Core: Align with PSA FF specification 1.0-beta-0
- Renamed psa_error_t to psa_status_t
- All functions that accept or return signals now use the psa_signal_t
type
- Removed PSA_CONNECTION_ACCEPTED and replaced its use in connection
messages by PSA_SUCCESS
- Added PSA_CONNECTION_BUSY to indicate transient error conditions
during calls to psa_connect() and renumbered the PSA error codes
- Removed psa_identity() and replaced it with client_id in psa_msg_t
- Renamed psa_end() to psa_reply()
- Combine psa_wait_any() and psa_wait_interrupt() into psa_wait().
Change-Id: Id3ba56f145a29aff297cc56e66810e0dbe0f913b
Signed-off-by: Edison Ai <edison.ai@arm.com>
Co-authored-by: Summer Qin <summer.qin@arm.com>
diff --git a/interface/include/psa_client.h b/interface/include/psa_client.h
index dbe0e72..7053474 100644
--- a/interface/include/psa_client.h
+++ b/interface/include/psa_client.h
@@ -15,116 +15,125 @@
#include <stdint.h>
#include <stddef.h>
-/* ******** ******** PSA Common API ******** ******** */
+/*********************** PSA Client Macros and Types *************************/
-/* FixMe: PSA FF v0.9 has not been released. All PSA API subject to change */
-#define PSA_FRAMEWORK_VERSION (0x0009)
+#define PSA_FRAMEWORK_VERSION (0x0100)
#define PSA_VERSION_NONE (0)
/* PSA response types */
#define PSA_SUCCESS (0)
#define PSA_CONNECTION_REFUSED (INT32_MIN + 1)
+#define PSA_CONNECTION_BUSY (INT32_MIN + 2)
#define PSA_DROP_CONNECTION (INT32_MIN)
/* PSA message handles */
#define PSA_NULL_HANDLE ((psa_handle_t)0)
-typedef int32_t psa_error_t;
+typedef int32_t psa_status_t;
typedef int32_t psa_handle_t;
/**
- * A read-only input memory region provided to a RoT Service.
+ * A read-only input memory region provided to an RoT Service.
*/
typedef struct psa_invec {
- const void *base; /*!< the start address of the memory buffer */
- size_t len; /*!< the size in bytes */
+ const void *base; /*!< the start address of the memory buffer */
+ size_t len; /*!< the size in bytes */
} psa_invec;
/**
- * A writable output memory region provided to a RoT Service.
+ * A writable output memory region provided to an RoT Service.
*/
typedef struct psa_outvec {
- void *base; /*!< the start address of the memory buffer */
- size_t len; /*!< the size in bytes */
+ void *base; /*!< the start address of the memory buffer */
+ size_t len; /*!< the size in bytes */
} psa_outvec;
+/*************************** PSA Client API **********************************/
+
/**
* \brief Retrieve the version of the PSA Framework API that is implemented.
*
- * \return The version of the PSA Framework implementation that is providing
- * the runtime services to the caller.
- * \return The major and minor version are encoded as follows:
- * \arg version[15:8] -- major version number
- * \arg version[7:0] -- minor version number
+ * \return version The version of the PSA Framework implementation
+ * that is providing the runtime services to the
+ * caller. The major and minor version are encoded
+ * as follows:
+ * \arg version[15:8] -- major version number.
+ * \arg version[7:0] -- minor version number.
*/
uint32_t psa_framework_version(void);
-/* ******** ******** PSA Client API ******** ******** */
-
/**
- * \brief Retrieve the minor version of a RoT Service or indicate that
- * it is not present on this system.
+ * \brief Retrieve the minor version of an RoT Service or indicate that it is
+ * not present on this system.
*
- * \param[in] sid ID of the RoT Service to query
+ * \param[in] sid ID of the RoT Service to query.
*
- * \retval PSA_VERSION_NONE The RoT Service is not implemented, or the
- * caller is not permitted to access the service
- * \retval >0 The minor version of the implemented RoT Service
+ * \retval PSA_VERSION_NONE The RoT Service is not implemented, or the
+ * caller is not permitted to access the service.
+ * \retval > 0 The minor version of the implemented RoT
+ * Service.
*/
uint32_t psa_version(uint32_t sid);
/**
- * \brief Connect to a RoT Service by its SID.
+ * \brief Connect to an RoT Service by its SID.
