diff options
author | Raef Coles <raef.coles@arm.com> | 2022-06-16 13:52:48 +0100 |
---|---|---|
committer | David Hu <david.hu@arm.com> | 2022-07-19 09:02:16 +0200 |
commit | 046ffd8856b35edbd98a7bf79b38b6b79c7a9af7 (patch) | |
tree | 2e4867a050d5f17af87e538d7b6c4d7f55bd7bec /secure_fw/partitions | |
parent | 9459a3de08cacacf0542b3bb5e6a115f2f70a514 (diff) | |
download | trusted-firmware-m-046ffd8856b35edbd98a7bf79b38b6b79c7a9af7.tar.gz |
Platform: Update platform partition to SFN
Change-Id: Ia0863dd3514b118f6c95358922bfa70f0f0a6b0c
Signed-off-by: Raef Coles <raef.coles@arm.com>
Diffstat (limited to 'secure_fw/partitions')
-rw-r--r-- | secure_fw/partitions/firmware_update/tfm_firmware_update.yaml | 4 | ||||
-rw-r--r-- | secure_fw/partitions/platform/platform_sp.c | 184 | ||||
-rw-r--r-- | secure_fw/partitions/platform/platform_sp.h | 22 | ||||
-rw-r--r-- | secure_fw/partitions/platform/tfm_platform.yaml | 23 | ||||
-rw-r--r-- | secure_fw/partitions/platform/tfm_platform_secure_api.c | 48 | ||||
-rw-r--r-- | secure_fw/partitions/protected_storage/tfm_protected_storage.yaml | 2 | ||||
-rw-r--r-- | secure_fw/partitions/psa_proxy/psa_proxy.c | 91 | ||||
-rw-r--r-- | secure_fw/partitions/psa_proxy/tfm_psa_proxy.yaml | 21 |
8 files changed, 115 insertions, 280 deletions
diff --git a/secure_fw/partitions/firmware_update/tfm_firmware_update.yaml b/secure_fw/partitions/firmware_update/tfm_firmware_update.yaml index 3e01040845..617358fbb7 100644 --- a/secure_fw/partitions/firmware_update/tfm_firmware_update.yaml +++ b/secure_fw/partitions/firmware_update/tfm_firmware_update.yaml @@ -71,6 +71,6 @@ ], "dependencies": [ "TFM_CRYPTO", - "TFM_SP_PLATFORM_SYSTEM_RESET" + "TFM_PLATFORM_SERVICE" ] -}
\ No newline at end of file +} diff --git a/secure_fw/partitions/platform/platform_sp.c b/secure_fw/partitions/platform/platform_sp.c index b0d60eb0e0..18cd7211a4 100644 --- a/secure_fw/partitions/platform/platform_sp.c +++ b/secure_fw/partitions/platform/platform_sp.c @@ -168,16 +168,14 @@ platform_sp_nv_counter_increment(psa_invec *in_vec, uint32_t num_invec, #else /* TFM_PSA_API */ -static enum tfm_platform_err_t -platform_sp_system_reset_ipc(const psa_msg_t *msg) +static psa_status_t platform_sp_system_reset_psa_api(const psa_msg_t *msg) { (void)msg; /* unused parameter */ return platform_sp_system_reset(); } -static enum tfm_platform_err_t -platform_sp_nv_counter_ipc(const psa_msg_t *msg) +static psa_status_t platform_sp_nv_read_psa_api(const psa_msg_t *msg) { enum tfm_plat_err_t err = TFM_PLAT_ERR_SYSTEM_ERR; size_t in_len = PSA_MAX_IOVEC, out_len = PSA_MAX_IOVEC, num = 0; @@ -194,70 +192,84 @@ platform_sp_nv_counter_ipc(const psa_msg_t *msg) while ((out_len > 0) && (msg->out_size[out_len - 1] == 0)) { out_len--; } - switch (msg->type) { - case TFM_PLATFORM_API_ID_NV_INCREMENT: - if (msg->in_size[0] != NV_COUNTER_ID_SIZE || - in_len != 1 || out_len != 0) { - return TFM_PLATFORM_ERR_SYSTEM_ERROR; - } - num = psa_read(msg->handle, 0, &counter_id, msg->in_size[0]); - if (num != msg->in_size[0]) { - return TFM_PLATFORM_ERR_SYSTEM_ERROR; - } + if (msg->in_size[0] != NV_COUNTER_ID_SIZE || + in_len != 1 || out_len != 1) { + return TFM_PLATFORM_ERR_SYSTEM_ERROR; + } - if (msg->client_id < 0) { - counter_id += PLAT_NV_COUNTER_NS_0; - } + num = psa_read(msg->handle, 0, &counter_id, msg->in_size[0]); + if (num != NV_COUNTER_ID_SIZE) { + return TFM_PLATFORM_ERR_SYSTEM_ERROR; + } - if (nv_counter_permissions_check(msg->client_id, counter_id, false) - != TFM_PLATFORM_ERR_SUCCESS) { - return TFM_PLATFORM_ERR_SYSTEM_ERROR; - } + if (msg->client_id < 0) { + counter_id += PLAT_NV_COUNTER_NS_0; + } - err = tfm_plat_increment_nv_counter(counter_id); - break; - case TFM_PLATFORM_API_ID_NV_READ: - if (msg->in_size[0] != NV_COUNTER_ID_SIZE || - in_len != 1 || out_len != 1) { - return TFM_PLATFORM_ERR_SYSTEM_ERROR; - } + if (nv_counter_permissions_check(msg->client_id, counter_id, true) + != TFM_PLATFORM_ERR_SUCCESS) { + return TFM_PLATFORM_ERR_SYSTEM_ERROR; + } - num = psa_read(msg->handle, 0, &counter_id, msg->in_size[0]); - if (num != msg->in_size[0]) { - return TFM_PLATFORM_ERR_SYSTEM_ERROR; - } + err = tfm_plat_read_nv_counter(counter_id, msg->out_size[0], + &counter_val); - if (msg->client_id < 0) { - counter_id += PLAT_NV_COUNTER_NS_0; - } + if (err != TFM_PLAT_ERR_SUCCESS) { + return TFM_PLATFORM_ERR_SYSTEM_ERROR; + } - if (nv_counter_permissions_check(msg->client_id, counter_id, true) - != TFM_PLATFORM_ERR_SUCCESS) { - return TFM_PLATFORM_ERR_SYSTEM_ERROR; - } + psa_write(msg->handle, 0, &counter_val, msg->out_size[0]); - err = tfm_plat_read_nv_counter(counter_id, msg->out_size[0], - &counter_val); + return TFM_PLATFORM_ERR_SUCCESS; +} - if (err != TFM_PLAT_ERR_SUCCESS) { - return TFM_PLATFORM_ERR_SYSTEM_ERROR; - } - psa_write(msg->handle, 0, &counter_val, msg->out_size[0]); - break; - default: +static psa_status_t platform_sp_nv_increment_psa_api(const psa_msg_t *msg) +{ + enum tfm_plat_err_t err = TFM_PLAT_ERR_SYSTEM_ERR; + size_t in_len = PSA_MAX_IOVEC, out_len = PSA_MAX_IOVEC, num = 0; + + enum tfm_nv_counter_t counter_id; + + /* Check the number of in_vec filled */ + while ((in_len > 0) && (msg->in_size[in_len - 1] == 0)) { + in_len--; + } + + /* Check the number of out_vec filled */ + while ((out_len > 0) && (msg->out_size[out_len - 1] == 0)) { + out_len--; + } + + if (msg->in_size[0] != NV_COUNTER_ID_SIZE || + in_len != 1 || out_len != 0) { + return TFM_PLATFORM_ERR_SYSTEM_ERROR; + } + + num = psa_read(msg->handle, 0, &counter_id, msg->in_size[0]); + if (num != NV_COUNTER_ID_SIZE) { return TFM_PLATFORM_ERR_SYSTEM_ERROR; - break; } + if (msg->client_id < 0) { + counter_id += PLAT_NV_COUNTER_NS_0; + } + + if (nv_counter_permissions_check(msg->client_id, counter_id, false) + != TFM_PLATFORM_ERR_SUCCESS) { + return TFM_PLATFORM_ERR_SYSTEM_ERROR; + } + + err = tfm_plat_increment_nv_counter(counter_id); + if (err != TFM_PLAT_ERR_SUCCESS) { return TFM_PLATFORM_ERR_SYSTEM_ERROR; } + return TFM_PLATFORM_ERR_SUCCESS; } -static enum tfm_platform_err_t -platform_sp_ioctl_ipc(const psa_msg_t *msg) +static psa_status_t platform_sp_ioctl_psa_api(const psa_msg_t *msg) { void *input = NULL; void *output = NULL; @@ -270,6 +282,7 @@ platform_sp_ioctl_ipc(const psa_msg_t *msg) int num = 0; uint32_t in_len = PSA_MAX_IOVEC; uint32_t out_len = PSA_MAX_IOVEC; + size_t input_size; while ((in_len > 0) && (msg->in_size[in_len - 1] == 0)) { in_len--; @@ -290,15 +303,16 @@ platform_sp_ioctl_ipc(const psa_msg_t *msg) } if (in_len > 1) { - if (msg->in_size[1] > INPUT_BUFFER_SIZE) { - return (enum tfm_platform_err_t) PSA_ERROR_PROGRAMMER_ERROR; + input_size = msg->in_size[1]; + if (input_size > INPUT_BUFFER_SIZE) { + return (enum tfm_platform_err_t) PSA_ERROR_BUFFER_TOO_SMALL; } num = psa_read(msg->handle, 1, &input_buffer, msg->in_size[1]); - if (num != msg->in_size[1]) { + if (num != input_size) { return (enum tfm_platform_err_t) PSA_ERROR_PROGRAMMER_ERROR; } invec.base = input_buffer; - invec.len = msg->in_size[1]; + invec.len = input_size; input = &invec; } @@ -319,65 +333,35 @@ platform_sp_ioctl_ipc(const psa_msg_t *msg) return ret; } +#endif /* TFM_PSA_API */ -static void platform_signal_handle(psa_signal_t signal, plat_func_t pfn) +psa_status_t tfm_platform_service_sfn(const psa_msg_t *msg) { - psa_msg_t msg; - psa_status_t status; - - status = psa_get(signal, &msg); - switch (msg.type) { - case PSA_IPC_CONNECT: - psa_reply(msg.handle, PSA_SUCCESS); - break; - case PSA_IPC_CALL: + switch (msg->type) { case TFM_PLATFORM_API_ID_NV_READ: + return platform_sp_nv_read_psa_api(msg); case TFM_PLATFORM_API_ID_NV_INCREMENT: - status = (psa_status_t)pfn(&msg); - psa_reply(msg.handle, status); - break; - case PSA_IPC_DISCONNECT: - psa_reply(msg.handle, PSA_SUCCESS); - break; + return platform_sp_nv_increment_psa_api(msg); + case TFM_PLATFORM_API_ID_SYSTEM_RESET: + return platform_sp_system_reset_psa_api(msg); + case TFM_PLATFORM_API_ID_IOCTL: + return platform_sp_ioctl_psa_api(msg); default: - psa_panic(); + return PSA_ERROR_NOT_SUPPORTED; } -} -#endif /* TFM_PSA_API */ + return PSA_ERROR_GENERIC_ERROR; +} -enum tfm_platform_err_t platform_sp_init(void) +psa_status_t platform_sp_init(void) { /* Initialise the non-volatile counters */ enum tfm_plat_err_t err; + err = tfm_plat_init_nv_counter(); if (err != TFM_PLAT_ERR_SUCCESS) { -#ifdef TFM_PSA_API - psa_panic(); -#else - return TFM_PLATFORM_ERR_SYSTEM_ERROR; -#endif - } -#ifdef TFM_PSA_API - psa_signal_t signals; - - while (1) { - signals = psa_wait(PSA_WAIT_ANY, PSA_BLOCK); - if (signals & TFM_SP_PLATFORM_SYSTEM_RESET_SIGNAL) { - platform_signal_handle(TFM_SP_PLATFORM_SYSTEM_RESET_SIGNAL, - platform_sp_system_reset_ipc); - } else if (signals & TFM_SP_PLATFORM_IOCTL_SIGNAL) { - platform_signal_handle(TFM_SP_PLATFORM_IOCTL_SIGNAL, - platform_sp_ioctl_ipc); - } else if (signals & TFM_SP_PLATFORM_NV_COUNTER_SIGNAL) { - platform_signal_handle(TFM_SP_PLATFORM_NV_COUNTER_SIGNAL, - platform_sp_nv_counter_ipc); - } else { - psa_panic(); - } + return PSA_ERROR_HARDWARE_FAILURE; } -#else - return TFM_PLATFORM_ERR_SUCCESS; -#endif /* TFM_PSA_API */ + return PSA_SUCCESS; } diff --git a/secure_fw/partitions/platform/platform_sp.h b/secure_fw/partitions/platform/platform_sp.h index 44332dca08..90a5e3d5f3 100644 --- a/secure_fw/partitions/platform/platform_sp.h +++ b/secure_fw/partitions/platform/platform_sp.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. + * Copyright (c) 2018-2022, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause * @@ -17,9 +17,9 @@ extern "C" { /*! * \brief Initializes the secure partition. * - * \return Returns values as specified by the \ref tfm_platform_err_t + * \return Returns values as specified by the \ref psa_status_t */ -enum tfm_platform_err_t platform_sp_init(void); +psa_status_t platform_sp_init(void); /*! * \brief Resets the system. @@ -28,22 +28,6 @@ enum tfm_platform_err_t platform_sp_init(void); */ enum tfm_platform_err_t platform_sp_system_reset(void); -/*! - * \brief Performs pin services of the platform - * - * \param[in] in_vec Pointer to in_vec array, which contains input - * arguments for the pin service - * \param[in] num_invec Number of elements in in_vec array - * \param[in,out] out_vec Pointer out_vec array, which contains output data - * of the pin service - * \param[in] num_outvec Number of elements in out_vec array - * - * \return Returns values as specified by the \ref tfm_platform_err_t - */ -enum tfm_platform_err_t -platform_sp_pin_service(const psa_invec *in_vec, uint32_t num_invec, - const psa_outvec *out_vec, uint32_t num_outvec); - #ifdef __cplusplus } #endif diff --git a/secure_fw/partitions/platform/tfm_platform.yaml b/secure_fw/partitions/platform/tfm_platform.yaml index a0d3972851..67e4952789 100644 --- a/secure_fw/partitions/platform/tfm_platform.yaml +++ b/secure_fw/partitions/platform/tfm_platform.yaml @@ -6,34 +6,23 @@ #------------------------------------------------------------------------------- { - "psa_framework_version": 1.0, + "psa_framework_version": 1.1, "name": "TFM_SP_PLATFORM", "type": "PSA-ROT", "priority": "NORMAL", - "entry_point": "platform_sp_init", + "model": "SFN", + "entry_init": "platform_sp_init", "stack_size": "0x0500", "services": [ { - "name": "TFM_SP_PLATFORM_SYSTEM_RESET", + "name": "TFM_PLATFORM_SERVICE", "sid": "0x00000040", "non_secure_clients": true, + "connection_based": false, + "stateless_handle": 