diff --git a/Makefile b/Makefile index ffd6031..726387a 100644 --- a/Makefile +++ b/Makefile @@ -390,13 +390,6 @@ endif endif -# For AArch32, LOAD_IMAGE_V2 must be enabled. -ifeq (${ARCH},aarch32) - ifeq (${LOAD_IMAGE_V2}, 0) - $(error "For AArch32, LOAD_IMAGE_V2 must be enabled.") - endif -endif - # When building for systems with hardware-assisted coherency, there's no need to # use USE_COHERENT_MEM. Require that USE_COHERENT_MEM must be set to 0 too. ifeq ($(HW_ASSISTED_COHERENCY)-$(USE_COHERENT_MEM),1-1) @@ -438,14 +431,11 @@ endif endif -# DYN_DISABLE_AUTH can be set only when TRUSTED_BOARD_BOOT=1 and LOAD_IMAGE_V2=1 +# DYN_DISABLE_AUTH can be set only when TRUSTED_BOARD_BOOT=1 ifeq ($(DYN_DISABLE_AUTH), 1) ifeq (${TRUSTED_BOARD_BOOT}, 0) $(error "TRUSTED_BOARD_BOOT must be enabled for DYN_DISABLE_AUTH to be set.") endif - ifeq (${LOAD_IMAGE_V2}, 0) - $(error "DYN_DISABLE_AUTH is only supported for LOAD_IMAGE_V2.") - endif endif ################################################################################ @@ -585,7 +575,6 @@ $(eval $(call assert_boolean,GICV2_G0_FOR_EL3)) $(eval $(call assert_boolean,HANDLE_EA_EL3_FIRST)) $(eval $(call assert_boolean,HW_ASSISTED_COHERENCY)) -$(eval $(call assert_boolean,LOAD_IMAGE_V2)) $(eval $(call assert_boolean,MULTI_CONSOLE_API)) $(eval $(call assert_boolean,NS_TIMER_SWITCH)) $(eval $(call assert_boolean,PL011_GENERIC_UART)) @@ -636,7 +625,6 @@ $(eval $(call add_define,GICV2_G0_FOR_EL3)) $(eval $(call add_define,HANDLE_EA_EL3_FIRST)) $(eval $(call add_define,HW_ASSISTED_COHERENCY)) -$(eval $(call add_define,LOAD_IMAGE_V2)) $(eval $(call add_define,LOG_LEVEL)) $(eval $(call add_define,MULTI_CONSOLE_API)) $(eval $(call add_define,NS_TIMER_SWITCH)) diff --git a/bl1/bl1_fwu.c b/bl1/bl1_fwu.c index 25be577..d762d07 100644 --- a/bl1/bl1_fwu.c +++ b/bl1/bl1_fwu.c @@ -291,26 +291,11 @@ return -ENOMEM; } -#if LOAD_IMAGE_V2 /* Check that the image size to load is within limit */ if (image_size > image_desc->image_info.image_max_size) { WARN("BL1-FWU: Image size out of bounds\n"); return -ENOMEM; } -#else - /* - * Check the image will fit into the free trusted RAM after BL1 - * load. - */ - const meminfo_t *mem_layout = bl1_plat_sec_mem_layout(); - if (!is_mem_free(mem_layout->free_base, mem_layout->free_size, - image_desc->image_info.image_base, - image_size)) { - WARN("BL1-FWU: Copy not allowed due to insufficient" - " resources.\n"); - return -ENOMEM; - } -#endif /* Save the given image size. */ image_desc->image_info.image_size = image_size; diff --git a/bl1/bl1_main.c b/bl1/bl1_main.c index 047cd6f..d681a97 100644 --- a/bl1/bl1_main.c +++ b/bl1/bl1_main.c @@ -37,7 +37,6 @@ assert(bl1_mem_layout != NULL); assert(bl2_mem_layout != NULL); -#if LOAD_IMAGE_V2 /* * Remove BL1 RW data from the scope of memory visible to BL2. * This is assuming BL1 RW data is at the top of bl1_mem_layout. @@ -45,19 +44,6 @@ assert(BL1_RW_BASE > bl1_mem_layout->total_base); bl2_mem_layout->total_base = bl1_mem_layout->total_base; bl2_mem_layout->total_size = BL1_RW_BASE - bl1_mem_layout->total_base; -#else - /* Check that BL1's memory is lying outside of the free memory */ - assert((BL1_RAM_LIMIT <= bl1_mem_layout->free_base) || - (BL1_RAM_BASE >= bl1_mem_layout->free_base + - bl1_mem_layout->free_size)); - - /* Remove BL1 RW data from the scope of memory visible to BL2 */ - *bl2_mem_layout = *bl1_mem_layout; - reserve_mem(&bl2_mem_layout->total_base, - &bl2_mem_layout->total_size, - BL1_RAM_BASE, - BL1_RAM_LIMIT - BL1_RAM_BASE); -#endif /* LOAD_IMAGE_V2 */ flush_dcache_range((unsigned long)bl2_mem_layout, sizeof(meminfo_t)); } @@ -183,27 +169,7 @@ plat_error_handler(err); } -#if LOAD_IMAGE_V2 err = load_auth_image(BL2_IMAGE_ID, image_info); -#else - entry_point_info_t *ep_info; - meminfo_t *bl1_tzram_layout; - - /* Get the entry point info */ - ep_info = &image_desc->ep_info; - - /* Find out how much free trusted ram remains after BL1 load */ - bl1_tzram_layout = bl1_plat_sec_mem_layout(); - - /* Load the BL2 image */ - err = load_auth_image(bl1_tzram_layout, - BL2_IMAGE_ID, - image_info->image_base, - image_info, - ep_info); - -#endif /* LOAD_IMAGE_V2 */ - if (err) { ERROR("Failed to load BL2 firmware.