aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMate Toth-Pal <mate.toth-pal@arm.com>2019-07-10 16:13:20 +0200
committerKen Liu <ken.liu@arm.com>2019-07-22 06:32:35 +0000
commitb9c335561a6d562e7da75f6cf39e3ba958000d07 (patch)
tree77463f53bdb0100c69f8671530902413064f5044
parentbf24f40c3548c938021d63d185af3d64415a44e5 (diff)
downloadtrusted-firmware-m-b9c335561a6d562e7da75f6cf39e3ba958000d07.tar.gz
Platform: Add return value to init hal functions
Change-Id: I3e4abf0e3f47e6b11fd9cdc967a3e59821dcc0d8 Signed-off-by: Mate Toth-Pal <mate.toth-pal@arm.com>
-rw-r--r--docs/user_guides/services/tfm_platform_integration_guide.rst10
-rw-r--r--platform/ext/target/mps2/an519/spm_hal.c45
-rw-r--r--platform/ext/target/mps2/an519/target_cfg.c79
-rw-r--r--platform/ext/target/mps2/an519/target_cfg.h45
-rw-r--r--platform/ext/target/mps2/an521/spm_hal.c45
-rw-r--r--platform/ext/target/mps2/an521/target_cfg.c79
-rw-r--r--platform/ext/target/mps2/an521/target_cfg.h45
-rw-r--r--platform/ext/target/mps3/an524/spm_hal.c49
-rw-r--r--platform/ext/target/mps3/an524/target_cfg.c299
-rw-r--r--platform/ext/target/mps3/an524/target_cfg.h59
-rw-r--r--platform/ext/target/musca_a/spm_hal.c45
-rw-r--r--platform/ext/target/musca_a/target_cfg.c126
-rw-r--r--platform/ext/target/musca_a/target_cfg.h44
-rw-r--r--platform/ext/target/musca_b1/spm_hal.c50
-rw-r--r--platform/ext/target/musca_b1/target_cfg.c227
-rw-r--r--platform/ext/target/musca_b1/target_cfg.h49
-rw-r--r--platform/include/tfm_spm_hal.h34
-rw-r--r--secure_fw/core/tfm_core.c8
18 files changed, 1083 insertions, 255 deletions
diff --git a/docs/user_guides/services/tfm_platform_integration_guide.rst b/docs/user_guides/services/tfm_platform_integration_guide.rst
index 4dffb84be..5828579bb 100644
--- a/docs/user_guides/services/tfm_platform_integration_guide.rst
+++ b/docs/user_guides/services/tfm_platform_integration_guide.rst
@@ -87,8 +87,8 @@ Current Service Limitations
Debug authentication settings
*****************************
A platform may provide the option to configure debug authentication. TF-M core
-calls the HAL function ``void tfm_spm_hal_init_debug(void)`` which configures
-debug authentication based on the following defines:
+calls the HAL function ``enum tfm_plat_err_t tfm_spm_hal_init_debug(void)``
+which configures debug authentication based on the following defines:
- `DAUTH_NONE`: Debugging the system is not enabled.
- `DAUTH_NS_ONLY`: Invasive and non invasive debugging of non-secure code is
@@ -104,9 +104,9 @@ the options above to the cmake command with the
`DEBUG_AUTHENTICATION` is `DAUTH_CHIP_DEFAULT`.
.. Note::
- ``void tfm_spm_hal_init_debug(void)`` is called during the TF-M core
- initialisation phase, before initialising secure partition. This means that BL2
- runs with the chip default setting.
+ ``enum tfm_plat_err_t tfm_spm_hal_init_debug(void)`` is called during the
+ TF-M core initialisation phase, before initialising secure partition. This
+ means that BL2 runs with the chip default setting.
--------------
diff --git a/platform/ext/target/mps2/an519/spm_hal.c b/platform/ext/target/mps2/an519/spm_hal.c
index d25f30fbf..7233b1a79 100644
--- a/platform/ext/target/mps2/an519/spm_hal.c
+++ b/platform/ext/target/mps2/an519/spm_hal.c
@@ -25,12 +25,17 @@ extern const struct memory_region_limits memory_regions;
struct mpu_armv8m_dev_t dev_mpu_s = { MPU_BASE };
-void tfm_spm_hal_init_isolation_hw(void)
