Plaform: AN521: Introduce platform binding HAL
This API (tfm_hal_bind_boundaries) binds partition with platform by
a p_boundaries handle, to let platform records partition info and
apply specific settings. Check the API comment for details.
The patch also:
- Updates the boundary update HAL API.
- Updates the HAL design document.
- Removes the FIH on AN521.
Change-Id: I77bba50d16fc6bb034aff3f4a7a8dfefecf345ec
Signed-off-by: Ken Liu <Ken.Liu@arm.com>
Co-authored-by: Mingyang Sun <mingyang.sun@arm.com>
diff --git a/platform/include/tfm_hal_isolation.h b/platform/include/tfm_hal_isolation.h
index 18a8c50..120cdf5 100644
--- a/platform/include/tfm_hal_isolation.h
+++ b/platform/include/tfm_hal_isolation.h
@@ -10,8 +10,9 @@
#include <stddef.h>
#include <stdint.h>
-#include "fih.h"
#include "tfm_hal_defs.h"
+#include "load/partition_defs.h"
+#include "load/asset_defs.h"
#ifdef __cplusplus
extern "C" {
@@ -26,6 +27,7 @@
#define TFM_HAL_ACCESS_NS (1UL << 5)
#ifdef TFM_FIH_PROFILE_ON
+#include "fih.h"
/**
* \brief Sets up the static isolation boundaries which are constant throughout
* the runtime of the system, including the SPE/NSPE and partition
@@ -36,24 +38,20 @@
*/
fih_int tfm_hal_set_up_static_boundaries(void);
-#if TFM_LVL == 3
/**
- * \brief Updates the partition isolation boundary for isolation level 3.
- * The boundary protects the private data of the running partition.
- * The boundary is updated with SPM switching partition in level 3.
+ * \brief Update the isolation boundaries.
*
- * \param[in] start start address of the partition boundary.
- * \param[in] end end address of the partition boundary.
+ * \param[in] p_ldinf Partition load information.
+ * \param[in] p_boundaries Platform boundary handle for partition.
*
- * \return TFM_HAL_SUCCESS - the isolation boundary has been set up.
- * TFM_HAL_ERROR_GENERIC - failed to set up the isolation boundary.
+ * \return TFM_HAL_SUCCESS The isolation boundaries update succeeded.
+ * TFM_HAL_ERROR_GENERIC Failed to update the isolation boundaries.
*
* \note When FIH_ENABLE_DOUBLE_VARS is enabled, the return code will be
* wrapped and protected in \ref fih_int structure.
*/
-fih_int tfm_hal_mpu_update_partition_boundary(uintptr_t start,
- uintptr_t end);
-#endif
+fih_int tfm_hal_update_boundaries(const struct partition_load_info_t *p_ldinf,
+ void *p_boundaries);
#else /* TFM_FIH_PROFILE_ON */
/**
* \brief Sets up the static isolation boundaries which are constant throughout
@@ -62,30 +60,21 @@
*
* \return TFM_HAL_SUCCESS - the isolation boundaries have been set up.
* TFM_HAL_ERROR_GENERIC - failed to set up the isolation boundaries.
- *
- * \note When FIH_ENABLE_DOUBLE_VARS is enabled, the return code will be
- * wrapped and protected in \ref fih_int structure.
*/
enum tfm_hal_status_t tfm_hal_set_up_static_boundaries(void);
-#if TFM_LVL == 3
/**
- * \brief Updates the partition isolation boundary for isolation level 3.
- * The boundary protects the private data of the running partition.
- * The boundary is updated with SPM switching partition in level 3.
+ * \brief Update the isolation boundaries.
*
- * \param[in] start start address of the partition boundary.
- * \param[in] end end address of the partition boundary.
+ * \param[in] p_ldinf Partition load information.
+ * \param[in] p_boundaries Platform boundary handle for partition.
*
- * \return TFM_HAL_SUCCESS - the isolation boundary has been set up.
- * TFM_HAL_ERROR_GENERIC - failed to set up the isolation boundary.
- *
- * \note When FIH_ENABLE_DOUBLE_VARS is enabled, the return code will be
- * wrapped and protected in \ref fih_int structure.
+ * \return TFM_HAL_SUCCESS The isolation boundaries update succeeded.
+ * TFM_HAL_ERROR_GENERIC Failed to update the isolation boundaries.
*/
-enum tfm_hal_status_t tfm_hal_mpu_update_partition_boundary(uintptr_t start,
- uintptr_t end);
-#endif
+enum tfm_hal_status_t tfm_hal_update_boundaries(
+ const struct partition_load_info_t *p_ldinf,
+ void *p_boundaries);
#endif /* TFM_FIH_PROFILE_ON */
/**
@@ -108,6 +97,28 @@
size_t size,
uint32_t attr);
+/**
+ * \brief This API binds partition boundaries with the platform. The platform
+ * maintains the platform-specific settings for SPM further
+ * usage, such as update partition hardware boundaries or
+ * check resource accessibility. The platform needs to manage
+ * the settings with internal mechanism, and return a handle
+ * to SPM. SPM delivers this handle back to platform when
+ * necessary. And SPM checks this handle to decide if the
+ * platform-specific settings need to be updated. Hence
+ * multiple partitions can have the same handle if they have
+ * the same platform-specific settings, depending on isolation level.
+ *
+ * \param[in] p_ldinf Partition load information.
+ * \param[in] pp_boundaries Pointer of the boundary handle
+ *
+ * \return TFM_HAL_SUCCESS - A platform handle binding success.
+ * TFM_HAL_ERROR_GENERIC - Error occured while binding.
+ */
+enum tfm_hal_status_t tfm_hal_bind_boundaries(
+ const struct partition_load_info_t *p_ldinf,
+ void **pp_boundaries);
+
#ifdef __cplusplus
}
#endif