Partitions: remove PSA proxy partition
Removed with all related configuration.
Option to build Musca-B1 with PSA proxy is also removed.
Signed-off-by: Mark Horvath <mark.horvath@arm.com>
Change-Id: I089c3ffd6908f14642f0c781c4a793378a59a79b
diff --git a/bl2/ext/mcuboot/CMakeLists.txt b/bl2/ext/mcuboot/CMakeLists.txt
index f82a738..2dd924b 100644
--- a/bl2/ext/mcuboot/CMakeLists.txt
+++ b/bl2/ext/mcuboot/CMakeLists.txt
@@ -242,13 +242,10 @@
DEPENDS tfm_s_ns_bin tfm_s_ns.bin
DEPENDS signing_layout_s
- # Use the non-secure key to sign the combined image if FORWARD_PROT_MSG is set.
- # In such a configuration there is a subsystem with higher privileges controlling the
- # the boot process and current implementation requires to use the non-secure key here.
COMMAND ${Python3_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/wrapper/wrapper.py
-v ${MCUBOOT_IMAGE_VERSION_S}
--layout $<TARGET_OBJECTS:signing_layout_s>
- -k $<IF:$<BOOL:${FORWARD_PROT_MSG}>,${MCUBOOT_KEY_NS},${MCUBOOT_KEY_S}>
+ -k ${MCUBOOT_KEY_S}
--public-key-format $<IF:$<BOOL:${MCUBOOT_HW_KEY}>,full,hash>
--align ${MCUBOOT_ALIGN_VAL}
--pad
diff --git a/cmake/install.cmake b/cmake/install.cmake
index a9971de..ff38cfa 100644
--- a/cmake/install.cmake
+++ b/cmake/install.cmake
@@ -60,14 +60,14 @@
DESTINATION ${INSTALL_INTERFACE_INC_DIR}/tfm/veneers)
endif()
-if (TFM_PARTITION_PROTECTED_STORAGE OR FORWARD_PROT_MSG)
+if (TFM_PARTITION_PROTECTED_STORAGE)
install(FILES ${INTERFACE_INC_DIR}/psa/protected_storage.h
DESTINATION ${INSTALL_INTERFACE_INC_DIR}/psa)
install(FILES ${INTERFACE_INC_DIR}/tfm_ps_defs.h
DESTINATION ${INSTALL_INTERFACE_INC_DIR})
endif()
-if (TFM_PARTITION_INTERNAL_TRUSTED_STORAGE OR FORWARD_PROT_MSG)
+if (TFM_PARTITION_INTERNAL_TRUSTED_STORAGE)
install(FILES ${INTERFACE_INC_DIR}/psa/internal_trusted_storage.h
${INTERFACE_INC_DIR}/psa/storage_common.h
DESTINATION ${INSTALL_INTERFACE_INC_DIR}/psa)
@@ -75,7 +75,7 @@
DESTINATION ${INSTALL_INTERFACE_INC_DIR})
endif()
-if (TFM_PARTITION_CRYPTO OR FORWARD_PROT_MSG)
+if (TFM_PARTITION_CRYPTO)
install(FILES ${INTERFACE_INC_DIR}/psa/crypto_extra.h
${INTERFACE_INC_DIR}/psa/crypto_compat.h
${INTERFACE_INC_DIR}/psa/crypto.h
@@ -89,7 +89,7 @@
DESTINATION ${INSTALL_INTERFACE_INC_DIR})
endif()
-if (TFM_PARTITION_INITIAL_ATTESTATION OR FORWARD_PROT_MSG)
+if (TFM_PARTITION_INITIAL_ATTESTATION)
install(FILES ${INTERFACE_INC_DIR}/psa/initial_attestation.h
DESTINATION ${INSTALL_INTERFACE_INC_DIR}/psa)
install(FILES ${INTERFACE_INC_DIR}/tfm_attest_defs.h
@@ -102,7 +102,7 @@
DESTINATION ${INSTALL_INTERFACE_INC_DIR})
endif()
-if(TFM_PARTITION_PLATFORM OR FORWARD_PROT_MSG)
+if(TFM_PARTITION_PLATFORM)
install(FILES ${INTERFACE_INC_DIR}/tfm_platform_api.h
DESTINATION ${INSTALL_INTERFACE_INC_DIR})
endif()
@@ -135,7 +135,7 @@
DESTINATION ${INSTALL_INTERFACE_SRC_DIR})
endif()
-if (TFM_PARTITION_PROTECTED_STORAGE OR FORWARD_PROT_MSG)
+if (TFM_PARTITION_PROTECTED_STORAGE)
if (TFM_PSA_API)
install(FILES ${INTERFACE_SRC_DIR}/tfm_ps_ipc_api.c
DESTINATION ${INSTALL_INTERFACE_SRC_DIR})
@@ -145,7 +145,7 @@
endif()
endif()
-if (TFM_PARTITION_INTERNAL_TRUSTED_STORAGE OR FORWARD_PROT_MSG)
+if (TFM_PARTITION_INTERNAL_TRUSTED_STORAGE)
if (TFM_PSA_API)
install(FILES ${INTERFACE_SRC_DIR}/tfm_its_ipc_api.c
DESTINATION ${INSTALL_INTERFACE_SRC_DIR})
@@ -155,7 +155,7 @@
endif()
endif()
-if (TFM_PARTITION_CRYPTO OR FORWARD_PROT_MSG)
+if (TFM_PARTITION_CRYPTO)
if (TFM_PSA_API)
install(FILES ${INTERFACE_SRC_DIR}/tfm_crypto_ipc_api.c
DESTINATION ${INSTALL_INTERFACE_SRC_DIR})
@@ -165,7 +165,7 @@
endif()
endif()
-if (TFM_PARTITION_INITIAL_ATTESTATION OR FORWARD_PROT_MSG)
+if (TFM_PARTITION_INITIAL_ATTESTATION)
if (TFM_PSA_API)
install(FILES ${INTERFACE_SRC_DIR}/tfm_initial_attestation_ipc_api.c
DESTINATION ${INSTALL_INTERFACE_SRC_DIR})
@@ -180,7 +180,7 @@
DESTINATION ${INSTALL_INTERFACE_SRC_DIR})
endif()
-if(TFM_PARTITION_PLATFORM OR FORWARD_PROT_MSG)
+if(TFM_PARTITION_PLATFORM)
if(TFM_PSA_API)
install(FILES ${INTERFACE_SRC_DIR}/tfm_platform_ipc_api.c
DESTINATION ${INSTALL_INTERFACE_SRC_DIR})
diff --git a/config/config_default.cmake b/config/config_default.cmake
index 80c7fca..7da2bff 100755
--- a/config/config_default.cmake
+++ b/config/config_default.cmake
@@ -159,9 +159,6 @@
set(TFM_PARTITION_AUDIT_LOG OFF CACHE BOOL "Enable Audit Log partition")
-set(TFM_PARTITION_PSA_PROXY OFF CACHE BOOL "Enable PSA Proxy partition")
-
-set(FORWARD_PROT_MSG OFF CACHE BOOL "Whether to forward all PSA RoT messages to a Secure Enclave")
set(TFM_PARTITION_FIRMWARE_UPDATE OFF CACHE BOOL "Enable firmware update partition")
set(TFM_FWU_BOOTLOADER_LIB "mcuboot" CACHE STRING "Bootloader configure file for Firmware Update partition")
set(PSA_FWU_MAX_BLOCK_SIZE 1024 CACHE STRING "The maximum permitted size for block in psa_fwu_write, in bytes.")
diff --git a/docs/integration_guide/platform/porting_TFM_to_a_new_hardware.rst b/docs/integration_guide/platform/porting_TFM_to_a_new_hardware.rst
index 65f1294..2f4b68b 100644
--- a/docs/integration_guide/platform/porting_TFM_to_a_new_hardware.rst
+++ b/docs/integration_guide/platform/porting_TFM_to_a_new_hardware.rst
@@ -400,11 +400,6 @@
+----------------------------------+-----------------------------------------------------------------------+-----------------------------------+
|CMSE_VENEER_REGION_SIZE | Size of the veneer Code | if library mode and not multicore |
+----------------------------------+-----------------------------------------------------------------------+-----------------------------------+
- |PSA_PROXY_SHARED_MEMORY_BASE | Start of shared memory | if IPC mode and secure enclave |
- +----------------------------------+-----------------------------------------------------------------------+-----------------------------------+
- |PSA_PROXY_SHARED_MEMORY_SIZE | Size of shared memory | if IPC mode and secure enclave |
- +----------------------------------+-----------------------------------------------------------------------+-----------------------------------+
-
CMSIS_Driver/Config/cmsis_driver_config.h:
------------------------------------------
diff --git a/docs/integration_guide/services/index.rst b/docs/integration_guide/services/index.rst
index 4ad012d..e8d2caa 100644
--- a/docs/integration_guide/services/index.rst
+++ b/docs/integration_guide/services/index.rst
@@ -11,7 +11,6 @@
Internal Storage <tfm_its_integration_guide>
Platform <tfm_platform_integration_guide>
Protected Storage <tfm_ps_integration_guide>
- PSA Proxy <tfm_psa_proxy_integration_guide>
Adding a New Service <tfm_secure_partition_addition>
The manifest tool <tfm_manifest_tool_user_guide>
diff --git a/docs/integration_guide/services/tfm_psa_proxy_integration_guide.rst b/docs/integration_guide/services/tfm_psa_proxy_integration_guide.rst
deleted file mode 100644
index d0a2f34..0000000
--- a/docs/integration_guide/services/tfm_psa_proxy_integration_guide.rst
+++ /dev/null
@@ -1,85 +0,0 @@
-#####################################
-PSA Proxy Partition Integration Guide
-#####################################
-
-************
-Introduction
-************
-TF-M PSA Proxy partition is responsible for forwarding all the PSA RoT messages
-to a Secure Enclave, this way virtually providing all the PSA RoT services.
-Proxy can only be used in IPC model, for context and design details please
-check the
-:doc:`Secure Enclave design document </technical_references/design_docs/secure_enclave_solution>`.
-
-Currently to forward the PSA Client call parameters Proxy must read them with
-``psa_read`` into a memory area shared with the Secure Enclave. (Similarily
-``psa_write`` is used to give back the results to the caller.) By default this
-memory is allocated from BSS, but if that is not accessible to the Secure
-Enclave other memory area can be used. To communicate with the Secure Enclave
-the mailbox solution is used, and Proxy uses the Non-secure side of mailbox.
-(The secure side of the mailbox is handled by the Secure Enclave.)
-
-***************************************
-Current PSA Proxy partition limitations
-***************************************
-- Client IDs are not forwarded to Secure Enclave. For Non-secure clients this
- is straightforward, but for calls coming from other secure partitions the IDs
- must be translated to a negative value. The reason is all clients on Host
- are treated as non-secure from Secure Enclave's point of view. (This is the
- cause why Protected Storage messages also forwarded. Protected Storage uses
- Internal Trusted Storage partition to manage the PS flash area. But as client
- IDs are not forwarded the ITS partition running on Secure Enclave can not
- know whether should work on ITS or PS flash.)
-- Sending of the mailbox messages is a blocking call in Proxy, so control is
- not given back to Host's SPM while waiting for Secure Enclave's answer.
-- Only one message can be put into the mailbox at a time.
-- Current platform partition provides Non Volatile (NV) counter, System Reset,
- and IOCTL services. But while NV counters and System Reset shall be provided
- by the Secure Enclave, IOCTL probably shall be provided by Host, as the
- underlaying HW probably placed in Host subsystem. So the current platform
- partition should be split into two halves by conditional compilation, and
- Proxy should forward only the calls provided by Secure Enclave.
-- PSA Proxy can only get the IPC parameters by PSA read, so the parameters need
- to be copied to a shared memory, because the partition cannot forward the
- original pointers. This copy might be omitted on platforms where Secure
- Enclave has access to all Host memory areas, if all security risks are
- addressed. Note that IOVECs shall be verified by Host's SPM and sent to SE
- with the mailbox message.
-
-**************
-Code Structure
-**************
-PSA Proxy partition code is located in ``secure_fw/partitions/psa_proxy/``.
-As Proxy can be treated as an alternative implementation of all the PSA RoT
-services, the Secure and Non-secure interface implementations of the forwarded
-services are reused without modification.
-
-Files
-=====
-- ``psa_proxy.c`` - Handles IPC messages and manages communication with the
- Secure Enclave.
