FWU: Align FWU to FF 1.1
Ailgn FWU service to FF1.1 and convert it into a stateless service.
Signed-off-by: Sherry Zhang <sherry.zhang2@arm.com>
Change-Id: I5719b52e30ba839ab36094005c6e9fc56ad26962
diff --git a/docs/integration_guide/services/tfm_secure_partition_addition.rst b/docs/integration_guide/services/tfm_secure_partition_addition.rst
index 54aae39..fdbaf56 100644
--- a/docs/integration_guide/services/tfm_secure_partition_addition.rst
+++ b/docs/integration_guide/services/tfm_secure_partition_addition.rst
@@ -231,6 +231,7 @@
TFM_SP_PS 2
TFM_SP_ITS 3
TFM_SP_INITIAL_ATTESTATION 4
+ TFM_SP_FWU 5
=============================== =======================
mmio_regions
diff --git a/interface/include/tfm_fwu_defs.h b/interface/include/tfm_fwu_defs.h
index 9041fd3..fe7e2bf 100644
--- a/interface/include/tfm_fwu_defs.h
+++ b/interface/include/tfm_fwu_defs.h
@@ -19,6 +19,14 @@
#define FWU_IMAGE_TYPE_SECURE 0x02U
#define FWU_IMAGE_TYPE_FULL 0x03U
+/* FWU message types that distinguish FWU services. */
+#define TFM_FWU_WRITE 1001
+#define TFM_FWU_INSTALL 1002
+#define TFM_FWU_ABORT 1003
+#define TFM_FWU_QUERY 1004
+#define TFM_FWU_REQUEST_REBOOT 1005
+#define TFM_FWU_ACCEPT 1006
+
#ifdef __cplusplus
}
#endif
diff --git a/interface/src/tfm_firmware_update_ipc_api.c b/interface/src/tfm_firmware_update_ipc_api.c
index 60d4b2e..3cba758 100644
--- a/interface/src/tfm_firmware_update_ipc_api.c
+++ b/interface/src/tfm_firmware_update_ipc_api.c
@@ -15,39 +15,20 @@
const void *block,
size_t block_size)
{
- psa_status_t status;
- psa_handle_t handle;
-
psa_invec in_vec[] = {
{ .base = &image_id, .len = sizeof(image_id) },
{ .base = &block_offset, .len = sizeof(block_offset) },
{ .base = block, .len = block_size }
};
- handle = psa_connect(TFM_FWU_WRITE_SID, TFM_FWU_WRITE_VERSION);
- if (!PSA_HANDLE_IS_VALID(handle)) {
- return PSA_ERROR_GENERIC_ERROR;
- }
-
- status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), NULL,
- 0);
-
- psa_close(handle);
-
- if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) {
- return PSA_ERROR_INVALID_ARGUMENT;
- }
-
- return status;
+ return psa_call(TFM_FIRMWARE_UPDATE_SERVICE_HANDLE, TFM_FWU_WRITE,
+ in_vec, IOVEC_LEN(in_vec), NULL, 0);
}
psa_status_t psa_fwu_install(const psa_image_id_t image_id,
psa_image_id_t *dependency_uuid,
psa_image_version_t *dependency_version)
{
- psa_status_t status;
- psa_handle_t handle;
-
psa_invec in_vec[] = {
{ .base = &image_id, .len = sizeof(image_id) }
};
@@ -61,54 +42,22 @@
return PSA_ERROR_INVALID_ARGUMENT;
}
- handle = psa_connect(TFM_FWU_INSTALL_SID, TFM_FWU_INSTALL_VERSION);
- if (!PSA_HANDLE_IS_VALID(handle)) {
- return PSA_ERROR_GENERIC_ERROR;
- }
-
- status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec),
- out_vec, IOVEC_LEN(out_vec));
-
- psa_close(handle);
-
- if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) {
- return PSA_ERROR_INVALID_ARGUMENT;
- }
-
- return status;
+ return psa_call(TFM_FIRMWARE_UPDATE_SERVICE_HANDLE, TFM_FWU_INSTALL,
