aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEdison Ai <edison.ai@arm.com>2019-07-11 18:02:18 +0800
committerEdison Ai <edison.ai@arm.com>2019-08-12 14:17:03 +0800
commit14dd13702059757fd6dd42a73f939b2df51731c2 (patch)
tree9a5e4390a34b45c86180d91bebf084f19d2764a9
parent7aff9e8d196e4ea92a29b8e36335d8df452e3b9d (diff)
downloadtrusted-firmware-m-14dd13702059757fd6dd42a73f939b2df51731c2.tar.gz
Platform: Remove isolation level 3
Remove isolation level 3 related functions and configure from library model. Change-Id: I988cee997861f8c682ea5f218800a36be37dc674 Signed-off-by: Edison Ai <edison.ai@arm.com>
-rw-r--r--platform/ext/common/armclang/tfm_common_s.sct28
-rw-r--r--platform/ext/common/armclang/tfm_common_s.sct.template15
-rw-r--r--platform/ext/common/gcc/tfm_common_s.ld65
-rw-r--r--platform/ext/common/gcc/tfm_common_s.ld.template35
-rw-r--r--platform/ext/target/mps2/an519/spm_hal.c175
-rw-r--r--platform/ext/target/mps2/an521/spm_hal.c175
-rw-r--r--platform/ext/target/mps3/an524/spm_hal.c168
-rw-r--r--platform/ext/target/musca_a/spm_hal.c175
-rw-r--r--platform/ext/target/musca_b1/spm_hal.c175
-rw-r--r--platform/include/tfm_plat_defs.h9
-rw-r--r--platform/include/tfm_spm_hal.h41
11 files changed, 49 insertions, 1012 deletions
diff --git a/platform/ext/common/armclang/tfm_common_s.sct b/platform/ext/common/armclang/tfm_common_s.sct
index 24bdbae3b2..d950e47b93 100644
--- a/platform/ext/common/armclang/tfm_common_s.sct
+++ b/platform/ext/common/armclang/tfm_common_s.sct
@@ -170,10 +170,10 @@ LR_CODE S_CODE_START {
.ANY (+RW +ZI)
}
-#if (TFM_LVL == 1) && !defined(TFM_PSA_API)
+#if !defined(TFM_PSA_API)
TFM_SECURE_STACK +0 ALIGN 128 EMPTY 0x2000 {
}
-#endif /* (TFM_LVL == 1) && !defined(TFM_PSA_API) */
+#endif /* !defined(TFM_PSA_API) */
TFM_UNPRIV_DATA +0 ALIGN 32 {
tfm_spm_services.o (+RW +ZI)
@@ -204,7 +204,7 @@ LR_CODE S_CODE_START {
*(TFM_SP_STORAGE_ATTR_ZI)
}
-#if defined (TFM_PSA_API) || (TFM_LVL != 1)
+#if defined (TFM_PSA_API)
TFM_SP_STORAGE_STACK +0 ALIGN 128 EMPTY 0x1800 {
}
#endif
@@ -219,9 +219,6 @@ LR_CODE S_CODE_START {
#if defined (TFM_PSA_API)
TFM_SP_AUDIT_LOG_STACK +0 ALIGN 128 EMPTY 0 {
}
-#elif TFM_LVL != 1
- TFM_SP_AUDIT_LOG_STACK +0 ALIGN 128 EMPTY 0x0200 {
- }
#endif
#endif /* TFM_PARTITION_AUDIT_LOG */
@@ -231,7 +228,7 @@ LR_CODE S_CODE_START {
*(TFM_SP_CRYPTO_ATTR_ZI)
}
-#if defined (TFM_PSA_API) || (TFM_LVL != 1)
+#if defined (TFM_PSA_API)
TFM_SP_CRYPTO_STACK +0 ALIGN 128 EMPTY 0x2000 {
}
#endif
@@ -246,9 +243,6 @@ LR_CODE S_CODE_START {
#if defined (TFM_PSA_API)
TFM_SP_PLATFORM_STACK +0 ALIGN 128 EMPTY 0 {
}
-#elif TFM_LVL != 1
- TFM_SP_PLATFORM_STACK +0 ALIGN 128 EMPTY 0x0400 {
- }
#endif
#endif /* TFM_PARTITION_PLATFORM */
@@ -258,7 +252,7 @@ LR_CODE S_CODE_START {
*(TFM_SP_INITIAL_ATTESTATION_ATTR_ZI)
}
-#if defined (TFM_PSA_API) || (TFM_LVL != 1)
+#if defined (TFM_PSA_API)
TFM_SP_INITIAL_ATTESTATION_STACK +0 ALIGN 128 EMPTY 0x0A00 {
}
#endif
@@ -278,7 +272,7 @@ LR_CODE S_CODE_START {
*(TFM_SP_SECURE_TEST_PARTITION_ATTR_ZI)
}
-#if defined (TFM_PSA_API) || (TFM_LVL != 1)
+#if defined (TFM_PSA_API)
TFM_SP_SECURE_TEST_PARTITION_STACK +0 ALIGN 128 EMPTY 0x0C00 {
}
#endif
@@ -291,7 +285,7 @@ LR_CODE S_CODE_START {
*(TFM_SP_IPC_SERVICE_TEST_ATTR_ZI)
}
-#if defined (TFM_PSA_API) || (TFM_LVL != 1)
+#if defined (TFM_PSA_API)
TFM_SP_IPC_SERVICE_TEST_STACK +0 ALIGN 128 EMPTY 0x0200 {
}
#endif
@@ -319,7 +313,7 @@ LR_CODE S_CODE_START {
*(TFM_SP_CORE_TEST_ATTR_ZI)
}
-#if defined (TFM_PSA_API) || (TFM_LVL != 1)
+#if defined (TFM_PSA_API)
TFM_SP_CORE_TEST_STACK +0 ALIGN 128 EMPTY 0x0300 {
}
#endif
@@ -332,7 +326,7 @@ LR_CODE S_CODE_START {
*(TFM_SP_CORE_TEST_2_ATTR_ZI)
}
-#if defined (TFM_PSA_API) || (TFM_LVL != 1)
+#if defined (TFM_PSA_API)
TFM_SP_CORE_TEST_2_STACK +0 ALIGN 128 EMPTY 0x0200 {
}
#endif
@@ -345,7 +339,7 @@ LR_CODE S_CODE_START {
*(TFM_SP_IPC_CLIENT_TEST_ATTR_ZI)
}
-#if defined (TFM_PSA_API) || (TFM_LVL != 1)
+#if defined (TFM_PSA_API)
TFM_SP_IPC_CLIENT_TEST_STACK +0 ALIGN 128 EMPTY 0x0200 {
}
#endif
@@ -359,7 +353,7 @@ LR_CODE S_CODE_START {
*(TFM_IRQ_TEST_1_ATTR_ZI)
}
-#if defined (TFM_PSA_API) || (TFM_LVL != 1)
+#if defined (TFM_PSA_API)
TFM_IRQ_TEST_1_STACK +0 ALIGN 128 EMPTY 0x0400 {
}
#endif
diff --git a/platform/ext/common/armclang/tfm_common_s.sct.template b/platform/ext/common/armclang/tfm_common_s.sct.template
index dc73f09a77..bfc98c0f2e 100644
--- a/platform/ext/common/armclang/tfm_common_s.sct.template
+++ b/platform/ext/common/armclang/tfm_common_s.sct.template
@@ -138,10 +138,10 @@ LR_CODE S_CODE_START {
.ANY (+RW +ZI)
}
-#if (TFM_LVL == 1) && !defined(TFM_PSA_API)
+#if !defined(TFM_PSA_API)
TFM_SECURE_STACK +0 ALIGN 128 EMPTY 0x2000 {
}
-#endif /* (TFM_LVL == 1) && !defined(TFM_PSA_API) */
+#endif /* !defined(TFM_PSA_API) */
TFM_UNPRIV_DATA +0 ALIGN 32 {
tfm_spm_services.o (+RW +ZI)
@@ -187,7 +187,7 @@ LR_CODE S_CODE_START {
}
{% if manifest.attr.tfm_partition_ipc %}
-#if defined (TFM_PSA_API) || (TFM_LVL != 1)
+#if defined (TFM_PSA_API)
{{manifest.manifest.name}}_STACK +0 ALIGN 128 EMPTY {{manifest.manifest.stack_size}} {
}
#endif
@@ -195,9 +195,6 @@ LR_CODE S_CODE_START {
#if defined (TFM_PSA_API)
{{manifest.manifest.name}}_STACK +0 ALIGN 128 EMPTY 0 {
}
-#elif TFM_LVL != 1
- {{manifest.manifest.name}}_STACK +0 ALIGN 128 EMPTY {{manifest.manifest.stack_size}} {
- }
#endif
{% endif %}
{% if manifest.attr.conditional %}
@@ -242,7 +239,7 @@ LR_CODE S_CODE_START {
}
{% if manifest.attr.tfm_partition_ipc %}
-#if defined (TFM_PSA_API) || (TFM_LVL != 1)
+#if defined (TFM_PSA_API)
{{manifest.manifest.name}}_STACK +0 ALIGN 128 EMPTY {{manifest.manifest.stack_size}} {
}
#endif
@@ -250,10 +247,6 @@ LR_CODE S_CODE_START {
#if defined (TFM_PSA_API)
{{manifest.manifest.name}}_STACK +0 ALIGN 128 EMPTY 0 {
}
-#elif TFM_LVL != 1
- {{manifest.manifest.name}}_STACK +0 ALIGN 128 EMPTY {{manifest.manifest.stack_size}} {
- }
-#endif
{% endif %}
{% if manifest.attr.conditional %}
#endif /* {{manifest.attr.conditional}} */
diff --git a/platform/ext/common/gcc/tfm_common_s.ld b/platform/ext/common/gcc/tfm_common_s.ld
index c17135aab4..e9f2f59a40 100644
--- a/platform/ext/common/gcc/tfm_common_s.ld
+++ b/platform/ext/common/gcc/tfm_common_s.ld
@@ -127,52 +127,47 @@ SECTIONS
LONG (ADDR(.TFM_BSS))
LONG (SIZEOF(.TFM_BSS))
#if !defined(TFM_PSA_API)
-#if TFM_LVL == 1
LONG (ADDR(.TFM_SECURE_STACK))
LONG (SIZEOF(.TFM_SECURE_STACK))
-#else /* TFM_LVL == 1 */
- LONG (ADDR(.TFM_UNPRIV_BSS))
- LONG (SIZEOF(.TFM_UNPRIV_BSS))
-#endif /* TFM_LVL == 1 */
#endif /* !defined(TFM_PSA_API) */
LONG (ADDR(.TFM_SP_STORAGE_BSS))
LONG (SIZEOF(.TFM_SP_STORAGE_BSS))
-#if defined(TFM_PSA_API) || (TFM_LVL != 1)
+#if defined(TFM_PSA_API)
LONG (ADDR(.TFM_SP_STORAGE_STACK))
LONG (SIZEOF(.TFM_SP_STORAGE_STACK))
#endif
#ifdef TFM_PARTITION_AUDIT_LOG
LONG (ADDR(.TFM_SP_AUDIT_LOG_BSS))
LONG (SIZEOF(.TFM_SP_AUDIT_LOG_BSS))
-#if defined(TFM_PSA_API) || (TFM_LVL != 1)
+#if defined(TFM_PSA_API)
LONG (ADDR(.TFM_SP_AUDIT_LOG_STACK))
LONG (SIZEOF(.TFM_SP_AUDIT_LOG_STACK))
#endif
#endif /* TFM_PARTITION_AUDIT_LOG */
LONG (ADDR(.TFM_SP_CRYPTO_BSS))
LONG (SIZEOF(.TFM_SP_CRYPTO_BSS))
-#if defined(TFM_PSA_API) || (TFM_LVL != 1)