-
-- ``psa_proxy_shared_mem_mngr.c`` - Responsible to manage the shared memory
- area used to share the input and output parameters with Secure Enclave.
-
-*****************
-Integration Guide
-*****************
-- Non-secure mailbox interface must be provided.
-- Shared memory must be configured:
-
- - If Secure Enclave can access TF-M's BSS section it is enough to set the
- area's size by the ``SHARED_BUFFER_SIZE`` macro.
- - If a special memory region must be used as the shared memory the
- ``PSA_PROXY_SHARED_MEMORY_BASE`` and ``PSA_PROXY_SHARED_MEMORY_SIZE``
- macros must be set. (Not just for compilation but for linking as well,
- becuase these macros used in the linker script/scatter file too.)
-
-- If memories are mapped to different addresses for Host and Secure Enclave
- address translation can be turned on by setting
- ``PSA_PROXY_ADDR_TRANSLATION`` macro and implementing the interface defined
- by ``platform/include/tfm_plat_psa_proxy_addr_trans.h`` header.
-
---------------
-
-*Copyright (c) 2020-2021, Arm Limited. All rights reserved.*
diff --git a/docs/technical_references/design_docs/secure_enclave_solution.rst b/docs/technical_references/design_docs/secure_enclave_solution.rst
deleted file mode 100644
index 669b868..0000000
--- a/docs/technical_references/design_docs/secure_enclave_solution.rst
+++ /dev/null
@@ -1,122 +0,0 @@
-##############################################
-Secure Enclave solution for Trusted Firmware-M
-##############################################
-
-:Author: Mark Horvath
-:Organization: Arm Limited
-:Contact: Mark Horvath <mark.horvath@arm.com>
-
-********
-Abstract
-********
-
-This document summarizes the design goals and one possible implementation
-of the TF-M Secure Enclave solution.
-
-************
-Introduction
-************
-
-If a separate subsystem can provide the PSA Root of Trust (RoT) in a system
-then an additional physical separation exists between the most trusted and
-other domains. In such a system at least two subsystems are present, a Secure
-Enclave (SE) whose only task is to provide PSA RoT and an application core
-where any other application specific functionality can be placed. The latter
-core (or cores) are referred as *Host* in this document.
-
-The current design assumes that Host is a v8-m core with security extension.
-
-************
-Requirements
-************
-
-- Secure Enclave shall implement secure boot-flow (start-up first at reset and
- validate its own and the Host image or images before release Host from reset)
-- Secure Enclave shall provide the PSA RoT services
-- Host shall provide not just the non-secure context but the Application RoT as
- well
-- It shall be transparent to the (secure or non-secure) applications running on
- host whether the RoT services are provided by the same subsystem or by a
- Secure Enclave.
-
-.. Note::
-
- In comparison, in a Dual Core system the whole secure context is placed on a
- separate subsystem, while a Secure Enclave only implements the PSA RoT
- security domain.
-
-***************
-Proposed design
-***************
-
-As the clients and the services are running on different cores only the IPC
-model can be used on both Secure Enclave and Host.
-
-Secure Enclave
-==============
-
-To provide the required functionality it is enough to run the current PSA RoT
-secure partitions on the Secure Enclave, so no need for non-secure context
-there. (It is enough if the Secure Enclave's architecture is v6-m, v7-m or v8-m
-without the security extension.)
-
-Secure Enclave can treat all clients running on Host as non-secure (even the
-services running on Host's secure side). This means that fom Secure Enclave's
-point of view all Host images, Host's RAM and shared memory between Host and
-Secure Enclave if present are treated as non-secure. (Just like in the Dual CPU
-solution.) But the clients need to be distinguished, otherwise some
-functionalities are not working, for example:
-
-- Protected Storage partition shall run on Host, but the PS area is handled by
- Internal Trusted Storage partition (running on Secure Enclave). ITS partition
- decides whether it should work on PS or ITS assets by checking the client ID.
-- If a secure partition on host creates a crypto key, no other client shall be
- able to destroy it.
-
-Communication
-=============
-
-To communicate between Host and Secure Enclave, the existing mailbox solution
-can be reused as it is.
-
-Host
-====
-
-On Host the current TF-M software architecture can be placed to provide
-non-secure context and Application RoT domain.
-
-One solution to forward a PSA RoT IPC message from a client running on Host to
-the Secure Enclave is to add a proxy partition to the secure side. This PSA
-Proxy partition can provide all the RoT services to the system by forwarding
-the messages over the mailbox solution.
-
-If the new partition's manifest contains all the PSA RoT service IDs SPM will
-deliver all IPC messages there. Then the messages just must be blindly copied
-into the mailbox. PSA proxy can use the non-secure interface of the mailbox,
-but it is placed on the secure side of Host. (From SE's point of view this is
-in fact the non-secure side of the mailbox as whole Host is treated as
-non-secure.)
-
-It is important to verify IOVECs before forwarding them to SE, otherwise a
-malicous actor could use SE to access a memory area otherwise unaccessable. If
-PSA proxy uses the current secure partition interface then this is ensured by
-Host's SPM.
-
-SE treats all clients of Host as non-secure, so all PSA messages shall have a
-negative client ID when pushed into SE's SPM. This is given for the clients on
-the non-secure side of Host, but the secure side clients of Host have positive
-client IDs. The straightforward solution is to translate the positive client
-IDs into a predefined negative range in PSA proxy, and push the translated
-values into the mailbox. Of course this range shall be reserved for this use
-only and no clients on non-secure side of Host shall have client ID from this
-range.
-
-To avoid blocking Host when a message is sent PSA Proxy shall handle the
-service requests in non-blocking mode. And to maximize bandwidth PSA Proxy
-shall be able to push new messages into the mailbox, while others still not
-answered. To achieve these the mailbox interrupts needs to be handled in the
-PSA Proxy partition.
-
---------------
-
-*Copyright (c) 2020-2022, Arm Limited. All rights reserved.*
diff --git a/interface/CMakeLists.txt b/interface/CMakeLists.txt
index 932dc10..b6c96ac 100644
--- a/interface/CMakeLists.txt
+++ b/interface/CMakeLists.txt
@@ -30,7 +30,7 @@
INTERFACE
${CMAKE_CURRENT_SOURCE_DIR}/include
${CMAKE_BINARY_DIR}/generated/interface/include
- $<$<OR:$<BOOL:${FORWARD_PROT_MSG}>,$<BOOL:${TFM_MULTI_CORE_TOPOLOGY}>>:${CMAKE_CURRENT_SOURCE_DIR}/include/multi_core>
+ $<$<BOOL:${TFM_MULTI_CORE_TOPOLOGY}>:${CMAKE_CURRENT_SOURCE_DIR}/include/multi_core>
)
# PSA interface files are generated from a template
@@ -50,7 +50,6 @@
$<$<BOOL:${TFM_ISOLATION_LEVEL}>:TFM_LVL=${TFM_ISOLATION_LEVEL}>
$<$<BOOL:${CONFIG_TFM_USE_TRUSTZONE}>:CONFIG_TFM_USE_TRUSTZONE>
$<$<BOOL:${TFM_MULTI_CORE_TOPOLOGY}>:TFM_MULTI_CORE_TOPOLOGY>
- $<$<BOOL:${FORWARD_PROT_MSG}>:FORWARD_PROT_MSG=${FORWARD_PROT_MSG}>
$<$<BOOL:${CONFIG_TFM_PARTITION_META}>:CONFIG_TFM_PARTITION_META>
$<$<BOOL:${CONFIG_TFM_DOORBELL_API}>:CONFIG_TFM_DOORBELL_API=1>
)
@@ -69,7 +68,7 @@
###################### Export configurations to NS #############################
-if (TFM_MULTI_CORE_TOPOLOGY OR FORWARD_PROT_MSG)
+if (TFM_MULTI_CORE_TOPOLOGY)
configure_file(${CMAKE_CURRENT_SOURCE_DIR}/include/multi_core/tfm_mailbox_config.h.in
${CMAKE_BINARY_DIR}/generated/interface/include/tfm_mailbox_config.h
NEWLINE_STYLE UNIX
diff --git a/platform/CMakeLists.txt b/platform/CMakeLists.txt
index 76346cb..e3cd388 100755
--- a/platform/CMakeLists.txt
+++ b/platform/CMakeLists.txt
@@ -272,7 +272,6 @@
$<$<STREQUAL:${MCUBOOT_SIGNATURE_TYPE},RSA>:MCUBOOT_SIGN_RSA_LEN=${MCUBOOT_SIGNATURE_KEY_LEN}>
$<$<STREQUAL:${MCUBOOT_EXECUTION_SLOT},2>:LINK_TO_SECONDARY_PARTITION>
$<$<BOOL:${TEST_PSA_API}>:PSA_API_TEST_${TEST_PSA_API}>
- $<$<BOOL:${FORWARD_PROT_MSG}>:FORWARD_PROT_MSG=${FORWARD_PROT_MSG}>
$<$<BOOL:${TFM_CODE_SHARING}>:CODE_SHARING>
$<$<OR:$<CONFIG:Debug>,$<CONFIG:relwithdebinfo>>:ENABLE_HEAP>
PLATFORM_NS_NV_COUNTERS=${TFM_NS_NV_COUNTER_AMOUNT}
diff --git a/platform/ext/common/armclang/tfm_common_s.sct b/platform/ext/common/armclang/tfm_common_s.sct
index 3d937a7..cde360c 100644
--- a/platform/ext/common/armclang/tfm_common_s.sct
+++ b/platform/ext/common/armclang/tfm_common_s.sct
@@ -263,12 +263,6 @@
}
#endif
-#if defined(PSA_PROXY_SHARED_MEMORY_BASE)
- PSA_PROXY_SHARED_MEMORY PSA_PROXY_SHARED_MEMORY_BASE PSA_PROXY_SHARED_MEMORY_SIZE {
- *(PSA_PROXY_SHARED_MEMORY_SECTION)
- }
-#endif
-
#if defined (S_RAM_CODE_START)
/* Executable code allocated in RAM */
TFM_RAM_CODE S_RAM_CODE_START {
diff --git a/platform/ext/common/gcc/tfm_common_s.ld b/platform/ext/common/gcc/tfm_common_s.ld
index 44f59e8..4b216ea 100644
--- a/platform/ext/common/gcc/tfm_common_s.ld
+++ b/platform/ext/common/gcc/tfm_common_s.ld
@@ -31,11 +31,6 @@
#if defined(S_CODE_SRAM_ALIAS_BASE)
CODE_RAM (rwx) : ORIGIN = S_CODE_SRAM_ALIAS_BASE, LENGTH = TOTAL_CODE_SRAM_SIZE
#endif
-
-#if defined(PSA_PROXY_SHARED_MEMORY_BASE)
- PSA_PROXY_SHARED_MEMORY_RAM (rw) : ORIGIN = PSA_PROXY_SHARED_MEMORY_BASE, LENGTH = PSA_PROXY_SHARED_MEMORY_SIZE
-#endif
-
}
#if !defined(TFM_PSA_API)
@@ -122,10 +117,6 @@
LONG (ADDR(.TFM_APP_ROT_LINKER_BSS))
LONG (SIZEOF(.TFM_APP_ROT_LINKER_BSS))
-#if defined(PSA_PROXY_SHARED_MEMORY_BASE)
- LONG (PSA_PROXY_SHARED_MEMORY_BASE)
- LONG (PSA_PROXY_SHARED_MEMORY_SIZE)
-#endif
#if defined(CONFIG_TFM_PARTITION_META)
LONG (ADDR(.TFM_SP_META_PTR))
LONG (SIZEOF(.TFM_SP_META_PTR))
@@ -520,17 +511,6 @@
Image$$ER_TFM_DATA$$Base = ADDR(.TFM_DATA);
Image$$ER_TFM_DATA$$Limit = ADDR(.TFM_DATA) + SIZEOF(.TFM_DATA) + SIZEOF(.TFM_BSS);
-#if defined(PSA_PROXY_SHARED_MEMORY_BASE)
- /* If a variable defined with __attribute__((section())) keyword the
- * variable is treated like an initialized variable. To not waste memory
- * NOLOAD attribute used here. The whole section is zero initialized by
- * adding section information to .zero.table */
- .PSA_PROXY_SHARED_MEMORY (NOLOAD) :
- {
- KEEP(*(PSA_PROXY_SHARED_MEMORY_SECTION))
- } > PSA_PROXY_SHARED_MEMORY_RAM
-#endif
-
#if defined (S_RAM_CODE_START)
/* Code executed from RAM */
.TFM_RAM_CODE S_RAM_CODE_START :
diff --git a/platform/ext/target/arm/musca_b1/sse_200/CMakeLists.txt b/platform/ext/target/arm/musca_b1/sse_200/CMakeLists.txt
index 14b791d..4faa450 100644
--- a/platform/ext/target/arm/musca_b1/sse_200/CMakeLists.txt
+++ b/platform/ext/target/arm/musca_b1/sse_200/CMakeLists.txt
@@ -19,10 +19,6 @@
#========================= Platform common defs ===============================#
-if (${CMAKE_C_COMPILER_ID} STREQUAL IAR AND FORWARD_PROT_MSG)
- message(FATAL_ERROR "IAR is currently not supported if FORWARD_PROT_MSG is set.")