+enum tfm_plat_err_t tfm_spm_hal_init_isolation_hw(void)
{
+ int32_t ret = ARM_DRIVER_OK;
/* Configures non-secure memory spaces in the target */
sau_and_idau_cfg();
- mpc_init_cfg();
+ ret = mpc_init_cfg();
+ if (ret != ARM_DRIVER_OK) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
ppc_init_cfg();
+ return TFM_PLAT_ERR_SUCCESS;
}
void tfm_spm_hal_configure_default_isolation(
@@ -334,16 +339,15 @@ enum spm_err_t tfm_spm_hal_set_share_region(uint32_t share)
#endif /* !defined(TFM_PSA_API) */
#endif /* TFM_LVL != 1 */
-void tfm_spm_hal_setup_isolation_hw(void)
+enum tfm_plat_err_t tfm_spm_hal_setup_isolation_hw(void)
{
#if TFM_LVL != 1
if (tfm_spm_mpu_init() != SPM_ERR_OK) {
ERROR_MSG("Failed to set up initial MPU configuration! Halting.");
- while (1) {
- ;
- }
+ return TFM_PLAT_ERR_SYSTEM_ERR;
}
#endif
+ return TFM_PLAT_ERR_SUCCESS;
}
void MPC_Handler(void)
@@ -393,10 +397,12 @@ uint32_t tfm_spm_hal_get_ns_entry_point(void)
return *((uint32_t *)(memory_regions.non_secure_code_start+ 4));
}
-void tfm_spm_hal_set_secure_irq_priority(int32_t irq_line, uint32_t priority)
+enum tfm_plat_err_t tfm_spm_hal_set_secure_irq_priority(int32_t irq_line,
+ uint32_t priority)
{
uint32_t quantized_priority = priority >> (8U - __NVIC_PRIO_BITS);
NVIC_SetPriority(irq_line, quantized_priority);
+ return TFM_PLAT_ERR_SUCCESS;
}
void tfm_spm_hal_clear_pending_irq(int32_t irq_line)
@@ -432,3 +438,28 @@ enum irq_target_state_t tfm_spm_hal_set_irq_target_state(
return TFM_IRQ_TARGET_STATE_SECURE;
}
}
+
+enum tfm_plat_err_t tfm_spm_hal_enable_fault_handlers(void)
+{
+ return enable_fault_handlers();
+}
+
+enum tfm_plat_err_t tfm_spm_hal_system_reset_cfg(void)
+{
+ return system_reset_cfg();
+}
+
+enum tfm_plat_err_t tfm_spm_hal_init_debug(void)
+{
+ return init_debug();
+}
+
+enum tfm_plat_err_t tfm_spm_hal_nvic_interrupt_target_state_cfg(void)
+{
+ return nvic_interrupt_target_state_cfg();
+}
+
+enum tfm_plat_err_t tfm_spm_hal_nvic_interrupt_enable(void)
+{
+ return nvic_interrupt_enable();
+}
diff --git a/platform/ext/target/mps2/an519/target_cfg.c b/platform/ext/target/mps2/an519/target_cfg.c
index fb9ddf06c..78e53eb36 100644
--- a/platform/ext/target/mps2/an519/target_cfg.c
+++ b/platform/ext/target/mps2/an519/target_cfg.c
@@ -20,6 +20,7 @@
#include "platform_retarget_dev.h"
#include "region_defs.h"
#include "tfm_secure_api.h"
+#include "tfm_plat_defs.h"
/* Macros to pick linker symbols */
#define REGION(a, b, c) a##b##c
@@ -121,15 +122,16 @@ struct tfm_spm_partition_platform_data_t tfm_peripheral_timer0 = {
CMSDK_TIMER0_APB_PPC_POS
};
-void enable_fault_handlers(void)
+enum tfm_plat_err_t enable_fault_handlers(void)
{
/* Secure fault is not present in the Baseline implementation. */
/* Fault handler enable registers are not present in a Baseline
* implementation.
*/
+ return TFM_PLAT_ERR_SUCCESS;
}
-void system_reset_cfg(void)
+enum tfm_plat_err_t system_reset_cfg(void)
{
struct sysctrl_t *sysctrl = (struct sysctrl_t *)CMSDK_SYSCTRL_BASE_S;
uint32_t reg_value = SCB->AIRCR;
@@ -146,9 +148,11 @@ void system_reset_cfg(void)
reg_value |= (uint32_t)(SCB_AIRCR_WRITE_MASK | SCB_AIRCR_SYSRESETREQS_Msk);
SCB->AIRCR = reg_value;
+
+ return TFM_PLAT_ERR_SUCCESS;
}
-void tfm_spm_hal_init_debug(void)
+enum tfm_plat_err_t init_debug(void)
{
volatile struct sysctrl_t *sys_ctrl =
(struct sysctrl_t *)CMSDK_SYSCTRL_BASE_S;
@@ -184,10 +188,11 @@ void tfm_spm_hal_init_debug(void)
* input signals.
