path: root/interface/include
AgeCommit message (Collapse)Author
2021-08-16Attestation: Implement Attest services with static handleShawn Shan
Change Initial Attestation services to one stateless service. Change-Id: Ie4578df8c4295e8c8e74c96c8caeb946bfc1e637 Signed-off-by: Shawn Shan <Shawn.Shan@arm.com>
2021-08-16ITS: Implement ITS Services with static handleShawn Shan
Change Internal Trusted Storage services to one stateless service. Change-Id: I92cad72e85255cf4970f314681e4c871f171b72f Signed-off-by: Shawn Shan <Shawn.Shan@arm.com>
2021-08-16PS: Implement Protected Storage services with static handleShawn Shan
Change Protected Storage services to one stateless service. Change-Id: Ie4d4cb136b2f8ad9f7333c099c93c1c3eae8e8c1 Signed-off-by: Shawn Shan <Shawn.Shan@arm.com>
2021-07-21Crypto: Add support for message signing operationSummer Qin
Add support for crypto message signing operation: -psa_sign_message() -psa_verify_message() Signed-off-by: Summer Qin <summer.qin@arm.com> Change-Id: I685d4c12c8c132ce4ce0c79542ad9143076f3600
2021-07-21Crypto: Upgrade mbedtls to v3.0.0Summer Qin
- Remove deprecated macros and functions - Enable SHA-224 cryptographic hash algorithm by 'define MBEDTLS_SHA224_C' - Enable SHA-384 cryptographic hash algorithm by 'define MBEDTLS_SHA384_C' - 'psa_cipher_encrypt' and 'psa_cipher_decrypt' is supported by mbedtls-3.0.0 - 'psa_mac_compute' and 'psa_mac_verify' is supported by mbedtls-3.0.0 - mbedtls-3.0.0 changes some internal mbedtls apis' name, mcuboot needs to align. Change-Id: Ia868c93deceee6c8042607acf35ce2f4c9c15e35 Signed-off-by: Summer Qin <summer.qin@arm.com>
2021-07-07Tools: Deprecate the attribute 'tfm_partition_ipc'Shawn Shan
'tfm_partition_ipc' was introduced to distinguish if partitions support library model only. The FF-M v1.1 introduces a new SFN Model which is an alternative of IPC Model. This attribute becomes confusing to indicate the models. Made some changes to remove the attribute 'tfm_partition_ipc'. Change-Id: Ifba5778caf87bb716993db3dc19986bbde3653c3 Signed-off-by: Shawn Shan <Shawn.Shan@arm.com>
2021-06-30SPM: Changes to Secure Partition API for FLIHKevin Peng
The patch includes the changes to Secure Partition API for FLIH defined by FF-M v1.1 alpha: - Adding psa_reset_signal() which is for FLIH signals - Limiting psa_eoi() to SLIH signals Change-Id: I6b99eb6df3013c898627a48fa98d41c0e7bc5888 Signed-off-by: Kevin Peng <kevin.peng@arm.com>
2021-06-08SPM: Invert tfm_spm_check_buffer_access() logicAntonio de Angelis
Invert the logic for the tfm_spm_check_buffer_access() function to conform to "0 means success" and align to other APIs. Refactor the function itself to provide different return codes on error and a default failure return instead of default success. Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com> Change-Id: I40ef814a472375cdb2c40ac75dd5f605a9eccbfe
2021-06-02Attest: Remove initial attestation get public key API functionDavid Hu
It is overkill to implement a dedicated secure function for NS to fetch initial attestation public key just for test purpose. Besides, this function to get public key can be confusing as it is not defined in PSA Initial Attestation API spec. Remove get public key secure function from NS and S sides to simplify TF-M initial attestation implementation and interface. Change-Id: I8d0967698e3d2f2c684194caa9a6234585026a71 Signed-off-by: David Hu <david.hu@arm.com>
2021-05-31SPM: Correct 'invalid parameter' error handlingShawn Shan
