diff options
author | Edison Ai <edison.ai@arm.com> | 2019-07-11 14:56:46 +0800 |
---|---|---|
committer | Edison Ai <edison.ai@arm.com> | 2019-08-12 14:16:46 +0800 |
commit | 7aff9e8d196e4ea92a29b8e36335d8df452e3b9d (patch) | |
tree | 1c60f6f8bfd1d4a0fc3202d424c6af4b9a52e8c2 | |
parent | 5f4734653ca12d1f905de25d5a5854bd009da7c1 (diff) | |
download | trusted-firmware-m-7aff9e8d196e4ea92a29b8e36335d8df452e3b9d.tar.gz |
Core: Remove isolation level 3
Remove functions, process, data which only used in isolation level 3
for library model.
Change-Id: Ia21819d6a6cccb18af316a79658aa3673f2d2420
Signed-off-by: Edison Ai <edison.ai@arm.com>
-rw-r--r-- | secure_fw/core/tfm_func_api.c | 211 | ||||
-rw-r--r-- | secure_fw/core/tfm_secure_api.h | 2 | ||||
-rw-r--r-- | secure_fw/core/tfm_spm_services.c | 8 | ||||
-rw-r--r-- | secure_fw/services/tfm_spm_db.inc | 99 | ||||
-rw-r--r-- | secure_fw/services/tfm_spm_db.inc.template | 9 | ||||
-rw-r--r-- | secure_fw/spm/spm_api.c | 17 | ||||
-rw-r--r-- | secure_fw/spm/spm_api.h | 133 | ||||
-rw-r--r-- | secure_fw/spm/spm_api_func.c | 86 | ||||
-rw-r--r-- | secure_fw/spm/spm_api_ipc.c | 12 | ||||
-rw-r--r-- | secure_fw/spm/spm_db.h | 6 |
10 files changed, 62 insertions, 521 deletions
diff --git a/secure_fw/core/tfm_func_api.c b/secure_fw/core/tfm_func_api.c index 6f7ac7d0fd..8f08508605 100644 --- a/secure_fw/core/tfm_func_api.c +++ b/secure_fw/core/tfm_func_api.c @@ -36,11 +36,8 @@ REGION_DECLARE(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Base); REGION_DECLARE(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Limit); - -#if TFM_LVL == 1 REGION_DECLARE(Image$$, TFM_SECURE_STACK, $$ZI$$Base); REGION_DECLARE(Image$$, TFM_SECURE_STACK, $$ZI$$Limit); -#endif /* This is the "Big Lock" on the secure side, to guarantee single entry * to SPE @@ -342,19 +339,10 @@ static enum tfm_status_e check_irq_partition_state( */ static struct iovec_args_t *get_iovec_args_stack_address(uint32_t partition_idx) { - struct iovec_args_t *iovec_args; -#if TFM_LVL == 1 /* Save the iovecs on the common stack. */ - iovec_args = (struct iovec_args_t *) - ((uint8_t *)®ION_NAME(Image$$, TFM_SECURE_STACK, $$ZI$$Limit)- - sizeof(struct iovec_args_t)); -#else - /* Save the iovecs on the stack of the partition. */ - iovec_args = (struct iovec_args_t *) - (tfm_spm_partition_get_stack_top(partition_idx) - - sizeof(struct iovec_args_t)); -#endif - return iovec_args; + return (struct iovec_args_t *)((uint8_t *)®ION_NAME(Image$$, + TFM_SECURE_STACK, $$ZI$$Limit) - + sizeof(struct iovec_args_t)); } static enum tfm_status_e tfm_start_partition( @@ -398,24 +386,13 @@ static enum tfm_status_e tfm_start_partition( caller_partition_id = tfm_spm_partition_get_partition_id( caller_partition_idx); - if (tfm_secure_api_initializing) { -#if TFM_LVL != 1 - /* Make thread mode unprivileged while untrusted partition init is - * executed - */ - if ((partition_flags & SPM_PART_FLAG_PSA_ROT) == 0) { - tfm_spm_partition_change_privilege( - TFM_PARTITION_UNPRIVILEGED_MODE); - } -#endif - } else { + if (!tfm_secure_api_initializing) { res = check_partition_state(partition_state, caller_partition_state); if (res != TFM_SUCCESS) { return res; } } -#if TFM_LVL == 1 /* Prepare switch to shared secure partition stack */ /* In case the call is coming from the non-secure world, we save the iovecs * on the stop of the stack. So the memory area, that can actually be used @@ -426,10 +403,7 @@ static enum tfm_status_e tfm_start_partition( sizeof(struct iovec_args_t); partition_psplim = (uint32_t)®ION_NAME(Image$$, TFM_SECURE_STACK, $$ZI$$Base); -#else - partition_psp = curr_part_data->stack_ptr; - partition_psplim = tfm_spm_partition_get_stack_bottom(partition_idx); -#endif + /* Store the context for the partition call */ tfm_spm_partition_set_caller_partition_idx(partition_idx, caller_partition_idx); @@ -446,17 +420,6 @@ static enum tfm_status_e tfm_start_partition( tfm_spm_partition_set_caller_client_id(partition_idx, client_id); } -#if (TFM_LVL != 1) && (TFM_LVL != 2) - /* Dynamic partitioning is only done is TFM level 3 */ - tfm_spm_partition_sandbox_deconfig(caller_partition_idx); - - /* Configure partition execution environment */ - if (tfm_spm_partition_sandbox_config(partition_idx) != SPM_ERR_OK) { - ERROR_MSG("Failed to configure sandbox for partition!"); - tfm_secure_api_error_handler(); - } -#endif - /* Default share to scratch area in case of partition to partition calls * this way partitions always get default access to input buffers */ @@ -466,13 +429,10 @@ static enum tfm_status_e tfm_start_partition( desc_ptr->ns_caller ? TFM_BUFFER_SHARE_NS_CODE : TFM_BUFFER_SHARE_SCRATCH); -#if TFM_LVL == 1 /* In level one, only switch context and return from exception if in * handler mode */ - if ((desc_ptr->ns_caller) || (tfm_secure_api_initializing)) -#endif - { + if ((desc_ptr->ns_caller) || (tfm_secure_api_initializing)) { if (desc_ptr->iovec_api == TFM_SFN_API_IOVEC) { if (tfm_spm_partition_set_iovec(partition_idx, desc_ptr->args) != SPM_ERR_OK) { @@ -513,9 +473,6 @@ static enum tfm_status_e tfm_start_partition_for_irq_handling( uint32_t irq_line = svc_ctx->R3; enum tfm_status_e res; uint32_t psp = __get_PSP(); -#if (TFM_LVL != 1) - uint32_t handler_partition_psplim; -#endif uint32_t handler_partition_psp; uint32_t handler_partition_state; uint32_t interrupted_partition_idx = @@ -543,16 +500,7 @@ static enum tfm_status_e tfm_start_partition_for_irq_handling( /* save the current context of the interrupted partition */ tfm_spm_partition_push_interrupted_ctx(interrupted_partition_idx); -#if (TFM_LVL != 1) - /* Save the psp as it was when the interrupt happened */ - tfm_spm_partition_set_stack(interrupted_partition_idx, psp); - - handler_partition_psp = handler_part_data->stack_ptr; - handler_partition_psplim = - tfm_spm_partition_get_stack_bottom(handler_partition_idx); -#else /* TFM_LVL != 1 */ handler_partition_psp = psp; -#endif /* TFM_LVL != 1 */ /* save the current context of the handler partition */ tfm_spm_partition_push_handler_ctx(handler_partition_idx); @@ -561,23 +509,10 @@ static enum tfm_status_e tfm_start_partition_for_irq_handling( tfm_spm_partition_set_caller_partition_idx(handler_partition_idx, interrupted_partition_idx); -#if TFM_LVL == 3 - /* Dynamic partitioning is only done is TFM level 3 */ - tfm_spm_partition_sandbox_deconfig(interrupted_partition_idx); - - /* Configure partition execution environment */ - if (tfm_spm_partition_sandbox_config(handler_partition_idx) != SPM_ERR_OK) { - ERROR_MSG("Failed to configure sandbox for partition!"); - tfm_secure_api_error_handler(); - } -#endif /* TFM_LVL == 3 */ - psp = (uint32_t)prepare_partition_irq_ctx(svc_ctx, unpriv_handler, (int32_t *)handler_partition_psp); __set_PSP(psp); -#if (TFM_LVL != 1) - __set_PSPLIM(handler_partition_psplim); -#endif /* TFM_LVL != 1 */ + tfm_spm_partition_set_state(interrupted_partition_idx, SPM_PARTITION_STATE_SUSPENDED); tfm_spm_partition_set_state(handler_partition_idx, @@ -618,36 +553,6 @@ static enum tfm_status_e tfm_return_from_partition(uint32_t *excReturn) tfm_secure_lock--; -#if (TFM_LVL != 1) && (TFM_LVL != 2) - /* Deconfigure completed partition environment */ - tfm_spm_partition_sandbox_deconfig(current_partition_idx); - if (tfm_secure_api_initializing) { - /* Restore privilege for thread mode during TF-M init. This is only - * have to be done if the partition is not trusted. - */ - if ((current_partition_flags & SPM_PART_FLAG_PSA_ROT) == 0) { - tfm_spm_partition_change_privilege(TFM_PARTITION_PRIVILEGED_MODE); - } - } else { - /* Configure the caller partition environment in case this was a - * partition to partition call and returning to untrusted partition - */ - if (tfm_spm_partition_sandbox_config(return_partition_idx) - != SPM_ERR_OK) { - ERROR_MSG("Failed to configure sandbox for partition!"); - tfm_secure_api_error_handler(); - } - if (return_partition_flags & SPM_PART_FLAG_APP_ROT) { - /* Restore share status */ - tfm_spm_partition_set_share( - return_partition_idx, - tfm_spm_partition_get_runtime_data( - return_partition_idx)->share); - } - } -#endif - -#if TFM_LVL == 1 if (!(return_partition_flags & SPM_PART_FLAG_APP_ROT) || (tfm_secure_api_initializing)) { /* In TFM level 1 context restore is only done when @@ -677,31 +582,6 @@ static enum tfm_status_e tfm_return_from_partition(uint32_t *excReturn) tfm_clear_iovec_parameters(iovec_args); } } -#else - /* Restore caller context */ - restore_caller_ctx(svc_ctx, - (struct tfm_exc_stack_t *)ret_part_data->stack_ptr); - *excReturn = ret_part_data->lr; - __set_PSP(ret_part_data->stack_ptr); - tfm_arch_set_psplim( - tfm_spm_partition_get_stack_bottom(return_partition_idx)); - /* Clear the context entry before returning */ - tfm_spm_partition_set_stack( - current_partition_idx, psp + sizeof(struct tfm_exc_stack_t)); - - /* FIXME: The condition should be removed once all the secure service - * calls are done via the iovec veneers */ - if (curr_part_data->iovec_api) { - iovec_args = (struct iovec_args_t *) - (tfm_spm_partition_get_stack_top(current_partition_idx) - - sizeof(struct iovec_args_t)); - - for (i = 0; i < curr_part_data->iovec_args.out_len; ++i) { - curr_part_data->orig_outvec[i].len = iovec_args->out_vec[i].len; - } - tfm_clear_iovec_parameters(iovec_args); - } -#endif tfm_spm_partition_cleanup_context(current_partition_idx); @@ -719,10 +599,6 @@ static enum tfm_status_e tfm_return_from_partition_irq_handling( uint32_t handler_partition_idx = tfm_spm_partition_get_running_partition_idx(); const struct spm_partition_runtime_data_t *handler_part_data; -#if TFM_LVL != 1 - const struct spm_partition_runtime_data_t *interrupted_part_data; - uint32_t interrupted_partition_psplim; -#endif /* TFM_LVL != 1 */ uint32_t interrupted_partition_idx; uint32_t psp = __get_PSP(); struct