aboutsummaryrefslogtreecommitdiff
path: root/secure_fw/partitions
diff options
context:
space:
mode:
authorRaef Coles <raef.coles@arm.com>2022-06-16 13:52:48 +0100
committerDavid Hu <david.hu@arm.com>2022-07-19 09:02:16 +0200
commit046ffd8856b35edbd98a7bf79b38b6b79c7a9af7 (patch)
tree2e4867a050d5f17af87e538d7b6c4d7f55bd7bec /secure_fw/partitions
parent9459a3de08cacacf0542b3bb5e6a115f2f70a514 (diff)
downloadtrusted-firmware-m-046ffd8856b35edbd98a7bf79b38b6b79c7a9af7.tar.gz
Platform: Update platform partition to SFN
Change-Id: Ia0863dd3514b118f6c95358922bfa70f0f0a6b0c Signed-off-by: Raef Coles <raef.coles@arm.com>
Diffstat (limited to 'secure_fw/partitions')
-rw-r--r--secure_fw/partitions/firmware_update/tfm_firmware_update.yaml4
-rw-r--r--secure_fw/partitions/platform/platform_sp.c184
-rw-r--r--secure_fw/partitions/platform/platform_sp.h22
-rw-r--r--secure_fw/partitions/platform/tfm_platform.yaml23
-rw-r--r--secure_fw/partitions/platform/tfm_platform_secure_api.c48
-rw-r--r--secure_fw/partitions/protected_storage/tfm_protected_storage.yaml2
-rw-r--r--secure_fw/partitions/psa_proxy/psa_proxy.c91
-rw-r--r--secure_fw/partitions/psa_proxy/tfm_psa_proxy.yaml21
8 files changed, 115 insertions, 280 deletions
diff --git a/secure_fw/partitions/firmware_update/tfm_firmware_update.yaml b/secure_fw/partitions/firmware_update/tfm_firmware_update.yaml
index 3e01040845..617358fbb7 100644
--- a/secure_fw/partitions/firmware_update/tfm_firmware_update.yaml
+++ b/secure_fw/partitions/firmware_update/tfm_firmware_update.yaml
@@ -71,6 +71,6 @@
],
"dependencies": [
"TFM_CRYPTO",
- "TFM_SP_PLATFORM_SYSTEM_RESET"
+ "TFM_PLATFORM_SERVICE"
]
-} \ No newline at end of file
+}
diff --git a/secure_fw/partitions/platform/platform_sp.c b/secure_fw/partitions/platform/platform_sp.c
index b0d60eb0e0..18cd7211a4 100644
--- a/secure_fw/partitions/platform/platform_sp.c
+++ b/secure_fw/partitions/platform/platform_sp.c
@@ -168,16 +168,14 @@ platform_sp_nv_counter_increment(psa_invec *in_vec, uint32_t num_invec,
#else /* TFM_PSA_API */
-static enum tfm_platform_err_t
-platform_sp_system_reset_ipc(const psa_msg_t *msg)
+static psa_status_t platform_sp_system_reset_psa_api(const psa_msg_t *msg)
{
(void)msg; /* unused parameter */
return platform_sp_system_reset();
}
-static enum tfm_platform_err_t
-platform_sp_nv_counter_ipc(const psa_msg_t *msg)
+static psa_status_t platform_sp_nv_read_psa_api(const psa_msg_t *msg)
{
enum tfm_plat_err_t err = TFM_PLAT_ERR_SYSTEM_ERR;
size_t in_len = PSA_MAX_IOVEC, out_len = PSA_MAX_IOVEC, num = 0;
@@ -194,70 +192,84 @@ platform_sp_nv_counter_ipc(const psa_msg_t *msg)
while ((out_len > 0) && (msg->out_size[out_len - 1] == 0)) {
out_len--;
}
- switch (msg->type) {
- case TFM_PLATFORM_API_ID_NV_INCREMENT:
- if (msg->in_size[0] != NV_COUNTER_ID_SIZE ||
- in_len != 1 || out_len != 0) {