6, "minor_version": 1, "minor_policy": "STRICT" }, - { - "name": "TFM_SP_PLATFORM_IOCTL", - "sid": "0x00000041", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "STRICT" - }, - { - "name": "TFM_SP_PLATFORM_NV_COUNTER", - "sid": "0x00000042", - "non_secure_clients": true, - "version": 1, - "version_policy": "STRICT" - } ], "secure_functions": [ { diff --git a/secure_fw/partitions/platform/tfm_platform_secure_api.c b/secure_fw/partitions/platform/tfm_platform_secure_api.c index 0fe0c7f266..abd154fd87 100644 --- a/secure_fw/partitions/platform/tfm_platform_secure_api.c +++ b/secure_fw/partitions/platform/tfm_platform_secure_api.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018-2021, Arm Limited. All rights reserved. + * Copyright (c) 2018-2022, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause * @@ -16,17 +16,10 @@ enum tfm_platform_err_t tfm_platform_system_reset(void) { #ifdef TFM_PSA_API psa_status_t status = PSA_ERROR_CONNECTION_REFUSED; - psa_handle_t handle = PSA_NULL_HANDLE; - handle = psa_connect(TFM_SP_PLATFORM_SYSTEM_RESET_SID, - TFM_SP_PLATFORM_SYSTEM_RESET_VERSION); - if (handle <= 0) { - return TFM_PLATFORM_ERR_SYSTEM_ERROR; - } - - status = psa_call(handle, PSA_IPC_CALL, + status = psa_call(TFM_PLATFORM_SERVICE_HANDLE, + TFM_PLATFORM_API_ID_SYSTEM_RESET, NULL, 0, NULL, 0); - psa_close(handle); if (status < PSA_SUCCESS) { return TFM_PLATFORM_ERR_SYSTEM_ERROR; @@ -48,7 +41,6 @@ tfm_platform_ioctl(tfm_platform_ioctl_req_t request, size_t inlen, outlen; #ifdef TFM_PSA_API psa_status_t status = PSA_ERROR_CONNECTION_REFUSED; - psa_handle_t handle = PSA_NULL_HANDLE; #endif /* TFM_PSA_API */ in_vec[0].base = &req; @@ -67,16 +59,10 @@ tfm_platform_ioctl(tfm_platform_ioctl_req_t request, outlen = 0; } #ifdef TFM_PSA_API - handle = psa_connect(TFM_SP_PLATFORM_IOCTL_SID, - TFM_SP_PLATFORM_IOCTL_VERSION); - if (handle <= 0) { - return TFM_PLATFORM_ERR_SYSTEM_ERROR; - } - - status = psa_call(handle, PSA_IPC_CALL, + status = psa_call(TFM_PLATFORM_SERVICE_HANDLE, + TFM_PLATFORM_API_ID_IOCTL, in_vec, inlen, output, outlen); - psa_close(handle); if (status < PSA_SUCCESS) { return TFM_PLATFORM_ERR_SYSTEM_ERROR; @@ -94,7 +80,6 @@ tfm_platform_nv_counter_increment(uint32_t counter_id) { #ifdef TFM_PSA_API psa_status_t status = PSA_ERROR_CONNECTION_REFUSED; - psa_handle_t handle = PSA_NULL_HANDLE; #endif struct psa_invec in_vec[1]; @@ -102,17 +87,10 @@ tfm_platform_nv_counter_increment(uint32_t counter_id) in_vec[0].len = sizeof(counter_id); #ifdef TFM_PSA_API - handle = psa_connect(TFM_SP_PLATFORM_NV_COUNTER_SID, - TFM_SP_PLATFORM_NV_COUNTER_VERSION); - if (handle <= 0) { - return TFM_PLATFORM_ERR_SYSTEM_ERROR; - } - - status = psa_call(handle, TFM_PLATFORM_API_ID_NV_INCREMENT, + status = psa_call(TFM_PLATFORM_SERVICE_HANDLE, + TFM_PLATFORM_API_ID_NV_INCREMENT, in_vec, 1, (psa_outvec *)NULL, 