Interface: Fix veneer function naming
Some veneer functions are named with "tfm_tfm_" prefix. It is confusing
and unfriendly to NS integration.
This patch unifies the prefix of all the veneer function as "tfm_"
- Fix the duplicated "tfm_" prefixes by checking secure function prefix
in tfm_veneer template.
- Replace all the "tfm_tfm_" prefixes with "tfm_".
Change-Id: Id658486f49f4a6f1f22fd3897be27865889474ae
Signed-off-by: David Hu <david.hu@arm.com>
diff --git a/interface/include/tfm_veneers.h.template b/interface/include/tfm_veneers.h.template
index 502dee2..ee17d3f 100644
--- a/interface/include/tfm_veneers.h.template
+++ b/interface/include/tfm_veneers.h.template
@@ -22,7 +22,14 @@
{% endif %}
/******** {{partition.manifest.name}} ********/
{% for function in partition.manifest.secure_functions%}
+ {% if function.signal.lower().startswith('tfm_') %}
+ {# If signal already contains tfm_ prefix, avoid adding a duplicated one
+ in veneer function name.
+ #}
+psa_status_t {{function.signal.lower()}}_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len);
+ {% else %}
psa_status_t tfm_{{function.signal.lower()}}_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len);
+ {% endif %}
{% endfor %}
{% if partition.attr.conditional %}
#endif /* {{partition.attr.conditional}} */
diff --git a/interface/src/tfm_audit_func_api.c b/interface/src/tfm_audit_func_api.c
index 4141970..e433dff 100644
--- a/interface/src/tfm_audit_func_api.c
+++ b/interface/src/tfm_audit_func_api.c
@@ -11,17 +11,17 @@
#include "tfm_ns_interface.h"
#define API_DISPATCH(sfn_name) \
- tfm_ns_interface_dispatch((veneer_fn)tfm_##sfn_name##_veneer, \
+ tfm_ns_interface_dispatch((veneer_fn)sfn_name##_veneer, \
(uint32_t)in_vec, IOVEC_LEN(in_vec), \
(uint32_t)out_vec, IOVEC_LEN(out_vec))
#define API_DISPATCH_NO_INVEC(sfn_name) \
- tfm_ns_interface_dispatch((veneer_fn)tfm_##sfn_name##_veneer, \
+ tfm_ns_interface_dispatch((veneer_fn)sfn_name##_veneer, \
(uint32_t)NULL, 0, \
(uint32_t)out_vec, IOVEC_LEN(out_vec))
#define API_DISPATCH_NO_OUTVEC(sfn_name) \
- tfm_ns_interface_dispatch((veneer_fn)tfm_##sfn_name##_veneer, \
+ tfm_ns_interface_dispatch((veneer_fn)sfn_name##_veneer, \
(uint32_t)in_vec, IOVEC_LEN(in_vec), \
(uint32_t)NULL, 0)
@@ -41,7 +41,7 @@
{.base = buffer, .len = buffer_size},
};
- status = API_DISPATCH(audit_core_retrieve_record);
+ status = API_DISPATCH(tfm_audit_core_retrieve_record);
*record_size = out_vec[0].len;
@@ -56,7 +56,7 @@
{.base = size, .len = sizeof(uint32_t)},
};
- status = API_DISPATCH_NO_INVEC(audit_core_get_info);
+ status = API_DISPATCH_NO_INVEC(tfm_audit_core_get_info);
return status;
}