- return TFM_PLATFORM_ERR_SYSTEM_ERROR;
- }
- num = psa_read(msg->handle, 0, &counter_id, msg->in_size[0]);
- if (num != msg->in_size[0]) {
- return TFM_PLATFORM_ERR_SYSTEM_ERROR;
- }
+ if (msg->in_size[0] != NV_COUNTER_ID_SIZE ||
+ in_len != 1 || out_len != 1) {
+ return TFM_PLATFORM_ERR_SYSTEM_ERROR;
+ }
- if (msg->client_id < 0) {
- counter_id += PLAT_NV_COUNTER_NS_0;
- }
+ num = psa_read(msg->handle, 0, &counter_id, msg->in_size[0]);
+ if (num != NV_COUNTER_ID_SIZE) {
+ return TFM_PLATFORM_ERR_SYSTEM_ERROR;
+ }
- if (nv_counter_permissions_check(msg->client_id, counter_id, false)
- != TFM_PLATFORM_ERR_SUCCESS) {
- return TFM_PLATFORM_ERR_SYSTEM_ERROR;
- }
+ if (msg->client_id < 0) {
+ counter_id += PLAT_NV_COUNTER_NS_0;
+ }
- err = tfm_plat_increment_nv_counter(counter_id);
- break;
- case TFM_PLATFORM_API_ID_NV_READ:
- if (msg->in_size[0] != NV_COUNTER_ID_SIZE ||
- in_len != 1 || out_len != 1) {
- return TFM_PLATFORM_ERR_SYSTEM_ERROR;
- }
+ if (nv_counter_permissions_check(msg->client_id, counter_id, true)
+ != TFM_PLATFORM_ERR_SUCCESS) {
+ return TFM_PLATFORM_ERR_SYSTEM_ERROR;
+ }
- num = psa_read(msg->handle, 0, &counter_id, msg->in_size[0]);
- if (num != msg->in_size[0]) {
- return TFM_PLATFORM_ERR_SYSTEM_ERROR;
- }
+ err = tfm_plat_read_nv_counter(counter_id, msg->out_size[0],
+ &counter_val);
- if (msg->client_id < 0) {
- counter_id += PLAT_NV_COUNTER_NS_0;
- }
+ if (err != TFM_PLAT_ERR_SUCCESS) {
+ return TFM_PLATFORM_ERR_SYSTEM_ERROR;
+ }
- if (nv_counter_permissions_check(msg->client_id, counter_id, true)
- != TFM_PLATFORM_ERR_SUCCESS) {
- return TFM_PLATFORM_ERR_SYSTEM_ERROR;
- }
+ psa_write(msg->handle, 0, &counter_val, msg->out_size[0]);
- err = tfm_plat_read_nv_counter(counter_id, msg->out_size[0],
- &counter_val);
+ return TFM_PLATFORM_ERR_SUCCESS;
+}
- if (err != TFM_PLAT_ERR_SUCCESS) {
- return TFM_PLATFORM_ERR_SYSTEM_ERROR;
- }
- psa_write(msg->handle, 0, &counter_val, msg->out_size[0]);
- break;
- default:
+static psa_status_t platform_sp_nv_increment_psa_api(const psa_msg_t *msg)
+{
+ enum tfm_plat_err_t err = TFM_PLAT_ERR_SYSTEM_ERR;
+ size_t in_len = PSA_MAX_IOVEC, out_len = PSA_MAX_IOVEC, num = 0;
+
+ enum tfm_nv_counter_t counter_id;
+
+ /* Check the number of in_vec filled */
+ while ((in_len > 0) && (msg->in_size[in_len - 1] == 0)) {
+ in_len--;
+ }
+
+ /* Check the number of out_vec filled */
+ while ((out_len > 0) && (msg->out_size[out_len - 1] == 0)) {
+ out_len--;
+ }
+
+ if (msg->in_size[0] != NV_COUNTER_ID_SIZE ||
+ in_len != 1 || out_len != 0) {
+ return TFM_PLATFORM_ERR_SYSTEM_ERROR;
+ }
+
+ num = psa_read(msg->handle, 0, &counter_id, msg->in_size[0]);
+ if (num != NV_COUNTER_ID_SIZE) {
return TFM_PLATFORM_ERR_SYSTEM_ERROR;
- break;
}
+ if (msg->client_id < 0) {
+ counter_id += PLAT_NV_COUNTER_NS_0;
+ }
+
+ if (nv_counter_permissions_check(msg->client_id, counter_id, false)
