tlkd: execute standard SMC calls on the boot CPU

This patch checks if standard SMC calls, meant for TLK, are issued
only on the boot CPU. TLK is UP Trusted OS stack and so we need this
check to avoid the NS world calling into TLK from any other CPU.

The previous check tied TLK to CPU0, but the boot CPU can be other
than CPU0 in some scenarios.

Change-Id: I75eaafa32471ce19e9920433c2f97b6b5fc02d86
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>

diff --git a/services/spd/tlkd/tlkd_main.c b/services/spd/tlkd/tlkd_main.c
index 0fddcb27d6240e6973899b02d264abd70636eb1a..5ebe4fdd1fee72381b586a7fc60e0a4167dbc7e2 100644 (file)
--- a/services/spd/tlkd/tlkd_main.c
+++ b/services/spd/tlkd/tlkd_main.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2016, ARM Limited and Contributors. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are met:
@@ -58,6 +58,11 @@ extern const spd_pm_ops_t tlkd_pm_ops;
  ******************************************************************************/
 tlk_context_t tlk_ctx;
 
+/*******************************************************************************
+ * CPU number on which TLK booted up
+ ******************************************************************************/
+static int boot_cpu;
+
 /* TLK UID: RFC-4122 compliant UUID (version-5, sha-1) */
 DEFINE_SVC_UUID(tlk_uuid,
                0xbd11e9c9, 0x2bba, 0x52ee, 0xb1, 0x72,
@@ -132,6 +137,12 @@ int32_t tlkd_init(void)
 
        cm_init_my_context(tlk_entry_point);
 
+       /*
+        * TLK runs only on a single CPU. Store the value of the boot
+        * CPU for sanity checking later.
+        */
+       boot_cpu = plat_my_core_pos();
+
        /*
         * Arrange for an entry into the test secure payload.
         */
@@ -163,8 +174,8 @@ uint64_t tlkd_smc_handler(uint32_t smc_fid,
        /* Passing a NULL context is a critical programming error */
        assert(handle);
 
-       /* These SMCs are only supported by CPU0 */
-       if ((read_mpidr() & MPIDR_CPU_MASK) != 0)
+       /* These SMCs are only supported by a single CPU */
+       if (boot_cpu != plat_my_core_pos())
                SMC_RET1(handle, SMC_UNK);
 
        /* Determine which security state this SMC originated from */