-endif()
-
# Specify the location of platform specific build dependencies.
target_sources(tfm_s
PRIVATE
@@ -74,10 +70,6 @@
)
endif()
-if(BL0)
- add_subdirectory(bl0)
-endif()
-
#========================= Platform Secure ====================================#
target_include_directories(platform_s
@@ -92,15 +84,14 @@
services/include
${CMAKE_MUSCA_B1_COMMON_DIR}/Libraries
${CMAKE_MUSCA_B1_COMMON_DIR}/Native_Driver
- $<$<BOOL:${FORWARD_PROT_MSG}>:${CMAKE_CURRENT_SOURCE_DIR}/mailbox>
INTERFACE
${CMAKE_MUSCA_B1_COMMON_DIR}/cc312
)
target_sources(platform_s
PRIVATE
- $<$<NOT:$<BOOL:${FORWARD_PROT_MSG}>>:${CMAKE_MUSCA_B1_COMMON_DIR}/CMSIS_Driver/Driver_QSPI_Flash.c>
- $<$<NOT:$<BOOL:${FORWARD_PROT_MSG}>>:${CMAKE_MUSCA_B1_COMMON_DIR}/CMSIS_Driver/Driver_GFC100_EFlash.c>
+ ${CMAKE_MUSCA_B1_COMMON_DIR}/CMSIS_Driver/Driver_QSPI_Flash.c
+ ${CMAKE_MUSCA_B1_COMMON_DIR}/CMSIS_Driver/Driver_GFC100_EFlash.c
CMSIS_Driver/Driver_MPC.c
CMSIS_Driver/Driver_PPC.c
CMSIS_Driver/Driver_USART.c
@@ -110,22 +101,16 @@
Native_Driver/mpu_armv8m_drv.c
Native_Driver/ppc_sse200_drv.c
Native_Driver/gpio_cmsdk_drv.c
- $<$<NOT:$<BOOL:${FORWARD_PROT_MSG}>>:${CMAKE_MUSCA_B1_COMMON_DIR}/Libraries/mt25ql_flash_lib.c>
- $<$<NOT:$<BOOL:${FORWARD_PROT_MSG}>>:${CMAKE_MUSCA_B1_COMMON_DIR}/Native_Driver/qspi_ip6514e_drv.c>
- $<$<NOT:$<BOOL:${FORWARD_PROT_MSG}>>:${CMAKE_MUSCA_B1_COMMON_DIR}/Native_Driver/gfc100_eflash_drv.c>
- $<$<NOT:$<BOOL:${FORWARD_PROT_MSG}>>:${CMAKE_MUSCA_B1_COMMON_DIR}/Native_Driver/musca_b1_eflash_drv.c>
+ ${CMAKE_MUSCA_B1_COMMON_DIR}/Libraries/mt25ql_flash_lib.c
+ ${CMAKE_MUSCA_B1_COMMON_DIR}/Native_Driver/qspi_ip6514e_drv.c
+ ${CMAKE_MUSCA_B1_COMMON_DIR}/Native_Driver/gfc100_eflash_drv.c
+ ${CMAKE_MUSCA_B1_COMMON_DIR}/Native_Driver/musca_b1_eflash_drv.c
Native_Driver/musca_b1_scc_drv.c
Native_Driver/ppc_sse200_drv.c
Native_Driver/uart_pl011_drv.c
$<$<NOT:$<BOOL:${TEST_NS_SLIH_IRQ}>>:${CMAKE_CURRENT_SOURCE_DIR}/Native_Driver/timer_cmsdk_drv.c>
$<$<OR:$<BOOL:${TFM_S_REG_TEST}>,$<BOOL:${TFM_NS_REG_TEST}>>:${CMAKE_CURRENT_SOURCE_DIR}/plat_test.c>
$<$<BOOL:${TFM_PARTITION_PLATFORM}>:${CMAKE_CURRENT_SOURCE_DIR}/services/src/tfm_platform_system.c>
- $<$<BOOL:${FORWARD_PROT_MSG}>:${CMAKE_CURRENT_SOURCE_DIR}/mailbox/platform_multicore.c>
- $<$<BOOL:${FORWARD_PROT_MSG}>:${CMAKE_CURRENT_SOURCE_DIR}/mailbox/platform_ns_mailbox.c>
- $<$<BOOL:${FORWARD_PROT_MSG}>:${CMAKE_MUSCA_B1_COMMON_DIR}/Native_Driver/mhu_v2_x.c>
- $<$<BOOL:${FORWARD_PROT_MSG}>:${CMAKE_CURRENT_SOURCE_DIR}/dummy_nv_counters.c>
- $<$<BOOL:${FORWARD_PROT_MSG}>:${CMAKE_CURRENT_SOURCE_DIR}/dummy_otp.c>
- $<$<BOOL:${FORWARD_PROT_MSG}>:${CMAKE_CURRENT_SOURCE_DIR}/dummy_provisioning.c>
)
target_compile_options(platform_s
@@ -140,14 +125,6 @@
$<$<BOOL:${TEST_NS_SLIH_IRQ}>:${CMAKE_CURRENT_SOURCE_DIR}/Native_Driver/timer_cmsdk_drv.c>
)
-target_compile_definitions(platform_s
- PUBLIC
- $<$<BOOL:${FORWARD_PROT_MSG}>:FORWARD_PROT_MSG=${FORWARD_PROT_MSG}>
- $<$<BOOL:${FORWARD_PROT_MSG}>:PSA_PROXY_ADDR_TRANSLATION=1>
- $<$<BOOL:${FORWARD_PROT_MSG}>:LINK_TO_EFLASH1=1>
- $<$<BOOL:${FORWARD_PROT_MSG}>:USE_SECURE_ENCLAVE_MAILBOX=1>
-)
-
#========================= Platform Non-Secure ================================#
target_sources(platform_ns
@@ -187,9 +164,6 @@
${CMAKE_MUSCA_B1_COMMON_DIR}/Native_Driver/gfc100_eflash_drv.c
${CMAKE_MUSCA_B1_COMMON_DIR}/Native_Driver/musca_b1_eflash_drv.c
Native_Driver/musca_b1_scc_drv.c
- $<$<BOOL:${FORWARD_PROT_MSG}>:${CMAKE_CURRENT_SOURCE_DIR}/dummy_nv_counters.c>
- $<$<BOOL:${FORWARD_PROT_MSG}>:${CMAKE_CURRENT_SOURCE_DIR}/dummy_otp.c>
- $<$<BOOL:${FORWARD_PROT_MSG}>:${CMAKE_CURRENT_SOURCE_DIR}/dummy_provisioning.c>
)
target_include_directories(platform_bl2
diff --git a/platform/ext/target/arm/musca_b1/sse_200/Device/Source/armclang/musca_bl0.sct b/platform/ext/target/arm/musca_b1/sse_200/Device/Source/armclang/musca_bl0.sct
deleted file mode 100644
index c1bdecf..0000000
--- a/platform/ext/target/arm/musca_b1/sse_200/Device/Source/armclang/musca_bl0.sct
+++ /dev/null
@@ -1,52 +0,0 @@
-;/*
-; * Copyright (c) 2018-2019 Arm Limited
-; *
-; * Licensed under the Apache License, Version 2.0 (the "License");
-; * you may not use this file except in compliance with the License.
-; * You may obtain a copy of the License at
-; *
-; * http://www.apache.org/licenses/LICENSE-2.0
-; *
-; * Unless required by applicable law or agreed to in writing, software
-; * distributed under the License is distributed on an "AS IS" BASIS,
-; * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-; * See the License for the specific language governing permissions and
-; * limitations under the License.
-; *
-; */
-
-#include "region_defs_bl0.h"
-
-LR_CODE BL0_FLASH_BASE {
- ER_CODE BL0_FLASH_BASE BL0_FLASH_SIZE {
- *.o (RESET +First)
- * (+RO)
- }
-
- ER_CODE_SRAM BL0_CODE_SRAM_BASE BL0_CODE_SRAM_SIZE {
- bl0_main.o (+RO)
- }
-
- ER_DATA BL0_DATA_BASE BL0_DATA_SIZE {
- * (+ZI +RW)
- }
-
- /* MSP */
- ARM_LIB_STACK +0 ALIGN 32 EMPTY BL0_MSP_STACK_SIZE {
- }
-
- ARM_LIB_HEAP +0 ALIGN 8 EMPTY BL0_HEAP_SIZE {
- }
-
- /* This empty, zero long execution region is here to mark the limit address
- * of the last execution region that is allocated in SRAM.
- */
- SRAM_WATERMARK +0 EMPTY 0x0 {
- }
-
- /* Make sure that the sections allocated in the SRAM does not exceed the
- * size of the SRAM available.
- */
- ScatterAssert(ImageLimit(SRAM_WATERMARK) <= BL0_DATA_BASE + BL0_DATA_SIZE)
-}
-
diff --git a/platform/ext/target/arm/musca_b1/sse_200/Device/Source/gcc/musca_bl0.ld b/platform/ext/target/arm/musca_b1/sse_200/Device/Source/gcc/musca_bl0.ld
deleted file mode 100644
index 01bb980..0000000
--- a/platform/ext/target/arm/musca_b1/sse_200/Device/Source/gcc/musca_bl0.ld
+++ /dev/null
@@ -1,234 +0,0 @@
-;/*
-; * Copyright (c) 2009-2019 Arm Limited
-; *
-; * Licensed under the Apache License, Version 2.0 (the "License");
-; * you may not use this file except in compliance with the License.
-; * You may obtain a copy of the License at
-; *
-; * http://www.apache.org/licenses/LICENSE-2.0
-; *
-; * Unless required by applicable law or agreed to in writing, software
-; * distributed under the License is distributed on an "AS IS" BASIS,
-; * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-; * See the License for the specific language governing permissions and
-; * limitations under the License.
-; */
-
-;/*
-; * This file is derivative of CMSIS V5.00 gcc_arm.ld
-; */
-
-/* Linker script to configure memory regions. */
-/* This file will be run trough the pre-processor. */
-
-#include "region_defs_bl0.h"
-
-MEMORY
-{
- FLASH (rx) : ORIGIN = BL0_FLASH_BASE, LENGTH = BL0_FLASH_SIZE
- CODE_RAM (rwx) : ORIGIN = BL0_CODE_SRAM_BASE, LENGTH = BL0_CODE_SRAM_SIZE
- RAM (rwx) : ORIGIN = BL0_DATA_BASE, LENGTH = BL0_DATA_SIZE
-}
-
-__heap_size__ = BL0_HEAP_SIZE;
-__msp_stack_size__ = BL0_MSP_STACK_SIZE;
-
-/* Library configurations */
-GROUP(libgcc.a libc.a libm.a libnosys.a)
-
-/* Linker script to place sections and symbol values. Should be used together
- * with other linker script that defines memory regions FLASH and RAM.