*/
#endif
+ return TFM_PLAT_ERR_SUCCESS;
}
/*----------------- NVIC interrupt target state to NS configuration ----------*/
-void nvic_interrupt_target_state_cfg()
+enum tfm_plat_err_t nvic_interrupt_target_state_cfg(void)
{
/* Target every interrupt to NS; unimplemented interrupts will be WI */
for (uint8_t i=0; i<sizeof(NVIC->ITNS)/sizeof(NVIC->ITNS[0]); i++) {
@@ -204,16 +209,25 @@ void nvic_interrupt_target_state_cfg()
NVIC_ClearTargetState(UARTTX1_IRQn);
NVIC_ClearTargetState(UART1_IRQn);
#endif
+
+ return TFM_PLAT_ERR_SUCCESS;
}
/*----------------- NVIC interrupt enabling for S peripherals ----------------*/
-void nvic_interrupt_enable()
+enum tfm_plat_err_t nvic_interrupt_enable(void)
{
struct spctrl_def* spctrl = CMSDK_SPCTRL;
+ int32_t ret = ARM_DRIVER_OK;
/* MPC interrupt enabling */
- Driver_SRAM1_MPC.EnableInterrupt();
- Driver_SRAM2_MPC.EnableInterrupt();
+ ret = Driver_SRAM1_MPC.EnableInterrupt();
+ if (ret != ARM_DRIVER_OK) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
+ ret = Driver_SRAM2_MPC.EnableInterrupt();
+ if (ret != ARM_DRIVER_OK) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
NVIC_EnableIRQ(MPC_IRQn);
/* PPC interrupt enabling */
@@ -233,6 +247,8 @@ void nvic_interrupt_enable()
spctrl->secppcinten |= CMSDK_APB_PPCEXP2_INT_POS_MASK;
spctrl->secppcinten |= CMSDK_APB_PPCEXP3_INT_POS_MASK;
NVIC_EnableIRQ(PPC_IRQn);
+
+ return TFM_PLAT_ERR_SUCCESS;
}
/*------------------- SAU/IDAU configuration functions -----------------------*/
@@ -296,33 +312,62 @@ void sau_and_idau_cfg(void)
/*------------------- Memory configuration functions -------------------------*/
-void mpc_init_cfg(void)
+int32_t mpc_init_cfg(void)
{
- Driver_SRAM1_MPC.Initialize();
- Driver_SRAM1_MPC.ConfigRegion(memory_regions.non_secure_partition_base,
- memory_regions.non_secure_partition_limit,
- ARM_MPC_ATTR_NONSECURE);
+ int32_t ret = ARM_DRIVER_OK;
+
+ ret = Driver_SRAM1_MPC.Initialize();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+
+ ret = Driver_SRAM1_MPC.ConfigRegion(
+ memory_regions.non_secure_partition_base,
+ memory_regions.non_secure_partition_limit,
+ ARM_MPC_ATTR_NONSECURE);
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
#ifdef BL2
/* Secondary image region */
- Driver_SRAM1_MPC.ConfigRegion(memory_regions.secondary_partition_base,
+ ret = Driver_SRAM1_MPC.ConfigRegion(memory_regions.secondary_partition_base,
memory_regions.secondary_partition_limit,
ARM_MPC_ATTR_NONSECURE);
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
#endif /* BL2 */
- Driver_SRAM2_MPC.Initialize();
- Driver_SRAM2_MPC.ConfigRegion(NS_DATA_START, NS_DATA_LIMIT,
+ ret = Driver_SRAM2_MPC.Initialize();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+
+ ret = Driver_SRAM2_MPC.ConfigRegion(NS_DATA_START, NS_DATA_LIMIT,
ARM_MPC_ATTR_NONSECURE);
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
/* Lock down the MPC configuration */
- Driver_SRAM1_MPC.LockDown();
- Driver_SRAM2_MPC.LockDown();
+ ret = Driver_SRAM1_MPC.LockDown();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+
+ ret = Driver_SRAM2_MPC.LockDown();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
/* Add barriers to assure the MPC configuration is done before continue
* the execution.
*/
__DSB();
__ISB();
+
+ return ARM_DRIVER_OK;
}
/*---------------------- PPC configuration functions -------------------------*/
diff --git a/platform/ext/target/mps2/an519/target_cfg.h b/platform/ext/target/mps2/an519/target_cfg.h
index 1965bac5c..e31971eb7 100644
--- a/platform/ext/target/mps2/an519/target_cfg.h
+++ b/platform/ext/target/mps2/an519/target_cfg.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2018 ARM Limited
+ * Copyright (c) 2017-2019 Arm Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -19,6 +19,7 @@
#include "platform/ext/common/uart_stdout.h"
#include "tfm_peripherals_def.h"
+#include "tfm_plat_defs.h"
#include "arm_uart_drv.h"
#define TFM_DRIVER_STDIO Driver_USART0
@@ -77,8 +78,10 @@ struct tfm_spm_partition_platform_data_t
/**
* \brief Configures the Memory Protection Controller.
+ *
+ * \return Returns error code.
*/
-void mpc_init_cfg(void);
+int32_t mpc_init_cfg(void);
/**
* \brief Configures the Peripheral Protection Controller.
@@ -115,5 +118,43 @@ void ppc_clear_irq(void);
*/
void sau_and_idau_cfg(void);
+/**
+ * \brief Enables the fault handlers and sets priorities.
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
+ */
+enum tfm_plat_err_t enable_fault_handlers(void);
+
+/**
+ * \brief Configures the system reset request properties
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
+ */
+enum tfm_plat_err_t system_reset_cfg(void);
+
+/**
+ * \brief Configures the system debug properties.
