SPRTL: Partition Metadata Pointer [Optional Feature]
Partition Metadata Pointer is used to point to the metadata inside one
partition. This pointer is updated by SPM while scheduling and read by
SPRTL.
This feature is one configurable feature and can be enabled if SPRTL
needs to support partition metadata-based APIs, such as partition
private heap management.
This pointer is put at a writeable area, with the name 'TFM_SP_META_PTR'.
Configure 'TFM_SP_META_PTR' with the last MPU region to minimize the
influence to PERIPHERAL regions.
Change-Id: Iaae5ee8f25f0587c6812cc8f977cfa38f46ecd8c
Signed-off-by: Summer Qin <summer.qin@arm.com>
diff --git a/config/check_config.cmake b/config/check_config.cmake
index c2fcf27..6fb8cdd 100644
--- a/config/check_config.cmake
+++ b/config/check_config.cmake
@@ -58,3 +58,7 @@
tfm_invalid_config(NOT TFM_CODE_SHARING STREQUAL "OFF" AND NOT TFM_PLATFORM IN_LIST TFM_CODE_SHARING_PLATFORM_LISTS)
tfm_invalid_config(NOT TFM_CODE_SHARING STREQUAL "OFF" AND CRYPTO_HW_ACCELERATOR)
tfm_invalid_config(TFM_CODE_SHARING STREQUAL "OFF" AND TFM_CODE_SHARING_PATH)
+
+####################### SP META Pointer ########################################
+
+tfm_invalid_config(TFM_SP_META_PTR_ENABLE AND NOT TFM_PSA_API)
diff --git a/config/config_default.cmake b/config/config_default.cmake
index 360664f..ef002db 100644
--- a/config/config_default.cmake
+++ b/config/config_default.cmake
@@ -36,6 +36,8 @@
set(TFM_CODE_COVERAGE OFF CACHE BOOL "Whether to build the binary for lcov tools by adding -g")
+set(TFM_SP_META_PTR_ENABLE OFF CACHE BOOL "Use Partition Metadata Pointer")
+
########################## BL2 #################################################
set(MCUBOOT_IMAGE_NUMBER 2 CACHE STRING "Whether to combine S and NS into either 1 image, or sign each seperately")
diff --git a/interface/CMakeLists.txt b/interface/CMakeLists.txt
index f68396d..276a720 100644
--- a/interface/CMakeLists.txt
+++ b/interface/CMakeLists.txt
@@ -48,6 +48,7 @@
$<$<BOOL:${TFM_MULTI_CORE_TOPOLOGY}>:TFM_MULTI_CORE_TOPOLOGY>
$<$<BOOL:${TFM_MULTI_CORE_MULTI_CLIENT_CALL}>:TFM_MULTI_CORE_MULTI_CLIENT_CALL>
$<$<BOOL:${FORWARD_PROT_MSG}>:FORWARD_PROT_MSG=${FORWARD_PROT_MSG}>
+ $<$<BOOL:${TFM_SP_META_PTR_ENABLE}>:TFM_SP_META_PTR_ENABLE>
)
###################### PSA api (S lib) #########################################
diff --git a/platform/ext/common/armclang/tfm_common_s.sct b/platform/ext/common/armclang/tfm_common_s.sct
index 93d60d1..4186d09 100644
--- a/platform/ext/common/armclang/tfm_common_s.sct
+++ b/platform/ext/common/armclang/tfm_common_s.sct
@@ -134,6 +134,12 @@
}
#endif /* !defined(TFM_PSA_API) */
+#if defined(TFM_SP_META_PTR_ENABLE)
+ TFM_SP_META_PTR +0 ALIGN 32 {
+ *(SP_META_PTR_SPRTL_INST)
+ }
+#endif
+
/**** APP RoT DATA start here */
/*
* This empty, zero long execution region is here to mark the start address
diff --git a/platform/ext/common/gcc/tfm_common_s.ld b/platform/ext/common/gcc/tfm_common_s.ld
index 61b5b87..3939b64 100644
--- a/platform/ext/common/gcc/tfm_common_s.ld
+++ b/platform/ext/common/gcc/tfm_common_s.ld
@@ -111,6 +111,11 @@
LONG (PSA_PROXY_SHARED_MEMORY_BASE)
LONG (PSA_PROXY_SHARED_MEMORY_SIZE)
#endif
+#if defined(TFM_SP_META_PTR_ENABLE)
+ LONG (LOADADDR(.TFM_SP_META_PTR))
+ LONG (ADDR(.TFM_SP_META_PTR))
+ LONG (SIZEOF(.TFM_SP_META_PTR))
+#endif
__zero_table_end__ = .;
} > FLASH
@@ -320,6 +325,15 @@
} > RAM
#endif /* TFM_LVL == 1 */
+#if defined(TFM_SP_META_PTR_ENABLE)
+ .TFM_SP_META_PTR : ALIGN(32)
+ {
+ *(SP_META_PTR_SPRTL_INST)
+ } > RAM
+ Image$$TFM_SP_META_PTR$$RW$$Base = ADDR(.TFM_SP_META_PTR);
+ Image$$TFM_SP_META_PTR$$RW$$Limit = ADDR(.TFM_SP_META_PTR) + SIZEOF(.TFM_SP_META_PTR);
+#endif
+
/**** APPLICATION RoT DATA start here */
Image$$TFM_APP_RW_STACK_START$$Base = .;
diff --git a/platform/ext/common/iar/tfm_common_s.icf b/platform/ext/common/iar/tfm_common_s.icf
index 32bba2c..5d2687c 100644
--- a/platform/ext/common/iar/tfm_common_s.icf
+++ b/platform/ext/common/iar/tfm_common_s.icf
@@ -97,6 +97,12 @@
keep {block TFM_SECURE_STACK};
#endif /* !defined(TFM_PSA_API) */
+#if defined(TFM_SP_META_PTR_ENABLE)
+define block TFM_SP_META_PTR_ENABLE with alignment = 32 {
+ section SP_META_PTR_SPRTL_INST
+ };
+#endif
+
define block TFM_APP_RW_STACK_START with alignment = 32, size = 0 { };
define block TFM_APP_ROT_LINKER_DATA with alignment = 32 {
@@ -241,6 +247,10 @@
block TFM_SECURE_STACK,
#endif /* !defined(TFM_PSA_API) */
+#if defined(TFM_SP_META_PTR_ENABLE)
+ block TFM_SP_META_PTR,
+#endif
+
/**** APP RoT DATA start here */
/*