\n"); plat_error_handler(err); diff --git a/bl1/tbbr/tbbr_img_desc.c b/bl1/tbbr/tbbr_img_desc.c index 44f58d3..2581d90 100644 --- a/bl1/tbbr/tbbr_img_desc.c +++ b/bl1/tbbr/tbbr_img_desc.c @@ -15,9 +15,7 @@ SET_STATIC_PARAM_HEAD(image_info, PARAM_IMAGE_BINARY, VERSION_1, image_info_t, 0), .image_info.image_base = BL2_BASE, -#if LOAD_IMAGE_V2 .image_info.image_max_size = BL2_LIMIT - BL2_BASE, -#endif SET_STATIC_PARAM_HEAD(ep_info, PARAM_IMAGE_BINARY, VERSION_1, entry_point_info_t, SECURE), }, @@ -35,9 +33,7 @@ SET_STATIC_PARAM_HEAD(image_info, PARAM_IMAGE_BINARY, VERSION_1, image_info_t, 0), .image_info.image_base = SCP_BL2U_BASE, -#if LOAD_IMAGE_V2 .image_info.image_max_size = SCP_BL2U_LIMIT - SCP_BL2U_BASE, -#endif SET_STATIC_PARAM_HEAD(ep_info, PARAM_IMAGE_BINARY, VERSION_1, entry_point_info_t, SECURE), }, @@ -48,9 +44,7 @@ SET_STATIC_PARAM_HEAD(image_info, PARAM_EP, VERSION_1, image_info_t, 0), .image_info.image_base = BL2U_BASE, -#if LOAD_IMAGE_V2 .image_info.image_max_size = BL2U_LIMIT - BL2U_BASE, -#endif SET_STATIC_PARAM_HEAD(ep_info, PARAM_EP, VERSION_1, entry_point_info_t, SECURE | EXECUTABLE), .ep_info.pc = BL2U_BASE, diff --git a/bl2/bl2.mk b/bl2/bl2.mk index af30a81..f905bc2 100644 --- a/bl2/bl2.mk +++ b/bl2/bl2.mk @@ -14,11 +14,7 @@ BL2_SOURCES += common/aarch64/early_exceptions.S endif -ifeq (${LOAD_IMAGE_V2},1) BL2_SOURCES += bl2/bl2_image_load_v2.c -else -BL2_SOURCES += bl2/bl2_image_load.c -endif ifeq (${BL2_AT_EL3},0) BL2_SOURCES += bl2/${ARCH}/bl2_entrypoint.S diff --git a/bl2/bl2_image_load.c b/bl2/bl2_image_load.c deleted file mode 100644 index d22e9ce..0000000 --- a/bl2/bl2_image_load.c +++ /dev/null @@ -1,261 +0,0 @@ -/* - * Copyright (c) 2016-2018, ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -/* - * Check for platforms that use obsolete image terminology - */ -#ifdef BL30_BASE -# error "BL30_BASE platform define no longer used - please use SCP_BL2_BASE" -#endif - -/******************************************************************************* - * Load the SCP_BL2 image if there's one. - * If a platform does not want to attempt to load SCP_BL2 image it must leave - * SCP_BL2_BASE undefined. - * Return 0 on success or if there's no SCP_BL2 image to load, a negative error - * code otherwise. - ******************************************************************************/ -static int load_scp_bl2(void) -{ - int e = 0; -#ifdef SCP_BL2_BASE - meminfo_t scp_bl2_mem_info; - image_info_t scp_bl2_image_info; - - /* - * It is up to the platform to specify where SCP_BL2 should be loaded if - * it exists. It could create space in the secure sram or point to a - * completely different memory. - * - * The entry point information is not relevant in this case as the AP - * won't execute the SCP_BL2 image. - */ - INFO("BL2: Loading SCP_BL2\n"); - bl2_plat_get_scp_bl2_meminfo(&scp_bl2_mem_info); - scp_bl2_image_info.h.version = VERSION_1; - e = load_auth_image(&scp_bl2_mem_info, - SCP_BL2_IMAGE_ID, - SCP_BL2_BASE, - &scp_bl2_image_info, - NULL); - - if (e == 0) { - /* The subsequent handling of SCP_BL2 is platform specific */ - e = bl2_plat_handle_scp_bl2(&scp_bl2_image_info); - if (e) { - ERROR("Failure in platform-specific handling of SCP_BL2 image.\n"); - } - } -#endif /* SCP_BL2_BASE */ - - return e; -} - -#ifndef EL3_PAYLOAD_BASE -/******************************************************************************* - * Load the BL31 image. - * The bl2_to_bl31_params and bl31_ep_info params will be updated with the - * relevant BL31 information. - * Return 0 on success, a negative error code otherwise. - ******************************************************************************/ -static int load_bl31(bl31_params_t *bl2_to_bl31_params, - entry_point_info_t *bl31_ep_info) -{ - meminfo_t *bl2_tzram_layout; - int e; - - INFO("BL2: Loading BL31\n"); - assert(bl2_to_bl31_params != NULL); - assert(bl31_ep_info != NULL); - - /* Find out how much free trusted ram remains after BL2 load */ - bl2_tzram_layout = bl2_plat_sec_mem_layout(); - - /* Set the X0 parameter to BL31 */ - bl31_ep_info->args.arg0 = (unsigned long)bl2_to_bl31_params; - - /* Load the BL31 image */ - e = load_auth_image(bl2_tzram_layout, - BL31_IMAGE_ID, - BL31_BASE, - bl2_to_bl31_params->bl31_image_info, - bl31_ep_info); - - if (e == 0) { - bl2_plat_set_bl31_ep_info(bl2_to_bl31_params->bl31_image_info, - bl31_ep_info); - } - - return e; -} - -/******************************************************************************* - * Load the BL32 image if there's one. - * The bl2_to_bl31_params param will be updated with the relevant BL32 - * information. - * If a platform does not want to attempt to load BL32 image it must leave - * BL32_BASE undefined. - * Return 0 on success or if there's no BL32 image to load, a negative error - * code otherwise. - ******************************************************************************/ -static int load_bl32(bl31_params_t *bl2_to_bl31_params) -{ - int e = 0; -#ifdef BL32_BASE - meminfo_t bl32_mem_info; - - INFO("BL2: Loading BL32\n"); - assert(bl2_to_bl31_params != NULL); - - /* - * It is up to the