SPM: Use separate head file for different models
Remove 'spm_api.h' head file by separating and moving the
content to each model's own head file, copy the common
definitions to both files.
Change-Id: I429c8a1a90c7156771c15e1340482c54684f99bb
Signed-off-by: Mingyang Sun <mingyang.sun@arm.com>
diff --git a/secure_fw/spm/cmsis_func/CMakeLists.inc b/secure_fw/spm/cmsis_func/CMakeLists.inc
index b9235f0..08da114 100644
--- a/secure_fw/spm/cmsis_func/CMakeLists.inc
+++ b/secure_fw/spm/cmsis_func/CMakeLists.inc
@@ -53,6 +53,7 @@
#Setting include directories
embedded_include_directories(PATH ${SFW_FUNC_SPM_DIR} ABSOLUTE)
+embedded_include_directories(PATH ${SFW_FUNC_SPM_DIR}/include ABSOLUTE)
embedded_include_directories(PATH ${TFM_ROOT_DIR}/interface/include ABSOLUTE)
embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/include ABSOLUTE)
embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/spm/include ABSOLUTE)
diff --git a/secure_fw/spm/cmsis_func/include/spm_func.h b/secure_fw/spm/cmsis_func/include/spm_func.h
new file mode 100644
index 0000000..7978f46
--- /dev/null
+++ b/secure_fw/spm/cmsis_func/include/spm_func.h
@@ -0,0 +1,360 @@
+/*
+ * Copyright (c) 2020, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef __SPM_FUNC_H__
+#define __SPM_FUNC_H__
+
+#include <stdint.h>
+#include "tfm_arch.h"
+#include "psa/client.h"
+
+#define SPM_PARTITION_STATE_UNINIT 0
+#define SPM_PARTITION_STATE_IDLE 1
+#define SPM_PARTITION_STATE_RUNNING 2
+#define SPM_PARTITION_STATE_HANDLING_IRQ 3
+#define SPM_PARTITION_STATE_SUSPENDED 4
+#define SPM_PARTITION_STATE_BLOCKED 5
+#define SPM_PARTITION_STATE_CLOSED 6
+
+#define EXC_NUM_THREAD_MODE (0)
+#define EXC_NUM_SVCALL (11)
+#define EXC_NUM_PENDSV (14)
+#define EXC_NUM_SYSTICK (15)
+
+#define SPM_INVALID_PARTITION_IDX (~0U)
+
+/* Privileged definitions for partition thread mode */
+#define TFM_PARTITION_UNPRIVILEGED_MODE 0
+#define TFM_PARTITION_PRIVILEGED_MODE 1
+
+#define SPM_PART_FLAG_APP_ROT 0x01
+#define SPM_PART_FLAG_PSA_ROT 0x02
+#define SPM_PART_FLAG_IPC 0x04
+
+enum spm_err_t {
+ SPM_ERR_OK = 0,
+ SPM_ERR_PARTITION_DB_NOT_INIT,
+ SPM_ERR_PARTITION_ALREADY_ACTIVE,
+ SPM_ERR_PARTITION_NOT_AVAILABLE,
+ SPM_ERR_INVALID_PARAMETER,
+ SPM_ERR_INVALID_CONFIG,
+};
+
+/**
+ * \brief Holds the iovec parameters that are passed to a service
+ *
+ * \note The size of the structure is (and have to be) multiple of 8 bytes
+ */
+struct iovec_args_t {
+ psa_invec in_vec[PSA_MAX_IOVEC]; /*!< Array of psa_invec objects */
+ size_t in_len; /*!< Number psa_invec objects in in_vec
+ */
+ psa_outvec out_vec[PSA_MAX_IOVEC]; /*!< Array of psa_outvec objects */
+ size_t out_len; /*!< Number psa_outvec objects in out_vec
+ */
+};
+
+/* The size of this struct must be multiple of 4 bytes as it is stacked to an
+ * uint32_t[] array
+ */
+struct interrupted_ctx_stack_frame_t {
+ uint32_t partition_state;
+};
+
+/* The size of this struct must be multiple of 4 bytes as it is stacked to an
+ * uint32_t[] array
+ */
+struct handler_ctx_stack_frame_t {
+ uint32_t partition_state;
+ uint32_t caller_partition_idx;
+};
+
+/**
+ * \brief Runtime context information of a partition
+ */
+struct spm_partition_runtime_data_t {
+ uint32_t partition_state;
+ uint32_t caller_partition_idx;
+ int32_t caller_client_id;
+ uint32_t stack_ptr;
+ uint32_t lr;
+ struct iovec_args_t iovec_args;
+ psa_outvec *orig_outvec;
+ uint32_t *ctx_stack_ptr;
+ uint32_t signal_mask; /*
+ * Service signal mask passed by
+ * psa_wait()
+ */
+};
+
+/**
+ * \brief Save interrupted partition context on ctx stack
+ *
+ * \param[in] partition_idx Partition index
+ *
+ * \note This function doesn't check if partition_idx is valid.
+ * \note This function doesn't whether the ctx stack overflows.
+ */
+void tfm_spm_partition_push_interrupted_ctx(uint32_t partition_idx);
+
+/**
+ * \brief Restores interrupted partition context on ctx stack
+ *
+ * \param[in] partition_idx Partition index
+ *
+ * \note This function doesn't check if partition_idx is valid.
+ * \note This function doesn't whether the ctx stack underflows.
+ */
+void tfm_spm_partition_pop_interrupted_ctx(uint32_t partition_idx);
+
+/**
+ * \brief Save handler partition context on ctx stack
+ *
+ * \param[in] partition_idx Partition index
+ *
+ * \note This function doesn't check if partition_idx is valid.
