2018-02-20 04:18:53 +00:00
|
|
|
#include <stdint.h>
|
2018-02-22 23:32:47 +00:00
|
|
|
#include <string.h>
|
2018-02-20 04:18:53 +00:00
|
|
|
|
|
|
|
#include "utils.h"
|
|
|
|
#include "userpage.h"
|
2018-02-25 09:31:45 +00:00
|
|
|
#include "memory_map.h"
|
2018-02-20 04:18:53 +00:00
|
|
|
|
|
|
|
uint64_t g_secure_page_user_address = NULL;
|
|
|
|
|
|
|
|
/* Create a user page reference for the desired address. */
|
|
|
|
/* Returns 1 on success, 0 on failure. */
|
2018-02-23 03:58:39 +00:00
|
|
|
bool upage_init(upage_ref_t *upage, void *user_address) {
|
2018-02-20 04:18:53 +00:00
|
|
|
upage->user_page = get_page_for_address(user_address);
|
|
|
|
upage->secure_page = 0ULL;
|
2018-02-23 03:58:39 +00:00
|
|
|
|
2018-02-20 04:18:53 +00:00
|
|
|
if (g_secure_page_user_address != NULL) {
|
2018-02-20 21:51:17 +00:00
|
|
|
/* Different physical address indicate SPL was rebooted, or another process got access to svcCallSecureMonitor. Panic. */
|
2018-02-20 04:18:53 +00:00
|
|
|
if (g_secure_page_user_address != upage->user_page) {
|
2018-02-24 14:20:45 +00:00
|
|
|
generic_panic();
|
2018-02-20 04:18:53 +00:00
|
|
|
}
|
|
|
|
upage->secure_page = SECURE_USER_PAGE_ADDR;
|
|
|
|
} else {
|
2018-02-20 21:51:17 +00:00
|
|
|
/* Weakly validate SPL's physically random address is in DRAM. */
|
2018-02-20 04:18:53 +00:00
|
|
|
if (upage->user_page >> 31) {
|
|
|
|
g_secure_page_user_address = upage->user_page;
|
2018-02-25 09:31:45 +00:00
|
|
|
mmu_map_page_range(mmu_l3_tbl, tzram_get_segment_address(TZRAM_SEGMENT_ID_USERPAGE), upage->user_page, 0x1000, MMU_PTE_BLOCK_XN | MMU_PTE_BLOCK_INNER_SHAREBLE | ATTRIB_MEMTYPE_NORMAL);
|
|
|
|
/* TODO: Invalidate the TLB to make this page readable. */
|
2018-02-20 04:18:53 +00:00
|
|
|
upage->secure_page = SECURE_USER_PAGE_ADDR;
|
|
|
|
}
|
|
|
|
}
|
2018-02-23 03:58:39 +00:00
|
|
|
|
2018-02-20 04:18:53 +00:00
|
|
|
return upage->secure_page != 0ULL;
|
|
|
|
}
|
|
|
|
|
2018-02-23 03:58:39 +00:00
|
|
|
bool user_copy_to_secure(upage_ref_t *upage, void *secure_dst, void *user_src, size_t size) {
|
2018-02-20 04:18:53 +00:00
|
|
|
/* Fail if the page doesn't match. */
|
|
|
|
if (get_page_for_address(user_src) != upage->user_page) {
|
2018-02-23 03:58:39 +00:00
|
|
|
return false;
|
2018-02-20 04:18:53 +00:00
|
|
|
}
|
2018-02-23 03:58:39 +00:00
|
|
|
|
2018-02-20 04:18:53 +00:00
|
|
|
/* Fail if we go past the page boundary. */
|
|
|
|
if (size != 0 && get_page_for_address(user_src + size - 1) != upage->user_page) {
|
2018-02-23 03:58:39 +00:00
|
|
|
return false;
|
2018-02-20 04:18:53 +00:00
|
|
|
}
|
2018-02-23 03:58:39 +00:00
|
|
|
|
2018-02-20 04:18:53 +00:00
|
|
|
void *secure_src = (void *)(upage->secure_page + ((uint64_t)user_src - upage->user_page));
|
|
|
|
memcpy(secure_dst, secure_src, size);
|
2018-02-23 03:58:39 +00:00
|
|
|
return true;
|
2018-02-20 04:18:53 +00:00
|
|
|
}
|
|
|
|
|
2018-02-23 03:58:39 +00:00
|
|
|
bool secure_copy_to_user(upage_ref_t *upage, void *user_dst, void *secure_src, size_t size) {
|
2018-02-20 04:18:53 +00:00
|
|
|
/* Fail if the page doesn't match. */
|
|
|
|
if (get_page_for_address(user_dst) != upage->user_page) {
|
2018-02-23 03:58:39 +00:00
|
|
|
return false;
|
2018-02-20 04:18:53 +00:00
|
|
|
}
|
2018-02-23 03:58:39 +00:00
|
|
|
|
2018-02-20 04:18:53 +00:00
|
|
|
/* Fail if we go past the page boundary. */
|
|
|
|
if (size != 0 && get_page_for_address(user_dst + size - 1) != upage->user_page) {
|
2018-02-23 03:58:39 +00:00
|
|
|
return false;
|
2018-02-20 04:18:53 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
void *secure_dst = (void *)(upage->secure_page + ((uint64_t)user_dst - upage->user_page));
|
|
|
|
memcpy(secure_dst, secure_src, size);
|
2018-02-23 03:58:39 +00:00
|
|
|
return true;
|
2018-02-20 04:18:53 +00:00
|
|
|
}
|