Build: Unify isolation level setting with TFM_ISOLATION_LEVEL
There is a CMake configuration "TFM_ISOLATION_LEVEL", which can also be
used as the CMake compile definition. To make the code easier to
maintain, remove current compile definition "TFM_LVL" and unify the
isolation level setting with "TFM_ISOLATION_LEVEL".
Signed-off-by: Xinyu Zhang <xinyu.zhang@arm.com>
Change-Id: I659744b470e8da6f14457094402e45cf77964406
diff --git a/interface/CMakeLists.txt b/interface/CMakeLists.txt
index 9a0c7e0..f3434e2 100644
--- a/interface/CMakeLists.txt
+++ b/interface/CMakeLists.txt
@@ -41,7 +41,7 @@
target_compile_definitions(psa_interface
INTERFACE
$<$<BOOL:${CONFIG_TFM_ENABLE_CTX_MGMT}>:CONFIG_TFM_ENABLE_CTX_MGMT>
- $<$<BOOL:${TFM_ISOLATION_LEVEL}>:TFM_LVL=${TFM_ISOLATION_LEVEL}>
+ $<$<BOOL:${TFM_ISOLATION_LEVEL}>:TFM_ISOLATION_LEVEL=${TFM_ISOLATION_LEVEL}>
$<$<BOOL:${CONFIG_TFM_USE_TRUSTZONE}>:CONFIG_TFM_USE_TRUSTZONE>
$<$<BOOL:${TFM_MULTI_CORE_TOPOLOGY}>:TFM_MULTI_CORE_TOPOLOGY>
$<$<BOOL:${CONFIG_TFM_PARTITION_META}>:CONFIG_TFM_PARTITION_META>
diff --git a/interface/include/config_impl.h.template b/interface/include/config_impl.h.template
index 4a172e3e..ade895c 100644
--- a/interface/include/config_impl.h.template
+++ b/interface/include/config_impl.h.template
@@ -27,7 +27,7 @@
#if CONFIG_TFM_SPM_BACKEND_IPC == 1
/* Trustzone NS agent working stack size. */
-#if defined(TFM_FIH_PROFILE_ON) && TFM_LVL == 1
+#if defined(TFM_FIH_PROFILE_ON) && TFM_ISOLATION_LEVEL == 1
#define {{"%-56s"|format("CONFIG_TFM_NS_AGENT_TZ_STACK_SIZE")}} 1256
#else
#define {{"%-56s"|format("CONFIG_TFM_NS_AGENT_TZ_STACK_SIZE")}} 1024
diff --git a/lib/ext/tf-m-tests/repo_config_default.cmake b/lib/ext/tf-m-tests/repo_config_default.cmake
index bf4eb54..2e45626 100644
--- a/lib/ext/tf-m-tests/repo_config_default.cmake
+++ b/lib/ext/tf-m-tests/repo_config_default.cmake
@@ -10,5 +10,5 @@
# Default configs of tf-m-tests repo
set(TFM_TEST_REPO_PATH "DOWNLOAD" CACHE PATH "Path to TFM-TEST repo (or DOWNLOAD to fetch automatically")
-set(TFM_TEST_REPO_VERSION "0eca5ea" CACHE STRING "The version of tf-m-tests to use")
+set(TFM_TEST_REPO_VERSION "03d6a93" CACHE STRING "The version of tf-m-tests to use")
set(CMSIS_5_PATH "DOWNLOAD" CACHE PATH "Path to CMSIS_5 (or DOWNLOAD to fetch automatically")
diff --git a/platform/ext/common/tfm_hal_isolation_v8m.c b/platform/ext/common/tfm_hal_isolation_v8m.c
index 72bebec..62f5643 100644
--- a/platform/ext/common/tfm_hal_isolation_v8m.c
+++ b/platform/ext/common/tfm_hal_isolation_v8m.c
@@ -132,7 +132,7 @@
ARM_MPU_EXECUTE_OK),
#ifdef TFM_PXN_ENABLE
ARM_MPU_RLAR_PXN((uint32_t)®ION_NAME(Image$$, TFM_APP_CODE_END, $$Base) - 1,
- #if TFM_LVL == 1
+ #if TFM_ISOLATION_LEVEL == 1
ARM_MPU_PRIVILEGE_EXECUTE_OK,
#else
ARM_MPU_PRIVILEGE_EXECUTE_NEVER,
@@ -282,7 +282,7 @@
const uintptr_t* mmio_list;
size_t mmio_list_length;
-#if TFM_LVL == 2
+#if TFM_ISOLATION_LEVEL == 2
ARM_MPU_Region_t local_mpu_region;
uint32_t mpu_region_num;
#endif
@@ -290,7 +290,7 @@
return TFM_HAL_ERROR_GENERIC;
}
-#if TFM_LVL == 1
+#if TFM_ISOLATION_LEVEL == 1
privileged = true;
#else
privileged = IS_PSA_ROT(p_ldinf);
@@ -336,7 +336,7 @@
plat_data_ptr->periph_ppc_mask);
}
}
-#if TFM_LVL == 2
+#if TFM_ISOLATION_LEVEL == 2
/*
* Static boundaries are set. Set up MPU region for MMIO.
* Setup regions for unprivileged assets only.
diff --git a/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c b/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
index 8d8e7c0..d9cb1b4 100644
--- a/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
+++ b/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
@@ -175,7 +175,7 @@
return TFM_HAL_ERROR_GENERIC;
}
-#if TFM_LVL == 1
+#if TFM_ISOLATION_LEVEL == 1
privileged = true;
#else
privileged = IS_PSA_ROT(p_ldinf);
diff --git a/platform/ext/target/arm/corstone1000/tfm_hal_multi_core.c b/platform/ext/target/arm/corstone1000/tfm_hal_multi_core.c
index 1146ffe..f0e2bc3 100644
--- a/platform/ext/target/arm/corstone1000/tfm_hal_multi_core.c
+++ b/platform/ext/target/arm/corstone1000/tfm_hal_multi_core.c
@@ -92,7 +92,7 @@
{
/* Check static memory layout to get memory attributes */
tfm_get_secure_mem_region_attr(p, s, p_attr);
-#if TFM_LVL >= 2
+#if TFM_ISOLATION_LEVEL >= 2
p_attr->is_mpu_enabled = true;
#endif
}
diff --git a/platform/ext/target/arm/mps2/an519/tfm_hal_isolation.c b/platform/ext/target/arm/mps2/an519/tfm_hal_isolation.c
index 1fc87a1..69ea34f 100644
--- a/platform/ext/target/arm/mps2/an519/tfm_hal_isolation.c
+++ b/platform/ext/target/arm/mps2/an519/tfm_hal_isolation.c
@@ -166,14 +166,14 @@
uint32_t partition_attrs = 0;
const struct asset_desc_t *p_asset;
struct platform_data_t *plat_data_ptr;
-#if TFM_LVL == 2
+#if TFM_ISOLATION_LEVEL == 2
struct mpu_armv8m_region_cfg_t localcfg;
#endif
if (!p_ldinf || !p_boundary) {
return TFM_HAL_ERROR_GENERIC;
}
-#if TFM_LVL == 1
+#if TFM_ISOLATION_LEVEL == 1
privileged = true;
#else
privileged = IS_PSA_ROT(p_ldinf);
@@ -217,7 +217,7 @@
plat_data_ptr->periph_ppc_loc);
}
}
-#if TFM_LVL == 2
+#if TFM_ISOLATION_LEVEL == 2
/*
* Static boundaries are set. Set up MPU region for MMIO.
