aboutsummaryrefslogtreecommitdiff
path: root/secure_fw
diff options
context:
space:
mode:
authorSummer Qin <summer.qin@arm.com>2020-08-12 10:51:10 +0800
committerKen Liu <ken.liu@arm.com>2020-08-14 07:14:23 +0000
commit616680d49582b9090c0b60d7403e055363b6587c (patch)
tree8a8604b7e4f2893913972b04742fe7e1bae37ee1 /secure_fw
parentd7f72d5df60346b5873e0884e171f228a6d864ce (diff)
downloadtrusted-firmware-m-616680d49582b9090c0b60d7403e055363b6587c.tar.gz
SPM: Create model-specific SPM entry files
Move tfm_core.c into model's folder and rename to main.c for easy entry spotting. Change-Id: I50a711c5dab5c667274d67b4c749345174be3e4b Signed-off-by: Summer Qin <summer.qin@arm.com>
Diffstat (limited to 'secure_fw')
-rw-r--r--secure_fw/spm/cmsis_func/CMakeLists.inc2
-rw-r--r--secure_fw/spm/cmsis_func/main.c (renamed from secure_fw/spm/common/init/tfm_core.c)23
-rw-r--r--secure_fw/spm/cmsis_psa/CMakeLists.inc2
-rw-r--r--secure_fw/spm/cmsis_psa/main.c166
4 files changed, 168 insertions, 25 deletions
diff --git a/secure_fw/spm/cmsis_func/CMakeLists.inc b/secure_fw/spm/cmsis_func/CMakeLists.inc
index 08da114620..2a43547c61 100644
--- a/secure_fw/spm/cmsis_func/CMakeLists.inc
+++ b/secure_fw/spm/cmsis_func/CMakeLists.inc
@@ -35,7 +35,7 @@ set(SFW_SPM_RUNTIME_DIR "${SFW_SPM_DIR}/common/runtime")
set (SFW_FUNC_SPM_SRC
"${SFW_SPM_INIT_DIR}/tfm_boot_data.c"
- "${SFW_SPM_INIT_DIR}/tfm_core.c"
+ "${SFW_FUNC_SPM_DIR}/main.c"
"${SFW_FUNC_SPM_DIR}/tfm_core_svcalls_func.c"
"${SFW_FUNC_SPM_DIR}/tfm_secure_api.c"
"${SFW_FUNC_SPM_DIR}/spm_func.c"
diff --git a/secure_fw/spm/common/init/tfm_core.c b/secure_fw/spm/cmsis_func/main.c
index a6a77fc53e..f52ff64379 100644
--- a/secure_fw/spm/common/init/tfm_core.c
+++ b/secure_fw/spm/cmsis_func/main.c
@@ -12,12 +12,8 @@
#include "tfm_spm_hal.h"
#include "tfm_version.h"
#include "log/tfm_log.h"
-#ifdef TFM_PSA_API
-#include "spm_ipc.h"
-#else
#include "spm_func.h"
#include "spm_partition_defs.h"
-#endif
/*
* Avoids the semihosting issue
@@ -31,15 +27,9 @@ __asm(" .global __ARM_use_no_argv\n");
#error TFM_LVL is not defined!
#endif
-#ifdef TFM_PSA_API
-#if (TFM_LVL != 1) && (TFM_LVL != 2)
-#error Only TFM_LVL 1 and 2 are supported for IPC model!
-#endif
-#else
#if (TFM_LVL != 1)
#error Only TFM_LVL 1 is supported for library model!
#endif
-#endif
REGION_DECLARE(Image$$, ARM_LIB_STACK_MSP, $$ZI$$Base);
@@ -164,7 +154,6 @@ int main(void)
}
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
-#ifndef TFM_PSA_API
tfm_spm_partition_set_state(TFM_SP_CORE_ID, SPM_PARTITION_STATE_RUNNING);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Base)[];
@@ -200,16 +189,4 @@ int main(void)
#endif
jump_to_ns_code();
-#else /* !defined(TFM_PSA_API) */
- /*
- * Prioritise secure exceptions to avoid NS being able to pre-empt
- * secure SVC or SecureFault. Do it before PSA API initialization.
