aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAntonio de Angelis <antonio.deangelis@arm.com>2019-07-04 15:28:46 +0100
committerAntonio de Angelis <antonio.deangelis@arm.com>2019-07-23 10:38:26 +0000
commit05b24199afbbcda2bcba1580e840a1cc156b5763 (patch)
tree5cae710f2b9f734a186455ca6fb6f36b1978d450
parentd87f07b553e20a2ca3b6888950bb4d778e64eb2a (diff)
downloadtrusted-firmware-m-05b24199afbbcda2bcba1580e840a1cc156b5763.tar.gz
Interface: Refactor the NS interface
This patch refactors the NS interface source code to provide an easier paradigm for integration by marking the NS interface function as weak in order for integrators to provide their own implementation to fulfill their requirements. Change-Id: Id8231cf91773d6850149a028e1b639432540efa0 Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
-rw-r--r--app/CMakeLists.txt2
-rw-r--r--app/main_ns.c6
-rw-r--r--interface/include/tfm_ns_interface.h54
-rw-r--r--interface/include/tfm_ns_lock.h42
-rw-r--r--interface/src/tfm_audit_api.c20
-rw-r--r--interface/src/tfm_crypto_api.c14
-rw-r--r--interface/src/tfm_initial_attestation_api.c7
-rw-r--r--interface/src/tfm_ns_interface_cmsis_rtos.c (renamed from interface/src/tfm_ns_lock_cmsis_rtos.c)26
-rw-r--r--interface/src/tfm_platform_api.c6
-rw-r--r--interface/src/tfm_psa_ns_api.c17
-rw-r--r--interface/src/tfm_sst_api.c17
11 files changed, 118 insertions, 93 deletions
diff --git a/app/CMakeLists.txt b/app/CMakeLists.txt
index 4d1a0c8ade..ea5fc615e0 100644
--- a/app/CMakeLists.txt
+++ b/app/CMakeLists.txt
@@ -54,7 +54,7 @@ set(NS_APP_SRC "${CMSIS_5_DIR}/CMSIS/RTOS2/RTX/Config/RTX_Config.c"
"${INTERFACE_DIR}/src/tfm_sst_api.c"
"${INTERFACE_DIR}/src/tfm_crypto_api.c"
"${INTERFACE_DIR}/src/tfm_initial_attestation_api.c"
- "${INTERFACE_DIR}/src/tfm_ns_lock_cmsis_rtos.c"
+ "${INTERFACE_DIR}/src/tfm_ns_interface_cmsis_rtos.c"
)
if (TFM_PARTITION_AUDIT_LOG)
diff --git a/app/main_ns.c b/app/main_ns.c
index 8b4e271c3f..3fca4c9a98 100644
--- a/app/main_ns.c
+++ b/app/main_ns.c
@@ -13,7 +13,7 @@
#include "cmsis_os2.h"
#include "tfm_integ_test.h"
#include "tfm_ns_svc.h"
-#include "tfm_ns_lock.h"
+#include "tfm_ns_interface.h"
#ifdef TEST_FRAMEWORK_NS
#include "test/framework/test_framework_integ_test.h"
#endif
@@ -120,8 +120,8 @@ int main(void)
status = osKernelInitialize();
- /* Initialize the TFM NS lock */
- tfm_ns_lock_init();
+ /* Initialize the TFM NS interface */
+ tfm_ns_interface_init();
#if defined(TEST_FRAMEWORK_NS)
thread_func = test_app;
diff --git a/interface/include/tfm_ns_interface.h b/interface/include/tfm_ns_interface.h
new file mode 100644
index 0000000000..89b294715b
--- /dev/null
+++ b/interface/include/tfm_ns_interface.h
@@ -0,0 +1,54 @@
+/*
+ * Copyright (c) 2017-2019, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+#ifndef __TFM_NS_INTERFACE_H__
+#define __TFM_NS_INTERFACE_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <stdint.h>
+#include "tfm_api.h"
+
+typedef int32_t (*veneer_fn) (uint32_t arg0, uint32_t arg1,
+ uint32_t arg2, uint32_t arg3);
+
+/**
+ * \brief NS interface, veneer function dispatcher
+ *
+ * \details This function implements the dispatching mechanism for the
+ * desired veneer function, to be called with the parameters
+ * described from arg0 to arg3.