- * It references following symbols, which must be defined in code:
- * Reset_Handler : Entry of reset handler
- *
- * It defines following symbols, which code can use without definition:
- * __exidx_start
- * __exidx_end
- * __copy_table_start__
- * __copy_table_end__
- * __zero_table_start__
- * __zero_table_end__
- * __etext
- * __data_start__
- * __preinit_array_start
- * __preinit_array_end
- * __init_array_start
- * __init_array_end
- * __fini_array_start
- * __fini_array_end
- * __data_end__
- * __bss_start__
- * __bss_end__
- * __end__
- * end
- * __HeapBase
- * __HeapLimit
- * __StackLimit
- * __StackTop
- * __stack
- * __Vectors_End
- * __Vectors_Size
- */
-ENTRY(Reset_Handler)
-
-SECTIONS
-{
- /* Startup section is loaded to Flash and runs from Flash */
- .startup :
- {
- KEEP(*(.vectors))
- __Vectors_End = .;
- __Vectors_Size = __Vectors_End - __Vectors;
- __end__ = .;
-
-
- KEEP(*(.init))
- KEEP(*(.fini))
-
- *startup_cmsdk_musca_bl2.*
- } > FLASH
-
- .ER_CODE_SRAM :
- {
- *bl0_main.o(.text*)
- *bl0_main.o(.rodata*)
- . = ALIGN(4); /* This alignment is needed to make the section size 4 bytes aligned */
- } > CODE_RAM AT > FLASH
- Image$$ER_CODE_SRAM$$Base = ADDR(.ER_CODE_SRAM);
- Image$$ER_CODE_SRAM$$Limit = ADDR(.ER_CODE_SRAM) + SIZEOF(.ER_CODE_SRAM);
-
- .text :
- {
- *(.text*)
-
- /* .ctors */
- *crtbegin.o(.ctors)
- *crtbegin?.o(.ctors)
- *(EXCLUDE_FILE(*crtend?.o *crtend.o) .ctors)
- *(SORT(.ctors.*))
- *(.ctors)
-
- /* .dtors */
- *crtbegin.o(.dtors)
- *crtbegin?.o(.dtors)
- *(EXCLUDE_FILE(*crtend?.o *crtend.o) .dtors)
- *(SORT(.dtors.*))
- *(.dtors)
-
- *(.rodata*)
-
- KEEP(*(.eh_frame*))
- } > FLASH
-
- .ARM.extab : ALIGN(32)
- {
- *(.ARM.extab* .gnu.linkonce.armextab.*)
- } > FLASH
-
- __exidx_start = .;
- .ARM.exidx :
- {
- *(.ARM.exidx* .gnu.linkonce.armexidx.*)
- } > FLASH
- __exidx_end = .;
-
- /* To copy multiple ROM to RAM sections,
- * define etext2/data2_start/data2_end and
- * define __STARTUP_COPY_MULTIPLE in startup_cmsdk_mps2_sse_200.S */
- .copy.table : ALIGN(4)
- {
- __copy_table_start__ = .;
- LONG (__etext)
- LONG (__data_start__)
- LONG (__data_end__ - __data_start__)
- LONG (LOADADDR(.ER_CODE_SRAM))
- LONG (ADDR(.ER_CODE_SRAM))
- LONG (SIZEOF(.ER_CODE_SRAM))
- LONG (DEFINED(__etext2) ? __etext2 : 0)
- LONG (DEFINED(__data2_start__) ? __data2_start__ : 0)
- LONG (DEFINED(__data2_start__) ? __data2_end__ - __data2_start__ : 0)
- __copy_table_end__ = .;
- } > FLASH
-
- /* To clear multiple BSS sections,
- * uncomment .zero.table section and,
- * define __STARTUP_CLEAR_BSS_MULTIPLE in startup_ARMCMx.S */
- .zero.table : ALIGN(4)
- {
- __zero_table_start__ = .;
- LONG (__bss_start__)
- LONG (__bss_end__ - __bss_start__)
- LONG (DEFINED(__bss2_start__) ? __bss2_start__ : 0)
- LONG (DEFINED(__bss2_start__) ? __bss2_end__ - __bss2_start__ : 0)
- __zero_table_end__ = .;
- } > FLASH
-
- __etext = ALIGN(4);
-
- .data : ALIGN(4)
- {
- __data_start__ = .;
- *(vtable)
- *(.data*)
-
- . = ALIGN(4);
- /* preinit data */
- PROVIDE_HIDDEN (__preinit_array_start = .);
- KEEP(*(.preinit_array))
- PROVIDE_HIDDEN (__preinit_array_end = .);
-
- . = ALIGN(4);
- /* init data */
- PROVIDE_HIDDEN (__init_array_start = .);
- KEEP(*(SORT(.init_array.*)))
- KEEP(*(.init_array))
- PROVIDE_HIDDEN (__init_array_end = .);
-
-
- . = ALIGN(4);
- /* finit data */
- PROVIDE_HIDDEN (__fini_array_start = .);
- KEEP(*(SORT(.fini_array.*)))
- KEEP(*(.fini_array))
- PROVIDE_HIDDEN (__fini_array_end = .);
-
- KEEP(*(.jcr*))
- . = ALIGN(4);
- /* All data end */
- __data_end__ = .;
-
- } > RAM AT> FLASH
-
- .bss :
- {
- . = ALIGN(4);
- __bss_start__ = .;
- *(.bss*)
- *(COMMON)
- . = ALIGN(4);
- __bss_end__ = .;
- } > RAM
-
- bss_size = __bss_end__ - __bss_start__;
-
- .msp_stack : ALIGN(32)
- {
- . += __msp_stack_size__;
- } > RAM
- Image$$ARM_LIB_STACK$$ZI$$Base = ADDR(.msp_stack);
- Image$$ARM_LIB_STACK$$ZI$$Limit = ADDR(.msp_stack) + SIZEOF(.msp_stack);
-
- .heap : ALIGN(8)
- {
- . = ALIGN(8);
- __end__ = .;
- PROVIDE(end = .);
- __HeapBase = .;
- . += __heap_size__;
- __HeapLimit = .;
- __heap_limit = .; /* Add for _sbrk */
- } > RAM
- Image$$ARM_LIB_HEAP$$ZI$$Limit = ADDR(.heap) + SIZEOF(.heap);
-
- PROVIDE(__stack = Image$$ARM_LIB_STACK$$ZI$$Limit);
-}
diff --git a/platform/ext/target/arm/musca_b1/sse_200/bl0/CMakeLists.txt b/platform/ext/target/arm/musca_b1/sse_200/bl0/CMakeLists.txt
deleted file mode 100644
index c10c954..0000000
--- a/platform/ext/target/arm/musca_b1/sse_200/bl0/CMakeLists.txt
+++ /dev/null
@@ -1,57 +0,0 @@
-#-------------------------------------------------------------------------------
-# Copyright (c) 2020-2021, Arm Limited. All rights reserved.
-#
-# SPDX-License-Identifier: BSD-3-Clause
-#
-#-------------------------------------------------------------------------------
-
-cmake_policy(SET CMP0076 NEW)
-set(CMAKE_CURRENT_SOURCE_DIR ${CMAKE_CURRENT_LIST_DIR})
-
-add_executable(bl0)
-
-target_add_scatter_file(bl0
- $<$<C_COMPILER_ID:ARMClang>:${CMAKE_MUSCA_B1_SSE_200_SOURCE_DIR}/Device/Source/armclang/musca_bl0.sct>
- $<$<C_COMPILER_ID:GNU>:${CMAKE_MUSCA_B1_SSE_200_SOURCE_DIR}/Device/Source/gcc/musca_bl0.ld>
-)
-
-target_sources(bl0
- PRIVATE
- # Reuse BL2 startup cmsdk
- $<$<C_COMPILER_ID:ARMClang>:${CMAKE_MUSCA_B1_SSE_200_SOURCE_DIR}/Device/Source/armclang/startup_cmsdk_musca_bl2.s>
- $<$<C_COMPILER_ID:GNU>:${CMAKE_MUSCA_B1_SSE_200_SOURCE_DIR}/Device/Source/gcc/startup_cmsdk_musca_bl2.S>
- bl0_main.c
- ${CMAKE_MUSCA_B1_COMMON_DIR}/Native_Driver/mhu_v2_x.c
- ${CMAKE_MUSCA_B1_SSE_200_SOURCE_DIR}/Native_Driver/musca_b1_scc_drv.c
- ${CMAKE_MUSCA_B1_SSE_200_SOURCE_DIR}/Device/Source/device_definition.c
- ${CMAKE_MUSCA_B1_SSE_200_SOURCE_DIR}/Device/Source/system_core_init.c
-)
-
-target_include_directories(bl0
- PUBLIC
- ${CMAKE_MUSCA_B1_SSE_200_SOURCE_DIR}/Device/Include
- PRIVATE
- .
- ${CMAKE_MUSCA_B1_SSE_200_SOURCE_DIR}/Native_Driver
- ${CMAKE_MUSCA_B1_COMMON_DIR}/Native_Driver
-)
-
-target_include_directories(bl0
- PUBLIC
- ${CMAKE_SOURCE_DIR}/platform/ext/cmsis
- ${CMAKE_SOURCE_DIR}/platform/include
-)
-
-target_compile_definitions(bl0
- PUBLIC
- $<$<C_COMPILER_ID:GNU>:__STARTUP_CLEAR_BSS_MULTIPLE>
- $<$<C_COMPILER_ID:GNU>:__STARTUP_COPY_MULTIPLE>
-)
-
-set_target_properties(bl0
- PROPERTIES
- SUFFIX ".axf"
- RUNTIME_OUTPUT_DIRECTORY "${CMAKE_BINARY_DIR}/bin"
-)
-
-add_convert_to_bin_target(bl0)
diff --git a/platform/ext/target/arm/musca_b1/sse_200/bl0/bl0_main.c b/platform/ext/target/arm/musca_b1/sse_200/bl0/bl0_main.c
deleted file mode 100644
index bd38017..0000000
--- a/platform/ext/target/arm/musca_b1/sse_200/bl0/bl0_main.c
+++ /dev/null
@@ -1,101 +0,0 @@
-/*
- * Copyright (c) 2020 Arm Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "cmsis.h"
-#include "mhu_v2_x.h"
-#include "platform_irq.h"
-#include "platform_regs.h"
-#include "musca_b1_scc_drv.h"
-#include "device_definition.h"
-/*
- * Semihosting is a mechanism that enables code running on an ARM target
- * to communicate and use the Input/Output facilities of a host computer
- * that is running a debugger.
- * There is an issue where if you use armclang at -O0 optimisation with
- * no parameters specified in the main function, the initialisation code
- * contains a breakpoint for semihosting by default. This will stop the
- * code from running before main is reached.
- * Semihosting can be disabled by defining __ARM_use_no_argv symbol
- * (or using higher optimization level).
- */
-#if defined (__ARMCC_VERSION) && (__ARMCC_VERSION >= 6010050)
-__asm(" .global __ARM_use_no_argv\n");
-#endif
-
-void start_secure_enclave(void);
-void jump_to_vtor(uint32_t addr);
-
-#define AZ_SYS_RESET_VTOR 0xA0
-#define AZ_CODE_RESET_VTOR 0x38
-#define AZ_ROM_RESET_VTOR 0x00
-
-#define AZ_ROM_REMAP_OFFSET 0x1A020000
-#define AZ_ROM_REMAP_MASK 0x0001FFFF
-
-#define AZ_CODE_REMAP_OFFSET 0x1A200000
-#define AZ_CODE_REMAP_MASK 0x003FFFFF
-
-#define AZ_SYS_REMAP_OFFSET 0x52000000
-#define AZ_SYS_REMAP_MASK 0x00FFFFFF
-
-void start_secure_enclave(void)
-{
- musca_b1_scc_set_az_cpu_vtor(&MUSCA_B1_SCC_DEV_S, AZ_SYS_RESET_VTOR,
- AZ_CODE_RESET_VTOR, AZ_ROM_RESET_VTOR);
-
- musca_b1_scc_set_az_rom_remap(&MUSCA_B1_SCC_DEV_S, AZ_ROM_REMAP_OFFSET,
- AZ_ROM_REMAP_MASK);
-
- musca_b1_scc_set_az_code_remap(&MUSCA_B1_SCC_DEV_S, AZ_CODE_REMAP_OFFSET,
- AZ_CODE_REMAP_MASK);
-
- musca_b1_scc_set_az_sys_remap(&MUSCA_B1_SCC_DEV_S, AZ_SYS_REMAP_OFFSET,
- AZ_SYS_REMAP_MASK);
-
- musca_b1_scc_enable_az_boot_remap(&MUSCA_B1_SCC_DEV_S);
-
- musca_b1_scc_az_release_from_reset(&MUSCA_B1_SCC_DEV_S);
-}
-
-int main()
-{
- uint32_t new_vtor = 0;
-
- mhu_v2_x_driver_init(&SE_MHU_RECEIVER_DEV, MHU_REV_2_0);
-
- start_secure_enclave();
-
- while(!NVIC_GetPendingIRQ(HostMHUR0_IRQ_Reg0_IRQn)) {
- ;
- }
-
- /* Receive the new SSE-200 Reset Vector Address */
- mhu_v2_x_channel_receive(&SE_MHU_RECEIVER_DEV, 0, &new_vtor);
- mhu_v2_x_channel_clear(&SE_MHU_RECEIVER_DEV, 0);
-
- jump_to_vtor(new_vtor);
-}
-
-__attribute__ ((naked)) void jump_to_vtor(uint32_t addr)
-{
- /* Read the Initial Stack Pointer and the address of the Reset Handler from
- * the address given as the input argument. Than update the MSP with the
- * read value and jump to the read Reset Handler.