+ * \note This function doesn't whether the ctx stack overflows.
+ */
+void tfm_spm_partition_push_handler_ctx(uint32_t partition_idx);
+
+/**
+ * \brief Restores handler partition context on ctx stack
+ *
+ * \param[in] partition_idx Partition index
+ *
+ * \note This function doesn't check if partition_idx is valid.
+ * \note This function doesn't whether the ctx stack underflows.
+ */
+void tfm_spm_partition_pop_handler_ctx(uint32_t partition_idx);
+
+/**
+ * \brief Get the current runtime data of a partition
+ *
+ * \param[in] partition_idx Partition index
+ *
+ * \return The runtime data of the specified partition
+ *
+ * \note This function doesn't check if partition_idx is valid.
+ */
+const struct spm_partition_runtime_data_t *
+ tfm_spm_partition_get_runtime_data(uint32_t partition_idx);
+
+/**
+ * \brief Returns the index of the partition that has running state
+ *
+ * \return The index of the partition with the running state, if there is any
+ * set. 0 otherwise.
+ */
+uint32_t tfm_spm_partition_get_running_partition_idx(void);
+
+/**
+ * \brief Save stack pointer and link register for partition in database
+ *
+ * \param[in] partition_idx Partition index
+ * \param[in] stack_ptr Stack pointer to be stored
+ * \param[in] lr Link register to be stored
+ *
+ * \note This function doesn't check if partition_idx is valid.
+ */
+void tfm_spm_partition_store_context(uint32_t partition_idx, uint32_t stack_ptr,
+ uint32_t lr);
+
+/**
+ * \brief Set the current state of a partition
+ *
+ * \param[in] partition_idx Partition index
+ * \param[in] state The state to be set
+ *
+ * \note This function doesn't check if partition_idx is valid.
+ * \note The state has to have the value set of \ref spm_part_state_t.
+ */
+void tfm_spm_partition_set_state(uint32_t partition_idx, uint32_t state);
+
+/**
+ * \brief Set the caller partition index for a given partition
+ *
+ * \param[in] partition_idx Partition index
+ * \param[in] caller_partition_idx The index of the caller partition
+ *
+ * \note This function doesn't check if any of the partition_idxs are valid.
+ */
+void tfm_spm_partition_set_caller_partition_idx(uint32_t partition_idx,
+ uint32_t caller_partition_idx);
+
+/**
+ * \brief Set the caller client ID for a given partition
+ *
+ * \param[in] partition_idx Partition index
+ * \param[in] caller_client_id The ID of the calling client
+ *
+ * \note This function doesn't check if any of the partition_idxs are valid.
+ */
+void tfm_spm_partition_set_caller_client_id(uint32_t partition_idx,
+ int32_t caller_client_id);
+
+
+/**
+ * \brief Set the iovec parameters for the partition
+ *
+ * \param[in] partition_idx Partition index
+ * \param[in] args The arguments of the secure function
+ *
+ * args is expected to be of type int32_t[4] where:
+ * args[0] is in_vec
+ * args[1] is in_len
+ * args[2] is out_vec
+ * args[3] is out_len
+ *
+ * \return Error code \ref spm_err_t
+ *
+ * \note This function doesn't check if partition_idx is valid.
+ * \note This function assumes that the iovecs that are passed in args are
+ * valid, and does no sanity check on them at all.
+ */
+enum spm_err_t tfm_spm_partition_set_iovec(uint32_t partition_idx,
+ const int32_t *args);
+
+/**
+ * \brief Execute partition init function
+ *
+ * \return Error code \ref spm_err_t
+ */
+enum spm_err_t tfm_spm_partition_init(void);
+
+/**
+ * \brief Clears the context info from the database for a partition.
+ *
+ * \param[in] partition_idx Partition index
+ *
+ * \note This function doesn't check if partition_idx is valid.
+ */
+void tfm_spm_partition_cleanup_context(uint32_t partition_idx);
+
+/**
+ * \brief Set the signal mask for a given partition
+ *
+ * \param[in] partition_idx Partition index
+ * \param[in] signal_mask The signal mask to be set for the partition
+ *
+ * \note This function doesn't check if any of the partition_idxs are valid.
+ */
+void tfm_spm_partition_set_signal_mask(uint32_t partition_idx,
+ uint32_t signal_mask);
+
+/**
+ * \brief Signal that secure partition initialisation is finished
+ */
+void tfm_spm_secure_api_init_done(void);
+
+/**
+ * \brief Called if veneer is running in thread mode
+ */
+uint32_t tfm_spm_partition_request_svc_handler(
+ const uint32_t *svc_args, uint32_t lr);
+
+/**
+ * \brief Called when secure service returns
+ */
+uint32_t tfm_spm_partition_return_handler(uint32_t lr);
+
+/**
+ * \brief Stores caller's client id in state context
+ */
+void tfm_spm_get_caller_client_id_handler(uint32_t *svc_args);
+
+/**
+ * \brief Checks if a secure service's access to a memory location is permitted
+ */
+void tfm_spm_memory_permission_check_handler(uint32_t *svc_args);
+
+/**
+ * \brief Check whether a buffer is ok for writing to by the privileged API
+ * function.
+ *
+ * This function checks whether the caller partition owns the buffer, can write
+ * to it, and the buffer has proper alignment.
+ *
+ * \param[in] partition_idx Partition index
+ * \param[in] start_addr The start address of the buffer
+ * \param[in] len The length of the buffer
+ * \param[in] alignment The expected alignment (in bits)
+ *
+ * \return 1 if the check passes, 0 otherwise.
