aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorShawn Shan <shawn.shan@arm.com>2019-11-29 17:56:29 +0800
committerShawn Shan <shawn.shan@arm.com>2020-02-25 17:11:27 +0800
commit6e7be077eabef00b4825e245604148d82b11f832 (patch)
tree878537ee5cc5d3e14973ea5b928572a03c592995
parent993eb04b734ae6e21b6bca1da85eace2c543c6ba (diff)
downloadtrusted-firmware-m-6e7be077eabef00b4825e245604148d82b11f832.tar.gz
Core: Add lifecycle API
Add the lifecycle related macros and APIs and only return PSA_LIFECYCLE_UNKNOWN to the caller. It will be implemented in the future. Change-Id: Ia3e327f88c559ac6611ddabf2fb9e8c5150619eb Signed-off-by: Shawn Shan <shawn.shan@arm.com>
-rw-r--r--interface/include/psa/lifecycle.h40
-rw-r--r--interface/src/psa/psa_lifecycle.c17
-rw-r--r--secure_fw/core/ipc/include/tfm_svcalls.h10
-rw-r--r--secure_fw/core/ipc/tfm_svcalls.c7
-rw-r--r--secure_fw/include/core/tfm_core_svc.h1
-rw-r--r--secure_fw/lib/sprt/CMakeLists.inc3
-rw-r--r--secure_fw/spm/spm_api.c10
-rw-r--r--secure_fw/spm/spm_api.h12
8 files changed, 98 insertions, 2 deletions
diff --git a/interface/include/psa/lifecycle.h b/interface/include/psa/lifecycle.h
new file mode 100644
index 0000000000..a892c4921d
--- /dev/null
+++ b/interface/include/psa/lifecycle.h
@@ -0,0 +1,40 @@
+/*
+ * Copyright (c) 2020, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef __PSA_LIFECYCLE_H__
+#define __PSA_LIFECYCLE_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define PSA_LIFECYCLE_PSA_STATE_MASK (0xff00u)
+#define PSA_LIFECYCLE_IMP_STATE_MASK (0x00ffu)
+#define PSA_LIFECYCLE_UNKNOWN (0x0000u)
+#define PSA_LIFECYCLE_ASSEMBLY_AND_TEST (0x1000u)
+#define PSA_LIFECYCLE_PSA_ROT_PROVISIONING (0x2000u)
+#define PSA_LIFECYCLE_SECURED (0x3000u)
+#define PSA_LIFECYCLE_NON_PSA_ROT_DEBUG (0x4000u)
+#define PSA_LIFECYCLE_RECOVERABLE_PSA_ROT_DEBUG (0x5000u)
+#define PSA_LIFECYCLE_DECOMMISSIONED (0x6000u)
+
+/*
+ * \brief This function retrieves the current PSA RoT lifecycle state.
+ *
+ * \return state The current security lifecycle state of the PSA
+ * RoT. The PSA state and implementation state are
+ * encoded as follows:
+ * \arg state[15:8] – PSA lifecycle state
+ * \arg state[7:0] – IMPLEMENTATION DEFINED state
+ */
+uint32_t psa_rot_lifecycle_state(void);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __PSA_LIFECYCLE_H__ */
diff --git a/interface/src/psa/psa_lifecycle.c b/interface/src/psa/psa_lifecycle.c
new file mode 100644
index 0000000000..928a000f53
--- /dev/null
+++ b/interface/src/psa/psa_lifecycle.c
@@ -0,0 +1,17 @@
+/*
+ * Copyright (c) 2020, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+#include <inttypes.h>
+#include "psa/lifecycle.h"
+#include "core/tfm_core_svc.h"
+
+__attribute__((naked))
+uint32_t psa_rot_lifecycle_state(void)
+{
+ __ASM volatile("SVC %0 \n"
+ "BX LR \n"
+ : : "I" (TFM_SVC_PSA_LIFECYCLE));
+}
diff --git a/secure_fw/core/ipc/include/tfm_svcalls.h b/secure_fw/core/ipc/include/tfm_svcalls.h
index 5fd9628039..35322961cc 100644
--- a/secure_fw/core/ipc/include/tfm_svcalls.h
+++ b/secure_fw/core/ipc/include/tfm_svcalls.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -91,6 +91,14 @@ psa_status_t tfm_svcall_psa_call(uint32_t *args, bool ns_caller, uint32_t lr);
void tfm_svcall_psa_close(uint32_t *args, bool ns_caller);
/**
+ * \brief SVC handler for \ref psa_rot_lifecycle_state.
+ *
+ * \return state The current security lifecycle state of the PSA
+ * RoT.
