aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2019-02-12Core: Support set reverse handle during connectingsandbox/twincpu/m0pEdison Ai
The connection handle is not created while SP is processing PSA_IPC_CONNECT message, this causes a failed calling of psa_set_rhandle(). Remove this limitation by setting reverse handle in psa_reply(). Change-Id: I15b3022aed981b529ad7771472a50e01e4d697d2 Signed-off-by: Edison Ai <edison.ai@arm.com>
2019-02-11Core: Fix thread list handlingMate Toth-Pal
The function update_running_head(...) updates the pointer pointing to the highest priority runnable thread. The old implementation updates RUNN_HEAD pointer to the new running thread, if the new running thread has the same or higher priority then current RUNN_HEAD. However this is not the correct behaviour. If a thread with the same priority as a running thread becomes running, then RUNN_HEAD is updated to this thread. Then if this second thread gets blocked, then the previous thread will never be scheduled, as the RUNN_HEAD pointer is past it, and the search always starts at RUNN_HEAD. Fix: Change tfm_thrd_set_status to update the RUNN_HEAD to the new running thread, if it has higher priority than the thread at RUNN_HEAD. In other cases start the search from the beginning of the thread list. Change-Id: I3738fa2e728d731b5b2553ad64ba232b47509c5a Signed-off-by: Mate Toth-Pal <mate.toth-pal@arm.com>
2019-02-11Core: Config isolation for partitions with PSA APIMate Toth-Pal
tfm_spm_hal_configure_default_isolation(...) should also be called for partitions supporting PSA API Change-Id: I06b2a090a6939600c390d4b5a5c1b0fe57f407e1 Signed-off-by: Mate Toth-Pal <mate.toth-pal@arm.com>
2019-01-27Core: Implement the IPC Secure Client APISummer Qin
Implement the IPC Client APIs in syscalls.c file. Change-Id: I8e71a9803bc5ae1fc5e779aba0bbe5ab99290702 Signed-off-by: Summer Qin <summer.qin@arm.com>
2019-01-27Core: Implement PSA service functionsEdison Ai
Implement all PSA service functions. Interrupt and doorbell APIs are not verified. Change-Id: I14ded96b69f5d494b81aa9b3d47ae0f2c3fe1dc0 Signed-off-by: Edison Ai <edison.ai@arm.com>
2019-01-26Core: Add memory check function for IPCSummer Qin
In IPC, memory data could come from secure or non-secure side, and the added function will check the memory limit for both of them. It is used to check the parameter(memory reference) for IPC client and service APIs. Change-Id: If2a19a29e489267f2be935abac60764777736a12 Signed-off-by: Summer Qin <summer.qin@arm.com>
2019-01-26Core: Adapt PSA API veneer with implemented handlerSummer Qin
PSA API handler is implemented. Adapt veneer of non-secure PSA API with implemented handler instead of dummy handler. Change-Id: If51ae1882cbf630511db7f94c9555615bb3b2e4c Signed-off-by: Summer Qin <summer.qin@arm.com>
2019-01-26Platform: Align region name in armclang and gccSummer Qin
Add one region ER_TFM_DATA in gcc linker script. Change-Id: I6022d4556bc62cca5dc74eb3e7c0ed6093ee5d78 Signed-off-by: Summer Qin <summer.qin@arm.com>
2019-01-26Core: Add secure partition manager for IPCEdison Ai
This secure partition manager is mainly for IPC functions which is different from the library SPM. - Manage IPC service handler, IPC message, RoT of services and event. - Add thread info and stack in library SPM structure for data separate between different partitions. - Add some library SPM partition functions for IPC. - The partition data come from library SPM, while the services data come from manifest. - Init thread and trigger scheduler when SPM init. Change-Id: Icfb1151e1d453409c0eda07ac72e26a673133c73 Signed-off-by: Edison Ai <edison.ai@arm.com>
2019-01-26Core: Enhance manifest to align with PSAEdison Ai