- 'Invalid parameter' is regarded as 'programmer error' instead of return 'PSA_ERROR_INVALID_ARGUMENT'. - 'Programmer error' should be handled inside SPM instead of interface, as SPM needs to decide the error handling based on the caller attribute. - Keep the parameters range check inside the interface to give an explicit hint. - Correct 'type' casting to avoid lose sign bit. Change-Id: I35a5b70b5dc1ea7072c45f0ebac0630f65edfa00 Signed-off-by: Shawn Shan <Shawn.Shan@arm.com>
2021-05-26FWU: Add checking the state of the running imageSherry Zhang
The Firmware Update partition reads the image_ok flag to check whether the running image has been confirmed. The running image state is set according to this flag in psa_fwu_query(). Change-Id: I9cf58b7d6f3b87a50e0ac6f926e30170bb01b8f1 Signed-off-by: Sherry Zhang <sherry.zhang2@arm.com>
2021-05-17Crypto: Upgrade MbedTLS to 2.26Maulik Patel
Sets the MBEDCRYPTO_VERSION to 2.26.0. Updates headers in include/psa folder. Adds a patch for psa arch test. This patch updates crypto api test cases for psa_mac_sign_setup (226) and psa_mac_verify_setup (229) against unknown MAC algorithm such that key passed is valid but the algorithm is unknown. Also, as per PSA Crypto Spec 1.0.0, Fix the expected return value to PSA_ERROR_INVALID_ARGUMENT for incompatible key to MAC algorithm. Signed-off-by: Maulik Patel <maulik.patel@arm.com> Change-Id: I8f42736a9e5bd7fbf604146b43ef28180e741fc3
2021-04-30Interface: Change control param to uint32_t preprocessorXinyu Zhang
Define a uint32_t preprocessor to pack control params. Signed-off-by: Xinyu Zhang <xinyu.zhang@arm.com> Change-Id: I0992620af1c39ef6dba182cac88e81cd666be0c6
2021-04-29Crypto: Modify client view of key attributesDevaraj Ranganna
Client view of key attributes struct ensures that implementation details of key attributes are hidden from the non-secure world. However, while using Mbed TLS with TF-M backend (for crypto services), Mbed TLS assumes complete key attributes are returned when queried. But TF-M only returns client view of key attributes. This causes certain Mbed TLS check failures especially on the key type. As a temporary solution, element order of client view of key attributes struct has been modified to match core key attributes. This resolves Mbed TLS failures and at the same time still hiding implementation details from non-secure world. In addition to adjusting the element order of client view of key attributes struct, size of `bits` is changed from `size_t` to `uint16_t`. This is to match the size of `bits` same as that of `mbed-crypto`. Signed-off-by: Devaraj Ranganna <devaraj.ranganna@linaro.org> Change-Id: I6e93f26926a815a7430f1167dc9d8b76c19c7dcf
2021-04-29Interface: Remove NS specific implementation of test interfaceDavid Hu
Remove some test interface files to decouple TF-M from NS speific implementation. Those files will be moved to tf-m-tests. Those files include NS client identification management and NS mailbox test utilities. Change-Id: I963ccae2b50d6124e3ac84547d91b09b28fddfd5 Signed-off-by: David Hu <david.hu@arm.com>
2021-04-29Interface: Remove NS RTOS specific implementationDavid Hu
Move NS RTOS related interface code to tf-m-test to decouple TF-M from NS specific implementation. The removed code includes OS wrapper headers and RTOS specific implementation. Export tfm_ns_interface_dispatch() to NS as API to integrate with TF-M NS interface. Add an example of tfm_ns_interface_dispatch() implementation. Change-Id: I9b331c32ac26551bfdbc4996eecd08efc7d7c2c3 Signed-off-by: David Hu <david.hu@arm.com>
2021-04-29Interface: Fix veneer function namingDavid Hu
Some veneer functions are named with "tfm_tfm_" prefix. It is confusing and unfriendly to NS integration. This patch unifies the prefix of all the veneer function as "tfm_" - Fix the duplicated "tfm_" prefixes by checking secure function prefix in tfm_veneer template. - Replace all the "tfm_tfm_" prefixes with "tfm_". Change-Id: Id658486f49f4a6f1f22fd3897be27865889474ae Signed-off-by: David Hu <david.hu@arm.com>
