.c b/lib/efi_loader/efi_boottime.c index 6f7333638a..af0b0f3db1 100644 --- a/lib/efi_loader/efi_boottime.c +++ b/lib/efi_loader/efi_boottime.c @@ -3,6 +3,9 @@
- EFI application boot time services
- Copyright (c) 2016 Alexander Graf
- (C) Copyright 2022 ARM Limited
*/
- Abdellatif El Khlifi abdellatif.elkhlifi@arm.com
#include <common.h> @@ -23,6 +26,10 @@ #include <asm/setjmp.h> #include <linux/libfdt_env.h>
+#if CONFIG_IS_ENABLED(ARM_FFA_TRANSPORT) +#include <arm_ffa.h> +#endif
DECLARE_GLOBAL_DATA_PTR;
/* Task priority level */ @@ -2178,6 +2185,14 @@ static efi_status_t EFIAPI efi_exit_boot_services(efi_handle_t image_handle, dm_remove_devices_flags(DM_REMOVE_ACTIVE_ALL); }
+#if CONFIG_IS_ENABLED(ARM_FFA_TRANSPORT)
/* unmap FF-A RX/TX buffers */if (ffa_bus_ops_get()->rxtx_unmap())debug("[efi_boottime][ERROR]: can not unmap FF-A RX/TX buffers\n");elsedebug("[efi_boottime][INFO]: FF-A RX/TX buffers unmapped\n");+#endif
- /* Patch out unsupported runtime function */ efi_runtime_detach();
-- 2.17.1