@@ -72,7 +72,7 @@
{.base = size, .len = sizeof(uint32_t)},
};
- status = API_DISPATCH(audit_core_get_record_info);
+ status = API_DISPATCH(tfm_audit_core_get_record_info);
return status;
}
@@ -87,7 +87,7 @@
{.base = token, .len = token_size},
};
- status = API_DISPATCH_NO_OUTVEC(audit_core_delete_record);
+ status = API_DISPATCH_NO_OUTVEC(tfm_audit_core_delete_record);
return status;
}
diff --git a/interface/src/tfm_crypto_func_api.c b/interface/src/tfm_crypto_func_api.c
index 3286997..c8e6576 100644
--- a/interface/src/tfm_crypto_func_api.c
+++ b/interface/src/tfm_crypto_func_api.c
@@ -12,12 +12,12 @@
#include "tfm_ns_interface.h"
#define API_DISPATCH(sfn_name, sfn_id) \
- tfm_ns_interface_dispatch((veneer_fn)tfm_##sfn_name##_veneer,\
+ tfm_ns_interface_dispatch((veneer_fn)sfn_name##_veneer, \
(uint32_t)in_vec, IOVEC_LEN(in_vec), \
(uint32_t)out_vec, IOVEC_LEN(out_vec))
#define API_DISPATCH_NO_OUTVEC(sfn_name, sfn_id) \
- tfm_ns_interface_dispatch((veneer_fn)tfm_##sfn_name##_veneer,\
+ tfm_ns_interface_dispatch((veneer_fn)sfn_name##_veneer, \
(uint32_t)in_vec, IOVEC_LEN(in_vec), \
(uint32_t)NULL, 0)
diff --git a/interface/src/tfm_firmware_update_func_api.c b/interface/src/tfm_firmware_update_func_api.c
index 1d34d03..4870288 100644
--- a/interface/src/tfm_firmware_update_func_api.c
+++ b/interface/src/tfm_firmware_update_func_api.c
@@ -24,7 +24,7 @@
{ .base = block, .len = block_size }
};
- status = tfm_ns_interface_dispatch((veneer_fn)tfm_tfm_fwu_write_req_veneer,
+ status = tfm_ns_interface_dispatch((veneer_fn)tfm_fwu_write_req_veneer,
(uint32_t)in_vec, IOVEC_LEN(in_vec),
(uint32_t)NULL, 0);
@@ -54,7 +54,7 @@
return PSA_ERROR_INVALID_ARGUMENT;
}
- status = tfm_ns_interface_dispatch((veneer_fn)tfm_tfm_fwu_install_req_veneer,
+ status = tfm_ns_interface_dispatch((veneer_fn)tfm_fwu_install_req_veneer,
(uint32_t)in_vec, IOVEC_LEN(in_vec),
(uint32_t)out_vec, IOVEC_LEN(out_vec));
@@ -73,7 +73,7 @@
{ .base = &image_id, .len = sizeof(image_id) }
};
- status = tfm_ns_interface_dispatch((veneer_fn)tfm_tfm_fwu_abort_req_veneer,
+ status = tfm_ns_interface_dispatch((veneer_fn)tfm_fwu_abort_req_veneer,
(uint32_t)in_vec, IOVEC_LEN(in_vec),
(uint32_t)NULL, 0);
@@ -95,7 +95,7 @@
{ .base = info, .len = sizeof(*info)}
};
- status = tfm_ns_interface_dispatch((veneer_fn)tfm_tfm_fwu_query_req_veneer,
+ status = tfm_ns_interface_dispatch((veneer_fn)tfm_fwu_query_req_veneer,
(uint32_t)in_vec, IOVEC_LEN(in_vec),
(uint32_t)out_vec, IOVEC_LEN(out_vec));
@@ -110,9 +110,10 @@
{
psa_status_t status;
- status = tfm_ns_interface_dispatch((veneer_fn)tfm_tfm_fwu_request_reboot_req_veneer,
- (uint32_t)NULL, 0,
- (uint32_t)NULL, 0);