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
+ */
+enum tfm_plat_err_t init_debug(void);
+
+/**
+ * \brief Configures all external interrupts to target the
+ * NS state, apart for the ones associated to secure
+ * peripherals (plus MPC and PPC)
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
+ */
+enum tfm_plat_err_t nvic_interrupt_target_state_cfg(void);
+
+/**
+ * \brief This function enable the interrupts associated
+ * to the secure peripherals (plus the isolation boundary violation
+ * interrupts)
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
+ */
+enum tfm_plat_err_t nvic_interrupt_enable(void);
#endif /* __TARGET_CFG_H__ */
diff --git a/platform/ext/target/mps2/an521/spm_hal.c b/platform/ext/target/mps2/an521/spm_hal.c
index 183d448c8..3cca2ee36 100644
--- a/platform/ext/target/mps2/an521/spm_hal.c
+++ b/platform/ext/target/mps2/an521/spm_hal.c
@@ -25,12 +25,17 @@ extern const struct memory_region_limits memory_regions;
struct mpu_armv8m_dev_t dev_mpu_s = { MPU_BASE };
-void tfm_spm_hal_init_isolation_hw(void)
+enum tfm_plat_err_t tfm_spm_hal_init_isolation_hw(void)
{
+ int32_t ret = ARM_DRIVER_OK;
/* Configures non-secure memory spaces in the target */
sau_and_idau_cfg();
- mpc_init_cfg();
+ ret = mpc_init_cfg();
+ if (ret != ARM_DRIVER_OK) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
ppc_init_cfg();
+ return TFM_PLAT_ERR_SUCCESS;
}
void tfm_spm_hal_configure_default_isolation(
@@ -334,16 +339,15 @@ enum spm_err_t tfm_spm_hal_set_share_region(uint32_t share)
#endif /* !defined(TFM_PSA_API) */
#endif /* TFM_LVL != 1 */
-void tfm_spm_hal_setup_isolation_hw(void)
+enum tfm_plat_err_t tfm_spm_hal_setup_isolation_hw(void)
{
#if TFM_LVL != 1
if (tfm_spm_mpu_init() != SPM_ERR_OK) {
ERROR_MSG("Failed to set up initial MPU configuration! Halting.");
- while (1) {
- ;
- }
+ return TFM_PLAT_ERR_SYSTEM_ERR;
}
#endif
+ return TFM_PLAT_ERR_SUCCESS;
}
void MPC_Handler(void)
@@ -393,10 +397,12 @@ uint32_t tfm_spm_hal_get_ns_entry_point(void)
return *((uint32_t *)(memory_regions.non_secure_code_start+ 4));
}
-void tfm_spm_hal_set_secure_irq_priority(int32_t irq_line, uint32_t priority)
+enum tfm_plat_err_t tfm_spm_hal_set_secure_irq_priority(int32_t irq_line,
+ uint32_t priority)
{
uint32_t quantized_priority = priority >> (8U - __NVIC_PRIO_BITS);
NVIC_SetPriority(irq_line, quantized_priority);
+ return TFM_PLAT_ERR_SUCCESS;
}
void tfm_spm_hal_clear_pending_irq(int32_t irq_line)
@@ -432,3 +438,28 @@ enum irq_target_state_t tfm_spm_hal_set_irq_target_state(
return TFM_IRQ_TARGET_STATE_SECURE;
}
}
+
+enum tfm_plat_err_t tfm_spm_hal_enable_fault_handlers(void)
+{
+ return enable_fault_handlers();
+}
+
+enum tfm_plat_err_t tfm_spm_hal_system_reset_cfg(void)
+{
+ return system_reset_cfg();
+}
+
+enum tfm_plat_err_t tfm_spm_hal_init_debug(void)
+{
+ return init_debug();
+}
+
+enum tfm_plat_err_t tfm_spm_hal_nvic_interrupt_target_state_cfg(void)
+{
+ return nvic_interrupt_target_state_cfg();
+}
+
+enum tfm_plat_err_t tfm_spm_hal_nvic_interrupt_enable(void)
+{
+ return nvic_interrupt_enable();
+}
diff --git a/platform/ext/target/mps2/an521/target_cfg.c b/platform/ext/target/mps2/an521/target_cfg.c
index d63ae228a..a2a7e1a3a 100644
--- a/platform/ext/target/mps2/an521/target_cfg.c
+++ b/platform/ext/target/mps2/an521/target_cfg.c
@@ -20,6 +20,7 @@
#include "platform_retarget_dev.h"
#include "region_defs.h"
#include "tfm_secure_api.h"
+#include "tfm_plat_defs.h"
/* Macros to pick linker symbols */
#define REGION(a, b, c) a##b##c
@@ -121,7 +122,7 @@ struct tfm_spm_partition_platform_data_t tfm_peripheral_timer0 = {
CMSDK_TIMER0_APB_PPC_POS
};
-void enable_fault_handlers(void)
+enum tfm_plat_err_t enable_fault_handlers(void)
{
/* Explicitly set secure fault priority to the highest */
NVIC_SetPriority(SecureFault_IRQn, 0);
@@ -131,9 +132,10 @@ void enable_fault_handlers(void)
| SCB_SHCSR_BUSFAULTENA_Msk
| SCB_SHCSR_MEMFAULTENA_Msk
| SCB_SHCSR_SECUREFAULTENA_Msk;
+ return TFM_PLAT_ERR_SUCCESS;
}
-void system_reset_cfg(void)
+enum tfm_plat_err_t system_reset_cfg(void)
{
struct sysctrl_t *sysctrl = (struct sysctrl_t *)CMSDK_SYSCTRL_BASE_S;
uint32_t reg_value = SCB->AIRCR;
@@ -150,9 +152,11 @@ void system_reset_cfg(void)
reg_value |= (uint32_t)(SCB_AIRCR_WRITE_MASK | SCB_AIRCR_SYSRESETREQS_Msk);
SCB->AIRCR = reg_value;
+
+ return TFM_PLAT_ERR_SUCCESS;
}
-void tfm_spm_hal_init_debug(void)
+enum tfm_plat_err_t init_debug(void)
{
volatile struct sysctrl_t *sys_ctrl =
(struct sysctrl_t *)CMSDK_SYSCTRL_BASE_S;
@@ -188,10 +192,11 @@ void tfm_spm_hal_init_debug(void)
* input signals.
