feat: manifest NS memory/device region attribute This change permits providing the security state of a memory region for S-EL0 partitions through Hafnium/VHE. Note the same mechanism will be supported only from a later change for S-EL1 partitions as the NS bit is controlled by the Stage-1 translation regime. Hafnium must leverage VTTBR/VSTTBR page tables to enforce this. Change-Id: Ieb0256d3c5f499dc435d5a2f95934f338178c315 Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>

commit: 035fa15eb062593d43ce332ce698c6a073885203 [log] [tgz]
author: Olivier Deprez <olivier.deprez@arm.com> Mon Mar 14 11:19:10 2022 +0100
committer: Joao Alves <joao.alves@arm.com> Wed Jul 13 10:59:16 2022 +0200
tree: a502ac654029aa4526a2202fe1bdc1ebf746d55a
parent: dd0561820946fe23bcd57cc129140437f72102a5 [diff] [blame]
diff --git a/inc/hf/manifest.h b/inc/hf/manifest.h
index bcdd628..582f564 100644
--- a/inc/hf/manifest.h
+++ b/inc/hf/manifest.h

@@ -25,8 +25,15 @@
 #define SP_MAX_INTERRUPTS_PER_DEVICE 4
 #define SP_MAX_STREAMS_PER_DEVICE 4
 
-/** Mask for getting read/write/execute permission */
-#define MM_PERM_MASK 0x7
+/** FF-A manifest memory and device regions attributes. */
+#define MANIFEST_REGION_ATTR_READ (UINT32_C(1) << 0)
+#define MANIFEST_REGION_ATTR_WRITE (UINT32_C(1) << 1)
+#define MANIFEST_REGION_ATTR_EXEC (UINT32_C(1) << 2)
+#define MANIFEST_REGION_ATTR_SECURITY (UINT32_C(1) << 3)
+
+#define MANIFEST_REGION_ALL_ATTR_MASK                             \
+	(MANIFEST_REGION_ATTR_READ | MANIFEST_REGION_ATTR_WRITE | \
+	 MANIFEST_REGION_ATTR_EXEC | MANIFEST_REGION_ATTR_SECURITY)
 
 /* Highest possible value for the boot-order field. */
 #define DEFAULT_BOOT_ORDER 0xFFFF
commit	035fa15eb062593d43ce332ce698c6a073885203	[log] [tgz]
author	Olivier Deprez <olivier.deprez@arm.com>	Mon Mar 14 11:19:10 2022 +0100
committer	Joao Alves <joao.alves@arm.com>	Wed Jul 13 10:59:16 2022 +0200
tree	a502ac654029aa4526a2202fe1bdc1ebf746d55a
parent	dd0561820946fe23bcd57cc129140437f72102a5 [diff] [blame]