Core: Rename and move __cmse_secure_gateway macro
-- The __cmse_secure_gateway macro is renamed to better
reflect its scope to __tfm_secure_gateway_attributes__
-- The macro is moved to tfm_secure_api.h to allow it
to be visible to all veneer definitions, and it's
removed from the corresponding declarations.
Change-Id: I8e8151d4af6f4f888e353c69ed9a8264794a88c3
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
diff --git a/interface/include/tfm_sst_api.h b/interface/include/tfm_sst_api.h
index 3cdb64e..66865ac 100644
--- a/interface/include/tfm_sst_api.h
+++ b/interface/include/tfm_sst_api.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017, Arm Limited. All rights reserved.
+ * Copyright (c) 2017 - 2018, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -12,6 +12,8 @@
extern "C" {
#endif
+#include "tfm_sst_defs.h"
+
/**
* \brief Gets handler for the given asset UUID. If an asset is deleted, the
* linked asset handle reference is no longer valid and will give
diff --git a/interface/include/tfm_sst_veneers.h b/interface/include/tfm_sst_veneers.h
index 791bbb0..db11d4e 100644
--- a/interface/include/tfm_sst_veneers.h
+++ b/interface/include/tfm_sst_veneers.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017, Arm Limited. All rights reserved.
+ * Copyright (c) 2017 - 2018, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -14,9 +14,6 @@
#include "tfm_sst_defs.h"
-#define __cmse_secure_gateway \
- __attribute__((cmse_nonsecure_entry, noinline, section("SFN")))
-
/**
* \brief Gets handler for the given asset uuid. If an asset is deleted, the
* linked asset handle reference is no longer valid and will give
@@ -32,9 +29,7 @@
*/
enum tfm_sst_err_t tfm_sst_veneer_get_handle(uint32_t app_id,
uint16_t asset_uuid,
- uint32_t *hdl)
-__cmse_secure_gateway;
-
+ uint32_t *hdl);
/**
* \brief Allocates space for the asset, referenced by asset handler,
* without setting any data in the asset.
@@ -47,8 +42,7 @@
* TFM_SST_ERR_STORAGE_SYSTEM_FULL. If application id doesn't have the
* write rights, it returns TFM_SST_ERR_PERMS_NOT_ALLOWED.
*/
-enum tfm_sst_err_t tfm_sst_veneer_create(uint32_t app_id, uint16_t asset_uuid)
-__cmse_secure_gateway;
+enum tfm_sst_err_t tfm_sst_veneer_create(uint32_t app_id, uint16_t asset_uuid);
/**
* \brief Gets asset's attributes referenced by asset handler.
@@ -60,12 +54,10 @@
*
* \return Returns error code as specified in \ref tfm_sst_err_t
*/
-extern enum tfm_sst_err_t tfm_sst_veneer_get_attributes(
+enum tfm_sst_err_t tfm_sst_veneer_get_attributes(
uint32_t app_id,
uint32_t asset_handle,
- struct tfm_sst_attribs_t *attrib_struct)
-__cmse_secure_gateway;
-
+ struct tfm_sst_attribs_t *attrib_struct);
/**
* \brief Reads asset's data from asset referenced by asset handler.
*
@@ -79,9 +71,7 @@
*/
enum tfm_sst_err_t tfm_sst_veneer_read(uint32_t app_id,
uint32_t asset_handle,
- struct tfm_sst_buf_t *data)
-__cmse_secure_gateway;
-
+ struct tfm_sst_buf_t *data);
/**
* \brief Writes data into an asset referenced by asset handler.
*
@@ -95,9 +85,7 @@
*/
enum tfm_sst_err_t tfm_sst_veneer_write(uint32_t app_id,
uint32_t asset_handle,
- struct tfm_sst_buf_t *data)
-__cmse_secure_gateway;
-
+ struct tfm_sst_buf_t *data);
/**
* \brief Deletes the asset referenced by the asset handler.
*
@@ -109,9 +97,7 @@
* no longer exists. Otherwise, TFM_SST_ERR_SUCCESS.