+ *
+ * \note For a 0 long buffer the check fails.
+ */
+int32_t tfm_spm_check_buffer_access(uint32_t partition_idx,
+ void *start_addr,
+ size_t len,
+ uint32_t alignment);
+
+/**
+ * \brief Handle deprivileged request
+ */
+extern uint32_t tfm_spm_depriv_req_handler(uint32_t *svc_args,
+ uint32_t excReturn);
+
+/**
+ * \brief Handle request to return to privileged
+ */
+uint32_t tfm_spm_depriv_return_handler(uint32_t *irq_svc_args, uint32_t lr);
+
+/**
+ * \brief Handle IRQ enable request
+ */
+void tfm_spm_enable_irq_handler(uint32_t *svc_args);
+
+/**
+ * \brief Handle IRQ disable request
+ */
+void tfm_spm_disable_irq_handler(uint32_t *svc_args);
+
+/**
+ * \brief Handle signal wait request
+ */
+void tfm_spm_psa_wait(uint32_t *svc_args);
+
+/**
+ * \brief Handle request to record IRQ processed
+ */
+void tfm_spm_psa_eoi(uint32_t *svc_args);
+
+/**
+ * \brief Get the id of the partition for its index from the db
+ *
+ * \param[in] partition_idx Partition index
+ *
+ * \return Partition ID for that partition
+ *
+ * \note This function doesn't check if partition_idx is valid.
+ */
+uint32_t tfm_spm_partition_get_partition_id(uint32_t partition_idx);
+
+/**
+ * \brief Initialize partition database
+ *
+ * \return Error code \ref spm_err_t
+ */
+enum spm_err_t tfm_spm_db_init(void);
+
+/**
+ * \brief Get the current partition mode.
+ *
+ * \param[in] partition_flags Flags of current partition
+ *
+ * \retval TFM_PARTITION_PRIVILEGED_MODE Privileged mode
+ * \retval TFM_PARTITION_UNPRIVILEGED_MODE Unprivileged mode
+ */
+uint32_t tfm_spm_partition_get_privileged_mode(uint32_t partition_flags);
+
+/**
+ * \brief Handle an SPM request by a secure service
+ * \param[in] svc_ctx The stacked SVC context
+ */
+void tfm_spm_request_handler(const struct tfm_state_context_t *svc_ctx);
+
+#endif /* __SPM_FUNC_H__ */
diff --git a/secure_fw/spm/cmsis_func/spm_func.c b/secure_fw/spm/cmsis_func/spm_func.c
index 9cfd1a8..c42d195 100644
--- a/secure_fw/spm/cmsis_func/spm_func.c
+++ b/secure_fw/spm/cmsis_func/spm_func.c
@@ -17,10 +17,12 @@
#include "tfm_peripherals_def.h"
#include "tfm_secure_api.h"
#include "tfm_spm_hal.h"
-#include "spm_api.h"
+#include "spm_func.h"
#include "spm_db.h"
#include "region_defs.h"
#include "region.h"
+#include "spm_partition_defs.h"
+#include "psa_manifest/pid.h"
#include "tfm/tfm_spm_services.h"
#include "tfm_spm_db_func.inc"
diff --git a/secure_fw/spm/cmsis_func/tfm_core_svcalls_func.c b/secure_fw/spm/cmsis_func/tfm_core_svcalls_func.c
index c1b21f6..98d776b 100644
--- a/secure_fw/spm/cmsis_func/tfm_core_svcalls_func.c
+++ b/secure_fw/spm/cmsis_func/tfm_core_svcalls_func.c
@@ -10,7 +10,7 @@
#include "tfm/tfm_core_svc.h"
#include "tfm_secure_api.h"
#include "region_defs.h"
-#include "spm_api.h"
+#include "spm_func.h"
#include "spm_partition_defs.h"
#include "tfm_api.h"
#include "tfm_internal.h"
diff --git a/secure_fw/spm/cmsis_func/tfm_nspm_func.c b/secure_fw/spm/cmsis_func/tfm_nspm_func.c
index bc36c15..73eca4c 100644
--- a/secure_fw/spm/cmsis_func/tfm_nspm_func.c
+++ b/secure_fw/spm/cmsis_func/tfm_nspm_func.c
@@ -7,7 +7,7 @@
#include <stdbool.h>
#include "cmsis_compiler.h"
-#include "spm_api.h"
+#include "spm_func.h"
#include "tfm_spm_hal.h"
#include "tfm_arch.h"
#include "tfm_api.h"
diff --git a/secure_fw/spm/cmsis_func/tfm_secure_api.c b/secure_fw/spm/cmsis_func/tfm_secure_api.c
index d4fe179..d2647f8 100644
--- a/secure_fw/spm/cmsis_func/tfm_secure_api.c
+++ b/secure_fw/spm/cmsis_func/tfm_secure_api.c
@@ -6,7 +6,7 @@
*/
#include <stdbool.h>
-#include "spm_api.h"
+#include "spm_func.h"
#include "tfm_secure_api.h"
void tfm_secure_api_error_handler(void)
diff --git a/secure_fw/spm/cmsis_func/tfm_spm_db_func.inc b/secure_fw/spm/cmsis_func/tfm_spm_db_func.inc
index 54f2ddb..d33a12d 100644
--- a/secure_fw/spm/cmsis_func/tfm_spm_db_func.inc
+++ b/secure_fw/spm/cmsis_func/tfm_spm_db_func.inc
@@ -10,7 +10,6 @@
#ifndef __TFM_SPM_DB_FUNC_INC__
#define __TFM_SPM_DB_FUNC_INC__
-#include "spm_api.h"
#include "psa_manifest/sid.h"
/**************************************************************************/
diff --git a/secure_fw/spm/cmsis_func/tfm_spm_db_func.inc.template b/secure_fw/spm/cmsis_func/tfm_spm_db_func.inc.template
index 8f424b8..dec813e 100644
--- a/secure_fw/spm/cmsis_func/tfm_spm_db_func.inc.template
+++ b/secure_fw/spm/cmsis_func/tfm_spm_db_func.inc.template
@@ -10,7 +10,6 @@
#ifndef __TFM_SPM_DB_FUNC_INC__
#define __TFM_SPM_DB_FUNC_INC__
-#include "spm_api.h"
#include "psa_manifest/sid.h"
{# Produce a build error if heap_size is presented in the manifest, because of the dynamic memory allocation is not supported now. #}
diff --git a/secure_fw/spm/cmsis_psa/arch/tfm_arch_v8m_base.c b/secure_fw/spm/cmsis_psa/arch/tfm_arch_v8m_base.c
index 7c3c0fe..a05a6ca 100644
--- a/secure_fw/spm/cmsis_psa/arch/tfm_arch_v8m_base.c
+++ b/secure_fw/spm/cmsis_psa/arch/tfm_arch_v8m_base.c
@@ -6,17 +6,16 @@
*/
#include <inttypes.h>
+#include "spm_ipc.h"
#include "tfm_hal_device_header.h"
#include "tfm_arch.h"
#include "tfm_secure_api.h"
-#include "spm_api.h"
#include "tfm/tfm_core_svc.h"
#if !defined(__ARM_ARCH_8M_BASE__)
#error "Unsupported ARM Architecture."