* This empty, zero long execution region is here to mark the start address
diff --git a/platform/ext/target/mps2/an519/tfm_hal_isolation.c b/platform/ext/target/mps2/an519/tfm_hal_isolation.c
index 1218f80..a396e51 100644
--- a/platform/ext/target/mps2/an519/tfm_hal_isolation.c
+++ b/platform/ext/target/mps2/an519/tfm_hal_isolation.c
@@ -21,6 +21,9 @@
#define PARTITION_REGION_RO 3
#define PARTITION_REGION_RW_STACK 4
#define PARTITION_REGION_PERIPH 5
+#ifdef TFM_SP_META_PTR_ENABLE
+#define MPU_REGION_SP_META_PTR 7
+#endif /* TFM_SP_META_PTR_ENABLE */
REGION_DECLARE(Load$$LR$$, LR_VENEER, $$Base);
REGION_DECLARE(Load$$LR$$, LR_VENEER, $$Limit);
@@ -32,6 +35,10 @@
REGION_DECLARE(Image$$, TFM_APP_RW_STACK_END, $$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Limit);
+#ifdef TFM_SP_META_PTR_ENABLE
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Base);
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Limit);
+#endif /* TFM_SP_META_PTR_ENABLE */
const struct mpu_armv8m_region_cfg_t region_cfg[] = {
/* Veneer region */
@@ -83,7 +90,19 @@
MPU_ARMV8M_XN_EXEC_NEVER,
MPU_ARMV8M_AP_RW_PRIV_UNPRIV,
MPU_ARMV8M_SH_NONE
+ },
+#ifdef TFM_SP_META_PTR_ENABLE
+ /* TFM partition metadata pointer region */
+ {
+ MPU_REGION_SP_META_PTR,
+ (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Base),
+ (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Limit),
+ MPU_ARMV8M_MAIR_ATTR_DATA_IDX,
+ MPU_ARMV8M_XN_EXEC_NEVER,
+ MPU_ARMV8M_AP_RW_PRIV_UNPRIV,
+ MPU_ARMV8M_SH_NONE
}
+#endif
};
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
diff --git a/platform/ext/target/mps2/an521/spm_hal.c b/platform/ext/target/mps2/an521/spm_hal.c
index 44a5865..6d998b8 100644
--- a/platform/ext/target/mps2/an521/spm_hal.c
+++ b/platform/ext/target/mps2/an521/spm_hal.c
@@ -25,7 +25,7 @@
#ifdef CONFIG_TFM_ENABLE_MEMORY_PROTECT
#define PARTITION_REGION_PERIPH_START 5
-#define PARTITION_REGION_PERIPH_MAX_NUM 3
+#define PARTITION_REGION_PERIPH_MAX_NUM 2
uint32_t periph_num_count = 0;
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
diff --git a/platform/ext/target/mps2/an521/tfm_hal_isolation.c b/platform/ext/target/mps2/an521/tfm_hal_isolation.c
index bb7b760..16955ac 100644
--- a/platform/ext/target/mps2/an521/tfm_hal_isolation.c
+++ b/platform/ext/target/mps2/an521/tfm_hal_isolation.c
@@ -63,6 +63,9 @@
#define MPU_REGION_NS_STACK 2
#define PARTITION_REGION_RO 3
#define PARTITION_REGION_RW_STACK 4
+#ifdef TFM_SP_META_PTR_ENABLE
+#define MPU_REGION_SP_META_PTR 7
+#endif /* TFM_SP_META_PTR_ENABLE */
REGION_DECLARE(Load$$LR$$, LR_VENEER, $$Base);
REGION_DECLARE(Load$$LR$$, LR_VENEER, $$Limit);
@@ -74,6 +77,10 @@
REGION_DECLARE(Image$$, TFM_APP_RW_STACK_END, $$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Limit);
+#ifdef TFM_SP_META_PTR_ENABLE
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Base);
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Limit);
+#endif /* TFM_SP_META_PTR_ENABLE */
const struct mpu_armv8m_region_cfg_t region_cfg[] = {
/* Veneer region */
@@ -125,7 +132,19 @@
MPU_ARMV8M_XN_EXEC_NEVER,
MPU_ARMV8M_AP_RW_PRIV_UNPRIV,
MPU_ARMV8M_SH_NONE
+ },
+#ifdef TFM_SP_META_PTR_ENABLE
+ /* TFM partition metadata pointer region */
+ {
+ MPU_REGION_SP_META_PTR,
+ (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Base),
+ (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Limit),
+ MPU_ARMV8M_MAIR_ATTR_DATA_IDX,
+ MPU_ARMV8M_XN_EXEC_NEVER,
+ MPU_ARMV8M_AP_RW_PRIV_UNPRIV,
+ MPU_ARMV8M_SH_NONE
}
+#endif
};
#endif /* TFM_LVL == 3 */
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
diff --git a/platform/ext/target/mps2/an539/tfm_hal_isolation.c b/platform/ext/target/mps2/an539/tfm_hal_isolation.c
index b8f7d71..23b750b 100644
--- a/platform/ext/target/mps2/an539/tfm_hal_isolation.c
+++ b/platform/ext/target/mps2/an539/tfm_hal_isolation.c
@@ -21,6 +21,10 @@
#define PARTITION_REGION_RW_STACK 4
#define PARTITION_REGION_PERIPH 5
+#ifdef TFM_SP_META_PTR_ENABLE
+#define MPU_REGION_SP_META_PTR 7
+#endif /* TFM_SP_META_PTR_ENABLE */
+
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE, $$RO$$Base);
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE, $$RO$$Limit);
REGION_DECLARE(Image$$, TFM_APP_CODE_START, $$Base);
@@ -29,6 +33,10 @@
REGION_DECLARE(Image$$, TFM_APP_RW_STACK_END, $$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Limit);
+#ifdef TFM_SP_META_PTR_ENABLE
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Base);
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Limit);
+#endif /* TFM_SP_META_PTR_ENABLE */
extern const struct memory_region_limits memory_regions;