*/
enum tfm_sst_err_t tfm_sst_veneer_delete(uint32_t app_id,
- uint32_t asset_handle)
-__cmse_secure_gateway;
-
+ uint32_t asset_handle);
#ifdef __cplusplus
}
#endif
diff --git a/secure_fw/core/tfm_secure_api.h b/secure_fw/core/tfm_secure_api.h
index d9c3563..5504e0b 100644
--- a/secure_fw/core/tfm_secure_api.h
+++ b/secure_fw/core/tfm_secure_api.h
@@ -13,6 +13,14 @@
#include "secure_utilities.h"
#include "tfm_core.h"
+/*!
+ * \def __tfm_secure_gateway_attributes__
+ *
+ * \brief Attributes for secure gateway functions
+ */
+#define __tfm_secure_gateway_attributes__ \
+ __attribute__((cmse_nonsecure_entry, noinline, section("SFN")))
+
/* Currently only fully blocking NS while partitions are running is supported */
#define TFM_API_DEPRIORITIZE
diff --git a/secure_fw/ns_callable/tfm_sst_veneers.c b/secure_fw/ns_callable/tfm_sst_veneers.c
index 3ce21e2..d95bc0b 100644
--- a/secure_fw/ns_callable/tfm_sst_veneers.c
+++ b/secure_fw/ns_callable/tfm_sst_veneers.c
@@ -11,6 +11,7 @@
#include "tfm_api.h"
#include "secure_fw/spm/spm_api.h"
+__tfm_secure_gateway_attributes__
enum tfm_sst_err_t tfm_sst_veneer_get_handle(uint32_t app_id,
uint16_t asset_uuid,
uint32_t *hdl)
@@ -19,12 +20,14 @@
app_id, asset_uuid, hdl, 0);
}
+__tfm_secure_gateway_attributes__
enum tfm_sst_err_t tfm_sst_veneer_create(uint32_t app_id, uint16_t asset_uuid)
{
TFM_CORE_SFN_REQUEST(TFM_SP_STORAGE_ID, sst_am_create,
app_id, asset_uuid, 0, 0);
}
+__tfm_secure_gateway_attributes__
enum tfm_sst_err_t tfm_sst_veneer_get_attributes(
uint32_t app_id,
uint32_t asset_handle,
@@ -34,6 +37,7 @@
app_id, asset_handle, attrib, 0);
}
+__tfm_secure_gateway_attributes__
enum tfm_sst_err_t tfm_sst_veneer_read(uint32_t app_id, uint32_t asset_handle,
struct tfm_sst_buf_t *data)
{
@@ -41,6 +45,7 @@
asset_handle, data, 0);
}
+__tfm_secure_gateway_attributes__
enum tfm_sst_err_t tfm_sst_veneer_write(uint32_t app_id, uint32_t asset_handle,
struct tfm_sst_buf_t *data)
{
@@ -48,6 +53,7 @@
asset_handle, data, 0);
}
+__tfm_secure_gateway_attributes__
enum tfm_sst_err_t tfm_sst_veneer_delete(uint32_t app_id, uint32_t asset_handle)
{
TFM_CORE_SFN_REQUEST(TFM_SP_STORAGE_ID, sst_am_delete, app_id,
diff --git a/test/test_services/tfm_core_test/tfm_ss_core_test_veneers.c b/test/test_services/tfm_core_test/tfm_ss_core_test_veneers.c
index 7273231..f104424 100644
--- a/test/test_services/tfm_core_test/tfm_ss_core_test_veneers.c
+++ b/test/test_services/tfm_core_test/tfm_ss_core_test_veneers.c
@@ -10,6 +10,7 @@
#include "tfm_ss_core_test.h"
#include "secure_fw/spm/spm_api.h"
+__tfm_secure_gateway_attributes__
int32_t tfm_core_test_sfn_init_success(void)
{
TFM_CORE_SFN_REQUEST(TFM_SP_CORE_TEST_ID,
@@ -17,6 +18,7 @@
0, 0, 0, 0);
}
+__tfm_secure_gateway_attributes__
int32_t tfm_core_test_sfn_direct_recursion(int32_t depth)
{
TFM_CORE_SFN_REQUEST(TFM_SP_CORE_TEST_ID,
@@ -24,6 +26,7 @@
depth, 0, 0, 0);
}
+__tfm_secure_gateway_attributes__
int32_t tfm_core_test_sfn(int32_t a, int32_t b, int32_t c, int32_t d)
{
TFM_CORE_SFN_REQUEST(TFM_SP_CORE_TEST_ID, spm_core_test_sfn,
diff --git a/test/test_services/tfm_core_test/tfm_ss_core_test_veneers.h b/test/test_services/tfm_core_test/tfm_ss_core_test_veneers.h
index 555d820..293835d 100644
--- a/test/test_services/tfm_core_test/tfm_ss_core_test_veneers.h
+++ b/test/test_services/tfm_core_test/tfm_ss_core_test_veneers.h
@@ -21,8 +21,7 @@
* \return Returns \ref CORE_TEST_ERRNO_SUCCESS on success, and
* \ref CORE_TEST_ERRNO_SP_NOT_INITED on failure.
