SPM: Set features with config header file
Signed-off-by: Xinyu Zhang <xinyu.zhang@arm.com>
Change-Id: Ie9dd99456a3ad8cb3d7601d484c0f396b201c448
diff --git a/config/config_base.cmake b/config/config_base.cmake
index ec75abf..de8e811 100755
--- a/config/config_base.cmake
+++ b/config/config_base.cmake
@@ -26,7 +26,6 @@
set(PSA_FRAMEWORK_HAS_MM_IOVEC OFF CACHE BOOL "Enable MM-IOVEC")
set(TFM_PROFILE "" CACHE STRING "Profile to use")
set(TFM_FIH_PROFILE OFF CACHE STRING "Fault injection hardening profile [OFF, LOW, MEDIUM, HIGH]")
-set(CONFIG_TFM_CONN_HANDLE_MAX_NUM 8 CACHE STRING "The maximal number of secure services that are connected or requested at the same time")
set(CONFIG_TFM_SPM_BACKEND "SFN" CACHE STRING "The SPM backend [IPC, SFN]")
# An NSPE client_id is provided by the NSPE OS via the SPM or directly by the SPM.
@@ -58,8 +57,6 @@
set(CONFIG_TFM_HALT_ON_CORE_PANIC OFF CACHE BOOL "On fatal errors in the secure firmware, halt instead of rebooting.")
-set(CONFIG_TFM_DOORBELL_API ON CACHE BOOL "Enable the doorbell APIs")
-
set(CONFIG_TFM_STACK_WATERMARKS OFF CACHE BOOL "Whether to pre-fill partition stacks with a set value to help determine stack usage")
set(PROJECT_CONFIG_HEADER_FILE "${CMAKE_SOURCE_DIR}/config/config_base.h" CACHE FILEPATH "User defined header file for TF-M config")
diff --git a/config/config_base.h b/config/config_base.h
index ea9f3bc..ebe1e21 100644
--- a/config/config_base.h
+++ b/config/config_base.h
@@ -146,4 +146,12 @@
/* The stack size of the Protected Storage Secure Partition */
#define PS_STACK_SIZE 0x700
+/* SPM Partition Configs */
+
+/* The maximal number of secure services that are connected or requested at the same time */
+#define CONFIG_TFM_CONN_HANDLE_MAX_NUM 8
+
+/* Enable the doorbell APIs */
+#define CONFIG_TFM_DOORBELL_API 1
+
#endif /* __CONFIG_BASE_H__ */
diff --git a/config/profile/config_profile_large.h b/config/profile/config_profile_large.h
index 37f0ce4..73b172b 100644
--- a/config/profile/config_profile_large.h
+++ b/config/profile/config_profile_large.h
@@ -146,4 +146,12 @@
/* The stack size of the Protected Storage Secure Partition */
#define PS_STACK_SIZE 0x700
+/* SPM Partition Configs */
+
+/* The maximal number of secure services that are connected or requested at the same time */
+#define CONFIG_TFM_CONN_HANDLE_MAX_NUM 8
+
+/* Enable the doorbell APIs */
+#define CONFIG_TFM_DOORBELL_API 1
+
#endif /* __CONFIG_PROFILE_LARGE_H__ */
diff --git a/config/profile/config_profile_medium.h b/config/profile/config_profile_medium.h
index 905eafe..748c847 100644
--- a/config/profile/config_profile_medium.h
+++ b/config/profile/config_profile_medium.h
@@ -143,4 +143,12 @@
/* The stack size of the Protected Storage Secure Partition */
#define PS_STACK_SIZE 0x700
+/* SPM Partition Configs */
+
+/* The maximal number of secure services that are connected or requested at the same time */
+#define CONFIG_TFM_CONN_HANDLE_MAX_NUM 8
+
+/* Enable the doorbell APIs */
+#define CONFIG_TFM_DOORBELL_API 1
+
#endif /* __CONFIG_PROFILE_MEDIUM_H__ */
diff --git a/config/profile/config_profile_medium_arotless.h b/config/profile/config_profile_medium_arotless.h
index 0e6f1db..14b8803 100644
--- a/config/profile/config_profile_medium_arotless.h
+++ b/config/profile/config_profile_medium_arotless.h
@@ -143,4 +143,12 @@
/* The stack size of the Protected Storage Secure Partition */