* Setup regions for unprivileged assets only.
diff --git a/platform/ext/target/arm/mps2/an521/mmio_defs.h b/platform/ext/target/arm/mps2/an521/mmio_defs.h
index 8994d1e..0e35ff4 100644
--- a/platform/ext/target/arm/mps2/an521/mmio_defs.h
+++ b/platform/ext/target/arm/mps2/an521/mmio_defs.h
@@ -20,7 +20,7 @@
#define HANDLE_ATTR_PRIV_MASK (0x1UL << HANDLE_ATTR_PRIV_POS)
#define HANDLE_ATTR_NS_POS 0U
#define HANDLE_ATTR_NS_MASK (0x1UL << HANDLE_ATTR_NS_POS)
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
#define HANDLE_PER_ATTR_BITS (0x4)
#define HANDLE_ATTR_RW_POS (1 << (HANDLE_PER_ATTR_BITS - 1))
#define HANDLE_ATTR_INDEX_MASK (HANDLE_ATTR_RW_POS - 1)
diff --git a/platform/ext/target/arm/mps2/an521/tfm_hal_isolation.c b/platform/ext/target/arm/mps2/an521/tfm_hal_isolation.c
index 0942267..4f4609c 100644
--- a/platform/ext/target/arm/mps2/an521/tfm_hal_isolation.c
+++ b/platform/ext/target/arm/mps2/an521/tfm_hal_isolation.c
@@ -40,7 +40,7 @@
REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$ZI$$Limit);
#endif /* CONFIG_TFM_PARTITION_META */
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
/* Isolation level 3 needs to reserve at lease one MPU region for private data asset. */
#define MIN_NR_PRIVATE_DATA_REGION 1
@@ -85,7 +85,7 @@
}
#endif
};
-#else /* TFM_LVL == 3 */
+#else /* TFM_ISOLATION_LEVEL == 3 */
/* Isolation level 1&2 do not need to reserve MPU region for private data asset. */
#define MIN_NR_PRIVATE_DATA_REGION 0
@@ -152,7 +152,7 @@
}
#endif
};
-#endif /* TFM_LVL == 3 */
+#endif /* TFM_ISOLATION_LEVEL == 3 */
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
#ifdef TFM_FIH_PROFILE_ON
@@ -382,7 +382,7 @@
bool privileged;
bool ns_agent;
uint32_t partition_attrs = 0;
-#if (CONFIG_TFM_MMIO_REGION_ENABLE == 1) && (TFM_LVL == 2)
+#if (CONFIG_TFM_MMIO_REGION_ENABLE == 1) && (TFM_ISOLATION_LEVEL == 2)
struct mpu_armv8m_region_cfg_t localcfg;
#endif
#if CONFIG_TFM_MMIO_REGION_ENABLE == 1
@@ -396,7 +396,7 @@
FIH_RET(fih_int_encode(TFM_HAL_ERROR_GENERIC));
}
-#if TFM_LVL == 1
+#if TFM_ISOLATION_LEVEL == 1
privileged = true;
#else
privileged = IS_PSA_ROT(p_ldinf);
@@ -455,7 +455,7 @@
}
}
}
-#if TFM_LVL == 2
+#if TFM_ISOLATION_LEVEL == 2
/*
* Static boundaries are set. Set up MPU region for MMIO.
* Setup regions for unprivileged assets only.
@@ -474,7 +474,7 @@
FIH_RET(fih_int_encode(TFM_HAL_ERROR_GENERIC));
}
}
-#elif TFM_LVL == 3
+#elif TFM_ISOLATION_LEVEL == 3
/* Encode MMIO attributes into the "partition_attrs". */
partition_attrs <<= HANDLE_PER_ATTR_BITS;
partition_attrs |= ((j + 1) & HANDLE_ATTR_INDEX_MASK);
@@ -485,7 +485,7 @@
}
#endif /* CONFIG_TFM_MMIO_REGION_ENABLE == 1 */
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
partition_attrs <<= HANDLE_PER_ATTR_BITS;
/*
* Highest 8 bits are reserved for index, if they are non-zero, MMIO numbers
@@ -513,7 +513,7 @@
CONTROL_Type ctrl;
uint32_t local_handle = (uint32_t)boundary;
bool privileged = !!(local_handle & HANDLE_ATTR_PRIV_MASK);
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
struct mpu_armv8m_region_cfg_t localcfg;
uint32_t i;
#if CONFIG_TFM_MMIO_REGION_ENABLE == 1
@@ -522,14 +522,14 @@
#endif
const struct asset_desc_t *rt_mem;
fih_int fih_rc = FIH_FAILURE;
-#endif /* TFM_LVL == 3 */
+#endif /* TFM_ISOLATION_LEVEL == 3 */
/* Privileged level is required to be set always */
ctrl.w = __get_CONTROL();
ctrl.b.nPRIV = privileged ? 0 : 1;
__set_CONTROL(ctrl.w);
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
if (!p_ldinf) {
FIH_RET(fih_int_encode(TFM_HAL_ERROR_GENERIC));
}
@@ -599,7 +599,7 @@
FIH_RET(fih_int_encode(TFM_HAL_ERROR_GENERIC));
}
}
-#endif /* TFM_LVL == 3 */
+#endif /* TFM_ISOLATION_LEVEL == 3 */
FIH_RET(fih_int_encode(TFM_HAL_SUCCESS));
}
diff --git a/platform/ext/target/arm/mps2/an521/tfm_hal_platform.c b/platform/ext/target/arm/mps2/an521/tfm_hal_platform.c
index 4e2ae4f..a8601d5 100644
--- a/platform/ext/target/arm/mps2/an521/tfm_hal_platform.c
+++ b/platform/ext/target/arm/mps2/an521/tfm_hal_platform.c
@@ -57,7 +57,7 @@
#if defined(TEST_NS_FPU)
/* Set IRQn in non-secure mode */
NVIC_SetTargetState(TFM_FPU_NS_TEST_IRQ);
-#if (TFM_LVL >= 2)
+#if (TFM_ISOLATION_LEVEL >= 2)
/* On isolation level 2, FPU test ARoT service runs in unprivileged mode.
* Set SCB.CCR.USERSETMPEND as 1 to enable FPU test service to access STIR
* register.
diff --git a/platform/ext/target/arm/mps3/an552/tfm_hal_platform.c b/platform/ext/target/arm/mps3/an552/tfm_hal_platform.c
index b65aec4..3eb1c15 100644
--- a/platform/ext/target/arm/mps3/an552/tfm_hal_platform.c
+++ b/platform/ext/target/arm/mps3/an552/tfm_hal_platform.c
@@ -73,7 +73,7 @@
#if defined(TEST_NS_FPU)
/* Set IRQn in non-secure mode */
NVIC_SetTargetState(TFM_FPU_NS_TEST_IRQ);
-#if (TFM_LVL >= 2)
+#if (TFM_ISOLATION_LEVEL >= 2)
/* On isolation level 2, FPU test ARoT service runs in unprivileged mode.