- */
- __asm volatile("LDRD R1, [R0]\n"
- "MSR MSP, R1\n"
- "BX R2");
-}
diff --git a/platform/ext/target/arm/musca_b1/sse_200/bl0/device_cfg.h b/platform/ext/target/arm/musca_b1/sse_200/bl0/device_cfg.h
deleted file mode 100644
index eb1fe75..0000000
--- a/platform/ext/target/arm/musca_b1/sse_200/bl0/device_cfg.h
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- * Copyright (c) 2018 Arm Limited
- *
- * Licensed under the Apache License Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing software
- * distributed under the License is distributed on an "AS IS" BASIS
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __ARM_LTD_DEVICE_CFG_H__
-#define __ARM_LTD_DEVICE_CFG_H__
-
-/* MUSCA B1 SCC */
-#define MUSCA_B1_SCC_S
-#define MUSCA_B1_SCC_DEV MUSCA_B1_SCC_DEV_S
-
-/* CMSDK GPIO */
-#define GPIO0_CMSDK_S
-#define GPIO0_CMSDK_DEV GPIO0_CMSDK_DEV_S
-
-/* CMSDK Timers */
-#define CMSDK_TIMER0_S
-#define CMSDK_TIMER0_DEV CMSDK_TIMER0_DEV_S
-
-#define SE_MHU_RECEIVER_S
-#define SE_MHU_RECEIVER_DEV SE_MHU_RECEIVER_DEV_S
-
-#endif /* __ARM_LTD_DEVICE_CFG_H__ */
diff --git a/platform/ext/target/arm/musca_b1/sse_200/config.cmake b/platform/ext/target/arm/musca_b1/sse_200/config.cmake
index 0e297bf..d1725d5 100644
--- a/platform/ext/target/arm/musca_b1/sse_200/config.cmake
+++ b/platform/ext/target/arm/musca_b1/sse_200/config.cmake
@@ -14,32 +14,10 @@
set(CONFIG_TFM_USE_TRUSTZONE ON CACHE BOOL "Enable use of TrustZone to transition between NSPE and SPE")
set(TFM_MULTI_CORE_TOPOLOGY OFF CACHE BOOL "Whether to build for a dual-cpu architecture")
-if (NOT FORWARD_PROT_MSG)
- set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
- set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
- set(MCUBOOT_DATA_SHARING ON CACHE BOOL "Add sharing of application specific data using the same shared data area as for the measured boot")
- set(TFM_PARTITION_FIRMWARE_UPDATE ON CACHE BOOL "Enable firmware update partition")
- set(BL0 OFF)
-else()
- set(MCUBOOT_IMAGE_NUMBER 1 CACHE STRING "Whether to combine S and NS into either 1 image, or sign each seperately")
- set(CONFIG_TFM_BOOT_STORE_MEASUREMENTS OFF CACHE BOOL "Store measurement values from all the boot stages. Used for initial attestation token.")
- set(TFM_PARTITION_PROTECTED_STORAGE OFF CACHE BOOL "Enable Protected Storage partition")
- set(TFM_PARTITION_INTERNAL_TRUSTED_STORAGE OFF CACHE BOOL "Enable Internal Trusted Storage partition")
- set(TFM_PARTITION_CRYPTO OFF CACHE BOOL "Enable Crypto partition")
- set(TFM_PARTITION_INITIAL_ATTESTATION OFF CACHE BOOL "Enable Initial Attestation partition")
- set(TFM_PARTITION_PLATFORM OFF CACHE BOOL "Enable Platform partition")
- set(TFM_PARTITION_PSA_PROXY ON CACHE BOOL "Enable PSA Proxy partition")
-
- set(PLATFORM_DEFAULT_OTP OFF CACHE BOOL "Use trusted on-chip flash to implement OTP memory")
- set(PLATFORM_DEFAULT_PROVISIONING OFF CACHE BOOL "Use default provisioning implementation")
- set(PLATFORM_DEFAULT_NV_COUNTERS OFF CACHE BOOL "Use default nv counter implementation.")
-
- # In case of forwarding, there is no CRYPTO partition compiled,
- # thus no need for crypto hw accelerator.
- set(CRYPTO_HW_ACCELERATOR OFF CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
- set(PS_TEST_NV_COUNTERS OFF CACHE BOOL "Use the test NV counters to test Protected Storage rollback scenarios")
- set(BL0 ON)
-endif()
+set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
+set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
+set(MCUBOOT_DATA_SHARING ON CACHE BOOL "Add sharing of application specific data using the same shared data area as for the measured boot")
+set(TFM_PARTITION_FIRMWARE_UPDATE ON CACHE BOOL "Enable firmware update partition")
set(TFM_EXTRA_GENERATED_FILE_LIST_PATH ${CMAKE_SOURCE_DIR}/platform/ext/target/arm/musca_b1/generated_file_list.yaml CACHE PATH "Path to extra generated file list. Appended to stardard TFM generated file list." FORCE)
diff --git a/platform/ext/target/arm/musca_b1/sse_200/dummy_nv_counters.c b/platform/ext/target/arm/musca_b1/sse_200/dummy_nv_counters.c
deleted file mode 100644
index f9fea5b..0000000
--- a/platform/ext/target/arm/musca_b1/sse_200/dummy_nv_counters.c
+++ /dev/null
@@ -1,31 +0,0 @@
-/*
- * Copyright (c) 2021, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#include "tfm_plat_nv_counters.h"
-
-enum tfm_plat_err_t tfm_plat_init_nv_counter(void)
-{
- return TFM_PLAT_ERR_SUCCESS;
-}
-
-enum tfm_plat_err_t tfm_plat_read_nv_counter(enum tfm_nv_counter_t counter_id,
- uint32_t size, uint8_t *val)
-{
- return TFM_PLAT_ERR_UNSUPPORTED;
-}
-
-enum tfm_plat_err_t tfm_plat_increment_nv_counter(
- enum tfm_nv_counter_t counter_id)
-{
- return TFM_PLAT_ERR_UNSUPPORTED;
-}
-
-enum tfm_plat_err_t tfm_plat_set_nv_counter(enum tfm_nv_counter_t counter_id,
- uint32_t value)
-{
- return TFM_PLAT_ERR_UNSUPPORTED;
-}
diff --git a/platform/ext/target/arm/musca_b1/sse_200/dummy_otp.c b/platform/ext/target/arm/musca_b1/sse_200/dummy_otp.c
deleted file mode 100644
index 695497c..0000000
--- a/platform/ext/target/arm/musca_b1/sse_200/dummy_otp.c
+++ /dev/null
@@ -1,31 +0,0 @@
-/*
- * Copyright (c) 2021, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#include "tfm_plat_otp.h"
-
-enum tfm_plat_err_t tfm_plat_otp_init(void)
-{
- return TFM_PLAT_ERR_SUCCESS;
-}
-
-enum tfm_plat_err_t tfm_plat_otp_read(enum tfm_otp_element_id_t id,
- size_t out_len, uint8_t *out)
-{
- return TFM_PLAT_ERR_UNSUPPORTED;
-}
-
-enum tfm_plat_err_t tfm_plat_otp_write(enum tfm_otp_element_id_t id,
- size_t in_len, const uint8_t *in)
-{
- return TFM_PLAT_ERR_UNSUPPORTED;
-}
-
-enum tfm_plat_err_t tfm_plat_otp_get_size(enum tfm_otp_element_id_t id,
- size_t *size)
-{
- return TFM_PLAT_ERR_UNSUPPORTED;
-}
diff --git a/platform/ext/target/arm/musca_b1/sse_200/dummy_provisioning.c b/platform/ext/target/arm/musca_b1/sse_200/dummy_provisioning.c
deleted file mode 100644
index 1342c85..0000000
--- a/platform/ext/target/arm/musca_b1/sse_200/dummy_provisioning.c
+++ /dev/null
@@ -1,22 +0,0 @@
-/*
- * Copyright (c) 2021, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#include "tfm_plat_provisioning.h"
-
-int tfm_plat_provisioning_is_required(void)
-{
- return 0;
-}
-
-enum tfm_plat_err_t tfm_plat_provisioning_perform(void)
-{
- return TFM_PLAT_ERR_SUCCESS;
-}
-
-void tfm_plat_provisioning_check_for_dummy_keys(void)
-{
-}
diff --git a/platform/ext/target/arm/musca_b1/sse_200/mailbox/platform_multicore.c b/platform/ext/target/arm/musca_b1/sse_200/mailbox/platform_multicore.c
deleted file mode 100644
index 1c482d7..0000000
--- a/platform/ext/target/arm/musca_b1/sse_200/mailbox/platform_multicore.c
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * Copyright (c) 2020, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include "platform_multicore.h"
-#include "cmsis.h"
-#include "mhu_v2_x.h"
-#include "device_definition.h"
-#include "tfm_plat_psa_proxy_addr_trans.h"
-
-#define SE_MEM_BASE (0x38000000)
-#define HOST_MEM_BASE (0x1A200000)
-
-int tfm_platform_ns_wait_for_s_cpu_ready(void)
-{
- mhu_v2_x_driver_init(&SE_MHU_SENDER_DEV, MHU_REV_2_0);
- mhu_v2_x_driver_init(&SE_MHU_RECEIVER_DEV, MHU_REV_2_0);
-
- platform_mailbox_send_msg_data(IPC_SYNC_MAGIC);
-
- return PLATFORM_MAILBOX_SUCCESS;
-}
-
-int platform_mailbox_send_msg_data(uint32_t data)
-{
- mhu_v2_x_initiate_transfer(&SE_MHU_SENDER_DEV);
- mhu_v2_x_channel_send(&SE_MHU_SENDER_DEV, 0, data);
- mhu_v2_x_close_transfer(&SE_MHU_SENDER_DEV);
-
- return PLATFORM_MAILBOX_SUCCESS;
-}
-
-int platform_mailbox_send_msg_ptr(const void *msg_ptr)
-{
- mhu_v2_x_initiate_transfer(&SE_MHU_SENDER_DEV);
- mhu_v2_x_channel_send(&SE_MHU_SENDER_DEV, 0, (uint32_t)msg_ptr);
- mhu_v2_x_close_transfer(&SE_MHU_SENDER_DEV);
-
- return PLATFORM_MAILBOX_SUCCESS;
-}
-
-void platform_mailbox_wait_for_notify(void)
-{
- while(NVIC_GetPendingIRQ(HostMHUR0_IRQComb_IRQn) == 0);
-}
-
-int platform_mailbox_fetch_msg_data(uint32_t *data_ptr)
-{
- mhu_v2_x_channel_receive(&SE_MHU_RECEIVER_DEV, 0, data_ptr);
- mhu_v2_x_channel_clear(&SE_MHU_RECEIVER_DEV, 0);
-
- NVIC_ClearPendingIRQ(HostMHUR0_IRQComb_IRQn);
-
- return PLATFORM_MAILBOX_SUCCESS;
-}
-
-void * translate_addr_from_host_to_se(void *addr)
-{
- return (addr + SE_MEM_BASE - HOST_MEM_BASE);
-}
-
-void * translate_addr_from_se_to_host(void *addr)
-{
- return (addr + HOST_MEM_BASE - SE_MEM_BASE);
-}
diff --git a/platform/ext/target/arm/musca_b1/sse_200/mailbox/platform_multicore.h b/platform/ext/target/arm/musca_b1/sse_200/mailbox/platform_multicore.h
deleted file mode 100644
index cd6fa9a..0000000
--- a/platform/ext/target/arm/musca_b1/sse_200/mailbox/platform_multicore.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * Copyright (c) 2020, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef _PLATFORM_MULTICORE_H_
-#define _PLATFORM_MULTICORE_H_
-
-#include <stdint.h>
-
-/* Arbitrary predefined values to sync between Host and Secure Enclave */
-#define IPC_SYNC_MAGIC (0x7DADE011)
-
-#define NS_MAILBOX_INIT_ENABLE (0xAE)
-#define S_MAILBOX_READY (0xC3)
-
-#define PSA_CLIENT_CALL_REQ_MAGIC (0xA5CF50C6)
-
-#define PLATFORM_MAILBOX_SUCCESS (0x0)
-
-/**
- * \brief Fetch a data value from mailbox message
- *
- * \param[out] data_ptr The address to write the pointer value to.