+ != TFM_PLATFORM_ERR_SUCCESS) {
+ return TFM_PLATFORM_ERR_SYSTEM_ERROR;
+ }
+
+ err = tfm_plat_increment_nv_counter(counter_id);
+
if (err != TFM_PLAT_ERR_SUCCESS) {
return TFM_PLATFORM_ERR_SYSTEM_ERROR;
}
+
return TFM_PLATFORM_ERR_SUCCESS;
}
-static enum tfm_platform_err_t
-platform_sp_ioctl_ipc(const psa_msg_t *msg)
+static psa_status_t platform_sp_ioctl_psa_api(const psa_msg_t *msg)
{
void *input = NULL;
void *output = NULL;
@@ -270,6 +282,7 @@ platform_sp_ioctl_ipc(const psa_msg_t *msg)
int num = 0;
uint32_t in_len = PSA_MAX_IOVEC;
uint32_t out_len = PSA_MAX_IOVEC;
+ size_t input_size;
while ((in_len > 0) && (msg->in_size[in_len - 1] == 0)) {
in_len--;
@@ -290,15 +303,16 @@ platform_sp_ioctl_ipc(const psa_msg_t *msg)
}
if (in_len > 1) {
- if (msg->in_size[1] > INPUT_BUFFER_SIZE) {
- return (enum tfm_platform_err_t) PSA_ERROR_PROGRAMMER_ERROR;
+ input_size = msg->in_size[1];
+ if (input_size > INPUT_BUFFER_SIZE) {
+ return (enum tfm_platform_err_t) PSA_ERROR_BUFFER_TOO_SMALL;
}
num = psa_read(msg->handle, 1, &input_buffer, msg->in_size[1]);
- if (num != msg->in_size[1]) {
+ if (num != input_size) {
return (enum tfm_platform_err_t) PSA_ERROR_PROGRAMMER_ERROR;
}
invec.base = input_buffer;
- invec.len = msg->in_size[1];
+ invec.len = input_size;
input = &invec;
}
@@ -319,65 +333,35 @@ platform_sp_ioctl_ipc(const psa_msg_t *msg)
return ret;
}
+#endif /* TFM_PSA_API */
-static void platform_signal_handle(psa_signal_t signal, plat_func_t pfn)
+psa_status_t tfm_platform_service_sfn(const psa_msg_t *msg)
{
- psa_msg_t msg;
- psa_status_t status;
-
- status = psa_get(signal, &msg);
- switch (msg.type) {
- case PSA_IPC_CONNECT:
- psa_reply(msg.handle, PSA_SUCCESS);
- break;
- case PSA_IPC_CALL:
+ switch (msg->type) {
case TFM_PLATFORM_API_ID_NV_READ:
+ return platform_sp_nv_read_psa_api(msg);
case TFM_PLATFORM_API_ID_NV_INCREMENT:
- status = (psa_status_t)pfn(&msg);
- psa_reply(msg.handle, status);
- break;
- case PSA_IPC_DISCONNECT:
- psa_reply(msg.handle, PSA_SUCCESS);
- break;
+ return platform_sp_nv_increment_psa_api(msg);
+ case TFM_PLATFORM_API_ID_SYSTEM_RESET:
+ return platform_sp_system_reset_psa_api(msg);
+ case TFM_PLATFORM_API_ID_IOCTL:
+ return platform_sp_ioctl_psa_api(msg);
default:
- psa_panic();
+ return PSA_ERROR_NOT_SUPPORTED;
}
-}
-#endif /* TFM_PSA_API */
+ return PSA_ERROR_GENERIC_ERROR;
+}
-enum tfm_platform_err_t platform_sp_init(void)
+psa_status_t platform_sp_init(void)
{
/* Initialise the non-volatile counters */
enum tfm_plat_err_t err;
+
err = tfm_plat_init_nv_counter();
if (err != TFM_PLAT_ERR_SUCCESS) {
-#ifdef TFM_PSA_API
- psa_panic();
-#else
- return TFM_PLATFORM_ERR_SYSTEM_ERROR;
-#endif
- }
-#ifdef TFM_PSA_API
- psa_signal_t signals;
-
- while (1) {
- signals = psa_wait(PSA_WAIT_ANY, PSA_BLOCK);
- if (signals & TFM_SP_PLATFORM_SYSTEM_RESET_SIGNAL) {