+ in_vec, IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
}
psa_status_t psa_fwu_abort(const psa_image_id_t image_id)
{
- psa_status_t status;
- psa_handle_t handle;
-
psa_invec in_vec[] = {
{ .base = &image_id, .len = sizeof(image_id) }
};
- handle = psa_connect(TFM_FWU_ABORT_SID, TFM_FWU_ABORT_VERSION);
- if (!PSA_HANDLE_IS_VALID(handle)) {
- return PSA_ERROR_GENERIC_ERROR;
- }
-
- status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), NULL,
- 0);
-
- psa_close(handle);
-
- if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) {
- return PSA_ERROR_INVALID_ARGUMENT;
- }
-
- return status;
+ return psa_call(TFM_FIRMWARE_UPDATE_SERVICE_HANDLE, TFM_FWU_ABORT,
+ in_vec, IOVEC_LEN(in_vec), NULL, 0);
}
psa_status_t psa_fwu_query(const psa_image_id_t image_id, psa_image_info_t *info)
{
- psa_status_t status;
- psa_handle_t handle;
-
psa_invec in_vec[] = {
{ .base = &image_id, .len = sizeof(image_id) }
};
@@ -116,68 +65,24 @@
{ .base = info, .len = sizeof(*info)}
};
- handle = psa_connect(TFM_FWU_QUERY_SID, TFM_FWU_QUERY_VERSION);
- if (!PSA_HANDLE_IS_VALID(handle)) {
- return PSA_ERROR_GENERIC_ERROR;
- }
-
- status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), out_vec,
- IOVEC_LEN(out_vec));
-
- psa_close(handle);
-
- if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) {
- return PSA_ERROR_INVALID_ARGUMENT;
- }
-
- return status;
+ return psa_call(TFM_FIRMWARE_UPDATE_SERVICE_HANDLE, TFM_FWU_QUERY,
+ in_vec, IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
}
psa_status_t psa_fwu_request_reboot(void)
{
- psa_handle_t handle;
- psa_status_t status;
-
- handle = psa_connect(TFM_FWU_REQUEST_REBOOT_SID,
- TFM_FWU_REQUEST_REBOOT_VERSION);
- if (!PSA_HANDLE_IS_VALID(handle)) {
- return PSA_ERROR_GENERIC_ERROR;
- }
-
- status = psa_call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
-
- psa_close(handle);
-
- if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) {
- return PSA_ERROR_INVALID_ARGUMENT;
- }
-
- return status;
+ return psa_call(TFM_FIRMWARE_UPDATE_SERVICE_HANDLE, TFM_FWU_REQUEST_REBOOT,
+ NULL, 0, NULL, 0);
}
psa_status_t psa_fwu_accept(psa_image_id_t image_id)
{
- psa_handle_t handle;
- psa_status_t status;
psa_invec in_vec[] = {
{ .base = &image_id, .len = sizeof(image_id) }
};
- handle = psa_connect(TFM_FWU_ACCEPT_SID,
- TFM_FWU_ACCEPT_VERSION);
- if (!PSA_HANDLE_IS_VALID(handle)) {
- return PSA_ERROR_GENERIC_ERROR;
- }
-
- status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), NULL, 0);
-
- psa_close(handle);
-
- if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) {
- return PSA_ERROR_INVALID_ARGUMENT;
- }
-
- return status;
+ return psa_call(TFM_FIRMWARE_UPDATE_SERVICE_HANDLE, TFM_FWU_ACCEPT,
+ in_vec, IOVEC_LEN(in_vec), NULL, 0);
}
psa_status_t psa_fwu_set_manifest(psa_image_id_t image_id,
diff --git a/lib/ext/tf-m-tests/repo_config_default.cmake b/lib/ext/tf-m-tests/repo_config_default.cmake
index a4ce583..cf0bf71 100644