#endif
-#ifdef TFM_PSA_API
/*
* Stack status at PendSV entry:
*
@@ -85,7 +84,6 @@
p_actx->sp_limit = sp_limit;
p_actx->lr = EXC_RETURN_THREAD_S_PSP;
}
-#endif
/**
* \brief Overwrites default Hard fault handler.
diff --git a/secure_fw/spm/cmsis_psa/arch/tfm_arch_v8m_main.c b/secure_fw/spm/cmsis_psa/arch/tfm_arch_v8m_main.c
index d03d051..2ae8337 100644
--- a/secure_fw/spm/cmsis_psa/arch/tfm_arch_v8m_main.c
+++ b/secure_fw/spm/cmsis_psa/arch/tfm_arch_v8m_main.c
@@ -12,7 +12,7 @@
#include "tfm_memory_utils.h"
#include "tfm_core_utils.h"
#include "tfm_secure_api.h"
-#include "spm_api.h"
+#include "spm_ipc.h"
#include "tfm/tfm_core_svc.h"
#if !defined(__ARM_ARCH_8M_MAIN__) && !defined(__ARM_ARCH_8_1M_MAIN__)
@@ -30,7 +30,6 @@
uint32_t RETPSR;
} tfm_fault_context;
-#ifdef TFM_PSA_API
/*
* Stack status at PendSV entry:
*
@@ -88,7 +87,6 @@
p_actx->sp_limit = sp_limit;
p_actx->lr = EXC_RETURN_THREAD_S_PSP;
}
-#endif
/**
* \brief Overwrites default Secure fault handler.
diff --git a/secure_fw/spm/include/spm_api.h b/secure_fw/spm/cmsis_psa/include/spm_ipc.h
similarity index 70%
rename from secure_fw/spm/include/spm_api.h
rename to secure_fw/spm/cmsis_psa/include/spm_ipc.h
index 51e4f9e..2a42b23 100644
--- a/secure_fw/spm/include/spm_api.h
+++ b/secure_fw/spm/cmsis_psa/include/spm_ipc.h
@@ -1,31 +1,40 @@
/*
- * Copyright (c) 2017-2020, Arm Limited. All rights reserved.
+ * Copyright (c) 2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
*/
-#ifndef __SPM_API_H__
-#define __SPM_API_H__
+#ifndef __SPM_IPC_H__
+#define __SPM_IPC_H__
-/* This file contains the apis exported by the SPM to tfm core */
-#include "tfm_api.h"
-#include "spm_partition_defs.h"
-#include "tfm_secure_api.h"
-#include <stdbool.h>
-#ifdef TFM_PSA_API
+#include <stdint.h>
+#include "tfm_arch.h"
#include "tfm_list.h"
#include "tfm_wait.h"
#include "tfm_message_queue.h"
#include "tfm_secure_api.h"
#include "tfm_thread.h"
-#endif
+#include "psa/service.h"
+
+#define TFM_VERSION_POLICY_RELAXED 0
+#define TFM_VERSION_POLICY_STRICT 1
+
+#define TFM_HANDLE_STATUS_IDLE 0
+#define TFM_HANDLE_STATUS_ACTIVE 1
+#define TFM_HANDLE_STATUS_CONNECT_ERROR 2
+
+#define TFM_CONN_HANDLE_MAX_NUM 16
#define SPM_INVALID_PARTITION_IDX (~0U)
/* Privileged definitions for partition thread mode */
-#define TFM_PARTITION_PRIVILEGED_MODE 1
#define TFM_PARTITION_UNPRIVILEGED_MODE 0
+#define TFM_PARTITION_PRIVILEGED_MODE 1
+
+#define SPM_PART_FLAG_APP_ROT 0x01
+#define SPM_PART_FLAG_PSA_ROT 0x02
+#define SPM_PART_FLAG_IPC 0x04
enum spm_err_t {
SPM_ERR_OK = 0,
@@ -36,113 +45,21 @@
SPM_ERR_INVALID_CONFIG,
};
-#define SPM_PARTITION_STATE_UNINIT 0
-#define SPM_PARTITION_STATE_IDLE 1
-#define SPM_PARTITION_STATE_RUNNING 2
-#define SPM_PARTITION_STATE_HANDLING_IRQ 3
-#define SPM_PARTITION_STATE_SUSPENDED 4
-#define SPM_PARTITION_STATE_BLOCKED 5
-#define SPM_PARTITION_STATE_CLOSED 6
-
-#define SPM_PART_FLAG_APP_ROT 0x01
-#define SPM_PART_FLAG_PSA_ROT 0x02
-#define SPM_PART_FLAG_IPC 0x04
-
-#define TFM_HANDLE_STATUS_IDLE 0
-#define TFM_HANDLE_STATUS_ACTIVE 1
-#define TFM_HANDLE_STATUS_CONNECT_ERROR 2
-
-#ifndef TFM_PSA_API
-
-#define EXC_NUM_THREAD_MODE (0)
-#define EXC_NUM_SVCALL (11)
-#define EXC_NUM_PENDSV (14)
-#define EXC_NUM_SYSTICK (15)
-
-/**
- * \brief Holds the iovec parameters that are passed to a service
- *
- * \note The size of the structure is (and have to be) multiple of 8 bytes
- */
-struct iovec_args_t {
