/*******************************************************************************
* Load the BL3-1 image.
* The bl2_to_bl31_params and bl31_ep_info params will be updated with the
* relevant BL3-1 information.
* Return 0 on success, a negative error code otherwise.
******************************************************************************/
static int load_bl31(bl31_params_t *bl2_to_bl31_params,
entry_point_info_t *bl31_ep_info)
{
meminfo_t *bl2_tzram_layout;
int e;
INFO("BL2: Loading BL3-1\n");
assert(bl2_to_bl31_params != NULL);
assert(bl31_ep_info != NULL);
/* Find out how much free trusted ram remains after BL2 load */
bl2_tzram_layout = bl2_plat_sec_mem_layout();
/* Set the X0 parameter to BL3-1 */
bl31_ep_info->args.arg0 = (unsigned long)bl2_to_bl31_params;
/* Load the BL3-1 image */
e = load_auth_image(bl2_tzram_layout,
BL31_IMAGE_ID,
BL31_BASE,
bl2_to_bl31_params->bl31_image_info,
bl31_ep_info);
if (e == 0) {
bl2_plat_set_bl31_ep_info(bl2_to_bl31_params->bl31_image_info,
bl31_ep_info);
}
return e;
}
/*******************************************************************************
* Load the BL3-0 image if there's one.
* If a platform does not want to attempt to load BL3-0 image it must leave
* BL30_BASE undefined.
* Return 0 on success or if there's no BL3-0 image to load, a negative error
* code otherwise.
******************************************************************************/
static int load_bl30(void)
{
int e = 0;
#ifdef BL30_BASE
meminfo_t bl30_mem_info;
image_info_t bl30_image_info;
/*
* It is up to the platform to specify where BL3-0 should be loaded if
* it exists. It could create space in the secure sram or point to a
* completely different memory.
*
* The entry point information is not relevant in this case as the AP
* won't execute the BL3-0 image.
*/
INFO("BL2: Loading BL3-0\n");
bl2_plat_get_bl30_meminfo(&bl30_mem_info);
bl30_image_info.h.version = VERSION_1;
e = load_auth_image(&bl30_mem_info,
BL30_IMAGE_ID,
BL30_BASE,
&bl30_image_info,
NULL);
if (e == 0) {
/* The subsequent handling of BL3-0 is platform specific */
e = bl2_plat_handle_bl30(&bl30_image_info);
if (e) {
ERROR("Failure in platform-specific handling of BL3-0 image.\n");
}
}
#endif /* BL30_BASE */
return e;
}
/*******************************************************************************
* Load the BL3-2 image if there's one.
* The bl2_to_bl31_params param will be updated with the relevant BL3-2
* information.
* If a platform does not want to attempt to load BL3-2 image it must leave
* BL32_BASE undefined.
* Return 0 on success or if there's no BL3-2 image to load, a negative error
* code otherwise.
******************************************************************************/
static int load_bl32(bl31_params_t *bl2_to_bl31_params)
{
int e = 0;
#ifdef BL32_BASE
meminfo_t bl32_mem_info;
INFO("BL2: Loading BL3-2\n");
assert(bl2_to_bl31_params != NULL);
/*
* It is up to the platform to specify where BL3-2 should be loaded if
* it exists. It could create space in the secure sram or point to a
* completely different memory.
*/
bl2_plat_get_bl32_meminfo(&bl32_mem_info);
e = load_auth_image(&bl32_mem_info,
BL32_IMAGE_ID,
BL32_BASE,
bl2_to_bl31_params->bl32_image_info,
bl2_to_bl31_params->bl32_ep_info);
if (e == 0) {
bl2_plat_set_bl32_ep_info(
bl2_to_bl31_params->bl32_image_info,
bl2_to_bl31_params->bl32_ep_info);
}
#endif /* BL32_BASE */
return e;
}
/*******************************************************************************
* Generic function to load and authenticate an image. The image is actually
* loaded by calling the 'load_image()' function. In addition, this function
* uses recursion to authenticate the parent images up to the root of trust.
