SPM: tfm_hal_post_partition_init_hook - platform hook
tfm_hal_post_partition_init_hook is a new hook that is optionally called
if CONFIG_TFM_POST_PARTITION_INIT_HOOK macro is set to 1. It allows
platform to implement some additional stuff after last partition has
been bounded right before starting scheduler.
Signed-off-by: Roman Mazurak <roman.mazurak@infineon.com>
Change-Id: I743bb7870b7fb68683596c097f7d57490558863c
diff --git a/config/config_base.h b/config/config_base.h
index 3201cf5..cd7d333 100644
--- a/config/config_base.h
+++ b/config/config_base.h
@@ -270,6 +270,14 @@
#define CONFIG_TFM_SECURE_THREAD_MASK_NS_INTERRUPT 0
#endif
+/*
+ * tfm_hal_post_partition_init_hook is called if this option is enabled.
+ * It's called by SPM right before starting scheduler.
+ */
+#ifndef CONFIG_TFM_POST_PARTITION_INIT_HOOK
+#define CONFIG_TFM_POST_PARTITION_INIT_HOOK 0
+#endif
+
/* Enable OTP/NV_COUNTERS emulation in RAM */
#ifndef OTP_NV_COUNTERS_RAM_EMULATION
#define OTP_NV_COUNTERS_RAM_EMULATION 0
diff --git a/docs/design_docs/software/hardware_abstraction_layer.rst b/docs/design_docs/software/hardware_abstraction_layer.rst
index e8fbf11..b93ca38 100644
--- a/docs/design_docs/software/hardware_abstraction_layer.rst
+++ b/docs/design_docs/software/hardware_abstraction_layer.rst
@@ -572,6 +572,29 @@
- ``true`` - A switching is needed
- ``false`` - No need for a boundary switch
+tfm_hal_post_partition_init_hook()
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+**Prototype**
+
+.. code-block:: c
+
+ enum tfm_hal_status_t tfm_hal_post_partition_init_hook(void)
+
+**Description**
+
+This API let the platform to finish static isolation after all partitions have been bound.
+It's called by SPM right before starting scheduler. Use CONFIG_TFM_POST_PARTITION_INIT_HOOK
+to enable it.
+
+**Parameter**
+
+- ``void`` - None
+
+**Return Values**
+
+- ``TFM_HAL_SUCCESS`` - Booting has been successful.
+- ``TFM_HAL_ERROR_GENERIC`` - Error occurred.
+
Log API
=======
The log API is used by the :term:`TF-M` :doc:`log system </design_docs/tfm_log_system_design_document>`.
diff --git a/platform/include/tfm_hal_isolation.h b/platform/include/tfm_hal_isolation.h
index 2ae0abb..2228b25 100644
--- a/platform/include/tfm_hal_isolation.h
+++ b/platform/include/tfm_hal_isolation.h
@@ -125,6 +125,19 @@
FIH_RET_TYPE(bool) tfm_hal_boundary_need_switch(uintptr_t boundary_from,
uintptr_t boundary_to);
+#if CONFIG_TFM_POST_PARTITION_INIT_HOOK == 1
+/**
+ * \brief This API let the platform to finish static isolation after all partitions
+ * have been bound.
+ *
+ * It's called by SPM right before starting scheduler.
+ *
+ * \return TFM_HAL_SUCCESS - Booting has been successful.
+ * TFM_HAL_ERROR_GENERIC - Error occurred.
+ */
+FIH_RET_TYPE(enum tfm_hal_status_t) tfm_hal_post_partition_init_hook(void);
+#endif /* CONFIG_TFM_POST_PARTITION_INIT_HOOK == 1 */
+
#ifdef __cplusplus
}
#endif
diff --git a/secure_fw/spm/core/spm_ipc.c b/secure_fw/spm/core/spm_ipc.c
index 2db196f..d5d66fa 100644
--- a/secure_fw/spm/core/spm_ipc.c
+++ b/secure_fw/spm/core/spm_ipc.c
@@ -427,6 +427,17 @@
backend_init_comp_assuredly(partition, service_setting);
}
+#if CONFIG_TFM_POST_PARTITION_INIT_HOOK == 1
+ /*
+ * Platform can use CONFIG_TFM_POST_PARTITION_INIT_HOOK option to add extra initialization
+ * steps after static initialization of partitions' isolation has been completed.
+ */
+ FIH_CALL(tfm_hal_post_partition_init_hook, fih_rc);
+ if (fih_not_eq(fih_rc, fih_int_encode(TFM_HAL_SUCCESS))) {
+ tfm_core_panic();
+ }
+#endif /* CONFIG_TFM_POST_PARTITION_INIT_HOOK == 1 */
+
return backend_system_run();
}