+ *
+ * \param[in] fn Function pointer to the veneer function desired
+ * \param[in] arg0 Argument 0
+ * \param[in] arg1 Argument 1
+ * \param[in] arg2 Argument 2
+ * \param[in] arg3 Argument 3
+ *
+ * \return Returns the same return value of the requested veneer function
+ */
+uint32_t tfm_ns_interface_dispatch(veneer_fn fn,
+ uint32_t arg0, uint32_t arg1,
+ uint32_t arg2, uint32_t arg3);
+
+/**
+ * \brief NS interface, Initialise the NS interface
+ *
+ * \details This function needs to be called from the NS world to
+ * properly initialise the NS interface towards TF-M. This
+ * function will initialise all the objects required for
+ * runtime dispatching of TF-M requests to services
+ *
+ * \return A value according to \ref enum tfm_status_e
+ */
+enum tfm_status_e tfm_ns_interface_init();
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __TFM_NS_INTERFACE_H__ */
diff --git a/interface/include/tfm_ns_lock.h b/interface/include/tfm_ns_lock.h
deleted file mode 100644
index ff3855666e..0000000000
--- a/interface/include/tfm_ns_lock.h
+++ /dev/null
@@ -1,42 +0,0 @@
-/*
- * Copyright (c) 2017-2019, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-#ifndef __TFM_NS_LOCK_H__
-#define __TFM_NS_LOCK_H__
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include <stdint.h>
-#include "tfm_api.h"
-
-typedef int32_t (*veneer_fn) (uint32_t arg0, uint32_t arg1,
- uint32_t arg2, uint32_t arg3);
-
-/**
- * \brief NS world, NS lock based dispatcher
- *
- * \details To be called from the wrapper API interface
- */
-
-int32_t tfm_ns_lock_dispatch(veneer_fn fn,
- uint32_t arg0, uint32_t arg1,
- uint32_t arg2, uint32_t arg3);
-
-/**
- * \brief NS world, Init NS lock
- *
- * \details Needs to be called during non-secure app init
- * to initialize the TFM NS lock object
- */
-enum tfm_status_e tfm_ns_lock_init(void);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __TFM_NS_LOCK_H__ */
diff --git a/interface/src/tfm_audit_api.c b/interface/src/tfm_audit_api.c
index fd4fc67e56..3439635020 100644
--- a/interface/src/tfm_audit_api.c
+++ b/interface/src/tfm_audit_api.c
@@ -7,23 +7,23 @@
#include "psa_audit_api.h"
#include "tfm_veneers.h"
-#include "tfm_ns_lock.h"
+#include "tfm_ns_interface.h"
#define ARRAY_SIZE(arr) (sizeof(arr)/sizeof(arr[0]))
-#define API_DISPATCH(sfn_name) \
- tfm_ns_lock_dispatch((veneer_fn)tfm_##sfn_name##_veneer, \
- (uint32_t)in_vec, (uint32_t)ARRAY_SIZE(in_vec), \
+#define API_DISPATCH(sfn_name) \
+ tfm_ns_interface_dispatch((veneer_fn)tfm_##sfn_name##_veneer, \
+ (uint32_t)in_vec, (uint32_t)ARRAY_SIZE(in_vec), \
(uint32_t)out_vec, (uint32_t)ARRAY_SIZE(out_vec))
-#define API_DISPATCH_NO_INVEC(sfn_name) \
- tfm_ns_lock_dispatch((veneer_fn)tfm_##sfn_name##_veneer, \
- (uint32_t)NULL, 0, \
+#define API_DISPATCH_NO_INVEC(sfn_name) \
+ tfm_ns_interface_dispatch((veneer_fn)tfm_##sfn_name##_veneer, \
+ (uint32_t)NULL, 0, \
(uint32_t)out_vec, (uint32_t)ARRAY_SIZE(out_vec))