0); - psa_close(handle); - if (status < PSA_SUCCESS) { return TFM_PLATFORM_ERR_SYSTEM_ERROR; } else { @@ -131,7 +109,6 @@ tfm_platform_nv_counter_read(uint32_t counter_id, { #ifdef TFM_PSA_API psa_status_t status = PSA_ERROR_CONNECTION_REFUSED; - psa_handle_t handle = PSA_NULL_HANDLE; #endif struct psa_invec in_vec[1]; struct psa_outvec out_vec[1]; @@ -143,17 +120,10 @@ tfm_platform_nv_counter_read(uint32_t counter_id, out_vec[0].len = size; #ifdef TFM_PSA_API - handle = psa_connect(TFM_SP_PLATFORM_NV_COUNTER_SID, - TFM_SP_PLATFORM_NV_COUNTER_VERSION); - if (handle <= 0) { - return TFM_PLATFORM_ERR_SYSTEM_ERROR; - } - - status = psa_call(handle, TFM_PLATFORM_API_ID_NV_READ, + status = psa_call(TFM_PLATFORM_SERVICE_HANDLE, + TFM_PLATFORM_API_ID_NV_READ, in_vec, 1, out_vec, 1); - psa_close(handle); - if (status < PSA_SUCCESS) { return TFM_PLATFORM_ERR_SYSTEM_ERROR; } else { diff --git a/secure_fw/partitions/protected_storage/tfm_protected_storage.yaml b/secure_fw/partitions/protected_storage/tfm_protected_storage.yaml index de9c5a5b1b..9d0a7fd358 100644 --- a/secure_fw/partitions/protected_storage/tfm_protected_storage.yaml +++ b/secure_fw/partitions/protected_storage/tfm_protected_storage.yaml @@ -64,6 +64,6 @@ "dependencies": [ "TFM_CRYPTO", "TFM_INTERNAL_TRUSTED_STORAGE_SERVICE", - "TFM_SP_PLATFORM_NV_COUNTER" + "TFM_PLATFORM_SERVICE" ] } diff --git a/secure_fw/partitions/psa_proxy/psa_proxy.c b/secure_fw/partitions/psa_proxy/psa_proxy.c index 78b9e99b80..29408f4159 100644 --- a/secure_fw/partitions/psa_proxy/psa_proxy.c +++ b/secure_fw/partitions/psa_proxy/psa_proxy.c @@ -69,6 +69,10 @@ static psa_status_t forward_message_to_secure_enclave(psa_signal_t signal, params.psa_call_params.handle = TFM_ATTESTATION_SERVICE_HANDLE; params.psa_call_params.type = msg->type; break; + case TFM_PLATFORM_SERVICE_SIGNAL: + params.psa_call_params.handle = TFM_PLATFORM_SERVICE_HANDLE; + params.psa_call_params.type = msg->type; + break; default: params.psa_call_params.handle = *((psa_handle_t *)msg->rhandle); params.psa_call_params.type = PSA_IPC_CALL; @@ -94,96 +98,15 @@ static psa_status_t forward_message_to_secure_enclave(psa_signal_t signal, return status; } -static void psa_disconnect_from_secure_enclave(psa_msg_t *msg) -{ - psa_handle_t *forward_handle_ptr = (psa_handle_t *)msg->rhandle; - struct psa_client_params_t params; - int32_t reply; - - params.psa_close_params.handle = *forward_handle_ptr; - - (void)tfm_ns_mailbox_client_call(MAILBOX_PSA_CLOSE, ¶ms, - NON_SECURE_CLIENT_ID, &reply); - - deallocate_forward_handle(forward_handle_ptr); -} - -static void get_sid_and_version_for_signal(psa_signal_t signal, uint32_t *sid, - uint32_t *version) -{ - switch (signal) { - case TFM_SP_PLATFORM_SYSTEM_RESET_SIGNAL: - *sid = TFM_SP_PLATFORM_SYSTEM_RESET_SID; - *version = TFM_SP_PLATFORM_SYSTEM_RESET_VERSION; - break; - case