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
@@ -120,6 +128,22 @@
return TFM_HAL_ERROR_GENERIC;
}
+#ifdef TFM_SP_META_PTR_ENABLE
+ /* TFM partition metadata pointer region */
+ region_cfg.region_nr = MPU_REGION_SP_META_PTR;
+ region_cfg.region_base =
+ (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Base);
+ region_cfg.region_limit =
+ (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Limit);
+ region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
+ region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
+ region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
+ region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
+ if (mpu_region_enable(®ion_cfg) != MPU_ARMV8M_OK) {
+ return TFM_HAL_ERROR_GENERIC;
+ }
+#endif
+
mpu_enable(PRIVILEGED_DEFAULT_ENABLE, HARDFAULT_NMI_ENABLE);
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
diff --git a/platform/ext/target/mps2/fvp_sse300/spm_hal.c b/platform/ext/target/mps2/fvp_sse300/spm_hal.c
index 9d88ce1..7237bfb 100644
--- a/platform/ext/target/mps2/fvp_sse300/spm_hal.c
+++ b/platform/ext/target/mps2/fvp_sse300/spm_hal.c
@@ -21,7 +21,7 @@
#ifdef CONFIG_TFM_ENABLE_MEMORY_PROTECT
#define PARTITION_REGION_PERIPH_START 5
-#define PARTITION_REGION_PERIPH_MAX_NUM 3
+#define PARTITION_REGION_PERIPH_MAX_NUM 2
uint32_t periph_num_count = 0;
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
diff --git a/platform/ext/target/mps2/fvp_sse300/tfm_hal_isolation.c b/platform/ext/target/mps2/fvp_sse300/tfm_hal_isolation.c
index b0322bf..a3990d1 100644
--- a/platform/ext/target/mps2/fvp_sse300/tfm_hal_isolation.c
+++ b/platform/ext/target/mps2/fvp_sse300/tfm_hal_isolation.c
@@ -21,6 +21,9 @@
#define MPU_REGION_NS_STACK 2
#define PARTITION_REGION_RO 3
#define PARTITION_REGION_RW_STACK 4
+#ifdef TFM_SP_META_PTR_ENABLE
+#define MPU_REGION_SP_META_PTR 7
+#endif /* TFM_SP_META_PTR_ENABLE*/
REGION_DECLARE(Load$$LR$$, LR_VENEER, $$Base);
REGION_DECLARE(Load$$LR$$, LR_VENEER, $$Limit);
@@ -32,6 +35,10 @@
REGION_DECLARE(Image$$, TFM_APP_RW_STACK_END, $$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Limit);
+#ifdef TFM_SP_META_PTR_ENABLE
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Base);
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Limit);
+#endif /* TFM_SP_META_PTR_ENABLE */
const struct mpu_armv8m_region_cfg_t region_cfg[] = {
/* Veneer region */
@@ -83,7 +90,19 @@
MPU_ARMV8M_XN_EXEC_NEVER,
MPU_ARMV8M_AP_RW_PRIV_UNPRIV,
MPU_ARMV8M_SH_NONE
+ },
+#ifdef TFM_SP_META_PTR_ENABLE
+ /* TFM partition metadata pointer region */
+ {
+ MPU_REGION_SP_META_PTR,
+ (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Base),
+ (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Limit),
+ MPU_ARMV8M_MAIR_ATTR_DATA_IDX,
+ MPU_ARMV8M_XN_EXEC_NEVER,
+ MPU_ARMV8M_AP_RW_PRIV_UNPRIV,
+ MPU_ARMV8M_SH_NONE
}
+#endif
};
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
diff --git a/platform/ext/target/mps2/sse-200_aws/tfm_hal_isolation.c b/platform/ext/target/mps2/sse-200_aws/tfm_hal_isolation.c
index 0e167e4..6f129c9 100644
--- a/platform/ext/target/mps2/sse-200_aws/tfm_hal_isolation.c
+++ b/platform/ext/target/mps2/sse-200_aws/tfm_hal_isolation.c
@@ -21,6 +21,9 @@
#define PARTITION_REGION_RO 3
#define PARTITION_REGION_RW_STACK 4
#define PARTITION_REGION_PERIPH 5
+#ifdef TFM_SP_META_PTR_ENABLE
+#define MPU_REGION_SP_META_PTR 7
+#endif /* TFM_SP_META_PTR_ENABLE */
REGION_DECLARE(Load$$LR$$, LR_VENEER, $$Base);
REGION_DECLARE(Load$$LR$$, LR_VENEER, $$Limit);
@@ -32,6 +35,10 @@
REGION_DECLARE(Image$$, TFM_APP_RW_STACK_END, $$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Limit);
+#ifdef TFM_SP_META_PTR_ENABLE
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Base);
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Limit);
+#endif /* TFM_SP_META_PTR_ENABLE */
const struct mpu_armv8m_region_cfg_t region_cfg[] = {
/* Veneer region */
@@ -83,7 +90,19 @@
MPU_ARMV8M_XN_EXEC_NEVER,
MPU_ARMV8M_AP_RW_PRIV_UNPRIV,
MPU_ARMV8M_SH_NONE
+ },
+#ifdef TFM_SP_META_PTR_ENABLE
+ /* TFM partition metadata pointer region */
+ {
+ MPU_REGION_SP_META_PTR,
+ (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Base),
+ (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Limit),
+ MPU_ARMV8M_MAIR_ATTR_DATA_IDX,
+ MPU_ARMV8M_XN_EXEC_NEVER,
+ MPU_ARMV8M_AP_RW_PRIV_UNPRIV,
+ MPU_ARMV8M_SH_NONE
}
+#endif
};
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
diff --git a/platform/ext/target/mps3/an524/tfm_hal_isolation.c b/platform/ext/target/mps3/an524/tfm_hal_isolation.c
index 182587d..0f27cba 100644