* Set SCB.CCR.USERSETMPEND as 1 to enable FPU test service to access STIR
* register.
diff --git a/platform/ext/target/arm/musca_b1/mmio_defs.h b/platform/ext/target/arm/musca_b1/mmio_defs.h
index 5087113..a9f60e0 100644
--- a/platform/ext/target/arm/musca_b1/mmio_defs.h
+++ b/platform/ext/target/arm/musca_b1/mmio_defs.h
@@ -20,7 +20,7 @@
#define HANDLE_ATTR_PRIV_MASK (0x1UL << HANDLE_ATTR_PRIV_POS)
#define HANDLE_ATTR_NS_POS 0U
#define HANDLE_ATTR_NS_MASK (0x1UL << HANDLE_ATTR_NS_POS)
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
#define HANDLE_PER_ATTR_BITS (0x4)
#define HANDLE_ATTR_RW_POS (1 << (HANDLE_PER_ATTR_BITS - 1))
#define HANDLE_ATTR_INDEX_MASK (HANDLE_ATTR_RW_POS - 1)
diff --git a/platform/ext/target/arm/musca_b1/tfm_hal_isolation.c b/platform/ext/target/arm/musca_b1/tfm_hal_isolation.c
index f6537a6..7f0b1ce 100644
--- a/platform/ext/target/arm/musca_b1/tfm_hal_isolation.c
+++ b/platform/ext/target/arm/musca_b1/tfm_hal_isolation.c
@@ -39,7 +39,7 @@
REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$ZI$$Limit);
#endif
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
static uint32_t idx_boundary_handle = 0;
REGION_DECLARE(Image$$, PT_RO_START, $$Base);
REGION_DECLARE(Image$$, PT_RO_END, $$Base);
@@ -80,7 +80,7 @@
}
#endif
};
-#else /* TFM_LVL == 3 */
+#else /* TFM_ISOLATION_LEVEL == 3 */
REGION_DECLARE(Image$$, ER_VENEER, $$Base);
REGION_DECLARE(Image$$, VENEER_ALIGN, $$Limit);
@@ -91,7 +91,7 @@
REGION_DECLARE(Image$$, TFM_APP_RW_STACK_START, $$Base);
REGION_DECLARE(Image$$, TFM_APP_RW_STACK_END, $$Base);
-#endif /* TFM_LVL == 3 */
+#endif /* TFM_ISOLATION_LEVEL == 3 */
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
enum tfm_hal_status_t tfm_hal_set_up_static_boundaries(
@@ -112,7 +112,7 @@
#ifdef CONFIG_TFM_ENABLE_MEMORY_PROTECT
mpu_armv8m_clean(&dev_mpu_s);
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
int32_t i;
/*
@@ -133,7 +133,7 @@
}
}
n_configured_regions = i;
-#else /* TFM_LVL == 3 */
+#else /* TFM_ISOLATION_LEVEL == 3 */
struct mpu_armv8m_region_cfg_t region_cfg;
/* Veneer region */
@@ -211,7 +211,7 @@
}
n_configured_regions++;
#endif /* CONFIG_TFM_PARTITION_META */
-#endif /* TFM_LVL == 3 */
+#endif /* TFM_ISOLATION_LEVEL == 3 */
/* Enable MPU */
if (mpu_armv8m_enable(&dev_mpu_s,
@@ -272,7 +272,7 @@
uint32_t partition_attrs = 0;
const struct asset_desc_t *p_asset;
struct platform_data_t *plat_data_ptr;
-#if TFM_LVL == 2
+#if TFM_ISOLATION_LEVEL == 2
struct mpu_armv8m_region_cfg_t localcfg;
#endif
@@ -280,7 +280,7 @@
return TFM_HAL_ERROR_GENERIC;
}
-#if TFM_LVL == 1
+#if TFM_ISOLATION_LEVEL == 1
privileged = true;
#else
privileged = IS_PSA_ROT(p_ldinf);
@@ -325,7 +325,7 @@
}
}
-#if TFM_LVL == 2
+#if TFM_ISOLATION_LEVEL == 2
/*
* Static boundaries are set. Set up MPU region for MMIO.
* Setup regions for unprivileged assets only.
@@ -344,7 +344,7 @@
return TFM_HAL_ERROR_GENERIC;
}
}
-#elif TFM_LVL == 3
+#elif TFM_ISOLATION_LEVEL == 3
/* Encode MMIO attributes into the "partition_attrs". */
partition_attrs <<= HANDLE_PER_ATTR_BITS;
partition_attrs |= ((j + 1) & HANDLE_ATTR_INDEX_MASK);
@@ -354,7 +354,7 @@
#endif
}
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
partition_attrs <<= HANDLE_PER_ATTR_BITS;
/*
* Highest 8 bits are reserved for index, if they are non-zero, MMIO numbers
@@ -382,7 +382,7 @@
CONTROL_Type ctrl;
uint32_t local_handle = (uint32_t)boundary;
bool privileged = !!(local_handle & HANDLE_ATTR_PRIV_MASK);
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
struct mpu_armv8m_region_cfg_t localcfg;
uint32_t i, mmio_index;
struct platform_data_t *plat_data_ptr;
@@ -394,7 +394,7 @@
ctrl.b.nPRIV = privileged ? 0 : 1;
__set_CONTROL(ctrl.w);
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
if (!p_ldinf) {
return TFM_HAL_ERROR_GENERIC;
}
diff --git a/platform/ext/target/arm/musca_s1/tfm_hal_isolation.c b/platform/ext/target/arm/musca_s1/tfm_hal_isolation.c
index 0c446be..c0fb7f9 100644
--- a/platform/ext/target/arm/musca_s1/tfm_hal_isolation.c
+++ b/platform/ext/target/arm/musca_s1/tfm_hal_isolation.c
@@ -174,14 +174,14 @@
uint32_t partition_attrs = 0;
const struct asset_desc_t *p_asset;
struct platform_data_t *plat_data_ptr;
-#if TFM_LVL == 2
+#if TFM_ISOLATION_LEVEL == 2
struct mpu_armv8m_region_cfg_t localcfg;
#endif
if (!p_ldinf || !p_boundary) {
return TFM_HAL_ERROR_GENERIC;
}
-#if TFM_LVL == 1
+#if TFM_ISOLATION_LEVEL == 1
privileged = true;
#else
privileged = IS_PSA_ROT(p_ldinf);
@@ -227,7 +227,7 @@
plat_data_ptr->periph_ppc_loc);
}
}
-#if TFM_LVL == 2
+#if TFM_ISOLATION_LEVEL == 2
/*
* Static boundaries are set. Set up MPU region for MMIO.
* Setup regions for unprivileged assets only.
diff --git a/platform/ext/target/arm/rss/common/tfm_hal_isolation.c b/platform/ext/target/arm/rss/common/tfm_hal_isolation.c
index 73d9a0c..471986f 100644
--- a/platform/ext/target/arm/rss/common/tfm_hal_isolation.c
+++ b/platform/ext/target/arm/rss/common/tfm_hal_isolation.c
@@ -89,7 +89,7 @@
MPU_ARMV8M_AP_RO_PRIV_UNPRIV,
MPU_ARMV8M_SH_NONE,
#ifdef TFM_PXN_ENABLE
-#if TFM_LVL == 1
+#if TFM_ISOLATION_LEVEL == 1
MPU_ARMV8M_PRIV_EXEC_OK
#else
MPU_ARMV8M_PRIV_EXEC_NEVER
@@ -202,14 +202,14 @@
uint32_t partition_attrs = 0;
const struct asset_desc_t *p_asset;
struct platform_data_t *plat_data_ptr;
-#if TFM_LVL == 2
+#if TFM_ISOLATION_LEVEL == 2
struct mpu_armv8m_region_cfg_t localcfg;
#endif
if (!p_ldinf || !p_boundary) {
return TFM_HAL_ERROR_GENERIC;
}
-#if TFM_LVL == 1
+#if TFM_ISOLATION_LEVEL == 1
privileged = true;
#else
privileged = IS_PSA_ROT(p_ldinf);
@@ -253,7 +253,7 @@
plat_data_ptr->periph_ppc_mask);
}
}
-#if TFM_LVL == 2
+#if TFM_ISOLATION_LEVEL == 2
/*
* Static boundaries are set. Set up MPU region for MMIO.
