Build: Follow the 'source_structure.rst'
This is the first patch to follow the first commit of source structure
document. The items under the 'secure_fw' folder are re-organized:
- Create/Move some folders/files to follow document.
- Rename some folders to foll, for example, 'secure_fw/services' to
'secure_fw/partitions'.
- Update affected files to make it work.
This is a big change, to make the structure meet the basic shape of
the structure document defined, and make it easier to be understood
for users. Staging changes are not applicable so they are combined
into one - and because it is not the final shape yet, so:
- Upcoming updates on the 'secure_fw' folder would follow up soon.
- Fine-tune about the 'source_structure.rst' would come, too.
Change-Id: I5c11175e0a4579cd9b42d3e3519dbffb87334d0b
Signed-off-by: Ken Liu <ken.liu@arm.com>
diff --git a/secure_fw/spm/include/secure_utilities.h b/secure_fw/spm/include/secure_utilities.h
new file mode 100644
index 0000000..83dc402
--- /dev/null
+++ b/secure_fw/spm/include/secure_utilities.h
@@ -0,0 +1,24 @@
+/*
+ * Copyright (c) 2017-2020, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef __SECURE_UTILITIES_H__
+#define __SECURE_UTILITIES_H__
+
+#include <stdbool.h>
+#include "tfm_hal_device_header.h"
+#include "cmsis_compiler.h"
+
+#define EXC_NUM_THREAD_MODE (0)
+#define EXC_NUM_SVCALL (11)
+#define EXC_NUM_PENDSV (14)
+#define EXC_NUM_SYSTICK (15)
+
+#define ERROR_MSG(msg)
+
+bool tfm_is_one_bit_set(uint32_t n);
+
+#endif /* __SECURE_UTILITIES_H__ */
diff --git a/secure_fw/spm/include/tfm_core.h b/secure_fw/spm/include/tfm_core.h
new file mode 100644
index 0000000..8f1c663
--- /dev/null
+++ b/secure_fw/spm/include/tfm_core.h
@@ -0,0 +1,14 @@
+/*
+ * Copyright (c) 2017-2019, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef __TFM_CORE_H__
+#define __TFM_CORE_H__
+
+#include <arm_cmse.h>
+#include "secure_utilities.h"
+
+#endif /* __TFM_CORE_H__ */
diff --git a/secure_fw/spm/include/tfm_core_mem_check.h b/secure_fw/spm/include/tfm_core_mem_check.h
new file mode 100644
index 0000000..6a40563
--- /dev/null
+++ b/secure_fw/spm/include/tfm_core_mem_check.h
@@ -0,0 +1,53 @@
+/*
+ * Copyright (c) 2017-2019, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef __TFM_CORE_MEM_CHECK_H__
+#define __TFM_CORE_MEM_CHECK_H__
+
+#include "tfm_api.h"
+
+/**
+ * \brief Check whether the current partition has read access to a memory range
+ *
+ * This function assumes, that the current MPU configuration is set for the
+ * partition to be checked.
+ *
+ * \param[in] p The start address of the range to check
+ * \param[in] s The size of the range to check
+ * \param[in] ns_caller Whether the current partition is non-secure
+ * \param[in] privileged Privileged mode or unprivileged mode:
+ * \ref TFM_PARTITION_UNPRIVILEGED_MODE
+ * \ref TFM_PARTITION_PRIVILEGED_MODE
+ *
+ * \return TFM_SUCCESS if the partition has access to the memory range,
+ * TFM_ERROR_GENERIC otherwise.
+ */
+enum tfm_status_e tfm_core_has_read_access_to_region(const void *p, size_t s,
+ bool ns_caller,
+ uint32_t privileged);
+
+/**
+ * \brief Check whether the current partition has write access to a memory range
+ *
+ * This function assumes, that the current MPU configuration is set for the
+ * partition to be checked.
+ *
+ * \param[in] p The start address of the range to check
+ * \param[in] s The size of the range to check
+ * \param[in] ns_caller Whether the current partition is non-secure
+ * \param[in] privileged Privileged mode or unprivileged mode:
+ * \ref TFM_PARTITION_UNPRIVILEGED_MODE
+ * \ref TFM_PARTITION_PRIVILEGED_MODE
+ *
+ * \return TFM_SUCCESS if the partition has access to the memory range,
+ * TFM_ERROR_GENERIC otherwise.