- *
- * \retval 0 The operation succeeds.
- * \retval else The operation fails.
- */
-int platform_mailbox_fetch_msg_data(uint32_t *data_ptr);
-
-/**
- * \brief Send a pointer via mailbox message
- *
- * \param[in] msg_ptr The pointer value to be sent.
- *
- * \retval 0 The operation succeeds.
- * \retval else The operation fails.
- */
-int platform_mailbox_send_msg_ptr(const void *msg_ptr);
-
-/**
- * \brief Send a data value via mailbox message
- *
- * \param[in] data The data value to be sent
- *
- * \retval 0 The operation succeeds.
- * \retval else The operation fails.
- */
-int platform_mailbox_send_msg_data(uint32_t data);
-
-/**
- * \brief Wait for a mailbox notify event.
- */
-void platform_mailbox_wait_for_notify(void);
-
-#endif /* _PLATFORM_MULTICORE_H_ */
diff --git a/platform/ext/target/arm/musca_b1/sse_200/mailbox/platform_ns_mailbox.c b/platform/ext/target/arm/musca_b1/sse_200/mailbox/platform_ns_mailbox.c
deleted file mode 100644
index 1b25412..0000000
--- a/platform/ext/target/arm/musca_b1/sse_200/mailbox/platform_ns_mailbox.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/*
- * Copyright (c) 2020, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <stdint.h>
-
-#include "platform_multicore.h"
-#include "tfm_ns_mailbox.h"
-#include "tfm_plat_psa_proxy_addr_trans.h"
-
-int32_t tfm_ns_mailbox_hal_notify_peer(void)
-{
- platform_mailbox_send_msg_data(PSA_CLIENT_CALL_REQ_MAGIC);
-
- return MAILBOX_SUCCESS;
-}
-
-int32_t tfm_ns_mailbox_hal_init(struct ns_mailbox_queue_t *queue)
-{
- uint32_t stage;
-
- if (!queue) {
- return MAILBOX_INVAL_PARAMS;
- }
-
- /* Wait until SPE mailbox library is ready to receive NSPE mailbox queue
- * address.
- */
- while (1) {
- platform_mailbox_wait_for_notify();
-
- platform_mailbox_fetch_msg_data(&stage);
- if (stage == NS_MAILBOX_INIT_ENABLE) {
- break;
- }
- }
-
- /* Send out the address */
- platform_mailbox_send_msg_ptr(
- (const void *)translate_addr_from_host_to_se(queue));
-
- /* Wait until SPE mailbox service is ready */
- while (1) {
- platform_mailbox_wait_for_notify();
-
- platform_mailbox_fetch_msg_data(&stage);
- if (stage == S_MAILBOX_READY) {
- break;
- }
- }
-
- return MAILBOX_SUCCESS;
-}
-
-void tfm_ns_mailbox_hal_enter_critical(void)
-{
- /* Protection against concurrent access should be added
- * if more messages are sent parallel.
- */
-}
-
-void tfm_ns_mailbox_hal_exit_critical(void)
-{
- /* Protection against concurrent access should be added
- * if more messages are sent parallel.
- */
-}
-
-void tfm_ns_mailbox_hal_enter_critical_isr(void)
-{
- /* Protection against concurrent access should be added
- * if more messages are sent parallel.
- */
-}
-
-void tfm_ns_mailbox_hal_exit_critical_isr(void)
-{
- /* Protection against concurrent access should be added
- * if more messages are sent parallel.
- */
-}
diff --git a/platform/ext/target/arm/musca_b1/sse_200/partition/flash_layout.h b/platform/ext/target/arm/musca_b1/sse_200/partition/flash_layout.h
index 350117d..6916023 100644
--- a/platform/ext/target/arm/musca_b1/sse_200/partition/flash_layout.h
+++ b/platform/ext/target/arm/musca_b1/sse_200/partition/flash_layout.h
@@ -18,11 +18,7 @@
#ifndef __FLASH_LAYOUT_H__
#define __FLASH_LAYOUT_H__
-#ifndef FORWARD_PROT_MSG
-/* Flash layouts if FORWARD_PROT_MSG is OFF
- *
- *
- * Flash layout on Musca-B1 with BL2 (multiple image boot, boot from eFlash 0):
+/* Flash layout on Musca-B1 with BL2 (multiple image boot, boot from eFlash 0):
*
* 0x0A00_0000 BL2 - MCUBoot (128 KB)
* 0x0A02_0000 Secure image primary slot (384 KB)
@@ -235,76 +231,4 @@
#define TOTAL_ROM_SIZE FLASH_TOTAL_SIZE
#define TOTAL_RAM_SIZE (0x80000) /* 512 KB */
-#else /* FORWARD_PROT_MSG */
-
-/* Flash layout information if FORWARD_PROT_MSG is ON.
- * For information you can check Musca-B1 Secure Enclave's flash_layout.h
- */
-
-#define FLASH_S_PARTITION_SIZE (0x30000) /* S partition: 192 KB */
-#define FLASH_NS_PARTITION_SIZE (0x50000) /* NS partition: 320 KB */
-
-/* Offset and size definition in flash area used by assemble.py */
-#define SECURE_IMAGE_OFFSET (0x0)
-#define SECURE_IMAGE_MAX_SIZE FLASH_S_PARTITION_SIZE
-
-#define NON_SECURE_IMAGE_OFFSET (SECURE_IMAGE_OFFSET + \
- SECURE_IMAGE_MAX_SIZE)
-#define NON_SECURE_IMAGE_MAX_SIZE FLASH_NS_PARTITION_SIZE
-
-/* Image placed in eFlash 1 */
-#define FLASH_BASE_ADDRESS (0x1A200000)
-
-#if (MCUBOOT_IMAGE_NUMBER != 1)
-#error "If FORWARD_PROT_MSG is ON MCUBOOT_IMAGE_NUMBER must be 1"
-#endif
-
-/* Secure + Non-secure image primary slot */
-#define FLASH_AREA_0_ID (1)
-#define FLASH_AREA_0_OFFSET (0x60000) /* Address comes from SE */
-#define FLASH_AREA_0_SIZE (FLASH_S_PARTITION_SIZE + \
- FLASH_NS_PARTITION_SIZE)
-/* Secure + Non-secure secondary slot */
-#define FLASH_AREA_2_ID (FLASH_AREA_0_ID + 1)
-#define FLASH_AREA_2_OFFSET (0x160000) /* Address comes from SE */
-#define FLASH_AREA_2_SIZE (FLASH_S_PARTITION_SIZE + \
- FLASH_NS_PARTITION_SIZE)
-
-/* Image placed in eFlash 1 */
-#define S_ROM_ALIAS_BASE (0x1A200000)
-#define NS_ROM_ALIAS_BASE (0x0A200000)
-
-#define S_RAM_ALIAS_BASE (0x30000000)
-#define NS_RAM_ALIAS_BASE (0x20000000)
-
-#define TOTAL_RAM_SIZE (0x80000) /* 512 KB */
-
-/* Macros needed for BL2 build with dummy values.
- * This BL2 instance is not used, but the BL2 macro needs to be set, and this
- * macro and BL2 build is entangled. If this is fixed the following macros can
- * be deleted.
- */
-#define FLASH_AREA_IMAGE_SECTOR_SIZE 0
-
-#define MCUBOOT_STATUS_MAX_ENTRIES 0
-#define MCUBOOT_MAX_IMG_SECTORS 32
-
-#define FLASH_AREA_SCRATCH_ID 0
-#define FLASH_AREA_SCRATCH_OFFSET 0
-#define FLASH_AREA_SCRATCH_SIZE 0
-
-#define FLASH_DEV_NAME Driver_EFLASH0
-/* Smallest flash programmable unit in bytes */
-#define TFM_HAL_FLASH_PROGRAM_UNIT (0x4)
-
-#define FLASH_AREA_BL2_OFFSET 0
-#define FLASH_AREA_BL2_SIZE 0x20000
-
-#define TFM_NV_COUNTERS_AREA_ADDR 0
-#define TFM_NV_COUNTERS_AREA_SIZE 8
-#define TFM_NV_COUNTERS_SECTOR_ADDR 0
-#define TFM_NV_COUNTERS_SECTOR_SIZE 8
-
-#endif /* FORWARD_PROT_MSG */
-
#endif /* __FLASH_LAYOUT_H__ */
diff --git a/platform/ext/target/arm/musca_b1/sse_200/partition/region_defs.h b/platform/ext/target/arm/musca_b1/sse_200/partition/region_defs.h
index e404475..90a1964 100755
--- a/platform/ext/target/arm/musca_b1/sse_200/partition/region_defs.h
+++ b/platform/ext/target/arm/musca_b1/sse_200/partition/region_defs.h
@@ -109,12 +109,6 @@
/* Size of vector table: 143 interrupt handlers + 4 bytes MPS initial value */
#define S_CODE_VECTOR_TABLE_SIZE (0x240)
-/* Shared memory used by PSA Proxy partition */
-#ifdef TFM_PARTITION_PSA_PROXY
-#define PSA_PROXY_SHARED_MEMORY_BASE (0x1A408000)
-#define PSA_PROXY_SHARED_MEMORY_SIZE (0x00078000) /* 476 KiB */
-#endif /* TFM_PARTITION_PSA_PROXY */
-
/* Non-secure regions */
#define NS_IMAGE_PRIMARY_AREA_OFFSET \
(NS_IMAGE_PRIMARY_PARTITION_OFFSET + BL2_HEADER_SIZE)
diff --git a/platform/ext/target/arm/musca_b1/sse_200/partition/region_defs_bl0.h b/platform/ext/target/arm/musca_b1/sse_200/partition/region_defs_bl0.h
deleted file mode 100644
index 9654cc8..0000000
--- a/platform/ext/target/arm/musca_b1/sse_200/partition/region_defs_bl0.h
+++ /dev/null
@@ -1,40 +0,0 @@
-/*
- * Copyright (c) 2017-2020 Arm Limited. All rights reserved.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __REGION_DEFS_BL0_H__
-#define __REGION_DEFS_BL0_H__
-
-#define BL0_HEAP_SIZE (0x0000100)
-#define BL0_MSP_STACK_SIZE (0x0000800)
-
-/* Code SRAM area */
-#define S_CODE_SRAM_ALIAS_BASE (0x1A400000)
-
-/* SRAM area */
-#define S_RAM_ALIAS_BASE (0x30000000)
-
-/* FLASH area */
-#define FLASH_BASE_ADDRESS (0x1A000000)
-
-/* BL0 preloader regions */
-#define BL0_FLASH_BASE FLASH_BASE_ADDRESS
-#define BL0_FLASH_SIZE (0x00002000) /* 8 KB */
-#define BL0_CODE_SRAM_BASE S_CODE_SRAM_ALIAS_BASE
-#define BL0_CODE_SRAM_SIZE (0x00002000) /* 8 KB */
-#define BL0_DATA_BASE S_RAM_ALIAS_BASE
-#define BL0_DATA_SIZE (0x00004000) /* 16 KB */
-
-#endif /* __REGION_DEFS_BL0_H__ */
diff --git a/platform/include/tfm_plat_psa_proxy_addr_trans.h b/platform/include/tfm_plat_psa_proxy_addr_trans.h
deleted file mode 100644
index 05f8e1f..0000000
--- a/platform/include/tfm_plat_psa_proxy_addr_trans.h
+++ /dev/null
@@ -1,37 +0,0 @@
-/*
- * Copyright (c) 2020, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#ifndef __TFM_PLAT_PSA_PROXY_H__
-#define __TFM_PLAT_PSA_PROXY_H__
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \brief Translates an address from Host to Secure Enclave
- *
- * \param[in] addr The address to be translated
- *
- * \return Returns the translated pointer
- */
-void* translate_addr_from_host_to_se(void *addr);
-
-/**
- * \brief Translates an address from Secure Enclave to Host
- *
- * \param[in] addr The address to be translated
- *
- * \return Returns the translated pointer
- */
-void* translate_addr_from_se_to_host(void *addr);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __TFM_PLAT_PSA_PROXY_H__ */
diff --git a/secure_fw/partitions/CMakeLists.txt b/secure_fw/partitions/CMakeLists.txt
index 8ca73f3..97add7d 100644
--- a/secure_fw/partitions/CMakeLists.txt
+++ b/secure_fw/partitions/CMakeLists.txt
@@ -27,7 +27,6 @@
add_subdirectory(protected_storage)
add_subdirectory(internal_trusted_storage)
add_subdirectory(platform)
-add_subdirectory(psa_proxy)
add_subdirectory(firmware_update)
add_subdirectory(ns_agent_tz)
add_subdirectory(ns_agent_mailbox)
diff --git a/secure_fw/partitions/initial_attestation/CMakeLists.txt b/secure_fw/partitions/initial_attestation/CMakeLists.txt
index 8287df8..cfab196 100644
--- a/secure_fw/partitions/initial_attestation/CMakeLists.txt
+++ b/secure_fw/partitions/initial_attestation/CMakeLists.txt
@@ -6,14 +6,6 @@
#-------------------------------------------------------------------------------
if (NOT TFM_PARTITION_INITIAL_ATTESTATION)
- if(TFM_PARTITION_PSA_PROXY)
- add_library(tfm_attestation_defs INTERFACE)
-
- target_include_directories(tfm_attestation_defs
- INTERFACE
- .
