Platform: RSS: Use common v8-M isolation HAL
Changes RSS to use the common v8-M isolation HAL to reduce code
duplication.
Signed-off-by: Jamie Fox <jamie.fox@arm.com>
Change-Id: I99cee616b3195f3671a43554335aae58d870bcb2
diff --git a/platform/ext/target/arm/rss/common/CMakeLists.txt b/platform/ext/target/arm/rss/common/CMakeLists.txt
index 5b1d858..acf1382 100644
--- a/platform/ext/target/arm/rss/common/CMakeLists.txt
+++ b/platform/ext/target/arm/rss/common/CMakeLists.txt
@@ -403,7 +403,7 @@
target_sources(tfm_spm
PRIVATE
target_cfg.c
- tfm_hal_isolation.c
+ ${PLATFORM_DIR}/ext/common/tfm_hal_isolation_v8m.c
tfm_hal_platform.c
tfm_interrupts.c
faults.c
diff --git a/platform/ext/target/arm/rss/common/faults.c b/platform/ext/target/arm/rss/common/faults.c
index 17ba26a..95c7d78 100644
--- a/platform/ext/target/arm/rss/common/faults.c
+++ b/platform/ext/target/arm/rss/common/faults.c
@@ -1,12 +1,12 @@
/*
- * Copyright (c) 2018-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
*/
#include "cmsis.h"
-#include "target_cfg.h"
+#include "common_target_cfg.h"
#include "utilities.h"
/* "exception_info.h" must be the last include because of the IAR pragma */
#include "exception_info.h"
diff --git a/platform/ext/target/arm/rss/common/mmio_defs.h b/platform/ext/target/arm/rss/common/mmio_defs.h
deleted file mode 100644
index aa804c8..0000000
--- a/platform/ext/target/arm/rss/common/mmio_defs.h
+++ /dev/null
@@ -1,40 +0,0 @@
-/*
- * Copyright (c) 2021-2022, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#ifndef __MMIO_DEFS_H__
-#define __MMIO_DEFS_H__
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include <stdint.h>
-#include "tfm_peripherals_def.h"
-
-/* Boundary handle binding macros. */
-#define HANDLE_ATTR_PRIV_POS 1U
-#define HANDLE_ATTR_PRIV_MASK (0x1UL << HANDLE_ATTR_PRIV_POS)
-#define HANDLE_ATTR_NS_POS 0U
-#define HANDLE_ATTR_NS_MASK (0x1UL << HANDLE_ATTR_NS_POS)
-
-/* Allowed named MMIO of this platform */
-const uintptr_t partition_named_mmio_list[] = {
- (uintptr_t)TFM_PERIPHERAL_STD_UART,
- (uintptr_t)TFM_PERIPHERAL_TIMER0,
- (uintptr_t)TFM_PERIPHERAL_DMA0_CH0
-};
-
-/*
- * Platform RSS only has named MMIO.
- * If the platform has numbered MMIO, define them in another list.
- */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __MMIO_DEFS_H__ */
diff --git a/platform/ext/target/arm/rss/common/platform_svc_handler.c b/platform/ext/target/arm/rss/common/platform_svc_handler.c
index 4f4a344..c6f039e 100644
--- a/platform/ext/target/arm/rss/common/platform_svc_handler.c
+++ b/platform/ext/target/arm/rss/common/platform_svc_handler.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2022-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -8,7 +8,6 @@
#include "cmsis.h"
#include "dma350_checker_layer.h"
#include "platform_svc_numbers.h"
-#include "target_cfg.h"
#include "tfm_hal_platform.h"
#include "tfm_platform_system.h"
diff --git a/platform/ext/target/arm/rss/common/target_cfg.c b/platform/ext/target/arm/rss/common/target_cfg.c
index acc43c5..7bbe9d6 100644
--- a/platform/ext/target/arm/rss/common/target_cfg.c
+++ b/platform/ext/target/arm/rss/common/target_cfg.c
@@ -19,7 +19,7 @@
#include "cmsis.h"
#include "utilities.h"
-#include "target_cfg.h"
+#include "common_target_cfg.h"
#include "Driver_PPC.h"
#include "Driver_MPC.h"
#include "region_defs.h"
@@ -455,7 +455,7 @@