+ */
+enum tfm_status_e tfm_core_has_write_access_to_region(const void *p, size_t s,
+ bool ns_caller,
+ uint32_t privileged);
+
+#endif /* __TFM_CORE_MEM_CHECK_H__ */
diff --git a/secure_fw/spm/include/tfm_core_topology.h b/secure_fw/spm/include/tfm_core_topology.h
new file mode 100644
index 0000000..4f31d99
--- /dev/null
+++ b/secure_fw/spm/include/tfm_core_topology.h
@@ -0,0 +1,41 @@
+/*
+ * Copyright (c) 2019, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef _TFM_CORE_TOPOLOGY_H_
+#define _TFM_CORE_TOPOLOGY_H_
+
+#include "tfm_hal_device_header.h"
+#include "cmsis_compiler.h"
+
+#ifdef TFM_MULTI_CORE_TOPOLOGY
+__STATIC_INLINE void tfm_core_topology_set_pendsv_priority(void)
+{
+ NVIC_SetPriority(PendSV_IRQn, (1 << __NVIC_PRIO_BITS) - 1);
+}
+#else
+__STATIC_INLINE void tfm_core_topology_set_pendsv_priority(void)
+{
+ /*
+ * Set secure PendSV priority to the lowest in SECURE state.
+ *
+ * IMPORTANT NOTE:
+ *
+ * Although the priority of the secure PendSV must be the lowest possible
+ * among other interrupts in the Secure state, it must be ensured that
+ * PendSV is not preempted nor masked by Non-Secure interrupts to ensure
+ * the integrity of the Secure operation.
+ * When AIRCR.PRIS is set, the Non-Secure execution can act on
+ * FAULTMASK_NS, PRIMASK_NS or BASEPRI_NS register to boost its priority
+ * number up to the value 0x80.
+ * For this reason, set the priority of the PendSV interrupt to the next
+ * priority level configurable on the platform, just below 0x80.
+ */
+ NVIC_SetPriority(PendSV_IRQn, (1 << (__NVIC_PRIO_BITS - 1)) - 1);
+}
+#endif /* TFM_MULTI_CORE_TOPOLOGY */
+
+#endif
diff --git a/secure_fw/spm/include/tfm_core_trustzone.h b/secure_fw/spm/include/tfm_core_trustzone.h
new file mode 100644
index 0000000..061235e
--- /dev/null
+++ b/secure_fw/spm/include/tfm_core_trustzone.h
@@ -0,0 +1,40 @@
+/*
+ * Copyright (c) 2019, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef __TFM_CORE_TRUSTZONE_H__
+#define __TFM_CORE_TRUSTZONE_H__
+
+/* This file holds specification or design defined TrustZone settings. */
+
+/*
+ * The non-secure entry stack guard words. To avoid fuzzing jump to
+ * FNC_RETURN in NSPE, the non-secure entry address is stacked into
+ * bottom (high end address) of secure stack. This would lead the
+ * fuzzing jump of FNC_RETURN to the non-secure entry. Define a size
+ * here for code reference.
+ */
+#define TFM_VENEER_STACK_GUARD_SIZE 8
+
+/*
+ * The numbers in 32bit words while basic FP involved in preempted context:
+ * S0 - S15, FPSCR, Reserved
+ */
+#define TFM_BASIC_FP_CONTEXT_WORDS 18
+
+/*
+ * The numbers in 32bit words while addtional FP involved in preempted context:
+ * S16 - S31
+ */
+#define TFM_ADDTIONAL_FP_CONTEXT_WORDS 16
+
+/*
+ * SG sets LR[0] to ZERO indicates a non-secure to secure transition.
+ * Make sure to apply this mask on a 'LR' just after 'SG' (in veneer).
+ */
+#define TFM_VENEER_LR_BIT0_MASK 1
+
+#endif /* __TFM_CORE_TRUSTZONE_H__ */
diff --git a/secure_fw/spm/include/tfm_core_utils.h b/secure_fw/spm/include/tfm_core_utils.h
new file mode 100644
index 0000000..680deec
--- /dev/null
+++ b/secure_fw/spm/include/tfm_core_utils.h
@@ -0,0 +1,38 @@
+/*
+ * Copyright (c) 2019, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef __TFM_CORE_UTILS_H__
+#define __TFM_CORE_UTILS_H__
+
+#include <stddef.h>
+#include <stdint.h>
+
+/**
+ * \brief Memory copy function for TF-M core
+ *
+ * \param[out] dest Destination address of memory
+ * \param[in] src Source address of memory
+ * \param[in] n Number of bytes to copy
+ *
+ * \retval Destination address of memory
+ * \note The function is used for copying same-sized object
+ * only.