- psa_invec in_vec[PSA_MAX_IOVEC]; /*!< Array of psa_invec objects */
- size_t in_len; /*!< Number psa_invec objects in in_vec
- */
- psa_outvec out_vec[PSA_MAX_IOVEC]; /*!< Array of psa_outvec objects */
- size_t out_len; /*!< Number psa_outvec objects in out_vec
- */
-};
-
-/* The size of this struct must be multiple of 4 bytes as it is stacked to an
- * uint32_t[] array
- */
-struct interrupted_ctx_stack_frame_t {
- uint32_t partition_state;
-};
-
-/* The size of this struct must be multiple of 4 bytes as it is stacked to an
- * uint32_t[] array
- */
-struct handler_ctx_stack_frame_t {
- uint32_t partition_state;
- uint32_t caller_partition_idx;
-};
-#endif /* !define(TFM_PSA_API) */
-
/**
* \brief Runtime context information of a partition
*/
struct spm_partition_runtime_data_t {
-#ifdef TFM_PSA_API
uint32_t signals; /* Service signals had been triggered*/
struct tfm_event_t signal_evnt; /* Event signal */
struct tfm_list_node_t service_list;/* Service list */
struct tfm_core_thread_t sp_thrd; /* Thread object */
uint32_t assigned_signals; /* All assigned signals */
-#else /* TFM_PSA_API */
- uint32_t partition_state;
- uint32_t caller_partition_idx;
- int32_t caller_client_id;
- uint32_t stack_ptr;
- uint32_t lr;
- struct iovec_args_t iovec_args;
- psa_outvec *orig_outvec;
- uint32_t *ctx_stack_ptr;
-#endif /* TFM_PSA_API */
uint32_t signal_mask; /*
* Service signal mask passed by
* psa_wait()
*/
};
-#ifdef TFM_PSA_API
-
-#define TFM_VERSION_POLICY_RELAXED 0
-#define TFM_VERSION_POLICY_STRICT 1
-
-#define TFM_CONN_HANDLE_MAX_NUM 16
-
-/* RoT connection handle list */
-struct tfm_conn_handle_t {
- void *rhandle; /* Reverse handle value */
- uint32_t status; /*
- * Status of handle, three valid
- * options:
- * TFM_HANDLE_STATUS_ACTIVE,
- * TFM_HANDLE_STATUS_IDLE and
- * TFM_HANDLE_STATUS_CONNECT_ERROR
- */
- int32_t client_id; /*
- * Partition ID of the sender of the
- * message:
- * - secure partition id;
- * - non secure client endpoint id.
- */
- struct tfm_msg_body_t internal_msg; /* Internal message for message queue */
- struct tfm_spm_service_t *service; /* RoT service pointer */
- struct tfm_list_node_t list; /* list node */
-};
-
/* Service database defined by manifest */
struct tfm_spm_service_db_t {
char *name; /* Service name */
@@ -166,23 +83,31 @@
struct tfm_list_node_t list; /* For list operation */
};
+/* RoT connection handle list */
+struct tfm_conn_handle_t {
+ void *rhandle; /* Reverse handle value */
+ uint32_t status; /*
+ * Status of handle, three valid
+ * options:
+ * TFM_HANDLE_STATUS_ACTIVE,
+ * TFM_HANDLE_STATUS_IDLE and
+ * TFM_HANDLE_STATUS_CONNECT_ERROR
+ */
+ int32_t client_id; /*
+ * Partition ID of the sender of the
+ * message:
+ * - secure partition id;
+ * - non secure client endpoint id.
+ */
+ struct tfm_msg_body_t internal_msg; /* Internal message for message queue */
+ struct tfm_spm_service_t *service; /* RoT service pointer */
+ struct tfm_list_node_t list; /* list node */
+};
+
enum tfm_memory_access_e {
TFM_MEMORY_ACCESS_RO = 1,
TFM_MEMORY_ACCESS_RW = 2,
};
-#endif /* ifdef(TFM_PSA_API) */
-
-/*********************** common definitions ***********************/
-/**
- * \brief Get the id of the partition for its index from the db
- *
- * \param[in] partition_idx Partition index
- *
- * \return Partition ID for that partition
- *
- * \note This function doesn't check if partition_idx is valid.
