spd: trusty: add SET_ROT_PARAMS handling

If Trusty is not running on the device, then Verified Boot is
not supported and the NS layer will fail gracefully later during
boot. This patch just returns success for the case when Trusty is
not running on the device and the bootloader issues SET_ROT_PARAMS
call during boot, so that we can at least boot non-Android images.

Change-Id: I40fc249983df80fb8cc5be5e4ce94c99d5b5f17d
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>

diff --git a/services/spd/trusty/smcall.h b/services/spd/trusty/smcall.h
index a1d91e5af81f4d4b2f4b8e637dd5956dcf73bae1..2abcee62ffa4e77e4efc17d3ef362f5f646a21d6 100644 (file)
--- a/services/spd/trusty/smcall.h
+++ b/services/spd/trusty/smcall.h
@@ -94,5 +94,6 @@
 
 #define SMC_SC_VDEV_RESET        SMC_STDCALL_NR(SMC_ENTITY_TRUSTED_OS, 23)
 #define SMC_SC_VDEV_KICK_VQ      SMC_STDCALL_NR(SMC_ENTITY_TRUSTED_OS, 24)
+#define SMC_SC_SET_ROT_PARAMS    SMC_STDCALL_NR(SMC_ENTITY_TRUSTED_OS, 65535)
 
 #endif /* __LIB_SM_SMCALL_H */

diff --git a/services/spd/trusty/trusty.c b/services/spd/trusty/trusty.c
index 750c3b0c320e577a646f5f75a1aca06f13839a7a..976087c9e86e50d814163f316e530dfe19c1df82 100644 (file)
--- a/services/spd/trusty/trusty.c
+++ b/services/spd/trusty/trusty.c
@@ -237,6 +237,18 @@ static uint64_t trusty_smc_handler(uint32_t smc_fid,
 {
        struct args ret;
        uint32_t vmid = 0;
+       entry_point_info_t *ep_info = bl31_plat_get_next_image_ep_info(SECURE);
+
+       /*
+        * Return success for SET_ROT_PARAMS if Trusty is not present, as
+        * Verified Boot is not even supported and returning success here
+        * would not compromise the boot process.
+        */
+       if (!ep_info && (smc_fid == SMC_SC_SET_ROT_PARAMS)) {
+               SMC_RET1(handle, 0);
+       } else if (!ep_info) {
+               SMC_RET1(handle, SMC_UNK);
+       }
 
        if (is_caller_secure(flags)) {
                if (smc_fid == SMC_SC_NS_RETURN) {