--- a/lib/ext/tf-m-tests/repo_config_default.cmake
+++ b/lib/ext/tf-m-tests/repo_config_default.cmake
@@ -8,5 +8,5 @@
# Default configs of tf-m-tests repo
set(TFM_TEST_REPO_PATH "DOWNLOAD" CACHE PATH "Path to TFM-TEST repo (or DOWNLOAD to fetch automatically")
-set(TFM_TEST_REPO_VERSION "71d5077" CACHE STRING "The version of tf-m-tests to use")
+set(TFM_TEST_REPO_VERSION "c5cb6d9" CACHE STRING "The version of tf-m-tests to use")
set(CMSIS_5_PATH "DOWNLOAD" CACHE PATH "Path to CMSIS_5 (or DOWNLOAD to fetch automatically")
diff --git a/secure_fw/partitions/firmware_update/bootloader/mcuboot/tfm_mcuboot_fwu.c b/secure_fw/partitions/firmware_update/bootloader/mcuboot/tfm_mcuboot_fwu.c
index ebadf59..0819512 100644
--- a/secure_fw/partitions/firmware_update/bootloader/mcuboot/tfm_mcuboot_fwu.c
+++ b/secure_fw/partitions/firmware_update/bootloader/mcuboot/tfm_mcuboot_fwu.c
@@ -49,7 +49,7 @@
} tfm_fwu_mcuboot_ctx_t;
static tfm_fwu_mcuboot_ctx_t mcuboot_ctx[TFM_FWU_MAX_IMAGES];
-static fwu_image_info_data_t boot_shared_data;
+static fwu_image_info_data_t __attribute__((aligned(4))) boot_shared_data;
static int convert_id_from_bl_to_mcuboot(bl_image_id_t bl_image_id,
uint8_t *mcuboot_image_id)
diff --git a/secure_fw/partitions/firmware_update/tfm_firmware_update.yaml b/secure_fw/partitions/firmware_update/tfm_firmware_update.yaml
index b4bc397..f97f498 100644
--- a/secure_fw/partitions/firmware_update/tfm_firmware_update.yaml
+++ b/secure_fw/partitions/firmware_update/tfm_firmware_update.yaml
@@ -6,11 +6,12 @@
#-------------------------------------------------------------------------------
{
- "psa_framework_version": 1.0,
+ "psa_framework_version": 1.1,
"name": "TFM_SP_FWU",
"type": "PSA-ROT",
"priority": "NORMAL",
- "entry_point": "tfm_fwu_init",
+ "model": "SFN",
+ "entry_init": "tfm_fwu_entry",
"stack_size": "0x600",
"secure_functions": [
{
@@ -58,46 +59,14 @@
],
"services" : [
{
- "name": "TFM_FWU_WRITE",
+ "name": "TFM_FIRMWARE_UPDATE_SERVICE",
"sid": "0x000000A0",
"non_secure_clients": true,
+ "connection_based": false,
+ "stateless_handle": 5,
"version": 1,
- "version_policy": "STRICT"
- },
- {
- "name": "TFM_FWU_INSTALL",
- "sid": "0x000000A1",
- "non_secure_clients": true,
- "version": 1,
- "version_policy": "STRICT"
- },
- {
- "name": "TFM_FWU_ABORT",
- "sid": "0x000000A2",
- "non_secure_clients": true,
- "version": 1,
- "version_policy": "STRICT"
- },
- {
- "name": "TFM_FWU_QUERY",
- "sid": "0x000000A3",
- "non_secure_clients": true,
- "version": 1,
- "version_policy": "STRICT"
- },
- {
- "name": "TFM_FWU_REQUEST_REBOOT",
- "sid": "0x000000A4",
- "non_secure_clients": true,
- "version": 1,
- "version_policy": "STRICT"
- },
- {
- "name": "TFM_FWU_ACCEPT",
- "sid": "0x000000A5",
- "non_secure_clients": true,
- "version": 1,
- "version_policy": "STRICT"
+ "version_policy": "STRICT",
+ "mm_iovec": "disable",
}
],
"dependencies": [
diff --git a/secure_fw/partitions/firmware_update/tfm_fwu_req_mngr.c b/secure_fw/partitions/firmware_update/tfm_fwu_req_mngr.c