--- a/platform/ext/target/mps3/an524/tfm_hal_isolation.c
+++ b/platform/ext/target/mps3/an524/tfm_hal_isolation.c
@@ -20,6 +20,9 @@
#define PARTITION_REGION_RO 3
#define PARTITION_REGION_RW_STACK 4
#define PARTITION_REGION_PERIPH 5
+#ifdef TFM_SP_META_PTR_ENABLE
+#define MPU_REGION_SP_META_PTR 7
+#endif /* TFM_SP_META_PTR_ENABLE */
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE, $$RO$$Base);
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE, $$RO$$Limit);
@@ -29,6 +32,10 @@
REGION_DECLARE(Image$$, TFM_APP_RW_STACK_END, $$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Limit);
+#ifdef TFM_SP_META_PTR_ENABLE
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Base);
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Limit);
+#endif /* TFM_SP_META_PTR_ENABLE */
extern const struct memory_region_limits memory_regions;
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
@@ -120,6 +127,22 @@
return TFM_HAL_ERROR_GENERIC;
}
+#ifdef TFM_SP_META_PTR_ENABLE
+ /* TFM partition metadata pointer region */
+ region_cfg.region_nr = MPU_REGION_SP_META_PTR;
+ region_cfg.region_base =
+ (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Base);
+ region_cfg.region_limit =
+ (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Limit);
+ region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
+ region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
+ region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
+ region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
+ if (mpu_region_enable(®ion_cfg) != MPU_ARMV8M_OK) {
+ return TFM_HAL_ERROR_GENERIC;
+ }
+#endif
+
mpu_enable(PRIVILEGED_DEFAULT_ENABLE, HARDFAULT_NMI_ENABLE);
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
diff --git a/platform/ext/target/mps3/fvp_sse300/spm_hal.c b/platform/ext/target/mps3/fvp_sse300/spm_hal.c
index 871c333..ecfc69f 100644
--- a/platform/ext/target/mps3/fvp_sse300/spm_hal.c
+++ b/platform/ext/target/mps3/fvp_sse300/spm_hal.c
@@ -23,7 +23,7 @@
#ifdef CONFIG_TFM_ENABLE_MEMORY_PROTECT
#define PARTITION_REGION_PERIPH_START 5
-#define PARTITION_REGION_PERIPH_MAX_NUM 3
+#define PARTITION_REGION_PERIPH_MAX_NUM 2
uint32_t periph_num_count = 0;
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
diff --git a/platform/ext/target/mps3/fvp_sse300/tfm_hal_isolation.c b/platform/ext/target/mps3/fvp_sse300/tfm_hal_isolation.c
index dc0dfbc..b041f90 100644
--- a/platform/ext/target/mps3/fvp_sse300/tfm_hal_isolation.c
+++ b/platform/ext/target/mps3/fvp_sse300/tfm_hal_isolation.c
@@ -21,6 +21,9 @@
#define MPU_REGION_NS_STACK 2
#define PARTITION_REGION_RO 3
#define PARTITION_REGION_RW_STACK 4
+#ifdef TFM_SP_META_PTR_ENABLE
+#define MPU_REGION_SP_META_PTR 7
+#endif /* TFM_SP_META_PTR_ENABLE */
REGION_DECLARE(Load$$LR$$, LR_VENEER, $$Base);
REGION_DECLARE(Load$$LR$$, LR_VENEER, $$Limit);
@@ -32,6 +35,10 @@
REGION_DECLARE(Image$$, TFM_APP_RW_STACK_END, $$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Limit);
+#ifdef TFM_SP_META_PTR_ENABLE
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Base);
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Limit);
+#endif /* TFM_SP_META_PTR_ENABLE */
const struct mpu_armv8m_region_cfg_t region_cfg[] = {
/* Veneer region */
@@ -83,7 +90,19 @@
MPU_ARMV8M_XN_EXEC_NEVER,
MPU_ARMV8M_AP_RW_PRIV_UNPRIV,
MPU_ARMV8M_SH_NONE
+ },
+#ifdef TFM_SP_META_PTR_ENABLE
+ /* TFM partition metadata pointer region */
+ {
+ MPU_REGION_SP_META_PTR,
+ (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Base),
+ (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Limit),
+ MPU_ARMV8M_MAIR_ATTR_DATA_IDX,
+ MPU_ARMV8M_XN_EXEC_NEVER,
+ MPU_ARMV8M_AP_RW_PRIV_UNPRIV,
+ MPU_ARMV8M_SH_NONE
}
+#endif
};
#endif /* TFM_LVL != 3 */
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
diff --git a/platform/ext/target/musca_a/spm_hal.c b/platform/ext/target/musca_a/spm_hal.c
index c34e942..59c4b96 100644
--- a/platform/ext/target/musca_a/spm_hal.c
+++ b/platform/ext/target/musca_a/spm_hal.c
@@ -25,7 +25,7 @@
#ifdef CONFIG_TFM_ENABLE_MEMORY_PROTECT
#define PARTITION_REGION_PERIPH_START 5
-#define PARTITION_REGION_PERIPH_MAX_NUM 3
+#define PARTITION_REGION_PERIPH_MAX_NUM 2
uint32_t periph_num_count = 0;
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
diff --git a/platform/ext/target/musca_a/tfm_hal_isolation.c b/platform/ext/target/musca_a/tfm_hal_isolation.c
index b2d83af..5c44164 100644
--- a/platform/ext/target/musca_a/tfm_hal_isolation.c
+++ b/platform/ext/target/musca_a/tfm_hal_isolation.c
@@ -18,6 +18,9 @@
#define MPU_REGION_NS_STACK 2
#define PARTITION_REGION_RO 3