+ status = tfm_ns_interface_dispatch(
+ (veneer_fn)tfm_fwu_request_reboot_req_veneer,
+ (uint32_t)NULL, 0,
+ (uint32_t)NULL, 0);
if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) {
return PSA_ERROR_INVALID_ARGUMENT;
@@ -125,7 +126,7 @@
{
psa_status_t status;
- status = tfm_ns_interface_dispatch((veneer_fn)tfm_tfm_fwu_accept_req_veneer,
+ status = tfm_ns_interface_dispatch((veneer_fn)tfm_fwu_accept_req_veneer,
(uint32_t)NULL, 0,
(uint32_t)NULL, 0);
diff --git a/interface/src/tfm_its_func_api.c b/interface/src/tfm_its_func_api.c
index b554a34..da126d7 100644
--- a/interface/src/tfm_its_func_api.c
+++ b/interface/src/tfm_its_func_api.c
@@ -24,7 +24,7 @@
{ .base = &create_flags, .len = sizeof(create_flags) }
};
- status = tfm_ns_interface_dispatch((veneer_fn)tfm_tfm_its_set_req_veneer,
+ status = tfm_ns_interface_dispatch((veneer_fn)tfm_its_set_req_veneer,
(uint32_t)in_vec, IOVEC_LEN(in_vec),
(uint32_t)NULL, 0);
@@ -56,7 +56,7 @@
return PSA_ERROR_INVALID_ARGUMENT;
}
- status = tfm_ns_interface_dispatch((veneer_fn)tfm_tfm_its_get_req_veneer,
+ status = tfm_ns_interface_dispatch((veneer_fn)tfm_its_get_req_veneer,
(uint32_t)in_vec, IOVEC_LEN(in_vec),
(uint32_t)out_vec, IOVEC_LEN(out_vec));
@@ -82,10 +82,9 @@
{ .base = p_info, .len = sizeof(*p_info) }
};
- status = tfm_ns_interface_dispatch(
- (veneer_fn)tfm_tfm_its_get_info_req_veneer,
- (uint32_t)in_vec, IOVEC_LEN(in_vec),
- (uint32_t)out_vec, IOVEC_LEN(out_vec));
+ status = tfm_ns_interface_dispatch((veneer_fn)tfm_its_get_info_req_veneer,
+ (uint32_t)in_vec, IOVEC_LEN(in_vec),
+ (uint32_t)out_vec, IOVEC_LEN(out_vec));
if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) {
return PSA_ERROR_INVALID_ARGUMENT;
@@ -100,7 +99,7 @@
{ .base = &uid, .len = sizeof(uid) }
};
- return tfm_ns_interface_dispatch((veneer_fn)tfm_tfm_its_remove_req_veneer,
+ return tfm_ns_interface_dispatch((veneer_fn)tfm_its_remove_req_veneer,
(uint32_t)in_vec, IOVEC_LEN(in_vec),
(uint32_t)NULL, 0);
}
diff --git a/interface/src/tfm_ps_func_api.c b/interface/src/tfm_ps_func_api.c
index 4674a35..ea6e1c8 100644
--- a/interface/src/tfm_ps_func_api.c
+++ b/interface/src/tfm_ps_func_api.c
@@ -22,10 +22,9 @@
{ .base = &create_flags, .len = sizeof(create_flags) }
};
- status = tfm_ns_interface_dispatch(
- (veneer_fn)tfm_tfm_ps_set_req_veneer,
- (uint32_t)in_vec, IOVEC_LEN(in_vec),
- (uint32_t)NULL, 0);
+ status = tfm_ns_interface_dispatch((veneer_fn)tfm_ps_set_req_veneer,
+ (uint32_t)in_vec, IOVEC_LEN(in_vec),
+ (uint32_t)NULL, 0);
/* A parameter with a buffer pointer pointer that has data length longer
* than maximum permitted is treated as a secure violation.