index 0259f4e..68333d1 100644
--- a/secure_fw/partitions/firmware_update/tfm_fwu_req_mngr.c
+++ b/secure_fw/partitions/firmware_update/tfm_fwu_req_mngr.c
@@ -69,6 +69,7 @@
}
#ifndef TFM_PSA_API
+static bool fwu_is_init = false;
psa_status_t tfm_fwu_write_req(psa_invec *in_vec, size_t in_len,
psa_outvec *out_vec, size_t out_len)
{
@@ -81,6 +82,10 @@
(void)out_vec;
+ if (!fwu_is_init) {
+ return PSA_ERROR_GENERIC_ERROR;
+ }
+
/* Check input parameters. */
if (in_vec[0].len != sizeof(image_id) ||
in_vec[1].len != sizeof(block_offset)) {
@@ -136,6 +141,10 @@
psa_status_t status;
uint8_t image_index;
+ if (!fwu_is_init) {
+ return PSA_ERROR_GENERIC_ERROR;
+ }
+
/* Check input/output parameters. */
if (in_vec[0].len != sizeof(image_id) ||
out_vec[0].len != sizeof(*dependency_id) ||
@@ -181,6 +190,10 @@
psa_status_t result = 0;
uint8_t image_index;
+ if (!fwu_is_init) {
+ return PSA_ERROR_GENERIC_ERROR;
+ }
+
if ((in_vec[0].len != sizeof(image_id)) ||
(out_vec[0].len != sizeof(*info_p))) {
return PSA_ERROR_INVALID_ARGUMENT;
@@ -210,6 +223,10 @@
(void)in_len;
(void)out_len;
+ if (!fwu_is_init) {
+ return PSA_ERROR_GENERIC_ERROR;
+ }
+
tfm_internal_fwu_request_reboot();
/* If it goes here, then the reboot fails. */
@@ -224,6 +241,10 @@
psa_image_id_t image_id;
+ if (!fwu_is_init) {
+ return PSA_ERROR_GENERIC_ERROR;
+ }
+
if (in_vec[0].len != sizeof(image_id) || in_len != 1) {
return PSA_ERROR_INVALID_ARGUMENT;
}
@@ -245,6 +266,10 @@
(void)out_vec;
+ if (!fwu_is_init) {
+ return PSA_ERROR_GENERIC_ERROR;
+ }
+
if (in_vec[0].len != sizeof(image_id)) {
return PSA_ERROR_INVALID_ARGUMENT;
}
@@ -276,10 +301,7 @@
}
}
#else
-typedef psa_status_t (*fwu_func_t)(void);
-static psa_msg_t msg;
-
-static psa_status_t tfm_fwu_write_ipc(void)
+static psa_status_t tfm_fwu_write_req(const psa_msg_t *msg)
{
psa_image_id_t image_id;
size_t block_offset;
@@ -288,21 +310,21 @@
uint8_t image_index;
/* Check input parameters. */
- if (msg.in_size[2] > PSA_FWU_MAX_BLOCK_SIZE) {
+ if (msg->in_size[2] > PSA_FWU_MAX_BLOCK_SIZE) {
return PSA_ERROR_INVALID_ARGUMENT;
}
- if (msg.in_size[0] != sizeof(image_id) ||
- msg.in_size[1] != sizeof(block_offset)) {
+ if (msg->in_size[0] != sizeof(image_id) ||
+ msg->in_size[1] != sizeof(block_offset)) {
return PSA_ERROR_PROGRAMMER_ERROR;
}
- num = psa_read(msg.handle, 0, &image_id, sizeof(image_id));
+ num = psa_read(msg->handle, 0, &image_id, sizeof(image_id));
if (num != sizeof(image_id)) {
return PSA_ERROR_PROGRAMMER_ERROR;
}
- num = psa_read(msg.handle, 1, &block_offset, sizeof(block_offset));
+ num = psa_read(msg->handle, 1, &block_offset, sizeof(block_offset));
if (num != sizeof(block_offset)) {
return PSA_ERROR_PROGRAMMER_ERROR;
}
@@ -330,11 +352,11 @@
}
memset(data_block, 0, sizeof(data_block));
- data_length = msg.in_size[2];
+ data_length = msg->in_size[2];
while (data_length > 0) {
write_size = sizeof(data_block) <= data_length ?