- )
- endif()
return()
endif()
diff --git a/secure_fw/partitions/protected_storage/CMakeLists.txt b/secure_fw/partitions/protected_storage/CMakeLists.txt
index 7feb086..ff56c15 100644
--- a/secure_fw/partitions/protected_storage/CMakeLists.txt
+++ b/secure_fw/partitions/protected_storage/CMakeLists.txt
@@ -6,14 +6,6 @@
#-------------------------------------------------------------------------------
if (NOT TFM_PARTITION_PROTECTED_STORAGE)
- if(TFM_PARTITION_PSA_PROXY)
- add_library(tfm_app_rot_partition_ps INTERFACE)
-
- target_include_directories(tfm_app_rot_partition_ps
- INTERFACE
- $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}>
- )
- endif()
return()
endif()
diff --git a/secure_fw/partitions/psa_proxy/CMakeLists.txt b/secure_fw/partitions/psa_proxy/CMakeLists.txt
deleted file mode 100644
index fe4c46f..0000000
--- a/secure_fw/partitions/psa_proxy/CMakeLists.txt
+++ /dev/null
@@ -1,86 +0,0 @@
-#-------------------------------------------------------------------------------
-# Copyright (c) 2020-2022, Arm Limited. All rights reserved.
-#
-# SPDX-License-Identifier: BSD-3-Clause
-#
-#-------------------------------------------------------------------------------
-
-if(NOT TFM_PARTITION_PSA_PROXY)
- return()
-endif()
-
-cmake_minimum_required(VERSION 3.15)
-cmake_policy(SET CMP0079 NEW)
-
-add_library(tfm_psa_rot_partition_psa_proxy STATIC)
-
-# Set include directory
-target_include_directories(tfm_psa_rot_partition_psa_proxy
- INTERFACE
- $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}>
- ${CMAKE_BINARY_DIR}/generated/secure_fw/partitions/psa_proxy
- PUBLIC
- # Required for spm_ipc.h
- $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}>/../../spm/cmsis_psa
-)
-target_include_directories(tfm_partitions
- INTERFACE
- ${CMAKE_BINARY_DIR}/generated/secure_fw/partitions/psa_proxy
-)
-
-target_sources(tfm_psa_rot_partition_psa_proxy
- PRIVATE
- psa_proxy.c
- psa_proxy_shared_mem_mngr.c
- ../../../interface/src/multi_core/tfm_ns_mailbox.c
-)
-
-# The generated sources
-target_sources(tfm_psa_rot_partition_psa_proxy
- PRIVATE
- ${CMAKE_BINARY_DIR}/generated/secure_fw/partitions/psa_proxy/auto_generated/intermedia_tfm_psa_proxy.c
-)
-target_sources(tfm_partitions
- INTERFACE
- ${CMAKE_BINARY_DIR}/generated/secure_fw/partitions/psa_proxy/auto_generated/load_info_tfm_psa_proxy.c
-)
-
-target_link_libraries(tfm_psa_rot_partition_psa_proxy
- PRIVATE
- tfm_sprt
- secure_fw
- platform_s
-)
-
-############################ Secure API ########################################
-
-target_sources(tfm_sprt
- PRIVATE
- ../crypto/tfm_crypto_secure_api.c
- ../initial_attestation/tfm_attest_secure_api.c
- ../internal_trusted_storage/tfm_its_secure_api.c
- ../platform/tfm_platform_secure_api.c
- ../protected_storage/tfm_ps_secure_api.c
-)
-
-# The veneers give warnings about not being properly declared so they get hidden
-# to not overshadow _real_ warnings.
-set_source_files_properties(tfm_ps_secure_api.c
- PROPERTIES
- COMPILE_FLAGS
- $<$<C_COMPILER_ID:ARMClang>:-Wno-implicit-function-declaration>
- $<$<C_COMPILER_ID:GNU>:-Wno-implicit-function-declaration>
- $<$<C_COMPILER_ID:IAR>:>
-)
-
-############################ Partition Defs ####################################
-
-target_link_libraries(tfm_partitions
- INTERFACE
- tfm_psa_rot_partition_psa_proxy
-)
-
-target_compile_definitions(tfm_partition_defs
- INTERFACE
- TFM_PARTITION_PSA_PROXY
-)
diff --git a/secure_fw/partitions/psa_proxy/dir_psa_proxy.dox b/secure_fw/partitions/psa_proxy/dir_psa_proxy.dox
deleted file mode 100644
index 5ef7661..0000000
--- a/secure_fw/partitions/psa_proxy/dir_psa_proxy.dox
+++ /dev/null
@@ -1,16 +0,0 @@
-/*
- * Copyright (c) 2020, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-//This file holds description for the current directory. This documentation
-//will be included in the Doxygen output.
-
-/*!
-\dir
-\brief Source code for the PSA Proxy service.
-\details The PSA Proxy service can forward IPC messages to a Secure Enclave.
-
-*/
\ No newline at end of file
diff --git a/secure_fw/partitions/psa_proxy/psa_proxy.c b/secure_fw/partitions/psa_proxy/psa_proxy.c
deleted file mode 100644
index 29408f4..0000000
--- a/secure_fw/partitions/psa_proxy/psa_proxy.c
+++ /dev/null
@@ -1,151 +0,0 @@
-/*
- * Copyright (c) 2020-2022, Arm Limited. All rights reserved.
- * Copyright (c) 2021, Cypress Semiconductor Corporation. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#include <stdint.h>
-
-#include "psa/service.h"
-#include "psa_manifest/tfm_psa_proxy.h"
-#include "tfm_pools.h"
-#include "psa_manifest/sid.h"
-#include "tfm_multi_core_api.h"
-#include "tfm_ns_mailbox.h"
-#include "psa_proxy_shared_mem_mngr.h"
-
-#define NON_SECURE_CLIENT_ID (-1)
-
-/* Maximum number of connections supported, should be platform/configuration
- * specific */
-#define SE_CONN_MAX_NUM (16)
-
-TFM_POOL_DECLARE(forward_handle_pool, sizeof(psa_handle_t),
- SE_CONN_MAX_NUM);
-
-static inline void init_forward_handle_pool(void)
-{
- tfm_pool_init(forward_handle_pool,
- POOL_BUFFER_SIZE(forward_handle_pool),
- sizeof(psa_handle_t),
- SE_CONN_MAX_NUM);
-}
-
-static inline psa_handle_t * allocate_forward_handle(void)
-{
- return (psa_handle_t *) tfm_pool_alloc(forward_handle_pool);
-}
-
-static inline void deallocate_forward_handle(psa_handle_t *h)
-{
- tfm_pool_free(forward_handle_pool, h);
-}
-
-static psa_status_t forward_message_to_secure_enclave(psa_signal_t signal,
- const psa_msg_t *msg)
-{
- psa_status_t status;
- struct psa_client_params_t params;
- int32_t ret;
-
- /* Use stateless handle for stateless services. */
- switch (signal) {
- case TFM_CRYPTO_SIGNAL:
- params.psa_call_params.handle = TFM_CRYPTO_HANDLE;
- params.psa_call_params.type = msg->type;
- break;
- case TFM_PROTECTED_STORAGE_SERVICE_SIGNAL:
- params.psa_call_params.handle = TFM_PROTECTED_STORAGE_SERVICE_HANDLE;
- params.psa_call_params.type = msg->type;
- break;
- case TFM_INTERNAL_TRUSTED_STORAGE_SERVICE_SIGNAL:
- params.psa_call_params.handle =
- TFM_INTERNAL_TRUSTED_STORAGE_SERVICE_HANDLE;
- params.psa_call_params.type = msg->type;
- break;
- case TFM_ATTESTATION_SERVICE_SIGNAL:
- params.psa_call_params.handle = TFM_ATTESTATION_SERVICE_HANDLE;
- params.psa_call_params.type = msg->type;
- break;
- case TFM_PLATFORM_SERVICE_SIGNAL:
- params.psa_call_params.handle = TFM_PLATFORM_SERVICE_HANDLE;
- params.psa_call_params.type = msg->type;
- break;
- default:
- params.psa_call_params.handle = *((psa_handle_t *)msg->rhandle);
- params.psa_call_params.type = PSA_IPC_CALL;
- break;
- }
-
- status = psa_proxy_put_msg_into_shared_mem(msg, ¶ms);
-
- if (status != PSA_SUCCESS) {
- return status;
- }
-
- ret = tfm_ns_mailbox_client_call(MAILBOX_PSA_CALL, ¶ms,
- NON_SECURE_CLIENT_ID, (int32_t *)&status);
- if (ret != MAILBOX_SUCCESS) {
- status = PSA_ERROR_COMMUNICATION_FAILURE;
- }
-
- if (status == PSA_SUCCESS) {
- psa_proxy_write_back_results_from_shared_mem(msg);
- }
-
- return status;
-}
-
-static void handle_signal(psa_signal_t signal)
-{
- psa_msg_t msg;
- psa_status_t status;
-
- status = psa_get(signal, &msg);
-
- status = forward_message_to_secure_enclave(signal, &msg);
- psa_reply(msg.handle, status);
-}
-
-static psa_status_t psa_proxy_init(void)
-{
- int32_t ret;
-
- if (tfm_platform_ns_wait_for_s_cpu_ready()) {
- return PSA_ERROR_HARDWARE_FAILURE;
- }
-
- ret = tfm_ns_mailbox_init(psa_proxy_get_ns_mailbox_queue());
- if (ret != MAILBOX_SUCCESS) {
- return PSA_ERROR_GENERIC_ERROR;
- }
-
- init_forward_handle_pool();
-
- return PSA_SUCCESS;
-}
-
-psa_status_t psa_proxy_sp_init(void)
-{
- psa_signal_t signal;
- psa_status_t err;
-
- err = psa_proxy_init();
- if ( err != PSA_SUCCESS ) {
- psa_panic();
- }
-
- while (1) {
- /* Control is given back to SPM */
- signal = psa_wait(PSA_WAIT_ANY, PSA_BLOCK);
- if (signal == TFM_PROXY_DUMMY_SIGNAL) {
- psa_panic();
- }
-
- handle_signal(signal);
- }
-
- return PSA_SUCCESS;
-}
diff --git a/secure_fw/partitions/psa_proxy/psa_proxy_shared_mem_mngr.c b/secure_fw/partitions/psa_proxy/psa_proxy_shared_mem_mngr.c
deleted file mode 100644
index 68eeee8..0000000
--- a/secure_fw/partitions/psa_proxy/psa_proxy_shared_mem_mngr.c
+++ /dev/null
@@ -1,204 +0,0 @@
-/*
- * Copyright (c) 2020, Arm Limited. All rights reserved.