- */
-uint32_t tfm_spm_partition_get_partition_id(uint32_t partition_idx);
/**
* \brief Initialize partition database
@@ -207,245 +132,6 @@
*/
void tfm_spm_request_handler(const struct tfm_state_context_t *svc_ctx);
-/*********************** library definitions ***********************/
-
-#ifndef TFM_PSA_API
-/**
- * \brief Save interrupted partition context on ctx stack
- *
- * \param[in] partition_idx Partition index
- *
- * \note This function doesn't check if partition_idx is valid.
- * \note This function doesn't whether the ctx stack overflows.
- */
-void tfm_spm_partition_push_interrupted_ctx(uint32_t partition_idx);
-
-/**
- * \brief Restores interrupted partition context on ctx stack
- *
- * \param[in] partition_idx Partition index
- *
- * \note This function doesn't check if partition_idx is valid.
- * \note This function doesn't whether the ctx stack underflows.
- */
-void tfm_spm_partition_pop_interrupted_ctx(uint32_t partition_idx);
-
-/**
- * \brief Save handler partition context on ctx stack
- *
- * \param[in] partition_idx Partition index
- *
- * \note This function doesn't check if partition_idx is valid.
- * \note This function doesn't whether the ctx stack overflows.
- */
-void tfm_spm_partition_push_handler_ctx(uint32_t partition_idx);
-
-/**
- * \brief Restores handler partition context on ctx stack
- *
- * \param[in] partition_idx Partition index
- *
- * \note This function doesn't check if partition_idx is valid.
- * \note This function doesn't whether the ctx stack underflows.
- */
-void tfm_spm_partition_pop_handler_ctx(uint32_t partition_idx);
-
-/**
- * \brief Get the current runtime data of a partition
- *
- * \param[in] partition_idx Partition index
- *
- * \return The runtime data of the specified partition
- *
- * \note This function doesn't check if partition_idx is valid.
- */
-const struct spm_partition_runtime_data_t *
- tfm_spm_partition_get_runtime_data(uint32_t partition_idx);
-
-/**
- * \brief Returns the index of the partition that has running state
- *
- * \return The index of the partition with the running state, if there is any
- * set. 0 otherwise.
- */
-uint32_t tfm_spm_partition_get_running_partition_idx(void);
-
-/**
- * \brief Save stack pointer and link register for partition in database
- *
- * \param[in] partition_idx Partition index
- * \param[in] stack_ptr Stack pointer to be stored
- * \param[in] lr Link register to be stored
- *
- * \note This function doesn't check if partition_idx is valid.
- */
-void tfm_spm_partition_store_context(uint32_t partition_idx,
- uint32_t stack_ptr, uint32_t lr);
-
-/**
- * \brief Set the current state of a partition
- *
- * \param[in] partition_idx Partition index
- * \param[in] state The state to be set
- *
- * \note This function doesn't check if partition_idx is valid.
- * \note The state has to have the value set of \ref spm_part_state_t.
- */
-void tfm_spm_partition_set_state(uint32_t partition_idx, uint32_t state);
-
-/**
- * \brief Set the caller partition index for a given partition
- *
- * \param[in] partition_idx Partition index
- * \param[in] caller_partition_idx The index of the caller partition
- *
- * \note This function doesn't check if any of the partition_idxs are valid.
- */
-void tfm_spm_partition_set_caller_partition_idx(uint32_t partition_idx,
- uint32_t caller_partition_idx);
-
-/**
- * \brief Set the caller client ID for a given partition
- *
- * \param[in] partition_idx Partition index
- * \param[in] caller_client_id The ID of the calling client
- *
- * \note This function doesn't check if any of the partition_idxs are valid.
- */
-void tfm_spm_partition_set_caller_client_id(uint32_t partition_idx,
- int32_t caller_client_id);
-
-
-/**
- * \brief Set the iovec parameters for the partition
- *
- * \param[in] partition_idx Partition index
- * \param[in] args The arguments of the secure function
- *
- * args is expected to be of type int32_t[4] where:
- * args[0] is in_vec
- * args[1] is in_len
- * args[2] is out_vec
- * args[3] is out_len
- *
- * \return Error code \ref spm_err_t
- *
- * \note This function doesn't check if partition_idx is valid.
- * \note This function assumes that the iovecs that are passed in args are
- * valid, and does no sanity check on them at all.
- */
-enum spm_err_t tfm_spm_partition_set_iovec(uint32_t partition_idx,
- const int32_t *args);
-
-/**
- * \brief Execute partition init function
- *
- * \return Error code \ref spm_err_t
- */
-enum spm_err_t tfm_spm_partition_init(void);
-
-/**
- * \brief Clears the context info from the database for a partition.
- *
- * \param[in] partition_idx Partition index
- *
- * \note This function doesn't check if partition_idx is valid.
- */
-void tfm_spm_partition_cleanup_context(uint32_t partition_idx);
-
-/**
- * \brief Set the signal mask for a given partition
- *
- * \param[in] partition_idx Partition index
- * \param[in] signal_mask The signal mask to be set for the partition
- *
- * \note This function doesn't check if any of the partition_idxs are valid.
- */
-void tfm_spm_partition_set_signal_mask(uint32_t partition_idx,
- uint32_t signal_mask);
-
-/**
- * \brief Signal that secure partition initialisation is finished
- */
-void tfm_spm_secure_api_init_done(void);
-
-/**
- * \brief Called if veneer is running in thread mode
- */
-uint32_t tfm_spm_partition_request_svc_handler(
- const uint32_t *svc_args, uint32_t lr);
-
-/**
- * \brief Called when secure service returns
- */
-uint32_t tfm_spm_partition_return_handler(uint32_t lr);
-
-/**
- * \brief Stores caller's client id in state context
- */
-void tfm_spm_get_caller_client_id_handler(uint32_t *svc_args);
-
-/**
- * \brief Checks if a secure service's access to a memory location is permitted
- */
-void tfm_spm_memory_permission_check_handler(uint32_t *svc_args);
-
-/**
- * \brief Check whether a buffer is ok for writing to by the privileged API
- * function.
