TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / sandbox / pfalcon / trusted-firmware-m / 967ffa9ecfc0f93208dc840c4866474b09c727e8 / . / platform / include / tfm_hal_isolation.h
blob: 67cf1c20b6edc63a7e6228a464a5146624ae80ae [file] [log] [blame]
Kevin Peng93fb9f52020-09-17 11:45:54 +0800[diff] [blame]1/*
Ken Liu967ffa92022-05-25 15:13:34 +0800[diff] [blame^]2 * Copyright (c) 2020-2022, Arm Limited. All rights reserved.
Kevin Peng93fb9f52020-09-17 11:45:54 +0800[diff] [blame]3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
8#ifndef __TFM_HAL_ISOLATION_H__
9#define __TFM_HAL_ISOLATION_H__
10
11#include <stddef.h>
12#include <stdint.h>
13#include "tfm_hal_defs.h"
Ken Liuce58bfc2021-05-12 17:54:48 +0800[diff] [blame]14#include "load/partition_defs.h"
15#include "load/asset_defs.h"
Kevin Peng93fb9f52020-09-17 11:45:54 +0800[diff] [blame]16
17#ifdef __cplusplus
18extern "C" {
19#endif
20
21/* Memory access attributes */
22#define TFM_HAL_ACCESS_EXECUTABLE (1UL << 0)
23#define TFM_HAL_ACCESS_READABLE (1UL << 1)
24#define TFM_HAL_ACCESS_WRITABLE (1UL << 2)
25#define TFM_HAL_ACCESS_UNPRIVILEGED (1UL << 3)
26#define TFM_HAL_ACCESS_DEVICE (1UL << 4)
27#define TFM_HAL_ACCESS_NS (1UL << 5)
28
Tamas Band28286e2020-11-27 12:58:39 +0000[diff] [blame]29#ifdef TFM_FIH_PROFILE_ON
Ken Liuce58bfc2021-05-12 17:54:48 +0800[diff] [blame]30#include "fih.h"
Kevin Peng93fb9f52020-09-17 11:45:54 +0800[diff] [blame]31/**
32 * \brief Sets up the static isolation boundaries which are constant throughout
33 * the runtime of the system, including the SPE/NSPE and partition
34 * boundaries.
35 *
36 * \return TFM_HAL_SUCCESS - the isolation boundaries have been set up.
37 * TFM_HAL_ERROR_GENERIC - failed to set up the isolation boundaries.
38 */
Tamas Band28286e2020-11-27 12:58:39 +0000[diff] [blame]39fih_int tfm_hal_set_up_static_boundaries(void);
40
Tamas Band28286e2020-11-27 12:58:39 +0000[diff] [blame]41/**
Kevin Peng38788a12021-09-08 16:23:50 +0800[diff] [blame]42 * \brief This function is responsible for checking all critical isolation
43 configurations.
44 *
45 * \return TFM_HAL_SUCCESS - the verification passed.
46 * TFM_HAL_ERROR_GENERIC - the verification failed.
47 */
48fih_int tfm_hal_verify_static_boundaries(void);
49
50/**
Ken Liu967ffa92022-05-25 15:13:34 +0800[diff] [blame^]51 * \brief Activate one Secure Partition boundary.
Tamas Band28286e2020-11-27 12:58:39 +0000[diff] [blame]52 *
Ken Liuce58bfc2021-05-12 17:54:48 +0800[diff] [blame]53 * \param[in] p_ldinf Partition load information.
Ken Liu967ffa92022-05-25 15:13:34 +0800[diff] [blame^]54 * \param[in] boundary Platform boundary value for partition.
Tamas Band28286e2020-11-27 12:58:39 +0000[diff] [blame]55 *
Ken Liuce58bfc2021-05-12 17:54:48 +0800[diff] [blame]56 * \return TFM_HAL_SUCCESS The isolation boundaries update succeeded.
57 * TFM_HAL_ERROR_GENERIC Failed to update the isolation boundaries.
Tamas Band28286e2020-11-27 12:58:39 +0000[diff] [blame]58 *
59 * \note When FIH_ENABLE_DOUBLE_VARS is enabled, the return code will be
60 * wrapped and protected in \ref fih_int structure.
61 */
Ken Liu967ffa92022-05-25 15:13:34 +0800[diff] [blame^]62fih_int tfm_hal_activate_boundary(const struct partition_load_info_t *p_ldinf,
63 uintptr_t boundary);
Tamas Band28286e2020-11-27 12:58:39 +0000[diff] [blame]64#else /* TFM_FIH_PROFILE_ON */
65/**
66 * \brief Sets up the static isolation boundaries which are constant throughout
67 * the runtime of the system, including the SPE/NSPE and partition
68 * boundaries.
69 *
70 * \return TFM_HAL_SUCCESS - the isolation boundaries have been set up.
71 * TFM_HAL_ERROR_GENERIC - failed to set up the isolation boundaries.