*/
-int32_t tfm_core_test_sfn_init_success(void)
-__attribute__((cmse_nonsecure_entry, noinline, section("SFN")));
+int32_t tfm_core_test_sfn_init_success(void);
/**
* \brief Tests what happens when a service calls itself directly.
@@ -31,8 +30,7 @@
*
* \return Returns \ref CORE_TEST_ERRNO_SUCCESS on succes, error othervise.
*/
-int32_t tfm_core_test_sfn_direct_recursion(int32_t depth)
-__attribute__((cmse_nonsecure_entry, noinline, section("SFN")));
+int32_t tfm_core_test_sfn_direct_recursion(int32_t depth);
/**
* \brief Entry point for multiple test cases to be executed on the secure side.
@@ -44,8 +42,7 @@
*
* \return Can return various error codes.
*/
-int32_t tfm_core_test_sfn(int32_t a, int32_t b, int32_t c, int32_t d)
-__attribute__((cmse_nonsecure_entry, noinline, section("SFN")));
+int32_t tfm_core_test_sfn(int32_t a, int32_t b, int32_t c, int32_t d);
#ifdef __cplusplus
}
diff --git a/test/test_services/tfm_core_test_2/tfm_ss_core_test_2_veneers.c b/test/test_services/tfm_core_test_2/tfm_ss_core_test_2_veneers.c
index f3993b8..6ac3585 100644
--- a/test/test_services/tfm_core_test_2/tfm_ss_core_test_2_veneers.c
+++ b/test/test_services/tfm_core_test_2/tfm_ss_core_test_2_veneers.c
@@ -11,6 +11,7 @@
#include "secure_fw/spm/spm_api.h"
/* Add functions to the service*/
+__tfm_secure_gateway_attributes__
int32_t tfm_core_test_2_veneer_slave_service(void)
{
TFM_CORE_SFN_REQUEST(TFM_SP_CORE_TEST_2_ID,
@@ -18,6 +19,7 @@
0, 0, 0, 0);
}
+__tfm_secure_gateway_attributes__
int32_t tfm_core_test_2_sfn_invert(int32_t *res_ptr, uint32_t *in_ptr,
uint32_t *out_ptr, int32_t len)
{
diff --git a/test/test_services/tfm_core_test_2/tfm_ss_core_test_2_veneers.h b/test/test_services/tfm_core_test_2/tfm_ss_core_test_2_veneers.h
index 55b02b4..a483a98 100644
--- a/test/test_services/tfm_core_test_2/tfm_ss_core_test_2_veneers.h
+++ b/test/test_services/tfm_core_test_2/tfm_ss_core_test_2_veneers.h
@@ -20,8 +20,7 @@
*
* \return Returns \ref TFM_SUCCESS.
*/
-int32_t tfm_core_test_2_veneer_slave_service(void)
-__attribute__((cmse_nonsecure_entry, noinline, section("SFN")));
+int32_t tfm_core_test_2_veneer_slave_service(void);
/**
* \brief Bitwise inverts the buffer received as input.
@@ -33,10 +32,10 @@
*
* \return Returns \ref TFM_SUCCESS on success, TFM_PARTITION_BUSY otherwise.
