TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / next / TF-M / trusted-firmware-m / 2ecfc9fa17456fd99abb81ea0cae9be6aeec8fa6 / . / docs / design_documents / hardware_abstraction_layer.rst
blob: b7e17723818499c94d1540cacceb0669f2db3ca9 [file] [log] [blame]
Edison Ai75afd372020-04-21 18:29:57 +0800[diff] [blame]1##########################
2Hardware Abstraction Layer
3##########################
4
5:Organization: Arm Limited
6:Contact: tf-m@lists.trustedfirmware.org
7
8:API Version: 0.9
9
10************
11Introduction
12************
13:term:`TF-M` :term:`HAL` abstracts the hardware-oriented and platform specific
14operations on the :term:`SPE` side and provides a set of APIs to the upper
15layers such as :term:`SPM`, :term:`RoT Service`.
16The :term:`HAL` aims to cover the platform different aspects whereas common
17architecturally defined aspects are done generically within the common
18:term:`SPE`.
19In some cases, although the operations are defined architecturally,
20it may not be possible to generalize implementations because lots of information
21is only known to platforms.
22It is more efficient to define a :term:`HAL` API for those architectural
23operations as well.
24
25.. note::
26 :term:`TBSA-M` provides the hardware requirements for security purposes.
27 :term:`TF-M` :term:`HAL` tries to reference :term:`TBSA-M` recommendations in
28 the interfaces from the software perspective only. Please reference
29 :term:`TBSA-M` for your security hardware design.
30
31Design Goals
32============
33:term:`TF-M` :term:`HAL` is designed to simplify the integration efforts on
34different platforms.
35
36:term:`TF-M` :term:`HAL` is designed to make it easy to use the hardware and
37develop the :term:`SPM` and :term:`RoT Service` which need to access the
38devices.
39
40:term:`TF-M` :term:`HAL` is designed to make the structure clearer and let the
41:term:`TF-M` mainly focus on :term:`PSA` implementation.
42
43********
44Overview
45********
46This section provides an overview of the abstraction layer structure.
47
48.. figure:: media/hal_structure.png
49
50Here lists a minimal set of necessary functionalities:
51
52 - **Isolation API**: Provides the necessary isolation functionalities required
53 by the :term:`PSA-FF-M` and :term:`TBSA-M`, and provides APIs to :term:`SPM`
54 to check the permissions of memory access.
55 - **Platform API**: Provides the platform initialization, platform-specific
56 memory information, system reset, etc.
57 - **Loader API**: Provides the functions to load partitions and services and
58 provides the necessary data to :term:`SPM`.
59 - **Log dev API**: Provides the log system functions.
60 - **Interrupt API**: Provides the interrupt functions.
61
62.. note::
63 - There is a non-secure :term:`HAL` that focuses on the mailbox operation API
64 for Dual-core topology. For more information about it, please refer to
65 :doc:`Mailbox Design in TF-M on Dual-core System
66 </docs/design_documents/dual-cpu/mailbox_design_on_dual_core_system>`.
67 - The minimal set of :term:`TF-M` :term:`HAL` is sufficient for Secure
68 Partitions by using customized peripheral interfaces. To provide easier
69 portability for the Secure Partitions, a Secure Partition :term:`HAL` is
70 provided in this design too.
71 - The debug mechanisms give the external entity the corresponding right to
72 access the system assets. :term:`TF-M` ensures that the external entity is
73 permitted access to those assets. Currently, :term:`TF-M` only needs the
74 debug authentication. The whole debug mechanism and related :term:`HAL` will
75 be enhanced in the future. Please refer to the :doc:`Debug authentication
76 settings section </platform/readme>` for more detail.
77
78*****************
79Design Principles
80*****************
81As :term:`TF-M` runs on resource-constrained devices, the :term:`HAL` tries to
82avoid multiple level abstractions which cost more resources.
83
84Part of the :term:`HAL` interfaces does not focus on exact hardware operations
85such as power on/off or PIN manipulation.
86Instead, the :term:`HAL` abstracts higher-level interfaces to reserve the
87implementation flexibility for the platform vendors.
