NS Agent: Update veneer codes
Adds a new C version veneers for Armv8.1-M as it has hardware
re-entry detection so that the assembly one can be removed.
And then all the rests can be C codes.
The old assembly one are for Armv8-M only now.
Change-Id: I5ac0328dcf55acaef10dbb12c449418e8982b73c
Signed-off-by: Kevin Peng <kevin.peng@arm.com>
diff --git a/secure_fw/include/security_defs.h b/secure_fw/include/security_defs.h
index 5d752d4..99a88d2 100644
--- a/secure_fw/include/security_defs.h
+++ b/secure_fw/include/security_defs.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2022, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -16,4 +16,21 @@
*/
#define STACK_SEAL_PATTERN 0xFEF5EDA5
+/* Attributes for psa api secure gateway functions */
+#if defined(__GNUC__) && !defined(__ARMCC_VERSION)
+/*
+ * GNUARM requires noclone attribute to protect gateway function symbol from
+ * being renamed and cloned
+ */
+#define __tz_c_veneer \
+ __attribute__((cmse_nonsecure_entry, noclone, section("SFN")))
+#define __tz_naked_veneer \
+ __attribute__((cmse_nonsecure_entry, noclone, naked, section("SFN")))
+#else /* __GNUC__ && !__ARMCC_VERSION */
+#define __tz_c_veneer \
+ __attribute__((cmse_nonsecure_entry, section("SFN")))
+#define __tz_naked_veneer \
+ __attribute__((cmse_nonsecure_entry, naked, section("SFN")))
+#endif /* __GNUC__ && !__ARMCC_VERSION */
+
#endif /* __SECURITY_DEFS_H__ */
diff --git a/secure_fw/partitions/ns_agent_tz/CMakeLists.txt b/secure_fw/partitions/ns_agent_tz/CMakeLists.txt
index 9649450..e79f3dc 100644
--- a/secure_fw/partitions/ns_agent_tz/CMakeLists.txt
+++ b/secure_fw/partitions/ns_agent_tz/CMakeLists.txt
@@ -1,5 +1,5 @@
#-------------------------------------------------------------------------------
-# Copyright (c) 2021, Arm Limited. All rights reserved.
+# Copyright (c) 2021-2022, Arm Limited. All rights reserved.
# Copyright (c) 2021-2022 Cypress Semiconductor Corporationn (an Infineon company)
# or an affiliate of Cypress Semiconductor Corporation. All rights reserved.
#
@@ -31,9 +31,11 @@
# If this is added to the spm, it is discarded as it is not used. Since the
# spm is a static library it can't generate veneers under all compilers so
# instead this single file is added to the tfm_s target.
+set(ARM_V80M_ARCH armv8-m.base armv8-m.main)
target_sources(tfm_s
PRIVATE
- ${CMAKE_CURRENT_SOURCE_DIR}/tfm_psa_api_veneers.c
+ "$<$<IN_LIST:${TFM_SYSTEM_ARCHITECTURE},${ARM_V80M_ARCH}>:${CMAKE_CURRENT_SOURCE_DIR}/psa_api_veneers_v80m.c>"
+ "$<$<NOT:$<IN_LIST:${TFM_SYSTEM_ARCHITECTURE},${ARM_V80M_ARCH}>>:${CMAKE_CURRENT_SOURCE_DIR}/psa_api_veneers.c>"
)
target_compile_definitions(tfm_partition_defs
diff --git a/secure_fw/partitions/ns_agent_tz/psa_api_veneers.c b/secure_fw/partitions/ns_agent_tz/psa_api_veneers.c
new file mode 100644
index 0000000..ee38ae4
--- /dev/null
+++ b/secure_fw/partitions/ns_agent_tz/psa_api_veneers.c
@@ -0,0 +1,59 @@
+/*
+ * Copyright (c) 2022, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#include <stdint.h>
+
+#include "config_impl.h"
+#include "security_defs.h"
+#include "tfm_psa_call_pack.h"
+
+#include "psa/client.h"
+
+/*
+ * This is the veneers of FF-M Client APIs, except for Armv8.0-m.