+#if defined(TFM_PSA_API)
LONG (ADDR(.TFM_SP_CRYPTO_STACK))
LONG (SIZEOF(.TFM_SP_CRYPTO_STACK))
#endif
#ifdef TFM_PARTITION_PLATFORM
LONG (ADDR(.TFM_SP_PLATFORM_BSS))
LONG (SIZEOF(.TFM_SP_PLATFORM_BSS))
-#if defined(TFM_PSA_API) || (TFM_LVL != 1)
+#if defined(TFM_PSA_API)
LONG (ADDR(.TFM_SP_PLATFORM_STACK))
LONG (SIZEOF(.TFM_SP_PLATFORM_STACK))
#endif
#endif /* TFM_PARTITION_PLATFORM */
LONG (ADDR(.TFM_SP_INITIAL_ATTESTATION_BSS))
LONG (SIZEOF(.TFM_SP_INITIAL_ATTESTATION_BSS))
-#if defined(TFM_PSA_API) || (TFM_LVL != 1)
+#if defined(TFM_PSA_API)
LONG (ADDR(.TFM_SP_INITIAL_ATTESTATION_STACK))
LONG (SIZEOF(.TFM_SP_INITIAL_ATTESTATION_STACK))
#endif
#ifdef TFM_PARTITION_TEST_CORE
LONG (ADDR(.TFM_SP_CORE_TEST_BSS))
LONG (SIZEOF(.TFM_SP_CORE_TEST_BSS))
-#if defined(TFM_PSA_API) || (TFM_LVL != 1)
+#if defined(TFM_PSA_API)
LONG (ADDR(.TFM_SP_CORE_TEST_STACK))
LONG (SIZEOF(.TFM_SP_CORE_TEST_STACK))
#endif
@@ -180,7 +175,7 @@ SECTIONS
#ifdef TFM_PARTITION_TEST_CORE
LONG (ADDR(.TFM_SP_CORE_TEST_2_BSS))
LONG (SIZEOF(.TFM_SP_CORE_TEST_2_BSS))
-#if defined(TFM_PSA_API) || (TFM_LVL != 1)
+#if defined(TFM_PSA_API)
LONG (ADDR(.TFM_SP_CORE_TEST_2_STACK))
LONG (SIZEOF(.TFM_SP_CORE_TEST_2_STACK))
#endif
@@ -188,7 +183,7 @@ SECTIONS
#ifdef TFM_PARTITION_TEST_SECURE_SERVICES
LONG (ADDR(.TFM_SP_SECURE_TEST_PARTITION_BSS))
LONG (SIZEOF(.TFM_SP_SECURE_TEST_PARTITION_BSS))
-#if defined(TFM_PSA_API) || (TFM_LVL != 1)
+#if defined(TFM_PSA_API)
LONG (ADDR(.TFM_SP_SECURE_TEST_PARTITION_STACK))
LONG (SIZEOF(.TFM_SP_SECURE_TEST_PARTITION_STACK))
#endif
@@ -196,7 +191,7 @@ SECTIONS
#ifdef TFM_PARTITION_TEST_CORE_IPC
LONG (ADDR(.TFM_SP_IPC_SERVICE_TEST_BSS))
LONG (SIZEOF(.TFM_SP_IPC_SERVICE_TEST_BSS))
-#if defined(TFM_PSA_API) || (TFM_LVL != 1)
+#if defined(TFM_PSA_API)
LONG (ADDR(.TFM_SP_IPC_SERVICE_TEST_STACK))
LONG (SIZEOF(.TFM_SP_IPC_SERVICE_TEST_STACK))
#endif
@@ -204,7 +199,7 @@ SECTIONS
#ifdef TFM_PARTITION_TEST_CORE_IPC
LONG (ADDR(.TFM_SP_IPC_CLIENT_TEST_BSS))
LONG (SIZEOF(.TFM_SP_IPC_CLIENT_TEST_BSS))
-#if defined(TFM_PSA_API) || (TFM_LVL != 1)
+#if defined(TFM_PSA_API)
LONG (ADDR(.TFM_SP_IPC_CLIENT_TEST_STACK))
LONG (SIZEOF(.TFM_SP_IPC_CLIENT_TEST_STACK))
#endif
@@ -212,7 +207,7 @@ SECTIONS
#ifdef TFM_PARTITION_TEST_CORE
LONG (ADDR(.TFM_IRQ_TEST_1_BSS))
LONG (SIZEOF(.TFM_IRQ_TEST_1_BSS))
-#if defined(TFM_PSA_API) || (TFM_LVL != 1)
+#if defined(TFM_PSA_API)
LONG (ADDR(.TFM_IRQ_TEST_1_STACK))
LONG (SIZEOF(.TFM_IRQ_TEST_1_STACK))
#endif
@@ -585,7 +580,7 @@ SECTIONS
Image$$TFM_SP_STORAGE_DATA$$ZI$$Base = ADDR(.TFM_SP_STORAGE_BSS);
Image$$TFM_SP_STORAGE_DATA$$ZI$$Limit = ADDR(.TFM_SP_STORAGE_BSS) + SIZEOF(.TFM_SP_STORAGE_BSS);
-#if defined (TFM_PSA_API) || (TFM_LVL != 1)
+#if defined (TFM_PSA_API)
.TFM_SP_STORAGE_STACK : ALIGN(128)
{
. += 0x1800;
@@ -617,16 +612,6 @@ SECTIONS
Image$$TFM_SP_AUDIT_LOG_DATA$$ZI$$Base = ADDR(.TFM_SP_AUDIT_LOG_BSS);
Image$$TFM_SP_AUDIT_LOG_DATA$$ZI$$Limit = ADDR(.TFM_SP_AUDIT_LOG_BSS) + SIZEOF(.TFM_SP_AUDIT_LOG_BSS);
-#if defined (TFM_PSA_API) || (TFM_LVL != 1)
- .TFM_SP_AUDIT_LOG_STACK : ALIGN(128)
- {
-#if !defined(TFM_PSA_API)
- . += 0x0200;
-#endif
- } > RAM
- Image$$TFM_SP_AUDIT_LOG_STACK$$ZI$$Base = ADDR(.TFM_SP_AUDIT_LOG_STACK);
- Image$$TFM_SP_AUDIT_LOG_STACK$$ZI$$Limit = ADDR(.TFM_SP_AUDIT_LOG_STACK) + SIZEOF(.TFM_SP_AUDIT_LOG_STACK);
-#endif
#endif /* TFM_PARTITION_AUDIT_LOG */
@@ -651,7 +636,7 @@ SECTIONS
Image$$TFM_SP_CRYPTO_DATA$$ZI$$Base = ADDR(.TFM_SP_CRYPTO_BSS);
Image$$TFM_SP_CRYPTO_DATA$$ZI$$Limit = ADDR(.TFM_SP_CRYPTO_BSS) + SIZEOF(.TFM_SP_CRYPTO_BSS);
-#if defined (TFM_PSA_API) || (TFM_LVL != 1)
+#if defined (TFM_PSA_API)
.TFM_SP_CRYPTO_STACK : ALIGN(128)
{
. += 0x2000;
@@ -683,16 +668,6 @@ SECTIONS
Image$$TFM_SP_PLATFORM_DATA$$ZI$$Base = ADDR(.TFM_SP_PLATFORM_BSS);
Image$$TFM_SP_PLATFORM_DATA$$ZI$$Limit = ADDR(.TFM_SP_PLATFORM_BSS) + SIZEOF(.TFM_SP_PLATFORM_BSS);
-#if defined (TFM_PSA_API) || (TFM_LVL != 1)
- .TFM_SP_PLATFORM_STACK : ALIGN(128)
- {
-#if !defined(TFM_PSA_API)
- . += 0x0400;
-#endif
- } > RAM
- Image$$TFM_SP_PLATFORM_STACK$$ZI$$Base = ADDR(.TFM_SP_PLATFORM_STACK);
- Image$$TFM_SP_PLATFORM_STACK$$ZI$$Limit = ADDR(.TFM_SP_PLATFORM_STACK) + SIZEOF(.TFM_SP_PLATFORM_STACK);
-#endif
#endif /* TFM_PARTITION_PLATFORM */
@@ -717,7 +692,7 @@ SECTIONS
Image$$TFM_SP_INITIAL_ATTESTATION_DATA$$ZI$$Base = ADDR(.TFM_SP_INITIAL_ATTESTATION_BSS);
Image$$TFM_SP_INITIAL_ATTESTATION_DATA$$ZI$$Limit = ADDR(.TFM_SP_INITIAL_ATTESTATION_BSS) + SIZEOF(.TFM_SP_INITIAL_ATTESTATION_BSS);
-#if defined (TFM_PSA_API) || (TFM_LVL != 1)
+#if defined (TFM_PSA_API)
.TFM_SP_INITIAL_ATTESTATION_STACK : ALIGN(128)
{
. += 0x0A00;
@@ -773,7 +748,7 @@ SECTIONS
Image$$TFM_SP_SECURE_TEST_PARTITION_DATA$$ZI$$Base = ADDR(.TFM_SP_SECURE_TEST_PARTITION_BSS);
Image$$TFM_SP_SECURE_TEST_PARTITION_DATA$$ZI$$Limit = ADDR(.TFM_SP_SECURE_TEST_PARTITION_BSS) + SIZEOF(.TFM_SP_SECURE_TEST_PARTITION_BSS);
-#if defined (TFM_PSA_API) || (TFM_LVL != 1)
+#if defined (TFM_PSA_API)
.TFM_SP_SECURE_TEST_PARTITION_STACK : ALIGN(128)
{
. += 0x0C00;
@@ -806,7 +781,7 @@ SECTIONS
Image$$TFM_SP_IPC_SERVICE_TEST_DATA$$ZI$$Base = ADDR(.TFM_SP_IPC_SERVICE_TEST_BSS);
Image$$TFM_SP_IPC_SERVICE_TEST_DATA$$ZI$$Limit = ADDR(.TFM_SP_IPC_SERVICE_TEST_BSS) + SIZEOF(.TFM_SP_IPC_SERVICE_TEST_BSS);
-#if defined (TFM_PSA_API) || (TFM_LVL != 1)
+#if defined (TFM_PSA_API)
.TFM_SP_IPC_SERVICE_TEST_STACK : ALIGN(128)
{
. += 0x0200;
@@ -845,7 +820,7 @@ SECTIONS
Image$$TFM_SP_CORE_TEST_DATA$$ZI$$Base = ADDR(.TFM_SP_CORE_TEST_BSS);
Image$$TFM_SP_CORE_TEST_DATA$$ZI$$Limit = ADDR(.TFM_SP_CORE_TEST_BSS) + SIZEOF(.TFM_SP_CORE_TEST_BSS);
-#if defined (TFM_PSA_API) || (TFM_LVL != 1)
+#if defined (TFM_PSA_API)
.TFM_SP_CORE_TEST_STACK : ALIGN(128)
{
. += 0x0300;
@@ -878,7 +853,7 @@ SECTIONS
Image$$TFM_SP_CORE_TEST_2_DATA$$ZI$$Base = ADDR(.TFM_SP_CORE_TEST_2_BSS);
Image$$TFM_SP_CORE_TEST_2_DATA$$ZI$$Limit = ADDR(.TFM_SP_CORE_TEST_2_BSS) + SIZEOF(.TFM_SP_CORE_TEST_2_BSS);
-#if defined (TFM_PSA_API) || (TFM_LVL != 1)
+#if defined (TFM_PSA_API)
.TFM_SP_CORE_TEST_2_STACK : ALIGN(128)
{
. += 0x0200;
@@ -911,7 +886,7 @@ SECTIONS
Image$$TFM_SP_IPC_CLIENT_TEST_DATA$$ZI$$Base = ADDR(.TFM_SP_IPC_CLIENT_TEST_BSS);
Image$$TFM_SP_IPC_CLIENT_TEST_DATA$$ZI$$Limit = ADDR(.TFM_SP_IPC_CLIENT_TEST_BSS) + SIZEOF(.TFM_SP_IPC_CLIENT_TEST_BSS);
-#if defined (TFM_PSA_API) || (TFM_LVL != 1)
+#if defined (TFM_PSA_API)
.TFM_SP_IPC_CLIENT_TEST_STACK : ALIGN(128)
{
. += 0x0200;
@@ -947,7 +922,7 @@ SECTIONS
Image$$TFM_IRQ_TEST_1_DATA$$ZI$$Base = ADDR(.TFM_IRQ_TEST_1_BSS);
Image$$TFM_IRQ_TEST_1_DATA$$ZI$$Limit = ADDR(.TFM_IRQ_TEST_1_BSS) + SIZEOF(.TFM_IRQ_TEST_1_BSS);
-#if defined (TFM_PSA_API) || (TFM_LVL != 1)
+#if defined (TFM_PSA_API)
.TFM_IRQ_TEST_1_STACK : ALIGN(128)
{
. += 0x0400;
diff --git a/platform/ext/common/gcc/tfm_common_s.ld.template b/platform/ext/common/gcc/tfm_common_s.ld.template
index 229aeff3a5..5ec72778d1 100644
--- a/platform/ext/common/gcc/tfm_common_s.ld.template
+++ b/platform/ext/common/gcc/tfm_common_s.ld.template
@@ -89,13 +89,8 @@ SECTIONS
LONG (ADDR(.TFM_BSS))
LONG (SIZEOF(.TFM_BSS))
#if !defined(TFM_PSA_API)
-#if TFM_LVL == 1