*/
#endif
+ return TFM_PLAT_ERR_SUCCESS;
}
/*----------------- NVIC interrupt target state to NS configuration ----------*/
-void nvic_interrupt_target_state_cfg()
+enum tfm_plat_err_t nvic_interrupt_target_state_cfg(void)
{
/* Target every interrupt to NS; unimplemented interrupts will be WI */
for (uint8_t i=0; i<sizeof(NVIC->ITNS)/sizeof(NVIC->ITNS[0]); i++) {
@@ -208,16 +213,25 @@ void nvic_interrupt_target_state_cfg()
NVIC_ClearTargetState(UARTTX1_IRQn);
NVIC_ClearTargetState(UART1_IRQn);
#endif
+
+ return TFM_PLAT_ERR_SUCCESS;
}
/*----------------- NVIC interrupt enabling for S peripherals ----------------*/
-void nvic_interrupt_enable()
+enum tfm_plat_err_t nvic_interrupt_enable(void)
{
struct spctrl_def* spctrl = CMSDK_SPCTRL;
+ int32_t ret = ARM_DRIVER_OK;
/* MPC interrupt enabling */
- Driver_SRAM1_MPC.EnableInterrupt();
- Driver_SRAM2_MPC.EnableInterrupt();
+ ret = Driver_SRAM1_MPC.EnableInterrupt();
+ if (ret != ARM_DRIVER_OK) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
+ ret = Driver_SRAM2_MPC.EnableInterrupt();
+ if (ret != ARM_DRIVER_OK) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
NVIC_EnableIRQ(MPC_IRQn);
/* PPC interrupt enabling */
@@ -237,6 +251,8 @@ void nvic_interrupt_enable()
spctrl->secppcinten |= CMSDK_APB_PPCEXP2_INT_POS_MASK;
spctrl->secppcinten |= CMSDK_APB_PPCEXP3_INT_POS_MASK;
NVIC_EnableIRQ(PPC_IRQn);
+
+ return TFM_PLAT_ERR_SUCCESS;
}
/*------------------- SAU/IDAU configuration functions -----------------------*/
@@ -300,33 +316,62 @@ void sau_and_idau_cfg(void)
/*------------------- Memory configuration functions -------------------------*/
-void mpc_init_cfg(void)
+int32_t mpc_init_cfg(void)
{
- Driver_SRAM1_MPC.Initialize();
- Driver_SRAM1_MPC.ConfigRegion(memory_regions.non_secure_partition_base,
- memory_regions.non_secure_partition_limit,
- ARM_MPC_ATTR_NONSECURE);
+ int32_t ret = ARM_DRIVER_OK;
+
+ ret = Driver_SRAM1_MPC.Initialize();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+
+ ret = Driver_SRAM1_MPC.ConfigRegion(
+ memory_regions.non_secure_partition_base,
+ memory_regions.non_secure_partition_limit,
+ ARM_MPC_ATTR_NONSECURE);
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
#ifdef BL2
/* Secondary image region */
- Driver_SRAM1_MPC.ConfigRegion(memory_regions.secondary_partition_base,
+ ret = Driver_SRAM1_MPC.ConfigRegion(memory_regions.secondary_partition_base,
memory_regions.secondary_partition_limit,
ARM_MPC_ATTR_NONSECURE);
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
#endif /* BL2 */
- Driver_SRAM2_MPC.Initialize();
- Driver_SRAM2_MPC.ConfigRegion(NS_DATA_START, NS_DATA_LIMIT,
+ ret = Driver_SRAM2_MPC.Initialize();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+
+ ret = Driver_SRAM2_MPC.ConfigRegion(NS_DATA_START, NS_DATA_LIMIT,
ARM_MPC_ATTR_NONSECURE);
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
/* Lock down the MPC configuration */
- Driver_SRAM1_MPC.LockDown();
- Driver_SRAM2_MPC.LockDown();
+ ret = Driver_SRAM1_MPC.LockDown();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+
+ ret = Driver_SRAM2_MPC.LockDown();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
/* Add barriers to assure the MPC configuration is done before continue
* the execution.
*/
__DSB();
__ISB();
+
+ return ARM_DRIVER_OK;
}
/*---------------------- PPC configuration functions -------------------------*/
diff --git a/platform/ext/target/mps2/an521/target_cfg.h b/platform/ext/target/mps2/an521/target_cfg.h
index 1965bac5c..e31971eb7 100644
--- a/platform/ext/target/mps2/an521/target_cfg.h
+++ b/platform/ext/target/mps2/an521/target_cfg.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2018 ARM Limited
+ * Copyright (c) 2017-2019 Arm Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -19,6 +19,7 @@
#include "platform/ext/common/uart_stdout.h"
#include "tfm_peripherals_def.h"
+#include "tfm_plat_defs.h"
#include "arm_uart_drv.h"
#define TFM_DRIVER_STDIO Driver_USART0
@@ -77,8 +78,10 @@ struct tfm_spm_partition_platform_data_t
/**
* \brief Configures the Memory Protection Controller.
+ *
+ * \return Returns error code.
*/
-void mpc_init_cfg(void);
+int32_t mpc_init_cfg(void);
/**
* \brief Configures the Peripheral Protection Controller.