#define PS_STACK_SIZE 0x700
+/* SPM Partition Configs */
+
+/* The maximal number of secure services that are connected or requested at the same time */
+#define CONFIG_TFM_CONN_HANDLE_MAX_NUM 8
+
+/* Enable the doorbell APIs */
+#define CONFIG_TFM_DOORBELL_API 1
+
#endif /* __CONFIG_PROFILE_MEDIUM_AROTLESS_H__ */
diff --git a/config/profile/config_profile_small.h b/config/profile/config_profile_small.h
index 4178638..98a7b9f 100644
--- a/config/profile/config_profile_small.h
+++ b/config/profile/config_profile_small.h
@@ -140,4 +140,12 @@
/* The stack size of the Protected Storage Secure Partition */
#define PS_STACK_SIZE 0x700
+/* SPM Partition Configs */
+
+/* The maximal number of secure services that are connected or requested at the same time */
+#define CONFIG_TFM_CONN_HANDLE_MAX_NUM 3
+
+/* Enable the doorbell APIs */
+#define CONFIG_TFM_DOORBELL_API 1
+
#endif /* __CONFIG_PROFILE_SMALL_H__ */
diff --git a/config/profile/profile_small.cmake b/config/profile/profile_small.cmake
index c8ec10e..2eeb290 100644
--- a/config/profile/profile_small.cmake
+++ b/config/profile/profile_small.cmake
@@ -26,7 +26,6 @@
################################## Advanced options #############################
set(PSA_FRAMEWORK_HAS_MM_IOVEC ON CACHE BOOL "Enable MM-IOVEC")
-set(CONFIG_TFM_CONN_HANDLE_MAX_NUM 3 CACHE STRING "The maximal number of secure services that are connected or requested at the same time")
set(MCUBOOT_IMAGE_NUMBER 1 CACHE STRING "Whether to combine S and NS into either 1 image, or sign each seperately")
################################## Dependencies ################################
diff --git a/config/tests/config_test_psa_api.h b/config/tests/config_test_psa_api.h
index f2227b5..90d2355 100644
--- a/config/tests/config_test_psa_api.h
+++ b/config/tests/config_test_psa_api.h
@@ -146,4 +146,12 @@
/* The stack size of the Protected Storage Secure Partition */
#define PS_STACK_SIZE 0x700
+/* SPM Partition Configs */
+
+/* The maximal number of secure services that are connected or requested at the same time */
+#define CONFIG_TFM_CONN_HANDLE_MAX_NUM 8
+
+/* Enable the doorbell APIs */
+#define CONFIG_TFM_DOORBELL_API 1
+
#endif /* __CONFIG_TEST_PSA_API_H__ */
diff --git a/config/tests/config_test_psa_api_crypto.h b/config/tests/config_test_psa_api_crypto.h
index 8387fdb..68b2a73 100644
--- a/config/tests/config_test_psa_api_crypto.h
+++ b/config/tests/config_test_psa_api_crypto.h
@@ -150,4 +150,12 @@
/* The stack size of the Protected Storage Secure Partition */
#define PS_STACK_SIZE 0x700
+/* SPM Partition Configs */
+
+/* The maximal number of secure services that are connected or requested at the same time */
+#define CONFIG_TFM_CONN_HANDLE_MAX_NUM 8
+
+/* Enable the doorbell APIs */
+#define CONFIG_TFM_DOORBELL_API 1
+
#endif /* __CONFIG_BASE_H__ */
diff --git a/config/tfm_sfn_config_default.cmake b/config/tfm_sfn_config_default.cmake
index 6a01a0f..2235d6a 100644
--- a/config/tfm_sfn_config_default.cmake
+++ b/config/tfm_sfn_config_default.cmake
@@ -10,7 +10,6 @@
############################ Partitions ########################################
set(CONFIG_TFM_SPM_BACKEND "SFN" CACHE STRING "The SPM backend [IPC, SFN]")
-set(CONFIG_TFM_DOORBELL_API OFF CACHE BOOL "Enable the doorbell APIs")
set(CONFIG_TFM_SPM_BACKEND_IPC OFF)
set(CONFIG_TFM_SPM_BACKEND_SFN ON)
set(CONFIG_TFM_PARTITION_META OFF)
