Core: Remove isolation level 3
Remove functions, process, data which only used in isolation level 3
for library model.
Change-Id: Ia21819d6a6cccb18af316a79658aa3673f2d2420
Signed-off-by: Edison Ai <edison.ai@arm.com>
diff --git a/secure_fw/core/tfm_func_api.c b/secure_fw/core/tfm_func_api.c
index 6f7ac7d..8f08508 100644
--- a/secure_fw/core/tfm_func_api.c
+++ b/secure_fw/core/tfm_func_api.c
@@ -36,11 +36,8 @@
REGION_DECLARE(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Base);
REGION_DECLARE(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Limit);
-
-#if TFM_LVL == 1
REGION_DECLARE(Image$$, TFM_SECURE_STACK, $$ZI$$Base);
REGION_DECLARE(Image$$, TFM_SECURE_STACK, $$ZI$$Limit);
-#endif
/* This is the "Big Lock" on the secure side, to guarantee single entry
* to SPE
@@ -342,19 +339,10 @@
*/
static struct iovec_args_t *get_iovec_args_stack_address(uint32_t partition_idx)
{
- struct iovec_args_t *iovec_args;
-#if TFM_LVL == 1
/* Save the iovecs on the common stack. */
- iovec_args = (struct iovec_args_t *)
- ((uint8_t *)®ION_NAME(Image$$, TFM_SECURE_STACK, $$ZI$$Limit)-
- sizeof(struct iovec_args_t));
-#else
- /* Save the iovecs on the stack of the partition. */
- iovec_args = (struct iovec_args_t *)
- (tfm_spm_partition_get_stack_top(partition_idx) -
- sizeof(struct iovec_args_t));
-#endif
- return iovec_args;
+ return (struct iovec_args_t *)((uint8_t *)®ION_NAME(Image$$,
+ TFM_SECURE_STACK, $$ZI$$Limit) -
+ sizeof(struct iovec_args_t));
}
static enum tfm_status_e tfm_start_partition(
@@ -398,24 +386,13 @@
caller_partition_id = tfm_spm_partition_get_partition_id(
caller_partition_idx);
- if (tfm_secure_api_initializing) {
-#if TFM_LVL != 1
- /* Make thread mode unprivileged while untrusted partition init is
- * executed
- */
- if ((partition_flags & SPM_PART_FLAG_PSA_ROT) == 0) {
- tfm_spm_partition_change_privilege(
- TFM_PARTITION_UNPRIVILEGED_MODE);
- }
-#endif
- } else {
+ if (!tfm_secure_api_initializing) {
res = check_partition_state(partition_state, caller_partition_state);
if (res != TFM_SUCCESS) {
return res;
}
}
-#if TFM_LVL == 1
/* Prepare switch to shared secure partition stack */
/* In case the call is coming from the non-secure world, we save the iovecs
* on the stop of the stack. So the memory area, that can actually be used
@@ -426,10 +403,7 @@
sizeof(struct iovec_args_t);
partition_psplim =
(uint32_t)®ION_NAME(Image$$, TFM_SECURE_STACK, $$ZI$$Base);
-#else
- partition_psp = curr_part_data->stack_ptr;
- partition_psplim = tfm_spm_partition_get_stack_bottom(partition_idx);
-#endif
+
/* Store the context for the partition call */
tfm_spm_partition_set_caller_partition_idx(partition_idx,
caller_partition_idx);
@@ -446,17 +420,6 @@
tfm_spm_partition_set_caller_client_id(partition_idx, client_id);
}
-#if (TFM_LVL != 1) && (TFM_LVL != 2)
- /* Dynamic partitioning is only done is TFM level 3 */
- tfm_spm_partition_sandbox_deconfig(caller_partition_idx);
-
- /* Configure partition execution environment */
- if (tfm_spm_partition_sandbox_config(partition_idx) != SPM_ERR_OK) {
- ERROR_MSG("Failed to configure sandbox for partition!");
- tfm_secure_api_error_handler();
- }
-#endif
-
/* Default share to scratch area in case of partition to partition calls
* this way partitions always get default access to input buffers
*/
@@ -466,13 +429,10 @@
desc_ptr->ns_caller ?
TFM_BUFFER_SHARE_NS_CODE : TFM_BUFFER_SHARE_SCRATCH);
-#if TFM_LVL == 1
/* In level one, only switch context and return from exception if in
* handler mode
*/
- if ((desc_ptr->ns_caller) || (tfm_secure_api_initializing))
-#endif
- {
+ if ((desc_ptr->ns_caller) || (tfm_secure_api_initializing)) {
if (desc_ptr->iovec_api == TFM_SFN_API_IOVEC) {
if (tfm_spm_partition_set_iovec(partition_idx, desc_ptr->args) !=
SPM_ERR_OK) {
@@ -513,9 +473,6 @@
uint32_t irq_line = svc_ctx->R3;
enum tfm_status_e res;
uint32_t psp = __get_PSP();
-#if (TFM_LVL != 1)
- uint32_t handler_partition_psplim;
-#endif
uint32_t handler_partition_psp;
uint32_t handler_partition_state;
uint32_t interrupted_partition_idx =
@@ -543,16 +500,7 @@
/* save the current context of the interrupted partition */
tfm_spm_partition_push_interrupted_ctx(interrupted_partition_idx);
-#if (TFM_LVL != 1)
- /* Save the psp as it was when the interrupt happened */
- tfm_spm_partition_set_stack(interrupted_partition_idx, psp);
-
- handler_partition_psp = handler_part_data->stack_ptr;
- handler_partition_psplim =
- tfm_spm_partition_get_stack_bottom(handler_partition_idx);
-#else /* TFM_LVL != 1 */
handler_partition_psp = psp;
-#endif /* TFM_LVL != 1 */
/* save the current context of the handler partition */
tfm_spm_partition_push_handler_ctx(handler_partition_idx);
@@ -561,23 +509,10 @@
tfm_spm_partition_set_caller_partition_idx(handler_partition_idx,
interrupted_partition_idx);
-#if TFM_LVL == 3
- /* Dynamic partitioning is only done is TFM level 3 */
- tfm_spm_partition_sandbox_deconfig(interrupted_partition_idx);
-
- /* Configure partition execution environment */
- if (tfm_spm_partition_sandbox_config(handler_partition_idx) != SPM_ERR_OK) {
- ERROR_MSG("Failed to configure sandbox for partition!");
- tfm_secure_api_error_handler();
- }
-#endif /* TFM_LVL == 3 */
-
psp = (uint32_t)prepare_partition_irq_ctx(svc_ctx, unpriv_handler,
(int32_t *)handler_partition_psp);
__set_PSP(psp);
-#if (TFM_LVL != 1)
- __set_PSPLIM(handler_partition_psplim);
-#endif /* TFM_LVL != 1 */
+
tfm_spm_partition_set_state(interrupted_partition_idx,
SPM_PARTITION_STATE_SUSPENDED);
tfm_spm_partition_set_state(handler_partition_idx,
@@ -618,36 +553,6 @@
tfm_secure_lock--;
-#if (TFM_LVL != 1) && (TFM_LVL != 2)
- /* Deconfigure completed partition environment */
- tfm_spm_partition_sandbox_deconfig(current_partition_idx);
- if (tfm_secure_api_initializing) {
- /* Restore privilege for thread mode during TF-M init. This is only
- * have to be done if the partition is not trusted.