TFM_SP_PLATFORM_IOCTL_SIGNAL: - *sid = TFM_SP_PLATFORM_IOCTL_SID; - *version = TFM_SP_PLATFORM_IOCTL_VERSION; - break; - case TFM_SP_PLATFORM_NV_COUNTER_SIGNAL: - *sid = TFM_SP_PLATFORM_NV_COUNTER_SID; - *version = TFM_SP_PLATFORM_NV_COUNTER_VERSION; - break; - default: - psa_panic(); - break; - } -} - -static psa_status_t psa_connect_to_secure_enclave(psa_signal_t signal, - psa_msg_t *msg) -{ - psa_handle_t *forward_handle_ptr; - struct psa_client_params_t params; - int32_t ret; - - forward_handle_ptr = allocate_forward_handle(); - - if (forward_handle_ptr != NULL) { - - get_sid_and_version_for_signal(signal, ¶ms.psa_connect_params.sid, - ¶ms.psa_connect_params.version); - - /* Fixme: All messages sent with the same client id */ - ret = tfm_ns_mailbox_client_call(MAILBOX_PSA_CONNECT, ¶ms, - NON_SECURE_CLIENT_ID, - (int32_t *)forward_handle_ptr); - if (ret != MAILBOX_SUCCESS) { - *forward_handle_ptr = PSA_NULL_HANDLE; - } - - if ( *forward_handle_ptr > 0) { - psa_set_rhandle(msg->handle, (void *)forward_handle_ptr); - return PSA_SUCCESS; - } else { - deallocate_forward_handle(forward_handle_ptr); - return *forward_handle_ptr; - } - } else { - return PSA_ERROR_INSUFFICIENT_MEMORY; - } -} - static void handle_signal(psa_signal_t signal) { psa_msg_t msg; psa_status_t status; status = psa_get(signal, &msg); - switch (msg.type) { - case PSA_IPC_CONNECT: - status = psa_connect_to_secure_enclave(signal, &msg); - psa_reply(msg.handle, status); - break; - case PSA_IPC_DISCONNECT: - psa_disconnect_from_secure_enclave(&msg); - psa_reply(msg.handle, PSA_SUCCESS); - break; - default: - status = forward_message_to_secure_enclave(signal, &msg); - psa_reply(msg.handle, status); - break; - } + + status = forward_message_to_secure_enclave(signal, &msg); + psa_reply(msg.handle, status); } static psa_status_t psa_proxy_init(void) diff --git a/secure_fw/partitions/psa_proxy/tfm_psa_proxy.yaml b/secure_fw/partitions/psa_proxy/tfm_psa_proxy.yaml index c5fd993b17..af40fb95b5 100644 --- a/secure_fw/partitions/psa_proxy/tfm_psa_proxy.yaml +++ b/secure_fw/partitions/psa_proxy/tfm_psa_proxy.yaml @@ -56,30 +56,15 @@ "version_policy": "STRICT" }, { - "name": "TFM_SP_PLATFORM_SYSTEM_RESET", + "name": "TFM_PLATFORM_SERVICE", "sid": "0x00000040", "non_secure_clients": true, - "connection_based": true, - "minor_version": 1, - "minor_policy": "STRICT" - }, - { - "name": "TFM_SP_PLATFORM_IOCTL", - "sid": "0x00000041", - "non_secure_clients": true, - "connection_based": true, + "connection_based": false, + "stateless_handle": 6, "minor_version": 1, "minor_policy": "STRICT" }, { - "name": "TFM_SP_PLATFORM_NV_COUNTER", - "sid": "0x00000042", - "non_secure_clients": false, - "connection_based": true, - "version": 1, - "version_policy": "STRICT" - }, - { "name": "TFM_PROTECTED_STORAGE_SERVICE", "sid": "0x00000060", "non_secure_clients": true, |