- * Copyright (c) 2021, Cypress Semiconductor Corporation. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#include "psa_proxy_shared_mem_mngr.h"
-#include "region_defs.h"
-#include "psa/service.h"
-#ifdef PSA_PROXY_ADDR_TRANSLATION
-#include "tfm_plat_psa_proxy_addr_trans.h"
-#endif
-
-/* If a dedicated region used for memory sharing maximum buffer size calculated
- * here. Otherwise the buffer size must be defined.
- */
-#ifdef PSA_PROXY_SHARED_MEMORY_SIZE
-#define SHARED_BUFFER_SIZE (PSA_PROXY_SHARED_MEMORY_SIZE - \
- sizeof(struct ns_mailbox_queue_t) - \
- (sizeof(psa_invec) * PSA_MAX_IOVEC)- \
- (sizeof(psa_outvec) * PSA_MAX_IOVEC))
-#else
-#ifndef SHARED_BUFFER_SIZE
-#error "PSA_PROXY_SHARED_MEMORY_SIZE or SHARED_BUFFER_SIZE should be defined"
-#endif
-#endif
-
-struct shared_mem_t {
- struct ns_mailbox_queue_t ns_mailbox_queue;
- psa_invec in_vec[PSA_MAX_IOVEC];
- psa_outvec out_vec[PSA_MAX_IOVEC];
- uint8_t buffer[SHARED_BUFFER_SIZE];
-};
-
-#ifdef PSA_PROXY_SHARED_MEMORY_BASE
-/* If a dedicated region used for memory sharing the shared_mem variable must
- * be allocated into it.
- * If compiled with gcc the whole section zero initialized, even if the
- * variable initialized here with some other value.
- */
-__attribute__((section("PSA_PROXY_SHARED_MEMORY_SECTION")))
-#endif
-struct shared_mem_t shared_mem;
-
-uint32_t shared_mem_buffer_actual_size = 0;
-
-static psa_status_t write_input_param_into_shared_mem(uint32_t param_num,
- const psa_msg_t *msg)
-{
- const void *buff_input_ptr;
-
- if (shared_mem_buffer_actual_size + msg->in_size[param_num] <=
- SHARED_BUFFER_SIZE) {
- buff_input_ptr = &(shared_mem.buffer[shared_mem_buffer_actual_size]);
-
- psa_read(msg->handle,
- param_num,
- (void *) buff_input_ptr,
- msg->in_size[param_num]);
- shared_mem_buffer_actual_size += msg->in_size[param_num];
-
- shared_mem.in_vec[param_num].base = buff_input_ptr;
- shared_mem.in_vec[param_num].len = msg->in_size[param_num];
-
- return PSA_SUCCESS;
- } else {
- return PSA_ERROR_INSUFFICIENT_MEMORY;
- }
-}
-
-static psa_status_t allocate_output_param_in_shared_mem(uint32_t param_num,
- const psa_msg_t *msg)
-{
- void * buff_output_ptr;
-
- if (shared_mem_buffer_actual_size + msg->out_size[param_num] <=
- SHARED_BUFFER_SIZE) {
- buff_output_ptr = &(shared_mem.buffer[shared_mem_buffer_actual_size]);
-
- shared_mem_buffer_actual_size += msg->out_size[param_num];
-
- shared_mem.out_vec[param_num].base = buff_output_ptr;
- shared_mem.out_vec[param_num].len = msg->out_size[param_num];
-
- return PSA_SUCCESS;
- } else {
- return PSA_ERROR_INSUFFICIENT_MEMORY;
- }
-}
-
-static void clear_shared_mem_buffer(void)
-{
- int32_t i;
-
- shared_mem_buffer_actual_size = 0;
-
- for (i = 0; i < PSA_MAX_IOVEC; i++) {
- shared_mem.in_vec[i].base = NULL;
- shared_mem.in_vec[i].len = 0;
- shared_mem.out_vec[i].base = NULL;
- shared_mem.out_vec[i].len = 0;
- }
-}
-
-#ifdef PSA_PROXY_ADDR_TRANSLATION
-static void translate_shared_mem_addrs_to_send_msg(
- struct psa_client_params_t* forward_params)
-{
- int32_t i;
-
- for (i = 0; i < PSA_MAX_IOVEC; i++) {
- shared_mem.in_vec[i].base = translate_addr_from_host_to_se(
- (void*)shared_mem.in_vec[i].base);
- shared_mem.out_vec[i].base = translate_addr_from_host_to_se(
- shared_mem.out_vec[i].base);
- }
-
- forward_params->psa_call_params.in_vec = translate_addr_from_host_to_se(
- shared_mem.in_vec);
- forward_params->psa_call_params.out_vec = translate_addr_from_host_to_se(
- shared_mem.out_vec);
-}
-
-static void translate_shared_mem_addrs_to_write_back_results(void)
-{
- int32_t i;
-
- for (i = 0; i < PSA_MAX_IOVEC; i++) {
- shared_mem.in_vec[i].base = translate_addr_from_se_to_host(
- (void*)shared_mem.in_vec[i].base);
- shared_mem.out_vec[i].base = translate_addr_from_se_to_host(
- shared_mem.out_vec[i].base);
- }
-
-}
-#endif
-
-struct ns_mailbox_queue_t * psa_proxy_get_ns_mailbox_queue(void)
-{
- return &(shared_mem.ns_mailbox_queue);
-}
-
-psa_status_t psa_proxy_put_msg_into_shared_mem(
- const psa_msg_t* msg,
- struct psa_client_params_t* forward_params)
-{
- psa_status_t status;
- uint32_t i;
- size_t in_vec_len = 0;
- size_t out_vec_len = 0;
-
- clear_shared_mem_buffer();
-
- for (i = 0; i < PSA_MAX_IOVEC; i++) {
- if (msg->in_size[i] > 0) {
- status = write_input_param_into_shared_mem(i, msg);
- if ( status != PSA_SUCCESS ) {
- return status;
- }
- in_vec_len = i + 1;
- }
- }
-
- for (i = 0; i < PSA_MAX_IOVEC; i++) {
- if (msg->out_size[i] > 0) {
- status = allocate_output_param_in_shared_mem(i, msg);
- if ( status != PSA_SUCCESS ) {
- return status;
- }
- out_vec_len = i + 1;
- }
- }
-
- forward_params->psa_call_params.in_vec = shared_mem.in_vec;
- forward_params->psa_call_params.in_len = in_vec_len;
- forward_params->psa_call_params.out_vec = shared_mem.out_vec;
- forward_params->psa_call_params.out_len = out_vec_len;
-
-#ifdef PSA_PROXY_ADDR_TRANSLATION
- translate_shared_mem_addrs_to_send_msg(forward_params);
-#endif
-
- return PSA_SUCCESS;
-}
-
-void psa_proxy_write_back_results_from_shared_mem(const psa_msg_t* msg)
-{
- uint32_t i;
-
-#ifdef PSA_PROXY_ADDR_TRANSLATION
- translate_shared_mem_addrs_to_write_back_results();
-#endif
-
- for (i = 0; i < PSA_MAX_IOVEC; i++) {
- if (shared_mem.out_vec[i].len > 0) {
- psa_write(msg->handle,
- i,
- shared_mem.out_vec[i].base,
- shared_mem.out_vec[i].len);
- }
- }
-}
diff --git a/secure_fw/partitions/psa_proxy/psa_proxy_shared_mem_mngr.h b/secure_fw/partitions/psa_proxy/psa_proxy_shared_mem_mngr.h
deleted file mode 100644
index 62254bf..0000000
--- a/secure_fw/partitions/psa_proxy/psa_proxy_shared_mem_mngr.h
+++ /dev/null
@@ -1,51 +0,0 @@
-/*
- * Copyright (c) 2020, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#ifndef __PSA_PROXY_SHARED_MEM_MNGR_H__
-#define __PSA_PROXY_SHARED_MEM_MNGR_H__
-
-#include "tfm_mailbox.h"
-#include "psa/error.h"
-#include "psa/service.h"
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \brief Returns the NS mailbox
- *
- * \return Returns a pointer to the NS mailbox
- */
-struct ns_mailbox_queue_t * psa_proxy_get_ns_mailbox_queue(void);
-
-/*!
- * \brief Puts message into the shared memory
- *
- * \param[in] msg PSA message to be forwarded
- * \param[out] forward_params PSA client parameters to be forwarded (pointers
- * of the shared input and output vectors shall be
- * written back to this structure.
- *
- * \return Returns values as specified by the \ref psa_status_t
- */
-psa_status_t psa_proxy_put_msg_into_shared_mem(
- const psa_msg_t *msg,
- struct psa_client_params_t *forward_params);
-
-/*!
- * \brief Writes back the results of the forwarded PSA message
- *
- * \param[in] msg Original PSA message was already forwarded
- */
-void psa_proxy_write_back_results_from_shared_mem(const psa_msg_t *msg);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __PSA_PROXY_SHARED_MEM_MNGR_H__ */
diff --git a/secure_fw/partitions/psa_proxy/tfm_psa_proxy.yaml b/secure_fw/partitions/psa_proxy/tfm_psa_proxy.yaml
deleted file mode 100644
index af40fb9..0000000
--- a/secure_fw/partitions/psa_proxy/tfm_psa_proxy.yaml
+++ /dev/null
@@ -1,77 +0,0 @@
-#-------------------------------------------------------------------------------
-# Copyright (c) 2020-2022, Arm Limited. All rights reserved.
-#
-# SPDX-License-Identifier: BSD-3-Clause
-#
-#-------------------------------------------------------------------------------
-
-{
- "psa_framework_version": 1.1,
- "name": "TFM_SP_PSA_PROXY",
- "type": "PSA-ROT",
- "priority": "HIGH",
- "model": "IPC",
- "entry_point": "psa_proxy_sp_init",
- "stack_size": "0x0A00",
- "services": [
- {
- # If there is not any connection-based service being built,
- # The psa_set_rhandle API will be excluded in building as it's for
- # connection-based serivce only.
- # But this Partition requires this API to save handles.
- # So to avoid the psa_set_rhandle API beening excluded, a dummy
- # connection-based services is added here.
- "name": "TFM_PROXY_DUMMY",
- "sid": "0xFFFFFFFF",
- "non_secure_clients": false,
- "connection_based": true,
- "version": 1,
- "version_policy": "STRICT"
- },
- {
- "name": "TFM_CRYPTO",
- "sid": "0x00000080",
- "non_secure_clients": true,
- "connection_based": false,
- "stateless_handle": 1,
- "version": 1,
- "version_policy": "STRICT"
- },
- {
- "name": "TFM_ATTESTATION_SERVICE",
- "sid": "0x00000020",
- "non_secure_clients": true,
- "connection_based": false,
- "stateless_handle": 4,
- "version": 1,
- "version_policy": "STRICT"
- },
- {
- "name": "TFM_INTERNAL_TRUSTED_STORAGE_SERVICE",
- "sid": "0x00000070",
- "non_secure_clients": true,
- "connection_based": false,
- "stateless_handle": 3,
- "version": 1,
- "version_policy": "STRICT"
- },
- {
- "name": "TFM_PLATFORM_SERVICE",
- "sid": "0x00000040",
- "non_secure_clients": true,
- "connection_based": false,
- "stateless_handle": 6,
- "minor_version": 1,
- "minor_policy": "STRICT"
- },
- {
- "name": "TFM_PROTECTED_STORAGE_SERVICE",
- "sid": "0x00000060",
- "non_secure_clients": true,
- "connection_based": false,
- "stateless_handle": 2,
- "version": 1,
- "version_policy": "STRICT"
- }
- ]
-}
diff --git a/tools/tfm_manifest_list.yaml b/tools/tfm_manifest_list.yaml
index 72b2827..1e26d13 100644
--- a/tools/tfm_manifest_list.yaml
+++ b/tools/tfm_manifest_list.yaml
@@ -121,20 +121,6 @@
}
},
{
- "description": "TF-M PSA Proxy Partition",
- "manifest": "../secure_fw/partitions/psa_proxy/tfm_psa_proxy.yaml",
- "output_path": "secure_fw/partitions/psa_proxy",
- "conditional": "TFM_PARTITION_PSA_PROXY",
- "version_major": 0,
- "version_minor": 1,
- "pid": 270,
- "linker_pattern": {
- "library_list": [
- "*tfm_*partition_psa_proxy.*"
- ]
- }
- },
- {
"description": "TFM Firmware Update Partition",
"manifest": "../secure_fw/partitions/firmware_update/tfm_firmware_update.yaml",
"output_path": "secure_fw/partitions/firmware_update",