+ */
+void *tfm_core_util_memcpy(void *dest, const void *src, size_t n);
+
+/**
+ * \brief Memory set function for TF-M core
+ *
+ * \param[out] s Destination address of memory
+ * \param[in] c Value to be written to memory
+ * \param[in] n Number of bytes to be wirtten
+ *
+ * \retval Destination address of memory
+ */
+void *tfm_core_util_memset(void *s, int c, size_t n);
+
+#endif /* __TFM_CORE_UTILS_H__ */
diff --git a/secure_fw/spm/include/tfm_internal.h b/secure_fw/spm/include/tfm_internal.h
new file mode 100644
index 0000000..119f53f
--- /dev/null
+++ b/secure_fw/spm/include/tfm_internal.h
@@ -0,0 +1,52 @@
+/*
+ * Copyright (c) 2018-2020, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef __TFM_INTERNAL_H__
+#define __TFM_INTERNAL_H__
+
+#include "secure_utilities.h"
+#include "tfm_arch.h"
+
+#ifndef TFM_PSA_API
+/*
+ * This function pointer is meant to only hold non secure function pointers.
+ * It will be turned into a non-secure one (LSB cleared) before being called
+ * whatever happens anyway (unless cast to another function pointer type).
+ * Registers will be cleared before branching so that no information leaks
+ * from secure to non-secure world.
+ */
+typedef void (*nsfptr_t) (void) __attribute__((cmse_nonsecure_call));
+
+extern nsfptr_t ns_entry;
+
+/**
+ * \brief Jumps to non-secure code.
+ */
+void jump_to_ns_code(void);
+#else /* !defined(TFM_PSA_API) */
+
+/**
+ * \brief Move to handler mode by a SVC for specific purpose
+ */
+void tfm_core_handler_mode(void);
+#endif /* !defined(TFM_PSA_API) */
+
+/**
+ * \brief Retrieve secure partition related data from shared memory area, which
+ * stores shared data between bootloader and runtime firmware.
+ *
+ * \param[in] args Pointer to stack frame, which carries input parameters.
+ */
+void tfm_core_get_boot_data_handler(uint32_t args[]);
+
+/**
+ * \brief Validate the content of shared memory area, which stores the shared
+ * data between bootloader and runtime firmware.
+ */
+void tfm_core_validate_boot_data(void);
+
+#endif /* __TFM_INTERNAL_H__ */
diff --git a/secure_fw/spm/include/tfm_irq_list.h b/secure_fw/spm/include/tfm_irq_list.h
new file mode 100644
index 0000000..fbad8f4
--- /dev/null
+++ b/secure_fw/spm/include/tfm_irq_list.h
@@ -0,0 +1,25 @@
+/*
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef __TFM_IRQ_LIST_H__
+#define __TFM_IRQ_LIST_H__
+
+#include "psa/service.h"
+
+#define TFM_DEFAULT_SECURE_IRQ_PRIOTITY 128
+
+struct tfm_core_irq_signal_data_t {
+ int32_t partition_id;
+ psa_signal_t signal_value;
+ IRQn_Type irq_line;
+ uint32_t irq_priority;
+};
+
+extern const struct tfm_core_irq_signal_data_t tfm_core_irq_signals[];
+extern const size_t tfm_core_irq_signals_count;
+
+#endif /* __TFM_IRQ_LIST_H__ */
diff --git a/secure_fw/spm/include/tfm_memory_utils.h b/secure_fw/spm/include/tfm_memory_utils.h
new file mode 100644
index 0000000..150e3cc
--- /dev/null
+++ b/secure_fw/spm/include/tfm_memory_utils.h
@@ -0,0 +1,45 @@
+/*
+ * Copyright (c) 2019, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef __TFM_MEMORY_UTILS_H__
+#define __TFM_MEMORY_UTILS_H__
+
+#include <string.h>
+#include "cmsis_compiler.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* FIXME: The following functions are wrappers around standard C library
+ * functions: memcpy, memcmp, memset
+ * In long term standard C library might be removed from TF-M project or
+ * replaced with a secure implementation due to security concerns.