- *
- * This function checks whether the caller partition owns the buffer, can write
- * to it, and the buffer has proper alignment.
- *
- * \param[in] partition_idx Partition index
- * \param[in] start_addr The start address of the buffer
- * \param[in] len The length of the buffer
- * \param[in] alignment The expected alignment (in bits)
- *
- * \return 1 if the check passes, 0 otherwise.
- *
- * \note For a 0 long buffer the check fails.
- */
-int32_t tfm_spm_check_buffer_access(uint32_t partition_idx,
- void *start_addr,
- size_t len,
- uint32_t alignment);
-
-/**
- * \brief Handle deprivileged request
- */
-extern uint32_t tfm_spm_depriv_req_handler(uint32_t *svc_args,
- uint32_t excReturn);
-
-/**
- * \brief Handle request to return to privileged
- */
-uint32_t tfm_spm_depriv_return_handler(uint32_t *irq_svc_args, uint32_t lr);
-
-/**
- * \brief Handle IRQ enable request
- */
-void tfm_spm_enable_irq_handler(uint32_t *svc_args);
-
-/**
- * \brief Handle IRQ disable request
- */
-void tfm_spm_disable_irq_handler(uint32_t *svc_args);
-
-/**
- * \brief Handle signal wait request
- */
-void tfm_spm_psa_wait(uint32_t *svc_args);
-
-/**
- * \brief Handle request to record IRQ processed
- */
-void tfm_spm_psa_eoi(uint32_t *svc_args);
-#endif /* !defined(TFM_PSA_API) */
-
-#ifdef TFM_PSA_API
-/*************************** IPC definitions **************************/
-
/**
* \brief Get the running partition ID.
*
@@ -937,6 +623,4 @@
*/
struct tfm_conn_handle_t *tfm_spm_to_handle_instance(psa_handle_t user_handle);
-#endif /* defined(TFM_PSA_API) */
-
-#endif /*__SPM_API_H__ */
+#endif /* __SPM_IPC_H__ */
diff --git a/secure_fw/spm/cmsis_psa/spm_ipc.c b/secure_fw/spm/cmsis_psa/spm_ipc.c
index f15344c..a477a86 100644
--- a/secure_fw/spm/cmsis_psa/spm_ipc.c
+++ b/secure_fw/spm/cmsis_psa/spm_ipc.c
@@ -20,7 +20,7 @@
#include "tfm_api.h"
#include "tfm_secure_api.h"
#include "tfm_memory_utils.h"
-#include "spm_api.h"
+#include "spm_ipc.h"
#include "tfm_peripherals_def.h"
#include "spm_db.h"
#include "tfm_core_utils.h"
@@ -33,6 +33,8 @@
#include "tfm_pools.h"
#include "region.h"
#include "region_defs.h"
+#include "spm_partition_defs.h"
+#include "psa_manifest/pid.h"
#include "tfm/tfm_spm_services.h"
#include "secure_fw/partitions/tfm_service_list.inc"
diff --git a/secure_fw/spm/cmsis_psa/spm_psa_client_call.c b/secure_fw/spm/cmsis_psa/spm_psa_client_call.c
index 9fca10c..0f9603b 100644
--- a/secure_fw/spm/cmsis_psa/spm_psa_client_call.c
+++ b/secure_fw/spm/cmsis_psa/spm_psa_client_call.c
@@ -6,7 +6,7 @@
*/
#include "psa/service.h"
-#include "spm_api.h"
+#include "spm_ipc.h"
#include "tfm_core_utils.h"
#include "tfm_internal_defines.h"
#include "tfm_memory_utils.h"
diff --git a/secure_fw/spm/cmsis_psa/spm_psa_client_call.h b/secure_fw/spm/cmsis_psa/spm_psa_client_call.h
index 5146e76..ae2a5d2 100644
--- a/secure_fw/spm/cmsis_psa/spm_psa_client_call.h
+++ b/secure_fw/spm/cmsis_psa/spm_psa_client_call.h
@@ -9,6 +9,7 @@
#define __TFM_PSA_CLIENT_CALL_H__
#include <stdint.h>
+#include <stdbool.h>
#include "psa/client.h"
/* Common handlers for PSA client calls */
diff --git a/secure_fw/spm/cmsis_psa/tfm_core_svcalls_ipc.c b/secure_fw/spm/cmsis_psa/tfm_core_svcalls_ipc.c
index 7f8bbd9..c4b9327 100644
--- a/secure_fw/spm/cmsis_psa/tfm_core_svcalls_ipc.c
+++ b/secure_fw/spm/cmsis_psa/tfm_core_svcalls_ipc.c
@@ -7,7 +7,6 @@
#include <string.h>
#include "region.h"
-#include "spm_api.h"
#include "spm_db.h"
#include "tfm_api.h"
#include "tfm_arch.h"
diff --git a/secure_fw/spm/cmsis_psa/tfm_multi_core_mem_check.c b/secure_fw/spm/cmsis_psa/tfm_multi_core_mem_check.c
index 9cf8bf8..1773772 100644
--- a/secure_fw/spm/cmsis_psa/tfm_multi_core_mem_check.c
+++ b/secure_fw/spm/cmsis_psa/tfm_multi_core_mem_check.c
@@ -8,7 +8,7 @@
#include "tfm_spm_hal.h"
#include "region_defs.h"