2021-04-28Unify to use ARRAY_SIZE in TF-M codesXinyu Zhang
ARRAY_SIZE(foo) is preferred over sizeof(foo)/sizeof(foo[0]). Signed-off-by: Xinyu Zhang <xinyu.zhang@arm.com> Change-Id: I6d95ceece2edc6267491923e282e28710b68ab8d
2021-04-21Tools: Improvements on static handle encodingMingyang Sun
Convert static handle index from [1, maximum] to [0, maximum-1] to be used directly as the tracking table index. Change-Id: I2acd4de1459c1652a4b2f45f437da1a91db1465e Signed-off-by: Mingyang Sun <mingyang.sun@arm.com>
2021-03-22SPM: Implement version check for stateless serviceMingyang Sun
Encode the service version and stateless indicator into stateless handle, validate the stateless handle indicator, version and index before using. Change-Id: Id5f388f938a758803863958dfbb0c0011c2e1f04 Signed-off-by: Mingyang Sun <mingyang.sun@arm.com>
2021-03-22SPM: Update firmware framework versionMingyang Sun
Update firmware framework version to 1.1. Change-Id: I0bedf52478eb63a2394c00ca0517af4b213b1078 Signed-off-by: Mingyang Sun <mingyang.sun@arm.com>
2021-03-19FWU: Add Firmware Update partitionSherry Zhang
Firmware Update(FWU) partition provides the functionality of updating firmware images. This patch implemented the partition in Library mode. Change-Id: I736477549b055c64cd8106ad57c3ad7b1b2007ee Signed-off-by: Sherry Zhang <sherry.zhang2@arm.com>
2021-03-19Tool: Generate static handle for stateless serviceMingyang Sun
Parsing from partition manifest and generate static handle value for stateless services. - Validate number of stateless services - Static handle value auto allocation - Duplicate detection Change-Id: I8fdf79f5040caf1cbbdf42e52a4a405b36d88166 Signed-off-by: Mingyang Sun <mingyang.sun@arm.com>
2021-03-17Crypto: Upgrade Mbed TLS to 2.25Maulik Patel
Set the MBEDCRYPTO_VERSION to 2.25.0. First three patches in existing v2.24 already applied in v2.25 and hence removed. Replaced MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER with MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER in all configuration and source as updated in v2.25 library. Update all headers of psa/include as per mbedtls-v2.25 excluding changes required to hide some implementation. Update id field in the client_key_attributes structure to psa_key_id_t. Update Copyright year to 2021! Removed patch 006 as not required in MbedTLS v2.25.0. Update references of handle to key as per MbedTLS api changes. Increase NUM_HANDLES to 32 to accommodate crypto api tests. Added corresponding tfm implementation of psa_purge_key(). Signed-off-by: Maulik Patel <maulik.patel@arm.com> Change-Id: I6a532da96735cf32996250c4a8733a8654c1f44e
2021-03-16SPM: Partial implementation of PSA interrupt control APIsKevin Peng
This patch implements two of the Secure Partition APIs for interrupt control defined by FF-M v1.1: - psa_irq_enable - psa_irq_disable Implement only these two for SLIH for the time being. Change-Id: Ia1103b2d70f1406e2ad0100d856f9e11568c2430 Signed-off-by: Kevin Peng <kevin.peng@arm.com>
2021-02-22Interface: Ensure veneer function result return in dispatchKevin Peng
The tfm_ns_interface_dispatch() function returns TFM_ERROR_GENERIC when mutex operations fails. However, this error code could be interrepted by the caller as another status code or even valid return. For example the psa_connect() of NS interface, it treats the value of TFM_ERROR_GENERIC a valid handle. And the psa_call() could treat TFM_ERROR_GENERIC as another status code of the RoT service. In both cases, the TFM_ERROR_GENERIC is translated incorrectly. The tfm_ns_interface_dispatch() should only return status code from the veneer function being called. Other unrecoverable errors should be considered as fatal error and should not return. Change-Id: Id4082a46cd866acaba85aa63d10cfe46d09b3044 Signed-off-by: Kevin Peng <kevin.peng@arm.com>