return TFM_PLAT_ERR_SUCCESS;
}
-void ppc_configure_to_secure(enum ppc_bank_e bank, uint32_t pos)
+void ppc_configure_to_secure(ppc_bank_t bank, uint32_t pos)
{
DRIVER_PPC_RSS *ppc_driver;
@@ -469,7 +469,7 @@
}
}
-void ppc_configure_to_non_secure(enum ppc_bank_e bank, uint32_t pos)
+void ppc_configure_to_non_secure(ppc_bank_t bank, uint32_t pos)
{
DRIVER_PPC_RSS *ppc_driver;
@@ -483,7 +483,7 @@
}
}
-void ppc_en_secure_unpriv(enum ppc_bank_e bank, uint32_t pos)
+void ppc_en_secure_unpriv(ppc_bank_t bank, uint32_t pos)
{
DRIVER_PPC_RSS *ppc_driver;
@@ -499,7 +499,7 @@
}
}
-void ppc_clr_secure_unpriv(enum ppc_bank_e bank, uint32_t pos)
+void ppc_clr_secure_unpriv(ppc_bank_t bank, uint32_t pos)
{
DRIVER_PPC_RSS *ppc_driver;
diff --git a/platform/ext/target/arm/rss/common/target_cfg.h b/platform/ext/target/arm/rss/common/target_cfg.h
index 6304fba..fc1aa9e 100644
--- a/platform/ext/target/arm/rss/common/target_cfg.h
+++ b/platform/ext/target/arm/rss/common/target_cfg.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019-2022 Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2023 Arm Limited. All rights reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -17,18 +17,16 @@
#ifndef __TARGET_CFG_H__
#define __TARGET_CFG_H__
-#include <stdint.h>
-#include "tfm_peripherals_def.h"
#include "tfm_plat_defs.h"
#define TFM_DRIVER_STDIO Driver_USART0
#define NS_DRIVER_STDIO Driver_USART0
/**
- * \brief Defines the word offsets of Slave Peripheral Protection Controller
- * Registers
+ * \brief Defines the indexes of Subordinate Peripheral Protection Controller
+ * registers.
*/
-enum ppc_bank_e
+typedef enum
{
PPC_SP_DO_NOT_CONFIGURE = -1,
PPC_SP_MAIN0 = 0,
@@ -42,116 +40,7 @@
PPC_SP_PERIPH_EXP1 = 8,
PPC_SP_PERIPH_EXP2 = 9,
PPC_SP_PERIPH_EXP3 = 10,
-};
-
-/**
- * \brief Store the addresses of memory regions
- */
-struct memory_region_limits {
- uint32_t non_secure_code_start;
- uint32_t non_secure_partition_base;
- uint32_t non_secure_partition_limit;
- uint32_t veneer_base;
- uint32_t veneer_limit;
-};
-
-/**
- * \brief Holds the data necessary to do isolation for a specific peripheral.
- */
-struct platform_data_t {
- uint32_t periph_start;
- uint32_t periph_limit;
- enum ppc_bank_e periph_ppc_bank;
- int16_t periph_ppc_mask;
-};
-
-/**
- * \brief Enables the fault handlers BusFault, UsageFault,
- * MemManageFault and SecureFault.
- */
-enum tfm_plat_err_t enable_fault_handlers(void);
-
-/**
- * \brief Configures the system reset request properties
- *
- * \return Returns values as specified by the \ref tfm_plat_err_t
- */
-enum tfm_plat_err_t system_reset_cfg(void);
-
-/**
- * \brief Configures all external interrupts to target the
- * NS state, apart for the ones associated to secure
- * peripherals (plus MPC and PPC)
- *
- * \return Returns values as specified by the \ref tfm_plat_err_t
- */
-enum tfm_plat_err_t nvic_interrupt_target_state_cfg(void);
-
-/**
- * \brief This function enable the interrupts associated
- * to the secure peripherals (plus MPC and PPC)
- *
- * \return Returns values as specified by the \ref tfm_plat_err_t
- */
-enum tfm_plat_err_t nvic_interrupt_enable(void);
-
-/**
- * \brief Configures the system debug properties.
- *
- * \return Returns values as specified by the \ref tfm_plat_err_t
- */
-enum tfm_plat_err_t init_debug(void);
-
-/**
- * \brief Configures the Memory Protection Controller.