sizeof(data_block) : data_length;
- num = psa_read(msg.handle, 2, data_block, write_size);
+ num = psa_read(msg->handle, 2, data_block, write_size);
if (num != write_size) {
return PSA_ERROR_PROGRAMMER_ERROR;
}
@@ -352,7 +374,7 @@
return PSA_SUCCESS;
}
-static psa_status_t tfm_fwu_install_ipc(void)
+static psa_status_t tfm_fwu_install_req(const psa_msg_t *msg)
{
psa_image_id_t image_id;
psa_image_id_t dependency_id;
@@ -362,13 +384,13 @@
uint8_t image_index;
/* Check input parameters. */
- if (msg.in_size[0] != sizeof(image_id) ||
- msg.out_size[0] != sizeof(dependency_id) ||
- msg.out_size[1] != sizeof(dependency_version)) {
+ if (msg->in_size[0] != sizeof(image_id) ||
+ msg->out_size[0] != sizeof(dependency_id) ||
+ msg->out_size[1] != sizeof(dependency_version)) {
return PSA_ERROR_PROGRAMMER_ERROR;
}
- num = psa_read(msg.handle, 0, &image_id, sizeof(image_id));
+ num = psa_read(msg->handle, 0, &image_id, sizeof(image_id));
if (num != sizeof(image_id)) {
return PSA_ERROR_PROGRAMMER_ERROR;
}
@@ -388,8 +410,8 @@
} else if (status == PSA_SUCCESS_REBOOT) {
fwu_ctx[image_index].image_state = PSA_IMAGE_REBOOT_NEEDED;
} else if (status == PSA_ERROR_DEPENDENCY_NEEDED) {
- psa_write(msg.handle, 0, &dependency_id, sizeof(dependency_id));
- psa_write(msg.handle, 1, &dependency_version,
+ psa_write(msg->handle, 0, &dependency_id, sizeof(dependency_id));
+ psa_write(msg->handle, 1, &dependency_version,
sizeof(dependency_version));
} else {
fwu_ctx[image_index].image_state = PSA_IMAGE_REJECTED;
@@ -399,7 +421,7 @@
}
}
-static psa_status_t tfm_fwu_query_ipc(void)
+static psa_status_t tfm_fwu_query_req(const psa_msg_t *msg)
{
psa_image_id_t image_id;
size_t num;
@@ -408,10 +430,10 @@
uint8_t image_index;
/* Check input parameters. */
- if (msg.in_size[0] != sizeof(image_id)) {
+ if (msg->in_size[0] != sizeof(image_id)) {
return PSA_ERROR_PROGRAMMER_ERROR;
}
- num = psa_read(msg.handle, 0, &image_id, sizeof(image_id));
+ num = psa_read(msg->handle, 0, &image_id, sizeof(image_id));
if (num != sizeof(image_id)) {
return PSA_ERROR_PROGRAMMER_ERROR;
}
@@ -425,29 +447,29 @@
}
}
- psa_write(msg.handle, 0, &info, sizeof(info));
+ psa_write(msg->handle, 0, &info, sizeof(info));
}
return result;
}
-static psa_status_t tfm_fwu_request_reboot_ipc(void)
+static psa_status_t tfm_fwu_request_reboot_req(void)
{
tfm_internal_fwu_request_reboot();
return PSA_SUCCESS;
}
-static psa_status_t tfm_fwu_accept_ipc(void)
+static psa_status_t tfm_fwu_accept_req(const psa_msg_t *msg)
{
psa_image_id_t image_id;
size_t num;
/* Check input parameters. */
- if (msg.in_size[0] != sizeof(image_id)) {
+ if (msg->in_size[0] != sizeof(image_id)) {
return PSA_ERROR_PROGRAMMER_ERROR;
}
- num = psa_read(msg.handle, 0, &image_id, sizeof(image_id));
+ num = psa_read(msg->handle, 0, &image_id, sizeof(image_id));
if (num != sizeof(image_id)) {
return PSA_ERROR_PROGRAMMER_ERROR;
}
@@ -458,18 +480,18 @@
return tfm_internal_fwu_accept(image_id);
}
-static psa_status_t tfm_fwu_abort_ipc(void)