* Setup regions for unprivileged assets only.
diff --git a/platform/ext/target/cypress/psoc64/tfm_hal_isolation.c b/platform/ext/target/cypress/psoc64/tfm_hal_isolation.c
index 402b068..b927f68 100644
--- a/platform/ext/target/cypress/psoc64/tfm_hal_isolation.c
+++ b/platform/ext/target/cypress/psoc64/tfm_hal_isolation.c
@@ -102,7 +102,7 @@
return TFM_HAL_ERROR_GENERIC;
}
-#if TFM_LVL == 1
+#if TFM_ISOLATION_LEVEL == 1
privileged = true;
#else
privileged = IS_PSA_ROT(p_ldinf);
diff --git a/platform/ext/target/nordic_nrf/common/core/tfm_hal_isolation.c b/platform/ext/target/nordic_nrf/common/core/tfm_hal_isolation.c
index 5a0e277..6c9633b 100644
--- a/platform/ext/target/nordic_nrf/common/core/tfm_hal_isolation.c
+++ b/platform/ext/target/nordic_nrf/common/core/tfm_hal_isolation.c
@@ -79,7 +79,7 @@
bool ns_agent;
uint32_t partition_attrs = 0;
-#if TFM_LVL == 1
+#if TFM_ISOLATION_LEVEL == 1
privileged = true;
#else
privileged = IS_PSA_ROT(p_ldinf);
diff --git a/platform/ext/target/nuvoton/common/mmio_defs.h b/platform/ext/target/nuvoton/common/mmio_defs.h
index 8994d1e..0e35ff4 100644
--- a/platform/ext/target/nuvoton/common/mmio_defs.h
+++ b/platform/ext/target/nuvoton/common/mmio_defs.h
@@ -20,7 +20,7 @@
#define HANDLE_ATTR_PRIV_MASK (0x1UL << HANDLE_ATTR_PRIV_POS)
#define HANDLE_ATTR_NS_POS 0U
#define HANDLE_ATTR_NS_MASK (0x1UL << HANDLE_ATTR_NS_POS)
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
#define HANDLE_PER_ATTR_BITS (0x4)
#define HANDLE_ATTR_RW_POS (1 << (HANDLE_PER_ATTR_BITS - 1))
#define HANDLE_ATTR_INDEX_MASK (HANDLE_ATTR_RW_POS - 1)
diff --git a/platform/ext/target/nuvoton/common/tfm_hal_isolation.c b/platform/ext/target/nuvoton/common/tfm_hal_isolation.c
index c25819b..c957755 100644
--- a/platform/ext/target/nuvoton/common/tfm_hal_isolation.c
+++ b/platform/ext/target/nuvoton/common/tfm_hal_isolation.c
@@ -40,7 +40,7 @@
REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$ZI$$Limit);
#endif /* CONFIG_TFM_PARTITION_META */
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
static uint32_t idx_boundary_handle = 0;
REGION_DECLARE(Image$$, PT_RO_START, $$Base);
REGION_DECLARE(Image$$, PT_RO_END, $$Base);
@@ -82,7 +82,7 @@
}
#endif
};
-#else /* TFM_LVL == 3 */
+#else /* TFM_ISOLATION_LEVEL == 3 */
REGION_DECLARE(Image$$, ER_VENEER, $$Base);
REGION_DECLARE(Image$$, VENEER_ALIGN, $$Limit);
@@ -147,7 +147,7 @@
}
#endif
};
-#endif /* TFM_LVL == 3 */
+#endif /* TFM_ISOLATION_LEVEL == 3 */
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
enum tfm_hal_status_t tfm_hal_set_up_static_boundaries(
@@ -167,7 +167,7 @@
mpu_armv8m_clean(&dev_mpu_s);
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
/*
* Update MPU region numbers. The numbers start from 0 and are continuous.
* Under isolation level3, at lease one MPU region is reserved for private
@@ -186,7 +186,7 @@
}
}
n_configured_regions = i;
-#else /* TFM_LVL == 3 */
+#else /* TFM_ISOLATION_LEVEL == 3 */
if (ARRAY_SIZE(region_cfg) > MPU_REGION_NUM) {
return TFM_HAL_ERROR_GENERIC;
}
@@ -200,7 +200,7 @@
}
}
n_configured_regions = i;
-#endif /* TFM_LVL == 3 */
+#endif /* TFM_ISOLATION_LEVEL == 3 */
/* Enable MPU */
if (mpu_armv8m_enable(&dev_mpu_s,
@@ -260,7 +260,7 @@
uint32_t partition_attrs = 0;
const struct asset_desc_t *p_asset;
struct platform_data_t *plat_data_ptr;
-#if TFM_LVL == 2
+#if TFM_ISOLATION_LEVEL == 2
struct mpu_armv8m_region_cfg_t localcfg;
#endif
@@ -268,7 +268,7 @@
return TFM_HAL_ERROR_GENERIC;
}
-#if TFM_LVL == 1
+#if TFM_ISOLATION_LEVEL == 1
privileged = true;
#else
privileged = IS_PSA_ROT(p_ldinf);
@@ -312,7 +312,7 @@
plat_data_ptr->periph_ppc_loc);
}
}
-#if TFM_LVL == 2
+#if TFM_ISOLATION_LEVEL == 2
/*
* Static boundaries are set. Set up MPU region for MMIO.
* Setup regions for unprivileged assets only.