platform to specify where BL32 should be loaded if - * it exists. It could create space in the secure sram or point to a - * completely different memory. - */ - bl2_plat_get_bl32_meminfo(&bl32_mem_info); - e = load_auth_image(&bl32_mem_info, - BL32_IMAGE_ID, - BL32_BASE, - bl2_to_bl31_params->bl32_image_info, - bl2_to_bl31_params->bl32_ep_info); - - if (e == 0) { - bl2_plat_set_bl32_ep_info( - bl2_to_bl31_params->bl32_image_info, - bl2_to_bl31_params->bl32_ep_info); - } -#endif /* BL32_BASE */ - - return e; -} - -#ifndef PRELOADED_BL33_BASE -/******************************************************************************* - * Load the BL33 image. - * The bl2_to_bl31_params param will be updated with the relevant BL33 - * information. - * Return 0 on success, a negative error code otherwise. - ******************************************************************************/ -static int load_bl33(bl31_params_t *bl2_to_bl31_params) -{ - meminfo_t bl33_mem_info; - int e; - - INFO("BL2: Loading BL33\n"); - assert(bl2_to_bl31_params != NULL); - - bl2_plat_get_bl33_meminfo(&bl33_mem_info); - - /* Load the BL33 image in non-secure memory provided by the platform */ - e = load_auth_image(&bl33_mem_info, - BL33_IMAGE_ID, - plat_get_ns_image_entrypoint(), - bl2_to_bl31_params->bl33_image_info, - bl2_to_bl31_params->bl33_ep_info); - - if (e == 0) { - bl2_plat_set_bl33_ep_info(bl2_to_bl31_params->bl33_image_info, - bl2_to_bl31_params->bl33_ep_info); - } - - return e; -} -#endif /* PRELOADED_BL33_BASE */ - -#endif /* EL3_PAYLOAD_BASE */ - -/******************************************************************************* - * This function loads SCP_BL2/BL3x images and returns the ep_info for - * the next executable image. - ******************************************************************************/ -struct entry_point_info *bl2_load_images(void) -{ - bl31_params_t *bl2_to_bl31_params; - entry_point_info_t *bl31_ep_info; - int e; - - e = load_scp_bl2(); - if (e) { - ERROR("Failed to load SCP_BL2 (%i)\n", e); - plat_error_handler(e); - } - - /* Perform platform setup in BL2 after loading SCP_BL2 */ - bl2_platform_setup(); - - /* - * Get a pointer to the memory the platform has set aside to pass - * information to BL31. - */ - bl2_to_bl31_params = bl2_plat_get_bl31_params(); - bl31_ep_info = bl2_plat_get_bl31_ep_info(); - -#ifdef EL3_PAYLOAD_BASE - /* - * In the case of an EL3 payload, we don't need to load any further - * images. Just update the BL31 entrypoint info structure to make BL1 - * jump to the EL3 payload. - * The pointer to the memory the platform has set aside to pass - * information to BL31 in the normal boot flow is reused here, even - * though only a fraction of the information contained in the - * bl31_params_t structure makes sense in the context of EL3 payloads. - * This will be refined in the future. - */ - INFO("BL2: Populating the entrypoint info for the EL3 payload\n"); - bl31_ep_info->pc = EL3_PAYLOAD_BASE; - bl31_ep_info->args.arg0 = (unsigned long) bl2_to_bl31_params; - bl2_plat_set_bl31_ep_info(NULL, bl31_ep_info); -#else - e = load_bl31(bl2_to_bl31_params, bl31_ep_info); - if (e) { - ERROR("Failed to load BL31 (%i)\n", e); - plat_error_handler(e); - } - - e = load_bl32(bl2_to_bl31_params); - if (e) { - if (e == -EAUTH) { - ERROR("Failed to authenticate BL32\n"); - plat_error_handler(e); - } else { - WARN("Failed to load BL32 (%i)\n", e); - } - } - -#ifdef PRELOADED_BL33_BASE - /* - * In this case, don't load the BL33 image as it's already loaded in - * memory. Update BL33 entrypoint information. - */ - INFO("BL2: Populating the entrypoint info for the preloaded BL33\n"); - bl2_to_bl31_params->bl33_ep_info->pc = PRELOADED_BL33_BASE; - bl2_plat_set_bl33_ep_info(NULL, bl2_to_bl31_params->bl33_ep_info); -#else - e = load_bl33(bl2_to_bl31_params); - if (e) { - ERROR("Failed to load BL33 (%i)\n", e); - plat_error_handler(e); - } -#endif /* PRELOADED_BL33_BASE */ - -#endif /* EL3_PAYLOAD_BASE */ - - /* Flush the params to be passed to memory */ - bl2_plat_flush_bl31_params(); - - return bl31_ep_info; -} diff --git a/common/bl_common.c b/common/bl_common.c index af51c07..60baa5b 100644 --- a/common/bl_common.c +++ b/common/bl_common.c @@ -23,8 +23,7 @@ /****************************************************************************** * API to dynamically disable authentication. Only meant for development - * systems. This is only invoked if DYN_DISABLE_AUTH is defined. This - * capability is restricted to LOAD_IMAGE_V2. + * systems. This is only invoked if DYN_DISABLE_AUTH is defined. *****************************************************************************/ void