@@ -115,5 +118,43 @@ void ppc_clear_irq(void);
*/
void sau_and_idau_cfg(void);
+/**
+ * \brief Enables the fault handlers and sets priorities.
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
+ */
+enum tfm_plat_err_t enable_fault_handlers(void);
+
+/**
+ * \brief Configures the system reset request properties
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
+ */
+enum tfm_plat_err_t system_reset_cfg(void);
+
+/**
+ * \brief Configures the system debug properties.
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
+ */
+enum tfm_plat_err_t init_debug(void);
+
+/**
+ * \brief Configures all external interrupts to target the
+ * NS state, apart for the ones associated to secure
+ * peripherals (plus MPC and PPC)
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
+ */
+enum tfm_plat_err_t nvic_interrupt_target_state_cfg(void);
+
+/**
+ * \brief This function enable the interrupts associated
+ * to the secure peripherals (plus the isolation boundary violation
+ * interrupts)
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
+ */
+enum tfm_plat_err_t nvic_interrupt_enable(void);
#endif /* __TARGET_CFG_H__ */
diff --git a/platform/ext/target/mps3/an524/spm_hal.c b/platform/ext/target/mps3/an524/spm_hal.c
index 361d33220..506a4a870 100644
--- a/platform/ext/target/mps3/an524/spm_hal.c
+++ b/platform/ext/target/mps3/an524/spm_hal.c
@@ -14,6 +14,7 @@
#include "mpu_armv8m_drv.h"
#include "region_defs.h"
#include "platform_description.h"
+#include "Driver_Common.h"
/* Debug configuration flags */
#define SPNIDEN_SEL_STATUS (0x01u << 7)
@@ -31,12 +32,20 @@
/* Get address of memory regions to configure MPU */
extern const struct memory_region_limits memory_regions;
-void tfm_spm_hal_init_isolation_hw(void)
+enum tfm_plat_err_t tfm_spm_hal_init_isolation_hw(void)
{
+ int32_t ret = ARM_DRIVER_OK;
/* Configures non-secure memory spaces in the target */
sau_and_idau_cfg();
- mpc_init_cfg();
- ppc_init_cfg();
+ ret = mpc_init_cfg();
+ if (ret != ARM_DRIVER_OK) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
+ ret = ppc_init_cfg();
+ if (ret != ARM_DRIVER_OK) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
+ return TFM_PLAT_ERR_SUCCESS;
}
void tfm_spm_hal_configure_default_isolation(
@@ -332,16 +341,15 @@ enum spm_err_t tfm_spm_hal_set_share_region(
#endif /* !defined(TFM_PSA_API) */
#endif /* TFM_LVL != 1 */
-void tfm_spm_hal_setup_isolation_hw(void)
+enum tfm_plat_err_t tfm_spm_hal_setup_isolation_hw(void)
{
#if TFM_LVL != 1
if (tfm_spm_mpu_init() != SPM_ERR_OK) {
ERROR_MSG("Failed to set up initial MPU configuration! Halting.");
- while (1) {
- ;
- }
+ return TFM_PLAT_ERR_SYSTEM_ERR;
}
#endif
+ return TFM_PLAT_ERR_SUCCESS;
}
void MPC_Handler(void)
@@ -385,7 +393,7 @@ uint32_t tfm_spm_hal_get_ns_entry_point(void)
return *((uint32_t *)(memory_regions.non_secure_code_start + 4));
}
-void tfm_spm_hal_init_debug(void)
+enum tfm_plat_err_t tfm_spm_hal_init_debug(void)
{
volatile struct sysctrl_t *sys_ctrl =
(struct sysctrl_t *)CMSDK_SYSCTRL_BASE_S;
@@ -421,12 +429,15 @@ void tfm_spm_hal_init_debug(void)
* input signals.
*/
#endif
+ return TFM_PLAT_ERR_SUCCESS;
}
-void tfm_spm_hal_set_secure_irq_priority(int32_t irq_line, uint32_t priority)
+enum tfm_plat_err_t tfm_spm_hal_set_secure_irq_priority(int32_t irq_line,
+ uint32_t priority)
{
uint32_t quantized_priority = priority >> (8U - __NVIC_PRIO_BITS);
NVIC_SetPriority(irq_line, quantized_priority);
+ return TFM_PLAT_ERR_SUCCESS;
}
void tfm_spm_hal_clear_pending_irq(int32_t irq_line)
@@ -462,3 +473,23 @@ enum irq_target_state_t tfm_spm_hal_set_irq_target_state(
return TFM_IRQ_TARGET_STATE_SECURE;
}
}
+
+enum tfm_plat_err_t tfm_spm_hal_enable_fault_handlers(void)
+{
+ return enable_fault_handlers();
+}
+
+enum tfm_plat_err_t tfm_spm_hal_system_reset_cfg(void)
+{
+ return system_reset_cfg();
+}
+
+enum tfm_plat_err_t tfm_spm_hal_nvic_interrupt_target_state_cfg(void)
+{
+ return nvic_interrupt_target_state_cfg();
+}
+
+enum tfm_plat_err_t tfm_spm_hal_nvic_interrupt_enable(void)
+{
+ return nvic_interrupt_enable();
+}
diff --git a/platform/ext/target/mps3/an524/target_cfg.c b/platform/ext/target/mps3/an524/target_cfg.c
index 15a3d68e2..8aded94fc 100644
--- a/platform/ext/target/mps3/an524/target_cfg.c
+++ b/platform/ext/target/mps3/an524/target_cfg.c
@@ -22,6 +22,7 @@
#include "region_defs.h"
#include "tfm_secure_api.h"
#include "mpu_armv8m_drv.h"
+#include "tfm_plat_defs.h"
/* Macros to pick linker symbols */
#define REGION(a, b, c) a##b##c
@@ -130,14 +131,15 @@ struct tfm_spm_partition_platform_data_t tfm_peripheral_timer0 = {
CMSDK_TIMER0_APB_PPC_POS
};
-void enable_fault_handlers(void)
+enum tfm_plat_err_t enable_fault_handlers(void)
{