-#include "spm_api.h"
+#include "spm_ipc.h"
#include "tfm_internal.h"
#include "tfm_multi_core.h"
#include "tfm_secure_api.h"
diff --git a/secure_fw/spm/cmsis_psa/tfm_rpc.c b/secure_fw/spm/cmsis_psa/tfm_rpc.c
index 351c971..402b055 100644
--- a/secure_fw/spm/cmsis_psa/tfm_rpc.c
+++ b/secure_fw/spm/cmsis_psa/tfm_rpc.c
@@ -5,7 +5,7 @@
*
*/
-#include "spm_api.h"
+#include "spm_ipc.h"
#include "spm_psa_client_call.h"
#include "tfm_rpc.h"
#include "utilities.h"
diff --git a/secure_fw/spm/cmsis_psa/tfm_spm_db_ipc.inc b/secure_fw/spm/cmsis_psa/tfm_spm_db_ipc.inc
index 0102970..1ddaf75 100644
--- a/secure_fw/spm/cmsis_psa/tfm_spm_db_ipc.inc
+++ b/secure_fw/spm/cmsis_psa/tfm_spm_db_ipc.inc
@@ -10,7 +10,6 @@
#ifndef __TFM_SPM_DB_IPC_INC__
#define __TFM_SPM_DB_IPC_INC__
-#include "spm_api.h"
#include "psa_manifest/sid.h"
/**************************************************************************/
diff --git a/secure_fw/spm/cmsis_psa/tfm_spm_db_ipc.inc.template b/secure_fw/spm/cmsis_psa/tfm_spm_db_ipc.inc.template
index 86390df..33549e3 100644
--- a/secure_fw/spm/cmsis_psa/tfm_spm_db_ipc.inc.template
+++ b/secure_fw/spm/cmsis_psa/tfm_spm_db_ipc.inc.template
@@ -10,7 +10,6 @@
#ifndef __TFM_SPM_DB_IPC_INC__
#define __TFM_SPM_DB_IPC_INC__
-#include "spm_api.h"
#include "psa_manifest/sid.h"
{# Produce a build error if heap_size is presented in the manifest, because of the dynamic memory allocation is not supported now. #}
diff --git a/secure_fw/spm/cmsis_psa/tfm_thread.c b/secure_fw/spm/cmsis_psa/tfm_thread.c
index e3554e3..8e95a1f 100644
--- a/secure_fw/spm/cmsis_psa/tfm_thread.c
+++ b/secure_fw/spm/cmsis_psa/tfm_thread.c
@@ -10,7 +10,6 @@
#include "utilities.h"
#include "tfm_memory_utils.h"
#include "tfm/tfm_core_svc.h"
-#include "spm_api.h"
#include "tfm_core_utils.h"
/* Force ZERO in case ZI(bss) clear is missing */
diff --git a/secure_fw/spm/common/init/tfm_boot_data.c b/secure_fw/spm/common/init/tfm_boot_data.c
index 20739a6..5305554 100644
--- a/secure_fw/spm/common/init/tfm_boot_data.c
+++ b/secure_fw/spm/common/init/tfm_boot_data.c
@@ -12,7 +12,6 @@
#include "tfm_internal.h"
#include "tfm_api.h"
#include "tfm_core_utils.h"
-#include "spm_api.h"
#include "spm_partition_defs.h"
#ifdef TFM_PSA_API
#include "tfm_internal_defines.h"
@@ -23,6 +22,9 @@
#include "tfm_message_queue.h"
#include "tfm_spm_hal.h"
#include "spm_db.h"
+#include "spm_ipc.h"
+#else
+#include "spm_func.h"
#endif
/*!
diff --git a/secure_fw/spm/common/init/tfm_core.c b/secure_fw/spm/common/init/tfm_core.c
index 6be9c35..a6a77fc 100644
--- a/secure_fw/spm/common/init/tfm_core.c
+++ b/secure_fw/spm/common/init/tfm_core.c
@@ -12,7 +12,12 @@
#include "tfm_spm_hal.h"
#include "tfm_version.h"
#include "log/tfm_log.h"
-#include "spm_api.h"
+#ifdef TFM_PSA_API
+#include "spm_ipc.h"
+#else
+#include "spm_func.h"
+#include "spm_partition_defs.h"
+#endif
/*
* Avoids the semihosting issue
diff --git a/secure_fw/spm/common/runtime/tfm_core_mem_check.c b/secure_fw/spm/common/runtime/tfm_core_mem_check.c
index d0983cb..0514785 100644
--- a/secure_fw/spm/common/runtime/tfm_core_mem_check.c
+++ b/secure_fw/spm/common/runtime/tfm_core_mem_check.c
@@ -6,9 +6,15 @@
*/
#include <arm_cmse.h>
+#include <stdbool.h>
#include "region_defs.h"
-#include "spm_api.h"
+#include "tfm_arch.h"
#include "tfm_api.h"
+#ifdef TFM_PSA_API
+#include "spm_ipc.h"
+#else
+#include "spm_func.h"
+#endif
/**
* \brief Check whether the current partition has access to a memory range
diff --git a/secure_fw/spm/include/spm_db.h b/secure_fw/spm/include/spm_db.h
index 912b438..a6d58d0 100644
--- a/secure_fw/spm/include/spm_db.h
+++ b/secure_fw/spm/include/spm_db.h
@@ -12,6 +12,9 @@
#include "target_cfg.h"
#ifdef TFM_PSA_API
#include "tfm_spm_hal.h"
+#include "spm_ipc.h"
+#else
+#include "spm_func.h"
#endif
struct spm_partition_desc_t;