- */
- if ((current_partition_flags & SPM_PART_FLAG_PSA_ROT) == 0) {
- tfm_spm_partition_change_privilege(TFM_PARTITION_PRIVILEGED_MODE);
- }
- } else {
- /* Configure the caller partition environment in case this was a
- * partition to partition call and returning to untrusted partition
- */
- if (tfm_spm_partition_sandbox_config(return_partition_idx)
- != SPM_ERR_OK) {
- ERROR_MSG("Failed to configure sandbox for partition!");
- tfm_secure_api_error_handler();
- }
- if (return_partition_flags & SPM_PART_FLAG_APP_ROT) {
- /* Restore share status */
- tfm_spm_partition_set_share(
- return_partition_idx,
- tfm_spm_partition_get_runtime_data(
- return_partition_idx)->share);
- }
- }
-#endif
-
-#if TFM_LVL == 1
if (!(return_partition_flags & SPM_PART_FLAG_APP_ROT) ||
(tfm_secure_api_initializing)) {
/* In TFM level 1 context restore is only done when
@@ -677,31 +582,6 @@
tfm_clear_iovec_parameters(iovec_args);
}
}
-#else
- /* Restore caller context */
- restore_caller_ctx(svc_ctx,
- (struct tfm_exc_stack_t *)ret_part_data->stack_ptr);
- *excReturn = ret_part_data->lr;
- __set_PSP(ret_part_data->stack_ptr);
- tfm_arch_set_psplim(
- tfm_spm_partition_get_stack_bottom(return_partition_idx));
- /* Clear the context entry before returning */
- tfm_spm_partition_set_stack(
- current_partition_idx, psp + sizeof(struct tfm_exc_stack_t));
-
- /* FIXME: The condition should be removed once all the secure service
- * calls are done via the iovec veneers */
- if (curr_part_data->iovec_api) {
- iovec_args = (struct iovec_args_t *)
- (tfm_spm_partition_get_stack_top(current_partition_idx) -
- sizeof(struct iovec_args_t));
-
- for (i = 0; i < curr_part_data->iovec_args.out_len; ++i) {
- curr_part_data->orig_outvec[i].len = iovec_args->out_vec[i].len;
- }
- tfm_clear_iovec_parameters(iovec_args);
- }
-#endif
tfm_spm_partition_cleanup_context(current_partition_idx);
@@ -719,10 +599,6 @@
uint32_t handler_partition_idx =
tfm_spm_partition_get_running_partition_idx();
const struct spm_partition_runtime_data_t *handler_part_data;
-#if TFM_LVL != 1
- const struct spm_partition_runtime_data_t *interrupted_part_data;
- uint32_t interrupted_partition_psplim;
-#endif /* TFM_LVL != 1 */
uint32_t interrupted_partition_idx;
uint32_t psp = __get_PSP();
struct tfm_exc_stack_t *svc_ctx = (struct tfm_exc_stack_t *)psp;
@@ -739,49 +615,16 @@
return TFM_SECURE_UNLOCK_FAILED;
}
-#if TFM_LVL != 1
- interrupted_part_data = tfm_spm_partition_get_runtime_data(
- interrupted_partition_idx);
-
-#if TFM_LVL == 3
- /* Deconfigure completed partition environment */
- tfm_spm_partition_sandbox_deconfig(handler_partition_idx);
-
- /* Configure the caller partition environment */
- if (tfm_spm_partition_sandbox_config(interrupted_partition_idx)
- != SPM_ERR_OK) {
- ERROR_MSG("Failed to configure sandbox for partition!");
- tfm_secure_api_error_handler();
- }
-#endif /* TFM_LVL == 3 */
-
- /* Restore caller context */
- *excReturn = svc_ctx->RetAddr;
-
- if (psp+sizeof(struct tfm_exc_stack_t) != handler_part_data->stack_ptr) {
- ERROR_MSG("The interrupt handler unfolded its stack improperly!");
- tfm_secure_api_error_handler();
- }
-
- psp = interrupted_part_data->stack_ptr;
-#else /* TFM_LVL != 1 */
/* For level 1, modify PSP, so that the SVC stack frame disappears,
* and return to the privileged handler using the stack frame still on the
* MSP stack.
