SPM: Add build-time config for optional PSA APIs
When there is no connection-based service,
the following PSA APIs are optional:
- psa_connect
- psa_close
- psa_set_rhandle
Currently, they are always built, linked and not removed
because the SVC handler references them.
This patch adds a config CONFIG_TFM_CONNECTION_BASED_SERVICE_API
so that they can be excluded and save memory footprints.
Signed-off-by: Xinyu Zhang <xinyu.zhang@arm.com>
Change-Id: I0205ca6a569d375fb1879ab673470a4b2a7a7c01
diff --git a/secure_fw/spm/include/ffm/psa_api.h b/secure_fw/spm/include/ffm/psa_api.h
index 1258c76..97ab352 100644
--- a/secure_fw/spm/include/ffm/psa_api.h
+++ b/secure_fw/spm/include/ffm/psa_api.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019-2021, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2022, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -59,23 +59,6 @@
uint32_t tfm_spm_client_psa_version(uint32_t sid);
/**
- * \brief handler for \ref psa_connect.
- *
- * \param[in] sid RoT Service identity.
- * \param[in] version The version of the RoT Service.
- *
- * \retval PSA_SUCCESS Success.
- * \retval PSA_ERROR_CONNECTION_REFUSED The SPM or RoT Service has refused the
- * connection.
- * \retval PSA_ERROR_CONNECTION_BUSY The SPM or RoT Service cannot make the
- * connection at the moment.
- * \retval "Does not return" The RoT Service ID and version are not
- * supported, or the caller is not permitted to
- * access the service.
- */
-psa_status_t tfm_spm_client_psa_connect(uint32_t sid, uint32_t version);
-
-/**
* \brief handler for \ref psa_call.
*
* \param[in] handle Service handle to the established connection,
@@ -102,6 +85,26 @@
const psa_invec *inptr,
psa_outvec *outptr);
+/* Following PSA APIs are only needed by connection-based services */
+#if CONFIG_TFM_CONNECTION_BASED_SERVICE_API == 1
+
+/**
+ * \brief handler for \ref psa_connect.
+ *
+ * \param[in] sid RoT Service identity.
+ * \param[in] version The version of the RoT Service.
+ *
+ * \retval PSA_SUCCESS Success.
+ * \retval PSA_ERROR_CONNECTION_REFUSED The SPM or RoT Service has refused the
+ * connection.
+ * \retval PSA_ERROR_CONNECTION_BUSY The SPM or RoT Service cannot make the
+ * connection at the moment.
+ * \retval "Does not return" The RoT Service ID and version are not
+ * supported, or the caller is not permitted to
+ * access the service.
+ */
+psa_status_t tfm_spm_client_psa_connect(uint32_t sid, uint32_t version);
+
/**
* \brief handler for \ref psa_close.
*
@@ -118,6 +121,8 @@
*/
psa_status_t tfm_spm_client_psa_close(psa_handle_t handle);
+#endif /* CONFIG_TFM_CONNECTION_BASED_SERVICE_API */
+
/* PSA Partition API function body, for privileged use only. */
/**
@@ -157,19 +162,6 @@
psa_status_t tfm_spm_partition_psa_get(psa_signal_t signal, psa_msg_t *msg);
/**
- * \brief Function body of \ref psa_set_rhandle.
- *
- * \param[in] msg_handle Handle for the client's message.
- * \param[in] rhandle Reverse handle allocated by the RoT Service.
- *
- * \retval void Success, rhandle will be provided with all
- * subsequent messages delivered on this
- * connection.
- * \retval "PROGRAMMER ERROR" msg_handle is invalid.
- */
-void tfm_spm_partition_psa_set_rhandle(psa_handle_t msg_handle, void *rhandle);
-
-/**
* \brief Function body of \ref psa_read.
*
* \param[in] msg_handle Handle for the client's message.
@@ -355,6 +347,24 @@
*/
void tfm_spm_partition_psa_reset_signal(psa_signal_t irq_signal);
+/* psa_set_rhandle is only needed by connection-based services */
+#if CONFIG_TFM_CONNECTION_BASED_SERVICE_API == 1
+
+/**
+ * \brief Function body of \ref psa_set_rhandle.
+ *
+ * \param[in] msg_handle Handle for the client's message.
+ * \param[in] rhandle Reverse handle allocated by the RoT Service.
+ *
+ * \retval void Success, rhandle will be provided with all
+ * subsequent messages delivered on this
+ * connection.
+ * \retval "PROGRAMMER ERROR" msg_handle is invalid.
+ */
+void tfm_spm_partition_psa_set_rhandle(psa_handle_t msg_handle, void *rhandle);
+
+#endif /* CONFIG_TFM_CONNECTION_BASED_SERVICE_API */
+
#if PSA_FRAMEWORK_HAS_MM_IOVEC
/**