+ * The interfaces are written in C unlike Armv8.0-m because reentrant detection
+ * is done by the architecture.
+ *
+ * As NS Agent is also a Secure Partition, it can call the client APIs directly.
+ *
+ */
+
+__tz_c_veneer
+uint32_t tfm_psa_framework_version_veneer(void)
+{
+ return psa_framework_version();
+}
+
+__tz_c_veneer
+uint32_t tfm_psa_version_veneer(uint32_t sid)
+{
+ return psa_version(sid);
+}
+
+__tz_c_veneer
+psa_status_t tfm_psa_call_veneer(psa_handle_t handle,
+ uint32_t ctrl_param,
+ const psa_invec *in_vec,
+ psa_outvec *out_vec)
+{
+ return tfm_psa_call_pack(handle, ctrl_param, in_vec, out_vec);
+}
+
+/* Following veneers are only needed by connection-based services */
+#if CONFIG_TFM_CONNECTION_BASED_SERVICE_API == 1
+__tz_c_veneer
+psa_handle_t tfm_psa_connect_veneer(uint32_t sid, uint32_t version)
+{
+ return psa_connect(sid, version);
+}
+
+__tz_c_veneer
+void tfm_psa_close_veneer(psa_handle_t handle)
+{
+ psa_close(handle);
+}
+#endif /* CONFIG_TFM_CONNECTION_BASED_SERVICE_API */
diff --git a/secure_fw/partitions/ns_agent_tz/tfm_psa_api_veneers.c b/secure_fw/partitions/ns_agent_tz/psa_api_veneers_v80m.c
similarity index 92%
rename from secure_fw/partitions/ns_agent_tz/tfm_psa_api_veneers.c
rename to secure_fw/partitions/ns_agent_tz/psa_api_veneers_v80m.c
index b1106fc..b0fbb7d 100644
--- a/secure_fw/partitions/ns_agent_tz/tfm_psa_api_veneers.c
+++ b/secure_fw/partitions/ns_agent_tz/psa_api_veneers_v80m.c
@@ -5,15 +5,15 @@
*
*/
-#include <stdbool.h>
-#include <stdio.h>
+#include <stdint.h>
+
+#include "cmsis_compiler.h"
#include "config_impl.h"
#include "security_defs.h"
#include "svc_num.h"
#include "utilities.h"
-#include "tfm_arch.h"
-#include "tfm_psa_call_pack.h"
-#include "tfm_secure_api.h"
+
+#include "psa/client.h"
#if CONFIG_TFM_PSA_API_CROSS_CALL == 1
#include "spm_ipc.h"
@@ -21,8 +21,8 @@
#endif
/*
- * This is the veneers for FF-M Client APIs. The interfaces are written
- * in assembly, and the reasons:
+ * This is the veneers of FF-M Client APIs for Armv8.0-m.