LONG (ADDR(.TFM_SECURE_STACK))
LONG (SIZEOF(.TFM_SECURE_STACK))
-#else /* TFM_LVL == 1 */
- LONG (ADDR(.TFM_UNPRIV_BSS))
- LONG (SIZEOF(.TFM_UNPRIV_BSS))
-#endif /* TFM_LVL == 1 */
#endif /* !defined(TFM_PSA_API) */
{% for manifest in manifests %}
{% if manifest.attr.conditional %}
@@ -103,7 +98,7 @@ SECTIONS
{% endif %}
LONG (ADDR(.{{manifest.manifest.name}}_BSS))
LONG (SIZEOF(.{{manifest.manifest.name}}_BSS))
-#if defined(TFM_PSA_API) || (TFM_LVL != 1)
+#if defined(TFM_PSA_API)
LONG (ADDR(.{{manifest.manifest.name}}_STACK))
LONG (SIZEOF(.{{manifest.manifest.name}}_STACK))
#endif
@@ -402,7 +397,7 @@ SECTIONS
Image$${{manifest.manifest.name}}_DATA$$ZI$$Limit = ADDR(.{{manifest.manifest.name}}_BSS) + SIZEOF(.{{manifest.manifest.name}}_BSS);
{% if manifest.attr.tfm_partition_ipc %}
-#if defined (TFM_PSA_API) || (TFM_LVL != 1)
+#if defined (TFM_PSA_API)
.{{manifest.manifest.name}}_STACK : ALIGN(128)
{
. += {{manifest.manifest.stack_size}};
@@ -410,18 +405,6 @@ SECTIONS
Image$${{manifest.manifest.name}}_STACK$$ZI$$Base = ADDR(.{{manifest.manifest.name}}_STACK);
Image$${{manifest.manifest.name}}_STACK$$ZI$$Limit = ADDR(.{{manifest.manifest.name}}_STACK) + SIZEOF(.{{manifest.manifest.name}}_STACK);
#endif
- {% else %}
-#if defined (TFM_PSA_API) || (TFM_LVL != 1)
- .{{manifest.manifest.name}}_STACK : ALIGN(128)
- {
- {# Note: Don't allocate stack for partition when using TFM_PSA_API if tfm_partition_ipc is false #}
-#if !defined(TFM_PSA_API)
- . += {{manifest.manifest.stack_size}};
-#endif
- } > RAM
- Image$${{manifest.manifest.name}}_STACK$$ZI$$Base = ADDR(.{{manifest.manifest.name}}_STACK);
- Image$${{manifest.manifest.name}}_STACK$$ZI$$Limit = ADDR(.{{manifest.manifest.name}}_STACK) + SIZEOF(.{{manifest.manifest.name}}_STACK);
-#endif
{% endif %}
{% if manifest.attr.conditional %}
@@ -482,22 +465,10 @@ SECTIONS
Image$${{manifest.manifest.name}}_DATA$$ZI$$Limit = ADDR(.{{manifest.manifest.name}}_BSS) + SIZEOF(.{{manifest.manifest.name}}_BSS);
{% if manifest.attr.tfm_partition_ipc %}
-#if defined (TFM_PSA_API) || (TFM_LVL != 1)
- .{{manifest.manifest.name}}_STACK : ALIGN(128)
- {
- . += {{manifest.manifest.stack_size}};
- } > RAM
- Image$${{manifest.manifest.name}}_STACK$$ZI$$Base = ADDR(.{{manifest.manifest.name}}_STACK);
- Image$${{manifest.manifest.name}}_STACK$$ZI$$Limit = ADDR(.{{manifest.manifest.name}}_STACK) + SIZEOF(.{{manifest.manifest.name}}_STACK);
-#endif
- {% else %}
-#if defined (TFM_PSA_API) || (TFM_LVL != 1)
+#if defined (TFM_PSA_API)
.{{manifest.manifest.name}}_STACK : ALIGN(128)
{
- {# Note: Don't allocate stack for partition when using TFM_PSA_API if tfm_partition_ipc is false #}
-#if !defined(TFM_PSA_API)
. += {{manifest.manifest.stack_size}};
-#endif
} > RAM
Image$${{manifest.manifest.name}}_STACK$$ZI$$Base = ADDR(.{{manifest.manifest.name}}_STACK);
Image$${{manifest.manifest.name}}_STACK$$ZI$$Limit = ADDR(.{{manifest.manifest.name}}_STACK) + SIZEOF(.{{manifest.manifest.name}}_STACK);
diff --git a/platform/ext/target/mps2/an519/spm_hal.c b/platform/ext/target/mps2/an519/spm_hal.c
index 7233b1a794..aee35004b1 100644
--- a/platform/ext/target/mps2/an519/spm_hal.c
+++ b/platform/ext/target/mps2/an519/spm_hal.c
@@ -54,33 +54,22 @@ void tfm_spm_hal_configure_default_isolation(
#define MPU_REGION_VENEERS 0
#define MPU_REGION_TFM_UNPRIV_CODE 1
#define MPU_REGION_TFM_UNPRIV_DATA 2
+#define MPU_REGION_NS_STACK 3
#define PARTITION_REGION_RO 4
#define PARTITION_REGION_RW_STACK 5
#define PARTITION_REGION_PERIPH 6
#define PARTITION_REGION_SHARE 7
-#if TFM_LVL == 2
-#define MPU_REGION_NS_STACK 3
-#elif TFM_LVL == 3
-#define MPU_REGION_NS_DATA 3
-#endif
-
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE, $$RO$$Base);
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE, $$RO$$Limit);
REGION_DECLARE(Image$$, TFM_UNPRIV_DATA, $$RW$$Base);
REGION_DECLARE(Image$$, TFM_UNPRIV_DATA, $$ZI$$Limit);
-#ifndef TFM_PSA_API
-REGION_DECLARE(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Base);
-REGION_DECLARE(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Limit);
-#endif
-#if TFM_LVL == 2
REGION_DECLARE(Image$$, TFM_APP_CODE_START, $$Base);
REGION_DECLARE(Image$$, TFM_APP_CODE_END, $$Base);
REGION_DECLARE(Image$$, TFM_APP_RW_STACK_START, $$Base);
REGION_DECLARE(Image$$, TFM_APP_RW_STACK_END, $$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Limit);
-#endif
static enum spm_err_t tfm_spm_mpu_init(void)
{
@@ -128,21 +117,6 @@ static enum spm_err_t tfm_spm_mpu_init(void)
return SPM_ERR_INVALID_CONFIG;
}
-#if TFM_LVL == 3
- /* TFM Core unprivileged non-secure data region */
- region_cfg.region_nr = MPU_REGION_NS_DATA;
- region_cfg.region_base = NS_DATA_START;
- region_cfg.region_limit = NS_DATA_LIMIT;
- region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
- region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
- region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
- if (mpu_armv8m_region_enable(&dev_mpu_s, &region_cfg) != MPU_ARMV8M_OK) {
- return SPM_ERR_INVALID_CONFIG;
- }
-#endif
-
-#if TFM_LVL == 2
/* NSPM PSP */
region_cfg.region_nr = MPU_REGION_NS_STACK;
region_cfg.region_base =
@@ -184,159 +158,12 @@ static enum spm_err_t tfm_spm_mpu_init(void)
if (mpu_armv8m_region_enable(&dev_mpu_s, &region_cfg) != MPU_ARMV8M_OK) {
return SPM_ERR_INVALID_CONFIG;
}
-#endif
mpu_armv8m_enable(&dev_mpu_s, PRIVILEGED_DEFAULT_ENABLE,
HARDFAULT_NMI_ENABLE);
return SPM_ERR_OK;
}
-
-enum spm_err_t tfm_spm_hal_partition_sandbox_config(
- const struct tfm_spm_partition_memory_data_t *memory_data,
- const struct tfm_spm_partition_platform_data_t *platform_data)
-{
- /* This function takes a partition id and enables the
- * SPM partition for that partition
- */
-
- struct mpu_armv8m_region_cfg_t region_cfg;
-
- mpu_armv8m_disable(&dev_mpu_s);
-
- /* Configure Regions */
- if (memory_data->ro_start) {
- /* RO region */
- region_cfg.region_nr = PARTITION_REGION_RO;
- region_cfg.region_base = memory_data->ro_start;
- region_cfg.region_limit = memory_data->ro_limit;
- region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_CODE_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RO_PRIV_UNPRIV;
- region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
- region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_OK;
-
- if (mpu_armv8m_region_enable(&dev_mpu_s, &region_cfg)
- != MPU_ARMV8M_OK) {
- return SPM_ERR_INVALID_CONFIG;
- }
- }
-
- /* RW, ZI and stack as one region */
- region_cfg.region_nr = PARTITION_REGION_RW_STACK;
- region_cfg.region_base = memory_data->rw_start;
- region_cfg.region_limit = memory_data->stack_top;
- region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
- region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
- region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
-
- if (mpu_armv8m_region_enable(&dev_mpu_s, &region_cfg) != MPU_ARMV8M_OK) {
- return SPM_ERR_INVALID_CONFIG;
- }
-
- if (platform_data) {
- /* Peripheral */
- region_cfg.region_nr = PARTITION_REGION_PERIPH;
- region_cfg.region_base = platform_data->periph_start;
- region_cfg.region_limit = platform_data->periph_limit;
