ssf.c

RMI的处理器au1200系列所用的BOOTLOAD,包括SD卡启动USB启动硬盘启动网络启动,并初始化硬件的所有参数,支持内核调试.

/**
 * \file
 * Security Support Functions
 *
 * \version $Revision$ $State$
 * 
 * \date $Date$
 *
 * \author <a href="mailto:Axel.Wachtler@amd.com">Axel Wachtler</a>
 * 
 * \par Last changed by:
 * $Author$
 *
 *****************************************************************************/

/*
 * Copyright 2002 ADVANCED MICRO DEVICES, INC. All Rights Reserved.
 * 
 * This software and any related documentation (the "Materials") are the
 * confidential proprietary information of AMD. Unless otherwise provided
 * in an agreement specifically licensing the Materials, the Materials are
 * provided in confidence and may not to be used, distributed, modified, or
 * reproduced in whole or in part by any means.
 * 
 * LIMITATION OF LIABILITY: THE MATERIALS ARE PROVIDED "AS IS" WITHOUT ANY
 * EXPRESS OR IMPLIED WARRANTY OF ANY KIND, INCLUDING BUT NOT LIMITED TO
 * WARRANTIES OF MERCHANTABILITY, NONINFRINGEMENT, TITLE, FITNESS FOR ANY
 * PARTICULAR PURPOSE, OR WARRANTIES ARISING FORM CONDUCT, COURSE OF
 * DEALING, OR USAGE OF TRADE.  IN NO EVENT SHALL AMD OR ITS LICENSORS BE
 * LIABLE FOR ANY DAMAGES WHATSOEVER (INCLUDING, WITHOUT LIMITATION,
 * DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRUPTION, OR LOSS OF
 * INFORMATION) ARISING OUT OF THE USE OF OR INABILITY TO USE THE
 * MATERIALS, EVEN IF AMD HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
 * DAMAGES.  BECAUSE SOME JURISDICTIONS PROHIBIT THE EXCLUSION OR
 * LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES, THE
 * ABOVE LIMITATION MAY NOT APPLY TO YOU.
 * 
 * AMD does not assume any responsibility for any errors which may appear
 * in the Materials nor any responsibility to support or update the
 * Materials.  AMD retains the right to modify the Materials at any time,
 * without notice, and is not obligated to provide such modified Materials
 * to you.
 * 
 * NO SUPPORT OBLIGATION: AMD is not obligated to furnish, support, or make
 * any further information, software, technical information, know-how, or
 * show-how available to you.
 * 
 */

/*****************************************************************************
*  Includes
*****************************************************************************/

#include "ssf.h"

#ifdef USE_TDDFW_ENVIRONMENT
    /* used for Ki*Memory() functions */
void KiAllocMemory(size_t s, void **p);
void KiReallocMemory(size_t s, void **p);
void KiFreeMemory(void **p);

    /* faked MacEntity structure for Testing */
typedef struct MacEntityTag {
    Int8 SimulatedMacEntity[sizeof(sec_memory_pool_t)];
}
MacEntity;
static MacEntity macEntityx;



#else
/* used for Ki*Memory() macros defined here */
#endif

/*****************************************************************************
*  Data
*****************************************************************************/

/** 
 * with this value, the crypto functions can be enabled and disabled,
 * if the security pin is switched off.
 */
static SsfSecurityEnableMask_t ssfSecurityEnableMask =
    SEM_SECURITY_DISABLED;

/**
 * context data are stored here - this structure is 
 * global - because it is needed for the whole life 
 * time of the software 
 */
static SsfContext_t ssfContext;

#ifdef USE_TDDFW_ENVIRONMENT
    /* we need this helper functions, in order to have access  
     * from the TDDFW framework to the static variables
     */
void TddfwHelper_SetSecurityEnableMask(SsfSecurityEnableMask_t v)
{
    ssfSecurityEnableMask = v;
}

SsfContext_t *TddfwHelper_GetSsfContext(void)
{
    return &ssfContext;
}
#endif



/*****************************************************************************
*  Static Function Declarations
*****************************************************************************/