*
- * \param[in] sid ID of the RoT Service to connect to
- * \param[in] minor_version Requested version of the RoT Service
+ * \param[in] sid ID of the RoT Service to connect to.
+ * \param[in] minor_version Requested version of the RoT Service.
*
- * \retval >0 A handle for the connection
- * \retval PSA_CONNECTION_REFUSED The RoT Service has refused the connection
- * \retval "Does not return" The RoT Service ID and version are not
- * supported, or the caller is not permitted
- * to access the service
+ * \retval > 0 A handle for the connection.
+ * \retval PSA_CONNECTION_REFUSED The SPM or RoT Service has refused the
+ * connection.
+ * \retval PSA_CONNECTION_BUSY The SPM or RoT Service cannot make the
+ * connection at the moment.
+ * \retval "Does not return" The RoT Service ID and version are not
+ * supported, or the caller is not permitted to
+ * access the service.
*/
psa_handle_t psa_connect(uint32_t sid, uint32_t minor_version);
/**
- * \brief Calls a RoT Service on an established connection.
+ * \brief Call an RoT Service on an established connection.
*
- * \param[in] handle A handle to an established connection
- * \param[in] in_vec Array of input \ref psa_invec structures
- * \param[in] in_len Number of input \ref psa_invec structures
- * \param[in] out_vec Array of input \ref psa_outvec structures
- * \param[in] in_len Number of input \ref psa_outvec structures
+ * \param[in] handle A handle to an established connection.
+ * \param[in] in_vec Array of input \ref psa_invec structures.
+ * \param[in] in_len Number of input \ref psa_invec structures.
+ * \param[in/out] out_vec Array of output \ref psa_outvec structures.
+ * \param[in] out_len Number of output \ref psa_outvec structures.
*
- * \retval >=0 Application-specific return code
- * \retval <0 Application-specific error code
- * \retval PSA_DROP_CONNECTION The connection has been dropped by the RoT
- * Service. This indicates that either this or
- * a previous message was invalid
- * \retval "Does not return" The call is invalid, one or more of the following
- * are true:
- * \arg An invalid handle was passed
- * \arg An invalid memory reference was provided
- * \arg in_len + out_len > PSA_MAX_IOVEC
- * \arg The message is unrecognized by the RoT Service
- * or incorrectly formatted
+ * \retval >=0 RoT Service-specific status value.
+ * \retval <0 RoT Service-specific error code.
+ * \retval PSA_DROP_CONNECTION The connection has been dropped by the RoT
+ * Service. This indicates that either this or
+ * a previous message was invalid.
+ * \retval "Does not return" The call is invalid, one or more of the
+ * following are true:
+ * \arg An invalid handle was passed.
+ * \arg The connection is already handling a request.
+ * \arg An invalid memory reference was provided.
+ * \arg in_len + out_len > PSA_MAX_IOVEC.
+ * \arg The message is unrecognized by the RoT
+ * Service or incorrectly formatted.
*/
-psa_error_t psa_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- const psa_outvec *out_vec,
- size_t out_len);
+psa_status_t psa_call(psa_handle_t handle,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len);
/**
- * \brief Closes a connection to a RoT Service.
+ * \brief Close a connection to an RoT Service.
*
- * \param[in] handle A handle to an established connection, or the
- * null handle
+ * \param[in] handle A handle to an established connection, or the
+ * null handle.
*
- * \retval void Success
- * \retval "Does not return" An invalid handle was provided that is not the
- * null handle
+ * \retval void Success.
+ * \retval "Does not return" The call is invalid, one or more of the
+ * following are true:
+ * \arg An invalid handle was provided that is not
+ * the null handle.
+ * \arg The connection is handling a request.
*/
void psa_close(psa_handle_t handle);
diff --git a/interface/include/psa_service.h b/interface/include/psa_service.h
index 38467b0..753fab7 100644
--- a/interface/include/psa_service.h
+++ b/interface/include/psa_service.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -14,11 +14,16 @@
#include <inttypes.h>
+/********************** PSA Secure Partition Macros and Types ****************/
+
/* PSA wait timeouts */
#define PSA_POLL (0x00000000u)
#define PSA_BLOCK (0x80000000u)
-/* doorbell signal */
+/* A mask value that includes all Secure Partition signals */
+#define PSA_WAIT_ANY (~0u)
+
+/* Doorbell signal */
#define PSA_DOORBELL (0x00000008u)
/* PSA message types */
@@ -26,227 +31,219 @@
#define PSA_IPC_CALL (2)
#define PSA_IPC_DISCONNECT (3)
-/* PSA response types */
-#define PSA_CONNECTION_ACCEPTED (0)
-
-/* maximum number of input and output vectors */
+/* Maximum number of input and output vectors */
#define PSA_MAX_IOVEC (4)
+/* Return code from psa_get() */
+#define PSA_ERR_NOMSG (INT32_MIN + 3)
+
+/* Store a set of one or more Secure Partition signals */
typedef uint32_t psa_signal_t;
/**
- * Describes a message received by a RoT Service after calling \ref psa_get().
