| Kevin Peng | 93fb9f5 | 2020-09-17 11:45:54 +0800 | [diff] [blame] | 1 | /* |
| Tamas Ban | d28286e | 2020-11-27 12:58:39 +0000 | [diff] [blame] | 2 | * Copyright (c) 2020-2021, Arm Limited. All rights reserved. |
| Kevin Peng | 93fb9f5 | 2020-09-17 11:45:54 +0800 | [diff] [blame] | 3 | * |
| 4 | * SPDX-License-Identifier: BSD-3-Clause |
| 5 | * |
| 6 | */ |
| 7 | |
| 8 | #ifndef __TFM_HAL_ISOLATION_H__ |
| 9 | #define __TFM_HAL_ISOLATION_H__ |
| 10 | |
| 11 | #include <stddef.h> |
| 12 | #include <stdint.h> |
| 13 | #include "tfm_hal_defs.h" |
| Ken Liu | ce58bfc | 2021-05-12 17:54:48 +0800 | [diff] [blame^] | 14 | #include "load/partition_defs.h" |
| 15 | #include "load/asset_defs.h" |
| Kevin Peng | 93fb9f5 | 2020-09-17 11:45:54 +0800 | [diff] [blame] | 16 | |
| 17 | #ifdef __cplusplus |
| 18 | extern "C" { |
| 19 | #endif |
| 20 | |
| 21 | /* Memory access attributes */ |
| 22 | #define TFM_HAL_ACCESS_EXECUTABLE (1UL << 0) |
| 23 | #define TFM_HAL_ACCESS_READABLE (1UL << 1) |
| 24 | #define TFM_HAL_ACCESS_WRITABLE (1UL << 2) |
| 25 | #define TFM_HAL_ACCESS_UNPRIVILEGED (1UL << 3) |
| 26 | #define TFM_HAL_ACCESS_DEVICE (1UL << 4) |
| 27 | #define TFM_HAL_ACCESS_NS (1UL << 5) |
| 28 | |
| Tamas Ban | d28286e | 2020-11-27 12:58:39 +0000 | [diff] [blame] | 29 | #ifdef TFM_FIH_PROFILE_ON |
| Ken Liu | ce58bfc | 2021-05-12 17:54:48 +0800 | [diff] [blame^] | 30 | #include "fih.h" |
| Kevin Peng | 93fb9f5 | 2020-09-17 11:45:54 +0800 | [diff] [blame] | 31 | /** |
| 32 | * \brief Sets up the static isolation boundaries which are constant throughout |
| 33 | * the runtime of the system, including the SPE/NSPE and partition |
| 34 | * boundaries. |
| 35 | * |
| 36 | * \return TFM_HAL_SUCCESS - the isolation boundaries have been set up. |
| 37 | * TFM_HAL_ERROR_GENERIC - failed to set up the isolation boundaries. |
| 38 | */ |
| Tamas Ban | d28286e | 2020-11-27 12:58:39 +0000 | [diff] [blame] | 39 | fih_int tfm_hal_set_up_static_boundaries(void); |
| 40 | |
| Tamas Ban | d28286e | 2020-11-27 12:58:39 +0000 | [diff] [blame] | 41 | /** |
| Ken Liu | ce58bfc | 2021-05-12 17:54:48 +0800 | [diff] [blame^] | 42 | * \brief Update the isolation boundaries. |
| Tamas Ban | d28286e | 2020-11-27 12:58:39 +0000 | [diff] [blame] | 43 | * |
| Ken Liu | ce58bfc | 2021-05-12 17:54:48 +0800 | [diff] [blame^] | 44 | * \param[in] p_ldinf Partition load information. |
| 45 | * \param[in] p_boundaries Platform boundary handle for partition. |
| Tamas Ban | d28286e | 2020-11-27 12:58:39 +0000 | [diff] [blame] | 46 | * |
| Ken Liu | ce58bfc | 2021-05-12 17:54:48 +0800 | [diff] [blame^] | 47 | * \return TFM_HAL_SUCCESS The isolation boundaries update succeeded. |
| 48 | * TFM_HAL_ERROR_GENERIC Failed to update the isolation boundaries. |
| Tamas Ban | d28286e | 2020-11-27 12:58:39 +0000 | [diff] [blame] | 49 | * |
| 50 | * \note When FIH_ENABLE_DOUBLE_VARS is enabled, the return code will be |
| 51 | * wrapped and protected in \ref fih_int structure. |
| 52 | */ |
| Ken Liu | ce58bfc | 2021-05-12 17:54:48 +0800 | [diff] [blame^] | 53 | fih_int tfm_hal_update_boundaries(const struct partition_load_info_t *p_ldinf, |
| 54 | void *p_boundaries); |
| Tamas Ban | d28286e | 2020-11-27 12:58:39 +0000 | [diff] [blame] | 55 | #else /* TFM_FIH_PROFILE_ON */ |
| 56 | /** |
| 57 | * \brief Sets up the static isolation boundaries which are constant throughout |
| 58 | * the runtime of the system, including the SPE/NSPE and partition |
| 59 | * boundaries. |
| 60 | * |
| 61 | * \return TFM_HAL_SUCCESS - the isolation boundaries have been set up. |
| 62 | * TFM_HAL_ERROR_GENERIC - failed to set up the isolation boundaries. |
| Tamas Ban | d28286e | 2020-11-27 12:58:39 +0000 | [diff] [blame] | 63 | */ |