2021-02-05Dualcpu: Add a new NS mailbox working model with a dedicated threadDavid Hu
Support a new NS mailbox working model. When TFM_MULTI_CORE_NS_OS_MAILBOX_THREAD is selected, NS OS should allocate a dedicated NS mailbox thread to receive from requests from application threads and send mailbox messages to SPE. The new working model consists of the following features: - Define a request structure to collect paramters of application threads. - Pass request from application thread to the NS mailbox thread via RTOS message queue. - Assign application thread specific woken flag to enable threads to check woken status without SVC. - Remove the semaphores. When TFM_MULTI_CORE_NS_OS_MAILBOX_THREAD is disabled, the original NS mailbox working model will be selected. Also extract common parts from NS mailbox models. Change-Id: I8f2601c21ad112b10315748b13e5b09cd1f58b29 Signed-off-by: David Hu <david.hu@arm.com>
2021-02-05Dualcpu: Add RTOS message queue wrappersDavid Hu
Add RTOS message queue wrappers to support dual-cpu multiple PSA client calls. Change-Id: Ic1c2eefec7eb9434fe027fd4a2ed66b2a8711970 Signed-off-by: David Hu <david.hu@arm.com>
2021-01-26Tools: Naming refine: manifest -> partitionKevin Peng
The "manifest.manifest" in template is confusing. It should be "partition.manifest" instead. This patch does this change to make the templates much more easy to read and understand. Also updates the obsolete example code in the document. Change-Id: Iac0328f353267342187707c405eea57721209443 Signed-off-by: Kevin Peng <kevin.peng@arm.com>
2021-01-22SPM: Fix some compile warningsShawn Shan
- Fix the warning about implicit declaration of function 'tfm_hal_output_spm_log'. - Cast the argument to the same type. - Fix some comments warnings. Change-Id: I9ceee823696d769c71ed34345c14a16fd2fb5a2a Signed-off-by: Shawn Shan <Shawn.Shan@arm.com>
2021-01-22Build: Improve NS mailbox config flag settingDavid Hu
Support a flag TFM_MULTI_CORE_NS_OS to control NS integration. When integrating TF-M with NS OS on dual-cpu platforms, select TFM_MULTI_CORE_NS_OS in NS build to enable NS OS support in NS mailbox. When integrating TF-M with NS bare metal environment, disable TFM_MULTI_CORE_NS_OS and NS mailbox relies on looping and requires no support from NS OS. TFM_MULTI_CORE_MULTI_CLIENT_CALL is removed. NS mailbox build can get rid of the dependency on the configuration of TFM_MULTI_CORE_MULTI_CLIENT_CALL in S mailbox build. NUM_MAILBOX_QUEUE_SLOT directly indicates whether platform and SPE supports multiple NS PSA Client calls. Change-Id: I937b2afdb88cccc22a20617d2ab36bcc1b939b05 Signed-off-by: David Hu <david.hu@arm.com>
2021-01-22Build: Improve the setting of number of mailbox queue slotsDavid Hu
Move configuration of number of mailbox queue slots from platform's device_cfg.h into a common header file tfm_mailbox_config.h. tfm_mailbox_config.h is automatically generated during build. The value of NUM_MAILBOX_QUEUE_SLOT is passed from build configuration and then set in tfm_mailbox_config.h. Change-Id: I9a3ac465b71b316accf6cd41cea80745eec8607c Signed-off-by: David Hu <david.hu@arm.com>
2021-01-22Dualcpu: Move dual-cpu NS files into a dedicated folderDavid Hu
Gather all the dual-cpu NS .c files in a dedicated folder multi_core under interface/src. Put all the dual-cpu interface header files in a dedicated folder multi-core under interface/include. Change-Id: Ia6847eb03a663e66260690ad88addb1521f13fcd Signed-off-by: David Hu <david.hu@arm.com>