- region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DEVICE_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
- region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
- region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
- if (mpu_armv8m_region_enable(&dev_mpu_s, &region_cfg)
- != MPU_ARMV8M_OK) {
- return SPM_ERR_INVALID_CONFIG;
- }
-
- ppc_en_secure_unpriv(platform_data->periph_ppc_bank,
- platform_data->periph_ppc_loc);
- }
-
- mpu_armv8m_enable(&dev_mpu_s, PRIVILEGED_DEFAULT_ENABLE,
- HARDFAULT_NMI_ENABLE);
-
- return SPM_ERR_OK;
-}
-
-enum spm_err_t tfm_spm_hal_partition_sandbox_deconfig(
- const struct tfm_spm_partition_memory_data_t *memory_data,
- const struct tfm_spm_partition_platform_data_t *platform_data)
-{
- /* This function takes a partition id and disables the
- * SPM partition for that partition
- */
-
- if (platform_data) {
- /* Peripheral */
- ppc_clr_secure_unpriv(platform_data->periph_ppc_bank,
- platform_data->periph_ppc_loc);
- }
-
- mpu_armv8m_disable(&dev_mpu_s);
- mpu_armv8m_region_disable(&dev_mpu_s, PARTITION_REGION_RO);
- mpu_armv8m_region_disable(&dev_mpu_s, PARTITION_REGION_RW_STACK);
- mpu_armv8m_region_disable(&dev_mpu_s, PARTITION_REGION_PERIPH);
- mpu_armv8m_region_disable(&dev_mpu_s, PARTITION_REGION_SHARE);
- mpu_armv8m_enable(&dev_mpu_s, PRIVILEGED_DEFAULT_ENABLE,
- HARDFAULT_NMI_ENABLE);
-
- return SPM_ERR_OK;
-}
-
-#if !defined(TFM_PSA_API)
-/**
- * Set share region to which the partition needs access
- */
-enum spm_err_t tfm_spm_hal_set_share_region(uint32_t share)
-{
- struct mpu_armv8m_region_cfg_t region_cfg;
- enum spm_err_t res = SPM_ERR_INVALID_CONFIG;
- uint32_t scratch_base =
- (uint32_t)&REGION_NAME(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Base);
- uint32_t scratch_limit =
- (uint32_t)&REGION_NAME(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Limit);
-
- mpu_armv8m_disable(&dev_mpu_s);
-
- if (share == TFM_BUFFER_SHARE_DISABLE) {
- mpu_armv8m_region_disable(&dev_mpu_s, PARTITION_REGION_SHARE);
- } else {
-
- region_cfg.region_nr = PARTITION_REGION_SHARE;
- region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
- region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
- region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
- switch (share) {
- case TFM_BUFFER_SHARE_SCRATCH:
- /* Use scratch area for SP-to-SP data sharing */
- region_cfg.region_base = scratch_base;
- region_cfg.region_limit = scratch_limit;
- res = SPM_ERR_OK;
- break;
- case TFM_BUFFER_SHARE_NS_CODE:
- region_cfg.region_base = memory_regions.non_secure_partition_base;
- region_cfg.region_limit = memory_regions.non_secure_partition_limit;
- /* Only allow read access to NS code region and keep
- * exec.never attribute
- */
- region_cfg.attr_access = MPU_ARMV8M_AP_RO_PRIV_UNPRIV;
- res = SPM_ERR_OK;
- break;
- default:
- /* Leave res to be set to SPM_ERR_INVALID_CONFIG */
- break;
- }
- if (res == SPM_ERR_OK) {
- mpu_armv8m_region_enable(&dev_mpu_s, &region_cfg);
- }
- }
- mpu_armv8m_enable(&dev_mpu_s, PRIVILEGED_DEFAULT_ENABLE,
- HARDFAULT_NMI_ENABLE);
-
- return res;
-}
-#endif /* !defined(TFM_PSA_API) */
#endif /* TFM_LVL != 1 */
enum tfm_plat_err_t tfm_spm_hal_setup_isolation_hw(void)
diff --git a/platform/ext/target/mps2/an521/spm_hal.c b/platform/ext/target/mps2/an521/spm_hal.c
index 3cca2ee365..0c9cbd19a2 100644
--- a/platform/ext/target/mps2/an521/spm_hal.c
+++ b/platform/ext/target/mps2/an521/spm_hal.c
@@ -54,33 +54,22 @@ void tfm_spm_hal_configure_default_isolation(
#define MPU_REGION_VENEERS 0
#define MPU_REGION_TFM_UNPRIV_CODE 1
#define MPU_REGION_TFM_UNPRIV_DATA 2
+#define MPU_REGION_NS_STACK 3
#define PARTITION_REGION_RO 4
#define PARTITION_REGION_RW_STACK 5
#define PARTITION_REGION_PERIPH 6
#define PARTITION_REGION_SHARE 7
-#if TFM_LVL == 2
-#define MPU_REGION_NS_STACK 3
-#elif TFM_LVL == 3
-#define MPU_REGION_NS_DATA 3
-#endif
-
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE, $$RO$$Base);
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE, $$RO$$Limit);
REGION_DECLARE(Image$$, TFM_UNPRIV_DATA, $$RW$$Base);
REGION_DECLARE(Image$$, TFM_UNPRIV_DATA, $$ZI$$Limit);
-#ifndef TFM_PSA_API
-REGION_DECLARE(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Base);
-REGION_DECLARE(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Limit);
-#endif
-#if TFM_LVL == 2
REGION_DECLARE(Image$$, TFM_APP_CODE_START, $$Base);
REGION_DECLARE(Image$$, TFM_APP_CODE_END, $$Base);
REGION_DECLARE(Image$$, TFM_APP_RW_STACK_START, $$Base);
REGION_DECLARE(Image$$, TFM_APP_RW_STACK_END, $$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Limit);
-#endif
static enum spm_err_t tfm_spm_mpu_init(void)
{
@@ -128,21 +117,6 @@ static enum spm_err_t tfm_spm_mpu_init(void)
return SPM_ERR_INVALID_CONFIG;
}
-#if TFM_LVL == 3
- /* TFM Core unprivileged non-secure data region */
- region_cfg.region_nr = MPU_REGION_NS_DATA;
- region_cfg.region_base = NS_DATA_START;
- region_cfg.region_limit = NS_DATA_LIMIT;
- region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
- region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
- region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
- if (mpu_armv8m_region_enable(&dev_mpu_s, &region_cfg) != MPU_ARMV8M_OK) {
- return SPM_ERR_INVALID_CONFIG;
- }
-#endif
-
-#if TFM_LVL == 2
/* NSPM PSP */
region_cfg.region_nr = MPU_REGION_NS_STACK;
region_cfg.region_base =
@@ -184,159 +158,12 @@ static enum spm_err_t tfm_spm_mpu_init(void)
if (mpu_armv8m_region_enable(&dev_mpu_s, &region_cfg) != MPU_ARMV8M_OK) {
return SPM_ERR_INVALID_CONFIG;
}
-#endif
mpu_armv8m_enable(&dev_mpu_s, PRIVILEGED_DEFAULT_ENABLE,
HARDFAULT_NMI_ENABLE);
return SPM_ERR_OK;
}
-
-enum spm_err_t tfm_spm_hal_partition_sandbox_config(
- const struct tfm_spm_partition_memory_data_t *memory_data,
- const struct tfm_spm_partition_platform_data_t *platform_data)
-{
- /* This function takes a partition id and enables the
- * SPM partition for that partition
- */
-
- struct mpu_armv8m_region_cfg_t region_cfg;
-
- mpu_armv8m_disable(&dev_mpu_s);
-
- /* Configure Regions */
- if (memory_data->ro_start) {
- /* RO region */
- region_cfg.region_nr = PARTITION_REGION_RO;
- region_cfg.region_base = memory_data->ro_start;
- region_cfg.region_limit = memory_data->ro_limit;
- region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_CODE_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RO_PRIV_UNPRIV;
- region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
- region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_OK;
-
- if (mpu_armv8m_region_enable(&dev_mpu_s, &region_cfg)
- != MPU_ARMV8M_OK) {
- return SPM_ERR_INVALID_CONFIG;
- }
- }
-
- /* RW, ZI and stack as one region */
- region_cfg.region_nr = PARTITION_REGION_RW_STACK;
- region_cfg.region_base = memory_data->rw_start;
- region_cfg.region_limit = memory_data->stack_top;
- region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
- region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
- region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
-
- if (mpu_armv8m_region_enable(&dev_mpu_s, &region_cfg) != MPU_ARMV8M_OK) {
- return SPM_ERR_INVALID_CONFIG;
- }
-
- if (platform_data) {
- /* Peripheral */