******************************************************************************/
int load_auth_image(meminfo_t *mem_layout,
unsigned int image_id,
uintptr_t image_base,
image_info_t *image_data,
entry_point_info_t *entry_point_info)
{
int rc;
#if TRUSTED_BOARD_BOOT
unsigned int parent_id;
/* Use recursion to authenticate parent images */
rc = auth_mod_get_parent_id(image_id, &parent_id);
if (rc == 0) {
rc = load_auth_image(mem_layout, parent_id, image_base,
image_data, NULL);
if (rc != LOAD_SUCCESS) {
return rc;
}
}
#endif /* TRUSTED_BOARD_BOOT */
/* Load the image */
rc = load_image(mem_layout, image_id, image_base, image_data,
entry_point_info);
if (rc != IO_SUCCESS) {
return LOAD_ERR;
}
#if TRUSTED_BOARD_BOOT
/* Authenticate it */
rc = auth_mod_verify_img(image_id,
(void *)image_data->image_base,
image_data->image_size);
if (rc != 0) {
memset((void *)image_data->image_base, 0x00,
image_data->image_size);
flush_dcache_range(image_data->image_base,
image_data->image_size);
return LOAD_AUTH_ERR;
}
/* After working with data, invalidate the data cache */
inv_dcache_range(image_data->image_base,
(size_t)image_data->image_size);
#endif /* TRUSTED_BOARD_BOOT */
return LOAD_SUCCESS;
}
/*******************************************************************************
* Load the BL3-3 image.
* The bl2_to_bl31_params param will be updated with the relevant BL3-3
* information.
* Return 0 on success, a negative error code otherwise.
******************************************************************************/
static int load_bl33(bl31_params_t *bl2_to_bl31_params)
{
meminfo_t bl33_mem_info;
int e;
INFO("BL2: Loading BL3-3\n");
assert(bl2_to_bl31_params != NULL);
bl2_plat_get_bl33_meminfo(&bl33_mem_info);
/* Load the BL3-3 image in non-secure memory provided by the platform */
e = load_auth_image(&bl33_mem_info,
BL33_IMAGE_ID,
plat_get_ns_image_entrypoint(),
bl2_to_bl31_params->bl33_image_info,
bl2_to_bl31_params->bl33_ep_info);
if (e == 0) {
bl2_plat_set_bl33_ep_info(bl2_to_bl31_params->bl33_image_info,
bl2_to_bl31_params->bl33_ep_info);
}
return e;
}
/*
* Helper function to load TB_FW_CONFIG and populate the load information to
* arg0 of BL2 entrypoint info.
*/
void arm_load_tb_fw_config(void)
{
int err;
uintptr_t config_base = 0UL;
image_desc_t *desc;
image_desc_t arm_tb_fw_info = {
.image_id = TB_FW_CONFIG_ID,
SET_STATIC_PARAM_HEAD(image_info, PARAM_IMAGE_BINARY,
VERSION_2, image_info_t, 0),
.image_info.image_base = ARM_TB_FW_CONFIG_BASE,
.image_info.image_max_size =
ARM_TB_FW_CONFIG_LIMIT - ARM_TB_FW_CONFIG_BASE
};
VERBOSE("BL1: Loading TB_FW_CONFIG\n");
err = load_auth_image(TB_FW_CONFIG_ID, &arm_tb_fw_info.image_info);
if (err != 0) {
/* Return if TB_FW_CONFIG is not loaded */
VERBOSE("Failed to load TB_FW_CONFIG\n");
return;
}
/* At this point we know that a DTB is indeed available */
config_base = arm_tb_fw_info.image_info.image_base;
tb_fw_cfg_dtb = (void *)config_base;
tb_fw_cfg_dtb_size = (size_t)arm_tb_fw_info.image_info.image_max_size;
/* The BL2 ep_info arg0 is modified to point to TB_FW_CONFIG */
desc = bl1_plat_get_image_desc(BL2_IMAGE_ID);
assert(desc != NULL);
desc->ep_info.args.arg0 = config_base;
INFO("BL1: TB_FW_CONFIG loaded at address = 0x%lx\n", config_base);
#if TRUSTED_BOARD_BOOT && defined(DYN_DISABLE_AUTH)
int tb_fw_node;
uint32_t disable_auth = 0;
err = arm_dyn_tb_fw_cfg_init((void *)config_base, &tb_fw_node);
if (err < 0) {
ERROR("Invalid TB_FW_CONFIG loaded\n");
panic();
}
err = arm_dyn_get_disable_auth((void *)config_base, tb_fw_node, &disable_auth);
if (err < 0)
return;
if (disable_auth == 1)
dyn_disable_auth();
#endif
}
/*
* BL2 utility function to set the address of TB_FW_CONFIG passed from BL1.