- *
- * \return Returns error code.
- */
-enum tfm_plat_err_t mpc_init_cfg(void);
-
-/**
- * \brief Clear MPC interrupt.
- */
-void mpc_clear_irq(void);
-
-/**
- * \brief Configures the Peripheral Protection Controller.
- */
-enum tfm_plat_err_t ppc_init_cfg(void);
-
-/**
- * \brief Restrict peripheral access to secure access only
- *
- * \note The function does not configure privilege
- */
-void ppc_configure_to_secure(enum ppc_bank_e bank, uint32_t pos);
-
-/**
- * \brief Allow non-secure access to peripheral
- *
- * \note The function does not configure privilege
- */
-void ppc_configure_to_non_secure(enum ppc_bank_e bank, uint32_t pos);
-
-/**
- * \brief Enable secure unprivileged access to peripheral
- */
-void ppc_en_secure_unpriv(enum ppc_bank_e bank, uint32_t pos);
-
-/**
- * \brief Clear secure unprivileged access to peripheral
- */
-void ppc_clr_secure_unpriv(enum ppc_bank_e bank, uint32_t pos);
-
-/**
- * \brief Clears PPC interrupt.
- */
-void ppc_clear_irq(void);
-
-/**
- * \brief Configures SAU and IDAU.
- */
-void sau_and_idau_cfg(void);
+} ppc_bank_t;
/**
* \brief Initialize the DMA devices and channels.
diff --git a/platform/ext/target/arm/rss/common/tfm_hal_isolation.c b/platform/ext/target/arm/rss/common/tfm_hal_isolation.c
deleted file mode 100644
index 6d16920..0000000
--- a/platform/ext/target/arm/rss/common/tfm_hal_isolation.c
+++ /dev/null
@@ -1,367 +0,0 @@
-/*
- * Copyright (c) 2020-2023, Arm Limited. All rights reserved.
- * Copyright (c) 2022-2023 Cypress Semiconductor Corporation (an Infineon
- * company) or an affiliate of Cypress Semiconductor Corporation. All rights
- * reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#include <arm_cmse.h>
-#include <stddef.h>
-#include <stdint.h>
-#include <string.h>
-#include "array.h"
-#include "cmsis.h"
-#include "Driver_Common.h"
-#include "mmio_defs.h"
-#include "mpu_armv8m_drv.h"
-#include "region.h"
-#include "target_cfg.h"
-#include "tfm_hal_defs.h"
-#include "tfm_hal_isolation.h"
-#include "tfm_peripherals_def.h"
-#include "load/partition_defs.h"
-#include "load/asset_defs.h"
-#include "load/spm_load_api.h"
-
-/* It can be retrieved from the MPU_TYPE register. */
-#define MPU_REGION_NUM 16
-#define PROT_BOUNDARY_VAL \
- ((1U << HANDLE_ATTR_PRIV_POS) & HANDLE_ATTR_PRIV_MASK)
-
-#ifdef CONFIG_TFM_ENABLE_MEMORY_PROTECT
-static uint32_t n_configured_regions = 0;
-struct mpu_armv8m_dev_t dev_mpu_s = { MPU_BASE };
-
-#ifdef CONFIG_TFM_USE_TRUSTZONE
-REGION_DECLARE(Image$$, ER_VENEER, $$Base);
-REGION_DECLARE(Image$$, VENEER_ALIGN, $$Limit);
-#endif
-REGION_DECLARE(Image$$, TFM_UNPRIV_CODE_START, $$RO$$Base);
-REGION_DECLARE(Image$$, TFM_UNPRIV_CODE_END, $$RO$$Limit);
-REGION_DECLARE(Image$$, TFM_APP_CODE_START, $$Base);
-REGION_DECLARE(Image$$, TFM_APP_CODE_END, $$Base);
-REGION_DECLARE(Image$$, TFM_APP_RW_STACK_START, $$Base);
-REGION_DECLARE(Image$$, TFM_APP_RW_STACK_END, $$Base);
-#ifdef CONFIG_TFM_PARTITION_META
-REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$ZI$$Base);
-REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$ZI$$Limit);
-#endif /* CONFIG_TFM_PARTITION_META */
-
-const struct mpu_armv8m_region_cfg_t region_cfg[] = {
-#ifdef CONFIG_TFM_USE_TRUSTZONE
- /* Veneer region */
- {
- 0, /* will be updated before using */
- (uint32_t)®ION_NAME(Image$$, ER_VENEER, $$Base),
- (uint32_t)®ION_NAME(Image$$, VENEER_ALIGN, $$Limit) - 1,
- MPU_ARMV8M_MAIR_ATTR_CODE_IDX,
- MPU_ARMV8M_XN_EXEC_OK,
- MPU_ARMV8M_AP_RO_PRIV_UNPRIV,
- MPU_ARMV8M_SH_NONE,
-#ifdef TFM_PXN_ENABLE
- MPU_ARMV8M_PRIV_EXEC_OK
-#endif
- },
-#endif
- /* TFM Core unprivileged code region */
- {
- 0, /* will be updated before using */
- (uint32_t)®ION_NAME(Image$$, TFM_UNPRIV_CODE_START, $$RO$$Base),
- (uint32_t)®ION_NAME(Image$$, TFM_UNPRIV_CODE_END, $$RO$$Limit) - 1,
- MPU_ARMV8M_MAIR_ATTR_CODE_IDX,
- MPU_ARMV8M_XN_EXEC_OK,
- MPU_ARMV8M_AP_RO_PRIV_UNPRIV,
- MPU_ARMV8M_SH_NONE,
-#ifdef TFM_PXN_ENABLE
- MPU_ARMV8M_PRIV_EXEC_OK
-#endif
- },
- /* RO region */
- {
- 0, /* will be updated before using */
- (uint32_t)®ION_NAME(Image$$, TFM_APP_CODE_START, $$Base),
- (uint32_t)®ION_NAME(Image$$, TFM_APP_CODE_END, $$Base) - 1,
- MPU_ARMV8M_MAIR_ATTR_CODE_IDX,
- MPU_ARMV8M_XN_EXEC_OK,
- MPU_ARMV8M_AP_RO_PRIV_UNPRIV,
- MPU_ARMV8M_SH_NONE,
-#ifdef TFM_PXN_ENABLE
-#if TFM_ISOLATION_LEVEL == 1
- MPU_ARMV8M_PRIV_EXEC_OK
-#else
- MPU_ARMV8M_PRIV_EXEC_NEVER
-#endif
-#endif
- },
- /* RW, ZI and stack as one region */
- {
- 0, /* will be updated before using */
- (uint32_t)®ION_NAME(Image$$, TFM_APP_RW_STACK_START, $$Base),
- (uint32_t)®ION_NAME(Image$$, TFM_APP_RW_STACK_END, $$Base) - 1,
- MPU_ARMV8M_MAIR_ATTR_DATA_IDX,
- MPU_ARMV8M_XN_EXEC_NEVER,
- MPU_ARMV8M_AP_RW_PRIV_UNPRIV,
- MPU_ARMV8M_SH_NONE,
-#ifdef TFM_PXN_ENABLE
- MPU_ARMV8M_PRIV_EXEC_NEVER
-#endif
- },
-#ifdef CONFIG_TFM_PARTITION_META
- /* TFM partition metadata pointer region */
- {
- 0, /* will be updated before using */
- (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$ZI$$Base),
- (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$ZI$$Limit) - 1,
- MPU_ARMV8M_MAIR_ATTR_DATA_IDX,
- MPU_ARMV8M_XN_EXEC_NEVER,
- MPU_ARMV8M_AP_RW_PRIV_UNPRIV,
- MPU_ARMV8M_SH_NONE,
-#ifdef TFM_PXN_ENABLE
- MPU_ARMV8M_PRIV_EXEC_NEVER
-#endif
- },
-#endif
- /* Keep ROM as no-execute, and prevent unpriv from accessing */
- {
- 0, /* will be updated before using */
- ROM_BASE_S,
- ROM_BASE_S + ROM_SIZE - 1,
- MPU_ARMV8M_MAIR_ATTR_CODE_IDX,
- MPU_ARMV8M_XN_EXEC_NEVER,
- MPU_ARMV8M_AP_RO_PRIV_ONLY,
- MPU_ARMV8M_SH_NONE,
-#ifdef TFM_PXN_ENABLE
- MPU_ARMV8M_PRIV_EXEC_NEVER,
-#endif
- },
-};
-#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
-
-enum tfm_hal_status_t tfm_hal_set_up_static_boundaries(
- uintptr_t *p_spm_boundary)
-{
-#ifdef CONFIG_TFM_ENABLE_MEMORY_PROTECT
- struct mpu_armv8m_region_cfg_t localcfg;
-#endif
- /* Set up isolation boundaries between SPE and NSPE */
- sau_and_idau_cfg();
- if (mpc_init_cfg() != TFM_PLAT_ERR_SUCCESS) {
- return TFM_HAL_ERROR_GENERIC;
- }
- ppc_init_cfg();
-
- /* Set up static isolation boundaries inside SPE */