@@ -331,7 +331,7 @@
return TFM_HAL_ERROR_GENERIC;
}
}
-#elif TFM_LVL == 3
+#elif TFM_ISOLATION_LEVEL == 3
/* Encode MMIO attributes into the "partition_attrs". */
partition_attrs <<= HANDLE_PER_ATTR_BITS;
partition_attrs |= ((j + 1) & HANDLE_ATTR_INDEX_MASK);
@@ -341,7 +341,7 @@
#endif
}
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
partition_attrs <<= HANDLE_PER_ATTR_BITS;
/*
* Highest 8 bits are reserved for index, if they are non-zero, MMIO numbers
@@ -369,7 +369,7 @@
CONTROL_Type ctrl;
uint32_t local_handle = (uint32_t)boundary;
bool privileged = !!(local_handle & HANDLE_ATTR_PRIV_MASK);
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
struct mpu_armv8m_region_cfg_t localcfg;
uint32_t i, mmio_index;
struct platform_data_t *plat_data_ptr;
@@ -381,7 +381,7 @@
ctrl.b.nPRIV = privileged ? 0 : 1;
__set_CONTROL(ctrl.w);
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
if (!p_ldinf) {
return TFM_HAL_ERROR_GENERIC;
}
diff --git a/platform/ext/target/nxp/common/mmio_defs.h b/platform/ext/target/nxp/common/mmio_defs.h
index b142151..fd05154 100644
--- a/platform/ext/target/nxp/common/mmio_defs.h
+++ b/platform/ext/target/nxp/common/mmio_defs.h
@@ -20,7 +20,7 @@
#define HANDLE_ATTR_PRIV_MASK (0x1UL << HANDLE_ATTR_PRIV_POS)
#define HANDLE_ATTR_NS_POS 0U
#define HANDLE_ATTR_NS_MASK (0x1UL << HANDLE_ATTR_NS_POS)
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
#define HANDLE_PER_ATTR_BITS (0x4)
#define HANDLE_ATTR_RW_POS (1 << (HANDLE_PER_ATTR_BITS - 1))
#define HANDLE_ATTR_INDEX_MASK (HANDLE_ATTR_RW_POS - 1)
diff --git a/platform/ext/target/nxp/common/tfm_hal_isolation.c b/platform/ext/target/nxp/common/tfm_hal_isolation.c
index 31dbf84..4e1380a 100644
--- a/platform/ext/target/nxp/common/tfm_hal_isolation.c
+++ b/platform/ext/target/nxp/common/tfm_hal_isolation.c
@@ -45,7 +45,7 @@
REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$ZI$$Limit);
#endif
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
static uint32_t idx_boundary_handle = 0;
REGION_DECLARE(Image$$, PT_RO_START, $$Base);
REGION_DECLARE(Image$$, PT_RO_END, $$Base);
@@ -86,7 +86,7 @@
}
#endif
};
-#else /* TFM_LVL == 3 */
+#else /* TFM_ISOLATION_LEVEL == 3 */
REGION_DECLARE(Image$$, ER_VENEER, $$Base);
REGION_DECLARE(Image$$, VENEER_ALIGN, $$Limit);
@@ -97,7 +97,7 @@
REGION_DECLARE(Image$$, TFM_APP_RW_STACK_START, $$Base);
REGION_DECLARE(Image$$, TFM_APP_RW_STACK_END, $$Base);
-#endif /* TFM_LVL == 3 */
+#endif /* TFM_ISOLATION_LEVEL == 3 */
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
FIH_RET_TYPE(enum tfm_hal_status_t) tfm_hal_set_up_static_boundaries(
@@ -120,7 +120,7 @@
struct mpu_armv8m_dev_t dev_mpu_s = { MPU_BASE };
mpu_armv8m_clean(&dev_mpu_s);
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
int32_t i;
/*
@@ -141,7 +141,7 @@
}
}
n_configured_regions = i;
-#else /* TFM_LVL == 3 */
+#else /* TFM_ISOLATION_LEVEL == 3 */
struct mpu_armv8m_region_cfg_t region_cfg;
/* Veneer region */
@@ -268,7 +268,7 @@
}
n_configured_regions++;
#endif /* CONFIG_TFM_PARTITION_META */
-#endif /* TFM_LVL == 3 */
+#endif /* TFM_ISOLATION_LEVEL == 3 */
/* Enable MPU */
FIH_CALL(mpu_armv8m_enable, fih_rc, &dev_mpu_s,
@@ -329,7 +329,7 @@
uint32_t partition_attrs = 0;
const struct asset_desc_t *p_asset;
struct platform_data_t *plat_data_ptr;
-#if TFM_LVL == 2
+#if TFM_ISOLATION_LEVEL == 2
struct mpu_armv8m_region_cfg_t localcfg;
fih_int fih_rc = FIH_FAILURE;
#endif
@@ -338,7 +338,7 @@
FIH_RET(fih_int_encode(TFM_HAL_ERROR_GENERIC));
}
-#if TFM_LVL == 1
+#if TFM_ISOLATION_LEVEL == 1
privileged = true;
#else
privileged = IS_PSA_ROT(p_ldinf);
@@ -371,7 +371,7 @@
plat_data_ptr = REFERENCE_TO_PTR(p_asset[i].dev.dev_ref,
struct platform_data_t *);
ppc_configure_to_secure(plat_data_ptr, privileged);
-#if TFM_LVL == 2
+#if TFM_ISOLATION_LEVEL == 2
/*
* Static boundaries are set. Set up MPU region for MMIO.
* Setup regions for unprivileged assets only.
@@ -390,7 +390,7 @@
FIH_RET(fih_int_encode(TFM_HAL_ERROR_GENERIC));
}
}
-#elif TFM_LVL == 3
+#elif TFM_ISOLATION_LEVEL == 3
/* Encode MMIO attributes into the "partition_attrs". */
partition_attrs <<= HANDLE_PER_ATTR_BITS;
partition_attrs |= ((j + 1) & HANDLE_ATTR_INDEX_MASK);
@@ -400,7 +400,7 @@
#endif
}
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
partition_attrs <<= HANDLE_PER_ATTR_BITS;
/*
* Highest 8 bits are reserved for index, if they are non-zero, MMIO numbers
@@ -428,7 +428,7 @@
CONTROL_Type ctrl;
uint32_t local_handle = (uint32_t)boundary;
bool privileged = !!(local_handle & HANDLE_ATTR_PRIV_MASK);
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
fih_int fih_rc = FIH_FAILURE;
struct mpu_armv8m_region_cfg_t localcfg;
uint32_t i, mmio_index;
@@ -441,7 +441,7 @@
ctrl.b.nPRIV = privileged ? 0 : 1;
__set_CONTROL(ctrl.w);
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
if (!p_ldinf) {
FIH_RET(fih_int_encode(TFM_HAL_ERROR_GENERIC));
}
diff --git a/platform/ext/target/stm/common/stm32l5xx/boards/mmio_defs.h b/platform/ext/target/stm/common/stm32l5xx/boards/mmio_defs.h
index b142151..fd05154 100644
--- a/platform/ext/target/stm/common/stm32l5xx/boards/mmio_defs.h
+++ b/platform/ext/target/stm/common/stm32l5xx/boards/mmio_defs.h
@@ -20,7 +20,7 @@
#define HANDLE_ATTR_PRIV_MASK (0x1UL << HANDLE_ATTR_PRIV_POS)
#define HANDLE_ATTR_NS_POS 0U
#define HANDLE_ATTR_NS_MASK (0x1UL << HANDLE_ATTR_NS_POS)
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
#define HANDLE_PER_ATTR_BITS (0x4)
#define HANDLE_ATTR_RW_POS (1 << (HANDLE_PER_ATTR_BITS - 1))
#define HANDLE_ATTR_INDEX_MASK (HANDLE_ATTR_RW_POS - 1)
diff --git a/platform/ext/target/stm/common/stm32l5xx/secure/tfm_hal_isolation.c b/platform/ext/target/stm/common/stm32l5xx/secure/tfm_hal_isolation.c
index a19cee2..9ef02f8 100644
--- a/platform/ext/target/stm/common/stm32l5xx/secure/tfm_hal_isolation.c
+++ b/platform/ext/target/stm/common/stm32l5xx/secure/tfm_hal_isolation.c
@@ -41,7 +41,7 @@
REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$ZI$$Limit);
#endif /* CONFIG_TFM_PARTITION_META */
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
static uint32_t idx_boundary_handle = 0;
REGION_DECLARE(Image$$, PT_RO_START, $$Base);
REGION_DECLARE(Image$$, PT_RO_END, $$Base);
@@ -83,7 +83,7 @@
}
#endif
};
-#else /* TFM_LVL == 3 */
+#else /* TFM_ISOLATION_LEVEL == 3 */
REGION_DECLARE(Image$$, ER_VENEER, $$Base);
REGION_DECLARE(Image$$, VENEER_ALIGN, $$Limit);
@@ -148,7 +148,7 @@
}
#endif
};
-#endif /* TFM_LVL == 3 */
+#endif /* TFM_ISOLATION_LEVEL == 3 */
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
enum tfm_hal_status_t tfm_hal_set_up_static_boundaries(
@@ -169,7 +169,7 @@
mpu_armv8m_clean(&dev_mpu_s);
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
/*
* Update MPU region numbers. The numbers start from 0 and are continuous.