*/
*excReturn = svc_ctx->RetAddr;
psp += sizeof(struct tfm_exc_stack_t);
-#endif /* TFM_LVL != 1 */
tfm_spm_partition_pop_handler_ctx(handler_partition_idx);
tfm_spm_partition_pop_interrupted_ctx(interrupted_partition_idx);
-#if TFM_LVL != 1
- interrupted_partition_psplim =
- tfm_spm_partition_get_stack_bottom(interrupted_partition_idx);
-
- __set_PSPLIM(interrupted_partition_psplim);
-#endif /* TFM_LVL != 1 */
__set_PSP(psp);
return TFM_SUCCESS;
@@ -833,12 +676,6 @@
void tfm_secure_api_init_done(void)
{
tfm_secure_api_initializing = 0;
-#if TFM_LVL != 1
- if (tfm_spm_partition_sandbox_config(TFM_SP_NON_SECURE_ID) != SPM_ERR_OK) {
- ERROR_MSG("Failed to configure sandbox for partition!");
- tfm_secure_api_error_handler();
- }
-#endif
}
enum tfm_status_e tfm_core_sfn_request_handler(
@@ -888,7 +725,6 @@
return res;
}
-#if TFM_LVL == 1
int32_t tfm_core_sfn_request_thread_mode(struct tfm_sfn_req_s *desc_ptr)
{
enum tfm_status_e res;
@@ -928,7 +764,6 @@
}
return (int32_t)res;
}
-#endif
void tfm_core_validate_secure_caller_handler(uint32_t *svc_args)
{
@@ -984,7 +819,6 @@
return 0;
}
-#if TFM_LVL == 1
/* For privileged partition execution, all secure data memory and stack
* is accessible
*/
@@ -992,29 +826,7 @@
end_addr_value <= (S_DATA_START + S_DATA_SIZE)) {
return 1;
}
-#else
- /* For non-privileged execution the partition's data and stack is
- * accessible
- */
- if (start_addr_value >=
- tfm_spm_partition_get_stack_bottom(partition_idx) &&
- end_addr_value <=
- tfm_spm_partition_get_stack_top(partition_idx)) {
- return 1;
- }
- if (start_addr_value >=
- tfm_spm_partition_get_rw_start(partition_idx) &&
- end_addr_value <=
- tfm_spm_partition_get_rw_limit(partition_idx)) {
- return 1;
- }
- if (start_addr_value >=
- tfm_spm_partition_get_zi_start(partition_idx) &&
- end_addr_value <=
- tfm_spm_partition_get_zi_limit(partition_idx)) {
- return 1;
- }
-#endif
+
return 0;
}
@@ -1102,19 +914,12 @@
cmse_address_info_t addr_info = cmse_TT((void *)ptr);
if (addr_info.flags.secure) {
-#if TFM_LVL == 1
/* For privileged partition execution, all secure data memory is
* accessible
*/
max_buf_size = S_DATA_SIZE;
ptr_start = S_DATA_START;
range_limit = S_DATA_LIMIT;
-#else
- /* Only scratch is permitted in secure memory */
- max_buf_size = (uint32_t)tfm_scratch_area_size;
- ptr_start = (uint32_t)tfm_scratch_area;
- range_limit = (uint32_t)tfm_scratch_area + tfm_scratch_area_size - 1;
-#endif
range_check = true;
} else {
if (!addr_info.flags.sau_region_valid) {
diff --git a/secure_fw/core/tfm_secure_api.h b/secure_fw/core/tfm_secure_api.h
index e49924b..93c9ece 100644
--- a/secure_fw/core/tfm_secure_api.h
+++ b/secure_fw/core/tfm_secure_api.h
@@ -207,7 +207,7 @@
return tfm_core_sfn_request_thread_mode(desc_ptr);
}
#else
- return tfm_core_sfn_request(desc_ptr);
+ return (int32_t)TFM_ERROR_GENERIC;
#endif
}
diff --git a/secure_fw/core/tfm_spm_services.c b/secure_fw/core/tfm_spm_services.c
index bd428af..7033ca7 100644
--- a/secure_fw/core/tfm_spm_services.c
+++ b/secure_fw/core/tfm_spm_services.c
@@ -20,14 +20,6 @@
void jump_to_ns_code(void)
{
-#if TFM_LVL == 3 || ((!defined(TFM_PSA_API)) && (TFM_LVL != 1))
- /* Initialization is done, set thread mode to unprivileged. */
- tfm_spm_partition_change_privilege(TFM_PARTITION_UNPRIVILEGED_MODE);
-#endif
- /* All changes made to memory will be effective after this point */
- __DSB();
- __ISB();
-
/* Calls the non-secure Reset_Handler to jump to the non-secure binary */
ns_entry();
}
diff --git a/secure_fw/services/tfm_spm_db.inc b/secure_fw/services/tfm_spm_db.inc
index c3db365..1fee28c 100644
--- a/secure_fw/services/tfm_spm_db.inc
+++ b/secure_fw/services/tfm_spm_db.inc
@@ -373,12 +373,7 @@
.caller_partition_idx = SPM_INVALID_PARTITION_IDX,
.caller_client_id = TFM_INVALID_CLIENT_ID,