-#define API_DISPATCH_NO_OUTVEC(sfn_name) \
- tfm_ns_lock_dispatch((veneer_fn)tfm_##sfn_name##_veneer, \
- (uint32_t)in_vec, (uint32_t)ARRAY_SIZE(in_vec), \
+#define API_DISPATCH_NO_OUTVEC(sfn_name) \
+ tfm_ns_interface_dispatch((veneer_fn)tfm_##sfn_name##_veneer, \
+ (uint32_t)in_vec, (uint32_t)ARRAY_SIZE(in_vec), \
(uint32_t)NULL, 0)
psa_status_t psa_audit_retrieve_record(const uint32_t record_index,
diff --git a/interface/src/tfm_crypto_api.c b/interface/src/tfm_crypto_api.c
index 152d785aae..400e12381d 100644
--- a/interface/src/tfm_crypto_api.c
+++ b/interface/src/tfm_crypto_api.c
@@ -8,7 +8,7 @@
#include "tfm_veneers.h"
#include "tfm_crypto_defs.h"
#include "psa/crypto.h"
-#include "tfm_ns_lock.h"
+#include "tfm_ns_interface.h"
#ifdef TFM_PSA_API
#include "psa_manifest/sid.h"
#endif
@@ -41,14 +41,14 @@
in_vec, ARRAY_SIZE(in_vec), \
(psa_outvec *)NULL, 0)
#else
-#define API_DISPATCH(sfn_name, sfn_id) \
- tfm_ns_lock_dispatch((veneer_fn)tfm_##sfn_name##_veneer, \
- (uint32_t)in_vec, ARRAY_SIZE(in_vec), \
+#define API_DISPATCH(sfn_name, sfn_id) \
+ tfm_ns_interface_dispatch((veneer_fn)tfm_##sfn_name##_veneer,\
+ (uint32_t)in_vec, ARRAY_SIZE(in_vec), \
(uint32_t)out_vec, ARRAY_SIZE(out_vec))
-#define API_DISPATCH_NO_OUTVEC(sfn_name, sfn_id) \
- tfm_ns_lock_dispatch((veneer_fn)tfm_##sfn_name##_veneer, \
- (uint32_t)in_vec, ARRAY_SIZE(in_vec), \
+#define API_DISPATCH_NO_OUTVEC(sfn_name, sfn_id) \
+ tfm_ns_interface_dispatch((veneer_fn)tfm_##sfn_name##_veneer,\
+ (uint32_t)in_vec, ARRAY_SIZE(in_vec), \
(uint32_t)NULL, 0)
#endif
diff --git a/interface/src/tfm_initial_attestation_api.c b/interface/src/tfm_initial_attestation_api.c
index 7324b1f6c6..0f6377e565 100644
--- a/interface/src/tfm_initial_attestation_api.c
+++ b/interface/src/tfm_initial_attestation_api.c
@@ -7,7 +7,7 @@
#include "psa/initial_attestation.h"
#include "tfm_veneers.h"
-#include "tfm_ns_lock.h"
+#include "tfm_ns_interface.h"
#include "psa/client.h"
#ifdef TFM_PSA_API
#include "psa_manifest/sid.h"
@@ -56,7 +56,8 @@ psa_initial_attest_get_token(const uint8_t *challenge_obj,
return (enum psa_attest_err_t)status;
#else
- res = tfm_ns_lock_dispatch((veneer_fn)tfm_initial_attest_get_token_veneer,
+ res = tfm_ns_interface_dispatch(
+ (veneer_fn)tfm_initial_attest_get_token_veneer,
(uint32_t)in_vec, IOVEC_LEN(in_vec),
(uint32_t)out_vec, IOVEC_LEN(out_vec));
@@ -101,7 +102,7 @@ psa_initial_attest_get_token_size(uint32_t challenge_size,
return (enum psa_attest_err_t)status;
#else
- return (enum psa_attest_err_t)tfm_ns_lock_dispatch(
+ return (enum psa_attest_err_t)tfm_ns_interface_dispatch(
(veneer_fn)tfm_initial_attest_get_token_size_veneer,
(uint32_t)in_vec, IOVEC_LEN(in_vec),
(uint32_t)out_vec, IOVEC_LEN(out_vec));
diff --git a/interface/src/tfm_ns_lock_cmsis_rtos.c b/interface/src/tfm_ns_interface_cmsis_rtos.c
index 374731910c..7f4c685c53 100644
--- a/interface/src/tfm_ns_lock_cmsis_rtos.c
+++ b/interface/src/tfm_ns_interface_cmsis_rtos.c