* Under isolation level 3, at lease one MPU region is reserved for private
@@ -188,7 +188,7 @@
}
}
n_configured_regions = i;
-#else /* TFM_LVL == 3 */
+#else /* TFM_ISOLATION_LEVEL == 3 */
if (ARRAY_SIZE(region_cfg) > MPU_REGION_NUM) {
return TFM_HAL_ERROR_GENERIC;
}
@@ -202,7 +202,7 @@
}
}
n_configured_regions = i;
-#endif /* TFM_LVL == 3 */
+#endif /* TFM_ISOLATION_LEVEL == 3 */
/* Enable MPU */
if (mpu_armv8m_enable(&dev_mpu_s,
@@ -262,7 +262,7 @@
bool ns_agent;
uint32_t partition_attrs = 0;
const struct asset_desc_t *p_asset;
-#if TFM_LVL == 2
+#if TFM_ISOLATION_LEVEL == 2
struct platform_data_t *plat_data_ptr;
struct mpu_armv8m_region_cfg_t localcfg;
#endif
@@ -271,7 +271,7 @@
return TFM_HAL_ERROR_GENERIC;
}
-#if TFM_LVL == 1
+#if TFM_ISOLATION_LEVEL == 1
privileged = true;
#else
privileged = IS_PSA_ROT(p_ldinf);
@@ -300,7 +300,7 @@
/* The MMIO asset is not in the allowed list of platform. */
return TFM_HAL_ERROR_GENERIC;
}
-#if TFM_LVL == 2
+#if TFM_ISOLATION_LEVEL == 2
plat_data_ptr = REFERENCE_TO_PTR(p_asset[i].dev.dev_ref,
struct platform_data_t *);
/*
@@ -321,7 +321,7 @@
return TFM_HAL_ERROR_GENERIC;
}
}
-#elif TFM_LVL == 3
+#elif TFM_ISOLATION_LEVEL == 3
/* Encode MMIO attributes into the "partition_attrs". */
partition_attrs <<= HANDLE_PER_ATTR_BITS;
partition_attrs |= ((j + 1) & HANDLE_ATTR_INDEX_MASK);
@@ -331,7 +331,7 @@
#endif
}
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
partition_attrs <<= HANDLE_PER_ATTR_BITS;
/*
* Highest 8 bits are reserved for index, if they are non-zero, MMIO numbers
@@ -359,7 +359,7 @@
CONTROL_Type ctrl;
uint32_t local_handle = (uint32_t)boundary;
bool privileged = !!(local_handle & HANDLE_ATTR_PRIV_MASK);
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
struct mpu_armv8m_region_cfg_t localcfg;
uint32_t i, mmio_index;
struct platform_data_t *plat_data_ptr;
@@ -371,7 +371,7 @@
ctrl.b.nPRIV = privileged ? 0 : 1;
__set_CONTROL(ctrl.w);
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
if (!p_ldinf) {
return TFM_HAL_ERROR_GENERIC;
}
diff --git a/platform/ext/target/stm/common/stm32u5xx/Device/Source/gcc/tfm_common_s.ld b/platform/ext/target/stm/common/stm32u5xx/Device/Source/gcc/tfm_common_s.ld
index 885cc20..96d4782 100644
--- a/platform/ext/target/stm/common/stm32u5xx/Device/Source/gcc/tfm_common_s.ld
+++ b/platform/ext/target/stm/common/stm32u5xx/Device/Source/gcc/tfm_common_s.ld
@@ -129,7 +129,7 @@
Image$$TFM_PSA_CODE_END$$Base = .;
-#if TFM_LVL != 1
+#if TFM_ISOLATION_LEVEL != 1
.ARM.extab :
{
*(.ARM.extab* .gnu.linkonce.armextab.*)
@@ -142,7 +142,7 @@
} > FLASH
__exidx_end = .;
-#endif /* TFM_LVL != 1 */
+#endif /* TFM_ISOLATION_LEVEL != 1 */
.ER_TFM_CODE : ALIGN(4)
{
@@ -219,7 +219,7 @@
} > RAM
__StackSeal = ADDR(.msp_stack_seal_res);
-#if (TFM_LVL == 1)
+#if (TFM_ISOLATION_LEVEL == 1)
.heap : ALIGN(8)
{
__end__ = .;
@@ -229,9 +229,9 @@
__HeapLimit = .;
__heap_limit = .; /* Add for _sbrk */
} > RAM
-#endif /* TFM_LVL == 1 */
+#endif /* TFM_ISOLATION_LEVEL == 1 */
-#if TFM_LVL != 1
+#if TFM_ISOLATION_LEVEL != 1
#ifdef TFM_PARTITION_TEST_SECURE_SERVICES
.TFM_SP_SECURE_TEST_PARTITION_LINKER_DATA : ALIGN(32)
{
@@ -244,7 +244,7 @@
/* FixMe:
* Test framework use printf to print out test result. Implementation of
* printf in GCC libc use static data and heap as well. To be able to
- * execute test suites with TFM_LVL=3 this workaround is needed to
+ * execute test suites with TFM_ISOLATION_LEVEL=3 this workaround is needed to
* allocate libc static data and heap within the data section of secure
* test partition. This can be removed if test service will be executed
* in privileged mode.