-#ifdef CONFIG_TFM_ENABLE_MEMORY_PROTECT
- int32_t i;
-
- mpu_armv8m_clean(&dev_mpu_s);
-
- if (ARRAY_SIZE(region_cfg) > MPU_REGION_NUM) {
- return TFM_HAL_ERROR_GENERIC;
- }
- for (i = 0; i < ARRAY_SIZE(region_cfg); i++) {
- memcpy(&localcfg, ®ion_cfg[i], sizeof(localcfg));
- localcfg.region_nr = i;
- if (mpu_armv8m_region_enable(&dev_mpu_s,
- (struct mpu_armv8m_region_cfg_t *)&localcfg)
- != MPU_ARMV8M_OK) {
- return TFM_HAL_ERROR_GENERIC;
- }
- }
- n_configured_regions = i;
-
- mpu_armv8m_enable(&dev_mpu_s, PRIVILEGED_DEFAULT_ENABLE,
- HARDFAULT_NMI_ENABLE);
-#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
-
- *p_spm_boundary = (uintptr_t)PROT_BOUNDARY_VAL;
-
- return TFM_HAL_SUCCESS;
-}
-
-/*
- * Implementation of tfm_hal_bind_boundary() on RSS:
- *
- * The API encodes some attributes into a handle and returns it to SPM.
- * The attributes include isolation boundaries, privilege, and MMIO information.
- * When scheduler switches running partitions, SPM compares the handle between
- * partitions to know if boundary update is necessary. If update is required,
- * SPM passes the handle to platform to do platform settings and update
- * isolation boundaries.
- */
-enum tfm_hal_status_t tfm_hal_bind_boundary(
- const struct partition_load_info_t *p_ldinf,
- uintptr_t *p_boundary)
-{
- uint32_t i, j;
- bool privileged;
- bool ns_agent;
- uint32_t partition_attrs = 0;
- const struct asset_desc_t *p_asset;
- struct platform_data_t *plat_data_ptr;
-#if TFM_ISOLATION_LEVEL == 2
- struct mpu_armv8m_region_cfg_t localcfg;
-#endif
- if (!p_ldinf || !p_boundary) {
- return TFM_HAL_ERROR_GENERIC;
- }
-
-#if TFM_ISOLATION_LEVEL == 1
- privileged = true;
-#else
- privileged = IS_PSA_ROT(p_ldinf);
-#endif
-
- ns_agent = IS_NS_AGENT_TZ(p_ldinf);
- p_asset = LOAD_INFO_ASSET(p_ldinf);
-
- /*
- * Validate if the named MMIO of partition is allowed by the platform.
- * Otherwise, skip validation.
- *
- * NOTE: Need to add validation of numbered MMIO if platform requires.
- */
- for (i = 0; i < p_ldinf->nassets; i++) {
- if (!(p_asset[i].attr & ASSET_ATTR_NAMED_MMIO)) {
- continue;
- }
- for (j = 0; j < ARRAY_SIZE(partition_named_mmio_list); j++) {
- if (p_asset[i].dev.dev_ref == partition_named_mmio_list[j]) {
- break;
- }
- }
-
- if (j == ARRAY_SIZE(partition_named_mmio_list)) {
- /* The MMIO asset is not in the allowed list of platform. */
- return TFM_HAL_ERROR_GENERIC;
- }
- /* Assume PPC & MPC settings are required even under level 1 */
- plat_data_ptr = REFERENCE_TO_PTR(p_asset[i].dev.dev_ref,
- struct platform_data_t *);
-
- if (plat_data_ptr->periph_ppc_bank != PPC_SP_DO_NOT_CONFIGURE) {
- ppc_configure_to_secure(plat_data_ptr->periph_ppc_bank,
- plat_data_ptr->periph_ppc_mask);
- if (privileged) {
- ppc_clr_secure_unpriv(plat_data_ptr->periph_ppc_bank,
- plat_data_ptr->periph_ppc_mask);
- } else {
- ppc_en_secure_unpriv(plat_data_ptr->periph_ppc_bank,
- plat_data_ptr->periph_ppc_mask);
- }
- }
-#if TFM_ISOLATION_LEVEL == 2
- /*
- * Static boundaries are set. Set up MPU region for MMIO.