/** \defgroup SsfFunctions SSF Functions*/
/**\{*/

/**
 * \brief
 * Initialize the SFS context.
 *
 * The context data are hold in a global static structure.
 *
 * @param pBuffer  pointer to a piece of RAM, which is owned
 *                 from the security system for the time, that 
 *                 patch signals are processed. 
 * @param Size     size of pBuffer                   
 *
 */
SsfSuccess_t SsfInitCtx(Int8 * pBuffer, Int32 Size)
{
    SsfSuccess_t ret;

    ret = SSF_UNSUCCESSFUL;
    if (ssfContext.magic != SSF_MAGIC) {
	ssf_memset(&ssfContext, 0, sizeof(SsfContext_t));
	ssfContext.magic = SSF_MAGIC;

	/* assign memory to the three blocks SsfMalloc, Snv, Sps */
	ret = SsfUtilMemoryInit(pBuffer, Size);
    }
    return ret;
}


/** 
 * @brief return the security status estimated based on reading
 *        of the hardware pin (Open Patch Enable Pin - GPI2).
 *
 * @param none
 *
 * @return TRUE if security is disabled (Pin = 1)
 *         TRUE if security is ensabled (Pin = 0)
 */
Boolean SsfIsSecurityDisabled(void)
{
    return SechalReadSecurityPin();
}


/**
 * @brief retrun the value of the security enable mask
 *
 * @param none
 * 
 * @return value of the variable ssfSecurityEnableMask
 */
SsfSecurityEnableMask_t SsfGetSecurityEnableMask(void)
{
    SsfSecurityEnableMask_t ret;

    ret = SEM_SECURITY_ENABLED;	/* 0xFFFFFFFF */

    if (TRUE == SsfIsSecurityDisabled()) {
	ret = ssfSecurityEnableMask;	/* default  0x00000000 */
    }
    return ret;
}


void SsfFatalError(int code)
{
    DP0(("SsfFatalError %d", code));
    //FatalError(SECURITY_ERROR_CODE);
}

/**
 * @brief wrapper function for malloc, used by the RSA library
 *
 * @param size  number of requested bytes 
 *
 * @return pointer to memory block
 *
 */
void *SsfMalloc(Int32 size)
{
    void *tmp;
    tmp = NULL;
#if USE_SEC_MEMORY_MGMT == 1
    tmp = SsfUtilMemoryMalloc(size);
#else
    KiAllocMemory(size, &tmp);
#endif
    return tmp;
}


/**
 * @brief wrapper function for realloc, used by the RSA library
 *
 * @param ptr   pointer to be resized
 * @param size  new number of requested bytes 
 *
 * @return pointer to the resized memory block
 *
 */
void *SsfRealloc(void *ptr, size_t size)
{
    void *tmp;
    tmp = ptr;
#if USE_SEC_MEMORY_MGMT == 1
    tmp = SsfUtilMemoryRealloc(ptr, size);
#else
    KiReallocMemory(size, &tmp);
#endif
    return tmp;
}

/**
 * @brief wrapper function for free, used by the RSA library
 *
 * @param ptr   pointer to the memory function
 *
 * @return none
 *
 */
void SsfFree(void *ptr)
{
    void *tmp;
    if (ptr != NULL) {
	tmp = ptr;
#if USE_SEC_MEMORY_MGMT == 1
	SsfUtilMemoryFree(tmp);
#else
	KiFreeMemory(&tmp);
#endif
    }
}

#ifdef HSS_ENA_NVRAM
SsfSuccess_t SsfGetSnvBuffer(Int8 ** ppBuffer, Int32 * pSize)
{
    SsfSuccess_t ret;

    ret = SSF_UNSUCCESSFUL;

#if USE_SEC_MEMORY_MGMT == 1
    if ((ppBuffer != NULL) && (pSize != NULL)) {
	*ppBuffer = ssfContext.pSnvBuffer;
	*pSize = ssfContext.snvBufferSize;
	ret = SSF_SUCCESSFUL;
    }
#endif

    return ret;
}
#endif				/*HSS_ENA_NVRAM */

SsfSuccess_t SsfGetSpsBuffer(Int8 ** ppBuffer, Int32 * pSize)
{
    SsfSuccess_t ret;

    ret = SSF_UNSUCCESSFUL;