Tamas Band28286e2020-11-27 12:58:39 +0000[diff] [blame]72 */
Kevin Peng93fb9f52020-09-17 11:45:54 +0800[diff] [blame]73enum tfm_hal_status_t tfm_hal_set_up_static_boundaries(void);
74
Tamas Band28286e2020-11-27 12:58:39 +0000[diff] [blame]75/**
Ken Liu967ffa92022-05-25 15:13:34 +0800[diff] [blame^]76 * \brief Activate one Secure Partition boundary.
Tamas Band28286e2020-11-27 12:58:39 +0000[diff] [blame]77 *
Ken Liuce58bfc2021-05-12 17:54:48 +0800[diff] [blame]78 * \param[in] p_ldinf Partition load information.
Ken Liu967ffa92022-05-25 15:13:34 +0800[diff] [blame^]79 * \param[in] boundary Platform boundary value for partition.
Tamas Band28286e2020-11-27 12:58:39 +0000[diff] [blame]80 *
Ken Liuce58bfc2021-05-12 17:54:48 +0800[diff] [blame]81 * \return TFM_HAL_SUCCESS The isolation boundaries update succeeded.
82 * TFM_HAL_ERROR_GENERIC Failed to update the isolation boundaries.
Tamas Band28286e2020-11-27 12:58:39 +0000[diff] [blame]83 */
Ken Liu967ffa92022-05-25 15:13:34 +0800[diff] [blame^]84enum tfm_hal_status_t tfm_hal_activate_boundary(
Ken Liuce58bfc2021-05-12 17:54:48 +0800[diff] [blame]85 const struct partition_load_info_t *p_ldinf,
Ken Liu967ffa92022-05-25 15:13:34 +0800[diff] [blame^]86 uintptr_t boundary);
Tamas Band28286e2020-11-27 12:58:39 +0000[diff] [blame]87#endif /* TFM_FIH_PROFILE_ON */
88
Kevin Peng93fb9f52020-09-17 11:45:54 +0800[diff] [blame]89/**
90 * \brief This API checks if the memory region defined by base and size
91 * matches the given attributes - attr.
92 * The attributes can include NSPE access, privileged mode, and
93 * read-write permissions.
94 *
95 * \param[in] base The base address of the region.
96 * \param[in] size The size of the region.
97 * \param[in] attr The memory access attributes.
98 *
99 * \return TFM_HAL_SUCCESS - The memory region has the access permissions.
100 * TFM_HAL_ERROR_MEM_FAULT - The memory region has not the access
101 * permissions.
102 * TFM_HAL_ERROR_INVALID_INPUT - Invalid inputs.
103 * TFM_HAL_ERROR_GENERIC - An error occurred.
104 */
105enum tfm_hal_status_t tfm_hal_memory_has_access(uintptr_t base,
106 size_t size,
107 uint32_t attr);
108
Ken Liuce58bfc2021-05-12 17:54:48 +0800[diff] [blame]109/**
110 * \brief This API binds partition boundaries with the platform. The platform
111 * maintains the platform-specific settings for SPM further
Ken Liu967ffa92022-05-25 15:13:34 +0800[diff] [blame^]112 * usage, such as update partition boundaries or
Ken Liuce58bfc2021-05-12 17:54:48 +0800[diff] [blame]113 * check resource accessibility. The platform needs to manage
Ken Liu967ffa92022-05-25 15:13:34 +0800[diff] [blame^]114 * the settings with internal mechanism, and return a value
115 * to SPM. SPM delivers this value back to platform when
116 * necessary. And SPM checks this value to decide if the
Ken Liuce58bfc2021-05-12 17:54:48 +0800[diff] [blame]117 * platform-specific settings need to be updated. Hence
Ken Liu967ffa92022-05-25 15:13:34 +0800[diff] [blame^]118 * multiple partitions can have the same value if they have
Ken Liuce58bfc2021-05-12 17:54:48 +0800[diff] [blame]119 * the same platform-specific settings, depending on isolation level.
120 *
121 * \param[in] p_ldinf Partition load information.
Ken Liu967ffa92022-05-25 15:13:34 +0800[diff] [blame^]122 * \param[in] p_boundary Pointer of the boundary value
Ken Liuce58bfc2021-05-12 17:54:48 +0800[diff] [blame]123 *
Ken Liu967ffa92022-05-25 15:13:34 +0800[diff] [blame^]124 * \return TFM_HAL_SUCCESS - A platform value bound successfully.
125 * TFM_HAL_ERROR_GENERIC - Error occurred while binding.
Ken Liuce58bfc2021-05-12 17:54:48 +0800[diff] [blame]126 */
Ken Liu967ffa92022-05-25 15:13:34 +0800[diff] [blame^]127enum tfm_hal_status_t tfm_hal_bind_boundary(
Ken Liuce58bfc2021-05-12 17:54:48 +0800[diff] [blame]128 const struct partition_load_info_t *p_ldinf,
Ken Liu967ffa92022-05-25 15:13:34 +0800[diff] [blame^]129 uintptr_t *p_boundary);
Ken Liuce58bfc2021-05-12 17:54:48 +0800[diff] [blame]130
Kevin Peng93fb9f52020-09-17 11:45:54 +0800[diff] [blame]131#ifdef __cplusplus
132}
133#endif
134
135#endif /* __TFM_HAL_ISOLATION_H__ */