+ * Describe a message received by an RoT Service after calling \ref psa_get().
*/
typedef struct psa_msg_t {
- uint32_t type;
- psa_handle_t handle;
- void *rhandle;
- size_t in_size[PSA_MAX_IOVEC];
- size_t out_size[PSA_MAX_IOVEC];
+ uint32_t type; /* One of the following values:
+ * \ref PSA_IPC_CONNECT
+ * \ref PSA_IPC_CALL
+ * \ref PSA_IPC_DISCONNECT
+ */
+ psa_handle_t handle; /* A reference generated by the SPM to the
+ * message returned by psa_get().
+ */
+ int32_t client_id; /* Partition ID of the sender of the message */
+ void *rhandle; /* Be useful for binding a connection to some
+ * application-specific data or function
+ * pointer within the RoT Service
+ * implementation.
+ */
+ size_t in_size[PSA_MAX_IOVEC]; /* Provide the size of each client input
+ * vector in bytes.
+ */
+ size_t out_size[PSA_MAX_IOVEC];/* Provide the size of each client output
+ * vector in bytes.
+ */
} psa_msg_t;
-/* ******** ******** PSA Secure Function API ******** ******** */
+/************************* PSA Secure Partition API **************************/
/**
- * \brief Returns the set of signals that have been asserted for a Sercure
- * Partition.
+ * \brief Return the Secure Partition interrupt signals that have been asserted
+ * from a subset of signals provided by the caller.
*
- * \param[in] timeout Specify either blocking or polling operation
+ * \param[in] signal_mask A set of signals to query. Signals that are not
+ * in this set will be ignored.
+ * \param[in] timeout Specify either blocking \ref PSA_BLOCK or
+ * polling \ref PSA_POLL operation.
*
- * \retval >0 At least one signal is asserted
- * \retval 0 No signals are asserted. This is only seen if the
- * caller used a polling timeout
+ * \retval >0 At least one signal is asserted.
+ * \retval 0 No signals are asserted. This is only seen when
+ * a polling timeout is used.
*/
-uint32_t psa_wait_any(uint32_t timeout);
+psa_signal_t psa_wait(psa_signal_t signal_mask, uint32_t timeout);
/**
- * \brief Returns the Secure Partition interrupt signals that have been
- * asserted from the subset of signals indicated in the bitmask provided.
- *
- * \param[in] signal_mask A set of interrupt and doorbell signals to query.
- * Signals that are not in this set will be ignored
- * \param[in] timeout Specify either blocking or polling operation
- *
- * \retval >0 At least one signal is asserted
- * \retval 0 No signals are asserted. This case is only seen if
- * caller used a polling timeout
- * \retval "Does not return" The call is invalid, one or more of the following
- * are true:
- * \arg signal_mask does not include any interrupt or
- * doorbell signals
- * \arg signal_mask includes one or more RoT Service
- * signals
- */
-uint32_t psa_wait_interrupt(psa_signal_t signal_mask, uint32_t timeout);
-
-/**
- * \brief Get the message which corresponds to a given RoT Service signal
+ * \brief Retrieve the message which corresponds to a given RoT Service signal
* and remove the message from the RoT Service queue.
*
- * \param[in] signal The signal value for an asserted RoT Service
- * \param[out] msg Pointer to \ref psa_msg_t object for receiving
- * the message
+ * \param[in] signal The signal value for an asserted RoT Service.
+ * \param[out] msg Pointer to \ref psa_msg_t object for receiving
+ * the message.
*
- * \retval void Success
- * \retval "Does not return" The call is invalid because one or more of the
- * following are true:
- * \arg signal has more than a single bit set
- * \arg signal does not correspond to a RoT Service
- * \arg The RoT Service signal is not currently asserted
- * \arg The msg pointer provided is not a valid memory
- * reference
+ * \retval PSA_SUCCESS Success, *msg will contain the delivered
+ * message.
