diff --git a/hypervisor/arch/x86/trusty.c b/hypervisor/arch/x86/trusty.c index e017952e6..2178954ed 100644 --- a/hypervisor/arch/x86/trusty.c +++ b/hypervisor/arch/x86/trusty.c @@ -7,7 +7,8 @@ #include #include -#define TRUSTY_VERSION 1 +#define TRUSTY_VERSION 1U +#define TRUSTY_VERSION_2 2U struct trusty_mem { /* The first page of trusty memory is reserved for key_info and @@ -425,14 +426,20 @@ bool initialize_trusty(struct vcpu *vcpu, uint64_t param) return false; } + /* FIXME: Temporarily comments out the size check since need to extend + * the interface, need to add back after the integration done. + */ + /* if (sizeof(struct trusty_boot_param) != boot_param.size_of_this_struct) { pr_err("%s: sizeof(struct trusty_boot_param) mismatch!\n", __func__); return false; } + */ - if (boot_param.version != TRUSTY_VERSION) { + if ((boot_param.version != TRUSTY_VERSION) && + (boot_param.version != TRUSTY_VERSION_2)) { pr_err("%s: version of(trusty_boot_param) mismatch!\n", __func__); return false; @@ -461,6 +468,14 @@ bool initialize_trusty(struct vcpu *vcpu, uint64_t param) /* save Normal World context */ save_world_ctx(&vcpu->arch_vcpu.contexts[NORMAL_WORLD]); + if (boot_param.version == TRUSTY_VERSION_2) { + /* copy rpmb_key from OSloader */ + memcpy_s(&g_key_info.rpmb_key[0][0], 64U, + &boot_param.rpmb_key[0], 64U); + memset(&boot_param.rpmb_key[0], 0U, 64U); + /* OSloader must clear the rpmb_key after switched back */ + } + /* init secure world environment */ if (init_secure_world_env(vcpu, trusty_entry_gpa - trusty_base_gpa + TRUSTY_EPT_REBASE_GPA, diff --git a/hypervisor/include/public/acrn_hv_defs.h b/hypervisor/include/public/acrn_hv_defs.h index ce2dd987b..85983c9f9 100644 --- a/hypervisor/include/public/acrn_hv_defs.h +++ b/hypervisor/include/public/acrn_hv_defs.h @@ -256,6 +256,12 @@ struct trusty_boot_param { /** trusty runtime memory size */ uint32_t mem_size; + + /** padding */ + uint32_t padding; + + /** rpmb key */ + uint8_t rpmb_key[64]; } __aligned(8); /**