- * Setup regions for unprivileged assets only.
- */
- if (!privileged) {
- localcfg.region_base = plat_data_ptr->periph_start;
- localcfg.region_limit = plat_data_ptr->periph_limit;
- localcfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DEVICE_IDX;
- localcfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
- localcfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
- localcfg.attr_sh = MPU_ARMV8M_SH_NONE;
-#ifdef TFM_PXN_ENABLE
- localcfg.attr_pxn = MPU_ARMV8M_PRIV_EXEC_NEVER;
-#endif
- localcfg.region_nr = n_configured_regions++;
-
- if (mpu_armv8m_region_enable(&dev_mpu_s, &localcfg)
- != MPU_ARMV8M_OK) {
- return TFM_HAL_ERROR_GENERIC;
- }
- }
-#endif
- }
-
- partition_attrs = ((uint32_t)privileged << HANDLE_ATTR_PRIV_POS) &
- HANDLE_ATTR_PRIV_MASK;
- partition_attrs |= ((uint32_t)ns_agent << HANDLE_ATTR_NS_POS) &
- HANDLE_ATTR_NS_MASK;
- *p_boundary = (uintptr_t)partition_attrs;
-
- return TFM_HAL_SUCCESS;
-}
-
-enum tfm_hal_status_t tfm_hal_activate_boundary(
- const struct partition_load_info_t *p_ldinf,
- uintptr_t boundary)
-{
- CONTROL_Type ctrl;
- bool privileged = !!((uint32_t)boundary & HANDLE_ATTR_PRIV_MASK);
-
- /* Privileged level is required to be set always */
- ctrl.w = __get_CONTROL();
- ctrl.b.nPRIV = privileged ? 0 : 1;
- __set_CONTROL(ctrl.w);
-
- return TFM_HAL_SUCCESS;
-}
-
-enum tfm_hal_status_t tfm_hal_memory_check(uintptr_t boundary, uintptr_t base,
- size_t size, uint32_t access_type)
-{
- int flags = 0;
-
- /* If size is zero, this indicates an empty buffer and base is ignored */
- if (size == 0) {
- return TFM_HAL_SUCCESS;
- }
-
- if (!base) {
- return TFM_HAL_ERROR_INVALID_INPUT;
- }
-
- if ((access_type & TFM_HAL_ACCESS_READWRITE) == TFM_HAL_ACCESS_READWRITE) {
- flags |= CMSE_MPU_READWRITE;
- } else if (access_type & TFM_HAL_ACCESS_READABLE) {
- flags |= CMSE_MPU_READ;
- } else {
- return TFM_HAL_ERROR_INVALID_INPUT;
- }
-
- if (!((uint32_t)boundary & HANDLE_ATTR_PRIV_MASK)) {
- flags |= CMSE_MPU_UNPRIV;
- }
-
- /*
- * This check is only done for ns_agent_tz.
- * In calls from ns_agent_mailbox, the client message has already
- * been marshalled into SPE memory over the MHU, so only need to check
- * access rights within the SPE here.