tfm_exc_stack_t *svc_ctx = (struct tfm_exc_stack_t *)psp; @@ -739,49 +615,16 @@ static enum tfm_status_e tfm_return_from_partition_irq_handling( return TFM_SECURE_UNLOCK_FAILED; } -#if TFM_LVL != 1 - interrupted_part_data = tfm_spm_partition_get_runtime_data( - interrupted_partition_idx); - -#if TFM_LVL == 3 - /* Deconfigure completed partition environment */ - tfm_spm_partition_sandbox_deconfig(handler_partition_idx); - - /* Configure the caller partition environment */ - if (tfm_spm_partition_sandbox_config(interrupted_partition_idx) - != SPM_ERR_OK) { - ERROR_MSG("Failed to configure sandbox for partition!"); - tfm_secure_api_error_handler(); - } -#endif /* TFM_LVL == 3 */ - - /* Restore caller context */ - *excReturn = svc_ctx->RetAddr; - - if (psp+sizeof(struct tfm_exc_stack_t) != handler_part_data->stack_ptr) { - ERROR_MSG("The interrupt handler unfolded its stack improperly!"); - tfm_secure_api_error_handler(); - } - - psp = interrupted_part_data->stack_ptr; -#else /* TFM_LVL != 1 */ /* For level 1, modify PSP, so that the SVC stack frame disappears, * and return to the privileged handler using the stack frame still on the * MSP stack. */ *excReturn = svc_ctx->RetAddr; psp += sizeof(struct tfm_exc_stack_t); -#endif /* TFM_LVL != 1 */ tfm_spm_partition_pop_handler_ctx(handler_partition_idx); tfm_spm_partition_pop_interrupted_ctx(interrupted_partition_idx); -#if TFM_LVL != 1 - interrupted_partition_psplim = - tfm_spm_partition_get_stack_bottom(interrupted_partition_idx); - - __set_PSPLIM(interrupted_partition_psplim); -#endif /* TFM_LVL != 1 */ __set_PSP(psp); return TFM_SUCCESS; @@ -833,12 +676,6 @@ static enum tfm_status_e tfm_core_check_sfn_req_rules( void tfm_secure_api_init_done(void) { tfm_secure_api_initializing = 0; -#if TFM_LVL != 1 - if (tfm_spm_partition_sandbox_config(TFM_SP_NON_SECURE_ID) != SPM_ERR_OK) { - ERROR_MSG("Failed to configure sandbox for partition!"); - tfm_secure_api_error_handler(); - } -#endif } enum tfm_status_e tfm_core_sfn_request_handler( @@ -888,7 +725,6 @@ enum tfm_status_e tfm_core_sfn_request_handler( return res; } -#if TFM_LVL == 1 int32_t tfm_core_sfn_request_thread_mode(struct tfm_sfn_req_s *desc_ptr) { enum tfm_status_e res; @@ -928,7 +764,6 @@ int32_t tfm_core_sfn_request_thread_mode(struct tfm_sfn_req_s *desc_ptr) } return (int32_t)res; } -#endif void tfm_core_validate_secure_caller_handler(uint32_t *svc_args) { @@ -984,7 +819,6 @@ int32_t tfm_core_check_buffer_access(uint32_t partition_idx, return 0; } -#if TFM_LVL == 1 /* For privileged partition execution, all secure data memory and stack * is accessible */ @@ -992,29 +826,7 @@ int32_t tfm_core_check_buffer_access(uint32_t partition_idx, end_addr_value <= (S_DATA_START + S_DATA_SIZE)) { return 1; } -#else - /* For non-privileged execution the partition's data and stack is - * accessible - */ - if (start_addr_value >= - tfm_spm_partition_get_stack_bottom(partition_idx) && - end_addr_value <= - tfm_spm_partition_get_stack_top(partition_idx)) { - return 1; - } - if (start_addr_value >= - tfm_spm_partition_get_rw_start(partition_idx) && - end_addr_value <= - tfm_spm_partition_get_rw_limit(partition_idx)) { - return 1; - } - if (start_addr_value >= - tfm_spm_partition_get_zi_start(partition_idx) && - end_addr_value <= - tfm_spm_partition_get_zi_limit(partition_idx)) { - return 1; - } -#endif + return 0; } @@ -1102,19 +914,12 @@ void tfm_core_memory_permission_check_handler(uint32_t *svc_args) cmse_address_info_t addr_info = cmse_TT((void *)ptr); if (addr_info.flags.secure) { -#if TFM_LVL == 1 /* For privileged partition execution, all secure data memory is * accessible */ max_buf_size = S_DATA_SIZE; ptr_start = S_DATA_START; range_limit = S_DATA_LIMIT; -#else - /* Only scratch is permitted in secure memory */ - max_buf_size = (uint32_t)tfm_scratch_area_size; - ptr_start = (uint32_t)tfm_scratch_area; - range_limit = (uint32_t)tfm_scratch_area + tfm_scratch_area_size - 1; -#endif range_check = true; } else { if (!addr_info.flags.sau_region_valid) { diff --git a/secure_fw/core/tfm_secure_api.h b/secure_fw/core/tfm_secure_api.h index e49924b558..93c9ece600 100644 --- a/secure_fw/core/tfm_secure_api.h +++ b/secure_fw/core/tfm_secure_api.h @@ -207,7 +207,7 @@ int32_t tfm_core_partition_request(uint32_t id, void *fn, int32_t iovec_api, return tfm_core_sfn_request_thread_mode(desc_ptr); } #else - return tfm_core_sfn_request(desc_ptr); + return (int32_t)TFM_ERROR_GENERIC; #endif } diff --git a/secure_fw/core/tfm_spm_services.c b/secure_fw/core/tfm_spm_services.c index bd428af93a..7033ca75b5 100644 --- a/secure_fw/core/tfm_spm_services.c +++ b/secure_fw/core/tfm_spm_services.c @@ -20,14 +20,6 @@ nsfptr_t ns_entry; void jump_to_ns_code(void) { -#if TFM_LVL == 3 || ((!defined(TFM_PSA_API)) && (TFM_LVL != 1)) - /* Initialization is done, set thread mode to unprivileged. */ - tfm_spm_partition_change_privilege(TFM_PARTITION_UNPRIVILEGED_MODE); -#endif - /* All changes made to memory will be effective after this point */ - __DSB(); - __ISB(); - /* Calls the non-secure Reset_Handler to jump to the non-secure binary */ ns_entry(); } diff --git a/secure_fw/services/tfm_spm_db.inc b/secure_fw/services/tfm_spm_db.inc index c3db3656a9..1fee28cb9e 100644 --- a/secure_fw/services/tfm_spm_db.inc +++ b/secure_fw/services/tfm_spm_db.inc @@ -373,12 +373,7 @@ struct spm_partition_desc_t partition_list [] = .caller_partition_idx = SPM_INVALID_PARTITION_IDX, .caller_client_id = TFM_INVALID_CLIENT_ID, .share = TFM_BUFFER_SHARE_DISABLE, -#if TFM_LVL != 1 - .stack_ptr = PART_REGION_ADDR(TFM_SP_STORAGE, _STACK$$ZI$$Limit) - - sizeof(struct iovec_args_t), -#else /* TFM_LVL != 1 */ .stack_ptr = 0, -#endif /* TFM_LVL != 1 */ .lr = 0, .iovec_api = TFM_SFN_API_IOVEC, .iovec_args = @@ -408,7 +403,7 @@ struct spm_partition_desc_t partition_list [] = .platform_data = NULL, -#if (TFM_LVL != 1) || defined(TFM_PSA_API) +#ifdef TFM_PSA_API /* memory_data */ .memory_data = { .code_start = PART_REGION_ADDR(TFM_SP_STORAGE, $$Base), @@ -422,9 +417,7 @@ struct spm_partition_desc_t partition_list [] = .stack_bottom = PART_REGION_ADDR(TFM_SP_STORAGE, _STACK$$ZI$$Base), .stack_top = PART_REGION_ADDR(TFM_SP_STORAGE, _STACK$$ZI$$Limit), }, -#endif -#ifdef TFM_PSA_API /* sp_thrd */ .sp_thrd = { .pfn = NULL, @@ -464,12 +457,7 @@ struct spm_partition_desc_t partition_list [] = .caller_partition_idx = SPM_INVALID_PARTITION_IDX, .caller_client_id = TFM_INVALID_CLIENT_ID, .share = TFM_BUFFER_SHARE_DISABLE, -#if TFM_LVL != 1 - .stack_ptr = PART_REGION_ADDR(TFM_SP_AUDIT_LOG, _STACK$$ZI$$Limit) - - sizeof(struct iovec_args_t), -#else /* TFM_LVL != 1 */ .stack_ptr = 0, -#endif /* TFM_LVL != 1 */ .lr = 0, .iovec_api = TFM_SFN_API_IOVEC, .iovec_args = @@ -505,7 +493,7 @@ struct spm_partition_desc_t partition_list [] = .platform_data = NULL, #endif /* AUDIT_UART_REDIRECTION */ -#if (TFM_LVL != 1) || defined(TFM_PSA_API) +#ifdef TFM_PSA_API /* memory_data */ .memory_data = { .code_start = PART_REGION_ADDR(TFM_SP_AUDIT_LOG, $$Base), @@ -519,9 +507,7 @@ struct spm_partition_desc_t partition_list [] = .stack_bottom = PART_REGION_ADDR(TFM_SP_AUDIT_LOG, _STACK$$ZI$$Base), .stack_top = PART_REGION_ADDR(TFM_SP_AUDIT_LOG, _STACK$$ZI$$Limit), }, -#endif -#ifdef TFM_PSA_API /* sp_thrd */ .sp_thrd = { .pfn = NULL, @@ -561,12 +547,7 @@ struct spm_partition_desc_t partition_list [] = .caller_partition_idx = SPM_INVALID_PARTITION_IDX, .caller_client_id = TFM_INVALID_CLIENT_ID, .share = TFM_BUFFER_SHARE_DISABLE, -#if TFM_LVL != 1 - .stack_ptr = PART_REGION_ADDR(TFM_SP_CRYPTO, _STACK$$ZI$$Limit) - - sizeof(struct iovec_args_t), -#else /* TFM_LVL != 1 */ .stack_ptr = 0, -#endif /* TFM_LVL != 1 */ .lr = 0, .iovec_api = TFM_SFN_API_IOVEC, .iovec_args = @@ -596,7 +577,7 @@ struct spm_partition_desc_t partition_list [] = .platform_data = NULL, -#if (TFM_LVL != 1) || defined(TFM_PSA_API) +#ifdef TFM_PSA_API /* memory_data */ .memory_data = { .code_start = PART_REGION_ADDR(TFM_SP_CRYPTO, $$Base), @@ -610,9 +591,7 @@ struct spm_partition_desc_t partition_list [] = .stack_bottom = PART_REGION_ADDR(TFM_SP_CRYPTO, _STACK$$ZI$$Base), .stack_top = PART_REGION_ADDR(TFM_SP_CRYPTO, _STACK$$ZI$$Limit), }, -#endif -#ifdef TFM_PSA_API /* sp_thrd */ .sp_thrd = { .pfn = NULL, @@ -652,12 +631,7 @@ struct spm_partition_desc_t partition_list [] = .caller_partition_idx = SPM_INVALID_PARTITION_IDX, .caller_client_id = TFM_INVALID_CLIENT_ID, .share = TFM_BUFFER_SHARE_DISABLE, -#if TFM_LVL != 1 - .stack_ptr = PART_REGION_ADDR(TFM_SP_PLATFORM, _STACK$$ZI$$Limit) - - sizeof(struct iovec_args_t), -#else /* TFM_LVL != 1 */ .stack_ptr = 0, -#endif /* TFM_LVL != 1 */ .lr = 0, .iovec_api = TFM_SFN_API_IOVEC, .iovec_args = @@ -687,7 +661,7 @@ struct spm_partition_desc_t partition_list [] = .platform_data = NULL, -#if (TFM_LVL != 1) || defined(TFM_PSA_API) +#ifdef TFM_PSA_API /* memory_data */ .memory_data = { .code_start = PART_REGION_ADDR(TFM_SP_PLATFORM, $$Base), @@ -701,9 +675,7 @@ struct spm_partition_desc_t partition_list [] = .stack_bottom = PART_REGION_ADDR(TFM_SP_PLATFORM, _STACK$$ZI$$Base), .stack_top = PART_REGION_ADDR(TFM_SP_PLATFORM, _STACK$$ZI$$Limit), }, -#endif -#ifdef TFM_PSA_API /* sp_thrd */ .sp_thrd = { .pfn = NULL, @@ -743,12 +715,7 @@ struct spm_partition_desc_t partition_list [] = .caller_partition_idx = SPM_INVALID_PARTITION_IDX, .caller_client_id = TFM_INVALID_CLIENT_ID, .share = TFM_BUFFER_SHARE_DISABLE, -#if TFM_LVL != 1 - .stack_ptr = PART_REGION_ADDR(TFM_SP_INITIAL_ATTESTATION, _STACK$$ZI$$Limit) - - sizeof(struct iovec_args_t), -#else /* TFM_LVL != 1 */ .stack_ptr = 0, -#endif /* TFM_LVL != 1 */ .lr = 0, .iovec_api = TFM_SFN_API_IOVEC, .iovec_args = @@ -778,7 +745,7 @@ struct spm_partition_desc_t partition_list [] = .platform_data = NULL, -#if (TFM_LVL != 1) || defined(TFM_PSA_API) +#ifdef TFM_PSA_API /* memory_data */ .memory_data = { .code_start = PART_REGION_ADDR(TFM_SP_INITIAL_ATTESTATION, $$Base), @@ -792,9 +759,7 @@ struct spm_partition_desc_t partition_list [] = .stack_bottom = PART_REGION_ADDR(TFM_SP_INITIAL_ATTESTATION, _STACK$$ZI$$Base), .stack_top = PART_REGION_ADDR(TFM_SP_INITIAL_ATTESTATION, _STACK$$ZI$$Limit), }, -#endif -#ifdef TFM_PSA_API /* sp_thrd */ .sp_thrd = { .pfn = NULL, @@ -834,12 +799,7 @@ struct spm_partition_desc_t partition_list [] = .caller_partition_idx = SPM_INVALID_PARTITION_IDX, .caller_client_id = TFM_INVALID_CLIENT_ID, .share = TFM_BUFFER_SHARE_DISABLE, -#if TFM_LVL != 1 - .stack_ptr = PART_REGION_ADDR(TFM_SP_CORE_TEST, _STACK$$ZI$$Limit) - - sizeof(struct iovec_args_t), -#else /* TFM_LVL != 1 */ .stack_ptr = 0, -#endif /* TFM_LVL != 1 */ .lr = 0, .iovec_api = TFM_SFN_API_IOVEC, .iovec_args = @@ -871,7 +831,7 @@ struct spm_partition_desc_t partition_list [] = /* FIXME: Only adding the first mmio region */ .platform_data = TFM_PERIPHERAL_FPGA_IO, -#if (TFM_LVL != 1) || defined(TFM_PSA_API) +#ifdef TFM_PSA_API /* memory_data */ .memory_data = { .code_start = PART_REGION_ADDR(TFM_SP_CORE_TEST, $$Base), @@ -885,9 +845,7 @@ struct spm_partition_desc_t partition_list [] = .stack_bottom = PART_REGION_ADDR(TFM_SP_CORE_TEST, _STACK$$ZI$$Base), .stack_top = PART_REGION_ADDR(TFM_SP_CORE_TEST, _STACK$$ZI$$Limit), }, -#endif -#ifdef TFM_PSA_API /* sp_thrd */ .sp_thrd = { .pfn = NULL, @@ -928,12 +886,7 @@ struct spm_partition_desc_t partition_list [] = .caller_partition_idx = SPM_INVALID_PARTITION_IDX, .caller_client_id = TFM_INVALID_CLIENT_ID, .share = TFM_BUFFER_SHARE_DISABLE, -#if TFM_LVL != 1 - .stack_ptr = PART_REGION_ADDR(TFM_SP_CORE_TEST_2, _STACK$$ZI$$Limit) - - sizeof(struct iovec_args_t), -#else /* TFM_LVL != 1 */ .stack_ptr = 0, -#endif /* TFM_LVL != 1 */ .lr = 0, .iovec_api = TFM_SFN_API_IOVEC, .iovec_args = @@ -963,7 +916,7 @@ struct spm_partition_desc_t partition_list [] = .platform_data = NULL, -#if (TFM_LVL != 1) || defined(TFM_PSA_API) +#ifdef TFM_PSA_API /* memory_data */ .memory_data = { .code_start = PART_REGION_ADDR(TFM_SP_CORE_TEST_2, $$Base), @@ -977,9 +930,7 @@ struct spm_partition_desc_t partition_list [] = .stack_bottom = PART_REGION_ADDR(TFM_SP_CORE_TEST_2, _STACK$$ZI$$Base), .stack_top = PART_REGION_ADDR(TFM_SP_CORE_TEST_2, _STACK$$ZI$$Limit), }, -#endif -#ifdef TFM_PSA_API /* sp_thrd */ .sp_thrd = { .pfn = NULL, @@ -1020,12 +971,7 @@ struct spm_partition_desc_t partition_list [] = .caller_partition_idx = SPM_INVALID_PARTITION_IDX, .caller_client_id = TFM_INVALID_CLIENT_ID, .share = TFM_BUFFER_SHARE_DISABLE, -#if TFM_LVL != 1 - .stack_ptr = PART_REGION_ADDR(TFM_SP_SECURE_TEST_PARTITION, _STACK$$ZI$$Limit) - - sizeof(struct iovec_args_t), -#else /* TFM_LVL != 1 */ .stack_ptr = 0, -#endif /* TFM_LVL != 1 */ .lr = 0, .iovec_api = TFM_SFN_API_IOVEC, .iovec_args = @@ -1057,7 +1003,7 @@ struct spm_partition_desc_t partition_list [] = /* FIXME: Only adding the first mmio region */ .platform_data = TFM_PERIPHERAL_STD_UART, -#if (TFM_LVL != 1) || defined(TFM_PSA_API) +#ifdef TFM_PSA_API /* memory_data */ .memory_data = { .code_start = PART_REGION_ADDR(TFM_SP_SECURE_TEST_PARTITION, $$Base), @@ -1071,9 +1017,7 @@ struct spm_partition_desc_t partition_list [] = .stack_bottom = PART_REGION_ADDR(TFM_SP_SECURE_TEST_PARTITION, _STACK$$ZI$$Base), .stack_top = PART_REGION_ADDR(TFM_SP_SECURE_TEST_PARTITION, _STACK$$ZI$$Limit), }, -#endif -#ifdef TFM_PSA_API /* sp_thrd */ .sp_thrd = { .pfn = NULL, @@ -1114,12 +1058,7 @@ struct spm_partition_desc_t partition_list [] = .caller_partition_idx = SPM_INVALID_PARTITION_IDX, .caller_client_id = TFM_INVALID_CLIENT_ID, .share = TFM_BUFFER_SHARE_DISABLE, -#if TFM_LVL != 1 - .stack_ptr = PART_REGION_ADDR(TFM_SP_IPC_SERVICE_TEST, _STACK$$ZI$$Limit) - - sizeof(struct iovec_args_t), -#else /* TFM_LVL != 1 */ .stack_ptr = 0, -#endif /* TFM_LVL != 1 */ .lr = 0, .iovec_api = TFM_SFN_API_IOVEC, .iovec_args = @@ -1149,7 +1088,7 @@ struct spm_partition_desc_t partition_list [] = .platform_data = NULL, -#if (TFM_LVL != 1) || defined(TFM_PSA_API) +#ifdef TFM_PSA_API /* memory_data */ .memory_data = { .code_start = PART_REGION_ADDR(TFM_SP_IPC_SERVICE_TEST, $$Base), @@ -1163,9 +1102,7 @@ struct spm_partition_desc_t partition_list [] = .stack_bottom = PART_REGION_ADDR(TFM_SP_IPC_SERVICE_TEST, _STACK$$ZI$$Base), .stack_top = PART_REGION_ADDR(TFM_SP_IPC_SERVICE_TEST, _STACK$$ZI$$Limit), }, -#endif -#ifdef TFM_PSA_API /* sp_thrd */ .sp_thrd = { .pfn = NULL, @@ -1206,12 +1143,7 @@ struct spm_partition_desc_t partition_list [] = .caller_partition_idx = SPM_INVALID_PARTITION_IDX, .caller_client_id = TFM_INVALID_CLIENT_ID, .share = TFM_BUFFER_SHARE_DISABLE, -#if TFM_LVL != 1 - .stack_ptr = PART_REGION_ADDR(TFM_SP_IPC_CLIENT_TEST, _STACK$$ZI$$Limit) - - sizeof(struct iovec_args_t), -#else /* TFM_LVL != 1 */ .stack_ptr = 0, -#endif /* TFM_LVL != 1 */ .lr = 