- platform_signal_handle(TFM_SP_PLATFORM_SYSTEM_RESET_SIGNAL,
- platform_sp_system_reset_ipc);
- } else if (signals & TFM_SP_PLATFORM_IOCTL_SIGNAL) {
- platform_signal_handle(TFM_SP_PLATFORM_IOCTL_SIGNAL,
- platform_sp_ioctl_ipc);
- } else if (signals & TFM_SP_PLATFORM_NV_COUNTER_SIGNAL) {
- platform_signal_handle(TFM_SP_PLATFORM_NV_COUNTER_SIGNAL,
- platform_sp_nv_counter_ipc);
- } else {
- psa_panic();
- }
+ return PSA_ERROR_HARDWARE_FAILURE;
}
-#else
- return TFM_PLATFORM_ERR_SUCCESS;
-#endif /* TFM_PSA_API */
+ return PSA_SUCCESS;
}
diff --git a/secure_fw/partitions/platform/platform_sp.h b/secure_fw/partitions/platform/platform_sp.h
index 44332dca08..90a5e3d5f3 100644
--- a/secure_fw/partitions/platform/platform_sp.h
+++ b/secure_fw/partitions/platform/platform_sp.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2022, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -17,9 +17,9 @@ extern "C" {
/*!
* \brief Initializes the secure partition.
*
- * \return Returns values as specified by the \ref tfm_platform_err_t
+ * \return Returns values as specified by the \ref psa_status_t
*/
-enum tfm_platform_err_t platform_sp_init(void);
+psa_status_t platform_sp_init(void);
/*!
* \brief Resets the system.
@@ -28,22 +28,6 @@ enum tfm_platform_err_t platform_sp_init(void);
*/
enum tfm_platform_err_t platform_sp_system_reset(void);
-/*!
- * \brief Performs pin services of the platform
- *
- * \param[in] in_vec Pointer to in_vec array, which contains input
- * arguments for the pin service
- * \param[in] num_invec Number of elements in in_vec array
- * \param[in,out] out_vec Pointer out_vec array, which contains output data
- * of the pin service
- * \param[in] num_outvec Number of elements in out_vec array
- *
- * \return Returns values as specified by the \ref tfm_platform_err_t
- */
-enum tfm_platform_err_t
-platform_sp_pin_service(const psa_invec *in_vec, uint32_t num_invec,
- const psa_outvec *out_vec, uint32_t num_outvec);
-
#ifdef __cplusplus
}
#endif
diff --git a/secure_fw/partitions/platform/tfm_platform.yaml b/secure_fw/partitions/platform/tfm_platform.yaml
index a0d3972851..67e4952789 100644
--- a/secure_fw/partitions/platform/tfm_platform.yaml
+++ b/secure_fw/partitions/platform/tfm_platform.yaml
@@ -6,34 +6,23 @@
#-------------------------------------------------------------------------------
{
- "psa_framework_version": 1.0,
+ "psa_framework_version": 1.1,
"name": "TFM_SP_PLATFORM",
"type": "PSA-ROT",
"priority": "NORMAL",
- "entry_point": "platform_sp_init",
+ "model": "SFN",
+ "entry_init": "platform_sp_init",
"stack_size": "0x0500",
"services": [
{
- "name": "TFM_SP_PLATFORM_SYSTEM_RESET",
+ "name": "TFM_PLATFORM_SERVICE",
"sid": "0x00000040",
"non_secure_clients": true,
+ "connection_based": false,
+ "stateless_handle": 6,
"minor_version": 1,
"minor_policy": "STRICT"