- region_cfg.region_nr = PARTITION_REGION_PERIPH;
- region_cfg.region_base = platform_data->periph_start;
- region_cfg.region_limit = platform_data->periph_limit;
- region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DEVICE_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
- region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
- region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
- if (mpu_armv8m_region_enable(&dev_mpu_s, &region_cfg)
- != MPU_ARMV8M_OK) {
- return SPM_ERR_INVALID_CONFIG;
- }
-
- ppc_en_secure_unpriv(platform_data->periph_ppc_bank,
- platform_data->periph_ppc_loc);
- }
-
- mpu_armv8m_enable(&dev_mpu_s, PRIVILEGED_DEFAULT_ENABLE,
- HARDFAULT_NMI_ENABLE);
-
- return SPM_ERR_OK;
-}
-
-enum spm_err_t tfm_spm_hal_partition_sandbox_deconfig(
- const struct tfm_spm_partition_memory_data_t *memory_data,
- const struct tfm_spm_partition_platform_data_t *platform_data)
-{
- /* This function takes a partition id and disables the
- * SPM partition for that partition
- */
-
- if (platform_data) {
- /* Peripheral */
- ppc_clr_secure_unpriv(platform_data->periph_ppc_bank,
- platform_data->periph_ppc_loc);
- }
-
- mpu_armv8m_disable(&dev_mpu_s);
- mpu_armv8m_region_disable(&dev_mpu_s, PARTITION_REGION_RO);
- mpu_armv8m_region_disable(&dev_mpu_s, PARTITION_REGION_RW_STACK);
- mpu_armv8m_region_disable(&dev_mpu_s, PARTITION_REGION_PERIPH);
- mpu_armv8m_region_disable(&dev_mpu_s, PARTITION_REGION_SHARE);
- mpu_armv8m_enable(&dev_mpu_s, PRIVILEGED_DEFAULT_ENABLE,
- HARDFAULT_NMI_ENABLE);
-
- return SPM_ERR_OK;
-}
-
-#if !defined(TFM_PSA_API)
-/**
- * Set share region to which the partition needs access
- */
-enum spm_err_t tfm_spm_hal_set_share_region(uint32_t share)
-{
- struct mpu_armv8m_region_cfg_t region_cfg;
- enum spm_err_t res = SPM_ERR_INVALID_CONFIG;
- uint32_t scratch_base =
- (uint32_t)&REGION_NAME(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Base);
- uint32_t scratch_limit =
- (uint32_t)&REGION_NAME(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Limit);
-
- mpu_armv8m_disable(&dev_mpu_s);
-
- if (share == TFM_BUFFER_SHARE_DISABLE) {
- mpu_armv8m_region_disable(&dev_mpu_s, PARTITION_REGION_SHARE);
- } else {
-
- region_cfg.region_nr = PARTITION_REGION_SHARE;
- region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
- region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
- region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
- switch (share) {
- case TFM_BUFFER_SHARE_SCRATCH:
- /* Use scratch area for SP-to-SP data sharing */
- region_cfg.region_base = scratch_base;
- region_cfg.region_limit = scratch_limit;
- res = SPM_ERR_OK;
- break;
- case TFM_BUFFER_SHARE_NS_CODE:
- region_cfg.region_base = memory_regions.non_secure_partition_base;
- region_cfg.region_limit = memory_regions.non_secure_partition_limit;
- /* Only allow read access to NS code region and keep
- * exec.never attribute
- */
- region_cfg.attr_access = MPU_ARMV8M_AP_RO_PRIV_UNPRIV;
- res = SPM_ERR_OK;
- break;
- default:
- /* Leave res to be set to SPM_ERR_INVALID_CONFIG */
- break;
- }
- if (res == SPM_ERR_OK) {
- mpu_armv8m_region_enable(&dev_mpu_s, &region_cfg);
- }
- }
- mpu_armv8m_enable(&dev_mpu_s, PRIVILEGED_DEFAULT_ENABLE,
- HARDFAULT_NMI_ENABLE);
-
- return res;
-}
-#endif /* !defined(TFM_PSA_API) */
#endif /* TFM_LVL != 1 */
enum tfm_plat_err_t tfm_spm_hal_setup_isolation_hw(void)
diff --git a/platform/ext/target/mps3/an524/spm_hal.c b/platform/ext/target/mps3/an524/spm_hal.c
index 506a4a8704..2a1885d83c 100644
--- a/platform/ext/target/mps3/an524/spm_hal.c
+++ b/platform/ext/target/mps3/an524/spm_hal.c
@@ -64,33 +64,22 @@ void tfm_spm_hal_configure_default_isolation(
#define MPU_REGION_VENEERS 0
#define MPU_REGION_TFM_UNPRIV_CODE 1
#define MPU_REGION_TFM_UNPRIV_DATA 2
+#define MPU_REGION_NS_STACK 3
#define PARTITION_REGION_RO 4
#define PARTITION_REGION_RW_STACK 5
#define PARTITION_REGION_PERIPH 6
#define PARTITION_REGION_SHARE 7
-#if TFM_LVL == 2
-#define MPU_REGION_NS_STACK 3
-#elif TFM_LVL == 3
-#define MPU_REGION_NS_DATA 3
-#endif
-
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE, $$RO$$Base);
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE, $$RO$$Limit);
REGION_DECLARE(Image$$, TFM_UNPRIV_DATA, $$RW$$Base);
REGION_DECLARE(Image$$, TFM_UNPRIV_DATA, $$ZI$$Limit);
-#ifndef TFM_PSA_API
-REGION_DECLARE(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Base);
-REGION_DECLARE(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Limit);
-#endif
-#if TFM_LVL == 2
REGION_DECLARE(Image$$, TFM_APP_CODE_START, $$Base);
REGION_DECLARE(Image$$, TFM_APP_CODE_END, $$Base);
REGION_DECLARE(Image$$, TFM_APP_RW_STACK_START, $$Base);
REGION_DECLARE(Image$$, TFM_APP_RW_STACK_END, $$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Limit);
-#endif
static enum spm_err_t tfm_spm_mpu_init(void)
{
@@ -138,21 +127,6 @@ static enum spm_err_t tfm_spm_mpu_init(void)
return SPM_ERR_INVALID_CONFIG;
}
-#if TFM_LVL == 3
- /* TFM Core unprivileged non-secure data region */
- region_cfg.region_nr = MPU_REGION_NS_DATA;
- region_cfg.region_base = NS_DATA_START;
- region_cfg.region_limit = NS_DATA_LIMIT;
- region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
- region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
- region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
- if (mpu_region_enable(&region_cfg) != MPU_ARMV8M_OK) {
- return SPM_ERR_INVALID_CONFIG;
- }
-#endif
-
-#if TFM_LVL == 2
/* NSPM PSP */
region_cfg.region_nr = MPU_REGION_NS_STACK;
region_cfg.region_base =
@@ -194,151 +168,11 @@ static enum spm_err_t tfm_spm_mpu_init(void)
if (mpu_region_enable(&region_cfg) != MPU_ARMV8M_OK) {
return SPM_ERR_INVALID_CONFIG;
}
-#endif
-
- mpu_enable(PRIVILEGED_DEFAULT_ENABLE, HARDFAULT_NMI_ENABLE);
-
- return SPM_ERR_OK;
-}
-
-enum spm_err_t tfm_spm_hal_partition_sandbox_config(
- const struct tfm_spm_partition_memory_data_t *memory_data,
- const struct tfm_spm_partition_platform_data_t *platform_data)
-{
- /* This function takes a partition id and enables the
- * SPM partition for that partition
- */
-
- struct mpu_armv8m_region_cfg_t region_cfg;
-
- mpu_disable();
-
- /* Configure Regions */
- if (memory_data->ro_start) {
- /* RO region */
- region_cfg.region_nr = PARTITION_REGION_RO;
- region_cfg.region_base = memory_data->ro_start;
- region_cfg.region_limit = memory_data->ro_limit;
- region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_CODE_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RO_PRIV_UNPRIV;
- region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
- region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_OK;
-
- if (mpu_region_enable(&region_cfg) != MPU_ARMV8M_OK) {
- return SPM_ERR_INVALID_CONFIG;
- }
- }
-
- /* RW, ZI and stack as one region */
- region_cfg.region_nr = PARTITION_REGION_RW_STACK;
- region_cfg.region_base = memory_data->rw_start;
- region_cfg.region_limit = memory_data->stack_top;
- region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
- region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
- region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
-
- if (mpu_region_enable(&region_cfg) != MPU_ARMV8M_OK) {