dyn_disable_auth(void) { @@ -101,88 +100,6 @@ return (addr >= free_base) && (requested_end <= free_end); } -#if !LOAD_IMAGE_V2 -/****************************************************************************** - * Inside a given memory region, determine whether a sub-region of memory is - * closer from the top or the bottom of the encompassing region. Return the - * size of the smallest chunk of free memory surrounding the sub-region in - * 'small_chunk_size'. - *****************************************************************************/ -static unsigned int choose_mem_pos(uintptr_t mem_start, uintptr_t mem_end, - uintptr_t submem_start, uintptr_t submem_end, - size_t *small_chunk_size) -{ - size_t top_chunk_size, bottom_chunk_size; - - assert(mem_start <= submem_start); - assert(submem_start <= submem_end); - assert(submem_end <= mem_end); - assert(small_chunk_size != NULL); - - top_chunk_size = mem_end - submem_end; - bottom_chunk_size = submem_start - mem_start; - - if (top_chunk_size < bottom_chunk_size) { - *small_chunk_size = top_chunk_size; - return TOP; - } else { - *small_chunk_size = bottom_chunk_size; - return BOTTOM; - } -} - -/****************************************************************************** - * Reserve the memory region delimited by 'addr' and 'size'. The extents of free - * memory are passed in 'free_base' and 'free_size' and they will be updated to - * reflect the memory usage. - * The caller must ensure the memory to reserve is free and that the addresses - * and sizes passed in arguments are sane. - *****************************************************************************/ -void reserve_mem(uintptr_t *free_base, size_t *free_size, - uintptr_t addr, size_t size) -{ - size_t discard_size; - size_t reserved_size; - unsigned int pos; - - assert(free_base != NULL); - assert(free_size != NULL); - assert(is_mem_free(*free_base, *free_size, addr, size)); - - if (size == 0) { - WARN("Nothing to allocate, requested size is zero\n"); - return; - } - - pos = choose_mem_pos(*free_base, *free_base + (*free_size - 1), - addr, addr + (size - 1), - &discard_size); - - reserved_size = size + discard_size; - *free_size -= reserved_size; - - if (pos == BOTTOM) - *free_base = addr + size; - - VERBOSE("Reserved 0x%zx bytes (discarded 0x%zx bytes %s)\n", - reserved_size, discard_size, - pos == TOP ? "above" : "below"); -} - -static void dump_load_info(uintptr_t image_load_addr, - size_t image_size, - const meminfo_t *mem_layout) -{ - INFO("Trying to load image at address %p, size = 0x%zx\n", - (void *)image_load_addr, image_size); - INFO("Current memory layout:\n"); - INFO(" total region = [base = %p, size = 0x%zx]\n", - (void *) mem_layout->total_base, mem_layout->total_size); - INFO(" free region = [base = %p, size = 0x%zx]\n", - (void *) mem_layout->free_base, mem_layout->free_size); -} -#endif /* LOAD_IMAGE_V2 */ - /* Generic function to return the size of an image */ size_t get_image_size(unsigned int image_id) { @@ -226,8 +143,6 @@ return image_size; } -#if LOAD_IMAGE_V2 - /******************************************************************************* * Internal function to load an image at a specific address given * an image ID and extents of free memory. @@ -386,214 +301,6 @@ return err; } -#else /* LOAD_IMAGE_V2 */ - -/******************************************************************************* - * Generic function to load an image at a specific address given an image ID and - * extents of free memory. - * - * If the load is successful then the image information is updated. - * - * If the entry_point_info argument is not NULL then this function also updates: - * - the memory layout to mark the memory as reserved; - * - the entry point information. - * - * The caller might pass a NULL pointer for the entry point if they are not - * interested in this information. This is typically the case for non-executable - * images (e.g. certificates) and executable images that won't ever be executed - * on the application processor (e.g. additional microcontroller firmware). - * - * Returns 0 on success, a negative error code otherwise. - ******************************************************************************/ -int load_image(meminfo_t *mem_layout, - unsigned int image_id, - uintptr_t image_base, - image_info_t *image_data, - entry_point_info_t *entry_point_info) -{ - uintptr_t dev_handle; - uintptr_t image_handle; - uintptr_t image_spec; - size_t image_size; - size_t bytes_read; - int io_result; - - assert(mem_layout != NULL); - assert(image_data != NULL); - assert(image_data->h.version == VERSION_1); - - /* Obtain a reference to the image by querying