@@ -57,10 +56,9 @@
return PSA_ERROR_INVALID_ARGUMENT;
}
- status = tfm_ns_interface_dispatch(
- (veneer_fn)tfm_tfm_ps_get_req_veneer,
- (uint32_t)in_vec, IOVEC_LEN(in_vec),
- (uint32_t)out_vec, IOVEC_LEN(out_vec));
+ status = tfm_ns_interface_dispatch((veneer_fn)tfm_ps_get_req_veneer,
+ (uint32_t)in_vec, IOVEC_LEN(in_vec),
+ (uint32_t)out_vec, IOVEC_LEN(out_vec));
*p_data_length = out_vec[0].len;
@@ -79,10 +77,9 @@
{ .base = p_info, .len = sizeof(*p_info) }
};
- status = tfm_ns_interface_dispatch(
- (veneer_fn)tfm_tfm_ps_get_info_req_veneer,
- (uint32_t)in_vec, IOVEC_LEN(in_vec),
- (uint32_t)out_vec, IOVEC_LEN(out_vec));
+ status = tfm_ns_interface_dispatch((veneer_fn)tfm_ps_get_info_req_veneer,
+ (uint32_t)in_vec, IOVEC_LEN(in_vec),
+ (uint32_t)out_vec, IOVEC_LEN(out_vec));
return status;
}
@@ -94,10 +91,9 @@
{ .base = &uid, .len = sizeof(uid) }
};
- status = tfm_ns_interface_dispatch(
- (veneer_fn)tfm_tfm_ps_remove_req_veneer,
- (uint32_t)in_vec, IOVEC_LEN(in_vec),
- (uint32_t)NULL, 0);
+ status = tfm_ns_interface_dispatch((veneer_fn)tfm_ps_remove_req_veneer,
+ (uint32_t)in_vec, IOVEC_LEN(in_vec),
+ (uint32_t)NULL, 0);
return status;
}
@@ -135,10 +131,9 @@
{ .base = &support_flags, .len = sizeof(support_flags) }
};
- (void)tfm_ns_interface_dispatch(
- (veneer_fn)tfm_tfm_ps_get_support_req_veneer,
- (uint32_t)NULL, 0,
- (uint32_t)out_vec, IOVEC_LEN(out_vec));
+ (void)tfm_ns_interface_dispatch((veneer_fn)tfm_ps_get_support_req_veneer,
+ (uint32_t)NULL, 0,
+ (uint32_t)out_vec, IOVEC_LEN(out_vec));
return support_flags;
}
diff --git a/secure_fw/partitions/crypto/tfm_crypto_secure_api.c b/secure_fw/partitions/crypto/tfm_crypto_secure_api.c
index 1c136d1..5bd40da 100644
--- a/secure_fw/partitions/crypto/tfm_crypto_secure_api.c
+++ b/secure_fw/partitions/crypto/tfm_crypto_secure_api.c
@@ -36,12 +36,12 @@
(psa_outvec *)NULL, 0)
#else
#define API_DISPATCH(sfn_name, sfn_id) \
- tfm_##sfn_name##_veneer( \
+ sfn_name##_veneer( \
in_vec, ARRAY_SIZE(in_vec), \
out_vec, ARRAY_SIZE(out_vec))
#define API_DISPATCH_NO_OUTVEC(sfn_name, sfn_id) \
- tfm_##sfn_name##_veneer( \
+ sfn_name##_veneer( \
in_vec, ARRAY_SIZE(in_vec), \
NULL, 0)
#endif /* TFM_PSA_API */
diff --git a/secure_fw/partitions/firmware_update/tfm_fwu_secure_api.c b/secure_fw/partitions/firmware_update/tfm_fwu_secure_api.c
index a1663b4..aefd1b6 100644
--- a/secure_fw/partitions/firmware_update/tfm_fwu_secure_api.c
+++ b/secure_fw/partitions/firmware_update/tfm_fwu_secure_api.c
@@ -42,10 +42,7 @@
psa_close(handle);
#else
- status = tfm_tfm_fwu_write_req_veneer(in_vec,
- IOVEC_LEN(in_vec),
- NULL,
- 0);
+ status = tfm_fwu_write_req_veneer(in_vec, IOVEC_LEN(in_vec), NULL, 0);
#endif
/* A parameter with a buffer pointer where its data length is longer than
@@ -94,8 +91,8 @@
psa_close(handle);
#else
- status = tfm_tfm_fwu_install_req_veneer(in_vec, IOVEC_LEN(in_vec),
- out_vec, IOVEC_LEN(out_vec));
+ status = tfm_fwu_install_req_veneer(in_vec, IOVEC_LEN(in_vec),
+ out_vec, IOVEC_LEN(out_vec));
#endif
/* A parameter with a buffer pointer where its data length is longer than
@@ -133,8 +130,8 @@
psa_close(handle);
#else
- status = tfm_tfm_fwu_abort_req_veneer(in_vec, IOVEC_LEN(in_vec),