- */
- if (tfm_core_set_secure_exception_priorities() != TFM_SUCCESS) {
- tfm_core_panic();
- }
-
- /* Move to handler mode for further SPM initialization. */
- tfm_core_handler_mode();
-#endif /* !defined(TFM_PSA_API) */
}
diff --git a/secure_fw/spm/cmsis_psa/CMakeLists.inc b/secure_fw/spm/cmsis_psa/CMakeLists.inc
index 3182fd4c68..ee99991396 100644
--- a/secure_fw/spm/cmsis_psa/CMakeLists.inc
+++ b/secure_fw/spm/cmsis_psa/CMakeLists.inc
@@ -36,7 +36,7 @@ set(SFW_SPM_RUNTIME_DIR "${SFW_SPM_DIR}/common/runtime")
set (SFW_IPC_SPM_SRC
"${SFW_SPM_INIT_DIR}/tfm_boot_data.c"
- "${SFW_SPM_INIT_DIR}/tfm_core.c"
+ "${SFW_IPC_SPM_DIR}/main.c"
"${SFW_IPC_SPM_DIR}/spm_ipc.c"
"${SFW_IPC_SPM_DIR}/spm_psa_client_call.c"
"${SFW_IPC_SPM_DIR}/tfm_core_svcalls_ipc.c"
diff --git a/secure_fw/spm/cmsis_psa/main.c b/secure_fw/spm/cmsis_psa/main.c
new file mode 100644
index 0000000000..a5d72e1c99
--- /dev/null
+++ b/secure_fw/spm/cmsis_psa/main.c
@@ -0,0 +1,166 @@
+/*
+ * Copyright (c) 2017-2020, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#include "region.h"
+#include "tfm_internal.h"
+#include "tfm_irq_list.h"
+#include "tfm_nspm.h"
+#include "tfm_spm_hal.h"
+#include "tfm_version.h"
+#include "log/tfm_log.h"
+#include "spm_ipc.h"
+
+/*
+ * Avoids the semihosting issue
+ * FixMe: describe 'semihosting issue'
+ */
+#if defined(__ARMCC_VERSION) && (__ARMCC_VERSION >= 6010050)
+__asm(" .global __ARM_use_no_argv\n");
+#endif
+
+#ifndef TFM_LVL
+#error TFM_LVL is not defined!
+#endif
+
+#if (TFM_LVL != 1) && (TFM_LVL != 2)
+#error Only TFM_LVL 1 and 2 are supported for IPC model!
+#endif
+
+REGION_DECLARE(Image$$, ARM_LIB_STACK_MSP, $$ZI$$Base);
+
+static int32_t tfm_core_init(void)
+{
+ size_t i;
+ enum tfm_plat_err_t plat_err = TFM_PLAT_ERR_SYSTEM_ERR;
+ enum irq_target_state_t irq_target_state = TFM_IRQ_TARGET_STATE_SECURE;
+
+ /* Enables fault handlers */
+ plat_err = tfm_spm_hal_enable_fault_handlers();
+ if (plat_err != TFM_PLAT_ERR_SUCCESS) {
+ return TFM_ERROR_GENERIC;
+ }
+
+ /* Configures the system reset request properties */
+ plat_err = tfm_spm_hal_system_reset_cfg();
+ if (plat_err != TFM_PLAT_ERR_SUCCESS) {
+ return TFM_ERROR_GENERIC;
+ }
+
+ /* Configures debug authentication */
+ plat_err = tfm_spm_hal_init_debug();
+ if (plat_err != TFM_PLAT_ERR_SUCCESS) {
+ return TFM_ERROR_GENERIC;
+ }
+
+ /*
+ * Access to any peripheral should be performed after programming
+ * the necessary security components such as PPC/SAU.
