rmmd_svc.h 7.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224
  1. /*
  2. * Copyright (c) 2021-2024, Arm Limited and Contributors. All rights reserved.
  3. *
  4. * SPDX-License-Identifier: BSD-3-Clause
  5. */
  6. #ifndef RMMD_SVC_H
  7. #define RMMD_SVC_H
  8. #include <common/sha_common_macros.h>
  9. #include <lib/smccc.h>
  10. #include <lib/utils_def.h>
  11. /* STD calls FNUM Min/Max ranges */
  12. #define RMI_FNUM_MIN_VALUE U(0x150)
  13. #define RMI_FNUM_MAX_VALUE U(0x18F)
  14. /* Construct RMI fastcall std FID from offset */
  15. #define SMC64_RMI_FID(_offset) \
  16. ((SMC_TYPE_FAST << FUNCID_TYPE_SHIFT) | \
  17. (SMC_64 << FUNCID_CC_SHIFT) | \
  18. (OEN_STD_START << FUNCID_OEN_SHIFT) | \
  19. (((RMI_FNUM_MIN_VALUE + (_offset)) & FUNCID_NUM_MASK) \
  20. << FUNCID_NUM_SHIFT))
  21. #define is_rmi_fid(fid) __extension__ ({ \
  22. __typeof__(fid) _fid = (fid); \
  23. ((GET_SMC_NUM(_fid) >= RMI_FNUM_MIN_VALUE) && \
  24. (GET_SMC_NUM(_fid) <= RMI_FNUM_MAX_VALUE) && \
  25. (GET_SMC_TYPE(_fid) == SMC_TYPE_FAST) && \
  26. (GET_SMC_CC(_fid) == SMC_64) && \
  27. (GET_SMC_OEN(_fid) == OEN_STD_START) && \
  28. ((_fid & 0x00FE0000) == 0U)); })
  29. /*
  30. * RMI_FNUM_REQ_COMPLETE is the only function in the RMI range that originates
  31. * from the Realm world and is handled by the RMMD. The RMI functions are
  32. * always invoked by the Normal world, forwarded by RMMD and handled by the
  33. * RMM.
  34. */
  35. /* 0x18F */
  36. #define RMM_RMI_REQ_COMPLETE SMC64_RMI_FID(U(0x3F))
  37. /* RMM_BOOT_COMPLETE arg0 error codes */
  38. #define E_RMM_BOOT_SUCCESS (0)
  39. #define E_RMM_BOOT_UNKNOWN (-1)
  40. #define E_RMM_BOOT_VERSION_MISMATCH (-2)
  41. #define E_RMM_BOOT_CPUS_OUT_OF_RANGE (-3)
  42. #define E_RMM_BOOT_CPU_ID_OUT_OF_RANGE (-4)
  43. #define E_RMM_BOOT_INVALID_SHARED_BUFFER (-5)
  44. #define E_RMM_BOOT_MANIFEST_VERSION_NOT_SUPPORTED (-6)
  45. #define E_RMM_BOOT_MANIFEST_DATA_ERROR (-7)
  46. /* The SMC in the range 0x8400 0191 - 0x8400 01AF are reserved for RSIs.*/
  47. /*
  48. * EL3 - RMM SMCs used for requesting RMMD services. These SMCs originate in Realm
  49. * world and return to Realm world.
  50. *
  51. * These are allocated from 0x8400 01B0 - 0x8400 01CF in the RMM Service range.