+ * The interfaces are written in assembly, and the reasons:
*
* - On the 8.0 version of Armv8-M with security extension, a mandatory
* software solution needs to be applied because hardware reentrant
@@ -54,7 +54,7 @@
#endif
-__tfm_psa_secure_gateway_attributes__
+__tz_naked_veneer
uint32_t tfm_psa_framework_version_veneer(void)
{
__ASM volatile(
@@ -62,12 +62,11 @@
".syntax unified \n"
#endif
-#if !defined(__ARM_ARCH_8_1M_MAIN__)
" ldr r2, [sp] \n"
" ldr r3, ="M2S(STACK_SEAL_PATTERN)" \n"
" cmp r2, r3 \n"
" bne reent_panic1 \n"
-#endif
+
" mrs r3, control \n"
" push {r2, r3} \n"
#if CONFIG_TFM_PSA_API_CROSS_CALL == 1
@@ -90,15 +89,14 @@
" msr control, r3 \n"
" isb \n"
" bxns lr \n"
-#if !defined(__ARM_ARCH_8_1M_MAIN__)
+
"reent_panic1: \n"
" svc "M2S(TFM_SVC_PSA_PANIC)" \n"
" b . \n"
-#endif
);
}
-__tfm_psa_secure_gateway_attributes__
+__tz_naked_veneer
uint32_t tfm_psa_version_veneer(uint32_t sid)
{
__ASM volatile(
@@ -106,12 +104,11 @@
".syntax unified \n"
#endif
-#if !defined(__ARM_ARCH_8_1M_MAIN__)
" ldr r2, [sp] \n"
" ldr r3, ="M2S(STACK_SEAL_PATTERN)" \n"
" cmp r2, r3 \n"
" bne reent_panic2 \n"
-#endif
+
" mrs r3, control \n"
" push {r2, r3} \n"
#if CONFIG_TFM_PSA_API_CROSS_CALL == 1
@@ -134,15 +131,14 @@
" msr control, r3 \n"
" isb \n"
" bxns lr \n"
-#if !defined(__ARM_ARCH_8_1M_MAIN__)
+
"reent_panic2: \n"
" svc "M2S(TFM_SVC_PSA_PANIC)" \n"
" b . \n"
-#endif
);
}
-__tfm_psa_secure_gateway_attributes__
+__tz_naked_veneer
psa_status_t tfm_psa_call_veneer(psa_handle_t handle,
uint32_t ctrl_param,
const psa_invec *in_vec,
@@ -153,14 +149,13 @@
".syntax unified \n"
#endif
-#if !defined(__ARM_ARCH_8_1M_MAIN__)
" push {r2, r3} \n"
" ldr r2, [sp, #8] \n"
" ldr r3, ="M2S(STACK_SEAL_PATTERN)" \n"
" cmp r2, r3 \n"
" bne reent_panic4 \n"
" pop {r2, r3} \n"
-#endif
+
" mov r12, r3 \n"
" mrs r3, control \n"
" push {r2, r3} \n"
@@ -185,18 +180,17 @@
" msr control, r3 \n"
" isb \n"
" bxns lr \n"
-#if !defined(__ARM_ARCH_8_1M_MAIN__)
+
"reent_panic4: \n"
" svc "M2S(TFM_SVC_PSA_PANIC)" \n"
" b . \n"
-#endif
);
}
/* Following veneers are only needed by connection-based services */
#if CONFIG_TFM_CONNECTION_BASED_SERVICE_API == 1
-__tfm_psa_secure_gateway_attributes__
+__tz_naked_veneer
psa_handle_t tfm_psa_connect_veneer(uint32_t sid, uint32_t version)
{
__ASM volatile(
@@ -204,12 +198,11 @@
".syntax unified \n"
#endif
-#if !defined(__ARM_ARCH_8_1M_MAIN__)
" ldr r2, [sp] \n"
" ldr r3, ="M2S(STACK_SEAL_PATTERN)" \n"
" cmp r2, r3 \n"
" bne reent_panic3 \n"
-#endif
+
" mrs r3, control \n"
" push {r2, r3} \n"
" mov r3, r12 \n"
@@ -233,15 +226,14 @@
" msr control, r3 \n"
" isb \n"
" bxns lr \n"
-#if !defined(__ARM_ARCH_8_1M_MAIN__)
+
"reent_panic3: \n"
" svc "M2S(TFM_SVC_PSA_PANIC)" \n"
" b . \n"
-#endif
);
}
-__tfm_psa_secure_gateway_attributes__
+__tz_naked_veneer
void tfm_psa_close_veneer(psa_handle_t handle)
{
__ASM volatile(
@@ -249,12 +241,11 @@
".syntax unified \n"
#endif
-#if !defined(__ARM_ARCH_8_1M_MAIN__)
" ldr r2, [sp] \n"