Below enhancements need to be applied to follow PSA: - IPC related parameters added in manifest file (such as signal, sid, minor_version and minor_policy). - IPC service partition manifest file added to generate secure partion source. - Remove "tfm_partition_name" from manifest file and use "name" directly. - Remove IPC unused template: tfm_sfid_list.inc.template Note: - Signal header also need to be added manually by hardcode for tool cannot support it now. Change-Id: I47c2c4058e99a0b278c7b05b1e8d80058bc185a1 Signed-off-by: Edison Ai <edison.ai@arm.com>
2019-01-26Core: Add IPC Client and Service Secure PartitionSummer Qin
Add Secure Partition for IPC Client and Service. Generate new partition information by executing tfm_parse_manifest_list.py. Change-Id: I8a0fe54113f9c5c2a32dd5d651a9722f0057dd2b Signed-off-by: Summer Qin <summer.qin@arm.com>
2019-01-26Core: Add list, message queue, and pool functionsEdison Ai
Those functions are fundamental components for IPC implement. - Common list operation functions - IPC message queue operation functions - Memory pool management function: declare pool first by using “TFM_POOL_DECLARE”, then initialize memory to pool by tfm_pool_init(). tfm_pool_alloc() and tfm_pool_free() are used to allocate and free memory. - Add internal defines header for macros only be used inside the IPC functions. Change-Id: I80770ee2c295c04142f5bbcebda03ff9d7d1af62 Signed-off-by: Edison Ai <edison.ai@arm.com> Co-authored-by: Ken Liu <ken.liu@arm.com>
2019-01-22Core: Fundamental components for secure IPCKen Liu
This patch provides Thread, Wait and ARCH related APIs for PSA secure IPC implementation. Change-Id: I338cd82563d20d75db4fd60441896f76dc85c6e2 Signed-off-by: Ken Liu <ken.liu@arm.com>
2019-01-22Core: Update IPC implementation frameworkEdison Ai
Initial IPC patches showcases API usage with a rough design. To follow PSA FF specification, an updated framework needs to take place instead of previous design. The modification details are: - Remove legacy version files which unused anymore: psa_api.c, tfm_queue.c, tfm_queue.h, tfm_thread.c and tfm_thread.h. - Add psa client and service implement on secure side in thread mode. - Add syscalls for psa client and service, empty now and to be implemented. - Those files in 'core' folder which needed by ipc will be added in 'ipc' folder. So there is no ipc file to be built in 'library' mode. Change-Id: I5ab5ea2774dfb70b24f4bfd0499129ae48b2b3de Signed-off-by: Edison Ai <edison.ai@arm.com> Co-authored-by: Ken Liu <ken.liu@arm.com>
2019-01-22Core: Align with PSA FF specification 1.0-beta-0Edison Ai
- Renamed psa_error_t to psa_status_t - All functions that accept or return signals now use the psa_signal_t type - Removed PSA_CONNECTION_ACCEPTED and replaced its use in connection messages by PSA_SUCCESS - Added PSA_CONNECTION_BUSY to indicate transient error conditions during calls to psa_connect() and renumbered the PSA error codes - Removed psa_identity() and replaced it with client_id in psa_msg_t - Renamed psa_end() to psa_reply() - Combine psa_wait_any() and psa_wait_interrupt() into psa_wait(). Change-Id: Id3ba56f145a29aff297cc56e66810e0dbe0f913b Signed-off-by: Edison Ai <edison.ai@arm.com> Co-authored-by: Summer Qin <summer.qin@arm.com>
2019-01-11Crypto: Conditional reference PSA types by PSA FF versionEdison Ai
Cypto references type 'psa_status_t'. This type is defined in PSA FF 1.0-beta0. Add PSA FF version checking to decide proper way of reference it. Change-Id: I61f9324031e8e28c2bac2ef5bb9148b702183f8c Signed-off-by: Edison Ai <edison.ai@arm.com>
2019-01-11Cmake: Disable regression tests for IPC configurationEdison Ai
Existing regression tests cases and test partitions does not rely on IPC mode. Disable regression tests and update related switches for IPC configuration. Change-Id: Iee075e29e16667c76935bf243fbc5b70428a53dd Signed-off-by: Edison Ai <edison.ai@arm.com>
2018-12-17Core: fixup offset of SP and SPLIMITKen Liu