+static psa_status_t tfm_fwu_abort_req(const psa_msg_t *msg)
{
psa_image_id_t image_id;
size_t num;
uint8_t image_index;
psa_status_t status;
- if (msg.in_size[0] != sizeof(image_id)) {
+ if (msg->in_size[0] != sizeof(image_id)) {
return PSA_ERROR_PROGRAMMER_ERROR;
}
- num = psa_read(msg.handle, 0, &image_id, sizeof(image_id));
+ num = psa_read(msg->handle, 0, &image_id, sizeof(image_id));
if (num != sizeof(image_id)) {
return PSA_ERROR_PROGRAMMER_ERROR;
}
@@ -500,61 +522,34 @@
}
}
-static void fwu_signal_handle(psa_signal_t signal, fwu_func_t pfn)
+psa_status_t tfm_firmware_update_service_sfn(const psa_msg_t *msg)
{
- psa_status_t status;
-
- status = psa_get(signal, &msg);
- if (status != PSA_SUCCESS) {
- return;
- }
-
- switch (msg.type) {
- case PSA_IPC_CONNECT:
- psa_reply(msg.handle, PSA_SUCCESS);
- break;
- case PSA_IPC_CALL:
- status = pfn();
- psa_reply(msg.handle, status);
- break;
- case PSA_IPC_DISCONNECT:
- psa_reply(msg.handle, PSA_SUCCESS);
- break;
+ switch (msg->type) {
+ case TFM_FWU_WRITE:
+ return tfm_fwu_write_req(msg);
+ case TFM_FWU_INSTALL:
+ return tfm_fwu_install_req(msg);
+ case TFM_FWU_ABORT:
+ return tfm_fwu_abort_req(msg);
+ case TFM_FWU_QUERY:
+ return tfm_fwu_query_req(msg);
+ case TFM_FWU_REQUEST_REBOOT:
+ return tfm_fwu_request_reboot_req();
+ case TFM_FWU_ACCEPT:
+ return tfm_fwu_accept_req(msg);
default:
- psa_panic();
+ return PSA_ERROR_NOT_SUPPORTED;
}
+ return PSA_ERROR_GENERIC_ERROR;
}
#endif
-
-psa_status_t tfm_fwu_init(void)
+psa_status_t tfm_fwu_entry(void)
{
-#ifdef TFM_PSA_API
- psa_signal_t signals = 0;
-
if (fwu_bootloader_init() != 0) {
- psa_panic();
+ return PSA_ERROR_GENERIC_ERROR;
}
-
- while (1) {
- signals = psa_wait(PSA_WAIT_ANY, PSA_BLOCK);
- if (signals & TFM_FWU_WRITE_SIGNAL) {
- fwu_signal_handle(TFM_FWU_WRITE_SIGNAL, tfm_fwu_write_ipc);
- } else if (signals & TFM_FWU_INSTALL_SIGNAL) {
- fwu_signal_handle(TFM_FWU_INSTALL_SIGNAL, tfm_fwu_install_ipc);
- } else if (signals & TFM_FWU_ABORT_SIGNAL) {
- fwu_signal_handle(TFM_FWU_ABORT_SIGNAL, tfm_fwu_abort_ipc);
- } else if (signals & TFM_FWU_QUERY_SIGNAL) {
- fwu_signal_handle(TFM_FWU_QUERY_SIGNAL, tfm_fwu_query_ipc);
- } else if (signals & TFM_FWU_REQUEST_REBOOT_SIGNAL) {
- fwu_signal_handle(TFM_FWU_REQUEST_REBOOT_SIGNAL,
- tfm_fwu_request_reboot_ipc);
- } else if (signals & TFM_FWU_ACCEPT_SIGNAL) {
- fwu_signal_handle(TFM_FWU_ACCEPT_SIGNAL, tfm_fwu_accept_ipc);
- } else {
- psa_panic();
- }
- }
-#else
- return fwu_bootloader_init();
+#ifndef TFM_PSA_API
+ fwu_is_init = true;
#endif
+ return PSA_SUCCESS;
}
diff --git a/secure_fw/partitions/firmware_update/tfm_fwu_req_mngr.h b/secure_fw/partitions/firmware_update/tfm_fwu_req_mngr.h
index d7cd92e..f45395e 100644
--- a/secure_fw/partitions/firmware_update/tfm_fwu_req_mngr.h
+++ b/secure_fw/partitions/firmware_update/tfm_fwu_req_mngr.h
@@ -19,6 +19,7 @@
/* The maxinum of images that TF-M support to update concurrently. */
#define TFM_FWU_MAX_IMAGES 2
+#ifndef TFM_PSA_API
/**
* \brief Handles the write request.