.share = TFM_BUFFER_SHARE_DISABLE,
-#if TFM_LVL != 1
- .stack_ptr = PART_REGION_ADDR(TFM_SP_STORAGE, _STACK$$ZI$$Limit) -
- sizeof(struct iovec_args_t),
-#else /* TFM_LVL != 1 */
.stack_ptr = 0,
-#endif /* TFM_LVL != 1 */
.lr = 0,
.iovec_api = TFM_SFN_API_IOVEC,
.iovec_args =
@@ -408,7 +403,7 @@
.platform_data = NULL,
-#if (TFM_LVL != 1) || defined(TFM_PSA_API)
+#ifdef TFM_PSA_API
/* memory_data */
.memory_data = {
.code_start = PART_REGION_ADDR(TFM_SP_STORAGE, $$Base),
@@ -422,9 +417,7 @@
.stack_bottom = PART_REGION_ADDR(TFM_SP_STORAGE, _STACK$$ZI$$Base),
.stack_top = PART_REGION_ADDR(TFM_SP_STORAGE, _STACK$$ZI$$Limit),
},
-#endif
-#ifdef TFM_PSA_API
/* sp_thrd */
.sp_thrd = {
.pfn = NULL,
@@ -464,12 +457,7 @@
.caller_partition_idx = SPM_INVALID_PARTITION_IDX,
.caller_client_id = TFM_INVALID_CLIENT_ID,
.share = TFM_BUFFER_SHARE_DISABLE,
-#if TFM_LVL != 1
- .stack_ptr = PART_REGION_ADDR(TFM_SP_AUDIT_LOG, _STACK$$ZI$$Limit) -
- sizeof(struct iovec_args_t),
-#else /* TFM_LVL != 1 */
.stack_ptr = 0,
-#endif /* TFM_LVL != 1 */
.lr = 0,
.iovec_api = TFM_SFN_API_IOVEC,
.iovec_args =
@@ -505,7 +493,7 @@
.platform_data = NULL,
#endif /* AUDIT_UART_REDIRECTION */
-#if (TFM_LVL != 1) || defined(TFM_PSA_API)
+#ifdef TFM_PSA_API
/* memory_data */
.memory_data = {
.code_start = PART_REGION_ADDR(TFM_SP_AUDIT_LOG, $$Base),
@@ -519,9 +507,7 @@
.stack_bottom = PART_REGION_ADDR(TFM_SP_AUDIT_LOG, _STACK$$ZI$$Base),
.stack_top = PART_REGION_ADDR(TFM_SP_AUDIT_LOG, _STACK$$ZI$$Limit),
},
-#endif
-#ifdef TFM_PSA_API
/* sp_thrd */
.sp_thrd = {
.pfn = NULL,
@@ -561,12 +547,7 @@
.caller_partition_idx = SPM_INVALID_PARTITION_IDX,
.caller_client_id = TFM_INVALID_CLIENT_ID,
.share = TFM_BUFFER_SHARE_DISABLE,
-#if TFM_LVL != 1
- .stack_ptr = PART_REGION_ADDR(TFM_SP_CRYPTO, _STACK$$ZI$$Limit) -
- sizeof(struct iovec_args_t),
-#else /* TFM_LVL != 1 */
.stack_ptr = 0,
-#endif /* TFM_LVL != 1 */
.lr = 0,
.iovec_api = TFM_SFN_API_IOVEC,
.iovec_args =
@@ -596,7 +577,7 @@
.platform_data = NULL,
-#if (TFM_LVL != 1) || defined(TFM_PSA_API)
+#ifdef TFM_PSA_API
/* memory_data */
.memory_data = {
.code_start = PART_REGION_ADDR(TFM_SP_CRYPTO, $$Base),
@@ -610,9 +591,7 @@
.stack_bottom = PART_REGION_ADDR(TFM_SP_CRYPTO, _STACK$$ZI$$Base),
.stack_top = PART_REGION_ADDR(TFM_SP_CRYPTO, _STACK$$ZI$$Limit),
},
-#endif
-#ifdef TFM_PSA_API
/* sp_thrd */
.sp_thrd = {
.pfn = NULL,
@@ -652,12 +631,7 @@
.caller_partition_idx = SPM_INVALID_PARTITION_IDX,
.caller_client_id = TFM_INVALID_CLIENT_ID,
.share = TFM_BUFFER_SHARE_DISABLE,
-#if TFM_LVL != 1
- .stack_ptr = PART_REGION_ADDR(TFM_SP_PLATFORM, _STACK$$ZI$$Limit) -
- sizeof(struct iovec_args_t),
-#else /* TFM_LVL != 1 */
.stack_ptr = 0,
-#endif /* TFM_LVL != 1 */
.lr = 0,
.iovec_api = TFM_SFN_API_IOVEC,
.iovec_args =
@@ -687,7 +661,7 @@
.platform_data = NULL,
-#if (TFM_LVL != 1) || defined(TFM_PSA_API)
+#ifdef TFM_PSA_API
/* memory_data */
.memory_data = {
.code_start = PART_REGION_ADDR(TFM_SP_PLATFORM, $$Base),
@@ -701,9 +675,7 @@
.stack_bottom = PART_REGION_ADDR(TFM_SP_PLATFORM, _STACK$$ZI$$Base),
.stack_top = PART_REGION_ADDR(TFM_SP_PLATFORM, _STACK$$ZI$$Limit),
},
-#endif
-#ifdef TFM_PSA_API
/* sp_thrd */
.sp_thrd = {
.pfn = NULL,
@@ -743,12 +715,7 @@
.caller_partition_idx = SPM_INVALID_PARTITION_IDX,
.caller_client_id = TFM_INVALID_CLIENT_ID,
.share = TFM_BUFFER_SHARE_DISABLE,
-#if TFM_LVL != 1
- .stack_ptr = PART_REGION_ADDR(TFM_SP_INITIAL_ATTESTATION, _STACK$$ZI$$Limit) -
- sizeof(struct iovec_args_t),
-#else /* TFM_LVL != 1 */
.stack_ptr = 0,
-#endif /* TFM_LVL != 1 */
.lr = 0,
.iovec_api = TFM_SFN_API_IOVEC,
.iovec_args =
@@ -778,7 +745,7 @@
.platform_data = NULL,
-#if (TFM_LVL != 1) || defined(TFM_PSA_API)
+#ifdef TFM_PSA_API
/* memory_data */
.memory_data = {
.code_start = PART_REGION_ADDR(TFM_SP_INITIAL_ATTESTATION, $$Base),
