diff options
author | Shawn Shan <shawn.shan@arm.com> | 2019-11-29 17:56:29 +0800 |
---|---|---|
committer | Shawn Shan <shawn.shan@arm.com> | 2020-02-25 17:11:27 +0800 |
commit | 6e7be077eabef00b4825e245604148d82b11f832 (patch) | |
tree | 878537ee5cc5d3e14973ea5b928572a03c592995 | |
parent | 993eb04b734ae6e21b6bca1da85eace2c543c6ba (diff) | |
download | trusted-firmware-m-6e7be077eabef00b4825e245604148d82b11f832.tar.gz |
Core: Add lifecycle API
Add the lifecycle related macros and APIs and only return
PSA_LIFECYCLE_UNKNOWN to the caller. It will be implemented in the
future.
Change-Id: Ia3e327f88c559ac6611ddabf2fb9e8c5150619eb
Signed-off-by: Shawn Shan <shawn.shan@arm.com>
-rw-r--r-- | interface/include/psa/lifecycle.h | 40 | ||||
-rw-r--r-- | interface/src/psa/psa_lifecycle.c | 17 | ||||
-rw-r--r-- | secure_fw/core/ipc/include/tfm_svcalls.h | 10 | ||||
-rw-r--r-- | secure_fw/core/ipc/tfm_svcalls.c | 7 | ||||
-rw-r--r-- | secure_fw/include/core/tfm_core_svc.h | 1 | ||||
-rw-r--r-- | secure_fw/lib/sprt/CMakeLists.inc | 3 | ||||
-rw-r--r-- | secure_fw/spm/spm_api.c | 10 | ||||
-rw-r--r-- | secure_fw/spm/spm_api.h | 12 |
8 files changed, 98 insertions, 2 deletions
diff --git a/interface/include/psa/lifecycle.h b/interface/include/psa/lifecycle.h new file mode 100644 index 0000000000..a892c4921d --- /dev/null +++ b/interface/include/psa/lifecycle.h @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __PSA_LIFECYCLE_H__ +#define __PSA_LIFECYCLE_H__ + +#ifdef __cplusplus +extern "C" { +#endif + +#define PSA_LIFECYCLE_PSA_STATE_MASK (0xff00u) +#define PSA_LIFECYCLE_IMP_STATE_MASK (0x00ffu) +#define PSA_LIFECYCLE_UNKNOWN (0x0000u) +#define PSA_LIFECYCLE_ASSEMBLY_AND_TEST (0x1000u) +#define PSA_LIFECYCLE_PSA_ROT_PROVISIONING (0x2000u) +#define PSA_LIFECYCLE_SECURED (0x3000u) +#define PSA_LIFECYCLE_NON_PSA_ROT_DEBUG (0x4000u) +#define PSA_LIFECYCLE_RECOVERABLE_PSA_ROT_DEBUG (0x5000u) +#define PSA_LIFECYCLE_DECOMMISSIONED (0x6000u) + +/* + * \brief This function retrieves the current PSA RoT lifecycle state. + * + * \return state The current security lifecycle state of the PSA + * RoT. The PSA state and implementation state are + * encoded as follows: + * \arg state[15:8] – PSA lifecycle state + * \arg state[7:0] – IMPLEMENTATION DEFINED state + */ +uint32_t psa_rot_lifecycle_state(void); + +#ifdef __cplusplus +} +#endif + +#endif /* __PSA_LIFECYCLE_H__ */ diff --git a/interface/src/psa/psa_lifecycle.c b/interface/src/psa/psa_lifecycle.c new file mode 100644 index 0000000000..928a000f53 --- /dev/null +++ b/interface/src/psa/psa_lifecycle.c @@ -0,0 +1,17 @@ +/* + * Copyright (c) 2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ +#include <inttypes.h> +#include "psa/lifecycle.h" +#include "core/tfm_core_svc.h" + +__attribute__((naked)) +uint32_t psa_rot_lifecycle_state(void) +{ + __ASM volatile("SVC %0 \n" + "BX LR \n" + : : "I" (TFM_SVC_PSA_LIFECYCLE)); +} diff --git a/secure_fw/core/ipc/include/tfm_svcalls.h b/secure_fw/core/ipc/include/tfm_svcalls.h index 5fd9628039..35322961cc 100644 --- a/secure_fw/core/ipc/include/tfm_svcalls.h +++ b/secure_fw/core/ipc/include/tfm_svcalls.