+ * \retval PSA_ERR_NOMSG Message could not be delivered.
+ * \retval "Does not return" The call is invalid because one or more of the
+ * following are true:
+ * \arg signal has more than a single bit set.
+ * \arg signal does not correspond to an RoT Service.
+ * \arg The RoT Service signal is not currently
+ * asserted.
+ * \arg The msg pointer provided is not a valid memory
+ * reference.
*/
-void psa_get(psa_signal_t signal, psa_msg_t *msg);
+psa_status_t psa_get(psa_signal_t signal, psa_msg_t *msg);
/**
- * \brief Get the Partition ID of the sender of a message.
+ * \brief Associate some RoT Service private data with a client connection.
*
- * \param[in] msg_handle Message handle for an incoming message
+ * \param[in] msg_handle Handle for the client's message.
+ * \param[in] rhandle Reverse handle allocated by the RoT Service.
*
- * \retval >0 ID of a Secure Partition
- * \retval <0 ID of an NSPE client
- * \retval "Does not return" msg_handle is invalid
- *
- * \note Bit[31] is set if the caller is from the NSPE.
- */
-int32_t psa_identity(psa_handle_t msg_handle);
-
-/**
- * \brief Associates some caller-provided private data with a specified client
- * connection.
- *
- * \param[in] msg_handle Handle for the client's message
- * \param[in] rhandle Reverse handle allocated by the RoT Service
- *
- * \retval void Success, rhandle will be provided with all
- * subsequent messages delivered on this connection
- * \retval "Does not return" msg_handle is invalid
+ * \retval void Success, rhandle will be provided with all
+ * subsequent messages delivered on this
+ * connection.
+ * \retval "Does not return" msg_handle is invalid.
*/
void psa_set_rhandle(psa_handle_t msg_handle, void *rhandle);
/**
- * \brief Read a message parameter or part of a message parameter from the
- * client input vector.
+ * \brief Read a message parameter or part of a message parameter from a client
+ * input vector.
*
- * \param[in] msg_handle Handle for the client's message
- * \param[in] invec_idx Index of the input vector to read from. Must be
- * less than \ref PSA_MAX_IOVEC
- * \param[out] buffer Buffer in the Secure Partition to copy the
- * requested data to
- * \param[in] num_bytes Maximum number of bytes to be read from the client
- * input vector
+ * \param[in] msg_handle Handle for the client's message.
+ * \param[in] invec_idx Index of the input vector to read from. Must be
+ * less than \ref PSA_MAX_IOVEC.
+ * \param[out] buffer Buffer in the Secure Partition to copy the
+ * requested data to.
+ * \param[in] num_bytes Maximum number of bytes to be read from the
+ * client input vector.
*
- * \retval >0 Number of bytes copied
- * \retval 0 There was no remaining data in this input vector
- * \retval "Does not return" The call is invalid, one or more of the following
- * are true:
- * \arg msg_handle is invalid
- * \arg msg_handle does not refer to a \ref PSA_IPC_CALL
- * message
- * \arg invec_idx is equal to or greater than
- * PSA_MAX_IOVEC
- * \arg the memory reference for buffer is invalid or
- * not writable
+ * \retval >0 Number of bytes copied.
+ * \retval 0 There was no remaining data in this input
+ * vector.
+ * \retval "Does not return" The call is invalid, one or more of the
+ * following are true:
+ * \arg msg_handle is invalid.
+ * \arg msg_handle does not refer to a
+ * \ref PSA_IPC_CALL message.
+ * \arg invec_idx is equal to or greater than
+ * \ref PSA_MAX_IOVEC.
+ * \arg the memory reference for buffer is invalid or
+ * not writable.
*/
size_t psa_read(psa_handle_t msg_handle, uint32_t invec_idx,
- void *buffer, size_t num_bytes);
+ void *buffer, size_t num_bytes);
/**
- * \brief Skip a given number of bytes for an input vector.
+ * \brief Skip over part of a client input vector.
*
- * \param[in] msg_handle Handle for the client's message
- * \param[in] invec_idx Index of input vector in message to skip from.
- * Must be less than \ref PSA_MAX_IOVEC
- * \param[in] num_bytes Maximum number of bytes to skip in the client input
- * vector
+ * \param[in] msg_handle Handle for the client's message.