#if USE_SEC_MEMORY_MGMT == 1
    if ((ppBuffer != NULL) && (pSize != NULL)) {
	*ppBuffer = ssfContext.pSpsBuffer;
	*pSize = ssfContext.spsBufferSize;
	ret = SSF_SUCCESSFUL;
    }
#endif
    return ret;
}



/* ---- start internal memory managment ----- */

#if USE_SEC_MEMORY_MGMT == 1

SsfSuccess_t SsfUtilMemoryInit(Int8 * pBuffer, Int32 Size)
{
    SsfSuccess_t ret;
    Int32 UsedBufferSize, tmp;

    ret = SSF_UNSUCCESSFUL;
    do {
	UsedBufferSize = 0;

	/* align by Int32 */
	if (((Int32) pBuffer % sizeof(Int32)) != 0) {
	    tmp = sizeof(Int32) - ((Int32) pBuffer % sizeof(Int32));
	    UsedBufferSize += tmp;
	}

	if (UsedBufferSize >= Size) {
	    break;
	}
#ifdef HSS_ENA_NVRAM
	/* assign SNV buffer */
	ssfContext.pSnvBuffer = pBuffer + UsedBufferSize;
	ssfContext.snvBufferSize = 2048;	/* todo: awachtle - use roberts function */
	UsedBufferSize += ssfContext.snvBufferSize;

	if (UsedBufferSize >= Size) {
	    break;
	}
#endif				/*HSS_ENA_NVRAM */

	/* malloc pool */
	ssfContext.pMemPool =
	    (sec_memory_pool_t *) (&pBuffer[UsedBufferSize]);
	memset(ssfContext.pMemPool, 0, sizeof(sec_memory_pool_t));
	ssfContext.pMemPool->TotalUsedSize = 0;
	ssfContext.pMemPool->magic = SEC_MEM_MAGIC;

	UsedBufferSize += sizeof(sec_memory_pool_t);


	/* align by 4 byte */
	if (((Int32) (pBuffer + UsedBufferSize) % sizeof(Int32)) != 0) {
	    tmp = sizeof(Int32) - ((Int32) pBuffer % sizeof(Int32));
	    UsedBufferSize += tmp;
	}

	if (UsedBufferSize >= Size) {
	    break;
	}

	/* Assign the rest of the Buffer to SPS as patch shadow */
	ssfContext.pSpsBuffer = pBuffer + UsedBufferSize;
	ssfContext.spsBufferSize = Size - UsedBufferSize;

	ret = SSF_SUCCESSFUL;
    }
    while (0);

    return ret;

}


void SsfUtilGetMemoryStatus(SignedInt32 * pUsedSize,
			    SignedInt32 * pPoolEnd,
			    SignedInt32 * pHandleEnd)
{

    SignedInt32 i, mxhdl, mxpool;
    sec_memory_memdesc_t *pMemDesc;

    *pUsedSize = ssfContext.pMemPool->TotalUsedSize;
    mxhdl = 0;
    mxpool = 0;
    for (i = 0; i < SEC_MEM_ENTRIES; i++) {
	pMemDesc = &ssfContext.pMemPool->MemDesc[i];
	mxpool += pMemDesc->Len;
	if (pMemDesc->Len != 0) {
	    mxhdl++;
	}
    }

    *pPoolEnd = mxpool;
    *pHandleEnd = mxhdl;
}

void *SsfUtilMemoryMalloc(size_t size)
{
    void *pMem;
    sec_memory_memdesc_t *pMemDesc;

    pMem = NULL;
    if (IS_SSF_INIT() && (size > 0)) {
	/* rsa bug - return always 32 bit aligned memory */
	if ((size % 4) != 0) {
	    size += 4 - (size % 4);
	}

	pMemDesc = SsfUtilMemoryGetFreeEntry(size);
	if (pMemDesc != NULL) {
	    pMemDesc->Used = 1;
	    ssfContext.pMemPool->TotalUsedSize += size;
	    pMem = pMemDesc->pData;
	} else {
	    DP0(("Malloc ERROR, can not get memory"));
	}
    }
    return (void *) pMem;
}

void *SsfUtilMemoryRealloc(void *ptr, size_t sizenew)
{
    void *pMem;
    size_t sizeold, szmin;
    /* init parameters */
    pMem = NULL;
    sizeold = SsfUtilMemoryGetMemSize(ptr);

