| commit | 7527ddf2046665ae2aae0cc2fd026016c51e505f | [log] [tgz] |
|---|---|---|
| author | Bence Balogh <bence.balogh@arm.com> | Tue Feb 25 08:18:14 2025 +0100 |
| committer | György Szing <gyorgy.szing@arm.com> | Fri Mar 07 09:58:27 2025 +0100 |
| tree | ace9085deda325142f6ff5eb084a09bd8ed4d67d | |
| parent | da242000ea4059741dbad72b869bb5ba7e2265a3 [diff] |
Remap the "0" client_id in RSE_COMMS The client_id of an NS endpoint should be a negative number, according to the PSA FF-M [1], otherwise, TF-M will reject the call [2]. The calls from the Application Core are considered to be NS from the Secure Enclave's point of view. The RSE_COMMS library performs a positive-to-negative transformation on the TF-M side [3] so the client_id provided in Trusted Services must be a positive number. The [2] check was added in TF-Mv2.1.x release. The client_id is sent as a 16 bits long integer so the sign will be always okay as it is checked as an int32_t in the TF-M side, but the "0" check can cause problems. Therefore, '0' is not allowed and must be remapped to a different value. This is done by replacing the "0" client_id with the SE-Proxy's own FF-A ID. This is a viable option because the SE-Proxy SP is never a source of a request on its own, it just forwards the requests of the other endpoints. For example, the SE-Proxy SP doesn't store any assets in a PS or ITS, which would need to be isolated from the other SPs. [1] https://developer.arm.com/documentation/den0063/a/?lang=en [2] https://git.trustedfirmware.org/plugins/gitiles/TF-M/trusted-firmware-m.git/+/refs/tags/TF-Mv2.1.1/secure_fw/partitions/ns_agent_mailbox/tfm_multi_core_client_id.c#52 [3] https://git.trustedfirmware.org/plugins/gitiles/TF-M/trusted-firmware-m.git/+/refs/tags/TF-Mv2.1.1/platform/ext/target/arm/rse/common/rse_comms/rse_comms.c#75 Change-Id: Id880659e6a4c27d7edaa4e8de49c873c2f870548 Signed-off-by: Bence Balogh <bence.balogh@arm.com>