@@ -272,7 +272,7 @@
__heap_limit = .; /* Add for _sbrk */
} > RAM AT> RAM
#endif /* TFM_PARTITION_TEST_SECURE_SERVICES */
-#endif /* TFM_LVL != 1 */
+#endif /* TFM_ISOLATION_LEVEL != 1 */
/**** PSA RoT DATA start here */
diff --git a/platform/ext/target/stm/common/stm32u5xx/boards/mmio_defs.h b/platform/ext/target/stm/common/stm32u5xx/boards/mmio_defs.h
index 86fce80..1a5c390 100644
--- a/platform/ext/target/stm/common/stm32u5xx/boards/mmio_defs.h
+++ b/platform/ext/target/stm/common/stm32u5xx/boards/mmio_defs.h
@@ -20,7 +20,7 @@
#define HANDLE_ATTR_PRIV_MASK (0x1UL << HANDLE_ATTR_PRIV_POS)
#define HANDLE_ATTR_NS_POS 0U
#define HANDLE_ATTR_NS_MASK (0x1UL << HANDLE_ATTR_NS_POS)
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
#define HANDLE_PER_ATTR_BITS (0x4)
#define HANDLE_ATTR_RW_POS (1 << (HANDLE_PER_ATTR_BITS - 1))
#define HANDLE_ATTR_INDEX_MASK (HANDLE_ATTR_RW_POS - 1)
diff --git a/platform/ext/target/stm/common/stm32u5xx/secure/tfm_hal_isolation.c b/platform/ext/target/stm/common/stm32u5xx/secure/tfm_hal_isolation.c
index 9fa25f9..8ef5337 100644
--- a/platform/ext/target/stm/common/stm32u5xx/secure/tfm_hal_isolation.c
+++ b/platform/ext/target/stm/common/stm32u5xx/secure/tfm_hal_isolation.c
@@ -360,7 +360,7 @@
uint32_t partition_attrs = 0;
const struct asset_desc_t *p_asset;
struct platform_data_t *plat_data_ptr;
-#if TFM_LVL == 2
+#if TFM_ISOLATION_LEVEL == 2
struct mpu_armv8m_region_cfg_t localcfg;
#endif
@@ -368,7 +368,7 @@
FIH_RET(fih_int_encode(TFM_HAL_ERROR_GENERIC));
}
-#if TFM_LVL == 1
+#if TFM_ISOLATION_LEVEL == 1
privileged = true;
#else
privileged = IS_PSA_ROT(p_ldinf);
@@ -397,7 +397,7 @@
/* The MMIO asset is not in the allowed list of platform. */
FIH_RET(fih_int_encode(TFM_HAL_ERROR_GENERIC));
}
-#if TFM_LVL == 2
+#if TFM_ISOLATION_LEVEL == 2
plat_data_ptr = REFERENCE_TO_PTR(p_asset[i].dev.dev_ref,
struct platform_data_t *);
/*
diff --git a/platform/include/tfm_plat_defs.h b/platform/include/tfm_plat_defs.h
index 7ee662d..3c7ae6c 100644
--- a/platform/include/tfm_plat_defs.h
+++ b/platform/include/tfm_plat_defs.h
@@ -26,7 +26,7 @@
TFM_PLAT_ERR_FORCE_INT_SIZE = INT_MAX
};
-#if defined(TFM_LVL) && (TFM_LVL != 1)
+#if defined(TFM_ISOLATION_LEVEL) && (TFM_ISOLATION_LEVEL != 1)
/*!
* \def TFM_LINK_SET_RO_IN_PARTITION_SECTION(TFM_PARTITION_NAME)
diff --git a/secure_fw/include/build_config_check.h b/secure_fw/include/build_config_check.h
index 636640e..7f01e8e 100644
--- a/secure_fw/include/build_config_check.h
+++ b/secure_fw/include/build_config_check.h
@@ -28,10 +28,10 @@
#endif
/* Check isolation levels. */
-#ifndef TFM_LVL
-#error TFM_LVL is not defined.
-#elif (TFM_LVL != 1) && (TFM_LVL != 2) && (TFM_LVL != 3)
-#error Invalid TFM_LVL value. The possible values are 1, 2 and 3.
+#ifndef TFM_ISOLATION_LEVEL
+#error TFM_ISOLATION_LEVEL is not defined.
+#elif (TFM_ISOLATION_LEVEL != 1) && (TFM_ISOLATION_LEVEL != 2) && (TFM_ISOLATION_LEVEL != 3)
+#error Invalid TFM_ISOLATION_LEVEL value. The possible values are 1, 2 and 3.
#endif
/* Check if there are unsupported thread priority. */
diff --git a/secure_fw/partitions/idle_partition/load_info_idle_sp.c b/secure_fw/partitions/idle_partition/load_info_idle_sp.c
index 4b17b66..748b4a4 100644
--- a/secure_fw/partitions/idle_partition/load_info_idle_sp.c
+++ b/secure_fw/partitions/idle_partition/load_info_idle_sp.c
@@ -17,7 +17,7 @@
#include "region_defs.h"
#include "tfm_s_linker_alignments.h"
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
#define TFM_SP_IDLE_NASSETS (1)
#endif
@@ -31,7 +31,7 @@
/* per-partition variable length load data */
uintptr_t stack_addr;
uintptr_t heap_addr;
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
struct asset_desc_t assets[TFM_SP_IDLE_NASSETS];
#endif
} __attribute__((aligned(4)));
@@ -58,7 +58,7 @@
.heap_size = 0,
.ndeps = 0,
.nservices = 0,
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
.nassets = TFM_SP_IDLE_NASSETS,
#else
.nassets = 0,
@@ -66,7 +66,7 @@
},
.stack_addr = (uintptr_t)idle_sp_stack,
.heap_addr = 0,
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
.assets = {
{
.mem.start = (uintptr_t)idle_sp_stack,
diff --git a/secure_fw/partitions/lib/runtime/service_api.c b/secure_fw/partitions/lib/runtime/service_api.c
index 1ed1ad9..3e9576d 100644
--- a/secure_fw/partitions/lib/runtime/service_api.c
+++ b/secure_fw/partitions/lib/runtime/service_api.c
@@ -22,7 +22,7 @@
);
}
-#if TFM_LVL != 1
+#if TFM_ISOLATION_LEVEL != 1
/* Entry point when Partition FLIH functions return */
__attribute__((naked))
void tfm_flih_func_return(psa_flih_result_t result)
@@ -30,4 +30,4 @@
__ASM volatile("SVC "M2S(TFM_SVC_FLIH_FUNC_RETURN)" \n"
);
}
-#endif /* TFM_LVL != 1 */
+#endif /* TFM_ISOLATION_LEVEL != 1 */
diff --git a/secure_fw/partitions/ns_agent_mailbox/tfm_multi_core_mem_check.c b/secure_fw/partitions/ns_agent_mailbox/tfm_multi_core_mem_check.c
index 5b8339e..ba6958d 100644
--- a/secure_fw/partitions/ns_agent_mailbox/tfm_multi_core_mem_check.c
+++ b/secure_fw/partitions/ns_agent_mailbox/tfm_multi_core_mem_check.c
@@ -18,8 +18,8 @@
#include "tfm_arch.h"
#include "utilities.h"
-#ifndef TFM_LVL
-#error TFM_LVL is not defined!
+#ifndef TFM_ISOLATION_LEVEL
+#error TFM_ISOLATION_LEVEL is not defined!