},
- {
- "name": "TFM_SP_PLATFORM_IOCTL",
- "sid": "0x00000041",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "STRICT"
- },
- {
- "name": "TFM_SP_PLATFORM_NV_COUNTER",
- "sid": "0x00000042",
- "non_secure_clients": true,
- "version": 1,
- "version_policy": "STRICT"
- }
],
"secure_functions": [
{
diff --git a/secure_fw/partitions/platform/tfm_platform_secure_api.c b/secure_fw/partitions/platform/tfm_platform_secure_api.c
index 0fe0c7f266..abd154fd87 100644
--- a/secure_fw/partitions/platform/tfm_platform_secure_api.c
+++ b/secure_fw/partitions/platform/tfm_platform_secure_api.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2021, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2022, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -16,17 +16,10 @@ enum tfm_platform_err_t tfm_platform_system_reset(void)
{
#ifdef TFM_PSA_API
psa_status_t status = PSA_ERROR_CONNECTION_REFUSED;
- psa_handle_t handle = PSA_NULL_HANDLE;
- handle = psa_connect(TFM_SP_PLATFORM_SYSTEM_RESET_SID,
- TFM_SP_PLATFORM_SYSTEM_RESET_VERSION);
- if (handle <= 0) {
- return TFM_PLATFORM_ERR_SYSTEM_ERROR;
- }
-
- status = psa_call(handle, PSA_IPC_CALL,
+ status = psa_call(TFM_PLATFORM_SERVICE_HANDLE,
+ TFM_PLATFORM_API_ID_SYSTEM_RESET,
NULL, 0, NULL, 0);
- psa_close(handle);
if (status < PSA_SUCCESS) {
return TFM_PLATFORM_ERR_SYSTEM_ERROR;
@@ -48,7 +41,6 @@ tfm_platform_ioctl(tfm_platform_ioctl_req_t request,
size_t inlen, outlen;
#ifdef TFM_PSA_API
psa_status_t status = PSA_ERROR_CONNECTION_REFUSED;
- psa_handle_t handle = PSA_NULL_HANDLE;
#endif /* TFM_PSA_API */
in_vec[0].base = &req;
@@ -67,16 +59,10 @@ tfm_platform_ioctl(tfm_platform_ioctl_req_t request,
outlen = 0;
}
#ifdef TFM_PSA_API
- handle = psa_connect(TFM_SP_PLATFORM_IOCTL_SID,
- TFM_SP_PLATFORM_IOCTL_VERSION);
- if (handle <= 0) {
- return TFM_PLATFORM_ERR_SYSTEM_ERROR;
- }
-
- status = psa_call(handle, PSA_IPC_CALL,
+ status = psa_call(TFM_PLATFORM_SERVICE_HANDLE,
+ TFM_PLATFORM_API_ID_IOCTL,
in_vec, inlen,
output, outlen);
- psa_close(handle);
if (status < PSA_SUCCESS) {
return TFM_PLATFORM_ERR_SYSTEM_ERROR;
@@ -94,7 +80,6 @@ tfm_platform_nv_counter_increment(uint32_t counter_id)
{
#ifdef TFM_PSA_API
psa_status_t status = PSA_ERROR_CONNECTION_REFUSED;
- psa_handle_t handle = PSA_NULL_HANDLE;
#endif
struct psa_invec in_vec[1];
@@ -102,17 +87,10 @@ tfm_platform_nv_counter_increment(uint32_t counter_id)
in_vec[0].len = sizeof(counter_id);
#ifdef TFM_PSA_API
- handle = psa_connect(TFM_SP_PLATFORM_NV_COUNTER_SID,
- TFM_SP_PLATFORM_NV_COUNTER_VERSION);
- if (handle <= 0) {
- return TFM_PLATFORM_ERR_SYSTEM_ERROR;
- }
-
- status = psa_call(handle, TFM_PLATFORM_API_ID_NV_INCREMENT,
+ status = psa_call(TFM_PLATFORM_SERVICE_HANDLE,
+ TFM_PLATFORM_API_ID_NV_INCREMENT,
in_vec, 1, (psa_outvec *)NULL, 0);
- psa_close(handle);
-
if (status < PSA_SUCCESS) {