+ */
+__attribute__ ((always_inline)) __STATIC_INLINE
+void *tfm_memcpy(void *dest, const void *src, size_t num)
+{
+ return (memcpy(dest, src, num));
+}
+
+__attribute__ ((always_inline)) __STATIC_INLINE
+int tfm_memcmp(const void *ptr1, const void *ptr2, size_t num)
+{
+ return (memcmp(ptr1, ptr2, num));
+}
+
+__attribute__ ((always_inline)) __STATIC_INLINE
+void *tfm_memset(void *ptr, int value, size_t num)
+{
+ return (memset(ptr, value, num));
+}
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __TFM_MEMORY_UTILS_H__ */
diff --git a/secure_fw/spm/include/tfm_nspm.h b/secure_fw/spm/include/tfm_nspm.h
new file mode 100644
index 0000000..3c3e276
--- /dev/null
+++ b/secure_fw/spm/include/tfm_nspm.h
@@ -0,0 +1,75 @@
+/*
+ * Copyright (c) 2018-2020, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef __TFM_NSPM_H__
+#define __TFM_NSPM_H__
+
+#include <stdint.h>
+
+#if defined(__GNUC__) && !defined(TFM_MULTI_CORE_TOPOLOGY)
+/*
+ * The macro cmse_nsfptr_create defined in the gcc library uses the non-standard
+ * gcc C lanuage extension 'typeof'. TF-M is built with '-std=c99' so typeof
+ * cannot be used in the code. As a workaround cmse_nsfptr_create is redefined
+ * here to use only standard language elements.
+ */
+#undef cmse_nsfptr_create
+#define cmse_nsfptr_create(p) ((intptr_t) (p) & ~1)
+
+/*!
+ * \def __tfm_nspm_secure_gateway_attributes__
+ *
+ * \brief Attributes for secure gateway functions for NSPM
+ */
+#ifndef __ARMCC_VERSION
+/*
+ * GNUARM requires noclone attribute to protect gateway function symbol from
+ * being renamed and cloned
+ */
+#define __tfm_nspm_secure_gateway_attributes__ \
+ __attribute__((cmse_nonsecure_entry, noclone))
+#else
+#define __tfm_nspm_secure_gateway_attributes__ \
+ __attribute__((cmse_nonsecure_entry))
+#endif /* !__ARMCC_VERSION */
+#endif /* __GNUC__ && !TFM_MULTI_CORE_TOPOLOGY */
+
+#ifndef TFM_PSA_API
+/**
+ * \brief initialise the NS context database
+ */
+void tfm_nspm_configure_clients(void);
+#endif
+
+/**
+ * \brief Get the client ID of the current NS client
+ *
+ * \return The client id of the current NS client. 0 (invalid client id) is
+ * returned in case of error.
+ */
+int32_t tfm_nspm_get_current_client_id(void);
+
+#ifdef TFM_PSA_API
+/**
+ * \brief NSPM thread main entry function
+ *
+ * Note: This function should not return back.
+ */
+void tfm_nspm_thread_entry(void);
+#endif
+
+#ifdef TFM_MULTI_CORE_TOPOLOGY
+/* Unnecessary to configure Non-secure side code */
+#define configure_ns_code() do {} while (0)
+#else
+/*
+ * \brief Configure Non-secure code, such as vector table, MSP and entry point.
+ */
+void configure_ns_code(void);
+#endif
+
+#endif /* __TFM_NSPM_H__ */
diff --git a/secure_fw/spm/include/tfm_platform_core_api.h b/secure_fw/spm/include/tfm_platform_core_api.h
new file mode 100644
index 0000000..0f0d759
--- /dev/null
+++ b/secure_fw/spm/include/tfm_platform_core_api.h
@@ -0,0 +1,35 @@
+/*
+ * Copyright (c) 2018-2020, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef __TFM_PLATFORM_CORE_API_H__
+#define __TFM_PLATFORM_CORE_API_H__
+
+#include <stdbool.h>
+
+/**
+ * \brief Should be called in case of access violation.
+ *
+ * There might be platform specific means, by which it is possible on a
+ * subsystem to detect access violation. For example a platform can have a
+ * Peripheral Protection Controller, to detect unauthorised accesses to
+ * peripheral registers. Setting up the protection, and handling the violation
+ * is implemented in platform specific code. However TF-M should be able to
+ * decide how to proceed if a violation happens. So to notify TF-M, platform
+ * code have to call this function, if a violation happens.
+ */
+void tfm_access_violation_handler(void);
+
+/**
+ * \brief Return whether a secure partition is privileged.
+ *
+ * \param[in] partition_idx The index of the partition in the partition_db.
+ *
+ * \return True if the partition is privileged, false otherwise.