Incorrect offset is applied in context which caused hang occasionally. Fix it to avoid such problem. Change-Id: I2d5092d78403f72a0a3b0e2adef8afc74fe86b1b Signed-off-by: Ken Liu <ken.liu@arm.com>
2018-12-17Core: thread mode transition for IPC callsMiklos Balint
Align NS IPC calls with thread mode NS-S transition changes Change-Id: Ifbc4a5229ee0400bde9755d2964bcf82e8fcfca2 Signed-off-by: Miklos Balint <miklos.balint@arm.com>
2018-12-17Core: move PSA API sources into `ipc` directoryKen Liu
Move ipc related source code to 'ipc' folder for easier code browsing. This also readies codebase for future additions. Change-Id: Icc78338a3832b73e9a71bf33577829bf310da890 Signed-off-by: Ken Liu <ken.liu@arm.com>
2018-12-17Test: Implement IPC non-secure test casesSummer Qin
Add tests in non-secure side to call the IPC client APIs. Change-Id: Ie7eb3c82f73b0e1f1c14dbf9ad74861067a284fa Signed-off-by: Summer Qin <summer.qin@arm.com>
2018-12-17Core: Add message processing for IPC veneerEdison Ai
Add PSA message processing in veneer functions: - Send PSA message to IPC queue and it will trigger IPC event. - Schedule out to let CPU to process IPC event. - Return PSA_VERSION_NONE in tfm_psa_version_veneer function. Change-Id: Ie3ed12dc95ccf5cc1153dabe1ae20449c7eb6830 Signed-off-by: Edison Ai <edison.ai@arm.com>
2018-12-17Test: Add IPC test serviceEdison Ai
This is the first version for IPC secure function test service: - Only psa_wait_any(), psa_get(), psa_read(), psa_write() and psa_end() are used now. - Only support "block" mode for psa_wait_any() Note: - Remaining PSA functions TBD - "Poll" mode for psa_wait_any() TBD Change-Id: I882716075b9c92839d41372df355c364d24d7574 Signed-off-by: Edison Ai <edison.ai@arm.com>
2018-12-17Test: skeleton framework addition for IPC testingEdison Ai
Add test framework skeleton for secure and non-secure side IPC validation. Actual tests will be added in subsequent patches. Change-Id: Iaef5668e3d57e50493b72a4977d3f0145ec0cd97 Signed-off-by: Edison Ai <edison.ai@arm.com>
2018-12-17Core: first draft for PSA service APIsKen Liu
Draft PSA servie APIs. A global based message queue, and necessary APIs for first IPC Service Partition. Change-Id: Ifd46eaa13eb5ba2a62584f1335e438db3b2738d9 Signed-off-by: Ken Liu <ken.liu@arm.com>
2018-12-17Core: base thread context switch for IPC draftKen Liu
IPC draft needs to block current running context while calling blocking APIs and add base thread context for this purpose. First version just consider two threads switch in symmetric mode -- threads and scheduler run in same mode. Only ARMv8-M Mainline profile is currently implemented. Change-Id: I7ead5af98eb4584b236cabfd98465d177094be2d Signed-off-by: Ken Liu <ken.liu@arm.com>
2018-12-17Core: Add config file for IPCEdison Ai
Add ConfigCoreIPC.cmake file for enabling IPC function, TFM_PSA_API and CORE_TEST_IPC depend on it. Change-Id: I6bcadfc3d7a8184e4c55aaf56e2958520be5a94a Signed-off-by: Edison Ai <edison.ai@arm.com>
2018-12-17Core: add PSA client API functionsMiklos Balint
NS client infrastructure for PSA API created in conformance with v8M secure gateway call restrictions and TF-M rules. Note: - S SVC handlers TBD - Buffer read/write funtions TBD - Sanity checks in S SVC handlers TBD Change-Id: Ia2947c28247af699d337754db2f22e2e25235c41 Signed-off-by: Miklos Balint <miklos.balint@arm.com>
2018-12-14Core: Make initial debug config platform-specificMarc Moreno Berengue
This patch defines a platform abstraction layer for the initial debug configuration, which needs to be implemented per each platform, and executed in tfm_core.c, as an extra step in the tfm_core_init function. Change-Id: I27bdbe35b47e3124f7176a931f1895bd06187dc4 Signed-off-by: Marc Moreno <marc.morenoberengue@arm.com>
2018-12-11AuditLog: Define a secure API interface layerAntonio de Angelis