- return SPM_ERR_INVALID_CONFIG;
- }
-
- if (platform_data) {
- /* Peripheral */
- region_cfg.region_nr = PARTITION_REGION_PERIPH;
- region_cfg.region_base = platform_data->periph_start;
- region_cfg.region_limit = platform_data->periph_limit;
- region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DEVICE_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
- region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
- region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
- if (mpu_region_enable(&region_cfg) != MPU_ARMV8M_OK) {
- return SPM_ERR_INVALID_CONFIG;
- }
-
- ppc_en_secure_unpriv(platform_data->periph_ppc_bank,
- platform_data->periph_ppc_loc);
- }
mpu_enable(PRIVILEGED_DEFAULT_ENABLE, HARDFAULT_NMI_ENABLE);
return SPM_ERR_OK;
}
-
-enum spm_err_t tfm_spm_hal_partition_sandbox_deconfig(
- const struct tfm_spm_partition_memory_data_t *memory_data,
- const struct tfm_spm_partition_platform_data_t *platform_data)
-{
- /* This function takes a partition id and disables the
- * SPM partition for that partition
- */
-
- if (platform_data) {
- /* Peripheral */
- ppc_configure_to_secure_priv(platform_data->periph_ppc_bank,
- platform_data->periph_ppc_loc);
- }
-
- mpu_disable();
- mpu_region_disable(PARTITION_REGION_RO);
- mpu_region_disable(PARTITION_REGION_RW_STACK);
- mpu_region_disable(PARTITION_REGION_PERIPH);
- mpu_region_disable(PARTITION_REGION_SHARE);
- mpu_enable(PRIVILEGED_DEFAULT_ENABLE, HARDFAULT_NMI_ENABLE);
-
- return SPM_ERR_OK;
-}
-
-#if !defined(TFM_PSA_API)
-/* Set share region to which the partition needs access */
-enum spm_err_t tfm_spm_hal_set_share_region(
- enum tfm_buffer_share_region_e share)
-{
- struct mpu_armv8m_region_cfg_t region_cfg;
- enum spm_err_t res = SPM_ERR_INVALID_CONFIG;
- uint32_t scratch_base =
- (uint32_t)&REGION_NAME(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Base);
- uint32_t scratch_limit =
- (uint32_t)&REGION_NAME(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Limit);
-
- mpu_disable();
-
- if (share == TFM_BUFFER_SHARE_DISABLE) {
- mpu_region_disable(PARTITION_REGION_SHARE);
- } else {
- region_cfg.region_nr = PARTITION_REGION_SHARE;
- region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
- region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
- region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
- switch (share) {
- case TFM_BUFFER_SHARE_SCRATCH:
- /* Use scratch area for SP-to-SP data sharing */
- region_cfg.region_base = scratch_base;
- region_cfg.region_limit = scratch_limit;
- res = SPM_ERR_OK;
- break;
- case TFM_BUFFER_SHARE_NS_CODE:
- region_cfg.region_base = memory_regions.non_secure_partition_base;
- region_cfg.region_limit = memory_regions.non_secure_partition_limit;
- /* Only allow read access to NS code region and keep
- * exec.never attribute
- */
- region_cfg.attr_access = MPU_ARMV8M_AP_RO_PRIV_UNPRIV;
- res = SPM_ERR_OK;
- break;
- default:
- /* Leave res to be set to SPM_ERR_INVALID_CONFIG */
- break;
- }
- if (res == SPM_ERR_OK) {
- mpu_region_enable(&region_cfg);
- }
- }
- mpu_enable(PRIVILEGED_DEFAULT_ENABLE, HARDFAULT_NMI_ENABLE);
-
- return res;
-}
-#endif /* !defined(TFM_PSA_API) */
#endif /* TFM_LVL != 1 */
enum tfm_plat_err_t tfm_spm_hal_setup_isolation_hw(void)
diff --git a/platform/ext/target/musca_a/spm_hal.c b/platform/ext/target/musca_a/spm_hal.c
index 02232b4e55..f576fd8d7e 100644
--- a/platform/ext/target/musca_a/spm_hal.c
+++ b/platform/ext/target/musca_a/spm_hal.c
@@ -54,33 +54,22 @@ void tfm_spm_hal_configure_default_isolation(
#define MPU_REGION_VENEERS 0
#define MPU_REGION_TFM_UNPRIV_CODE 1
#define MPU_REGION_TFM_UNPRIV_DATA 2
+#define MPU_REGION_NS_STACK 3
#define PARTITION_REGION_RO 4
#define PARTITION_REGION_RW_STACK 5
#define PARTITION_REGION_PERIPH 6
#define PARTITION_REGION_SHARE 7
-#if TFM_LVL == 2
-#define MPU_REGION_NS_STACK 3
-#elif TFM_LVL == 3
-#define MPU_REGION_NS_DATA 3
-#endif
-
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE, $$RO$$Base);
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE, $$RO$$Limit);
REGION_DECLARE(Image$$, TFM_UNPRIV_DATA, $$RW$$Base);
REGION_DECLARE(Image$$, TFM_UNPRIV_DATA, $$ZI$$Limit);
-#ifndef TFM_PSA_API
-REGION_DECLARE(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Base);
-REGION_DECLARE(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Limit);
-#endif
-#if TFM_LVL == 2
REGION_DECLARE(Image$$, TFM_APP_CODE_START, $$Base);
REGION_DECLARE(Image$$, TFM_APP_CODE_END, $$Base);
REGION_DECLARE(Image$$, TFM_APP_RW_STACK_START, $$Base);
REGION_DECLARE(Image$$, TFM_APP_RW_STACK_END, $$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Limit);
-#endif
static enum spm_err_t tfm_spm_mpu_init(void)
{
@@ -128,21 +117,6 @@ static enum spm_err_t tfm_spm_mpu_init(void)
return SPM_ERR_INVALID_CONFIG;
}
-#if TFM_LVL == 3
- /* TFM Core unprivileged non-secure data region */
- region_cfg.region_nr = MPU_REGION_NS_DATA;
- region_cfg.region_base = NS_DATA_START;
- region_cfg.region_limit = NS_DATA_LIMIT;
- region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
- region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
- region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
- if (mpu_armv8m_region_enable(&dev_mpu_s, &region_cfg) != MPU_ARMV8M_OK) {
- return SPM_ERR_INVALID_CONFIG;
- }
-#endif
-
-#if TFM_LVL == 2
/* NSPM PSP */
region_cfg.region_nr = MPU_REGION_NS_STACK;
region_cfg.region_base =
@@ -184,159 +158,12 @@ static enum spm_err_t tfm_spm_mpu_init(void)
if (mpu_armv8m_region_enable(&dev_mpu_s, &region_cfg) != MPU_ARMV8M_OK) {
return SPM_ERR_INVALID_CONFIG;
}
-#endif
mpu_armv8m_enable(&dev_mpu_s, PRIVILEGED_DEFAULT_ENABLE,
HARDFAULT_NMI_ENABLE);
return SPM_ERR_OK;
}
-
-enum spm_err_t tfm_spm_hal_partition_sandbox_config(
- const struct tfm_spm_partition_memory_data_t *memory_data,
- const struct tfm_spm_partition_platform_data_t *platform_data)
-{
- /* This function takes a partition id and enables the
- * SPM partition for that partition
- */
-
- struct mpu_armv8m_region_cfg_t region_cfg;
-
- mpu_armv8m_disable(&dev_mpu_s);
-
- /* Configure Regions */
- if (memory_data->ro_start) {
- /* RO region */
- region_cfg.region_nr = PARTITION_REGION_RO;
- region_cfg.region_base = memory_data->ro_start;
- region_cfg.region_limit = memory_data->ro_limit;
- region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_CODE_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RO_PRIV_UNPRIV;
- region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
- region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_OK;
-
- if (mpu_armv8m_region_enable(&dev_mpu_s, &region_cfg)
- != MPU_ARMV8M_OK) {
- return SPM_ERR_INVALID_CONFIG;
- }
- }
-
- /* RW, ZI and stack as one region */
- region_cfg.region_nr = PARTITION_REGION_RW_STACK;
- region_cfg.region_base = memory_data->rw_start;
- region_cfg.region_limit = memory_data->stack_top;
- region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
- region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
- region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
-
- if (mpu_armv8m_region_enable(&dev_mpu_s, &region_cfg) != MPU_ARMV8M_OK) {