- NULL, 0);
+ status = tfm_fwu_abort_req_veneer(in_vec, IOVEC_LEN(in_vec),
+ NULL, 0);
#endif
/* A parameter with a buffer pointer where its data length is longer than
@@ -175,8 +172,8 @@
psa_close(handle);
#else
- status = tfm_tfm_fwu_query_req_veneer(in_vec, IOVEC_LEN(in_vec),
- out_vec, IOVEC_LEN(out_vec));
+ status = tfm_fwu_query_req_veneer(in_vec, IOVEC_LEN(in_vec),
+ out_vec, IOVEC_LEN(out_vec));
#endif
if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) {
@@ -204,7 +201,7 @@
psa_close(handle);
#else
- status = tfm_tfm_fwu_request_reboot_req_veneer(NULL, 0, NULL, 0);
+ status = tfm_fwu_request_reboot_req_veneer(NULL, 0, NULL, 0);
#endif
if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) {
@@ -232,7 +229,7 @@
psa_close(handle);
#else
- status = tfm_tfm_fwu_accept_req_veneer(NULL, 0, NULL, 0);
+ status = tfm_fwu_accept_req_veneer(NULL, 0, NULL, 0);
#endif
if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) {
diff --git a/secure_fw/partitions/internal_trusted_storage/tfm_its_secure_api.c b/secure_fw/partitions/internal_trusted_storage/tfm_its_secure_api.c
index 260d4aa..491d16d 100644
--- a/secure_fw/partitions/internal_trusted_storage/tfm_its_secure_api.c
+++ b/secure_fw/partitions/internal_trusted_storage/tfm_its_secure_api.c
@@ -42,7 +42,7 @@
psa_close(handle);
#else
- status = tfm_tfm_its_set_req_veneer(in_vec, IOVEC_LEN(in_vec), NULL, 0);
+ status = tfm_its_set_req_veneer(in_vec, IOVEC_LEN(in_vec), NULL, 0);
/* A parameter with a buffer pointer where its data length is longer than
* maximum permitted, it is treated as a secure violation.
@@ -93,8 +93,8 @@
psa_close(handle);
#else
- status = tfm_tfm_its_get_req_veneer(in_vec, IOVEC_LEN(in_vec),
- out_vec, IOVEC_LEN(out_vec));
+ status = tfm_its_get_req_veneer(in_vec, IOVEC_LEN(in_vec),
+ out_vec, IOVEC_LEN(out_vec));
/* A parameter with a buffer pointer where its data length is longer than
* maximum permitted or a parameter with a null pointer, it is treated as a
@@ -139,8 +139,8 @@
psa_close(handle);
#else
- status = tfm_tfm_its_get_info_req_veneer(in_vec, IOVEC_LEN(in_vec),
- out_vec, IOVEC_LEN(out_vec));
+ status = tfm_its_get_info_req_veneer(in_vec, IOVEC_LEN(in_vec),
+ out_vec, IOVEC_LEN(out_vec));
/* A parameter with a null pointer is treated as a secure violation.
* TF-M framework rejects the request with TFM_ERROR_INVALID_PARAMETER.
@@ -177,7 +177,7 @@
psa_close(handle);
#else
- status = tfm_tfm_its_remove_req_veneer(in_vec, IOVEC_LEN(in_vec), NULL, 0);
+ status = tfm_its_remove_req_veneer(in_vec, IOVEC_LEN(in_vec), NULL, 0);
#endif
return status;
diff --git a/secure_fw/partitions/protected_storage/tfm_ps_secure_api.c b/secure_fw/partitions/protected_storage/tfm_ps_secure_api.c
index b9a45c6..c6b6e80 100644
--- a/secure_fw/partitions/protected_storage/tfm_ps_secure_api.c
+++ b/secure_fw/partitions/protected_storage/tfm_ps_secure_api.c
@@ -40,8 +40,7 @@
psa_close(handle);
#else
- status = tfm_tfm_ps_set_req_veneer(in_vec, IOVEC_LEN(in_vec),
- NULL, 0);
+ status = tfm_ps_set_req_veneer(in_vec, IOVEC_LEN(in_vec), NULL, 0);
/* A parameter with a buffer pointer pointer that has data length longer
* than maximum permitted is treated as a secure violation.