the platform layer */ - io_result = plat_get_image_source(image_id, &dev_handle, &image_spec); - if (io_result != 0) { - WARN("Failed to obtain reference to image id=%u (%i)\n", - image_id, io_result); - return io_result; - } - - /* Attempt to access the image */ - io_result = io_open(dev_handle, image_spec, &image_handle); - if (io_result != 0) { - WARN("Failed to access image id=%u (%i)\n", - image_id, io_result); - return io_result; - } - - INFO("Loading image id=%u at address %p\n", image_id, - (void *) image_base); - - /* Find the size of the image */ - io_result = io_size(image_handle, &image_size); - if ((io_result != 0) || (image_size == 0)) { - WARN("Failed to determine the size of the image id=%u (%i)\n", - image_id, io_result); - goto exit; - } - - /* Check that the memory where the image will be loaded is free */ - if (!is_mem_free(mem_layout->free_base, mem_layout->free_size, - image_base, image_size)) { - WARN("Failed to reserve region [base = %p, size = 0x%zx]\n", - (void *) image_base, image_size); - dump_load_info(image_base, image_size, mem_layout); - io_result = -ENOMEM; - goto exit; - } - - /* We have enough space so load the image now */ - /* TODO: Consider whether to try to recover/retry a partially successful read */ - io_result = io_read(image_handle, image_base, image_size, &bytes_read); - if ((io_result != 0) || (bytes_read < image_size)) { - WARN("Failed to load image id=%u (%i)\n", image_id, io_result); - goto exit; - } - - image_data->image_base = image_base; - image_data->image_size = image_size; - - /* - * Update the memory usage info. - * This is done after the actual loading so that it is not updated when - * the load is unsuccessful. - * If the caller does not provide an entry point, bypass the memory - * reservation. - */ - if (entry_point_info != NULL) { - reserve_mem(&mem_layout->free_base, &mem_layout->free_size, - image_base, image_size); - entry_point_info->pc = image_base; - } else { - INFO("Skip reserving region [base = %p, size = 0x%zx]\n", - (void *) image_base, image_size); - } - -#if !TRUSTED_BOARD_BOOT - /* - * File has been successfully loaded. - * Flush the image to main memory so that it can be executed later by - * any CPU, regardless of cache and MMU state. - * When TBB is enabled the image is flushed later, after image - * authentication. - */ - flush_dcache_range(image_base, image_size); -#endif /* TRUSTED_BOARD_BOOT */ - - INFO("Image id=%u loaded at address %p, size = 0x%zx\n", image_id, - (void *) image_base, image_size); - -exit: - io_close(image_handle); - /* Ignore improbable/unrecoverable error in 'close' */ - - /* TODO: Consider maintaining open device connection from this bootloader stage */ - io_dev_close(dev_handle); - /* Ignore improbable/unrecoverable error in 'dev_close' */ - - return io_result; -} - -static int load_auth_image_internal(meminfo_t *mem_layout, - unsigned int image_id, - uintptr_t image_base, - image_info_t *image_data, - entry_point_info_t *entry_point_info, - int is_parent_image) -{ - int rc; - -#if TRUSTED_BOARD_BOOT - unsigned int parent_id; - - /* Use recursion to authenticate parent images */ - rc = auth_mod_get_parent_id(image_id, &parent_id); - if (rc == 0) { - rc = load_auth_image_internal(mem_layout, parent_id, image_base, - image_data, NULL, 1); - if (rc != 0) { - return rc; - } - } -#endif /* TRUSTED_BOARD_BOOT */ - - /* Load the image */ - rc = load_image(mem_layout, image_id, image_base, image_data, - entry_point_info); - if (rc != 0) { - return rc; - } - -#if TRUSTED_BOARD_BOOT - /* Authenticate it */ - rc = auth_mod_verify_img(image_id, - (void *)image_data->image_base, - image_data->image_size); - if (rc != 0) { - /* Authentication error, zero memory and flush it right away. */ - zero_normalmem((void *)image_data->image_base, - image_data->image_size); - flush_dcache_range(image_data->image_base, - image_data->image_size); - return -EAUTH; - } - /* - * File has been successfully loaded and authenticated. - * Flush the image to main memory so that it can be executed later by - * any CPU, regardless of cache and MMU state. - * Do it only for child images, not for the parents (certificates). - */ - if (!is_parent_image) { - flush_dcache_range(image_data->image_base, - image_data->image_size); - } -#endif /* TRUSTED_BOARD_BOOT */ - - return 0; -} - -/******************************************************************************* - * Generic function to load and authenticate an image. The image is actually - * loaded by calling the 'load_image()' function. Therefore, it returns the - * same error codes if the loading operation failed, or -EAUTH if the - * authentication