0, .iovec_api = TFM_SFN_API_IOVEC, .iovec_args = @@ -1241,7 +1173,7 @@ struct spm_partition_desc_t partition_list [] = .platform_data = NULL, -#if (TFM_LVL != 1) || defined(TFM_PSA_API) +#ifdef TFM_PSA_API /* memory_data */ .memory_data = { .code_start = PART_REGION_ADDR(TFM_SP_IPC_CLIENT_TEST, $$Base), @@ -1255,9 +1187,7 @@ struct spm_partition_desc_t partition_list [] = .stack_bottom = PART_REGION_ADDR(TFM_SP_IPC_CLIENT_TEST, _STACK$$ZI$$Base), .stack_top = PART_REGION_ADDR(TFM_SP_IPC_CLIENT_TEST, _STACK$$ZI$$Limit), }, -#endif -#ifdef TFM_PSA_API /* sp_thrd */ .sp_thrd = { .pfn = NULL, @@ -1298,12 +1228,7 @@ struct spm_partition_desc_t partition_list [] = .caller_partition_idx = SPM_INVALID_PARTITION_IDX, .caller_client_id = TFM_INVALID_CLIENT_ID, .share = TFM_BUFFER_SHARE_DISABLE, -#if TFM_LVL != 1 - .stack_ptr = PART_REGION_ADDR(TFM_IRQ_TEST_1, _STACK$$ZI$$Limit) - - sizeof(struct iovec_args_t), -#else /* TFM_LVL != 1 */ .stack_ptr = 0, -#endif /* TFM_LVL != 1 */ .lr = 0, .iovec_api = TFM_SFN_API_IOVEC, .iovec_args = @@ -1335,7 +1260,7 @@ struct spm_partition_desc_t partition_list [] = /* FIXME: Only adding the first mmio region */ .platform_data = TFM_PERIPHERAL_TIMER0, -#if (TFM_LVL != 1) || defined(TFM_PSA_API) +#ifdef TFM_PSA_API /* memory_data */ .memory_data = { .code_start = PART_REGION_ADDR(TFM_IRQ_TEST_1, $$Base), @@ -1349,9 +1274,7 @@ struct spm_partition_desc_t partition_list [] = .stack_bottom = PART_REGION_ADDR(TFM_IRQ_TEST_1, _STACK$$ZI$$Base), .stack_top = PART_REGION_ADDR(TFM_IRQ_TEST_1, _STACK$$ZI$$Limit), }, -#endif -#ifdef TFM_PSA_API /* sp_thrd */ .sp_thrd = { .pfn = NULL, diff --git a/secure_fw/services/tfm_spm_db.inc.template b/secure_fw/services/tfm_spm_db.inc.template index aecae88b68..f0528cda07 100644 --- a/secure_fw/services/tfm_spm_db.inc.template +++ b/secure_fw/services/tfm_spm_db.inc.template @@ -139,12 +139,7 @@ struct spm_partition_desc_t partition_list [] = .caller_partition_idx = SPM_INVALID_PARTITION_IDX, .caller_client_id = TFM_INVALID_CLIENT_ID, .share = TFM_BUFFER_SHARE_DISABLE, -#if TFM_LVL != 1 - .stack_ptr = PART_REGION_ADDR({{manifest.manifest.name}}, _STACK$$ZI$$Limit) - - sizeof(struct iovec_args_t), -#else /* TFM_LVL != 1 */ .stack_ptr = 0, -#endif /* TFM_LVL != 1 */ .lr = 0, .iovec_api = TFM_SFN_API_IOVEC, .iovec_args = @@ -192,7 +187,7 @@ struct spm_partition_desc_t partition_list [] = .platform_data = NULL, {% endif %} -#if (TFM_LVL != 1) || defined(TFM_PSA_API) +#ifdef TFM_PSA_API /* memory_data */ .memory_data = {{'{'}} .code_start = PART_REGION_ADDR({{manifest.manifest.name}}, $$Base), @@ -206,9 +201,7 @@ struct spm_partition_desc_t partition_list [] = .stack_bottom = PART_REGION_ADDR({{manifest.manifest.name}}, _STACK$$ZI$$Base), .stack_top = PART_REGION_ADDR({{manifest.manifest.name}}, _STACK$$ZI$$Limit), {{'},'}} -#endif -#ifdef TFM_PSA_API /* sp_thrd */ .sp_thrd = { .pfn = NULL, diff --git a/secure_fw/spm/spm_api.c b/secure_fw/spm/spm_api.c index 80d6575233..2aabaef28f 100644 --- a/secure_fw/spm/spm_api.c +++ b/secure_fw/spm/spm_api.c @@ -60,7 +60,7 @@ enum spm_err_t tfm_spm_db_init(void) */ /* For the non secure Execution environment */ -#if (TFM_LVL != 1) || defined(TFM_PSA_API) +#if TFM_PSA_API extern uint32_t Image$$ARM_LIB_STACK$$ZI$$Base[]; extern uint32_t Image$$ARM_LIB_STACK$$ZI$$Limit[]; uint32_t psp_stack_bottom = (uint32_t)Image$$ARM_LIB_STACK$$ZI$$Base; @@ -79,7 +79,7 @@ enum spm_err_t tfm_spm_db_init(void) part_ptr->static_data.partition_flags = 0; #endif -#if (TFM_LVL != 1) || defined(TFM_PSA_API) +#if TFM_PSA_API part_ptr->memory_data.stack_bottom = psp_stack_bottom; part_ptr->memory_data.stack_top = psp_stack_top; /* Since RW, ZI and stack are configured as one MPU region, configure @@ -111,19 +111,6 @@ enum spm_err_t tfm_spm_db_init(void) return SPM_ERR_OK; } -#if (TFM_LVL != 1) || defined(TFM_PSA_API) -uint32_t tfm_spm_partition_get_stack_bottom(uint32_t partition_idx) -{ - return g_spm_partition_db.partitions[partition_idx]. - memory_data.stack_bottom; -} - -uint32_t tfm_spm_partition_get_stack_top(uint32_t partition_idx) -{ - return g_spm_partition_db.partitions[partition_idx].memory_data.stack_top; -} -#endif - uint32_t tfm_spm_partition_get_partition_id(uint32_t partition_idx) { return g_spm_partition_db.partitions[partition_idx].static_data. diff --git a/secure_fw/spm/spm_api.h b/secure_fw/spm/spm_api.h index 55a42cff95..7f95339c0f 100644 --- a/secure_fw/spm/spm_api.h +++ b/secure_fw/spm/spm_api.h @@ -66,9 +66,6 @@ struct iovec_args_t { * uint32_t[] array */ struct interrupted_ctx_stack_frame_t { -#if TFM_LVL != 1 - uint32_t stack_ptr; -#endif uint32_t partition_state; }; @@ -162,110 +159,6 @@ struct tfm_spm_service_t { */ uint32_t get_partition_idx(uint32_t partition_id); -#if (TFM_LVL != 1) || defined(TFM_PSA_API) -/** - * \brief Get bottom of stack region for a partition - * - * \param[in] partition_idx Partition index - * - * \return Stack region bottom value - * - * \note This function doesn't check if partition_idx is valid. - */ -uint32_t tfm_spm_partition_get_stack_bottom(uint32_t partition_idx); - -/** - * \brief Get top of stack region for a partition - * - * \param[in] partition_idx Partition index - * - * \return Stack region top value - * - * \note This function doesn't check if partition_idx is valid. - */ -uint32_t tfm_spm_partition_get_stack_top(uint32_t partition_idx); -#endif - -#if (TFM_LVL != 1) && !defined(TFM_PSA_API) -/** - * \brief Configure isolated sandbox for a partition - * - * \param[in] partition_idx Partition index - * - * \return Error code \ref spm_err_t - * - * \note This function doesn't check if partition_idx is valid. - */ -enum spm_err_t tfm_spm_partition_sandbox_config(uint32_t partition_idx); - -/** - * \brief Deconfigure sandbox for a partition - * - * \param[in] partition_idx Partition index - * - * \return Error code \ref spm_err_t - * - * \note This function doesn't check if partition_idx is valid. - */ -enum spm_err_t tfm_spm_partition_sandbox_deconfig(uint32_t partition_idx); - -/** - * \brief Get the start of the zero-initialised region for a partition - * - * \param[in] partition_idx Partition idx - * - * \return Start of the zero-initialised region - * - * \note This function doesn't check if partition_idx is valid. - */ -uint32_t tfm_spm_partition_get_zi_start(uint32_t partition_idx); - -/** - * \brief Get the limit of the zero-initialised region for a partition - * - * \param[in] partition_idx Partition idx - * - * \return Limit of the zero-initialised region - * - * \note This function doesn't check if partition_idx is valid. - * \note The address returned is not part of the region. - */ -uint32_t tfm_spm_partition_get_zi_limit(uint32_t partition_idx); - -/** - * \brief Get the start of the read-write region for a partition - * - * \param[in] partition_idx Partition idx - * - * \return Start of the read-write region - * - * \note This function doesn't check if partition_idx is valid. - */ -uint32_t tfm_spm_partition_get_rw_start(uint32_t partition_idx); - -/** - * \brief Get the limit of the read-write region for a partition - * - * \param[in] partition_idx Partition idx - * - * \return Limit of the read-write region - * - * \note This function doesn't check if partition_idx is valid. - * \note The address returned is not part of the region. - */ -uint32_t tfm_spm_partition_get_rw_limit(uint32_t partition_idx); - -/** - * \brief Save stack pointer for partition in database - * - * \param[in] partition_idx Partition index - * \param[in] stack_ptr Stack pointer to be stored - * - * \note This function doesn't check if partition_idx is valid. - */ -void tfm_spm_partition_set_stack(uint32_t partition_idx, uint32_t stack_ptr); -#endif /* if (TFM_LVL != 1) && !defined(TFM_PSA_API) */ - /** * \brief Get the id of the partition for its index from the db * @@ -304,8 +197,7 @@ enum spm_err_t tfm_spm_db_init(void); * * \note Barrier instructions are not called by this function, and if * it is called in thread mode, it might be necessary to call - * them after this function returns (just like it is done in - * jump_to_ns_code()). + * them after this function returns. */ void tfm_spm_partition_change_privilege(uint32_t privileged); @@ -487,7 +379,28 @@ void tfm_spm_partition_set_signal_mask(uint32_t partition_idx, #ifdef TFM_PSA_API /*************************** IPC definitions **************************/ -/*************************** Extended SPM functions **************************/ + +/** + * \brief Get bottom of stack region for a partition + * + * \param[in] partition_idx Partition index + * + * \return Stack region bottom value + * + * \note This function doesn't check if partition_idx is valid. + */ +uint32_t tfm_spm_partition_get_stack_bottom(uint32_t partition_idx); + +/** + * \brief Get top of stack region for a partition + * + * \param[in] partition_idx Partition index + * + * \return Stack region top value + * + * \note This function doesn't check if partition_idx is valid. + */ +uint32_t tfm_spm_partition_get_stack_top(uint32_t partition_idx); /** * \brief Get the running partition ID. diff --git a/secure_fw/spm/spm_api_func.c b/secure_fw/spm/spm_api_func.c index 3b4fb8cf4e..763a5436ac 100644 --- a/secure_fw/spm/spm_api_func.c +++ b/secure_fw/spm/spm_api_func.c @@ -101,15 +101,9 @@ void tfm_spm_partition_push_interrupted_ctx(uint32_t partition_idx) struct spm_partition_runtime_data_t *runtime_data = &g_spm_partition_db.partitions[partition_idx].runtime_data; struct interrupted_ctx_stack_frame_t *stack_frame = - (struct interrupted_ctx_stack_frame_t *) - runtime_data->ctx_stack_ptr; + (struct interrupted_ctx_stack_frame_t *)runtime_data->ctx_stack_ptr; stack_frame->partition_state = runtime_data->partition_state; -#if TFM_LVL != 1 - stack_frame->stack_ptr = runtime_data->stack_ptr; -#endif - runtime_data->ctx_stack_ptr += - sizeof(struct interrupted_ctx_stack_frame_t) / sizeof(uint32_t); } void tfm_spm_partition_pop_interrupted_ctx(uint32_t partition_idx) @@ -118,16 +112,10 @@ void tfm_spm_partition_pop_interrupted_ctx(uint32_t partition_idx) &g_spm_partition_db.partitions[partition_idx].runtime_data; struct interrupted_ctx_stack_frame_t *stack_frame; - runtime_data->ctx_stack_ptr -= - sizeof(struct interrupted_ctx_stack_frame_t) / sizeof(uint32_t); stack_frame = (struct interrupted_ctx_stack_frame_t *) runtime_data->ctx_stack_ptr; tfm_spm_partition_set_state(partition_idx, stack_frame->partition_state); stack_frame->partition_state = 0; -#if TFM_LVL != 1 - tfm_spm_partition_set_stack(partition_idx, stack_frame->stack_ptr); - stack_frame->stack_ptr = 0; -#endif } void tfm_spm_partition_push_handler_ctx(uint32_t partition_idx) @@ -164,66 +152,6 @@ void tfm_spm_partition_pop_handler_ctx(uint32_t partition_idx) stack_frame->caller_partition_idx = 0; } -#if (TFM_LVL != 1) -enum spm_err_t tfm_spm_partition_sandbox_config(uint32_t partition_idx) -{ - struct spm_partition_desc_t *part; - if (!g_spm_partition_db.is_init) { - return SPM_ERR_PARTITION_DB_NOT_INIT; - } - - part = &g_spm_partition_db.partitions[partition_idx]; - - return tfm_spm_hal_partition_sandbox_config(&(part->memory_data), - part->platform_data); - -} - -enum spm_err_t tfm_spm_partition_sandbox_deconfig(uint32_t partition_idx) -{ - /* This function takes a partition id and disables the - * SPM partition for that partition - */ - - struct spm_partition_desc_t *part; - - part = &g_spm_partition_db.partitions[partition_idx]; - - return tfm_spm_hal_partition_sandbox_deconfig(&(part->memory_data), - part->platform_data); -} - -uint32_t tfm_spm_partition_get_zi_start(uint32_t partition_idx) -{ - return g_spm_partition_db.partitions[partition_idx]. - memory_data.zi_start; -} - -uint32_t tfm_spm_partition_get_zi_limit(uint32_t partition_idx) -{ - return g_spm_partition_db.partitions[partition_idx]. - memory_data.zi_limit; -} - -uint32_t tfm_spm_partition_get_rw_start(uint32_t partition_idx) -{ - return g_spm_partition_db.partitions[partition_idx]. - memory_data.rw_start; -} - -uint32_t tfm_spm_partition_get_rw_limit(uint32_t partition_idx) -{ - return g_spm_partition_db.partitions[partition_idx]. - memory_data.rw_limit; -} - -void tfm_spm_partition_set_stack(uint32_t partition_idx, uint32_t stack_ptr) -{ - g_spm_partition_db.partitions[partition_idx]. - runtime_data.stack_ptr = stack_ptr; -} -#endif - void tfm_spm_partition_store_context(uint32_t partition_idx, uint32_t stack_ptr, uint32_t lr) { @@ -273,17 +201,9 @@ void tfm_spm_partition_set_caller_client_id(uint32_t partition_idx, enum spm_err_t tfm_spm_partition_set_share(uint32_t partition_idx, uint32_t share) { - enum spm_err_t ret = SPM_ERR_OK; - -#if TFM_LVL != 1 - /* Only need to set configuration on levels higher than 1 */ - ret = tfm_spm_hal_set_share_region(share); -#endif + g_spm_partition_db.partitions[partition_idx].runtime_data.share = share; - if (ret == SPM_ERR_OK) { - g_spm_partition_db.partitions[partition_idx].runtime_data.share = share; - } - return ret; + return SPM_ERR_OK; } enum spm_err_t tfm_spm_partition_set_iovec(uint32_t partition_idx, diff --git a/secure_fw/spm/spm_api_ipc.c b/secure_fw/spm/spm_api_ipc.c index 6443b52425..98f6046cbb 100644 --- a/secure_fw/spm/spm_api_ipc.c +++ b/secure_fw/spm/spm_api_ipc.c @@ -410,7 +410,17 @@ int32_t tfm_spm_send_event(struct tfm_spm_service_t *service, return IPC_SUCCESS; } -/* SPM extend functions */ +uint32_t tfm_spm_partition_get_stack_bottom(uint32_t partition_idx) +{ + return g_spm_partition_db.partitions[partition_idx]. + memory_data.stack_bottom; +} + +uint32_t tfm_spm_partition_get_stack_top(uint32_t partition_idx) +{ + return g_spm_partition_db.partitions[partition_idx].memory_data.stack_top; +} + uint32_t tfm_spm_partition_get_running_partition_id(void) { struct tfm_thrd_ctx *pth = tfm_thrd_curr_thread(); diff --git a/secure_fw/spm/spm_db.h b/secure_fw/spm/spm_db.h index 7b74aba4a1..2ee69f6119 100644 --- a/secure_fw/spm/spm_db.h +++ b/secure_fw/spm/spm_db.h @@ -54,10 +54,8 @@ struct spm_partition_desc_t { struct spm_partition_static_data_t static_data; struct spm_partition_runtime_data_t runtime_data; struct tfm_spm_partition_platform_data_t *platform_data; -#if (TFM_LVL != 1) || defined(TFM_PSA_API) +#if TFM_PSA_API struct tfm_spm_partition_memory_data_t memory_data; -#endif -#ifdef TFM_PSA_API struct tfm_thrd_ctx sp_thrd; #endif }; @@ -74,7 +72,7 @@ struct spm_partition_db_t { /* Macros to pick linker symbols and allow to form the partition data base */ #define REGION(a, b, c) a##b##c #define REGION_NAME(a, b, c) REGION(a, b, c) -#if (TFM_LVL == 1) && !defined(TFM_PSA_API) +#ifndef TFM_PSA_API #define REGION_DECLARE(a, b, c) #else #define REGION_DECLARE(a, b, c) extern uint32_t REGION_NAME(a, b, c) |