@@ -792,9 +759,7 @@
.stack_bottom = PART_REGION_ADDR(TFM_SP_INITIAL_ATTESTATION, _STACK$$ZI$$Base),
.stack_top = PART_REGION_ADDR(TFM_SP_INITIAL_ATTESTATION, _STACK$$ZI$$Limit),
},
-#endif
-#ifdef TFM_PSA_API
/* sp_thrd */
.sp_thrd = {
.pfn = NULL,
@@ -834,12 +799,7 @@
.caller_partition_idx = SPM_INVALID_PARTITION_IDX,
.caller_client_id = TFM_INVALID_CLIENT_ID,
.share = TFM_BUFFER_SHARE_DISABLE,
-#if TFM_LVL != 1
- .stack_ptr = PART_REGION_ADDR(TFM_SP_CORE_TEST, _STACK$$ZI$$Limit) -
- sizeof(struct iovec_args_t),
-#else /* TFM_LVL != 1 */
.stack_ptr = 0,
-#endif /* TFM_LVL != 1 */
.lr = 0,
.iovec_api = TFM_SFN_API_IOVEC,
.iovec_args =
@@ -871,7 +831,7 @@
/* FIXME: Only adding the first mmio region */
.platform_data = TFM_PERIPHERAL_FPGA_IO,
-#if (TFM_LVL != 1) || defined(TFM_PSA_API)
+#ifdef TFM_PSA_API
/* memory_data */
.memory_data = {
.code_start = PART_REGION_ADDR(TFM_SP_CORE_TEST, $$Base),
@@ -885,9 +845,7 @@
.stack_bottom = PART_REGION_ADDR(TFM_SP_CORE_TEST, _STACK$$ZI$$Base),
.stack_top = PART_REGION_ADDR(TFM_SP_CORE_TEST, _STACK$$ZI$$Limit),
},
-#endif
-#ifdef TFM_PSA_API
/* sp_thrd */
.sp_thrd = {
.pfn = NULL,
@@ -928,12 +886,7 @@
.caller_partition_idx = SPM_INVALID_PARTITION_IDX,
.caller_client_id = TFM_INVALID_CLIENT_ID,
.share = TFM_BUFFER_SHARE_DISABLE,
-#if TFM_LVL != 1
- .stack_ptr = PART_REGION_ADDR(TFM_SP_CORE_TEST_2, _STACK$$ZI$$Limit) -
- sizeof(struct iovec_args_t),
-#else /* TFM_LVL != 1 */
.stack_ptr = 0,
-#endif /* TFM_LVL != 1 */
.lr = 0,
.iovec_api = TFM_SFN_API_IOVEC,
.iovec_args =
@@ -963,7 +916,7 @@
.platform_data = NULL,
-#if (TFM_LVL != 1) || defined(TFM_PSA_API)
+#ifdef TFM_PSA_API
/* memory_data */
.memory_data = {
.code_start = PART_REGION_ADDR(TFM_SP_CORE_TEST_2, $$Base),
@@ -977,9 +930,7 @@
.stack_bottom = PART_REGION_ADDR(TFM_SP_CORE_TEST_2, _STACK$$ZI$$Base),
.stack_top = PART_REGION_ADDR(TFM_SP_CORE_TEST_2, _STACK$$ZI$$Limit),
},
-#endif
-#ifdef TFM_PSA_API
/* sp_thrd */
.sp_thrd = {
.pfn = NULL,
@@ -1020,12 +971,7 @@
.caller_partition_idx = SPM_INVALID_PARTITION_IDX,
.caller_client_id = TFM_INVALID_CLIENT_ID,
.share = TFM_BUFFER_SHARE_DISABLE,
-#if TFM_LVL != 1
- .stack_ptr = PART_REGION_ADDR(TFM_SP_SECURE_TEST_PARTITION, _STACK$$ZI$$Limit) -
- sizeof(struct iovec_args_t),
-#else /* TFM_LVL != 1 */
.stack_ptr = 0,
-#endif /* TFM_LVL != 1 */
.lr = 0,
.iovec_api = TFM_SFN_API_IOVEC,
.iovec_args =
@@ -1057,7 +1003,7 @@
/* FIXME: Only adding the first mmio region */
.platform_data = TFM_PERIPHERAL_STD_UART,
-#if (TFM_LVL != 1) || defined(TFM_PSA_API)
+#ifdef TFM_PSA_API
/* memory_data */
.memory_data = {
.code_start = PART_REGION_ADDR(TFM_SP_SECURE_TEST_PARTITION, $$Base),
@@ -1071,9 +1017,7 @@
.stack_bottom = PART_REGION_ADDR(TFM_SP_SECURE_TEST_PARTITION, _STACK$$ZI$$Base),
.stack_top = PART_REGION_ADDR(TFM_SP_SECURE_TEST_PARTITION, _STACK$$ZI$$Limit),
},
-#endif
-#ifdef TFM_PSA_API
/* sp_thrd */
.sp_thrd = {
.pfn = NULL,
@@ -1114,12 +1058,7 @@
.caller_partition_idx = SPM_INVALID_PARTITION_IDX,
.caller_client_id = TFM_INVALID_CLIENT_ID,
.share = TFM_BUFFER_SHARE_DISABLE,
-#if TFM_LVL != 1
- .stack_ptr = PART_REGION_ADDR(TFM_SP_IPC_SERVICE_TEST, _STACK$$ZI$$Limit) -
- sizeof(struct iovec_args_t),
-#else /* TFM_LVL != 1 */
.stack_ptr = 0,
-#endif /* TFM_LVL != 1 */
.lr = 0,
.iovec_api = TFM_SFN_API_IOVEC,
.iovec_args =
@@ -1149,7 +1088,7 @@
.platform_data = NULL,
-#if (TFM_LVL != 1) || defined(TFM_PSA_API)
+#ifdef TFM_PSA_API
/* memory_data */
.memory_data = {
.code_start = PART_REGION_ADDR(TFM_SP_IPC_SERVICE_TEST, $$Base),
@@ -1163,9 +1102,7 @@
.stack_bottom = PART_REGION_ADDR(TFM_SP_IPC_SERVICE_TEST, _STACK$$ZI$$Base),
.stack_top = PART_REGION_ADDR(TFM_SP_IPC_SERVICE_TEST, _STACK$$ZI$$Limit),
},
-#endif
-#ifdef TFM_PSA_API
/* sp_thrd */
.sp_thrd = {
.pfn = NULL,
@@ -1206,12 +1143,7 @@
