Blame - config/config_base.h - next/TF-M/trusted-firmware-m

blob: ea9f3bc4eecf95c257196fb05186c585c71c0fe1 [file] [log] [blame]

Xinyu Zhang	a2fab0e	2022-10-24 15:37:46 +0800	[diff] [blame]	1	/*
				2	* Copyright (c) 2022, Arm Limited. All rights reserved.
				3	*
				4	* SPDX-License-Identifier: BSD-3-Clause
				5	*
				6	*/
				7
				8	#ifndef __CONFIG_BASE_H__
				9	#define __CONFIG_BASE_H__
				10
Xinyu Zhang	77668dd	2022-10-24 16:17:37 +0800	[diff] [blame]	11	/* Platform Partition Configs */
				12
				13	/* Size of input buffer in platform service */
				14	#define PLATFORM_SERVICE_INPUT_BUFFER_SIZE 64
				15
				16	/* Size of output buffer in platform service */
				17	#define PLATFORM_SERVICE_OUTPUT_BUFFER_SIZE 64
				18
				19	/* The stack size of the Platform Secure Partition */
				20	#define PLATFORM_SP_STACK_SIZE 0x500
				21
				22	/* Disable Non-volatile counter module */
				23	#define PLATFORM_NV_COUNTER_MODULE_DISABLED 0
				24
Xinyu Zhang	d755b82	2022-10-25 11:18:09 +0800	[diff] [blame]	25	/* Crypto Partition Configs */
				26
				27	/*
				28	* Heap size for the crypto backend
				29	* CRYPTO_ENGINE_BUF_SIZE needs to be >8KB for EC signing by attest module.
				30	*/
				31	#define CRYPTO_ENGINE_BUF_SIZE 0x2080
				32
				33	/* The max number of concurrent operations that can be active (allocated) at any time in Crypto */
				34	#define CRYPTO_CONC_OPER_NUM 8
				35
				36	/* Disable PSA Crypto random number generator module */
				37	#define CRYPTO_RNG_MODULE_DISABLED 0
				38
				39	/* Disable PSA Crypto Key module */
				40	#define CRYPTO_KEY_MODULE_DISABLED 0
				41
				42	/* Disable PSA Crypto AEAD module */
				43	#define CRYPTO_AEAD_MODULE_DISABLED 0
				44
				45	/* Disable PSA Crypto MAC module */
				46	#define CRYPTO_MAC_MODULE_DISABLED 0
				47
				48	/* Disable PSA Crypto Hash module */
				49	#define CRYPTO_HASH_MODULE_DISABLED 0
				50
				51	/* Disable PSA Crypto Cipher module */
				52	#define CRYPTO_CIPHER_MODULE_DISABLED 0
				53
				54	/* Disable PSA Crypto asymmetric key signature module */
				55	#define CRYPTO_ASYM_SIGN_MODULE_DISABLED 0
				56
				57	/* Disable PSA Crypto asymmetric key encryption module */
				58	#define CRYPTO_ASYM_ENCRYPT_MODULE_DISABLED 0
				59
				60	/* Disable PSA Crypto key derivation module */
				61	#define CRYPTO_KEY_DERIVATION_MODULE_DISABLED 0
				62
				63	/* Default size of the internal scratch buffer used for PSA FF IOVec allocations */
				64	#define CRYPTO_IOVEC_BUFFER_SIZE 5120
				65
				66	/* Use stored NV seed to provide entropy */
				67	#define CRYPTO_NV_SEED 1
				68
				69	/*
				70	* Only enable multi-part operations in Hash, MAC, AEAD and symmetric ciphers,
				71	* to optimize memory footprint in resource-constrained devices.
				72	*/
				73	#define CRYPTO_SINGLE_PART_FUNCS_DISABLED 0
				74
				75	/* The stack size of the Crypto Secure Partition */
				76	#define CRYPTO_STACK_SIZE 0x1B00
				77
Xinyu Zhang	ff65372	2022-10-27 14:17:36 +0800	[diff] [blame]	78	/* FWU Partition Configs */
				79
				80	/* Size of the FWU internal data transfer buffer */
				81	#define TFM_FWU_BUF_SIZE PSA_FWU_MAX_WRITE_SIZE
				82
				83	/* The stack size of the Firmware Update Secure Partition */
				84	#define FWU_STACK_SIZE 0x600
				85
Xinyu Zhang	d15f99c	2022-10-27 15:03:34 +0800	[diff] [blame]	86	/* Attest Partition Configs */
				87
				88	/* Include optional claims in initial attestation token */
				89	#define ATTEST_INCLUDE_OPTIONAL_CLAIMS 1
				90
				91	/* Include COSE key-id in initial attestation token */
				92	#define ATTEST_INCLUDE_COSE_KEY_ID 0
				93
				94	/* The stack size of the Initial Attestation Secure Partition */
				95	#define ATTEST_STACK_SIZE 0x700
				96
				97	/* Set the initial attestation token profile */
				98	#define ATTEST_TOKEN_PROFILE_PSA_IOT_1 1
				99
Xinyu Zhang	c8fc2c0	2022-10-31 12:13:45 +0800	[diff] [blame]	100	/* ITS Partition Configs */
				101
				102	/* Create flash FS if it doesn't exist for Internal Trusted Storage partition */
				103	#define ITS_CREATE_FLASH_LAYOUT 1
				104
				105	/* Enable emulated RAM FS for platforms that don't have flash for Internal Trusted Storage partition */
				106	#define ITS_RAM_FS 0
				107
				108	/* Validate filesystem metadata every time it is read from flash */
				109	#define ITS_VALIDATE_METADATA_FROM_FLASH 1
				110
				111	/* The maximum asset size to be stored in the Internal Trusted Storage */
				112	#define ITS_MAX_ASSET_SIZE 512
				113
				114	/*
				115	* Size of the ITS internal data transfer buffer
				116	* (Default to the max asset size so that all requests can be handled in one iteration.)
				117	*/
				118	#define ITS_BUF_SIZE ITS_MAX_ASSET_SIZE
				119
				120	/* The maximum number of assets to be stored in the Internal Trusted Storage */
				121	#define ITS_NUM_ASSETS 10
				122
				123	/* The stack size of the Internal Trusted Storage Secure Partition */
				124	#define ITS_STACK_SIZE 0x720
				125
Xinyu Zhang	0715270	2022-10-31 12:35:49 +0800	[diff] [blame^]	126	/* PS Partition Configs */
				127
				128	/* Create flash FS if it doesn't exist for Protected Storage partition */
				129	#define PS_CREATE_FLASH_LAYOUT 1
				130
				131	/* Enable emulated RAM FS for platforms that don't have flash for Protected Storage partition */
				132	#define PS_RAM_FS 0
				133
				134	/* Enable rollback protection for Protected Storage partition */
				135	#define PS_ROLLBACK_PROTECTION 1
				136
				137	/* Validate filesystem metadata every time it is read from flash */
				138	#define PS_VALIDATE_METADATA_FROM_FLASH 1
				139
				140	/* The maximum asset size to be stored in the Protected Storage */
				141	#define PS_MAX_ASSET_SIZE 2048
				142
				143	/* The maximum number of assets to be stored in the Protected Storage */
				144	#define PS_NUM_ASSETS 10
				145
				146	/* The stack size of the Protected Storage Secure Partition */
				147	#define PS_STACK_SIZE 0x700
				148
Xinyu Zhang	a2fab0e	2022-10-24 15:37:46 +0800	[diff] [blame]	149	#endif /* __CONFIG_BASE_H__ */