2021-01-22Dualcpu: Refine NS mailbox wake-up mechanismDavid Hu
Move the loop of going through replied mailbox messages in NS mailbox queue into the NS mailbox wake-up function, to simplify the implementation in platform mailbox IRQ handler. Change-Id: I6dfed2e4ac2cdbb05aedb2a570e9592b2e2b6670 Signed-off-by: David Hu <david.hu@arm.com>
2021-01-22Dualcpu: Remove mailbox message handle from NS mailboxDavid Hu
It is unnecessary to export message handle mailbox_msg_handle_t to applications outside NS mailbox. - Remove message handles from NS mailbox APIs. NS applications can define own thread flags to manage mailbox wait/wake mechanism. - Remove message handles from NS mailbox reference implementation. Remove translation between handles and NS mailbox queue slot index as well. - Move mailbox_msg_handle_t definitions to SPE mailbox header file. Change-Id: Ic4bb5e5aebc29d0424ad2332af749f2bf59e8ebd Signed-off-by: David Hu <david.hu@arm.com>
2021-01-22Dualcpu: Move NS mailbox thread management to RTOS specific fileDavid Hu
The NS mailbox thread management is NS RTOS specific. - Add a new tfm_ns_mailbox_rtos_api.c to collect all the NS mailbox APIs which rely on RTOS specific implementations. - Move those API implementations from platform to tfm_ns_mailbox_rtos_api.c. - Rename those APIs to replace HAL keyword with OS keyword, to indicate that their implementations are RTOS specific. Change-Id: Ic2885bc1676964719d1524b39d6518444610e1aa Signed-off-by: David Hu <david.hu@arm.com>
2021-01-22Dualcpu: Simplify NS mailbox interfaceDavid Hu
Export fewer NS mailbox APIs to save development and port cost. - Combine PSA client call tx, wait and rx APIs into a single PSA client call API. - Combine NS mailbox message handle fetch and owner task handle fetch APIs into a single reply handling API. - Combine multi-thread waiting routine and polling routine. - Simplify NS mailbox reference implementation with updated APIs. Change-Id: Ib0e72cf1e38805ff217bbdd1f6ff2a62df41263b Signed-off-by: David Hu <david.hu@arm.com>
2020-11-03SPM: Change to new SPM log APIsShawn Shan
Change the LOG_MSG to new log APIs in SPM part. Change-Id: Ief970fdcff6dfa80b272d29234014ead1ffb18ff Signed-off-by: Shawn Shan <Shawn.Shan@arm.com>
2020-10-30Crypto: Align with Mbed TLS 2.24Summer Qin
Align the PSA Crypto header files in interface folder with Mbed TLS 2.24. Change-Id: I28a4e9789183bad3ad15b61480d6b8bb2151d4cb Signed-off-by: Summer Qin <summer.qin@arm.com>
2020-09-24Build: Convert interface dir to modern cmakeRaef Coles
Rewrite cmake files inside the interface directory. Remove generated files as they are now generated into the build tree. Modify header includes where include paths have changed. WARNING: This change will not build in isolation, it requires _all_ other cmake changes to successfully build. It is split out only for clarity of changes. Change-Id: I9ebfb1e31bebcba4a45ea3bb9ed0aa1c3d1c144d Signed-off-by: Raef Coles <raef.coles@arm.com>
2020-09-08Crypto: Fix types of psa_client_key_attributes_sSoby Mathew
This patch fixes the types of fields in psa_client_key_attributes_s to match the types as changed by the recent MbedTLS migration. Signed-off-by: Soby Mathew <soby.mathew@arm.com> Change-Id: I717f40671b3b5b838962eb155c24b29a63a0dda2
2020-08-21Crypto: migrate support to MbedTLS v2.23.0Soby Mathew
This patch migrates the mbedcrypto dependancy for TF-M to mbedTLS repo v2.23.0 which is the latest release tag. The PSA crypto headers and the crypto service implementation in TF-M is updated for additional functionality in this version. The userguide and other relevant documentation are updated to reflect the changes to location of repo. Signed-off-by: Soby Mathew <soby.mathew@arm.com> Change-Id: Ia7d3f95dc961c5815eb4416d2afbd90ec5c0c19e