  52. */
  53. #define RMMD_EL3_FNUM_MIN_VALUE U(0x1B0)
  54. #define RMMD_EL3_FNUM_MAX_VALUE U(0x1CF)
  55. /* Construct RMM_EL3 fastcall std FID from offset */
  56. #define SMC64_RMMD_EL3_FID(_offset) \
  57. ((SMC_TYPE_FAST << FUNCID_TYPE_SHIFT) | \
  58. (SMC_64 << FUNCID_CC_SHIFT) | \
  59. (OEN_STD_START << FUNCID_OEN_SHIFT) | \
  60. (((RMMD_EL3_FNUM_MIN_VALUE + (_offset)) & FUNCID_NUM_MASK) \
  61. << FUNCID_NUM_SHIFT))
  62. /* The macros below are used to identify GTSI calls from the SMC function ID */
  63. #define is_rmmd_el3_fid(fid) __extension__ ({ \
  64. __typeof__(fid) _fid = (fid); \
  65. ((GET_SMC_NUM(_fid) >= RMMD_EL3_FNUM_MIN_VALUE) &&\
  66. (GET_SMC_NUM(_fid) <= RMMD_EL3_FNUM_MAX_VALUE) &&\
  67. (GET_SMC_TYPE(_fid) == SMC_TYPE_FAST) && \
  68. (GET_SMC_CC(_fid) == SMC_64) && \
  69. (GET_SMC_OEN(_fid) == OEN_STD_START) && \
  70. ((_fid & 0x00FE0000) == 0U)); })
  71. /* 0x1B0 - 0x1B1 */
  72. #define RMM_GTSI_DELEGATE SMC64_RMMD_EL3_FID(U(0))
  73. #define RMM_GTSI_UNDELEGATE SMC64_RMMD_EL3_FID(U(1))
  74. /* Return error codes from RMM-EL3 SMCs */
  75. #define E_RMM_OK 0
  76. #define E_RMM_UNK -1
  77. #define E_RMM_BAD_ADDR -2
  78. #define E_RMM_BAD_PAS -3
  79. #define E_RMM_NOMEM -4
  80. #define E_RMM_INVAL -5
  81. #define E_RMM_AGAIN -6
  82. /* Return error codes from RMI SMCs */
  83. #define RMI_SUCCESS 0
  84. #define RMI_ERROR_INPUT 1
  85. /*
  86. * Retrieve Realm attestation key from EL3. Only P-384 ECC curve key is
  87. * supported. The arguments to this SMC are :
  88. * arg0 - Function ID.
  89. * arg1 - Realm attestation key buffer Physical address.
  90. * arg2 - Realm attestation key buffer size (in bytes).
  91. * arg3 - The type of the elliptic curve to which the requested
  92. * attestation key belongs to. The value should be one of the
  93. * defined curve types.
  94. * The return arguments are :
  95. * ret0 - Status / error.
  96. * ret1 - Size of the realm attestation key if successful.
  97. */
  98. /* 0x1B2 */
  99. #define RMM_ATTEST_GET_REALM_KEY SMC64_RMMD_EL3_FID(U(2))
  100. /*
  101. * Retrieve Platform token from EL3.
  102. * The arguments to this SMC are :
  103. * arg0 - Function ID.
  104. * arg1 - Platform attestation token buffer Physical address. (The challenge
  105. * object is passed in this buffer.)
  106. * arg2 - Platform attestation token buffer size (in bytes).
  107. * arg3 - Challenge object size (in bytes). It has to be one of the defined
  108. * SHA hash sizes.
  109. * The return arguments are :
  110. * ret0 - Status / error.
  111. * ret1 - Size of the platform token if successful.
  112. */
  113. /* 0x1B3 */
  114. #define RMM_ATTEST_GET_PLAT_TOKEN SMC64_RMMD_EL3_FID(U(3))
  115. /* Starting RMM-EL3 interface version 0.4 */
  116. #define RMM_EL3_FEATURES SMC64_RMMD_EL3_FID(U(4))
  117. #define RMM_EL3_FEAT_REG_0_IDX U(0)
  118. /* Bit 0 of FEAT_REG_0 */
  119. /* 1 - the feature is present in EL3 , 0 - the feature is absent */
  120. #define RMM_EL3_FEAT_REG_0_EL3_TOKEN_SIGN_MASK U(0x1)
  121. /*
  122. * Function codes to support attestation where EL3 is used to sign
  123. * realm attestation tokens. In this model, the private key is not
  124. * exposed to the RMM.