+ */
+bool tfm_is_partition_privileged(uint32_t partition_idx);
+
+#endif /* __TFM_PLATFORM_CORE_API_H__ */
diff --git a/secure_fw/spm/include/tfm_secure_api.h b/secure_fw/spm/include/tfm_secure_api.h
new file mode 100644
index 0000000..2112ce9
--- /dev/null
+++ b/secure_fw/spm/include/tfm_secure_api.h
@@ -0,0 +1,168 @@
+/*
+ * Copyright (c) 2017-2020, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef __TFM_SECURE_API_H__
+#define __TFM_SECURE_API_H__
+
+#ifndef TFM_MULTI_CORE_TOPOLOGY
+#include <arm_cmse.h>
+#endif
+#include "tfm_arch.h"
+#include "tfm/tfm_core_svc.h"
+#include "tfm_core.h"
+#include "tfm_api.h"
+#include "tfm_utils.h"
+#include "bl2/include/tfm_boot_status.h"
+#include "psa/service.h"
+
+#ifndef TFM_MULTI_CORE_TOPOLOGY
+/*!
+ * \def __tfm_secure_gateway_attributes__
+ *
+ * \brief Attributes for secure gateway functions
+ */
+#if defined(__GNUC__) && !defined(__ARMCC_VERSION)
+/*
+ * GNUARM requires noclone attribute to protect gateway function symbol from
+ * being renamed and cloned
+ */
+#define __tfm_secure_gateway_attributes__ \
+ __attribute__((cmse_nonsecure_entry, noclone, section("SFN")))
+#else
+#define __tfm_secure_gateway_attributes__ \
+ __attribute__((cmse_nonsecure_entry, section("SFN")))
+#endif /* __GNUC__ && !__ARMCC_VERSION */
+
+/*!
+ * \def __tfm_psa_secure_gateway_attributes__
+ *
+ * \brief Attributes for psa api secure gateway functions
+ */
+#if defined(__GNUC__) && !defined(__ARMCC_VERSION)
+/*
+ * GNUARM requires noclone attribute to protect gateway function symbol from
+ * being renamed and cloned
+ */
+#define __tfm_psa_secure_gateway_attributes__ \
+ __attribute__((cmse_nonsecure_entry, noclone, naked, section("SFN")))
+#else
+#define __tfm_psa_secure_gateway_attributes__ \
+ __attribute__((cmse_nonsecure_entry, naked, section("SFN")))
+#endif /* __GNUC__ && !__ARMCC_VERSION */
+#endif /* TFM_MULTI_CORE_TOPOLOGY */
+
+/* Hide specific errors if not debugging */
+#ifdef TFM_CORE_DEBUG
+#define TFM_ERROR_STATUS(status) (status)
+#else
+#define TFM_ERROR_STATUS(status) (TFM_PARTITION_BUSY)
+#endif
+
+#ifndef TFM_LVL
+#error TFM_LVL is not defined!
+#endif
+
+extern void tfm_secure_api_error_handler(void);
+
+typedef int32_t(*sfn_t)(int32_t, int32_t, int32_t, int32_t);
+
+struct tfm_sfn_req_s {
+ uint32_t sp_id;
+ sfn_t sfn;
+ int32_t *args;
+ uint32_t caller_part_idx;
+ bool ns_caller;
+};
+
+enum tfm_memory_access_e {
+ TFM_MEMORY_ACCESS_RO = 1,
+ TFM_MEMORY_ACCESS_RW = 2,
+};
+
+extern int32_t tfm_core_validate_secure_caller(void);
+
+extern int32_t tfm_core_get_caller_client_id(int32_t *caller_client_id);
+
+extern int32_t tfm_core_get_boot_data(uint8_t major_type,
+ struct tfm_boot_data *boot_data,
+ uint32_t len);
+
+int32_t tfm_core_sfn_request(const struct tfm_sfn_req_s *desc_ptr);
+
+int32_t tfm_spm_sfn_request_thread_mode(struct tfm_sfn_req_s *desc_ptr);
+
+/**
+ * \brief Check whether a memory range is inside a memory region.
+ *
+ * \param[in] p The start address of the range to check
+ * \param[in] s The size of the range to check
+ * \param[in] region_start The start address of the region, which should
+ * contain the range
+ * \param[in] region_limit The end address of the region, which should contain
+ * the range
+ *
+ * \return TFM_SUCCESS if the region contains the range,
+ * TFM_ERROR_GENERIC otherwise.