.caller_partition_idx = SPM_INVALID_PARTITION_IDX,
.caller_client_id = TFM_INVALID_CLIENT_ID,
.share = TFM_BUFFER_SHARE_DISABLE,
-#if TFM_LVL != 1
- .stack_ptr = PART_REGION_ADDR(TFM_SP_IPC_CLIENT_TEST, _STACK$$ZI$$Limit) -
- sizeof(struct iovec_args_t),
-#else /* TFM_LVL != 1 */
.stack_ptr = 0,
-#endif /* TFM_LVL != 1 */
.lr = 0,
.iovec_api = TFM_SFN_API_IOVEC,
.iovec_args =
@@ -1241,7 +1173,7 @@
.platform_data = NULL,
-#if (TFM_LVL != 1) || defined(TFM_PSA_API)
+#ifdef TFM_PSA_API
/* memory_data */
.memory_data = {
.code_start = PART_REGION_ADDR(TFM_SP_IPC_CLIENT_TEST, $$Base),
@@ -1255,9 +1187,7 @@
.stack_bottom = PART_REGION_ADDR(TFM_SP_IPC_CLIENT_TEST, _STACK$$ZI$$Base),
.stack_top = PART_REGION_ADDR(TFM_SP_IPC_CLIENT_TEST, _STACK$$ZI$$Limit),
},
-#endif
-#ifdef TFM_PSA_API
/* sp_thrd */
.sp_thrd = {
.pfn = NULL,
@@ -1298,12 +1228,7 @@
.caller_partition_idx = SPM_INVALID_PARTITION_IDX,
.caller_client_id = TFM_INVALID_CLIENT_ID,
.share = TFM_BUFFER_SHARE_DISABLE,
-#if TFM_LVL != 1
- .stack_ptr = PART_REGION_ADDR(TFM_IRQ_TEST_1, _STACK$$ZI$$Limit) -
- sizeof(struct iovec_args_t),
-#else /* TFM_LVL != 1 */
.stack_ptr = 0,
-#endif /* TFM_LVL != 1 */
.lr = 0,
.iovec_api = TFM_SFN_API_IOVEC,
.iovec_args =
@@ -1335,7 +1260,7 @@
/* FIXME: Only adding the first mmio region */
.platform_data = TFM_PERIPHERAL_TIMER0,
-#if (TFM_LVL != 1) || defined(TFM_PSA_API)
+#ifdef TFM_PSA_API
/* memory_data */
.memory_data = {
.code_start = PART_REGION_ADDR(TFM_IRQ_TEST_1, $$Base),
@@ -1349,9 +1274,7 @@
.stack_bottom = PART_REGION_ADDR(TFM_IRQ_TEST_1, _STACK$$ZI$$Base),
.stack_top = PART_REGION_ADDR(TFM_IRQ_TEST_1, _STACK$$ZI$$Limit),
},
-#endif
-#ifdef TFM_PSA_API
/* sp_thrd */
.sp_thrd = {
.pfn = NULL,
diff --git a/secure_fw/services/tfm_spm_db.inc.template b/secure_fw/services/tfm_spm_db.inc.template
index aecae88..f0528cd 100644
--- a/secure_fw/services/tfm_spm_db.inc.template
+++ b/secure_fw/services/tfm_spm_db.inc.template
@@ -139,12 +139,7 @@
.caller_partition_idx = SPM_INVALID_PARTITION_IDX,
.caller_client_id = TFM_INVALID_CLIENT_ID,
.share = TFM_BUFFER_SHARE_DISABLE,
-#if TFM_LVL != 1
- .stack_ptr = PART_REGION_ADDR({{manifest.manifest.name}}, _STACK$$ZI$$Limit) -
- sizeof(struct iovec_args_t),
-#else /* TFM_LVL != 1 */
.stack_ptr = 0,
-#endif /* TFM_LVL != 1 */
.lr = 0,
.iovec_api = TFM_SFN_API_IOVEC,
.iovec_args =
@@ -192,7 +187,7 @@
.platform_data = NULL,
{% endif %}
-#if (TFM_LVL != 1) || defined(TFM_PSA_API)
+#ifdef TFM_PSA_API
/* memory_data */
.memory_data = {{'{'}}
.code_start = PART_REGION_ADDR({{manifest.manifest.name}}, $$Base),
@@ -206,9 +201,7 @@
.stack_bottom = PART_REGION_ADDR({{manifest.manifest.name}}, _STACK$$ZI$$Base),
.stack_top = PART_REGION_ADDR({{manifest.manifest.name}}, _STACK$$ZI$$Limit),
{{'},'}}
-#endif
-#ifdef TFM_PSA_API
/* sp_thrd */
.sp_thrd = {
.pfn = NULL,
diff --git a/secure_fw/spm/spm_api.c b/secure_fw/spm/spm_api.c
index 80d6575..2aabaef2 100644
--- a/secure_fw/spm/spm_api.c
+++ b/secure_fw/spm/spm_api.c
@@ -60,7 +60,7 @@
*/
/* For the non secure Execution environment */
-#if (TFM_LVL != 1) || defined(TFM_PSA_API)
+#if TFM_PSA_API
extern uint32_t Image$$ARM_LIB_STACK$$ZI$$Base[];
extern uint32_t Image$$ARM_LIB_STACK$$ZI$$Limit[];
uint32_t psp_stack_bottom = (uint32_t)Image$$ARM_LIB_STACK$$ZI$$Base;
@@ -79,7 +79,7 @@
part_ptr->static_data.partition_flags = 0;
#endif
-#if (TFM_LVL != 1) || defined(TFM_PSA_API)
+#if TFM_PSA_API
part_ptr->memory_data.stack_bottom = psp_stack_bottom;
part_ptr->memory_data.stack_top = psp_stack_top;
/* Since RW, ZI and stack are configured as one MPU region, configure
@@ -111,19 +111,6 @@
return SPM_ERR_OK;
}
-#if (TFM_LVL != 1) || defined(TFM_PSA_API)
-uint32_t tfm_spm_partition_get_stack_bottom(uint32_t partition_idx)
-{
- return g_spm_partition_db.partitions[partition_idx].
