TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m / 22a3faf4c41150d15868c0bd369c40d02a222988 / . / secure_fw / spm / ffm / psa_api.h
blob: 856977c35a4eb871a6022e3490c33a6ec6cc1231 [file] [log] [blame]
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]1/*
Shawn Shanb222d892021-01-04 17:41:48 +0800[diff] [blame]2 * Copyright (c) 2019-2021, Arm Limited. All rights reserved.
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
Mingyang Sun133a7922021-07-08 16:01:26 +0800[diff] [blame]8#ifndef __PSA_API_H__
9#define __PSA_API_H__
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]10
11#include <stdint.h>
Mingyang Sun7397b4f2020-06-17 15:07:45 +0800[diff] [blame]12#include <stdbool.h>
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]13#include "psa/client.h"
Mingyang Sunb26b2802021-07-07 11:25:00 +0800[diff] [blame]14#include "psa/service.h"
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]15
Shawn Shanb222d892021-01-04 17:41:48 +0800[diff] [blame]16#define PROGRAMMER_ERROR_NULL
17#define TFM_PROGRAMMER_ERROR(ns_caller, error_status) \
18 do { \
19 if (ns_caller) { \
20 return error_status; \
21 } else { \
22 tfm_core_panic(); \
23 } \
24 } while (0)
25
Mingyang Sunb26b2802021-07-07 11:25:00 +0800[diff] [blame]26/* PSA Client API function body, for privileged use only. */
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]27
28/**
29 * \brief handler for \ref psa_framework_version.
30 *
31 * \return version The version of the PSA Framework implementation
32 * that is providing the runtime services.
33 */
Mingyang Sund44522a2020-01-16 16:48:37 +0800[diff] [blame]34uint32_t tfm_spm_client_psa_framework_version(void);
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]35
36/**
37 * \brief handler for \ref psa_version.
38 *
39 * \param[in] sid RoT Service identity.
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]40 *
41 * \retval PSA_VERSION_NONE The RoT Service is not implemented, or the
42 * caller is not permitted to access the service.
Jaykumar Pitambarbhai Patel3a986022019-10-08 17:37:15 +0530[diff] [blame]43 * \retval > 0 The version of the implemented RoT Service.
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]44 */
Mingyang Sun22a3faf2021-07-09 15:32:47 +0800[diff] [blame^]45uint32_t tfm_spm_client_psa_version(uint32_t sid);
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]46
47/**
48 * \brief handler for \ref psa_connect.
49 *
50 * \param[in] sid RoT Service identity.
Jaykumar Pitambarbhai Patel3a986022019-10-08 17:37:15 +0530[diff] [blame]51 * \param[in] version The version of the RoT Service.
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]52 *
53 * \retval PSA_SUCCESS Success.
54 * \retval PSA_ERROR_CONNECTION_REFUSED The SPM or RoT Service has refused the
55 * connection.
56 * \retval PSA_ERROR_CONNECTION_BUSY The SPM or RoT Service cannot make the
57 * connection at the moment.
58 * \retval "Does not return" The RoT Service ID and version are not
59 * supported, or the caller is not permitted to
60 * access the service.
61 */
Mingyang Sun22a3faf2021-07-09 15:32:47 +0800[diff] [blame^]62psa_status_t tfm_spm_client_psa_connect(uint32_t sid, uint32_t version);
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]63
64/**
65 * \brief handler for \ref psa_call.
66 *
67 * \param[in] handle Service handle to the established connection,
68 * \ref psa_handle_t
69 * \param[in] type The request type.
70 * Must be zero( \ref PSA_IPC_CALL) or positive.
71 * \param[in] inptr Array of input psa_invec structures.
72 * \ref psa_invec
73 * \param[in] in_num Number of input psa_invec structures.
74 * \ref psa_invec
75 * \param[in] outptr Array of output psa_outvec structures.
76 * \ref psa_outvec
77 * \param[in] out_num Number of outut psa_outvec structures.
78 * \ref psa_outvec
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]79 * \param[in] privileged Privileged mode or unprivileged mode:
80 * \ref TFM_PARTITION_UNPRIVILEGED_MODE
81 * \ref TFM_PARTITION_PRIVILEGED_MODE
82 *
83 * \retval PSA_SUCCESS Success.
84 * \retval "Does not return" The call is invalid, one or more of the
85 * following are true:
86 * \arg An invalid handle was passed.
87 * \arg The connection is already handling a request.
88 * \arg An invalid memory reference was provided.
89 * \arg in_num + out_num > PSA_MAX_IOVEC.
90 * \arg The message is unrecognized by the RoT
91 * Service or incorrectly formatted.
92 */
Mingyang Sund44522a2020-01-16 16:48:37 +0800[diff] [blame]93psa_status_t tfm_spm_client_psa_call(psa_handle_t handle, int32_t type,
94 const psa_invec *inptr, size_t in_num,
95 psa_outvec *outptr, size_t out_num,
Mingyang Sun22a3faf2021-07-09 15:32:47 +0800[diff] [blame^]96 uint32_t privileged);
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]97
98/**
99 * \brief handler for \ref psa_close.