This change introduces an interface layer towards the secure world which exposes the same API exposed to NS instead of calling the veneers directly. This layer is placed into the SFN section during TFM build process. The secure suite for Audit Log test is updated to use this interface. Change-Id: I716633cc95d7804412d0f2ed33ca39a6159e9e20 Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
2018-12-07Build: Add support for Armclang 6.10 and Armclang 6.11Antonio de Angelis
This patch introduces support for building with Armclang 6.10 and Armclang 6.11. It also fixes a typo inside the cmake build system files, and rename architecture names to be consistent. Change-Id: I9b7db4751c225f092e84c85d9d421fa6d158c929 Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
2018-12-06Build: Compile Mbed TLS as MinSizeRel by defaultJamie Fox
Changes the build system to compile Mbed TLS without debug symbols by default. It can still be built with debug symbols by adding -DMBEDTLS_DEBUG=ON to the CMake command. Most of the time TF-M developers do not need to debug Mbed TLS, and building it as "MinSizeRel" by default allows for smaller, faster binaries. It also eliminates the need for Musca-specific build settings to shrink the binary size. Change-Id: I4b691a50f63ddbb4707a196bf7950f8e7603a32c Signed-off-by: Jamie Fox <jamie.fox@arm.com>
2018-12-06Build: Fix build for AN519 with MBEDTLS_DEBUG=OFFJamie Fox
Changes the build system to build Mbed TLS with MULADDC_CANNOT_USE_R7 defined for Armv8-M Baseline targets. This compiles-out some inline assembly in Mbed TLS that is not compatible with Armv8-M Baseline instruction encoding. Change-Id: Ibe8ac799a4a5d5f56f11ae8caccac431995902ac Signed-off-by: Jamie Fox <jamie.fox@arm.com>
2018-12-05Attest: Add a service integration guideTamas Ban
This patch introduces an integration guide to the Initial Attestation Service which provides a high level overview of the service and provides guidance on its usage from applications. Change-Id: I256db731173ddd1ecfbe4d2a8c3a0eda58eafe61 Signed-off-by: Tamas Ban <tamas.ban@arm.com>
2018-12-05Test: Add test suite for Attestation ServiceTamas Ban
Initial test cases for Attestation Service prototype added. Change-Id: I7e60a90d85a1f9299214d6ce1cf94af05b1236c8 Signed-off-by: Tamas Ban <tamas.ban@arm.com>
2018-12-05Attest: Add initial attestation prototypeTamas Ban
Details: - implement initial version of API - implement veneer function and SVC handler - implement wrapper functions around veneers on S and NS side - create manifest files and generate new partition defines - add attestation service to build system - update linker scripts for ARMCLANG and GNUARM Change-Id: I987509c6cad08fcd082667bca7dbc9a328ea03de Signed-off-by: Tamas Ban <tamas.ban@arm.com>
2018-12-05Attest: Release PSA API of initial attestationTamas Ban
Initial Attestation Service allows the application to prove the device identity during an authentication process to a verification entity. Attestation Service creates a token, which contains device specific data and signed with unique attestation key. The API provides the retrieval of signed initial attestation token. Change-Id: I914597100bba502901e00c4b1ef0e1ec3f042926 Signed-off-by: Tamas Ban <tamas.ban@arm.com>
2018-12-05Platform: Add device ID supportTamas Ban
Add a getter function to platform code, to retrieve the Universal Entity ID (UEID) of the device. Change-Id: Id1f9abc5e96409da463098e92230099c1983c0c9 Signed-off-by: Tamas Ban <tamas.ban@arm.com>
2018-12-05Platform: Add boot seed supportTamas Ban
Add a getter function to platform code, which makes possible to get the boot seed value. Boot seed is a mandatory claim in the initial attestation token. Change-Id: Ifd547c541a51093f0766b57ba9e9cdd124cd840d Signed-off-by: Tamas Ban <tamas.ban@arm.com>
2018-12-05Core: Create wrapper functions around C lib callsTamas Ban