- memory_data.stack_bottom;
-}
-
-uint32_t tfm_spm_partition_get_stack_top(uint32_t partition_idx)
-{
- return g_spm_partition_db.partitions[partition_idx].memory_data.stack_top;
-}
-#endif
-
uint32_t tfm_spm_partition_get_partition_id(uint32_t partition_idx)
{
return g_spm_partition_db.partitions[partition_idx].static_data.
diff --git a/secure_fw/spm/spm_api.h b/secure_fw/spm/spm_api.h
index 55a42cf..7f95339 100644
--- a/secure_fw/spm/spm_api.h
+++ b/secure_fw/spm/spm_api.h
@@ -66,9 +66,6 @@
* uint32_t[] array
*/
struct interrupted_ctx_stack_frame_t {
-#if TFM_LVL != 1
- uint32_t stack_ptr;
-#endif
uint32_t partition_state;
};
@@ -162,110 +159,6 @@
*/
uint32_t get_partition_idx(uint32_t partition_id);
-#if (TFM_LVL != 1) || defined(TFM_PSA_API)
-/**
- * \brief Get bottom of stack region for a partition
- *
- * \param[in] partition_idx Partition index
- *
- * \return Stack region bottom value
- *
- * \note This function doesn't check if partition_idx is valid.
- */
-uint32_t tfm_spm_partition_get_stack_bottom(uint32_t partition_idx);
-
-/**
- * \brief Get top of stack region for a partition
- *
- * \param[in] partition_idx Partition index
- *
- * \return Stack region top value
- *
- * \note This function doesn't check if partition_idx is valid.
- */
-uint32_t tfm_spm_partition_get_stack_top(uint32_t partition_idx);
-#endif
-
-#if (TFM_LVL != 1) && !defined(TFM_PSA_API)
-/**
- * \brief Configure isolated sandbox for a partition
- *
- * \param[in] partition_idx Partition index
- *
- * \return Error code \ref spm_err_t
- *
- * \note This function doesn't check if partition_idx is valid.
- */
-enum spm_err_t tfm_spm_partition_sandbox_config(uint32_t partition_idx);
-
-/**
- * \brief Deconfigure sandbox for a partition
- *
- * \param[in] partition_idx Partition index
- *
- * \return Error code \ref spm_err_t
- *
- * \note This function doesn't check if partition_idx is valid.
- */
-enum spm_err_t tfm_spm_partition_sandbox_deconfig(uint32_t partition_idx);
-
-/**
- * \brief Get the start of the zero-initialised region for a partition
- *
- * \param[in] partition_idx Partition idx
- *
- * \return Start of the zero-initialised region
- *
- * \note This function doesn't check if partition_idx is valid.
- */
-uint32_t tfm_spm_partition_get_zi_start(uint32_t partition_idx);
-
-/**
- * \brief Get the limit of the zero-initialised region for a partition
- *
- * \param[in] partition_idx Partition idx
- *
- * \return Limit of the zero-initialised region
- *
- * \note This function doesn't check if partition_idx is valid.
- * \note The address returned is not part of the region.
- */
-uint32_t tfm_spm_partition_get_zi_limit(uint32_t partition_idx);
-
-/**
- * \brief Get the start of the read-write region for a partition
- *
- * \param[in] partition_idx Partition idx
- *
- * \return Start of the read-write region
- *
- * \note This function doesn't check if partition_idx is valid.
- */
-uint32_t tfm_spm_partition_get_rw_start(uint32_t partition_idx);
-
-/**
- * \brief Get the limit of the read-write region for a partition
- *
- * \param[in] partition_idx Partition idx
- *
- * \return Limit of the read-write region
- *
- * \note This function doesn't check if partition_idx is valid.
- * \note The address returned is not part of the region.
- */
-uint32_t tfm_spm_partition_get_rw_limit(uint32_t partition_idx);
-
-/**
- * \brief Save stack pointer for partition in database
- *
- * \param[in] partition_idx Partition index
- * \param[in] stack_ptr Stack pointer to be stored
- *
- * \note This function doesn't check if partition_idx is valid.
- */
-void tfm_spm_partition_set_stack(uint32_t partition_idx, uint32_t stack_ptr);
-#endif /* if (TFM_LVL != 1) && !defined(TFM_PSA_API) */
-
/**
* \brief Get the id of the partition for its index from the db
*
@@ -304,8 +197,7 @@
*
* \note Barrier instructions are not called by this function, and if
* it is called in thread mode, it might be necessary to call
- * them after this function returns (just like it is done in
- * jump_to_ns_code()).
+ * them after this function returns.
*/
void tfm_spm_partition_change_privilege(uint32_t privileged);
@@ -487,7 +379,28 @@
#ifdef TFM_PSA_API
/*************************** IPC definitions **************************/
-/*************************** Extended SPM functions **************************/
+
+/**
+ * \brief Get bottom of stack region for a partition
+ *
+ * \param[in] partition_idx Partition index
+ *
+ * \return Stack region bottom value
+ *
+ * \note This function doesn't check if partition_idx is valid.
+ */
+uint32_t tfm_spm_partition_get_stack_bottom(uint32_t partition_idx);
+
+/**
+ * \brief Get top of stack region for a partition
+ *
+ * \param[in] partition_idx Partition index
+ *
+ * \return Stack region top value
+ *
+ * \note This function doesn't check if partition_idx is valid.
+ */
+uint32_t tfm_spm_partition_get_stack_top(uint32_t partition_idx);
/**
* \brief Get the running partition ID.