/* Enables BUS, MEM, USG and Secure faults */
SCB->SHCSR |= (SCB_SHCSR_USGFAULTENA_Msk | SCB_SHCSR_BUSFAULTENA_Msk |
SCB_SHCSR_MEMFAULTENA_Msk | SCB_SHCSR_SECUREFAULTENA_Msk);
+ return TFM_PLAT_ERR_SUCCESS;
}
-void system_reset_cfg(void)
+enum tfm_plat_err_t system_reset_cfg(void)
{
struct sysctrl_t *sysctrl = (struct sysctrl_t *)CMSDK_SYSCTRL_BASE_S;
uint32_t reg_value = SCB->AIRCR;
@@ -154,10 +156,12 @@ void system_reset_cfg(void)
reg_value |= (uint32_t)(SCB_AIRCR_WRITE_MASK | SCB_AIRCR_SYSRESETREQS_Msk);
SCB->AIRCR = reg_value;
+
+ return TFM_PLAT_ERR_SUCCESS;
}
/*--------------------- NVIC interrupt NS/S configuration --------------------*/
-void nvic_interrupt_target_state_cfg(void)
+enum tfm_plat_err_t nvic_interrupt_target_state_cfg(void)
{
uint8_t i;
@@ -169,6 +173,8 @@ void nvic_interrupt_target_state_cfg(void)
/* Make sure that MPC and PPC are targeted to S state */
NVIC_ClearTargetState(MPC_IRQn);
NVIC_ClearTargetState(PPC_IRQn);
+
+ return TFM_PLAT_ERR_SUCCESS;
}
enum mpu_armv8m_error_t mpu_enable(uint32_t privdef_en, uint32_t hfnmi_en)
@@ -202,12 +208,22 @@ enum mpu_armv8m_error_t mpu_clean(void)
}
/*----------------- NVIC interrupt enabling for S peripherals ----------------*/
-void nvic_interrupt_enable(void)
+enum tfm_plat_err_t nvic_interrupt_enable(void)
{
+ int32_t ret = ARM_DRIVER_OK;
/* MPC interrupt enabling */
- Driver_QSPI_MPC.EnableInterrupt();
- Driver_ISRAM2_MPC.EnableInterrupt();
- Driver_ISRAM3_MPC.EnableInterrupt();
+ ret = Driver_QSPI_MPC.EnableInterrupt();
+ if (ret != ARM_DRIVER_OK) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
+ ret = Driver_ISRAM2_MPC.EnableInterrupt();
+ if (ret != ARM_DRIVER_OK) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
+ ret = Driver_ISRAM3_MPC.EnableInterrupt();
+ if (ret != ARM_DRIVER_OK) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
NVIC_EnableIRQ(MPC_IRQn);
/* PPC interrupt enabling */
@@ -220,13 +236,30 @@ void nvic_interrupt_enable(void)
Driver_APB_PPC0.ClearInterrupt();
/* Enable PPC interrupts for APB PPC */
- Driver_APB_PPC0.EnableInterrupt();
- Driver_APB_PPC1.EnableInterrupt();
- Driver_APB_PPCEXP0.EnableInterrupt();
- Driver_APB_PPCEXP1.EnableInterrupt();
- Driver_APB_PPCEXP2.EnableInterrupt();
+ ret = Driver_APB_PPC0.EnableInterrupt();
+ if (ret != ARM_DRIVER_OK) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
+ ret = Driver_APB_PPC1.EnableInterrupt();
+ if (ret != ARM_DRIVER_OK) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
+ ret = Driver_APB_PPCEXP0.EnableInterrupt();
+ if (ret != ARM_DRIVER_OK) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
+ ret = Driver_APB_PPCEXP1.EnableInterrupt();
+ if (ret != ARM_DRIVER_OK) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
+ ret = Driver_APB_PPCEXP2.EnableInterrupt();
+ if (ret != ARM_DRIVER_OK) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
NVIC_EnableIRQ(PPC_IRQn);
+
+ return ARM_DRIVER_OK;
}
/*------------------- SAU/IDAU configuration functions -----------------------*/
@@ -274,38 +307,69 @@ void sau_and_idau_cfg(void)
}
/*------------------- Memory configuration functions -------------------------*/
-void mpc_init_cfg(void)
+int32_t mpc_init_cfg(void)
{
- Driver_QSPI_MPC.Initialize();
+ int32_t ret = ARM_DRIVER_OK;
+
+ ret = Driver_QSPI_MPC.Initialize();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
- Driver_QSPI_MPC.ConfigRegion(
+ ret = Driver_QSPI_MPC.ConfigRegion(
memory_regions.non_secure_partition_base,
memory_regions.non_secure_partition_limit,
ARM_MPC_ATTR_NONSECURE);
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
#ifdef BL2
- Driver_QSPI_MPC.ConfigRegion(
+ ret = Driver_QSPI_MPC.ConfigRegion(
memory_regions.secondary_partition_base,
memory_regions.secondary_partition_limit,
ARM_MPC_ATTR_NONSECURE);
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
#endif /* BL2 */
/* NSPE use the last 32KB(ISARM 3) */
- Driver_ISRAM3_MPC.Initialize();
- Driver_ISRAM3_MPC.ConfigRegion(
+ ret = Driver_ISRAM3_MPC.Initialize();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+
+ ret = Driver_ISRAM3_MPC.ConfigRegion(
MPC_ISRAM3_RANGE_BASE_NS,
MPC_ISRAM3_RANGE_LIMIT_NS,
ARM_MPC_ATTR_NONSECURE);
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
/* Lock down the MPC configuration */
- Driver_QSPI_MPC.LockDown();
- Driver_ISRAM2_MPC.LockDown();
- Driver_ISRAM3_MPC.LockDown();
+ ret = Driver_QSPI_MPC.LockDown();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+
+ ret = Driver_ISRAM2_MPC.LockDown();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+
+ ret = Driver_ISRAM3_MPC.LockDown();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
/* Add barriers to assure the MPC configuration is done before continue
* the execution.