+ * \param[in] invec_idx Index of input vector to skip from. Must be
+ * less than \ref PSA_MAX_IOVEC.
+ * \param[in] num_bytes Maximum number of bytes to skip in the client
+ * input vector.
*
- * \retval >0 Number of bytes skipped
- * \retval 0 There was no remaining data in this input vector
- * \retval "Does not return" The call is invalid, one or more of the following
- * are true:
- * \arg msg_handle is invalid
- * \arg msg_handle does not refer to a \ref PSA_IPC_CALL
- * message
- * \arg invec_idx is equal to or greater than
- * PSA_MAX_IOVEC
+ * \retval >0 Number of bytes skipped.
+ * \retval 0 There was no remaining data in this input
+ * vector.
+ * \retval "Does not return" The call is invalid, one or more of the
+ * following are true:
+ * \arg msg_handle is invalid.
+ * \arg msg_handle does not refer to a
+ * \ref PSA_IPC_CALL message.
+ * \arg invec_idx is equal to or greater than
+ * \ref PSA_MAX_IOVEC.
*/
size_t psa_skip(psa_handle_t msg_handle, uint32_t invec_idx, size_t num_bytes);
/**
- * \brief Write a message response to the client output vector.
+ * \brief Write a message response to a client output vector.
*
- * \param[in] msg_handle Handle for the client's message
- * \param[out] outvec_idx Index of output vector in message to write to.
- * Must be less than \ref PSA_MAX_IOVEC
- * \param[in] buffer Buffer with the data to write
- * \param[in] num_bytes Number of bytes to write to the client output
- * vector
+ * \param[in] msg_handle Handle for the client's message.
+ * \param[out] outvec_idx Index of output vector in message to write to.
+ * Must be less than \ref PSA_MAX_IOVEC.
+ * \param[in] buffer Buffer with the data to write.
+ * \param[in] num_bytes Number of bytes to write to the client output
+ * vector.
*
- * \retval void Success
- * \retval "Does not return" The call is invalid, one or more of the following
- * are true:
- * \arg msg_handle is invalid
- * \arg msg_handle does not refer to a \ref PSA_IPC_CALL
- * message
- * \arg outvec_idx is equal to or greater than
- * \ref PSA_MAX_IOVEC
- * \arg the memory reference for buffer is invalid
- * \arg the call attempts to write data past the end of
- * the client output vector
+ * \retval void Success
+ * \retval "Does not return" The call is invalid, one or more of the
+ * following are true:
+ * \arg msg_handle is invalid.
+ * \arg msg_handle does not refer to a
+ * \ref PSA_IPC_CALL message.
+ * \arg outvec_idx is equal to or greater than
+ * \ref PSA_MAX_IOVEC.
+ * \arg The memory reference for buffer is invalid.
+ * \arg The call attempts to write data past the end
+ * of the client output vector.
*/
void psa_write(psa_handle_t msg_handle, uint32_t outvec_idx,
- const void *buffer, size_t num_bytes);
+ const void *buffer, size_t num_bytes);
/**
- * \brief Completes handling of a specific message and unblocks the client.
+ * \brief Complete handling of a specific message and unblock the client.
*
- * \param[in] msg_handle Handle for the client's message or the null handle
- * \param[in] retval Return value to be reported to the client
+ * \param[in] msg_handle Handle for the client's message.
+ * \param[in] status Message result value to be reported to the
+ * client.
*
- * \retval void Success
- * \retval "Does not return" The call is invalid, one or more of the following
- * are true:
- * \arg msg_handle is invalid and is not the null handle
- * \arg An invalid return code is specified for the type
- * of message
+ * \retval void Success.
+ * \retval "Does not return" The call is invalid, one or more of the
+ * following are true:
+ * \arg msg_handle is invalid.
+ * \arg An invalid status code is specified for the
+ * type of message.
*/
-void psa_end(psa_handle_t msg_handle, psa_error_t retval);
+void psa_reply(psa_handle_t msg_handle, psa_status_t status);
/**
- * \brief Sends a PSA_DOORBELL signal to a specific Secure Partition.
+ * \brief Send a PSA_DOORBELL signal to a specific Secure Partition.
*
- * \param[in] partition_id Secure Partition ID of the target partition
+ * \param[in] partition_id Secure Partition ID of the target partition.
*
- * \retval void Success
- * \retval "Does not return" partition_id does not correspond to a Secure
- * Partition
+ * \retval void Success.
