SPM: Remove the "privileged" argument
Remove the "privileged" argument from PSA API function
body, create an API to obtain privilege information from
the caller info.
Change-Id: If0b7f66bd315c5249ca0b77ea761e015f9349c00
Signed-off-by: Mingyang Sun <mingyang.sun@arm.com>
diff --git a/secure_fw/spm/cmsis_psa/spm_ipc.c b/secure_fw/spm/cmsis_psa/spm_ipc.c
index 42ef5a2..75661b2 100644
--- a/secure_fw/spm/cmsis_psa/spm_ipc.c
+++ b/secure_fw/spm/cmsis_psa/spm_ipc.c
@@ -615,6 +615,7 @@
return (__get_active_exc_num() == EXC_NUM_PENDSV);
#else
struct partition_t *partition = tfm_spm_get_running_partition();
+
if (!partition) {
tfm_core_panic();
}
@@ -623,6 +624,27 @@
#endif
}
+uint32_t tfm_spm_get_caller_privilege_mode(void)
+{
+ struct partition_t *partition;
+
+#if defined(TFM_MULTI_CORE_TOPOLOGY) || defined(FORWARD_PROT_MSG)
+ /*
+ * In multi-core topology, if PSA request is from mailbox, the client
+ * is unprivileged.
+ */
+ if (__get_active_exc_num() == EXC_NUM_PENDSV) {
+ return TFM_PARTITION_UNPRIVILEGED_MODE;
+ }
+#endif
+ partition = tfm_spm_get_running_partition();
+ if (!partition) {
+ tfm_core_panic();
+ }
+
+ return tfm_spm_partition_get_privileged_mode(partition->p_ldinf->flags);
+}
+
uint32_t tfm_spm_init(void)
{
uint32_t i;
diff --git a/secure_fw/spm/cmsis_psa/spm_ipc.h b/secure_fw/spm/cmsis_psa/spm_ipc.h
index da7e449..9dad8b1 100644
--- a/secure_fw/spm/cmsis_psa/spm_ipc.h
+++ b/secure_fw/spm/cmsis_psa/spm_ipc.h
@@ -364,6 +364,15 @@
bool tfm_spm_is_ns_caller(void);
/**
+ * \brief Get the privilege mode of service caller.
+ *
+ * \retval Privilege mode of the service caller
+ * \ref TFM_PARTITION_UNPRIVILEGED_MODE
+ * \ref TFM_PARTITION_PRIVILEGED_MODE
+ */
+uint32_t tfm_spm_get_caller_privilege_mode(void);
+
+/**
* \brief Set up the isolation boundary of the given partition.
*
* \param[in] partition The partition of which the boundary is set up.
diff --git a/secure_fw/spm/cmsis_psa/tfm_rpc.c b/secure_fw/spm/cmsis_psa/tfm_rpc.c
index 8303009..7b366ce 100644
--- a/secure_fw/spm/cmsis_psa/tfm_rpc.c
+++ b/secure_fw/spm/cmsis_psa/tfm_rpc.c
@@ -59,8 +59,7 @@
return tfm_spm_client_psa_call(params->handle, params->type,
params->in_vec, params->in_len,
- params->out_vec, params->out_len,
- TFM_PARTITION_UNPRIVILEGED_MODE);
+ params->out_vec, params->out_len);
}
void tfm_rpc_psa_close(const struct client_call_params_t *params)
diff --git a/secure_fw/spm/ffm/psa_api.c b/secure_fw/spm/ffm/psa_api.c
index 54ea1d6..a65bdec 100644
--- a/secure_fw/spm/ffm/psa_api.c
+++ b/secure_fw/spm/ffm/psa_api.c
@@ -131,8 +131,7 @@
psa_status_t tfm_spm_client_psa_call(psa_handle_t handle, int32_t type,
const psa_invec *inptr, size_t in_num,
- psa_outvec *outptr, size_t out_num,
- uint32_t privileged)
+ psa_outvec *outptr, size_t out_num)
{
psa_invec invecs[PSA_MAX_IOVEC];
psa_outvec outvecs[PSA_MAX_IOVEC];
@@ -142,6 +141,7 @@
int i, j;
int32_t client_id;
uint32_t sid, version, index;
+ uint32_t privileged;
bool ns_caller = tfm_spm_is_ns_caller();
/* The request type must be zero or positive. */
@@ -233,6 +233,8 @@
tfm_core_panic();
}
+ privileged = tfm_spm_get_caller_privilege_mode();
+
/*
* Read client invecs from the wrap input vector. It is a PROGRAMMER ERROR
* if the memory reference for the wrap input vector is invalid or not
diff --git a/secure_fw/spm/ffm/psa_api.h b/secure_fw/spm/ffm/psa_api.h
index 856977c..1c67079 100644
--- a/secure_fw/spm/ffm/psa_api.h
+++ b/secure_fw/spm/ffm/psa_api.h
@@ -76,9 +76,6 @@
* \ref psa_outvec
* \param[in] out_num Number of outut psa_outvec structures.
* \ref psa_outvec
- * \param[in] privileged Privileged mode or unprivileged mode:
- * \ref TFM_PARTITION_UNPRIVILEGED_MODE
- * \ref TFM_PARTITION_PRIVILEGED_MODE
*
* \retval PSA_SUCCESS Success.
* \retval "Does not return" The call is invalid, one or more of the
@@ -92,8 +89,7 @@
*/
psa_status_t tfm_spm_client_psa_call(psa_handle_t handle, int32_t type,
const psa_invec *inptr, size_t in_num,
- psa_outvec *outptr, size_t out_num,
- uint32_t privileged);
+ psa_outvec *outptr, size_t out_num);
/**
* \brief handler for \ref psa_close.
diff --git a/secure_fw/spm/ffm/psa_api_svc.c b/secure_fw/spm/ffm/psa_api_svc.c
index ef242f7..5ddfd89 100644
--- a/secure_fw/spm/ffm/psa_api_svc.c
+++ b/secure_fw/spm/ffm/psa_api_svc.c
@@ -64,28 +64,18 @@
psa_invec *inptr;
psa_outvec *outptr;
size_t in_num, out_num;
- struct partition_t *partition = NULL;
- uint32_t privileged;
int32_t type;
TFM_CORE_ASSERT(args != NULL);
handle = (psa_handle_t)args[0];
-
- partition = tfm_spm_get_running_partition();
- if (!partition) {
- tfm_core_panic();
- }
- privileged = tfm_spm_partition_get_privileged_mode(
- partition->p_ldinf->flags);
-
type = (int32_t)(int16_t)((args[1] & TYPE_MASK) >> TYPE_OFFSET);
in_num = (size_t)((args[1] & IN_LEN_MASK) >> IN_LEN_OFFSET);
out_num = (size_t)((args[1] & OUT_LEN_MASK) >> OUT_LEN_OFFSET);
inptr = (psa_invec *)args[2];
outptr = (psa_outvec *)args[3];
- return tfm_spm_client_psa_call(handle, type, inptr, in_num, outptr, out_num,
- privileged);
+ return tfm_spm_client_psa_call(handle, type, inptr, in_num, outptr,
+ out_num);
}
void tfm_spm_psa_close(uint32_t *args)