Core: Apply naked implementation for secure entry
Naked implementation of secure entry can call into SPM with no
touching stack pointer, this could:
- SPM can detect reentrant by checking stacked context size.
- SPM can use the same logic while dispatching Secure Partiton call
and non-secure veneer call. No special branch is needed.
Compare caller and the current partition's security attribute to know
if the current partition is preempted. And check stacked caller
context in SVCall handler to see if reentrant is happening. This
check could prevent:
- Secure thread mode gets preempted and another secure call is coming.
There is only one ongoing secure call can be there without the Secure
Context Management API. The SPE would panic if reentrant is detected.
Non-secure side call lock is recommended if NSPE has multiple threads
performs the secure call but it does not expect a panic.
The existing variable based lock can be removed after this checking is
applied.
Change-Id: Ib686960e642d9a8892a666d7248d2a2706fddf9a
Signed-off-by: Summer Qin <summer.qin@arm.com>
Co-authored-by: Ken Liu <ken.liu@arm.com>
diff --git a/interface/include/tfm_api.h b/interface/include/tfm_api.h
index 5e2aacb..09abc39 100644
--- a/interface/include/tfm_api.h
+++ b/interface/include/tfm_api.h
@@ -129,9 +129,9 @@
*
* \param[in] handle Handle to connection
*
- * \return Returns \ref psa_status_t status code.
+ * \return void
*/
-psa_status_t tfm_psa_close_veneer(psa_handle_t handle);
+void tfm_psa_close_veneer(psa_handle_t handle);
/***************** End Secure function declarations ***************************/