100 *
101 * \param[in] handle Service handle to the connection to be closed,
102 * \ref psa_handle_t
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]103 *
104 * \retval void Success.
105 * \retval "Does not return" The call is invalid, one or more of the
106 * following are true:
107 * \arg An invalid handle was provided that is not
108 * the null handle.
109 * \arg The connection is handling a request.
110 */
Mingyang Sun22a3faf2021-07-09 15:32:47 +0800[diff] [blame^]111void tfm_spm_client_psa_close(psa_handle_t handle);
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]112
Mingyang Sunb26b2802021-07-07 11:25:00 +0800[diff] [blame]113/* PSA Partition API function body, for privileged use only. */
114
115/**
116 * \brief Function body of \ref psa_wait.
117 *
118 * \param[in] signal_mask A set of signals to query. Signals that are not
119 * in this set will be ignored.
120 * \param[in] timeout Specify either blocking \ref PSA_BLOCK or
121 * polling \ref PSA_POLL operation.
122 *
123 * \retval >0 At least one signal is asserted.
124 * \retval 0 No signals are asserted. This is only seen when
125 * a polling timeout is used.
126 */
127psa_signal_t tfm_spm_partition_psa_wait(psa_signal_t signal_mask,
128 uint32_t timeout);
129
130/**
131 * \brief Function body of \ref psa_get.
132 *
133 * \param[in] signal The signal value for an asserted RoT Service.
134 * \param[out] msg Pointer to \ref psa_msg_t object for receiving
135 * the message.
136 *
137 * \retval PSA_SUCCESS Success, *msg will contain the delivered
138 * message.
139 * \retval PSA_ERROR_DOES_NOT_EXIST Message could not be delivered.
140 * \retval "PROGRAMMER ERROR" The call is invalid because one or more of the
141 * following are true:
142 * \arg signal has more than a single bit set.
143 * \arg signal does not correspond to an RoT Service.
144 * \arg The RoT Service signal is not currently
145 * asserted.
146 * \arg The msg pointer provided is not a valid memory
147 * reference.
148 */
149psa_status_t tfm_spm_partition_psa_get(psa_signal_t signal, psa_msg_t *msg);
150
151/**
152 * \brief Function body of \ref psa_set_rhandle.
153 *
154 * \param[in] msg_handle Handle for the client's message.
155 * \param[in] rhandle Reverse handle allocated by the RoT Service.
156 *
157 * \retval void Success, rhandle will be provided with all
158 * subsequent messages delivered on this
159 * connection.
160 * \retval "PROGRAMMER ERROR" msg_handle is invalid.
161 */
162void tfm_spm_partition_psa_set_rhandle(psa_handle_t msg_handle, void *rhandle);
163
164/**
165 * \brief Function body of \ref psa_read.
166 *
167 * \param[in] msg_handle Handle for the client's message.
168 * \param[in] invec_idx Index of the input vector to read from. Must be
169 * less than \ref PSA_MAX_IOVEC.
170 * \param[out] buffer Buffer in the Secure Partition to copy the
171 * requested data to.
172 * \param[in] num_bytes Maximum number of bytes to be read from the
173 * client input vector.
174 *
175 * \retval >0 Number of bytes copied.
176 * \retval 0 There was no remaining data in this input
177 * vector.
178 * \retval "PROGRAMMER ERROR" The call is invalid, one or more of the
179 * following are true:
180 * \arg msg_handle is invalid.
181 * \arg msg_handle does not refer to a
182 * \ref PSA_IPC_CALL message.
183 * \arg invec_idx is equal to or greater than
184 * \ref PSA_MAX_IOVEC.
185 * \arg the memory reference for buffer is invalid or
186 * not writable.
187 */
188size_t tfm_spm_partition_psa_read(psa_handle_t msg_handle, uint32_t invec_idx,
189 void *buffer, size_t num_bytes);
190
191/**
192 * \brief Function body of psa_skip.
193 *
194 * \param[in] msg_handle Handle for the client's message.
195 * \param[in] invec_idx Index of input vector to skip from. Must be
196 * less than \ref PSA_MAX_IOVEC.
197 * \param[in] num_bytes Maximum number of bytes to skip in the client
198 * input vector.
199 *
200 * \retval >0 Number of bytes skipped.
201 * \retval 0 There was no remaining data in this input
202 * vector.
203 * \retval "PROGRAMMER ERROR" The call is invalid, one or more of the
204 * following are true:
205 * \arg msg_handle is invalid.
206 * \arg msg_handle does not refer to a request
207 * message.
208 * \arg invec_idx is equal to or greater than
209 * \ref PSA_MAX_IOVEC.
210 */
211size_t tfm_spm_partition_psa_skip(psa_handle_t msg_handle, uint32_t invec_idx,
212 size_t num_bytes);
213
214/**
215 * \brief Function body of \ref psa_write.
216 *
217 * \param[in] msg_handle Handle for the client's message.
218 * \param[out] outvec_idx Index of output vector in message to write to.