diff --git a/interface/CMakeLists.txt b/interface/CMakeLists.txt
index ec4e5af..d473ac7 100644
--- a/interface/CMakeLists.txt
+++ b/interface/CMakeLists.txt
@@ -35,6 +35,7 @@
target_link_libraries(psa_interface
INTERFACE
+ tfm_config
tfm_partition_defs
)
@@ -45,7 +46,6 @@
$<$<BOOL:${CONFIG_TFM_USE_TRUSTZONE}>:CONFIG_TFM_USE_TRUSTZONE>
$<$<BOOL:${TFM_MULTI_CORE_TOPOLOGY}>:TFM_MULTI_CORE_TOPOLOGY>
$<$<BOOL:${CONFIG_TFM_PARTITION_META}>:CONFIG_TFM_PARTITION_META>
- $<$<BOOL:${CONFIG_TFM_DOORBELL_API}>:CONFIG_TFM_DOORBELL_API=1>
)
###################### PSA api (S lib) #########################################
diff --git a/interface/include/psa_interface_redirect.h b/interface/include/psa_interface_redirect.h
index 3aa873f..f8d24bd 100644
--- a/interface/include/psa_interface_redirect.h
+++ b/interface/include/psa_interface_redirect.h
@@ -7,6 +7,7 @@
#ifndef __PSA_INTERFACE_REDIRECT_H__
#define __PSA_INTERFACE_REDIRECT_H__
+#include "config_spm.h"
#include "psa/framework_feature.h"
#if CONFIG_TFM_PSA_API_SUPERVISOR_CALL == 1
diff --git a/secure_fw/CMakeLists.txt b/secure_fw/CMakeLists.txt
index aba4718..768b8d9 100644
--- a/secure_fw/CMakeLists.txt
+++ b/secure_fw/CMakeLists.txt
@@ -26,6 +26,7 @@
${CMAKE_CURRENT_SOURCE_DIR}/partitions/platform
${CMAKE_CURRENT_SOURCE_DIR}/partitions/protected_storage
${CMAKE_CURRENT_SOURCE_DIR}/spm/include
+ ${CMAKE_BINARY_DIR}/generated/interface/include
)
target_compile_definitions(tfm_config
diff --git a/secure_fw/spm/CMakeLists.txt b/secure_fw/spm/CMakeLists.txt
index 5361d97..bdc6cf9 100755
--- a/secure_fw/spm/CMakeLists.txt
+++ b/secure_fw/spm/CMakeLists.txt
@@ -78,6 +78,7 @@
PRIVATE
platform_s
tfm_boot_status
+ tfm_config
tfm_partitions
tfm_fih_headers
tfm_sprt
@@ -91,10 +92,8 @@
$<$<AND:$<BOOL:${BL2}>,$<BOOL:${CONFIG_TFM_BOOT_STORE_MEASUREMENTS}>>:BOOT_DATA_AVAILABLE>
$<$<BOOL:${CONFIG_TFM_HALT_ON_CORE_PANIC}>:CONFIG_TFM_HALT_ON_CORE_PANIC>
$<$<BOOL:${TFM_NS_MANAGE_NSID}>:TFM_NS_MANAGE_NSID>
- CONFIG_TFM_CONN_HANDLE_MAX_NUM=${CONFIG_TFM_CONN_HANDLE_MAX_NUM}
$<$<STREQUAL:${CONFIG_TFM_FLOAT_ABI},hard>:CONFIG_TFM_FLOAT_ABI=2>
$<$<STREQUAL:${CONFIG_TFM_FLOAT_ABI},soft>:CONFIG_TFM_FLOAT_ABI=0>
- $<$<BOOL:${CONFIG_TFM_DOORBELL_API}>:CONFIG_TFM_DOORBELL_API=1>
$<$<BOOL:${CONFIG_TFM_STACK_WATERMARKS}>:CONFIG_TFM_STACK_WATERMARKS>
)
diff --git a/secure_fw/spm/cmsis_psa/psa_interface_cross.c b/secure_fw/spm/cmsis_psa/psa_interface_cross.c
index 5e851ec..5697f90 100644
--- a/secure_fw/spm/cmsis_psa/psa_interface_cross.c
+++ b/secure_fw/spm/cmsis_psa/psa_interface_cross.c
@@ -7,6 +7,7 @@
#include <stdint.h>
#include "compiler_ext_defs.h"
+#include "config_spm.h"
#include "ffm/psa_api.h"
#include "spm_ipc.h"
#include "svc_num.h"
diff --git a/secure_fw/spm/cmsis_psa/psa_interface_svc.c b/secure_fw/spm/cmsis_psa/psa_interface_svc.c
index 3674e24..28e27bd 100644
--- a/secure_fw/spm/cmsis_psa/psa_interface_svc.c
+++ b/secure_fw/spm/cmsis_psa/psa_interface_svc.c
@@ -7,6 +7,7 @@
#include <stdint.h>
#include "compiler_ext_defs.h"
+#include "config_spm.h"
#include "svc_num.h"
#include "tfm_psa_call_pack.h"
#include "utilities.h"
diff --git a/secure_fw/spm/cmsis_psa/spm_ipc.c b/secure_fw/spm/cmsis_psa/spm_ipc.c
index d5263dc..2354e2b 100755
--- a/secure_fw/spm/cmsis_psa/spm_ipc.c
+++ b/secure_fw/spm/cmsis_psa/spm_ipc.c
@@ -13,6 +13,7 @@
#include <stdint.h>
#include "bitops.h"
#include "config_impl.h"