*
@@ -86,7 +87,7 @@
psa_status_t tfm_fwu_request_reboot_req(psa_invec *in_vec, size_t in_len,
psa_outvec *out_vec, size_t out_len);
-
+#endif
#ifdef __cplusplus
}
#endif
diff --git a/secure_fw/partitions/firmware_update/tfm_fwu_secure_api.c b/secure_fw/partitions/firmware_update/tfm_fwu_secure_api.c
index 20633bd..9ca1dee 100644
--- a/secure_fw/partitions/firmware_update/tfm_fwu_secure_api.c
+++ b/secure_fw/partitions/firmware_update/tfm_fwu_secure_api.c
@@ -22,10 +22,6 @@
size_t block_size)
{
psa_status_t status;
-#ifdef TFM_PSA_API
- psa_handle_t handle;
-#endif
-
psa_invec in_vec[] = {
{ .base = &image_id, .len = sizeof(image_id) },
{ .base = &block_offset, .len = sizeof(block_offset) },
@@ -33,17 +29,10 @@
};
#ifdef TFM_PSA_API
- handle = psa_connect(TFM_FWU_WRITE_SID, TFM_FWU_WRITE_VERSION);
- if (!PSA_HANDLE_IS_VALID(handle)) {
- return PSA_ERROR_GENERIC_ERROR;
- }
-
- status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), NULL, 0);
-
- psa_close(handle);
+ status = psa_call(TFM_FIRMWARE_UPDATE_SERVICE_HANDLE, TFM_FWU_WRITE,
+ in_vec, IOVEC_LEN(in_vec), NULL, 0);
#else
status = tfm_fwu_write_req_veneer(in_vec, IOVEC_LEN(in_vec), NULL, 0);
-#endif
/* A parameter with a buffer pointer where its data length is longer than
* maximum permitted, it is treated as a secure violation.
@@ -54,6 +43,7 @@
if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) {
return PSA_ERROR_INVALID_ARGUMENT;
}
+#endif
return status;
}
@@ -63,10 +53,6 @@
psa_image_version_t *dependency_version)
{
psa_status_t status;
-#ifdef TFM_PSA_API
- psa_handle_t handle;
-#endif
-
psa_invec in_vec[] = {
{ .base = &image_id, .len = sizeof(image_id) }
};
@@ -81,19 +67,11 @@
}
#ifdef TFM_PSA_API
- handle = psa_connect(TFM_FWU_INSTALL_SID, TFM_FWU_INSTALL_VERSION);
- if (!PSA_HANDLE_IS_VALID(handle)) {
- return PSA_ERROR_GENERIC_ERROR;
- }
-
- status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec),
- out_vec, IOVEC_LEN(out_vec));
-
- psa_close(handle);
+ status = psa_call(TFM_FIRMWARE_UPDATE_SERVICE_HANDLE, TFM_FWU_INSTALL,
+ in_vec, IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
#else
status = tfm_fwu_install_req_veneer(in_vec, IOVEC_LEN(in_vec),
out_vec, IOVEC_LEN(out_vec));
-#endif
/* A parameter with a buffer pointer where its data length is longer than
* maximum permitted, it is treated as a secure violation.
@@ -104,6 +82,7 @@
if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) {
return PSA_ERROR_INVALID_ARGUMENT;
}
+#endif
return status;
}
@@ -111,28 +90,16 @@
psa_status_t psa_fwu_abort(psa_image_id_t image_id)
{
psa_status_t status;
-#ifdef TFM_PSA_API
- psa_handle_t handle;
-#endif
-
psa_invec in_vec[] = {
{ .base = &image_id, .len = sizeof(image_id) }
};
#ifdef TFM_PSA_API
- handle = psa_connect(TFM_FWU_ABORT_SID, TFM_FWU_ABORT_VERSION);
- if (!PSA_HANDLE_IS_VALID(handle)) {
- return PSA_ERROR_GENERIC_ERROR;
- }
-
- status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec),
- NULL, 0);
-
- psa_close(handle);
+ status = psa_call(TFM_FIRMWARE_UPDATE_SERVICE_HANDLE, TFM_FWU_ABORT,
+ in_vec, IOVEC_LEN(in_vec), NULL, 0);
#else
status = tfm_fwu_abort_req_veneer(in_vec, IOVEC_LEN(in_vec),
NULL, 0);
-#endif
/* A parameter with a buffer pointer where its data length is longer than
* maximum permitted, it is treated as a secure violation.