+ */
+ plat_err = tfm_spm_hal_init_isolation_hw();
+ if (plat_err != TFM_PLAT_ERR_SUCCESS) {
+ return TFM_ERROR_GENERIC;
+ }
+
+ /* Performs platform specific initialization */
+ plat_err = tfm_spm_hal_post_init();
+ if (plat_err != TFM_PLAT_ERR_SUCCESS) {
+ return TFM_ERROR_GENERIC;
+ }
+
+ LOG_MSG("\033[1;34m[Sec Thread] Secure image initializing!\033[0m\r\n");
+
+#ifdef TFM_CORE_DEBUG
+ LOG_MSG("TF-M isolation level is: %d\r\n", TFM_LVL);
+#endif
+
+ tfm_core_validate_boot_data();
+
+ configure_ns_code();
+
+ /* Configures all interrupts to retarget NS state, except for
+ * secure peripherals
+ */
+ plat_err = tfm_spm_hal_nvic_interrupt_target_state_cfg();
+ if (plat_err != TFM_PLAT_ERR_SUCCESS) {
+ return TFM_ERROR_GENERIC;
+ }
+
+ for (i = 0; i < tfm_core_irq_signals_count; ++i) {
+ plat_err = tfm_spm_hal_set_secure_irq_priority(
+ tfm_core_irq_signals[i].irq_line,
+ tfm_core_irq_signals[i].irq_priority);
+ if (plat_err != TFM_PLAT_ERR_SUCCESS) {
+ return TFM_ERROR_GENERIC;
+ }
+ irq_target_state = tfm_spm_hal_set_irq_target_state(
+ tfm_core_irq_signals[i].irq_line,
+ TFM_IRQ_TARGET_STATE_SECURE);
+ if (irq_target_state != TFM_IRQ_TARGET_STATE_SECURE) {
+ return TFM_ERROR_GENERIC;
+ }
+ }
+
+ /* Enable secure peripherals interrupts */
+ plat_err = tfm_spm_hal_nvic_interrupt_enable();
+ if (plat_err != TFM_PLAT_ERR_SUCCESS) {
+ return TFM_ERROR_GENERIC;
+ }
+
+ return TFM_SUCCESS;
+}
+
+static int32_t tfm_core_set_secure_exception_priorities(void)
+{
+ enum tfm_plat_err_t plat_err = TFM_PLAT_ERR_SYSTEM_ERR;
+
+ tfm_arch_prioritize_secure_exception();
+
+ /* Explicitly set Secure SVC priority to highest */
+ plat_err = tfm_spm_hal_set_secure_irq_priority(SVCall_IRQn, 0);
+ if (plat_err != TFM_PLAT_ERR_SUCCESS) {
+ return TFM_ERROR_GENERIC;
+ }
+
+ tfm_arch_set_pendsv_priority();
+
+ return TFM_SUCCESS;
+}
+
+int main(void)
+{
+ /* set Main Stack Pointer limit */
+ tfm_arch_set_msplim((uint32_t)&REGION_NAME(Image$$, ARM_LIB_STACK_MSP,
+ $$ZI$$Base));
+
+ if (tfm_core_init() != TFM_SUCCESS) {
+ tfm_core_panic();
+ }
+ /* Print the TF-M version */
+ LOG_MSG("\033[1;34mBooting TFM v%d.%d %s\033[0m\r\n",
+ VERSION_MAJOR, VERSION_MINOR, VERSION_STRING);
+
+ if (tfm_spm_db_init() != SPM_ERR_OK) {
+ tfm_core_panic();
+ }
+
+#ifdef CONFIG_TFM_ENABLE_MEMORY_PROTECT
+ if (tfm_spm_hal_setup_isolation_hw() != TFM_PLAT_ERR_SUCCESS) {
+ tfm_core_panic();
+ }
+#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
+
+ /*
+ * Prioritise secure exceptions to avoid NS being able to pre-empt
+ * secure SVC or SecureFault. Do it before PSA API initialization.
+ */
+ if (tfm_core_set_secure_exception_priorities() != TFM_SUCCESS) {
+ tfm_core_panic();
+ }
+
+ /* Move to handler mode for further SPM initialization. */
+ tfm_core_handler_mode();
+}