#define PARTITION_REGION_RW_STACK 4
+#ifdef TFM_SP_META_PTR_ENABLE
+#define MPU_REGION_SP_META_PTR 7
+#endif /* TFM_SP_META_PTR_ENABLE */
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE, $$RO$$Base);
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE, $$RO$$Limit);
@@ -27,6 +30,10 @@
REGION_DECLARE(Image$$, TFM_APP_RW_STACK_END, $$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Limit);
+#ifdef TFM_SP_META_PTR_ENABLE
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Base);
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Limit);
+#endif
extern const struct memory_region_limits memory_regions;
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
@@ -115,6 +122,22 @@
return TFM_HAL_ERROR_GENERIC;
}
+#ifdef TFM_SP_META_PTR_ENABLE
+ /* TFM partition metadata pointer region */
+ region_cfg.region_nr = MPU_REGION_SP_META_PTR;
+ region_cfg.region_base =
+ (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Base);
+ region_cfg.region_limit =
+ (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Limit);
+ region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
+ region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
+ region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
+ region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
+ if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK) {
+ return TFM_HAL_ERROR_GENERIC;
+ }
+#endif
+
mpu_armv8m_enable(&dev_mpu_s, PRIVILEGED_DEFAULT_ENABLE,
HARDFAULT_NMI_ENABLE);
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
diff --git a/platform/ext/target/musca_b1/sse_200/spm_hal.c b/platform/ext/target/musca_b1/sse_200/spm_hal.c
index eef7ced..2f006e1 100644
--- a/platform/ext/target/musca_b1/sse_200/spm_hal.c
+++ b/platform/ext/target/musca_b1/sse_200/spm_hal.c
@@ -27,7 +27,7 @@
#ifdef CONFIG_TFM_ENABLE_MEMORY_PROTECT
#define PARTITION_REGION_PERIPH_START 5
-#define PARTITION_REGION_PERIPH_MAX_NUM 3
+#define PARTITION_REGION_PERIPH_MAX_NUM 2
uint32_t periph_num_count = 0;
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
diff --git a/platform/ext/target/musca_b1/sse_200/tfm_hal_isolation.c b/platform/ext/target/musca_b1/sse_200/tfm_hal_isolation.c
index 6c61583..d4d2f54 100644
--- a/platform/ext/target/musca_b1/sse_200/tfm_hal_isolation.c
+++ b/platform/ext/target/musca_b1/sse_200/tfm_hal_isolation.c
@@ -61,6 +61,9 @@
#define MPU_REGION_NS_STACK 2
#define PARTITION_REGION_RO 3
#define PARTITION_REGION_RW_STACK 4
+#ifdef TFM_SP_META_PTR_ENABLE
+#define MPU_REGION_SP_META_PTR 7
+#endif /* TFM_SP_META_PTR_ENABLE */
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE, $$RO$$Base);
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE, $$RO$$Limit);
@@ -70,6 +73,10 @@
REGION_DECLARE(Image$$, TFM_APP_RW_STACK_END, $$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Limit);
+#ifdef TFM_SP_META_PTR_ENABLE
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Base);
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Limit);
+#endif
extern const struct memory_region_limits memory_regions;
@@ -180,6 +187,22 @@
if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK) {
return TFM_HAL_ERROR_GENERIC;
}
+
+#ifdef TFM_SP_META_PTR_ENABLE
+ /* TFM partition metadata pointer region */
+ region_cfg.region_nr = MPU_REGION_SP_META_PTR;
+ region_cfg.region_base =
+ (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Base);
+ region_cfg.region_limit =
+ (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Limit);
+ region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
+ region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
+ region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
+ region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
+ if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK) {
+ return TFM_HAL_ERROR_GENERIC;
+ }
+#endif /* TFM_SP_META_PTR_ENABLE */
#endif /* TFM_LVL == 3 */
/* Enable MPU */
diff --git a/platform/ext/target/musca_s1/tfm_hal_isolation.c b/platform/ext/target/musca_s1/tfm_hal_isolation.c
index ebc278a..5dd8cfc 100644
--- a/platform/ext/target/musca_s1/tfm_hal_isolation.c
+++ b/platform/ext/target/musca_s1/tfm_hal_isolation.c
@@ -20,6 +20,9 @@
#define PARTITION_REGION_RO 3
#define PARTITION_REGION_RW_STACK 4
#define PARTITION_REGION_PERIPH 5
+#ifdef TFM_SP_META_PTR_ENABLE
+#define MPU_REGION_SP_META_PTR 7
+#endif /* TFM_SP_META_PTR_ENABLE */
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE, $$RO$$Base);
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE, $$RO$$Limit);
@@ -29,6 +32,10 @@