2020-08-12Test: Record time cost of multi-core testsDavid Hu
Record the ticks cost in multi-core tests and demostrate the total ticks cost and ticks per PSA client call in average. Change-Id: I9bd481759461721618c3c84a1350a84820381281 Signed-off-by: David Hu <david.hu@arm.com>
2020-08-12Test: Simplify dual-cpu lightweight NS multi-thread testDavid Hu
Call psa_framework_version() in lightweight NS multi-thread test case in dual-cpu test, instead of calling a dedicated test secure partition. It can simplify the test process and shorten the client call execution, which fit the lightweight test requirement more. It also decreases the memory footprint. Remove the dedicated test secure partition from SPE. Update the manifest files. Change-Id: Iedb2e1f83ab55c5040eca411e501c33588690d9b Signed-off-by: David Hu <david.hu@arm.com>
2020-07-28Interface: Correct spell errorEdison Ai
Signed-off-by: Edison Ai <edison.ai@arm.com> Change-Id: Ib9cb3d83eee30d674d9806bc821ee67f002ff893
2020-07-20Interface: Move the tz_context.h from app to interfaceKevin Peng
The APIs in tz_context.h are for NS usage, so it should belong to interface. And the implementations source files should include it. It should be exported when building as well. Change-Id: Ia6970b3e0a6e492411ec1b70783c1bdd555df8b9 Signed-off-by: Kevin Peng <kevin.peng@arm.com>
2020-06-12SST: Rename SST(Secure STorage) to PS(Protected Storage)Kevin Peng
This patches renames SST(Secure STorage) to PS(Protected Storage) for files, folders and any contents in files to align with the PSA Storage API spec. Change-Id: Icf991f59512875780c159f22737b521b3b2d4924 Signed-off-by: Kevin Peng <kevin.peng@arm.com>
2020-06-09crypto: decouple the PSA Crypto interface from TF-M flagsSoby Mathew
This patch cleanup the PSA Crypto interface headers files and decouples it from TF-M build flag dependencies. The `psa_key_attributes_t` struct definition previously depended on various config options. The struct now only has fields which can be set and read by the client. Hence the client view of the structure is now defined separately in the crypto_client_struct.h header. The platform dependant definitions of the PSA Crypto types are fixed and hence the crypto_platform.h header is removed and the contents are moved to other PSA crypto headers. The previous intermediate solution for hiding the type differences between crypto server and client view via `psa_client_core_key_attributes_t` is now removed. Change-Id: I2644b5a2da3babe561c569ebf5690b3daa576a12 Signed-off-by: Soby Mathew <soby.mathew@arm.com>
2020-05-15Crypto: Import additional macros from crypto_extra.h in mbedcryptoSoby Mathew
During the migration to latest tag of mbedcrypto, some of the exported headers from TF-M was cleaned up which resulted in removing some needed macros in crypto_extra.h header as well. This patch copies some of the needed macros from the mbedcrypto header to the TF-M exported header. This issue was detected when the NS app tried to use the PSA_KEY_EXPORT_MAX_SIZE macro. Signed-off-by: Soby Mathew <soby.mathew@arm.com> Change-Id: I97a9535f7c68b402098c05f753547588793514b5
2020-05-04Platform: Added a Non-Volatile counters serviceGalanakis, Minos
This patch introduces a new platform service exposing the non-volatile counters. Secure partitions can use this secure API to access the initialisation, increment and read operations on the nv counters, by setting "TFM_SP_PLATFORM_NV_COUNTER" as a dependency. Change-Id: Ia564e24417dfd9bb95cc61634dbbea17caa5974c Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>