failed. In addition, this function uses recursion to - * authenticate the parent images up to the root of trust. - ******************************************************************************/ -int load_auth_image(meminfo_t *mem_layout, - unsigned int image_id, - uintptr_t image_base, - image_info_t *image_data, - entry_point_info_t *entry_point_info) -{ - int err; - - do { - err = load_auth_image_internal(mem_layout, image_id, image_base, - image_data, entry_point_info, 0); - } while (err != 0 && plat_try_next_boot_source()); - - return err; -} - -#endif /* LOAD_IMAGE_V2 */ - /******************************************************************************* * Print the content of an entry_point_info_t structure. ******************************************************************************/ diff --git a/docs/firmware-design.rst b/docs/firmware-design.rst index 8aa7622..9ad8f11 100644 --- a/docs/firmware-design.rst +++ b/docs/firmware-design.rst @@ -394,13 +394,9 @@ Image loading in BL2 ^^^^^^^^^^^^^^^^^^^^ -Image loading scheme in BL2 depends on ``LOAD_IMAGE_V2`` build option. If the -flag is disabled, the BLxx images are loaded, by calling the respective -load\_blxx() function from BL2 generic code. If the flag is enabled, the BL2 -generic code loads the images based on the list of loadable images provided -by the platform. BL2 passes the list of executable images provided by the -platform to the next handover BL image. By default, this flag is disabled for -AArch64 and the AArch32 build is supported only if this flag is enabled. +BL2 generic code loads the images based on the list of loadable images +provided by the platform. BL2 passes the list of executable images +provided by the platform to the next handover BL image. The list of loadable images provided by the platform may also contain dynamic configuration files. The files are loaded and can be parsed as @@ -425,10 +421,7 @@ BL2 loads the EL3 Runtime Software image from platform storage into a platform- specific address in trusted SRAM. If there is not enough memory to load the -image or image is missing it leads to an assertion failure. If ``LOAD_IMAGE_V2`` -is disabled and if image loads successfully, BL2 updates the amount of trusted -SRAM used and available for use by EL3 Runtime Software. This information is -populated at a platform-specific memory address. +image or image is missing it leads to an assertion failure. AArch64 BL32 (Secure-EL1 Payload) image load ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ diff --git a/docs/user-guide.rst b/docs/user-guide.rst index 39f6449..e6f0eae 100644 --- a/docs/user-guide.rst +++ b/docs/user-guide.rst @@ -334,8 +334,8 @@ - ``DYN_DISABLE_AUTH``: Provides the capability to dynamically disable Trusted Board Boot authentication at runtime. This option is meant to be enabled only - for development platforms. Both TRUSTED_BOARD_BOOT and LOAD_IMAGE_V2 flags - must be set if this flag has to be enabled. 0 is the default. + for development platforms. ``TRUSTED_BOARD_BOOT`` flag must be set if this + flag has to be enabled. 0 is the default. - ``EL3_PAYLOAD_BASE``: This option enables booting an EL3 payload instead of the normal boot flow. It must specify the entry point address of the EL3 @@ -514,12 +514,6 @@ - ``LDFLAGS``: Extra user options appended to the linkers' command line in addition to the one set by the build system. -- ``LOAD_IMAGE_V2``: Boolean option to enable support for new version (v2) of - image loading, which provides more flexibility and scalability around what - images are loaded and executed during boot. Default is 0. - - Note: this flag must be enabled for AArch32 builds. - - ``LOG_LEVEL``: Chooses the log level, which controls the amount of console log output compiled into the build. This should be one of the following: diff --git a/include/common/bl_common.h b/include/common/bl_common.h index 6478f12..bfe1d8c 100644 --- a/include/common/bl_common.h +++ b/include/common/bl_common.h @@ -107,10 +107,6 @@ typedef struct meminfo { uintptr_t total_base; size_t total_size; -#if !LOAD_IMAGE_V2 - uintptr_t free_base; - size_t free_size; -#endif } meminfo_t; /***************************************************************************** @@ -124,9 +120,7 @@ param_header_t h; uintptr_t image_base; /* physical address of base of image */ uint32_t image_size; /* bytes read from image file */ -#if LOAD_IMAGE_V2 uint32_t image_max_size; -#endif } image_info_t; /***************************************************************************** @@ -145,7 +139,6 @@ entry_point_info_t ep_info; } image_desc_t; -#if LOAD_IMAGE_V2 /* BL image node in the BL image loading