219 * Must be less than \ref PSA_MAX_IOVEC.
220 * \param[in] buffer Buffer with the data to write.
221 * \param[in] num_bytes Number of bytes to write to the client output
222 * vector.
223 *
224 * \retval void Success
225 * \retval "PROGRAMMER ERROR" The call is invalid, one or more of the
226 * following are true:
227 * \arg msg_handle is invalid.
228 * \arg msg_handle does not refer to a request
229 * message.
230 * \arg outvec_idx is equal to or greater than
231 * \ref PSA_MAX_IOVEC.
232 * \arg The memory reference for buffer is invalid.
233 * \arg The call attempts to write data past the end
234 * of the client output vector.
235 */
236void tfm_spm_partition_psa_write(psa_handle_t msg_handle, uint32_t outvec_idx,
237 const void *buffer, size_t num_bytes);
238
239/**
240 * \brief Function body of \ref psa_reply.
241 *
242 * \param[in] msg_handle Handle for the client's message.
243 * \param[in] status Message result value to be reported to the
244 * client.
245 *
246 * \retval void Success.
247 * \retval "PROGRAMMER ERROR" The call is invalid, one or more of the
248 * following are true:
249 * \arg msg_handle is invalid.
250 * \arg An invalid status code is specified for the
251 * type of message.
252 */
253void tfm_spm_partition_psa_reply(psa_handle_t msg_handle, psa_status_t status);
254
255/**
256 * \brief Function body of \ref psa_norify.
257 *
258 * \param[in] partition_id Secure Partition ID of the target partition.
259 *
260 * \retval void Success.
261 * \retval "PROGRAMMER ERROR" partition_id does not correspond to a Secure
262 * Partition.
263 */
264void tfm_spm_partition_psa_notify(int32_t partition_id);
265
266/**
267 * \brief Function body of \ref psa_clear.
268 *
269 * \retval void Success.
270 * \retval "PROGRAMMER ERROR" The Secure Partition's doorbell signal is not
271 * currently asserted.
272 */
273void tfm_spm_partition_psa_clear(void);
274
275/**
276 * \brief Function body of \ref psa_eoi.
277 *
278 * \param[in] irq_signal The interrupt signal that has been processed.
279 *
280 * \retval void Success.
281 * \retval "PROGRAMMER ERROR" The call is invalid, one or more of the
282 * following are true:
283 * \arg irq_signal is not an interrupt signal.
284 * \arg irq_signal indicates more than one signal.
285 * \arg irq_signal is not currently asserted.
286 * \arg The interrupt is not using SLIH.
287 */
288void tfm_spm_partition_psa_eoi(psa_signal_t irq_signal);
289
290/**
291 * \brief Function body of \ref psa_panic.
292 *
293 * \retval "Does not return"
294 */
295void tfm_spm_partition_psa_panic(void);
296
297/**
298 * \brief Function body of \ref psa_irq_enable.
299 *
300 * \param[in] irq_signal The signal for the interrupt to be enabled.
301 * This must have a single bit set, which must be the
302 * signal value for an interrupt in the calling Secure
303 * Partition.
304 *
305 * \retval void
306 * \retval "PROGRAMMER ERROR" If one or more of the following are true:
307 * \arg \a irq_signal is not an interrupt signal.
308 * \arg \a irq_signal indicates more than one signal.
309 */
310void tfm_spm_partition_irq_enable(psa_signal_t irq_signal);
311
312/**
313 * \brief Function body of psa_irq_disable.
314 *
315 * \param[in] irq_signal The signal for the interrupt to be disabled.
316 * This must have a single bit set, which must be the
317 * signal value for an interrupt in the calling Secure
318 * Partition.
319 *
320 * \retval 0 The interrupt was disabled prior to this call.
321 * 1 The interrupt was enabled prior to this call.
322 * \retval "PROGRAMMER ERROR" If one or more of the following are true:
323 * \arg \a irq_signal is not an interrupt signal.
324 * \arg \a irq_signal indicates more than one signal.
325 *
326 * \note The current implementation always return 1. Do not use the return.
327 */
328psa_irq_status_t tfm_spm_partition_irq_disable(psa_signal_t irq_signal);
329
330/**
331 * \brief Function body of \ref psa_reset_signal.
332 *
333 * \param[in] irq_signal The interrupt signal to be reset.
334 * This must have a single bit set, corresponding to a
335 * currently asserted signal for an interrupt that is
336 * defined to use FLIH handling.
337 *
338 * \retval void
339 * \retval "Programmer Error" if one or more of the following are true:
340 * \arg \a irq_signal is not a signal for an interrupt
341 * that is specified with FLIH handling in the Secure
342 * Partition manifest.
343 * \arg \a irq_signal indicates more than one signal.
344 * \arg \a irq_signal is not currently asserted.
345 */
346void tfm_spm_partition_psa_reset_signal(psa_signal_t irq_signal);
347
Mingyang Sun133a7922021-07-08 16:01:26 +0800[diff] [blame]348#endif /* __PSA_API_H__ */