In long term standard C library might be removed from TF-M project or replaced with a secure implementation due to security concerns. Wrappers are introduced to indicate this concern and future change to developers. Change-Id: I86e9cd8563fd89bf70b0df59cb2ae1aeee9c02b9 Signed-off-by: Tamas Ban <tamas.ban@arm.com>
2018-12-05Platform: Reduce stack size of test partitionsTamas Ban
This change is necessary to fit to the available RAM memory on Musca-A board, if isolation level is TFM_LVL=3. Change-Id: I47248dcc10d757fb6b4fc9d26f1bd9adc83e5abb Signed-off-by: Tamas Ban <tamas.ban@arm.com>
2018-12-05Platform: Add SRAM limit assert to S sct filesMate Toth-Pal
The checking of memory limit was missing from ARMCLANG scatter file. Without this fix linker can easily over allocate the data memory without noticing it. GCC has this feature in place. Change-Id: If6923bfe5e78f405b562b652f696330b6f3f971d Signed-off-by: Mate Toth-Pal <mate.toth-pal@arm.com>
2018-12-05Core: Add data exchange b/w runtime and BL2Tamas Ban
Details: - extend SPM's services API with new functions, which is used by partitions to retrive relevant data from bootloader Change-Id: I0efecfd86137f8059be2221ba5e3f9386f1b60d0 Signed-off-by: Tamas Ban <tamas.ban@arm.com>
2018-12-05Boot: Save boot status to shared data areaTamas Ban
Details: - PSA requirement: Attestation service must include the measured boot status to attestation token. Secure bootloader measuring the runtime SW (calculatinig its hash) ans shares the measurements with runtime SW through a shared memory area. - add new functions to save the boot status in TLV encoded format to the shared data area - save combined (S+NS) image hash to boot status Change-Id: I4f7b4f134294aea75fe5bce10cd98c74614c32e8 Signed-off-by: Tamas Ban <tamas.ban@arm.com>
2018-12-05Build: Fix BL2 config in ConfigRegressionTfmLevel3.cmakeTamas Ban
Change-Id: Iba827776797da72d21f2afc705be7fd937bf7598 Signed-off-by: Tamas Ban <tamas.ban@arm.com>
2018-12-05Platform: Fix compile error without BL2Tamas Ban
This patch fix a compilation error which was occurred with GNUARM if BL2 was turned off. Change-Id: I2f5be9fe1b35b24781fa12b1ed7036a473e91087 Signed-off-by: Tamas Ban <tamas.ban@arm.com>
2018-12-05Core: Rename tfm_unpriv_api.c to tfm_spm_services.cTamas Ban
Change-Id: I63b34fcb8170df69084d67ff1d8eb086a8020300 Signed-off-by: Tamas Ban <tamas.ban@arm.com>
2018-12-05Platform: Move GNUARM C library to UNPRIV sectionTamas Ban
Details: - To enable any secure service to use the standard C library functions. - Only read-only(code&ro-data) section was moved. - Data section of C library remains in the data section of secure test service to make possible the usage of printf. Change-Id: Iff106b72af3cc0cc4c0f1ebdab668886644b777c Signed-off-by: Tamas Ban <tamas.ban@arm.com>
2018-12-05Platform: Clean-up stack and heap allocationTamas Ban
Details: - ARMCLANG: relocate heap and stack allocation to scatter file from start-up assembly, to be aligned with GNUARM - Explicitly distinguish main and process stack - Reorder the allocation of heap and stack area in RAM: main stack, process stack, heap - Introduce shared data area b/w bootloader and runtime to exchange data - Main stack and shared area are overlapping sections in memory, to prepare the recycling the shared area as stack - Increase bootloader stack size to avoid overflow - Remove unnecessary .heap(COPY) section from GCC linker script Change-Id: Id8702fd9262764814250356868fb8de630b4a1af Signed-off-by: Tamas Ban <tamas.ban@arm.com>
2018-12-03SST: Fix code logic in set_active_object_tableMarc Moreno Berengue
This patch fixies the code logic in sst_set_active_object_table when table 0 is valid and table 1 is invalid. If both tables are valid an extra evaluation is required to determine which table contains the latest content based on NV counters, if SST_ROLLBACK_PROTECTION is set, or swap counter. Change-Id: I3a751c003b5c7b272005ecacd26f607f37978e1e Signed-off-by: Marc Moreno <marc.morenoberengue@arm.com>