*/
void arm_bl2_set_tb_cfg_addr(void *dtb)
{
assert(dtb != NULL);
tb_fw_cfg_dtb = dtb;
}
/*******************************************************************************
* This function loads SCP_BL2/BL3x images and returns the ep_info for
* the next executable image.
******************************************************************************/
entry_point_info_t *bl2_load_images(void)
{
bl_params_t *bl2_to_next_bl_params;
bl_load_info_t *bl2_load_info;
const bl_load_info_node_t *bl2_node_info;
int plat_setup_done = 0;
int err;
/*
* Get information about the images to load.
*/
bl2_load_info = plat_get_bl_image_load_info();
assert(bl2_load_info);
assert(bl2_load_info->head);
assert(bl2_load_info->h.type == PARAM_BL_LOAD_INFO);
assert(bl2_load_info->h.version >= VERSION_2);
bl2_node_info = bl2_load_info->head;
while (bl2_node_info) {
/*
* Perform platform setup before loading the image,
* if indicated in the image attributes AND if NOT
* already done before.
*/
if (bl2_node_info->image_info->h.attr & IMAGE_ATTRIB_PLAT_SETUP) {
if (plat_setup_done) {
WARN("BL2: Platform setup already done!!\n");
} else {
INFO("BL2: Doing platform setup\n");
bl2_platform_setup();
plat_setup_done = 1;
}
}
if (!(bl2_node_info->image_info->h.attr & IMAGE_ATTRIB_SKIP_LOADING)) {
INFO("BL2: Loading image id %d\n", bl2_node_info->image_id);
err = load_auth_image(bl2_node_info->image_id,
bl2_node_info->image_info);
if (err) {
ERROR("BL2: Failed to load image (%i)\n", err);
plat_error_handler(err);
}
} else {
INFO("BL2: Skip loading image id %d\n", bl2_node_info->image_id);
}
/* Allow platform to handle image information. */
err = bl2_plat_handle_post_image_load(bl2_node_info->image_id);
if (err) {
ERROR("BL2: Failure in post image load handling (%i)\n", err);
plat_error_handler(err);
}
/* Go to next image */
bl2_node_info = bl2_node_info->next_load_info;
}
/*
* Get information to pass to the next image.
*/
bl2_to_next_bl_params = plat_get_next_bl_params();
assert(bl2_to_next_bl_params);
assert(bl2_to_next_bl_params->head);
assert(bl2_to_next_bl_params->h.type == PARAM_BL_PARAMS);
assert(bl2_to_next_bl_params->h.version >= VERSION_2);
assert(bl2_to_next_bl_params->head->ep_info);
/* Populate arg0 for the next BL image */
bl2_to_next_bl_params->head->ep_info->args.arg0 = (u_register_t)bl2_to_next_bl_params;
/* Flush the parameters to be passed to next image */
plat_flush_next_bl_params();
return bl2_to_next_bl_params->head->ep_info;
}