+ */
+enum tfm_status_e check_address_range(const void *p, size_t s,
+ uintptr_t region_start,
+ uintptr_t region_limit);
+
+void tfm_enable_irq(psa_signal_t irq_signal);
+void tfm_disable_irq(psa_signal_t irq_signal);
+
+#ifdef TFM_PSA_API
+/* The following macros are only valid if secure services can be called
+ * using veneer functions. This is not the case if IPC messaging is enabled
+ */
+#define TFM_CORE_IOVEC_SFN_REQUEST(id, fn, a, b, c, d) \
+ do { \
+ ERROR_MSG("Invalid TF-M configuration detected"); \
+ tfm_secure_api_error_handler(); \
+ /* This point never reached */ \
+ return (int32_t)TFM_ERROR_GENERIC; \
+ } while (0)
+#else
+#define TFM_CORE_IOVEC_SFN_REQUEST(id, is_ns, fn, a, b, c, d) \
+ return tfm_core_partition_request(id, is_ns, fn, \
+ (int32_t)a, (int32_t)b, (int32_t)c, (int32_t)d)
+
+int32_t tfm_core_partition_request(uint32_t id, bool is_ns, void *fn,
+ int32_t arg1, int32_t arg2, int32_t arg3, int32_t arg4);
+
+__attribute__ ((always_inline)) __STATIC_INLINE
+bool tfm_core_is_ns_client(void)
+{
+ /*
+ * This preprocessor condition checks if a version of GCC smaller than
+ * 7.3.1 is being used to compile the code.
+ * These versions are affected by a bug on the cmse_nonsecure_caller
+ * intrinsic which returns incorrect results.
+ * Please check Bug 85203 on GCC Bugzilla for more information.
+ */
+#if defined(__GNUC__) && !defined(__ARMCC_VERSION) && \
+ (__GNUC__ < 7 || \
+ (__GNUC__ == 7 && (__GNUC_MINOR__ < 3 || \
+ (__GNUC_MINOR__ == 3 && __GNUC_PATCHLEVEL__ < 1))))
+ /*
+ * Use the fact that, if called from Non-Secure, the LSB of the return
+ * address is set to 0.
+ */
+ return !(
+ (uintptr_t)__builtin_extract_return_addr(__builtin_return_address(0U))
+ & 0x1);
+#else
+ /*
+ * Convert the result of cmse_nonsecure_caller from an int to a bool
+ * to prevent using an int in the tfm_sfn_req_s structure.
+ */
+ return (cmse_nonsecure_caller() != 0) ? true : false;
+#endif /* Check for GCC compiler version smaller than 7.3.1 */
+}
+#endif
+
+#endif /* __TFM_SECURE_API_H__ */
diff --git a/secure_fw/spm/include/tfm_utils.h b/secure_fw/spm/include/tfm_utils.h
new file mode 100644
index 0000000..4354eda
--- /dev/null
+++ b/secure_fw/spm/include/tfm_utils.h
@@ -0,0 +1,35 @@
+/*
+ * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+#ifndef __TFM_UTILS_H__
+#define __TFM_UTILS_H__
+
+#include <stdio.h>
+
+/*
+ * CPU spin here.
+ * Note: this function is used to handle PROGRAMMER ERROR.
+ */
+void tfm_core_panic(void);
+
+/* Core assert and spin */
+#ifndef NDEBUG
+#define TFM_CORE_ASSERT(cond) \
+ do { \
+ if (!(cond)) { \
+ while (1) \
+ ; \
+ } \
+ } while (0)
+#else
+#define TFM_CORE_ASSERT(cond)
+#endif
+
+/* Get container structure start address from member */
+#define TFM_GET_CONTAINER_PTR(ptr, type, member) \
+ (type *)((unsigned long)(ptr) - offsetof(type, member))
+
+#endif /* __TFM_UTILS_H__ */
diff --git a/secure_fw/spm/include/tfm_version.h b/secure_fw/spm/include/tfm_version.h
new file mode 100644
index 0000000..461ba97
--- /dev/null
+++ b/secure_fw/spm/include/tfm_version.h
@@ -0,0 +1,18 @@
+/*
+ * Copyright (c) 2020, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef __TFM_VERSION_H__
+#define __TFM_VERSION_H__
+
+/*
+ * Defines for TFM version.
+ */
+#define VERSION_MAJOR 1
+#define VERSION_MINOR 0
+#define VERSION_STRING ""
+
+#endif /* __TFM_VERSION_H__ */