return TFM_PLATFORM_ERR_SYSTEM_ERROR;
} else {
@@ -131,7 +109,6 @@ tfm_platform_nv_counter_read(uint32_t counter_id,
{
#ifdef TFM_PSA_API
psa_status_t status = PSA_ERROR_CONNECTION_REFUSED;
- psa_handle_t handle = PSA_NULL_HANDLE;
#endif
struct psa_invec in_vec[1];
struct psa_outvec out_vec[1];
@@ -143,17 +120,10 @@ tfm_platform_nv_counter_read(uint32_t counter_id,
out_vec[0].len = size;
#ifdef TFM_PSA_API
- handle = psa_connect(TFM_SP_PLATFORM_NV_COUNTER_SID,
- TFM_SP_PLATFORM_NV_COUNTER_VERSION);
- if (handle <= 0) {
- return TFM_PLATFORM_ERR_SYSTEM_ERROR;
- }
-
- status = psa_call(handle, TFM_PLATFORM_API_ID_NV_READ,
+ status = psa_call(TFM_PLATFORM_SERVICE_HANDLE,
+ TFM_PLATFORM_API_ID_NV_READ,
in_vec, 1, out_vec, 1);
- psa_close(handle);
-
if (status < PSA_SUCCESS) {
return TFM_PLATFORM_ERR_SYSTEM_ERROR;
} else {
diff --git a/secure_fw/partitions/protected_storage/tfm_protected_storage.yaml b/secure_fw/partitions/protected_storage/tfm_protected_storage.yaml
index de9c5a5b1b..9d0a7fd358 100644
--- a/secure_fw/partitions/protected_storage/tfm_protected_storage.yaml
+++ b/secure_fw/partitions/protected_storage/tfm_protected_storage.yaml
@@ -64,6 +64,6 @@
"dependencies": [
"TFM_CRYPTO",
"TFM_INTERNAL_TRUSTED_STORAGE_SERVICE",
- "TFM_SP_PLATFORM_NV_COUNTER"
+ "TFM_PLATFORM_SERVICE"
]
}
diff --git a/secure_fw/partitions/psa_proxy/psa_proxy.c b/secure_fw/partitions/psa_proxy/psa_proxy.c
index 78b9e99b80..29408f4159 100644
--- a/secure_fw/partitions/psa_proxy/psa_proxy.c
+++ b/secure_fw/partitions/psa_proxy/psa_proxy.c
@@ -69,6 +69,10 @@ static psa_status_t forward_message_to_secure_enclave(psa_signal_t signal,
params.psa_call_params.handle = TFM_ATTESTATION_SERVICE_HANDLE;
params.psa_call_params.type = msg->type;
break;
+ case TFM_PLATFORM_SERVICE_SIGNAL:
+ params.psa_call_params.handle = TFM_PLATFORM_SERVICE_HANDLE;
+ params.psa_call_params.type = msg->type;
+ break;
default:
params.psa_call_params.handle = *((psa_handle_t *)msg->rhandle);
params.psa_call_params.type = PSA_IPC_CALL;
@@ -94,96 +98,15 @@ static psa_status_t forward_message_to_secure_enclave(psa_signal_t signal,
return status;
}
-static void psa_disconnect_from_secure_enclave(psa_msg_t *msg)
-{
- psa_handle_t *forward_handle_ptr = (psa_handle_t *)msg->rhandle;
- struct psa_client_params_t params;
- int32_t reply;
-
- params.psa_close_params.handle = *forward_handle_ptr;
-
- (void)tfm_ns_mailbox_client_call(MAILBOX_PSA_CLOSE, &params,
- NON_SECURE_CLIENT_ID, &reply);
-
- deallocate_forward_handle(forward_handle_ptr);
-}
-
-static void get_sid_and_version_for_signal(psa_signal_t signal, uint32_t *sid,
- uint32_t *version)
-{
- switch (signal) {
- case TFM_SP_PLATFORM_SYSTEM_RESET_SIGNAL:
- *sid = TFM_SP_PLATFORM_SYSTEM_RESET_SID;
- *version = TFM_SP_PLATFORM_SYSTEM_RESET_VERSION;
- break;
- case TFM_SP_PLATFORM_IOCTL_SIGNAL:
- *sid = TFM_SP_PLATFORM_IOCTL_SID;
- *version = TFM_SP_PLATFORM_IOCTL_VERSION;
- break;
- case TFM_SP_PLATFORM_NV_COUNTER_SIGNAL:
- *sid = TFM_SP_PLATFORM_NV_COUNTER_SID;
- *version = TFM_SP_PLATFORM_NV_COUNTER_VERSION;
- break;
- default:
- psa_panic();
- break;
- }
-}
-
-static psa_status_t psa_connect_to_secure_enclave(psa_signal_t signal,
- psa_msg_t *msg)
-{
- psa_handle_t *forward_handle_ptr;
- struct psa_client_params_t params;
- int32_t ret;
-
- forward_handle_ptr = allocate_forward_handle();
-
- if (forward_handle_ptr != NULL) {
-
- get_sid_and_version_for_signal(signal, &params.psa_connect_params.sid,
- &params.psa_connect_params.version);
-
- /* Fixme: All messages sent with the same client id */
- ret = tfm_ns_mailbox_client_call(MAILBOX_PSA_CONNECT, &params,
- NON_SECURE_CLIENT_ID,
- (int32_t *)forward_handle_ptr);
- if (ret != MAILBOX_SUCCESS) {
- *forward_handle_ptr = PSA_NULL_HANDLE;
- }
-
- if ( *forward_handle_ptr > 0) {
- psa_set_rhandle(msg->handle, (void *)forward_handle_ptr);
- return PSA_SUCCESS;
- } else {
- deallocate_forward_handle(forward_handle_ptr);
- return *forward_handle_ptr;
- }
- } else {
- return PSA_ERROR_INSUFFICIENT_MEMORY;
- }
-}
-
static void handle_signal(psa_signal_t signal)
{
psa_msg_t msg;
psa_status_t status;
status = psa_get(signal, &msg);
- switch (msg.type) {
- case PSA_IPC_CONNECT:
- status = psa_connect_to_secure_enclave(signal, &msg);
- psa_reply(msg.handle, status);
- break;
- case PSA_IPC_DISCONNECT:
- psa_disconnect_from_secure_enclave(&msg);
- psa_reply(msg.handle, PSA_SUCCESS);
- break;
- default:
- status = forward_message_to_secure_enclave(signal, &msg);
- psa_reply(msg.handle, status);
- break;
- }
+
+ status = forward_message_to_secure_enclave(signal, &msg);
+ psa_reply(msg.handle, status);
}
static psa_status_t psa_proxy_init(void)
diff --git a/secure_fw/partitions/psa_proxy/tfm_psa_proxy.yaml b/secure_fw/partitions/psa_proxy/tfm_psa_proxy.yaml
index c5fd993b17..af40fb95b5 100644
--- a/secure_fw/partitions/psa_proxy/tfm_psa_proxy.yaml
+++ b/secure_fw/partitions/psa_proxy/tfm_psa_proxy.yaml
@@ -56,30 +56,15 @@
"version_policy": "STRICT"
},
{
- "name": "TFM_SP_PLATFORM_SYSTEM_RESET",
+ "name": "TFM_PLATFORM_SERVICE",
"sid": "0x00000040",
"non_secure_clients": true,
- "connection_based": true,
- "minor_version": 1,
- "minor_policy": "STRICT"
- },
- {
- "name": "TFM_SP_PLATFORM_IOCTL",
- "sid": "0x00000041",
- "non_secure_clients": true,
- "connection_based": true,
+ "connection_based": false,
+ "stateless_handle": 6,
"minor_version": 1,
"minor_policy": "STRICT"
},
{
- "name": "TFM_SP_PLATFORM_NV_COUNTER",
- "sid": "0x00000042",
- "non_secure_clients": false,
- "connection_based": true,
- "version": 1,
- "version_policy": "STRICT"
- },
- {
"name": "TFM_PROTECTED_STORAGE_SERVICE",
"sid": "0x00000060",
"non_secure_clients": true,