Core: separate IPC and veneer fn-based code
Improve separation of IPC and veneer function-based code in the
source tree for memory optimization and better readability of source:
- Do not compile unused SVC handler functions if using IPC messaging
- Avoid activation of MPU regions not needed in selected build
configuration
- Flag error if a service veneer function is called when running IPC
messaging
- Do not include memory bounds for partitions in SPM database if
level 1 isolation and veneer functions are used to save memory
Signed-off-by: Miklos Balint <miklos.balint@arm.com>
Change-Id: Iaef91e69061b639a71ec8cb638b6393762d10761
diff --git a/secure_fw/spm/spm_api.c b/secure_fw/spm/spm_api.c
index 5f10465..4d56a91 100644
--- a/secure_fw/spm/spm_api.c
+++ b/secure_fw/spm/spm_api.c
@@ -98,10 +98,12 @@
*/
/* For the non secure Execution environment */
+#if (TFM_LVL != 1) || defined(TFM_PSA_API)
extern uint32_t Image$$ARM_LIB_STACK$$ZI$$Base[];
extern uint32_t Image$$ARM_LIB_STACK$$ZI$$Limit[];
uint32_t psp_stack_bottom = (uint32_t)Image$$ARM_LIB_STACK$$ZI$$Base;
uint32_t psp_stack_top = (uint32_t)Image$$ARM_LIB_STACK$$ZI$$Limit;
+#endif
if (g_spm_partition_db.partition_count >= SPM_MAX_PARTITIONS) {
return SPM_ERR_INVALID_CONFIG;
}
@@ -117,12 +119,14 @@
part_ptr->static_data.partition_flags = 0;
#endif
+#if (TFM_LVL != 1) || defined(TFM_PSA_API)
part_ptr->memory_data.stack_bottom = psp_stack_bottom;
part_ptr->memory_data.stack_top = psp_stack_top;
/* Since RW, ZI and stack are configured as one MPU region, configure
* RW start address to psp_stack_bottom to get RW access to stack
*/
part_ptr->memory_data.rw_start = psp_stack_bottom;
+#endif
part_ptr->runtime_data.partition_state = SPM_PARTITION_STATE_UNINIT;
tfm_nspm_configure_clients();
@@ -189,7 +193,10 @@
}
}
+#ifndef TFM_PSA_API
+ /* Not applicable if IPC messaging is used */
tfm_secure_api_init_done();
+#endif
if (fail_cnt == 0) {
return SPM_ERR_OK;
@@ -198,6 +205,7 @@
}
}
+#if (TFM_LVL != 1) || defined(TFM_PSA_API)
uint32_t tfm_spm_partition_get_stack_bottom(uint32_t partition_idx)
{
return g_spm_partition_db.partitions[partition_idx].
@@ -208,8 +216,9 @@
{
return g_spm_partition_db.partitions[partition_idx].memory_data.stack_top;
}
+#endif
-#if TFM_LVL != 1
+#if (TFM_LVL != 1) && !defined(TFM_PSA_API)
enum spm_err_t tfm_spm_partition_sandbox_config(uint32_t partition_idx)
{
struct spm_partition_desc_t *part;
@@ -319,6 +328,7 @@
caller_client_id = caller_client_id;
}
+#ifndef TFM_PSA_API
enum spm_err_t tfm_spm_partition_set_share(uint32_t partition_idx,
uint32_t share)
{
@@ -334,6 +344,7 @@
}
return ret;
}
+#endif
enum spm_err_t tfm_spm_partition_set_iovec(uint32_t partition_idx,
const int32_t *args)
diff --git a/secure_fw/spm/spm_api.h b/secure_fw/spm/spm_api.h
index c0122d6..106b29f 100644
--- a/secure_fw/spm/spm_api.h
+++ b/secure_fw/spm/spm_api.h
@@ -87,6 +87,7 @@
*/
uint32_t get_partition_idx(uint32_t partition_id);
+#if (TFM_LVL != 1) || defined(TFM_PSA_API)
/**
* \brief Get bottom of stack region for a partition
*
@@ -108,8 +109,9 @@
* \note This function doesn't check if partition_idx is valid.
*/
uint32_t tfm_spm_partition_get_stack_top(uint32_t partition_idx);
+#endif
-#if TFM_LVL != 1
+#if (TFM_LVL != 1) && !defined(TFM_PSA_API)
/**
* \brief Configure isolated sandbox for a partition
*
diff --git a/secure_fw/spm/spm_db.h b/secure_fw/spm/spm_db.h
index b8827b4..6e6e25c 100644
--- a/secure_fw/spm/spm_db.h
+++ b/secure_fw/spm/spm_db.h
@@ -57,7 +57,9 @@
struct spm_partition_static_data_t static_data;
struct spm_partition_runtime_data_t runtime_data;
struct tfm_spm_partition_platform_data_t *platform_data;
+#if (TFM_LVL != 1) || defined(TFM_PSA_API)
struct tfm_spm_partition_memory_data_t memory_data;
+#endif
#ifdef TFM_PSA_API
struct tfm_thrd_ctx sp_thrd;
#endif
@@ -66,8 +68,12 @@
/* Macros to pick linker symbols and allow to form the partition data base */
#define REGION(a, b, c) a##b##c
#define REGION_NAME(a, b, c) REGION(a, b, c)
+#if (TFM_LVL == 1) && !defined(TFM_PSA_API)
+#define REGION_DECLARE(a, b, c)
+#else
#define REGION_DECLARE(a, b, c) extern uint32_t REGION_NAME(a, b, c)
#define PART_REGION_ADDR(partition, region) \
(uint32_t)®ION_NAME(Image$$, partition, region)
+#endif
#endif /* __SPM_DB_H__ */
diff --git a/secure_fw/spm/spm_db_setup.h b/secure_fw/spm/spm_db_setup.h
index 1e91271..db06154 100644
--- a/secure_fw/spm/spm_db_setup.h
+++ b/secure_fw/spm/spm_db_setup.h
@@ -38,6 +38,9 @@
data.partition_priority = TFM_PRIORITY(priority); \
} while (0)
+#if (TFM_LVL == 1) && !defined(TFM_PSA_API)
+#define PARTITION_INIT_MEMORY_DATA(data, partition)
+#else
#define PARTITION_INIT_MEMORY_DATA(data, partition) \
do { \
data.code_start = PART_REGION_ADDR(partition, $$Base); \
@@ -51,7 +54,7 @@
data.stack_bottom = PART_REGION_ADDR(partition, _STACK$$ZI$$Base); \
data.stack_top = PART_REGION_ADDR(partition, _STACK$$ZI$$Limit); \
} while (0)
-
+#endif
#if TFM_LVL == 1
#define PARTITION_INIT_RUNTIME_DATA(data, partition) \