- return SPM_ERR_INVALID_CONFIG;
- }
-
- if (platform_data) {
- /* Peripheral */
- region_cfg.region_nr = PARTITION_REGION_PERIPH;
- region_cfg.region_base = platform_data->periph_start;
- region_cfg.region_limit = platform_data->periph_limit;
- region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DEVICE_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
- region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
- region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
- if (mpu_armv8m_region_enable(&dev_mpu_s, &region_cfg)
- != MPU_ARMV8M_OK) {
- return SPM_ERR_INVALID_CONFIG;
- }
-
- ppc_en_secure_unpriv(platform_data->periph_ppc_bank,
- platform_data->periph_ppc_loc);
- }
-
- mpu_armv8m_enable(&dev_mpu_s, PRIVILEGED_DEFAULT_ENABLE,
- HARDFAULT_NMI_ENABLE);
-
- return SPM_ERR_OK;
-}
-
-enum spm_err_t tfm_spm_hal_partition_sandbox_deconfig(
- const struct tfm_spm_partition_memory_data_t *memory_data,
- const struct tfm_spm_partition_platform_data_t *platform_data)
-{
- /* This function takes a partition id and disables the
- * SPM partition for that partition
- */
-
- if (platform_data) {
- /* Peripheral */
- ppc_clr_secure_unpriv(platform_data->periph_ppc_bank,
- platform_data->periph_ppc_loc);
- }
-
- mpu_armv8m_disable(&dev_mpu_s);
- mpu_armv8m_region_disable(&dev_mpu_s, PARTITION_REGION_RO);
- mpu_armv8m_region_disable(&dev_mpu_s, PARTITION_REGION_RW_STACK);
- mpu_armv8m_region_disable(&dev_mpu_s, PARTITION_REGION_PERIPH);
- mpu_armv8m_region_disable(&dev_mpu_s, PARTITION_REGION_SHARE);
- mpu_armv8m_enable(&dev_mpu_s, PRIVILEGED_DEFAULT_ENABLE,
- HARDFAULT_NMI_ENABLE);
-
- return SPM_ERR_OK;
-}
-
-#if !defined(TFM_PSA_API)
-/**
- * Set share region to which the partition needs access
- */
-enum spm_err_t tfm_spm_hal_set_share_region(uint32_t share)
-{
- struct mpu_armv8m_region_cfg_t region_cfg;
- enum spm_err_t res = SPM_ERR_INVALID_CONFIG;
- uint32_t scratch_base =
- (uint32_t)&REGION_NAME(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Base);
- uint32_t scratch_limit =
- (uint32_t)&REGION_NAME(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Limit);
-
- mpu_armv8m_disable(&dev_mpu_s);
-
- if (share == TFM_BUFFER_SHARE_DISABLE) {
- mpu_armv8m_region_disable(&dev_mpu_s, PARTITION_REGION_SHARE);
- } else {
-
- region_cfg.region_nr = PARTITION_REGION_SHARE;
- region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
- region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
- region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
- switch (share) {
- case TFM_BUFFER_SHARE_SCRATCH:
- /* Use scratch area for SP-to-SP data sharing */
- region_cfg.region_base = scratch_base;
- region_cfg.region_limit = scratch_limit;
- res = SPM_ERR_OK;
- break;
- case TFM_BUFFER_SHARE_NS_CODE:
- region_cfg.region_base = memory_regions.non_secure_partition_base;
- region_cfg.region_limit = memory_regions.non_secure_partition_limit;
- /* Only allow read access to NS code region and keep
- * exec.never attribute
- */
- region_cfg.attr_access = MPU_ARMV8M_AP_RO_PRIV_UNPRIV;
- res = SPM_ERR_OK;
- break;
- default:
- /* Leave res to be set to SPM_ERR_INVALID_CONFIG */
- break;
- }
- if (res == SPM_ERR_OK) {
- mpu_armv8m_region_enable(&dev_mpu_s, &region_cfg);
- }
- }
- mpu_armv8m_enable(&dev_mpu_s, PRIVILEGED_DEFAULT_ENABLE,
- HARDFAULT_NMI_ENABLE);
-
- return res;
-}
-#endif /* !defined(TFM_PSA_API) */
#endif /* TFM_LVL != 1 */
enum tfm_plat_err_t tfm_spm_hal_setup_isolation_hw(void)
diff --git a/platform/ext/target/musca_b1/spm_hal.c b/platform/ext/target/musca_b1/spm_hal.c
index d185b10a65..47b9dc3dc7 100644
--- a/platform/ext/target/musca_b1/spm_hal.c
+++ b/platform/ext/target/musca_b1/spm_hal.c
@@ -57,33 +57,22 @@ void tfm_spm_hal_configure_default_isolation(
#define MPU_REGION_VENEERS 0
#define MPU_REGION_TFM_UNPRIV_CODE 1
#define MPU_REGION_TFM_UNPRIV_DATA 2
+#define MPU_REGION_NS_STACK 3
#define PARTITION_REGION_RO 4
#define PARTITION_REGION_RW_STACK 5
#define PARTITION_REGION_PERIPH 6
#define PARTITION_REGION_SHARE 7
-#if TFM_LVL == 2
-#define MPU_REGION_NS_STACK 3
-#elif TFM_LVL == 3
-#define MPU_REGION_NS_DATA 3
-#endif
-
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE, $$RO$$Base);
REGION_DECLARE(Image$$, TFM_UNPRIV_CODE, $$RO$$Limit);
REGION_DECLARE(Image$$, TFM_UNPRIV_DATA, $$RW$$Base);
REGION_DECLARE(Image$$, TFM_UNPRIV_DATA, $$ZI$$Limit);
-#ifndef TFM_PSA_API
-REGION_DECLARE(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Base);
-REGION_DECLARE(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Limit);
-#endif
-#if TFM_LVL == 2
REGION_DECLARE(Image$$, TFM_APP_CODE_START, $$Base);
REGION_DECLARE(Image$$, TFM_APP_CODE_END, $$Base);
REGION_DECLARE(Image$$, TFM_APP_RW_STACK_START, $$Base);
REGION_DECLARE(Image$$, TFM_APP_RW_STACK_END, $$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Limit);
-#endif
static enum spm_err_t tfm_spm_mpu_init(void)
{
@@ -131,21 +120,6 @@ static enum spm_err_t tfm_spm_mpu_init(void)
return SPM_ERR_INVALID_CONFIG;
}
-#if TFM_LVL == 3
- /* TFM Core unprivileged non-secure data region */
- region_cfg.region_nr = MPU_REGION_NS_DATA;
- region_cfg.region_base = NS_DATA_START;
- region_cfg.region_limit = NS_DATA_LIMIT;
- region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
- region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
- region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
- if (mpu_armv8m_region_enable(&dev_mpu_s, &region_cfg) != MPU_ARMV8M_OK) {
- return SPM_ERR_INVALID_CONFIG;
- }
-#endif
-
-#if TFM_LVL == 2
/* NSPM PSP */
region_cfg.region_nr = MPU_REGION_NS_STACK;
region_cfg.region_base =
@@ -187,159 +161,12 @@ static enum spm_err_t tfm_spm_mpu_init(void)
if (mpu_armv8m_region_enable(&dev_mpu_s, &region_cfg) != MPU_ARMV8M_OK) {
return SPM_ERR_INVALID_CONFIG;
}
-#endif
mpu_armv8m_enable(&dev_mpu_s, PRIVILEGED_DEFAULT_ENABLE,
HARDFAULT_NMI_ENABLE);
return SPM_ERR_OK;
}
-
-enum spm_err_t tfm_spm_hal_partition_sandbox_config(
- const struct tfm_spm_partition_memory_data_t *memory_data,
- const struct tfm_spm_partition_platform_data_t *platform_data)
-{
- /* This function takes a partition id and enables the
- * SPM partition for that partition
- */
-
- struct mpu_armv8m_region_cfg_t region_cfg;
-
- mpu_armv8m_disable(&dev_mpu_s);
-
- /* Configure Regions */
- if (memory_data->ro_start) {
- /* RO region */
- region_cfg.region_nr = PARTITION_REGION_RO;
- region_cfg.region_base = memory_data->ro_start;
- region_cfg.region_limit = memory_data->ro_limit;
- region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_CODE_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RO_PRIV_UNPRIV;
- region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
- region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_OK;
-
- if (mpu_armv8m_region_enable(&dev_mpu_s, &region_cfg)
- != MPU_ARMV8M_OK) {
- return SPM_ERR_INVALID_CONFIG;
- }
- }
-
- /* RW, ZI and stack as one region */
- region_cfg.region_nr = PARTITION_REGION_RW_STACK;
- region_cfg.region_base = memory_data->rw_start;
- region_cfg.region_limit = memory_data->stack_top;
- region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