@@ -10,7 +10,13 @@
#include "cmsis_os2.h"
#include "tfm_api.h"
-#include "tfm_ns_lock.h"
+#include "tfm_ns_interface.h"
+
+/**
+ * This file contains an example implementation of the NS interface APIs
+ * described in tfm_ns_interface.h
+ *
+ */
/**
* \brief struct ns_lock_state type
@@ -23,7 +29,7 @@ struct ns_lock_state {
/**
* \brief ns_lock status
*/
-static struct ns_lock_state ns_lock = {.init = false, .id = NULL};
+static struct ns_lock_state ns_lock = {.init=false, .id=NULL};
/**
* \brief Mutex properties, NS lock
@@ -35,12 +41,10 @@ static const osMutexAttr_t ns_lock_attrib = {
.cb_size = 0U
};
-/**
- * \brief NS world, NS lock based dispatcher
- */
-int32_t tfm_ns_lock_dispatch(veneer_fn fn,
- uint32_t arg0, uint32_t arg1,
- uint32_t arg2, uint32_t arg3)
+__attribute__((weak))
+uint32_t tfm_ns_interface_dispatch(veneer_fn fn,
+ uint32_t arg0, uint32_t arg1,
+ uint32_t arg2, uint32_t arg3)
{
int32_t result;
@@ -63,10 +67,8 @@ int32_t tfm_ns_lock_dispatch(veneer_fn fn,
return result;
}
-/**
- * \brief NS world, Init NS lock
- */
-enum tfm_status_e tfm_ns_lock_init(void)
+__attribute__((weak))
+enum tfm_status_e tfm_ns_interface_init()
{
if (ns_lock.init == false) {
ns_lock.id = osMutexNew(&ns_lock_attrib);
diff --git a/interface/src/tfm_platform_api.c b/interface/src/tfm_platform_api.c
index b3daa0714e..3ef0c86c8d 100644
--- a/interface/src/tfm_platform_api.c
+++ b/interface/src/tfm_platform_api.c
@@ -7,12 +7,12 @@
#include <stdbool.h>
#include "tfm_platform_api.h"
-#include "tfm_ns_lock.h"
+#include "tfm_ns_interface.h"
#include "tfm_veneers.h"
enum tfm_platform_err_t tfm_platform_system_reset(void)
{
- return (enum tfm_platform_err_t) tfm_ns_lock_dispatch(
+ return (enum tfm_platform_err_t) tfm_ns_interface_dispatch(
(veneer_fn)tfm_platform_sp_system_reset_veneer,
0,
0,
@@ -44,7 +44,7 @@ tfm_platform_ioctl(tfm_platform_ioctl_req_t request,
outlen = 0;
}
- return (enum tfm_platform_err_t) tfm_ns_lock_dispatch(
+ return (enum tfm_platform_err_t) tfm_ns_interface_dispatch(
(veneer_fn)tfm_platform_sp_ioctl_veneer,
(uint32_t)in_vec, (uint32_t)inlen,
(uint32_t)output, (uint32_t)outlen);
diff --git a/interface/src/tfm_psa_ns_api.c b/interface/src/tfm_psa_ns_api.c
index 838e7b027d..1c8308465f 100644
--- a/interface/src/tfm_psa_ns_api.c
+++ b/interface/src/tfm_psa_ns_api.c
@@ -6,14 +6,15 @@
*/
#include "psa/client.h"
-#include "tfm_ns_lock.h"
+#include "tfm_ns_interface.h"
#include "tfm_api.h"
/**** API functions ****/
uint32_t psa_framework_version(void)
{
- return tfm_ns_lock_dispatch((veneer_fn)tfm_psa_framework_version_veneer,
+ return tfm_ns_interface_dispatch(
+ (veneer_fn)tfm_psa_framework_version_veneer,
0,
0,
0,
@@ -22,7 +23,8 @@ uint32_t psa_framework_version(void)
uint32_t psa_version(uint32_t sid)
{
- return tfm_ns_lock_dispatch((veneer_fn)tfm_psa_version_veneer,
+ return tfm_ns_interface_dispatch(
+ (veneer_fn)tfm_psa_version_veneer,
sid,
0,
0,