+ * \retval "Does not return" partition_id does not correspond to a Secure
+ * Partition.
*/
void psa_notify(int32_t partition_id);
/**
- * \brief Clears the PSA_DOORBELL signal.
+ * \brief Clear the PSA_DOORBELL signal.
*
* \param[in] void
*
- * \retval void Success
- * \retval "Does not return" The Secure Partition's doorbell signal is not
- * currently asserted
+ * \retval void Success.
+ * \retval "Does not return" The Secure Partition's doorbell signal is not
+ * currently asserted.
*/
void psa_clear(void);
/**
- * \brief Informs the SPM that an interrupt has been handled (end of interrupt).
+ * \brief Inform the SPM that an interrupt has been handled (end of interrupt).
*
- * \param[in] irq_signal The interrupt signal that has been processed
+ * \param[in] irq_signal The interrupt signal that has been processed.
*
- * \retval void Success
- * \retval "Does not return" The call is invalid, one or more of the following
- * are true:
- * \arg irq_signal is not an interrupt signal
- * \arg irq_signal indicates more than one signal
- * \arg irq_signal is not currently asserted
+ * \retval void Success.
+ * \retval "Does not return" The call is invalid, one or more of the
+ * following are true:
+ * \arg irq_signal is not an interrupt signal.
+ * \arg irq_signal indicates more than one signal.
+ * \arg irq_signal is not currently asserted.
*/
-void psa_eoi(uint32_t irq_signal);
+void psa_eoi(psa_signal_t irq_signal);
#ifdef __cplusplus
}
diff --git a/interface/include/tfm_api.h b/interface/include/tfm_api.h
index 527a433..7656908 100644
--- a/interface/include/tfm_api.h
+++ b/interface/include/tfm_api.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2017-2019, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -75,6 +75,13 @@
enum tfm_status_e tfm_register_client_id (int32_t ns_client_id);
/**
+ * \brief Retrieve the version of the PSA Framework API that is implemented
+ *
+ * \return The version of the PSA Framework
+ */
+uint32_t tfm_psa_framework_version_veneer(void);
+
+/**
* \brief Return version of secure function provided by secure binary
*
* \param[in] sid ID of secure service
@@ -100,20 +107,20 @@
* \param[in] in_vecs invec containing pointer/count of input vectors
* \param[in] out_vecs invec containing pointer/count of output vectors
*
- * \return Returns \ref psa_error_t error code
+ * \return Returns \ref psa_status_t status code
*/
-psa_error_t tfm_psa_call_veneer(psa_handle_t handle,
- const psa_invec *in_vecs,
- const psa_invec *out_vecs);
+psa_status_t tfm_psa_call_veneer(psa_handle_t handle,
+ const psa_invec *in_vecs,
+ const psa_invec *out_vecs);
/**
* \brief Close connection to secure function referenced by a connection handle
*
* \param[in] handle Handle to connection
*
- * \return Returns \ref psa_error_t error code
+ * \return Returns \ref psa_status_t status code
*/
-psa_error_t tfm_psa_close_veneer(psa_handle_t handle);
+psa_status_t tfm_psa_close_veneer(psa_handle_t handle);
//================ End Secure function declarations ==========================//
diff --git a/interface/src/tfm_psa_ns_api.c b/interface/src/tfm_psa_ns_api.c
index 45e8082..159eef9 100644
--- a/interface/src/tfm_psa_ns_api.c
+++ b/interface/src/tfm_psa_ns_api.c
@@ -11,6 +11,15 @@
/**** API functions ****/
+uint32_t psa_framework_version(void)
+{
+ return tfm_ns_lock_dispatch((veneer_fn)tfm_psa_framework_version_veneer,
+ 0,
+ 0,
+ 0,
+ 0);
+}
+
uint32_t psa_version(uint32_t sid)
{
return tfm_ns_lock_dispatch((veneer_fn)tfm_psa_version_veneer,
@@ -29,11 +38,11 @@
0);
}
-psa_error_t psa_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- const psa_outvec *out_vec,
- size_t out_len)
+psa_status_t psa_call(psa_handle_t handle,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
{
/* FixMe: sanity check can be added to offload some NS thread checks from
* TFM secure API
@@ -43,6 +52,7 @@
* serialization in order for NS to pass arguments to S
*/
psa_invec in_vecs, out_vecs;
+
in_vecs.base = in_vec;
in_vecs.len = in_len;
out_vecs.base = out_vec;