From 2fccb228045696b98f83b1d865bac3c65d96b980 Mon Sep 17 00:00:00 2001 From: Antonio Nino Diaz Date: Tue, 24 Oct 2017 10:07:35 +0100 Subject: SPM: Introduce Secure Partition Manager A Secure Partition is a software execution environment instantiated in S-EL0 that can be used to implement simple management and security services. Since S-EL0 is an unprivileged exception level, a Secure Partition relies on privileged firmware e.g. ARM Trusted Firmware to be granted access to system and processor resources. Essentially, it is a software sandbox that runs under the control of privileged software in the Secure World and accesses the following system resources: - Memory and device regions in the system address map. - PE system registers. - A range of asynchronous exceptions e.g. interrupts. - A range of synchronous exceptions e.g. SMC function identifiers. A Secure Partition enables privileged firmware to implement only the absolutely essential secure services in EL3 and instantiate the rest in a partition. Since the partition executes in S-EL0, its implementation cannot be overly complex. The component in ARM Trusted Firmware responsible for managing a Secure Partition is called the Secure Partition Manager (SPM). The SPM is responsible for the following: - Validating and allocating resources requested by a Secure Partition. - Implementing a well defined interface that is used for initialising a Secure Partition. - Implementing a well defined interface that is used by the normal world and other secure services for accessing the services exported by a Secure Partition. - Implementing a well defined interface that is used by a Secure Partition to fulfil service requests. - Instantiating the software execution environment required by a Secure Partition to fulfil a service request. Change-Id: I6f7862d6bba8732db5b73f54e789d717a35e802f Co-authored-by: Douglas Raillard Co-authored-by: Sandrine Bailleux Co-authored-by: Achin Gupta Co-authored-by: Antonio Nino Diaz Signed-off-by: Antonio Nino Diaz --- services/std_svc/std_svc_setup.c | 30 +++++++++++++++++++++++++++--- 1 file changed, 27 insertions(+), 3 deletions(-) (limited to 'services/std_svc/std_svc_setup.c') diff --git a/services/std_svc/std_svc_setup.c b/services/std_svc/std_svc_setup.c index 8e690467..977ed7f6 100644 --- a/services/std_svc/std_svc_setup.c +++ b/services/std_svc/std_svc_setup.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2014-2016, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2014-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -12,6 +12,7 @@ #include #include #include +#include #include #include #include @@ -25,15 +26,26 @@ DEFINE_SVC_UUID(arm_svc_uid, static int32_t std_svc_setup(void) { uintptr_t svc_arg; + int ret = 0; svc_arg = get_arm_std_svc_args(PSCI_FID_MASK); assert(svc_arg); /* - * PSCI is the only specification implemented as a Standard Service. + * PSCI is one of the specifications implemented as a Standard Service. * The `psci_setup()` also does EL3 architectural setup. */ - return psci_setup((const psci_lib_args_t *)svc_arg); + if (psci_setup((const psci_lib_args_t *)svc_arg) != PSCI_E_SUCCESS) { + ret = 1; + } + +#if ENABLE_SPM + if (spm_setup() != 0) { + ret = 1; + } +#endif + + return ret; } /* @@ -80,6 +92,18 @@ uintptr_t std_svc_smc_handler(uint32_t smc_fid, SMC_RET1(handle, ret); } + +#if ENABLE_SPM + /* + * Dispatch SPM calls to SPM SMC handler and return its return + * value + */ + if (is_spm_fid(smc_fid)) { + return spm_smc_handler(smc_fid, x1, x2, x3, x4, cookie, + handle, flags); + } +#endif + switch (smc_fid) { case ARM_STD_SVC_CALL_COUNT: /* -- cgit v1.2.3