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause * @@ -91,6 +91,14 @@ psa_status_t tfm_svcall_psa_call(uint32_t *args, bool ns_caller, uint32_t lr); void tfm_svcall_psa_close(uint32_t *args, bool ns_caller); /** + * \brief SVC handler for \ref psa_rot_lifecycle_state. + * + * \return state The current security lifecycle state of the PSA + * RoT. + */ +uint32_t tfm_svcall_get_lifecycle_state(void); + +/** * \brief SVC handler for IPC functions * * \param[in] svc_num SVC number. diff --git a/secure_fw/core/ipc/tfm_svcalls.c b/secure_fw/core/ipc/tfm_svcalls.c index adb57199df..397261c6a0 100644 --- a/secure_fw/core/ipc/tfm_svcalls.c +++ b/secure_fw/core/ipc/tfm_svcalls.c @@ -133,6 +133,11 @@ void tfm_svcall_psa_close(uint32_t *args, bool ns_caller) return tfm_psa_close(handle, ns_caller); } +uint32_t tfm_svcall_get_lifecycle_state(void) +{ + return tfm_spm_get_lifecycle_state(); +} + /*********************** SVC handler for PSA Service APIs ********************/ /** @@ -1096,6 +1101,8 @@ int32_t SVC_Handler_IPC(tfm_svc_number_t svc_num, uint32_t *ctx, uint32_t lr) case TFM_SVC_SPM_REQUEST: tfm_core_spm_request_handler((const struct tfm_state_context_t *)ctx); break; + case TFM_SVC_PSA_LIFECYCLE: + return tfm_svcall_get_lifecycle_state(); default: #ifdef PLATFORM_SVC_HANDLERS return (platform_svc_handlers(svc_num, ctx, lr)); diff --git a/secure_fw/include/core/tfm_core_svc.h b/secure_fw/include/core/tfm_core_svc.h index affbe31b55..f5a1c8508f 100644 --- a/secure_fw/include/core/tfm_core_svc.h +++ b/secure_fw/include/core/tfm_core_svc.h @@ -42,6 +42,7 @@ typedef enum { TFM_SVC_PSA_NOTIFY, TFM_SVC_PSA_CLEAR, TFM_SVC_PSA_PANIC, + TFM_SVC_PSA_LIFECYCLE, #endif TFM_SVC_PLATFORM_BASE = 50 /* leave room for additional Core handlers */ } tfm_svc_number_t; diff --git a/secure_fw/lib/sprt/CMakeLists.inc b/secure_fw/lib/sprt/CMakeLists.inc index 55ae9205dc..23b725ab27 100644 --- a/secure_fw/lib/sprt/CMakeLists.inc +++ b/secure_fw/lib/sprt/CMakeLists.inc @@ -1,5 +1,5 @@ #------------------------------------------------------------------------------- -# Copyright (c) 2019, Arm Limited. All rights reserved. +# Copyright (c) 2019-2020, Arm Limited. All rights reserved. # # SPDX-License-Identifier: BSD-3-Clause # @@ -34,6 +34,7 @@ if (TFM_PSA_API) list(APPEND LIBSPRT_C_SRC "${TFM_ROOT_DIR}/interface/src/psa/psa_client.c" "${TFM_ROOT_DIR}/interface/src/psa/psa_service.c" + "${TFM_ROOT_DIR}/interface/src/psa/psa_lifecycle.c" ) endif() diff --git a/secure_fw/spm/spm_api.c b/secure_fw/spm/spm_api.c index f162890d2d..044e33651a 100644 --- a/secure_fw/spm/spm_api.c +++ b/secure_fw/spm/spm_api.c @@ -19,6 +19,7 @@ #include "tfm_core.h" #include "tfm_peripherals_def.h" #include "spm_partition_defs.h" +#include "psa/lifecycle.h" #define NON_SECURE_INTERNAL_PARTITION_DB_IDX 0 #define TFM_CORE_INTERNAL_PARTITION_DB_IDX 1 @@ -106,6 +107,15 @@ bool tfm_is_partition_privileged(uint32_t partition_idx) TFM_PARTITION_PRIVILEGED_MODE; } +uint32_t tfm_spm_get_lifecycle_state(void) +{ + /* + * FixMe: return PSA_LIFECYCLE_UNKNOWN to the caller directly. It will be + * implemented in the future. + */ + return PSA_LIFECYCLE_UNKNOWN; +} + __attribute__((section("SFN"))) void tfm_spm_partition_change_privilege(uint32_t privileged) { diff --git a/secure_fw/spm/spm_api.h b/secure_fw/spm/spm_api.h index 56a112aecd..33118b171d 100644 --- a/secure_fw/spm/spm_api.h +++ b/secure_fw/spm/spm_api.h @@ -687,6 +687,18 @@ void tfm_pendsv_do_schedule(struct tfm_arch_ctx_t *p_actx); */ uint32_t tfm_spm_init(void); + +/* + * \brief This function get the current PSA RoT lifecycle state. + * + * \return state The current security lifecycle state of the PSA + * RoT. The PSA state and implementation state are + * encoded as follows: + * \arg state[15:8] – PSA lifecycle state + * \arg state[7:0] – IMPLEMENTATION DEFINED state + */ +uint32_t tfm_spm_get_lifecycle_state(void); + #endif /* ifdef(TFM_PSA_API) */ #endif /*__SPM_API_H__ */ |