sequence */ typedef struct bl_load_info_node { unsigned int image_id; @@ -176,33 +169,6 @@ bl_params_node_t *head; } bl_params_t; -#else /* LOAD_IMAGE_V2 */ - -/******************************************************************************* - * This structure represents the superset of information that can be passed to - * BL31 e.g. while passing control to it from BL2. The BL32 parameters will be - * populated only if BL2 detects its presence. A pointer to a structure of this - * type should be passed in X0 to BL31's cold boot entrypoint. - * - * Use of this structure and the X0 parameter is not mandatory: the BL31 - * platform code can use other mechanisms to provide the necessary information - * about BL32 and BL33 to the common and SPD code. - * - * BL31 image information is mandatory if this structure is used. If either of - * the optional BL32 and BL33 image information is not provided, this is - * indicated by the respective image_info pointers being zero. - ******************************************************************************/ -typedef struct bl31_params { - param_header_t h; - image_info_t *bl31_image_info; - entry_point_info_t *bl32_ep_info; - image_info_t *bl32_image_info; - entry_point_info_t *bl33_ep_info; - image_info_t *bl33_image_info; -} bl31_params_t; - -#endif /* LOAD_IMAGE_V2 */ - /******************************************************************************* * Function & variable prototypes ******************************************************************************/ @@ -211,27 +177,8 @@ int is_mem_free(uintptr_t free_base, size_t free_size, uintptr_t addr, size_t size); -#if LOAD_IMAGE_V2 - int load_auth_image(unsigned int image_id, image_info_t *image_data); -#else - -int load_image(meminfo_t *mem_layout, - unsigned int image_id, - uintptr_t image_base, - image_info_t *image_data, - entry_point_info_t *entry_point_info); -int load_auth_image(meminfo_t *mem_layout, - unsigned int image_id, - uintptr_t image_base, - image_info_t *image_data, - entry_point_info_t *entry_point_info); -void reserve_mem(uintptr_t *free_base, size_t *free_size, - uintptr_t addr, size_t size); - -#endif /* LOAD_IMAGE_V2 */ - #if TRUSTED_BOARD_BOOT && defined(DYN_DISABLE_AUTH) /* * API to dynamically disable authentication. Only meant for development diff --git a/include/common/desc_image_load.h b/include/common/desc_image_load.h index 73aa27c..1ed2b15 100644 --- a/include/common/desc_image_load.h +++ b/include/common/desc_image_load.h @@ -8,7 +8,6 @@ #include -#if LOAD_IMAGE_V2 /* Following structure is used to store BL ep/image info. */ typedef struct bl_mem_params_node { unsigned int image_id; @@ -38,5 +37,4 @@ bl_params_t *get_next_bl_params_from_mem_params_desc(void); void populate_next_bl_params_config(bl_params_t *bl2_to_next_bl_params); -#endif /* LOAD_IMAGE_V2 */ #endif /* __DESC_IMAGE_LOAD_H__ */ diff --git a/include/plat/common/common_def.h b/include/plat/common/common_def.h index e66af78..64807fd 100644 --- a/include/plat/common/common_def.h +++ b/include/plat/common/common_def.h @@ -31,7 +31,6 @@ */ #define FIRMWARE_WELCOME_STR "Booting Trusted Firmware\n" -#if LOAD_IMAGE_V2 #define BL2_IMAGE_DESC { \ .image_id = BL2_IMAGE_ID, \ SET_STATIC_PARAM_HEAD(image_info, PARAM_EP, \ @@ -42,17 +41,6 @@ VERSION_2, entry_point_info_t, SECURE | EXECUTABLE),\ .ep_info.pc = BL2_BASE, \ } -#else /* LOAD_IMAGE_V2 */ -#define BL2_IMAGE_DESC { \ - .image_id = BL2_IMAGE_ID, \ - SET_STATIC_PARAM_HEAD(image_info, PARAM_EP, \ - VERSION_1, image_info_t, 0), \ - .image_info.image_base = BL2_BASE, \ - SET_STATIC_PARAM_HEAD(ep_info, PARAM_EP, \ - VERSION_1, entry_point_info_t, SECURE | EXECUTABLE),\ - .ep_info.pc = BL2_BASE, \ -} -#endif /* LOAD_IMAGE_V2 */ /* * The following constants identify the extents of the code & read-only data diff --git a/include/plat/common/platform.h b/include/plat/common/platform.h index c0f1b18..7fd6b71 100644 --- a/include/plat/common/platform.h +++ b/include/plat/common/platform.h @@ -17,7 +17,6 @@ struct meminfo; struct image_info; struct entry_point_info; -struct bl31_params; struct image_desc; struct bl_load_info; struct bl_params; @@ -176,7 +175,6 @@ void bl2_platform_setup(void); struct meminfo *bl2_plat_sec_mem_layout(void); -#if LOAD_IMAGE_V2 /* * This function can be used by the platforms to update/use image * information for given `image_id`. @@ -184,65 +182,6 @@ int bl2_plat_handle_pre_image_load(unsigned int image_id); int bl2_plat_handle_post_image_load(unsigned int image_id); -#else /* LOAD_IMAGE_V2 */ - -/* - * This function returns a pointer to the shared memory that the platform has - * kept aside to pass trusted firmware