REGION_DECLARE(Image$$, TFM_APP_RW_STACK_END, $$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Limit);
+#ifdef TFM_SP_META_PTR_ENABLE
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Base);
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Limit);
+#endif
extern const struct memory_region_limits memory_regions;
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
@@ -121,6 +128,22 @@
return TFM_HAL_ERROR_GENERIC;
}
+#ifdef TFM_SP_META_PTR_ENABLE
+ /* TFM partition metadata pointer region */
+ region_cfg.region_nr = MPU_REGION_SP_META_PTR;
+ region_cfg.region_base =
+ (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Base);
+ region_cfg.region_limit =
+ (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Limit);
+ region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
+ region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
+ region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
+ region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
+ if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK) {
+ return TFM_HAL_ERROR_GENERIC;
+ }
+#endif
+
mpu_armv8m_enable(&dev_mpu_s, PRIVILEGED_DEFAULT_ENABLE,
HARDFAULT_NMI_ENABLE);
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
diff --git a/platform/ext/target/nordic_nrf/common/core/gcc/nordic_nrf_s.ld b/platform/ext/target/nordic_nrf/common/core/gcc/nordic_nrf_s.ld
index 80319d8..8879a8f 100644
--- a/platform/ext/target/nordic_nrf/common/core/gcc/nordic_nrf_s.ld
+++ b/platform/ext/target/nordic_nrf/common/core/gcc/nordic_nrf_s.ld
@@ -127,6 +127,11 @@
LONG (ADDR(.TFM_APP_ROT_LINKER_BSS))
LONG (SIZEOF(.TFM_APP_ROT_LINKER_BSS))
+#if defined(TFM_SP_META_PTR_ENABLE)
+ LONG (LOADADDR(.TFM_SP_META_PTR))
+ LONG (ADDR(.TFM_SP_META_PTR))
+ LONG (SIZEOF(.TFM_SP_META_PTR))
+#endif
__zero_table_end__ = .;
} > FLASH
@@ -339,6 +344,15 @@
} > RAM
#endif /* TFM_LVL == 1 */
+#if defined(TFM_SP_META_PTR_ENABLE)
+ .TFM_SP_META_PTR : ALIGN(32)
+ {
+ *(SP_META_PTR_SPRTL_INST)
+ } > RAM
+ Image$$TFM_SP_META_PTR$$RW$$Base = ADDR(.TFM_SP_META_PTR);
+ Image$$TFM_SP_META_PTR$$RW$$Limit = ADDR(.TFM_SP_META_PTR) + SIZEOF(.TFM_SP_META_PTR);
+#endif
+
/**** APPLICATION RoT DATA start here */
Image$$TFM_APP_RW_STACK_START$$Base = .;
diff --git a/platform/ext/target/nordic_nrf/common/core/spm_hal.c b/platform/ext/target/nordic_nrf/common/core/spm_hal.c
index ce41eb2..913a215 100644
--- a/platform/ext/target/nordic_nrf/common/core/spm_hal.c
+++ b/platform/ext/target/nordic_nrf/common/core/spm_hal.c
@@ -23,7 +23,7 @@
static struct mpu_armv8m_dev_t dev_mpu_s = { MPU_BASE };
#define PARTITION_REGION_PERIPH_START 5
-#define PARTITION_REGION_PERIPH_MAX_NUM 3
+#define PARTITION_REGION_PERIPH_MAX_NUM 2
static uint32_t periph_num_count = 0;
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
diff --git a/platform/ext/target/nordic_nrf/common/core/tfm_hal_isolation.c b/platform/ext/target/nordic_nrf/common/core/tfm_hal_isolation.c
index 5cf875b..df0b05b 100644
--- a/platform/ext/target/nordic_nrf/common/core/tfm_hal_isolation.c
+++ b/platform/ext/target/nordic_nrf/common/core/tfm_hal_isolation.c
@@ -19,6 +19,9 @@
#define MPU_REGION_NS_STACK 2
#define PARTITION_REGION_RO 3
#define PARTITION_REGION_RW_STACK 4
+#ifdef TFM_SP_META_PTR_ENABLE
+#define MPU_REGION_SP_META_PTR 7
+#endif /* TFM_SP_META_PTR_ENABLE*/
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE, $$RO$$Base);
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE, $$RO$$Limit);
@@ -28,6 +31,10 @@
REGION_DECLARE(Image$$, TFM_APP_RW_STACK_END, $$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Limit);
+#ifdef TFM_SP_META_PTR_ENABLE
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Base);
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Limit);
+#endif /* TFM_SP_META_PTR_ENABLE */
/* Get address of memory regions to configure MPU */
extern const struct memory_region_limits memory_regions;
@@ -120,6 +127,22 @@
if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK) {
return TFM_HAL_ERROR_GENERIC;
}
+
+#ifdef TFM_SP_META_PTR_ENABLE
+ /* TFM partition metadata poniter region */
+ region_cfg.region_nr = MPU_REGION_SP_META_PTR;
+ region_cfg.region_base =
+ (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Base);
+ region_cfg.region_limit =
+ (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Limit);
+ region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
+ region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
+ region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
+ region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
+ if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK) {