@@ -143,6 +110,7 @@
if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) {
return PSA_ERROR_INVALID_ARGUMENT;
}
+#endif
return status;
}
@@ -150,10 +118,6 @@
psa_status_t psa_fwu_query(psa_image_id_t image_id, psa_image_info_t *info)
{
psa_status_t status;
-#ifdef TFM_PSA_API
- psa_handle_t handle;
-#endif
-
psa_invec in_vec[] = {
{ .base = &image_id, .len = sizeof(image_id) }
};
@@ -162,23 +126,15 @@
};
#ifdef TFM_PSA_API
- handle = psa_connect(TFM_FWU_QUERY_SID, TFM_FWU_QUERY_VERSION);
- if (!PSA_HANDLE_IS_VALID(handle)) {
- return PSA_ERROR_GENERIC_ERROR;
- }
-
- status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec),
- out_vec, IOVEC_LEN(out_vec));
-
- psa_close(handle);
+ status = psa_call(TFM_FIRMWARE_UPDATE_SERVICE_HANDLE, TFM_FWU_QUERY,
+ in_vec, IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
#else
status = tfm_fwu_query_req_veneer(in_vec, IOVEC_LEN(in_vec),
out_vec, IOVEC_LEN(out_vec));
-#endif
-
if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) {
return PSA_ERROR_INVALID_ARGUMENT;
}
+#endif
return status;
}
@@ -186,27 +142,16 @@
psa_status_t psa_fwu_request_reboot(void)
{
psa_status_t status;
-#ifdef TFM_PSA_API
- psa_handle_t handle;
-#endif
#ifdef TFM_PSA_API
- handle = psa_connect(TFM_FWU_REQUEST_REBOOT_SID,
- TFM_FWU_REQUEST_REBOOT_VERSION);
- if (!PSA_HANDLE_IS_VALID(handle)) {
- return PSA_ERROR_GENERIC_ERROR;
- }
-
- status = psa_call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
-
- psa_close(handle);
+ status = psa_call(TFM_FIRMWARE_UPDATE_SERVICE_HANDLE, TFM_FWU_REQUEST_REBOOT,
+ NULL, 0, NULL, 0);
#else
status = tfm_fwu_request_reboot_req_veneer(NULL, 0, NULL, 0);
-#endif
-
if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) {
return PSA_ERROR_INVALID_ARGUMENT;
}
+#endif
return status;
}
@@ -214,30 +159,19 @@
psa_status_t psa_fwu_accept(psa_image_id_t image_id)
{
psa_status_t status;
-#ifdef TFM_PSA_API
- psa_handle_t handle;
-#endif
psa_invec in_vec[] = {
{ .base = &image_id, .len = sizeof(image_id) }
};
#ifdef TFM_PSA_API
- handle = psa_connect(TFM_FWU_ACCEPT_SID,
- TFM_FWU_ACCEPT_VERSION);
- if (!PSA_HANDLE_IS_VALID(handle)) {
- return PSA_ERROR_GENERIC_ERROR;
- }
-
- status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), NULL, 0);
-
- psa_close(handle);
+ status = psa_call(TFM_FIRMWARE_UPDATE_SERVICE_HANDLE, TFM_FWU_ACCEPT,
+ in_vec, IOVEC_LEN(in_vec), NULL, 0);
#else
status = tfm_fwu_accept_req_veneer(in_vec, IOVEC_LEN(in_vec), NULL, 0);
-#endif
-
if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) {
return PSA_ERROR_INVALID_ARGUMENT;
}
+#endif
return status;
}