related information that BL31 - * could need - */ -struct bl31_params *bl2_plat_get_bl31_params(void); - -/* - * This function returns a pointer to the shared memory that the platform - * has kept to point to entry point information of BL31 to BL2 - */ -struct entry_point_info *bl2_plat_get_bl31_ep_info(void); - -/* - * This function flushes to main memory all the params that are - * passed to BL31 - */ -void bl2_plat_flush_bl31_params(void); - -/* - * The next 2 functions allow the platform to change the entrypoint information - * for the mandatory 3rd level BL images, BL31 and BL33. This is done after - * BL2 has loaded those images into memory but before BL31 is executed. - */ -void bl2_plat_set_bl31_ep_info(struct image_info *image, - struct entry_point_info *ep); - -void bl2_plat_set_bl33_ep_info(struct image_info *image, - struct entry_point_info *ep); - -/* Gets the memory layout for BL33 */ -void bl2_plat_get_bl33_meminfo(struct meminfo *mem_info); - -/******************************************************************************* - * Conditionally mandatory BL2 functions: must be implemented if SCP_BL2 image - * is supported - ******************************************************************************/ -/* Gets the memory layout for SCP_BL2 */ -void bl2_plat_get_scp_bl2_meminfo(struct meminfo *mem_info); - -/* - * This function is called after loading SCP_BL2 image and it is used to perform - * any platform-specific actions required to handle the SCP firmware. - */ -int bl2_plat_handle_scp_bl2(struct image_info *scp_bl2_image_info); - -/******************************************************************************* - * Conditionally mandatory BL2 functions: must be implemented if BL32 image - * is supported - ******************************************************************************/ -void bl2_plat_set_bl32_ep_info(struct image_info *image, - struct entry_point_info *ep); - -/* Gets the memory layout for BL32 */ -void bl2_plat_get_bl32_meminfo(struct meminfo *mem_info); - -#endif /* LOAD_IMAGE_V2 */ /******************************************************************************* * Optional BL2 functions (may be overridden) @@ -284,13 +223,8 @@ * Mandatory BL31 functions ******************************************************************************/ #if !ERROR_DEPRECATED -#if LOAD_IMAGE_V2 void bl31_early_platform_setup(void *from_bl2, void *plat_params_from_bl2); -#else -void bl31_early_platform_setup(struct bl31_params *from_bl2, - void *plat_params_from_bl2); -#endif #endif /* ERROR_DEPRECATED */ void bl31_early_platform_setup2(u_register_t arg0, u_register_t arg1, u_register_t arg2, u_register_t arg3); @@ -345,7 +279,6 @@ const struct secure_partition_boot_info *plat_get_secure_partition_boot_info( void *cookie); -#if LOAD_IMAGE_V2 /******************************************************************************* * Mandatory BL image load functions(may be overridden). ******************************************************************************/ @@ -368,8 +301,6 @@ */ void plat_flush_next_bl_params(void); -#endif /* LOAD_IMAGE_V2 */ - /* * The below function enable Trusted Firmware components like SPDs which * haven't migrated to the new platform API to compile on platforms which diff --git a/make_helpers/defaults.mk b/make_helpers/defaults.mk index 908da22..31500d8 100644 --- a/make_helpers/defaults.mk +++ b/make_helpers/defaults.mk @@ -116,9 +116,6 @@ # Set the default algorithm for the generation of Trusted Board Boot keys KEY_ALG := rsa -# Flag to enable new version of image loading -LOAD_IMAGE_V2 := 0 - # Enable use of the console API allowing multiple consoles to be registered # at the same time. MULTI_CONSOLE_API := 0 diff --git a/plat/common/plat_bl1_common.c b/plat/common/plat_bl1_common.c index 6777979..7fde2e4 100644 --- a/plat/common/plat_bl1_common.c +++ b/plat/common/plat_bl1_common.c @@ -104,12 +104,7 @@ * to BL2. BL2 will read the memory layout before using its * memory for other purposes. */ -#if LOAD_IMAGE_V2 bl2_tzram_layout = (meminfo_t *) bl1_tzram_layout->total_base; -#else - bl2_tzram_layout = (meminfo_t *) round_up(bl1_tzram_layout->free_base, - sizeof(uint64_t)); -#endif /* LOAD_IMAGE_V2 */ #if !ERROR_DEPRECATED bl1_init_bl2_mem_layout(bl1_tzram_layout, bl2_tzram_layout); diff --git a/plat/common/plat_bl_common.c b/plat/common/plat_bl_common.c index 95d73e3..aa1077b 100644 --- a/plat/common/plat_bl_common.c +++ b/plat/common/plat_bl_common.c @@ -40,7 +40,6 @@ { } -#if LOAD_IMAGE_V2 int bl2_plat_handle_pre_image_load(unsigned int image_id) { return 0; @@ -50,7 +49,6 @@ { return 0; } -#endif int plat_try_next_boot_source(void) {