    /* check the new requested size */
    if (sizenew > 0) {
	pMem = SsfUtilMemoryMalloc(sizenew);
    } else if (sizenew == 0) {
	SsfUtilMemoryFree(ptr);
	ssfContext.pMemPool->TotalUsedSize += sizenew;
	ptr = NULL;
	pMem = NULL;
    }

    /* initialize the new allocated area with the 
       MIN(sizeold,sizenew) values from ptr 
     */
    szmin = (sizenew > sizeold) ? sizeold : sizenew;
    if ((szmin > 0) && (ptr != NULL) && (pMem != NULL)) {
	memcpy(pMem, ptr, szmin);
    }

    return (void *) pMem;

}

void SsfUtilMemoryFree(void *ptr)
{

    Int32 i;
    sec_memory_memdesc_t *pMemDesc;

    if (IS_SSF_INIT() && (ptr != NULL)) {
	for (i = 0; i < SEC_MEM_ENTRIES; i++) {
	    pMemDesc = &ssfContext.pMemPool->MemDesc[i];
	    if (pMemDesc->pData == ptr) {
		ssfContext.pMemPool->TotalUsedSize -= pMemDesc->Len;
		pMemDesc->Used = 0;
		/* todo AW: add a function which defragments the malloc pool */
	    }
	}
    }
    return;
}

sec_memory_memdesc_t *SsfUtilMemoryGetFreeEntry(size_t size)
{
    Int32 i, usedsz, freesize;
    sec_memory_memdesc_t *pMemDesc, *pMemRet;

    usedsz = 0;
    pMemRet = NULL;
    for (i = 0; i < SEC_MEM_ENTRIES; i++) {
	pMemDesc = &ssfContext.pMemPool->MemDesc[i];
	if (pMemDesc->pData != NULL) {
	    usedsz += pMemDesc->Len;
	    if ((pMemDesc->Used == 0) && (pMemDesc->Len >= size)) {
		pMemRet = pMemDesc;
	    }
	} else {
	    freesize = (SEC_MEM_SIZE - usedsz);
	    if (freesize >= size) {
		pMemDesc->pData = &ssfContext.pMemPool->MemData[usedsz];
		pMemDesc->Len = size;
		pMemRet = pMemDesc;
	    } else {
		DP0(("no memory avail."));
	    }
	}

	if (pMemRet != NULL) {
	    break;
	}

    }


    if ((i == SEC_MEM_ENTRIES) && (pMemRet == NULL)) {
	DP0(("no free handles"));
    }
    return pMemRet;
}

size_t SsfUtilMemoryGetMemSize(void *ptr)
{
    sec_memory_memdesc_t *pMemDesc;
    size_t s;
    Int32 i;
    s = 0;

    for (i = 0; i < SEC_MEM_ENTRIES; i++) {
	pMemDesc = &ssfContext.pMemPool->MemDesc[i];
	if (pMemDesc->pData == ptr && pMemDesc->Used != 0) {
	    s = pMemDesc->Len;
	    break;
	}
    }
    return s;
}


void SsfUtilMemoryPrintPoolInfo()
{

#ifdef HSS_ENA_NVRAM
    DP0(("   snv buffer=%p, size=%ld bytes",
	 (Int32) ssfContext.pSnvBuffer, ssfContext.snvBufferSize));
#endif				/*HSS_ENA_NVRAM */
    DP0(("   sps buffer=%p, size=%ld bytes",
	 (Int32) ssfContext.pSpsBuffer, ssfContext.spsBufferSize));
    if (ssfContext.pMemPool != NULL) {
	DP0(("   alloc used %ld of %ld bytes",
	     ssfContext.pMemPool->TotalUsedSize, SEC_MEM_SIZE));
    } else {
	DP0(("   no alloc installed (planned to have %d bytes)",
	     SEC_MEM_SIZE));
    }

}


#endif				/* USE_SEC_MEMORY_MGMT == 1 */

/**\}*/