- region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
- region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
-
- if (mpu_armv8m_region_enable(&dev_mpu_s, &region_cfg) != MPU_ARMV8M_OK) {
- return SPM_ERR_INVALID_CONFIG;
- }
-
- if (platform_data) {
- /* Peripheral */
- region_cfg.region_nr = PARTITION_REGION_PERIPH;
- region_cfg.region_base = platform_data->periph_start;
- region_cfg.region_limit = platform_data->periph_limit;
- region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DEVICE_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
- region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
- region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
- if (mpu_armv8m_region_enable(&dev_mpu_s, &region_cfg)
- != MPU_ARMV8M_OK) {
- return SPM_ERR_INVALID_CONFIG;
- }
-
- ppc_en_secure_unpriv(platform_data->periph_ppc_bank,
- platform_data->periph_ppc_loc);
- }
-
- mpu_armv8m_enable(&dev_mpu_s, PRIVILEGED_DEFAULT_ENABLE,
- HARDFAULT_NMI_ENABLE);
-
- return SPM_ERR_OK;
-}
-
-enum spm_err_t tfm_spm_hal_partition_sandbox_deconfig(
- const struct tfm_spm_partition_memory_data_t *memory_data,
- const struct tfm_spm_partition_platform_data_t *platform_data)
-{
- /* This function takes a partition id and disables the
- * SPM partition for that partition
- */
-
- if (platform_data) {
- /* Peripheral */
- ppc_clr_secure_unpriv(platform_data->periph_ppc_bank,
- platform_data->periph_ppc_loc);
- }
-
- mpu_armv8m_disable(&dev_mpu_s);
- mpu_armv8m_region_disable(&dev_mpu_s, PARTITION_REGION_RO);
- mpu_armv8m_region_disable(&dev_mpu_s, PARTITION_REGION_RW_STACK);
- mpu_armv8m_region_disable(&dev_mpu_s, PARTITION_REGION_PERIPH);
- mpu_armv8m_region_disable(&dev_mpu_s, PARTITION_REGION_SHARE);
- mpu_armv8m_enable(&dev_mpu_s, PRIVILEGED_DEFAULT_ENABLE,
- HARDFAULT_NMI_ENABLE);
-
- return SPM_ERR_OK;
-}
-
-#if !defined(TFM_PSA_API)
-/**
- * Set share region to which the partition needs access
- */
-enum spm_err_t tfm_spm_hal_set_share_region(uint32_t share)
-{
- struct mpu_armv8m_region_cfg_t region_cfg;
- enum spm_err_t res = SPM_ERR_INVALID_CONFIG;
- uint32_t scratch_base =
- (uint32_t)&REGION_NAME(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Base);
- uint32_t scratch_limit =
- (uint32_t)&REGION_NAME(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Limit);
-
- mpu_armv8m_disable(&dev_mpu_s);
-
- if (share == TFM_BUFFER_SHARE_DISABLE) {
- mpu_armv8m_region_disable(&dev_mpu_s, PARTITION_REGION_SHARE);
- } else {
-
- region_cfg.region_nr = PARTITION_REGION_SHARE;
- region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
- region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
- region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
- switch (share) {
- case TFM_BUFFER_SHARE_SCRATCH:
- /* Use scratch area for SP-to-SP data sharing */
- region_cfg.region_base = scratch_base;
- region_cfg.region_limit = scratch_limit;
- res = SPM_ERR_OK;
- break;
- case TFM_BUFFER_SHARE_NS_CODE:
- region_cfg.region_base = memory_regions.non_secure_partition_base;
- region_cfg.region_limit = memory_regions.non_secure_partition_limit;
- /* Only allow read access to NS code region and keep
- * exec.never attribute
- */
- region_cfg.attr_access = MPU_ARMV8M_AP_RO_PRIV_UNPRIV;
- res = SPM_ERR_OK;
- break;
- default:
- /* Leave res to be set to SPM_ERR_INVALID_CONFIG */
- break;
- }
- if (res == SPM_ERR_OK) {
- mpu_armv8m_region_enable(&dev_mpu_s, &region_cfg);
- }
- }
- mpu_armv8m_enable(&dev_mpu_s, PRIVILEGED_DEFAULT_ENABLE,
- HARDFAULT_NMI_ENABLE);
-
- return res;
-}
-#endif /* !defined(TFM_PSA_API) */
#endif /* TFM_LVL != 1 */
enum tfm_plat_err_t tfm_spm_hal_setup_isolation_hw(void)
diff --git a/platform/include/tfm_plat_defs.h b/platform/include/tfm_plat_defs.h
index 2a90d9454f..748b2e4883 100644
--- a/platform/include/tfm_plat_defs.h
+++ b/platform/include/tfm_plat_defs.h
@@ -25,13 +25,14 @@ enum tfm_plat_err_t {
TFM_PLAT_ERR_FORCE_INT_SIZE = INT_MAX
};
-#if defined(TFM_LVL) && (TFM_LVL != 1)
+#if defined(TFM_PSA_API) && (TFM_LVL != 1)
+
/*!
* \def TFM_LINK_SET_RO_IN_PARTITION_SECTION(TFM_PARTITION_NAME)
*
* \brief This macro provides a mechanism to place a function code or a data
* variable in the code section (e.g. RO) of a specific secure partition
- * at linker time in TF-M Level 3.
+ * at linker time.
*
* \param[in] TFM_PARTITION_NAME TF-M partition name assigned in the manifest
* file "name" field.
@@ -43,7 +44,7 @@ enum tfm_plat_err_t {
* \def TFM_LINK_SET_RW_IN_PARTITION_SECTION(TFM_PARTITION_NAME)
*
* \brief This macro provides a mechanism to place data variables in the RW data
- * section of a specific secure partition at linker time in TF-M Level 3.
+ * section of a specific secure partition at linker time.
*
* \param[in] TFM_PARTITION_NAME TF-M partition name assigned in the manifest
* file "name" field.
@@ -55,7 +56,7 @@ enum tfm_plat_err_t {
* \def TFM_LINK_SET_ZI_IN_PARTITION_SECTION(TFM_PARTITION_NAME)
*
* \brief This macro provides a mechanism to place data variables in the ZI data
- * section of a specific secure partition at linker time in TF-M Level 3.
+ * section of a specific secure partition at linker time.
*
* \param[in] TFM_PARTITION_NAME TF-M partition name assigned in the manifest
* file "name" field.
diff --git a/platform/include/tfm_spm_hal.h b/platform/include/tfm_spm_hal.h
index 2a33fe5ea4..b6820f5d93 100644
--- a/platform/include/tfm_spm_hal.h
+++ b/platform/include/tfm_spm_hal.h
@@ -34,7 +34,7 @@ enum irq_target_state_t {
TFM_IRQ_TARGET_STATE_NON_SECURE,
};
-#if defined (TFM_PSA_API) || (TFM_LVL != 1)
+#ifdef TFM_PSA_API
/**
* \brief Holds SPM db fields that define the memory regions used by a
* partition.
@@ -219,43 +219,4 @@ enum irq_target_state_t tfm_spm_hal_set_irq_target_state(
int32_t irq_line,
enum irq_target_state_t target_state);
-#if (TFM_LVL != 1) && !defined(TFM_PSA_API)
-/**
- * \brief Configure the sandbox for a partition.
- *
- * \param[in] memory_data The memory ranges from the partition DB for this
- * partition
- * \param[in] platform_data The platform fields of the partition DB record
- * for this partition. Can be NULL.
- *
- * \return Returns the result operation as per \ref spm_err_t
- */
-enum spm_err_t tfm_spm_hal_partition_sandbox_config(
- const struct tfm_spm_partition_memory_data_t *memory_data,
- const struct tfm_spm_partition_platform_data_t *platform_data);
-
-/**
- * \brief Deconfigure the sandbox for a partition.
- *
- * \param[in] memory_data The memory ranges from the partition DB for this
- * partition
- * \param[in] platform_data The platform fields of the partition DB record
- * for this partition. Can be NULL.
- *
- * \return Returns the result operation as per \ref spm_err_t
- */
-enum spm_err_t tfm_spm_hal_partition_sandbox_deconfig(
- const struct tfm_spm_partition_memory_data_t *memory_data,
- const struct tfm_spm_partition_platform_data_t *platform_data);
-
-/**
- * \brief Set the share region mode
- *
- * \param[in] share The mode to set
- *
- * \return Returns the result operation as per \ref spm_err_t
- */
-enum spm_err_t tfm_spm_hal_set_share_region(uint32_t share);
-#endif
-
#endif /* __TFM_SPM_HAL_H__ */