+ return TFM_HAL_ERROR_GENERIC;
+ }
+#endif /* TFM_SP_META_PTR_ENABLE */
#endif
mpu_armv8m_enable(&dev_mpu_s, PRIVILEGED_DEFAULT_ENABLE,
HARDFAULT_NMI_ENABLE);
diff --git a/platform/ext/target/nuvoton/m2351/device/source/armclang/m2351_s.sct b/platform/ext/target/nuvoton/m2351/device/source/armclang/m2351_s.sct
index 8c4b0b0..519aa9a 100644
--- a/platform/ext/target/nuvoton/m2351/device/source/armclang/m2351_s.sct
+++ b/platform/ext/target/nuvoton/m2351/device/source/armclang/m2351_s.sct
@@ -230,6 +230,12 @@
}
#endif /* !defined(TFM_PSA_API) */
+#if defined(TFM_SP_META_PTR_ENABLE)
+ TFM_SP_META_PTR +0 ALIGN 32 {
+ *(SP_META_PTR_SPRTL_INST)
+ }
+#endif
+
/**** APP RoT DATA start here */
/*
* This empty, zero long execution region is here to mark the start address
diff --git a/platform/ext/target/nuvoton/m2351/tfm_hal_isolation.c b/platform/ext/target/nuvoton/m2351/tfm_hal_isolation.c
index ced8262..a7c5762 100644
--- a/platform/ext/target/nuvoton/m2351/tfm_hal_isolation.c
+++ b/platform/ext/target/nuvoton/m2351/tfm_hal_isolation.c
@@ -21,6 +21,9 @@
#define MPU_REGION_NS_STACK 2
#define PARTITION_REGION_RO 3
#define PARTITION_REGION_RW_STACK 4
+#ifdef TFM_SP_META_PTR_ENABLE
+#define MPU_REGION_SP_META_PTR 7
+#endif /* TFM_SP_META_PTR_ENABLE */
REGION_DECLARE(Load$$LR$$, LR_VENEER, $$Base);
REGION_DECLARE(Load$$LR$$, LR_VENEER, $$Limit);
@@ -32,6 +35,10 @@
REGION_DECLARE(Image$$, TFM_APP_RW_STACK_END, $$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Limit);
+#ifdef TFM_SP_META_PTR_ENABLE
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Base);
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Limit);
+#endif /* TFM_SP_META_PTR_ENABLE */
const struct mpu_armv8m_region_cfg_t region_cfg[] = {
/* Veneer region */
@@ -83,7 +90,19 @@
MPU_ARMV8M_XN_EXEC_NEVER,
MPU_ARMV8M_AP_RW_PRIV_UNPRIV,
MPU_ARMV8M_SH_NONE
+ },
+#ifdef TFM_SP_META_PTR_ENABLE
+ /* TFM partition metadata pointer region */
+ {
+ MPU_REGION_SP_META_PTR,
+ (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Base),
+ (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Limit),
+ MPU_ARMV8M_MAIR_ATTR_DATA_IDX,
+ MPU_ARMV8M_XN_EXEC_NEVER,
+ MPU_ARMV8M_AP_RW_PRIV_UNPRIV,
+ MPU_ARMV8M_SH_NONE
}
+#endif
};
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
diff --git a/platform/ext/target/nxp/lpcxpresso55s69/spm_hal.c b/platform/ext/target/nxp/lpcxpresso55s69/spm_hal.c
index 81485b7..80c9c16 100755
--- a/platform/ext/target/nxp/lpcxpresso55s69/spm_hal.c
+++ b/platform/ext/target/nxp/lpcxpresso55s69/spm_hal.c
@@ -23,7 +23,7 @@
#ifdef CONFIG_TFM_ENABLE_MEMORY_PROTECT
#define PARTITION_REGION_PERIPH_START 5
-#define PARTITION_REGION_PERIPH_MAX_NUM 3
+#define PARTITION_REGION_PERIPH_MAX_NUM 2
uint32_t periph_num_count = 0;
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
diff --git a/platform/ext/target/nxp/lpcxpresso55s69/tfm_hal_isolation.c b/platform/ext/target/nxp/lpcxpresso55s69/tfm_hal_isolation.c
index 7fd1d10..b90445c 100644
--- a/platform/ext/target/nxp/lpcxpresso55s69/tfm_hal_isolation.c
+++ b/platform/ext/target/nxp/lpcxpresso55s69/tfm_hal_isolation.c
@@ -18,6 +18,9 @@
#define MPU_REGION_NS_STACK 2
#define PARTITION_REGION_RO 3
#define PARTITION_REGION_RW_STACK 4
+#ifdef TFM_SP_META_PTR_ENABLE
+#define MPU_REGION_SP_META_PTR 7
+#endif /* TFM_SP_META_PTR_ENABLE */
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE, $$RO$$Base);
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE, $$RO$$Limit);
@@ -27,6 +30,10 @@
REGION_DECLARE(Image$$, TFM_APP_RW_STACK_END, $$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Limit);
+#ifdef TFM_SP_META_PTR_ENABLE
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Base);
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Limit);
+#endif
/* Get address of memory regions to configure MPU */
extern const struct memory_region_limits memory_regions;
@@ -124,6 +131,22 @@
return TFM_HAL_ERROR_GENERIC;
}
+#ifdef TFM_SP_META_PTR_ENABLE
+ /* TFM partition metadata pointer region */
+ region_cfg.region_nr = MPU_REGION_SP_META_PTR;
+ region_cfg.region_base =
+ (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Base);
+ region_cfg.region_limit =
+ (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Limit);
+ region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
+ region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
+ region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
+ region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
+ if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK) {
+ return TFM_HAL_ERROR_GENERIC;