| Kevin Peng | 93fb9f5 | 2020-09-17 11:45:54 +0800 | [diff] [blame] | 64 | enum tfm_hal_status_t tfm_hal_set_up_static_boundaries(void); |
| 65 | |
| Tamas Ban | d28286e | 2020-11-27 12:58:39 +0000 | [diff] [blame] | 66 | /** |
| Ken Liu | ce58bfc | 2021-05-12 17:54:48 +0800 | [diff] [blame^] | 67 | * \brief Update the isolation boundaries. |
| Tamas Ban | d28286e | 2020-11-27 12:58:39 +0000 | [diff] [blame] | 68 | * |
| Ken Liu | ce58bfc | 2021-05-12 17:54:48 +0800 | [diff] [blame^] | 69 | * \param[in] p_ldinf Partition load information. |
| 70 | * \param[in] p_boundaries Platform boundary handle for partition. |
| Tamas Ban | d28286e | 2020-11-27 12:58:39 +0000 | [diff] [blame] | 71 | * |
| Ken Liu | ce58bfc | 2021-05-12 17:54:48 +0800 | [diff] [blame^] | 72 | * \return TFM_HAL_SUCCESS The isolation boundaries update succeeded. |
| 73 | * TFM_HAL_ERROR_GENERIC Failed to update the isolation boundaries. |
| Tamas Ban | d28286e | 2020-11-27 12:58:39 +0000 | [diff] [blame] | 74 | */ |
| Ken Liu | ce58bfc | 2021-05-12 17:54:48 +0800 | [diff] [blame^] | 75 | enum tfm_hal_status_t tfm_hal_update_boundaries( |
| 76 | const struct partition_load_info_t *p_ldinf, |
| 77 | void *p_boundaries); |
| Tamas Ban | d28286e | 2020-11-27 12:58:39 +0000 | [diff] [blame] | 78 | #endif /* TFM_FIH_PROFILE_ON */ |
| 79 | |
| Kevin Peng | 93fb9f5 | 2020-09-17 11:45:54 +0800 | [diff] [blame] | 80 | /** |
| 81 | * \brief This API checks if the memory region defined by base and size |
| 82 | * matches the given attributes - attr. |
| 83 | * The attributes can include NSPE access, privileged mode, and |
| 84 | * read-write permissions. |
| 85 | * |
| 86 | * \param[in] base The base address of the region. |
| 87 | * \param[in] size The size of the region. |
| 88 | * \param[in] attr The memory access attributes. |
| 89 | * |
| 90 | * \return TFM_HAL_SUCCESS - The memory region has the access permissions. |
| 91 | * TFM_HAL_ERROR_MEM_FAULT - The memory region has not the access |
| 92 | * permissions. |
| 93 | * TFM_HAL_ERROR_INVALID_INPUT - Invalid inputs. |
| 94 | * TFM_HAL_ERROR_GENERIC - An error occurred. |
| 95 | */ |
| 96 | enum tfm_hal_status_t tfm_hal_memory_has_access(uintptr_t base, |
| 97 | size_t size, |
| 98 | uint32_t attr); |
| 99 | |
| Ken Liu | ce58bfc | 2021-05-12 17:54:48 +0800 | [diff] [blame^] | 100 | /** |
| 101 | * \brief This API binds partition boundaries with the platform. The platform |
| 102 | * maintains the platform-specific settings for SPM further |
| 103 | * usage, such as update partition hardware boundaries or |
| 104 | * check resource accessibility. The platform needs to manage |
| 105 | * the settings with internal mechanism, and return a handle |
| 106 | * to SPM. SPM delivers this handle back to platform when |
| 107 | * necessary. And SPM checks this handle to decide if the |
| 108 | * platform-specific settings need to be updated. Hence |
| 109 | * multiple partitions can have the same handle if they have |
| 110 | * the same platform-specific settings, depending on isolation level. |
| 111 | * |
| 112 | * \param[in] p_ldinf Partition load information. |
| 113 | * \param[in] pp_boundaries Pointer of the boundary handle |
| 114 | * |
| 115 | * \return TFM_HAL_SUCCESS - A platform handle binding success. |
| 116 | * TFM_HAL_ERROR_GENERIC - Error occured while binding. |
| 117 | */ |
| 118 | enum tfm_hal_status_t tfm_hal_bind_boundaries( |
| 119 | const struct partition_load_info_t *p_ldinf, |
| 120 | void **pp_boundaries); |
| 121 | |
| Kevin Peng | 93fb9f5 | 2020-09-17 11:45:54 +0800 | [diff] [blame] | 122 | #ifdef __cplusplus |
| 123 | } |
| 124 | #endif |
| 125 | |
| 126 | #endif /* __TFM_HAL_ISOLATION_H__ */ |