  125. * The arguments to this SMC are:
  126. * arg0 - Function ID.
  127. * arg1 - Opcode, one of:
  128. * RMM_EL3_TOKEN_SIGN_PUSH_REQ_OP,
  129. * RMM_EL3_TOKEN_SIGN_PULL_RESP_OP,
  130. * RMM_EL3_TOKEN_SIGN_GET_RAK_PUB_OP
  131. * arg2 - Pointer to buffer with request/response structures,
  132. * which is in the RMM<->EL3 shared buffer.
  133. * arg3 - Buffer size of memory pointed by arg2.
  134. * arg4 - ECC Curve, when opcode is RMM_EL3_TOKEN_SIGN_GET_RAK_PUB_OP
  135. * The return arguments are:
  136. * ret0 - Status/Error
  137. * ret1 - Size of public key if opcode is RMM_EL3_TOKEN_SIGN_GET_RAK_PUB_OP
  138. */
  139. #define RMM_EL3_TOKEN_SIGN SMC64_RMMD_EL3_FID(U(5))
  140. /* Opcodes for RMM_EL3_TOKEN_SIGN */
  141. #define RMM_EL3_TOKEN_SIGN_PUSH_REQ_OP U(1)
  142. #define RMM_EL3_TOKEN_SIGN_PULL_RESP_OP U(2)
  143. #define RMM_EL3_TOKEN_SIGN_GET_RAK_PUB_OP U(3)
  144. /* ECC Curve types for attest key generation */
  145. #define ATTEST_KEY_CURVE_ECC_SECP384R1 U(0)
  146. /* Identifier for the hash algorithm used for attestation signing */
  147. #define EL3_TOKEN_SIGN_HASH_ALG_SHA384 U(1)
  148. /*
  149. * RMM_BOOT_COMPLETE originates on RMM when the boot finishes (either cold
  150. * or warm boot). This is handled by the RMM-EL3 interface SMC handler.
  151. *
  152. * RMM_BOOT_COMPLETE FID is located at the end of the available range.
  153. */
  154. /* 0x1CF */
  155. #define RMM_BOOT_COMPLETE SMC64_RMMD_EL3_FID(U(0x1F))
  156. /*
  157. * The major version number of the RMM Boot Interface implementation.
  158. * Increase this whenever the semantics of the boot arguments change making it
  159. * backwards incompatible.
  160. */
  161. #define RMM_EL3_IFC_VERSION_MAJOR (U(0))
  162. /*
  163. * The minor version number of the RMM Boot Interface implementation.
  164. * Increase this when a bug is fixed, or a feature is added without
  165. * breaking compatibility.
  166. */
  167. #define RMM_EL3_IFC_VERSION_MINOR (U(4))
  168. #define RMM_EL3_INTERFACE_VERSION \
  169. (((RMM_EL3_IFC_VERSION_MAJOR << 16) & 0x7FFFF) | \
  170. RMM_EL3_IFC_VERSION_MINOR)
  171. #define RMM_EL3_IFC_VERSION_GET_MAJOR(_version) (((_version) >> 16) \
  172. & 0x7FFF)
  173. #define RMM_EL3_IFC_VERSION_GET_MAJOR_MINOR(_version) ((_version) & 0xFFFF)
  174. #ifndef __ASSEMBLER__
  175. #include <stdint.h>
  176. int rmmd_setup(void);
  177. uint64_t rmmd_rmi_handler(uint32_t smc_fid,
  178. uint64_t x1,
  179. uint64_t x2,
  180. uint64_t x3,
  181. uint64_t x4,
  182. void *cookie,
  183. void *handle,
  184. uint64_t flags);
  185. uint64_t rmmd_rmm_el3_handler(uint32_t smc_fid,
  186. uint64_t x1,
  187. uint64_t x2,
  188. uint64_t x3,
  189. uint64_t x4,
  190. void *cookie,
  191. void *handle,
  192. uint64_t flags);
  193. #endif /* __ASSEMBLER__ */
  194. #endif /* RMMD_SVC_H */