" ldr r3, ="M2S(STACK_SEAL_PATTERN)" \n"
" cmp r2, r3 \n"
" bne reent_panic5 \n"
-#endif
+
" mrs r3, control \n"
" push {r2, r3} \n"
#if CONFIG_TFM_PSA_API_CROSS_CALL == 1
@@ -277,11 +268,10 @@
" msr control, r3 \n"
" isb \n"
" bxns lr \n"
-#if !defined(__ARM_ARCH_8_1M_MAIN__)
+
"reent_panic5: \n"
" svc "M2S(TFM_SVC_PSA_PANIC)" \n"
" b . \n"
-#endif
);
}
diff --git a/secure_fw/spm/cmsis_func/tfm_veneers.c.template b/secure_fw/spm/cmsis_func/tfm_veneers.c.template
index 8edac73..d32495d 100644
--- a/secure_fw/spm/cmsis_func/tfm_veneers.c.template
+++ b/secure_fw/spm/cmsis_func/tfm_veneers.c.template
@@ -9,6 +9,7 @@
#include "tfm_secure_api.h"
#include "spm_partition_defs.h"
+#include "security_defs.h"
{% for partition in partitions %}
/******** {{partition.manifest.name}} ********/
@@ -19,7 +20,7 @@
{% endfor %}
#define TFM_VENEER_FUNCTION(partition_name, func_name, sfn_name) \
- __tfm_secure_gateway_attributes__ \
+ __tz_c_veneer \
psa_status_t func_name##_veneer(psa_invec *in_vec, \
size_t in_len, \
psa_outvec *out_vec, \
diff --git a/secure_fw/spm/include/tfm_secure_api.h b/secure_fw/spm/include/tfm_secure_api.h
index e299fc3..36d1be0 100644
--- a/secure_fw/spm/include/tfm_secure_api.h
+++ b/secure_fw/spm/include/tfm_secure_api.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2021, Arm Limited. All rights reserved.
+ * Copyright (c) 2017-2022, Arm Limited. All rights reserved.
* Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon company)
* or an affiliate of Cypress Semiconductor Corporation. All rights reserved.
*
@@ -24,44 +24,6 @@
#include "tfm_core_svc.h"
#endif /* TFM_PSA_API */
-#ifdef TFM_PSA_API
-#ifndef TFM_MULTI_CORE_TOPOLOGY
-/*!
- * \def __tfm_psa_secure_gateway_attributes__
- *
- * \brief Attributes for psa api secure gateway functions
- */
-#if defined(__GNUC__) && !defined(__ARMCC_VERSION)
-/*
- * GNUARM requires noclone attribute to protect gateway function symbol from
- * being renamed and cloned
- */
-#define __tfm_psa_secure_gateway_attributes__ \
- __attribute__((cmse_nonsecure_entry, noclone, naked, section("SFN")))
-#else
-#define __tfm_psa_secure_gateway_attributes__ \
- __attribute__((cmse_nonsecure_entry, naked, section("SFN")))
-#endif /* __GNUC__ && !__ARMCC_VERSION */
-#endif /* TFM_MULTI_CORE_TOPOLOGY */
-#else /* TFM_PSA_API */
-/*!
- * \def __tfm_secure_gateway_attributes__
- *
- * \brief Attributes for secure gateway functions
- */
-#if defined(__GNUC__) && !defined(__ARMCC_VERSION)
-/*
- * GNUARM requires noclone attribute to protect gateway function symbol from
- * being renamed and cloned
- */
-#define __tfm_secure_gateway_attributes__ \
- __attribute__((cmse_nonsecure_entry, noclone, section("SFN")))
-#else
-#define __tfm_secure_gateway_attributes__ \
- __attribute__((cmse_nonsecure_entry, section("SFN")))
-#endif /* __GNUC__ && !__ARMCC_VERSION */
-#endif /* TFM_PSA_API */
-
/* Hide specific errors if not debugging */
#ifdef TFM_CORE_DEBUG
#define TFM_ERROR_STATUS(status) (status)