+ }
+#endif
+
mpu_armv8m_enable(&dev_mpu_s, PRIVILEGED_DEFAULT_ENABLE,
HARDFAULT_NMI_ENABLE);
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
diff --git a/platform/ext/target/stm/common/stm32l5xx/secure/tfm_hal_isolation.c b/platform/ext/target/stm/common/stm32l5xx/secure/tfm_hal_isolation.c
index 9ccc9ca..17245b5 100644
--- a/platform/ext/target/stm/common/stm32l5xx/secure/tfm_hal_isolation.c
+++ b/platform/ext/target/stm/common/stm32l5xx/secure/tfm_hal_isolation.c
@@ -27,8 +27,16 @@
#define MPU_REGION_NS_DATA 2
#endif
+#ifdef TFM_SP_META_PTR_ENABLE
+#define MPU_REGION_SP_META_PTR 7
+#endif /* TFM_SP_META_PTR_ENABLE */
+
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE, $$RO$$Base);
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE, $$RO$$Limit);
+#ifdef TFM_SP_META_PTR_ENABLE
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Base);
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Limit);
+#endif
#ifndef TFM_PSA_API
REGION_DECLARE(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Base);
REGION_DECLARE(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Limit);
@@ -142,6 +150,22 @@
return TFM_HAL_ERROR_GENERIC;
}
+#ifdef TFM_SP_META_PTR_ENABLE
+ /* TFM partition metadata pointer region */
+ region_cfg.region_nr = MPU_REGION_SP_META_PTR;
+ region_cfg.region_base =
+ (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Base);
+ region_cfg.region_limit =
+ (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Limit);
+ region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
+ region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
+ region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
+ region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
+ if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK) {
+ return TFM_HAL_ERROR_GENERIC;
+ }
+#endif
+
#if TFM_LVL == 3
/* TFM Core unprivileged non-secure data region */
region_cfg.region_nr = MPU_REGION_NS_DATA;
diff --git a/secure_fw/partitions/lib/sprt/CMakeLists.txt b/secure_fw/partitions/lib/sprt/CMakeLists.txt
index f2c054b..2c98069 100644
--- a/secure_fw/partitions/lib/sprt/CMakeLists.txt
+++ b/secure_fw/partitions/lib/sprt/CMakeLists.txt
@@ -23,6 +23,7 @@
./service_api.c
$<$<NOT:$<STREQUAL:${TFM_PARTITION_LOG_LEVEL},${TFM_PARTITION_LOG_LEVEL_SILENCE}>>:./tfm_sp_log_raw.c>
$<$<NOT:$<STREQUAL:${TFM_PARTITION_LOG_LEVEL},${TFM_PARTITION_LOG_LEVEL_SILENCE}>>:${CMAKE_SOURCE_DIR}/platform/ext/common/tfm_hal_sp_logdev_periph.c>
+ $<$<BOOL:${TFM_SP_META_PTR_ENABLE}>:./sprt_partition_metadata_indicator.c>
)
target_link_libraries(tfm_sprt
diff --git a/secure_fw/partitions/lib/sprt/sprt_partition_metadata_indicator.c b/secure_fw/partitions/lib/sprt/sprt_partition_metadata_indicator.c
new file mode 100644
index 0000000..39268c0
--- /dev/null
+++ b/secure_fw/partitions/lib/sprt/sprt_partition_metadata_indicator.c
@@ -0,0 +1,11 @@
+/*
+ * Copyright (c) 2020, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#include <stdint.h>
+
+__attribute__((section("SP_META_PTR_SPRTL_INST")))
+uintptr_t p_partition_metadata;
diff --git a/secure_fw/spm/cmsis_psa/tfm_multi_core_mem_check.c b/secure_fw/spm/cmsis_psa/tfm_multi_core_mem_check.c
index 0d8158e..1b44be2 100644
--- a/secure_fw/spm/cmsis_psa/tfm_multi_core_mem_check.c
+++ b/secure_fw/spm/cmsis_psa/tfm_multi_core_mem_check.c
@@ -97,6 +97,10 @@
#if TFM_LVL == 2
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE, $$RO$$Base);
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE, $$RO$$Limit);
+#ifdef TFM_SP_META_PTR_ENABLE
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Base);
+REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$RW$$Limit);
+#endif /* TFM_SP_META_PTR_ENABLE */
REGION_DECLARE(Image$$, TFM_APP_CODE_START, $$Base);
REGION_DECLARE(Image$$, TFM_APP_CODE_END, $$Base);
REGION_DECLARE(Image$$, TFM_APP_RW_STACK_START, $$Base);
@@ -147,6 +151,20 @@
return;
}
+#ifdef TFM_SP_META_PTR_ENABLE
+ /* TFM partition metadata pointer region */
+ base = (uintptr_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Base);
+ limit = (uintptr_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$RW$$Limit) - 1;
+ if (check_address_range(p, s, base, limit) == TFM_SUCCESS) {
+ p_attr->is_priv_rd_allow = true;
+ p_attr->is_priv_wr_allow = true;
+ p_attr->is_unpriv_rd_allow = true;
+ p_attr->is_unpriv_wr_allow = true;
+ p_attr->is_xn = true;
+ return;
+ }
+#endif
+
/* APP RoT partition RO region */
base = (uintptr_t)®ION_NAME(Image$$, TFM_APP_CODE_START, $$Base);
limit = (uintptr_t)®ION_NAME(Image$$, TFM_APP_CODE_END, $$Base) - 1;