#endif
void tfm_get_mem_region_security_attr(const void *p, size_t s,
@@ -52,7 +52,7 @@
p_attr->is_valid = false;
}
-#if TFM_LVL == 2
+#if TFM_ISOLATION_LEVEL == 2
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE_START, $$RO$$Base);
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE_END, $$RO$$Limit);
#ifdef CONFIG_TFM_PARTITION_META
@@ -68,7 +68,7 @@
void tfm_get_secure_mem_region_attr(const void *p, size_t s,
struct mem_attr_info_t *p_attr)
{
-#if TFM_LVL == 1
+#if TFM_ISOLATION_LEVEL == 1
p_attr->is_mpu_enabled = false;
p_attr->is_valid = true;
@@ -91,7 +91,7 @@
}
p_attr->is_valid = false;
-#elif TFM_LVL == 2
+#elif TFM_ISOLATION_LEVEL == 2
uintptr_t base, limit;
p_attr->is_mpu_enabled = false;
@@ -317,8 +317,8 @@
static enum tfm_status_e secure_mem_attr_check(struct mem_attr_info_t attr,
uint8_t flags)
{
-#if TFM_LVL == 1
- /* Privileged/unprivileged is ignored in TFM_LVL == 1 */
+#if TFM_ISOLATION_LEVEL == 1
+ /* Privileged/unprivileged is ignored in TFM_ISOLATION_LEVEL == 1 */
if ((flags & MEM_CHECK_MPU_READWRITE) &&
(attr.is_priv_rd_allow || attr.is_unpriv_rd_allow) &&
@@ -420,7 +420,7 @@
/* Retrieve access attributes of secure memory region */
tfm_hal_get_secure_access_attr(p, s, &mem_attr);
-#if TFM_LVL != 1
+#if TFM_ISOLATION_LEVEL != 1
/* Secure MPU must be enabled in Isolation Level 2 and 3 */
if (!mem_attr.is_mpu_enabled) {
tfm_core_panic();
diff --git a/secure_fw/partitions/ns_agent_tz/load_info_ns_agent_tz.c b/secure_fw/partitions/ns_agent_tz/load_info_ns_agent_tz.c
index b51ee06..5f18b16 100644
--- a/secure_fw/partitions/ns_agent_tz/load_info_ns_agent_tz.c
+++ b/secure_fw/partitions/ns_agent_tz/load_info_ns_agent_tz.c
@@ -26,7 +26,7 @@
#define TFM_SP_NS_AGENT_NDEPS (0)
#define TFM_SP_NS_AGENT_NSERVS (0)
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
#define TFM_SP_NS_AGENT_NASSETS (1)
#endif
@@ -47,7 +47,7 @@
/* per-partition variable length load data */
uintptr_t stack_addr;
uintptr_t heap_addr;
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
struct asset_desc_t assets[TFM_SP_NS_AGENT_NASSETS];
#endif
} __attribute__((aligned(4)));
@@ -71,7 +71,7 @@
.heap_size = 0,
.ndeps = TFM_SP_NS_AGENT_NDEPS,
.nservices = TFM_SP_NS_AGENT_NSERVS,
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
.nassets = TFM_SP_NS_AGENT_NASSETS,
#else
.nassets = 0,
@@ -79,7 +79,7 @@
},
.stack_addr = (uintptr_t)ns_agent_tz_stack,
.heap_addr = 0,
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
.assets = {
{
.mem.start = (uintptr_t)ns_agent_tz_stack,
diff --git a/secure_fw/spm/core/backend_ipc.c b/secure_fw/spm/core/backend_ipc.c
index 53937ae..ef7f0f0 100644
--- a/secure_fw/spm/core/backend_ipc.c
+++ b/secure_fw/spm/core/backend_ipc.c
@@ -129,7 +129,7 @@
ARCH_CTXCTRL_ALLOCATED_PTR(ctx_ctrl);
p_rt_meta->entry = p_pt_ldi->entry;
-#if TFM_LVL == 1
+#if TFM_ISOLATION_LEVEL == 1
p_rt_meta->psa_fns = &psa_api_cross;
#else
/* TODO: ABI for PRoT partitions needs to be updated based on implementations. */
diff --git a/secure_fw/spm/core/interrupt.c b/secure_fw/spm/core/interrupt.c
index 0b5e043..2caf165 100644
--- a/secure_fw/spm/core/interrupt.c
+++ b/secure_fw/spm/core/interrupt.c
@@ -25,7 +25,7 @@
extern uintptr_t spm_boundary;
-#if TFM_LVL != 1
+#if TFM_ISOLATION_LEVEL != 1
extern void tfm_flih_func_return(psa_flih_result_t result);
__attribute__((naked))
@@ -161,7 +161,7 @@
flih_result = PSA_FLIH_SIGNAL;
} else {
/* FLIH Model Handling */
-#if TFM_LVL == 1
+#if TFM_ISOLATION_LEVEL == 1
flih_result = p_ildi->flih_func();
#else
if (!tfm_hal_boundary_need_switch(spm_boundary,
diff --git a/secure_fw/spm/core/main.c b/secure_fw/spm/core/main.c
index 17a0cde..eb29267 100644
--- a/secure_fw/spm/core/main.c
+++ b/secure_fw/spm/core/main.c
@@ -65,7 +65,7 @@
SPMLOG_INFMSG("\033[1;34m[Sec Thread] Secure image initializing!\033[0m\r\n");
- SPMLOG_DBGMSGVAL("TF-M isolation level is: ", TFM_LVL);
+ SPMLOG_DBGMSGVAL("TF-M isolation level is: ", TFM_ISOLATION_LEVEL);
#if (CONFIG_TFM_FLOAT_ABI == 2)
SPMLOG_INFMSG("TF-M Float ABI: Hard\r\n");
diff --git a/secure_fw/spm/core/tfm_svcalls.c b/secure_fw/spm/core/tfm_svcalls.c
index 1704f0f..1a14bd5 100644
--- a/secure_fw/spm/core/tfm_svcalls.c
+++ b/secure_fw/spm/core/tfm_svcalls.c
@@ -102,7 +102,7 @@
case TFM_SVC_GET_BOOT_DATA:
tfm_core_get_boot_data_handler(svc_args);
break;
-#if (TFM_LVL != 1) && (CONFIG_TFM_FLIH_API == 1)
+#if (TFM_ISOLATION_LEVEL != 1) && (CONFIG_TFM_FLIH_API == 1)
case TFM_SVC_PREPARE_DEPRIV_FLIH:
exc_return = tfm_flih_prepare_depriv_flih((struct partition_t *)svc_args[0],
(uintptr_t)svc_args[1]);
diff --git a/tools/templates/partition_load_info.template b/tools/templates/partition_load_info.template
index 0a4eb8b..29276e0 100644
--- a/tools/templates/partition_load_info.template
+++ b/tools/templates/partition_load_info.template
@@ -31,7 +31,7 @@
{% set counter.service_counter = manifest.services|count %}
#define {{"%-55s"|format(manifest.name|upper + "_NSERVS")}} ({{"%d"|format(counter.service_counter)}})
{% set counter.asset_counter = manifest.mmio_regions|count %}
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
#define {{"%-55s"|format(manifest.name|upper + "_NASSETS")}} ({{"%d"|format(counter.asset_counter)}} + 1)
#else
#define {{"%-55s"|format(manifest.name|upper + "_NASSETS")}} ({{"%d"|format(counter.asset_counter)}})
@@ -40,7 +40,7 @@
#define {{"%-55s"|format(manifest.name|upper + "_NIRQS")}} ({{"%d"|format(counter.irq_counter)}})
/* Memory region declaration */
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
REGION_DECLARE(Image$$, PT_{{manifest.name}}_PRIVATE, _DATA_START$$Base);
REGION_DECLARE(Image$$, PT_{{manifest.name}}_PRIVATE, _DATA_END$$Base);
#endif
@@ -82,7 +82,7 @@
{% if counter.service_counter > 0 %}
struct service_load_info_t services[{{(manifest.name|upper + "_NSERVS")}}];
{% endif %}
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
struct asset_desc_t assets[{{(manifest.name|upper + "_NASSETS")}}];
#else
{% if counter.asset_counter > 0 %}
@@ -184,7 +184,7 @@
{% endfor %}
},
{% endif %}
-#if TFM_LVL == 3
+#if TFM_ISOLATION_LEVEL == 3
.assets = {
{
.mem.start = (uintptr_t)®ION_NAME(Image$$, PT_{{manifest.name}}_PRIVATE, _DATA_START$$Base),