+ */
+uint32_t tfm_svcall_get_lifecycle_state(void);
+
+/**
* \brief SVC handler for IPC functions
*
* \param[in] svc_num SVC number.
diff --git a/secure_fw/core/ipc/tfm_svcalls.c b/secure_fw/core/ipc/tfm_svcalls.c
index adb57199df..397261c6a0 100644
--- a/secure_fw/core/ipc/tfm_svcalls.c
+++ b/secure_fw/core/ipc/tfm_svcalls.c
@@ -133,6 +133,11 @@ void tfm_svcall_psa_close(uint32_t *args, bool ns_caller)
return tfm_psa_close(handle, ns_caller);
}
+uint32_t tfm_svcall_get_lifecycle_state(void)
+{
+ return tfm_spm_get_lifecycle_state();
+}
+
/*********************** SVC handler for PSA Service APIs ********************/
/**
@@ -1096,6 +1101,8 @@ int32_t SVC_Handler_IPC(tfm_svc_number_t svc_num, uint32_t *ctx, uint32_t lr)
case TFM_SVC_SPM_REQUEST:
tfm_core_spm_request_handler((const struct tfm_state_context_t *)ctx);
break;
+ case TFM_SVC_PSA_LIFECYCLE:
+ return tfm_svcall_get_lifecycle_state();
default:
#ifdef PLATFORM_SVC_HANDLERS
return (platform_svc_handlers(svc_num, ctx, lr));
diff --git a/secure_fw/include/core/tfm_core_svc.h b/secure_fw/include/core/tfm_core_svc.h
index affbe31b55..f5a1c8508f 100644
--- a/secure_fw/include/core/tfm_core_svc.h
+++ b/secure_fw/include/core/tfm_core_svc.h
@@ -42,6 +42,7 @@ typedef enum {
TFM_SVC_PSA_NOTIFY,
TFM_SVC_PSA_CLEAR,
TFM_SVC_PSA_PANIC,
+ TFM_SVC_PSA_LIFECYCLE,
#endif
TFM_SVC_PLATFORM_BASE = 50 /* leave room for additional Core handlers */
} tfm_svc_number_t;
diff --git a/secure_fw/lib/sprt/CMakeLists.inc b/secure_fw/lib/sprt/CMakeLists.inc
index 55ae9205dc..23b725ab27 100644
--- a/secure_fw/lib/sprt/CMakeLists.inc
+++ b/secure_fw/lib/sprt/CMakeLists.inc
@@ -1,5 +1,5 @@
#-------------------------------------------------------------------------------
-# Copyright (c) 2019, Arm Limited. All rights reserved.
+# Copyright (c) 2019-2020, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -34,6 +34,7 @@ if (TFM_PSA_API)
list(APPEND LIBSPRT_C_SRC
"${TFM_ROOT_DIR}/interface/src/psa/psa_client.c"
"${TFM_ROOT_DIR}/interface/src/psa/psa_service.c"
+ "${TFM_ROOT_DIR}/interface/src/psa/psa_lifecycle.c"
)
endif()
diff --git a/secure_fw/spm/spm_api.c b/secure_fw/spm/spm_api.c
index f162890d2d..044e33651a 100644
--- a/secure_fw/spm/spm_api.c
+++ b/secure_fw/spm/spm_api.c
@@ -19,6 +19,7 @@
#include "tfm_core.h"
#include "tfm_peripherals_def.h"
#include "spm_partition_defs.h"
+#include "psa/lifecycle.h"
#define NON_SECURE_INTERNAL_PARTITION_DB_IDX 0
#define TFM_CORE_INTERNAL_PARTITION_DB_IDX 1
@@ -106,6 +107,15 @@ bool tfm_is_partition_privileged(uint32_t partition_idx)
TFM_PARTITION_PRIVILEGED_MODE;
}
+uint32_t tfm_spm_get_lifecycle_state(void)
+{
+ /*
+ * FixMe: return PSA_LIFECYCLE_UNKNOWN to the caller directly. It will be
+ * implemented in the future.
+ */
+ return PSA_LIFECYCLE_UNKNOWN;
+}
+
__attribute__((section("SFN")))
void tfm_spm_partition_change_privilege(uint32_t privileged)
{
diff --git a/secure_fw/spm/spm_api.h b/secure_fw/spm/spm_api.h
index 56a112aecd..33118b171d 100644
--- a/secure_fw/spm/spm_api.h
+++ b/secure_fw/spm/spm_api.h
@@ -687,6 +687,18 @@ void tfm_pendsv_do_schedule(struct tfm_arch_ctx_t *p_actx);
*/
uint32_t tfm_spm_init(void);
+
+/*
+ * \brief This function get the current PSA RoT lifecycle state.
+ *
+ * \return state The current security lifecycle state of the PSA
+ * RoT. The PSA state and implementation state are
+ * encoded as follows:
+ * \arg state[15:8] – PSA lifecycle state
+ * \arg state[7:0] – IMPLEMENTATION DEFINED state
+ */
+uint32_t tfm_spm_get_lifecycle_state(void);
+
#endif /* ifdef(TFM_PSA_API) */
#endif /*__SPM_API_H__ */