diff --git a/secure_fw/spm/spm_api_func.c b/secure_fw/spm/spm_api_func.c
index 3b4fb8c..763a543 100644
--- a/secure_fw/spm/spm_api_func.c
+++ b/secure_fw/spm/spm_api_func.c
@@ -101,15 +101,9 @@
struct spm_partition_runtime_data_t *runtime_data =
&g_spm_partition_db.partitions[partition_idx].runtime_data;
struct interrupted_ctx_stack_frame_t *stack_frame =
- (struct interrupted_ctx_stack_frame_t *)
- runtime_data->ctx_stack_ptr;
+ (struct interrupted_ctx_stack_frame_t *)runtime_data->ctx_stack_ptr;
stack_frame->partition_state = runtime_data->partition_state;
-#if TFM_LVL != 1
- stack_frame->stack_ptr = runtime_data->stack_ptr;
-#endif
- runtime_data->ctx_stack_ptr +=
- sizeof(struct interrupted_ctx_stack_frame_t) / sizeof(uint32_t);
}
void tfm_spm_partition_pop_interrupted_ctx(uint32_t partition_idx)
@@ -118,16 +112,10 @@
&g_spm_partition_db.partitions[partition_idx].runtime_data;
struct interrupted_ctx_stack_frame_t *stack_frame;
- runtime_data->ctx_stack_ptr -=
- sizeof(struct interrupted_ctx_stack_frame_t) / sizeof(uint32_t);
stack_frame = (struct interrupted_ctx_stack_frame_t *)
runtime_data->ctx_stack_ptr;
tfm_spm_partition_set_state(partition_idx, stack_frame->partition_state);
stack_frame->partition_state = 0;
-#if TFM_LVL != 1
- tfm_spm_partition_set_stack(partition_idx, stack_frame->stack_ptr);
- stack_frame->stack_ptr = 0;
-#endif
}
void tfm_spm_partition_push_handler_ctx(uint32_t partition_idx)
@@ -164,66 +152,6 @@
stack_frame->caller_partition_idx = 0;
}
-#if (TFM_LVL != 1)
-enum spm_err_t tfm_spm_partition_sandbox_config(uint32_t partition_idx)
-{
- struct spm_partition_desc_t *part;
- if (!g_spm_partition_db.is_init) {
- return SPM_ERR_PARTITION_DB_NOT_INIT;
- }
-
- part = &g_spm_partition_db.partitions[partition_idx];
-
- return tfm_spm_hal_partition_sandbox_config(&(part->memory_data),
- part->platform_data);
-
-}
-
-enum spm_err_t tfm_spm_partition_sandbox_deconfig(uint32_t partition_idx)
-{
- /* This function takes a partition id and disables the
- * SPM partition for that partition
- */
-
- struct spm_partition_desc_t *part;
-
- part = &g_spm_partition_db.partitions[partition_idx];
-
- return tfm_spm_hal_partition_sandbox_deconfig(&(part->memory_data),
- part->platform_data);
-}
-
-uint32_t tfm_spm_partition_get_zi_start(uint32_t partition_idx)
-{
- return g_spm_partition_db.partitions[partition_idx].
- memory_data.zi_start;
-}
-
-uint32_t tfm_spm_partition_get_zi_limit(uint32_t partition_idx)
-{
- return g_spm_partition_db.partitions[partition_idx].
- memory_data.zi_limit;
-}
-
-uint32_t tfm_spm_partition_get_rw_start(uint32_t partition_idx)
-{
- return g_spm_partition_db.partitions[partition_idx].
- memory_data.rw_start;
-}
-
-uint32_t tfm_spm_partition_get_rw_limit(uint32_t partition_idx)
-{
- return g_spm_partition_db.partitions[partition_idx].
- memory_data.rw_limit;
-}
-
-void tfm_spm_partition_set_stack(uint32_t partition_idx, uint32_t stack_ptr)
-{
- g_spm_partition_db.partitions[partition_idx].
- runtime_data.stack_ptr = stack_ptr;
-}
-#endif
-
void tfm_spm_partition_store_context(uint32_t partition_idx,
uint32_t stack_ptr, uint32_t lr)
{
@@ -273,17 +201,9 @@
enum spm_err_t tfm_spm_partition_set_share(uint32_t partition_idx,
uint32_t share)
{
- enum spm_err_t ret = SPM_ERR_OK;
+ g_spm_partition_db.partitions[partition_idx].runtime_data.share = share;
-#if TFM_LVL != 1
- /* Only need to set configuration on levels higher than 1 */
- ret = tfm_spm_hal_set_share_region(share);
-#endif
-
- if (ret == SPM_ERR_OK) {
- g_spm_partition_db.partitions[partition_idx].runtime_data.share = share;
- }
- return ret;
+ return SPM_ERR_OK;
}
enum spm_err_t tfm_spm_partition_set_iovec(uint32_t partition_idx,
diff --git a/secure_fw/spm/spm_api_ipc.c b/secure_fw/spm/spm_api_ipc.c
index 6443b52..98f6046 100644
--- a/secure_fw/spm/spm_api_ipc.c
+++ b/secure_fw/spm/spm_api_ipc.c
@@ -410,7 +410,17 @@
return IPC_SUCCESS;
}
-/* SPM extend functions */
+uint32_t tfm_spm_partition_get_stack_bottom(uint32_t partition_idx)
+{
+ return g_spm_partition_db.partitions[partition_idx].
+ memory_data.stack_bottom;
+}
+
+uint32_t tfm_spm_partition_get_stack_top(uint32_t partition_idx)
+{
+ return g_spm_partition_db.partitions[partition_idx].memory_data.stack_top;
+}
+
uint32_t tfm_spm_partition_get_running_partition_id(void)
{
struct tfm_thrd_ctx *pth = tfm_thrd_curr_thread();
diff --git a/secure_fw/spm/spm_db.h b/secure_fw/spm/spm_db.h
index 7b74aba..2ee69f6 100644
--- a/secure_fw/spm/spm_db.h
+++ b/secure_fw/spm/spm_db.h
@@ -54,10 +54,8 @@
struct spm_partition_static_data_t static_data;
struct spm_partition_runtime_data_t runtime_data;
struct tfm_spm_partition_platform_data_t *platform_data;
-#if (TFM_LVL != 1) || defined(TFM_PSA_API)
+#if TFM_PSA_API
struct tfm_spm_partition_memory_data_t memory_data;
-#endif
-#ifdef TFM_PSA_API
struct tfm_thrd_ctx sp_thrd;
#endif
};
@@ -74,7 +72,7 @@
/* Macros to pick linker symbols and allow to form the partition data base */
#define REGION(a, b, c) a##b##c
#define REGION_NAME(a, b, c) REGION(a, b, c)
-#if (TFM_LVL == 1) && !defined(TFM_PSA_API)
+#ifndef TFM_PSA_API
#define REGION_DECLARE(a, b, c)
#else
#define REGION_DECLARE(a, b, c) extern uint32_t REGION_NAME(a, b, c)