+#include "config_spm.h"
#include "critical_section.h"
#include "current.h"
#include "fih.h"
diff --git a/secure_fw/spm/cmsis_psa/spm_ipc.h b/secure_fw/spm/cmsis_psa/spm_ipc.h
index 9a710a2..767914b 100644
--- a/secure_fw/spm/cmsis_psa/spm_ipc.h
+++ b/secure_fw/spm/cmsis_psa/spm_ipc.h
@@ -13,6 +13,7 @@
#include <stdint.h>
#include "config_impl.h"
+#include "config_spm.h"
#include "current.h"
#include "tfm_arch.h"
#include "lists.h"
diff --git a/secure_fw/spm/cmsis_psa/tfm_core_svcalls_ipc.c b/secure_fw/spm/cmsis_psa/tfm_core_svcalls_ipc.c
index 73a9fff..8e4b309 100644
--- a/secure_fw/spm/cmsis_psa/tfm_core_svcalls_ipc.c
+++ b/secure_fw/spm/cmsis_psa/tfm_core_svcalls_ipc.c
@@ -6,6 +6,7 @@
*/
#include <string.h>
+#include "config_spm.h"
#include "region.h"
#include "spm_ipc.h"
#include "svc_num.h"
diff --git a/secure_fw/spm/ffm/backend_ipc.c b/secure_fw/spm/ffm/backend_ipc.c
index c9b4563..a284166 100644
--- a/secure_fw/spm/ffm/backend_ipc.c
+++ b/secure_fw/spm/ffm/backend_ipc.c
@@ -12,6 +12,7 @@
#include "aapcs_local.h"
#include "critical_section.h"
#include "compiler_ext_defs.h"
+#include "config_spm.h"
#include "runtime_defs.h"
#include "ffm/stack_watermark.h"
#include "spm_ipc.h"
diff --git a/secure_fw/spm/ffm/psa_api.c b/secure_fw/spm/ffm/psa_api.c
index 6b60e53..59b82a8 100644
--- a/secure_fw/spm/ffm/psa_api.c
+++ b/secure_fw/spm/ffm/psa_api.c
@@ -11,6 +11,7 @@
#include <stdint.h>
#include "bitops.h"
#include "config_impl.h"
+#include "config_spm.h"
#include "critical_section.h"
#include "psa/lifecycle.h"
#include "psa/service.h"
diff --git a/secure_fw/spm/ffm/utilities.c b/secure_fw/spm/ffm/utilities.c
index cdc5d7c..c9a0c67 100644
--- a/secure_fw/spm/ffm/utilities.c
+++ b/secure_fw/spm/ffm/utilities.c
@@ -5,6 +5,7 @@
*
*/
#include <inttypes.h>
+#include "config_spm.h"
#include "fih.h"
#include "utilities.h"
#include "tfm_hal_platform.h"
diff --git a/secure_fw/spm/include/config_spm.h b/secure_fw/spm/include/config_spm.h
new file mode 100644
index 0000000..728301f
--- /dev/null
+++ b/secure_fw/spm/include/config_spm.h
@@ -0,0 +1,33 @@
+/*
+ * Copyright (c) 2022, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef __CONFIG_PARTITION_SPM_H__
+#define __CONFIG_PARTITION_SPM_H__
+
+#include "config_impl.h"
+#include "config_tfm.h"
+
+/* The maximal number of secure services that are connected or requested at the same time */
+#ifndef CONFIG_TFM_CONN_HANDLE_MAX_NUM
+#pragma message ("CONFIG_TFM_CONN_HANDLE_MAX_NUM is defaulted to 8. Please check and set it explicitly.")
+#define CONFIG_TFM_CONN_HANDLE_MAX_NUM 8
+#endif
+
+/* Enable the doorbell APIs */
+#ifndef CONFIG_TFM_DOORBELL_API
+#pragma message ("CONFIG_TFM_DOORBELL_API is defaulted to 1. Please check and set it explicitly.")
+#define CONFIG_TFM_DOORBELL_API 1
+#endif
+
+/* Disable doorbell for SFN backend */
+#if CONFIG_TFM_SPM_BACKEND_SFN == 1
+#pragma message ("CONFIG_TFM_DOORBELL_API is redefined to 0.")
+#undef CONFIG_TFM_DOORBELL_API
+#define CONFIG_TFM_DOORBELL_API 0
+#endif
+
+#endif /* __CONFIG_PARTITION_SPM_H__ */
diff --git a/secure_fw/spm/include/ffm/psa_api.h b/secure_fw/spm/include/ffm/psa_api.h
index 9f8354b..868c178 100644
--- a/secure_fw/spm/include/ffm/psa_api.h
+++ b/secure_fw/spm/include/ffm/psa_api.h
@@ -10,6 +10,7 @@
#include <stdint.h>
#include <stdbool.h>
+#include "config_spm.h"
#include "psa/client.h"
#include "psa/service.h"