*/
-__attribute__((cmse_nonsecure_entry, noinline, section("SFN")))
-int32_t tfm_core_test_2_sfn_invert(
- int32_t *res_ptr, uint32_t *in_ptr, uint32_t *out_ptr, int32_t len);
-
+int32_t tfm_core_test_2_sfn_invert(int32_t *res_ptr,
+ uint32_t *in_ptr,
+ uint32_t *out_ptr,
+ int32_t len);
#ifdef __cplusplus
}
#endif
diff --git a/test/test_services/tfm_sst_test_service/sst_test_service_veneers.c b/test/test_services/tfm_sst_test_service/sst_test_service_veneers.c
index a3a4613..170aacb 100644
--- a/test/test_services/tfm_sst_test_service/sst_test_service_veneers.c
+++ b/test/test_services/tfm_sst_test_service/sst_test_service_veneers.c
@@ -11,6 +11,7 @@
#include "secure_fw/core/tfm_secure_api.h"
#include "secure_fw/spm/service_defs.h"
+__tfm_secure_gateway_attributes__
enum tfm_sst_err_t sst_test_service_veneer_setup(void)
{
TFM_CORE_SFN_REQUEST(TFM_SP_SST_TEST_PARTITION_ID,
@@ -18,6 +19,7 @@
0, 0, 0, 0);
}
+__tfm_secure_gateway_attributes__
enum tfm_sst_err_t sst_test_service_veneer_dummy_encrypt(uint32_t app_id,
uint16_t key_uuid,
uint8_t *buf,
@@ -28,6 +30,7 @@
app_id, key_uuid, buf, buf_size);
}
+__tfm_secure_gateway_attributes__
enum tfm_sst_err_t sst_test_service_veneer_dummy_decrypt(uint32_t app_id,
uint16_t key_uuid,
uint8_t *buf,
@@ -38,6 +41,7 @@
app_id, key_uuid, buf, buf_size);
}
+__tfm_secure_gateway_attributes__
enum tfm_sst_err_t sst_test_service_veneer_clean(void)
{
TFM_CORE_SFN_REQUEST(TFM_SP_SST_TEST_PARTITION_ID,
diff --git a/test/test_services/tfm_sst_test_service/sst_test_service_veneers.h b/test/test_services/tfm_sst_test_service/sst_test_service_veneers.h
index 4171d28..c75c7eb 100644
--- a/test/test_services/tfm_sst_test_service/sst_test_service_veneers.h
+++ b/test/test_services/tfm_sst_test_service/sst_test_service_veneers.h
@@ -15,17 +15,13 @@
extern "C" {
#endif
-#define __cmse_secure_gateway \
-__attribute__((cmse_nonsecure_entry, noinline, section("SFN")))
-
/**
* \brief Sets-up the SST test service so that it is ready for test functions to
* be called.
*
* \return Returns error code as specified in \ref tfm_sst_err_t
*/
-enum tfm_sst_err_t sst_test_service_veneer_setup(void)
-__cmse_secure_gateway;
+enum tfm_sst_err_t sst_test_service_veneer_setup(void);
/**
* \brief Performs a dummy encryption on the supplied buffer, using the key
@@ -41,9 +37,7 @@
enum tfm_sst_err_t sst_test_service_veneer_dummy_encrypt(uint32_t app_id,
uint16_t key_uuid,
uint8_t *buf,
- uint32_t buf_size)
-__cmse_secure_gateway;
-
+ uint32_t buf_size);
/**
* \brief Performs a dummy decryption on the supplied buffer, using the key
* stored in the asset with the given UUID.
@@ -58,16 +52,13 @@
enum tfm_sst_err_t sst_test_service_veneer_dummy_decrypt(uint32_t app_id,
uint16_t key_uuid,
uint8_t *buf,
- uint32_t buf_size)
-__cmse_secure_gateway;
-
+ uint32_t buf_size);
/**
* \brief Cleans the secure storage used by the SST test service.
*
* \return Returns error code as specified in \ref tfm_sst_err_t
*/
-enum tfm_sst_err_t sst_test_service_veneer_clean(void)
-__cmse_secure_gateway;
+enum tfm_sst_err_t sst_test_service_veneer_clean(void);
#ifdef __cplusplus
}