- */
- if ((uint32_t)boundary & HANDLE_ATTR_NS_MASK) {
- CONTROL_Type ctrl;
- ctrl.w = __TZ_get_CONTROL_NS();
- if (ctrl.b.nPRIV == 1) {
- flags |= CMSE_MPU_UNPRIV;
- } else {
- flags &= ~CMSE_MPU_UNPRIV;
- }
- flags |= CMSE_NONSECURE;
- }
-
- if (cmse_check_address_range((void *)base, size, flags) != NULL) {
- return TFM_HAL_SUCCESS;
- } else {
- return TFM_HAL_ERROR_MEM_FAULT;
- }
-}
-
-bool tfm_hal_boundary_need_switch(uintptr_t boundary_from,
- uintptr_t boundary_to)
-{
- if (boundary_from == boundary_to) {
- return false;
- }
-
- if (((uint32_t)boundary_from & HANDLE_ATTR_PRIV_MASK) &&
- ((uint32_t)boundary_to & HANDLE_ATTR_PRIV_MASK)) {
- return false;
- }
- return true;
-}
diff --git a/platform/ext/target/arm/rss/common/tfm_hal_platform.c b/platform/ext/target/arm/rss/common/tfm_hal_platform.c
index ee54480..0bbd209 100644
--- a/platform/ext/target/arm/rss/common/tfm_hal_platform.c
+++ b/platform/ext/target/arm/rss/common/tfm_hal_platform.c
@@ -6,7 +6,7 @@
*/
#include "cmsis.h"
-#include "target_cfg.h"
+#include "common_target_cfg.h"
#include "tfm_hal_platform.h"
#include "tfm_peripherals_def.h"
#include "uart_stdout.h"
diff --git a/platform/ext/target/arm/rss/common/tfm_peripherals_def.c b/platform/ext/target/arm/rss/common/tfm_peripherals_def.c
index e6701e6..4a25d34 100644
--- a/platform/ext/target/arm/rss/common/tfm_peripherals_def.c
+++ b/platform/ext/target/arm/rss/common/tfm_peripherals_def.c
@@ -5,7 +5,8 @@
*
*/
-#include "target_cfg.h"
+#include "tfm_peripherals_def.h"
+#include "array.h"
#include "cmsis.h"
#ifdef RSS_DEBUG_UART
@@ -39,3 +40,18 @@
PPC_SP_DO_NOT_CONFIGURE,
-1
};
+
+/* Allowed named MMIO of this platform.
+ * Platform RSS only has named MMIO.
+ */
+static const uintptr_t partition_named_mmio_list[] = {
+ (uintptr_t)TFM_PERIPHERAL_STD_UART,
+ (uintptr_t)TFM_PERIPHERAL_TIMER0,
+ (uintptr_t)TFM_PERIPHERAL_DMA0_CH0,
+};
+
+void get_partition_named_mmio_list(const uintptr_t **list, size_t *length)
+{
+ *list = partition_named_mmio_list;
+ *length = ARRAY_SIZE(partition_named_mmio_list);
+}
diff --git a/platform/ext/target/arm/rss/common/tfm_peripherals_def.h b/platform/ext/target/arm/rss/common/tfm_peripherals_def.h
index 60c7819..d6bdcb1 100644
--- a/platform/ext/target/arm/rss/common/tfm_peripherals_def.h
+++ b/platform/ext/target/arm/rss/common/tfm_peripherals_def.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2023, Arm Limited. All rights reserved.
* Copyright (c) 2020-2023 Cypress Semiconductor Corporation (an Infineon company)
* or an affiliate of Cypress Semiconductor Corporation. All rights reserved.
*
@@ -11,7 +11,7 @@
#define __TFM_PERIPHERALS_DEF_H__
#include "platform_irq.h"
-#include "target_cfg.h"
+#include "common_target_cfg.h"
#ifdef __cplusplus
extern "C" {
@@ -37,6 +37,22 @@
/* AP to RSS MHU receiver interrupt */
#define MAILBOX_IRQ CMU_MHU0_Receiver_IRQn
+/* Append RSS-specific static MPU regions to the standard ones in
+ * tfm_hal_isolation_v8m.c.
+ */
+#define PLATFORM_STATIC_MPU_REGIONS \
+ /* Keep ROM as no-execute, and prevent unpriv from accessing */ \
+ { \
+ ARM_MPU_RBAR(ROM_BASE_S, \
+ ARM_MPU_SH_NON, \
+ ARM_MPU_READ_ONLY, \
+ ARM_MPU_PRIVILEGED, \
+ ARM_MPU_EXECUTE_NEVER), \
+ ARM_MPU_RLAR_PXN(ROM_BASE_S + ROM_SIZE - 1, \
+ ARM_MPU_PRIVILEGE_EXECUTE_NEVER, \
+ 0), \
+ },
+
#ifdef __cplusplus
}
#endif