Core: Enhance manifest to align with PSA
Below enhancements need to be applied to follow PSA:
- IPC related parameters added in manifest file (such as signal, sid,
minor_version and minor_policy).
- IPC service partition manifest file added to generate secure partion
source.
- Remove "tfm_partition_name" from manifest file and use "name"
directly.
- Remove IPC unused template: tfm_sfid_list.inc.template
Note:
- Signal header also need to be added manually by hardcode for tool
cannot support it now.
Change-Id: I47c2c4058e99a0b278c7b05b1e8d80058bc185a1
Signed-off-by: Edison Ai <edison.ai@arm.com>
diff --git a/secure_fw/spm/spm_api.c b/secure_fw/spm/spm_api.c
index 2aeb903..3167e5a 100644
--- a/secure_fw/spm/spm_api.c
+++ b/secure_fw/spm/spm_api.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2017-2019, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -118,7 +118,7 @@
g_spm_partition_db.partition_count]);
part_ptr->static_data.partition_id = TFM_SP_CORE_ID;
part_ptr->static_data.partition_flags =
- SPM_PART_FLAG_SECURE | SPM_PART_FLAG_TRUSTED;
+ SPM_PART_FLAG_APP_ROT | SPM_PART_FLAG_PSA_ROT;
part_ptr->runtime_data.partition_state = SPM_PARTITION_STATE_UNINIT;
++g_spm_partition_db.partition_count;
@@ -141,6 +141,11 @@
/* Call the init function for each partition */
for (idx = 0; idx < g_spm_partition_db.partition_count; ++idx) {
part = &g_spm_partition_db.partitions[idx];
+#ifdef TFM_PSA_API
+ if (part->static_data.partition_flags & SPM_PART_FLAG_IPC) {
+ continue;
+ }
+#endif
tfm_spm_hal_configure_default_isolation(part->platform_data);
if (part->static_data.partition_init == NULL) {
tfm_spm_partition_set_state(idx, SPM_PARTITION_STATE_IDLE);
diff --git a/secure_fw/spm/spm_api.h b/secure_fw/spm/spm_api.h
index f0034af..c3f7414 100644
--- a/secure_fw/spm/spm_api.h
+++ b/secure_fw/spm/spm_api.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2017-2019, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -32,8 +32,9 @@
};
enum spm_part_flag_mask_t {
- SPM_PART_FLAG_SECURE = 0x01,
- SPM_PART_FLAG_TRUSTED = 0x02,
+ SPM_PART_FLAG_APP_ROT = 0x01,
+ SPM_PART_FLAG_PSA_ROT = 0x02,
+ SPM_PART_FLAG_IPC = 0x04
};
/**
diff --git a/secure_fw/spm/spm_db.h b/secure_fw/spm/spm_db.h
index 4b3b413..cba1446 100644
--- a/secure_fw/spm/spm_db.h
+++ b/secure_fw/spm/spm_db.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2017-2019, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -8,8 +8,36 @@
#ifndef __SPM_DB_H__
#define __SPM_DB_H__
+#ifdef TFM_PSA_API
+#include "tfm_thread.h"
+#endif
+
+struct spm_partition_desc_t;
+struct spm_partition_db_t;
+
+uint32_t get_partition_idx(uint32_t partition_id);
+
typedef int32_t(*sp_init_function)(void);
+#define TFM_PARTITION_TYPE_APP "APPLICATION-ROT"
+#define TFM_PARTITION_TYPE_PSA "PSA-ROT"
+
+#ifdef TFM_PSA_API
+enum tfm_partition_priority {
+ TFM_PRIORITY_LOW = THRD_PRIOR_LOWEST,
+ TFM_PRIORITY_NORMAL = THRD_PRIOR_MEDIUM,
+ TFM_PRIORITY_HIGH = THRD_PRIOR_HIGHEST,
+};
+#else
+enum tfm_partition_priority {
+ TFM_PRIORITY_LOW = 0xFF,
+ TFM_PRIORITY_NORMAL = 0x7F,
+ TFM_PRIORITY_HIGH = 0,
+};
+#endif
+
+#define TFM_PRIORITY(LEVEL) TFM_PRIORITY_##LEVEL
+
/**
* Holds the fields of the partition DB used by the SPM code. The values of
* these fields are calculated at compile time, and set during initialisation
@@ -18,6 +46,7 @@
struct spm_partition_static_data_t {
uint32_t partition_id;
uint32_t partition_flags;
+ uint32_t partition_priority;
sp_init_function partition_init;
};
diff --git a/secure_fw/spm/spm_db_setup.h b/secure_fw/spm/spm_db_setup.h
index d36f8cf..217cfaa 100644
--- a/secure_fw/spm/spm_db_setup.h
+++ b/secure_fw/spm/spm_db_setup.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -31,10 +31,11 @@
struct spm_partition_desc_t partitions[SPM_MAX_PARTITIONS];
};
-#define PARTITION_INIT_STATIC_DATA(data, partition, flags) \
- do { \
- data.partition_id = partition##_ID; \
- data.partition_flags = flags; \
+#define PARTITION_INIT_STATIC_DATA(data, partition, flags, id, priority) \
+ do { \
+ data.partition_id = partition##_ID; \
+ data.partition_flags = flags; \
+ data.partition_priority = TFM_PRIORITY(priority); \
} while (0)
#if TFM_LVL == 1
@@ -70,7 +71,7 @@
} while (0)
#endif
-#define PARTITION_DECLARE(partition, flags) \
+#define PARTITION_DECLARE(partition, flag, type, id, priority) \
do { \
REGION_DECLARE(Image$$, partition, $$Base); \
REGION_DECLARE(Image$$, partition, $$Limit); \
@@ -82,13 +83,24 @@
REGION_DECLARE(Image$$, partition, _DATA$$ZI$$Limit); \
REGION_DECLARE(Image$$, partition, _STACK$$ZI$$Base); \
REGION_DECLARE(Image$$, partition, _STACK$$ZI$$Limit); \
+ int32_t flags = flag; \
+ if (tfm_memcmp(type, TFM_PARTITION_TYPE_APP, \
+ strlen(TFM_PARTITION_TYPE_APP)) == 0) { \
+ flags |= SPM_PART_FLAG_APP_ROT; \
+ } else if (tfm_memcmp(type, TFM_PARTITION_TYPE_PSA, \
+ strlen(TFM_PARTITION_TYPE_PSA)) == 0) { \
+ flags |= SPM_PART_FLAG_PSA_ROT | SPM_PART_FLAG_APP_ROT; \
+ } else { \
+ return SPM_ERR_INVALID_CONFIG; \
+ } \
struct spm_partition_desc_t *part_ptr; \
if (g_spm_partition_db.partition_count >= SPM_MAX_PARTITIONS) { \
return SPM_ERR_INVALID_CONFIG; \
} \
part_ptr = &(g_spm_partition_db.partitions[ \
g_spm_partition_db.partition_count]); \
- PARTITION_INIT_STATIC_DATA(part_ptr->static_data, partition, flags); \
+ PARTITION_INIT_STATIC_DATA(part_ptr->static_data, partition, flags, \
+ id, priority); \
PARTITION_INIT_RUNTIME_DATA(part_ptr->runtime_data, partition); \
PARTITION_INIT_MEMORY_DATA(part_ptr->memory_data, partition); \
++g_spm_partition_db.partition_count; \