88
89The :term:`TF-M` :term:`HAL` should be easy to deprecate APIs and provide
90compatibilities.
91Any API incompatibility should be detected during building.
92
93:term:`TF-M` relies on the :term:`HAL` APIs to be implemented correctly and
94trusts the :term:`HAL` APIs.
95:term:`TFM` can provide assertions to detect common programming errors but
96essentially no further extensive checks will be provided.
97
98************
99Source Files
100************
101This section describes the source file of the :term:`TF-M` :term:`HAL`,
102including the header and c files.
103
104tfm_hal_defs.h
105==============
106This header file contains the definitions of common macros and types used by all
107:term:`HAL` APIs. Please refer to `Status Codes`_ for detailed definitions.
108
109tfm_hal_[module].[h/c]
110======================
111All other headers and c files are classified by the modules, such as isolation,
112platform, interrupt, devices, etc.
113
114.. note::
115 There are common files in the platform folder include the implemented
116 :term:`HAL` APIs. The platform vendors can use them directly but need to
117 implement all the sub APIs.
118
119************
120Status Codes
121************
122These are common status and error codes for all :term:`HAL` APIs.
123
124Types
125=====
126tfm_hal_status_t
127----------------
128This is a status code to be used as the return type of :term:`HAL` APIs.
129
130.. code-block:: c
131
Summer Qin2ecfc9f2020-08-20 14:20:27 +0800[diff] [blame^]132 enum tfm_hal_status_t {
133 TFM_HAL_ERROR_MEM_FAULT = CHAR_MIN,
134 TFM_HAL_ERROR_MAX_VALUE,
135 TFM_HAL_ERROR_BAD_STATE,
136 TFM_HAL_ERROR_NOT_SUPPORTED,
137 TFM_HAL_ERROR_INVALID_INPUT,
138 TFM_HAL_ERROR_NOT_INIT,
139 TFM_HAL_ERROR_GENERIC,
140 TFM_HAL_SUCCESS = 0
141 };
Edison Ai75afd372020-04-21 18:29:57 +0800[diff] [blame]142
143Error Codes
144===========
145Negative values indicate an error. Zero and positive values indicate success.
146
147Here is the general list. The detailed usages for each error code are described
148in the API introduction sections.
149
150TFM_HAL_SUCCESS
151---------------
152Status code to indicate general success.
153
Edison Ai75afd372020-04-21 18:29:57 +0800[diff] [blame]154TFM_HAL_ERROR_GENERIC
155---------------------
156Status code to indicate an error that does not correspond to any defined failure
157cause.
158
Edison Ai75afd372020-04-21 18:29:57 +0800[diff] [blame]159TFM_HAL_ERROR_NOT_INIT
160----------------------
161Status code to indicate that the module is not initialed.
162
Edison Ai75afd372020-04-21 18:29:57 +0800[diff] [blame]163TFM_HAL_ERROR_INVALID_INPUT
164---------------------------
165Status code to indicate that the input is invalid.
166
Edison Ai75afd372020-04-21 18:29:57 +0800[diff] [blame]167TFM_HAL_ERROR_NOT_SUPPORTED
168---------------------------
169Status code to indicate that the requested operation or a parameter is not
170supported.
171
Edison Ai75afd372020-04-21 18:29:57 +0800[diff] [blame]172TFM_HAL_ERROR_BAD_STATE
173-----------------------
174Status code to indicate that the requested action cannot be performed in the
175current state.
176
Edison Ai75afd372020-04-21 18:29:57 +0800[diff] [blame]177TFM_HAL_ERROR_MAX_VALUE
178-----------------------
179Status code to indicate that the current number has got the max value.
180
Edison Ai75afd372020-04-21 18:29:57 +0800[diff] [blame]181TFM_HAL_ERROR_MEM_FAULT
182-----------------------
183Status code to indicate that the memory check failed.
184
Edison Ai75afd372020-04-21 18:29:57 +0800[diff] [blame]185--------------
186
187*Copyright (c) 2020, Arm Limited. All rights reserved.*