@@ -90,8 +89,8 @@
psa_close(handle);
#else
- status = tfm_tfm_ps_get_req_veneer(in_vec, IOVEC_LEN(in_vec),
- out_vec, IOVEC_LEN(out_vec));
+ status = tfm_ps_get_req_veneer(in_vec, IOVEC_LEN(in_vec),
+ out_vec, IOVEC_LEN(out_vec));
/* A parameter with a buffer pointer pointer that has data length longer
* than maximum permitted is treated as a secure violation.
@@ -134,8 +133,8 @@
psa_close(handle);
#else
- status = tfm_tfm_ps_get_info_req_veneer(in_vec, IOVEC_LEN(in_vec),
- out_vec, IOVEC_LEN(out_vec));
+ status = tfm_ps_get_info_req_veneer(in_vec, IOVEC_LEN(in_vec),
+ out_vec, IOVEC_LEN(out_vec));
if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) {
return PSA_ERROR_INVALID_ARGUMENT;
}
@@ -167,8 +166,7 @@
psa_close(handle);
#else
- status = tfm_tfm_ps_remove_req_veneer(in_vec, IOVEC_LEN(in_vec),
- NULL, 0);
+ status = tfm_ps_remove_req_veneer(in_vec, IOVEC_LEN(in_vec), NULL, 0);
if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) {
return PSA_ERROR_INVALID_ARGUMENT;
}
@@ -225,8 +223,7 @@
psa_close(handle);
#else
- (void)tfm_tfm_ps_get_support_req_veneer(NULL, 0,
- out_vec, IOVEC_LEN(out_vec));
+ (void)tfm_ps_get_support_req_veneer(NULL, 0, out_vec, IOVEC_LEN(out_vec));
#endif
return support_flags;
diff --git a/secure_fw/spm/cmsis_func/tfm_veneers.c.template b/secure_fw/spm/cmsis_func/tfm_veneers.c.template
index 45cdb86..307381a 100644
--- a/secure_fw/spm/cmsis_func/tfm_veneers.c.template
+++ b/secure_fw/spm/cmsis_func/tfm_veneers.c.template
@@ -24,12 +24,12 @@
{% endfor %}
-#define TFM_VENEER_FUNCTION(partition_name, sfn_name) \
+#define TFM_VENEER_FUNCTION(partition_name, func_name, sfn_name) \
__tfm_secure_gateway_attributes__ \
- psa_status_t tfm_##sfn_name##_veneer(psa_invec *in_vec, \
- size_t in_len, \
- psa_outvec *out_vec, \
- size_t out_len) \
+ psa_status_t func_name##_veneer(psa_invec *in_vec, \
+ size_t in_len, \
+ psa_outvec *out_vec, \
+ size_t out_len) \
{ \
bool is_ns = tfm_core_is_ns_client(); \
\
@@ -45,7 +45,14 @@
{% endif %}
/******** {{partition.manifest.name}} ********/
{% for sec_func in partition.manifest.secure_functions %}
-TFM_VENEER_FUNCTION({{partition.manifest.name}}, {{sec_func.signal.lower()}})
+ {% if sec_func.signal.lower().startswith('tfm_') %}
+ {# If signal already contains tfm_ prefix, avoid adding a duplicated one
+ in veneer function name.
+ #}
+TFM_VENEER_FUNCTION({{partition.manifest.name}}, {{sec_func.signal.lower()}}, {{sec_func.signal.lower()}})
+ {% else %}
+TFM_VENEER_FUNCTION({{partition.manifest.name}}, tfm_{{sec_func.signal.lower()}}, {{sec_func.signal.lower()}})
+ {% endif %}
{% endfor %}
{% if partition.attr.conditional %}
#endif /* {{partition.attr.conditional}} */