@@ -31,7 +33,8 @@ uint32_t psa_version(uint32_t sid)
psa_handle_t psa_connect(uint32_t sid, uint32_t minor_version)
{
- return tfm_ns_lock_dispatch((veneer_fn)tfm_psa_connect_veneer,
+ return tfm_ns_interface_dispatch(
+ (veneer_fn)tfm_psa_connect_veneer,
sid,
minor_version,
0,
@@ -57,7 +60,8 @@ psa_status_t psa_call(psa_handle_t handle,
in_vecs.len = in_len;
out_vecs.base = out_vec;
out_vecs.len = out_len;
- return tfm_ns_lock_dispatch((veneer_fn)tfm_psa_call_veneer,
+ return tfm_ns_interface_dispatch(
+ (veneer_fn)tfm_psa_call_veneer,
(uint32_t)handle,
(uint32_t)&in_vecs,
(uint32_t)&out_vecs,
@@ -66,7 +70,8 @@ psa_status_t psa_call(psa_handle_t handle,
void psa_close(psa_handle_t handle)
{
- tfm_ns_lock_dispatch((veneer_fn)tfm_psa_close_veneer,
+ (void)tfm_ns_interface_dispatch(
+ (veneer_fn)tfm_psa_close_veneer,
(uint32_t)handle,
0,
0,
diff --git a/interface/src/tfm_sst_api.c b/interface/src/tfm_sst_api.c
index af06424e38..2722c673b2 100644
--- a/interface/src/tfm_sst_api.c
+++ b/interface/src/tfm_sst_api.c
@@ -7,7 +7,7 @@
#include "psa/protected_storage.h"
-#include "tfm_ns_lock.h"
+#include "tfm_ns_interface.h"
#include "tfm_veneers.h"
#ifdef TFM_PSA_API
#include "psa_manifest/sid.h"
@@ -53,7 +53,8 @@ psa_ps_status_t psa_ps_set(psa_ps_uid_t uid,
return PSA_PS_ERROR_OPERATION_FAILED;
}
#else
- status = tfm_ns_lock_dispatch((veneer_fn)tfm_tfm_sst_set_req_veneer,
+ status = tfm_ns_interface_dispatch(
+ (veneer_fn)tfm_tfm_sst_set_req_veneer,
(uint32_t)in_vec, IOVEC_LEN(in_vec),
(uint32_t)out_vec, IOVEC_LEN(out_vec));
if (status != PSA_SUCCESS) {
@@ -100,7 +101,8 @@ psa_ps_status_t psa_ps_get(psa_ps_uid_t uid,
return PSA_PS_ERROR_OPERATION_FAILED;
}
#else
- status = tfm_ns_lock_dispatch((veneer_fn)tfm_tfm_sst_get_req_veneer,
+ status = tfm_ns_interface_dispatch(
+ (veneer_fn)tfm_tfm_sst_get_req_veneer,
(uint32_t)in_vec, IOVEC_LEN(in_vec),
(uint32_t)out_vec, IOVEC_LEN(out_vec));
@@ -144,7 +146,8 @@ psa_ps_status_t psa_ps_get_info(psa_ps_uid_t uid, struct psa_ps_info_t *p_info)
return PSA_PS_ERROR_OPERATION_FAILED;
}
#else
- status = tfm_ns_lock_dispatch((veneer_fn)tfm_tfm_sst_get_info_req_veneer,
+ status = tfm_ns_interface_dispatch(
+ (veneer_fn)tfm_tfm_sst_get_info_req_veneer,
(uint32_t)in_vec, IOVEC_LEN(in_vec),
(uint32_t)out_vec, IOVEC_LEN(out_vec));
@@ -187,7 +190,8 @@ psa_ps_status_t psa_ps_remove(psa_ps_uid_t uid)
return PSA_PS_ERROR_OPERATION_FAILED;
}
#else
- status = tfm_ns_lock_dispatch((veneer_fn)tfm_tfm_sst_remove_req_veneer,
+ status = tfm_ns_interface_dispatch(
+ (veneer_fn)tfm_tfm_sst_remove_req_veneer,
(uint32_t)in_vec, IOVEC_LEN(in_vec),
(uint32_t)out_vec, IOVEC_LEN(out_vec));
@@ -247,7 +251,8 @@ uint32_t psa_ps_get_support(void)
psa_close(handle);
#else
- (void)tfm_ns_lock_dispatch((veneer_fn)tfm_tfm_sst_get_support_req_veneer,
+ (void)tfm_ns_interface_dispatch(
+ (veneer_fn)tfm_tfm_sst_get_support_req_veneer,
(uint32_t)NULL, 0,
(uint32_t)out_vec, IOVEC_LEN(out_vec));
#endif