*/
__DSB();
__ISB();
+
+ return ARM_DRIVER_OK;
}
void mpc_clear_irq(void)
@@ -318,134 +382,249 @@ void mpc_clear_irq(void)
}
/*------------------- PPC configuration functions -------------------------*/
-void ppc_init_cfg(void)
+int32_t ppc_init_cfg(void)
{
struct spctrl_def *spctrl = CMSDK_SPCTRL;
+ int32_t ret = ARM_DRIVER_OK;
/* Grant non-secure access to peripherals in the PPC0
* (timer0 and 1, dualtimer, watchdog, mhu 0 and 1)
*/
- Driver_APB_PPC0.Initialize();
- Driver_APB_PPC0.ConfigPeriph(CMSDK_TIMER0_APB_PPC_POS,
+ ret = Driver_APB_PPC0.Initialize();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+
+ ret = Driver_APB_PPC0.ConfigPeriph(CMSDK_TIMER0_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPC0.ConfigPeriph(CMSDK_TIMER1_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPC0.ConfigPeriph(CMSDK_TIMER1_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPC0.ConfigPeriph(CMSDK_DTIMER_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPC0.ConfigPeriph(CMSDK_DTIMER_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPC0.ConfigPeriph(CMSDK_MHU0_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPC0.ConfigPeriph(CMSDK_MHU0_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPC0.ConfigPeriph(CMSDK_MHU0_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPC0.ConfigPeriph(CMSDK_MHU0_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
/* Grant non-secure access to S32K Timer in PPC1*/
- Driver_APB_PPC1.Initialize();
- Driver_APB_PPC1.ConfigPeriph(CMSDK_S32K_TIMER_PPC_POS,
+ ret = Driver_APB_PPC1.Initialize();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPC1.ConfigPeriph(CMSDK_S32K_TIMER_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
/* Grant non-secure access for APB peripherals on EXP1 */
- Driver_APB_PPCEXP1.Initialize();
- Driver_APB_PPCEXP1.ConfigPeriph(CMSDK_I2C0_APB_PPC_POS,
+ ret = Driver_APB_PPCEXP1.Initialize();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP1.ConfigPeriph(CMSDK_I2C0_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPCEXP1.ConfigPeriph(CMSDK_I2C1_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP1.ConfigPeriph(CMSDK_I2C1_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPCEXP1.ConfigPeriph(CMSDK_SPI0_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP1.ConfigPeriph(CMSDK_SPI0_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPCEXP1.ConfigPeriph(CMSDK_SPI1_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP1.ConfigPeriph(CMSDK_SPI1_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPCEXP1.ConfigPeriph(CMSDK_SPI2_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP1.ConfigPeriph(CMSDK_SPI2_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPCEXP1.ConfigPeriph(CMSDK_I2C2_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP1.ConfigPeriph(CMSDK_I2C2_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPCEXP1.ConfigPeriph(CMSDK_I2C3_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP1.ConfigPeriph(CMSDK_I2C3_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPCEXP1.ConfigPeriph(CMSDK_I2C4_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP1.ConfigPeriph(CMSDK_I2C4_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
/* Grant non-secure access for APB peripherals on EXP2 */
- Driver_APB_PPCEXP2.Initialize();
- Driver_APB_PPCEXP2.ConfigPeriph(CMSDK_FPGA_SCC_PPC_POS,
+ ret = Driver_APB_PPCEXP2.Initialize();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP2.ConfigPeriph(CMSDK_FPGA_SCC_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPCEXP2.ConfigPeriph(CMSDK_FPGA_AUDIO_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP2.ConfigPeriph(CMSDK_FPGA_AUDIO_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPCEXP2.ConfigPeriph(CMSDK_FPGA_IO_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP2.ConfigPeriph(CMSDK_FPGA_IO_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_AND_NONPRIV);
- Driver_APB_PPCEXP2.ConfigPeriph(CMSDK_UART0_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP2.ConfigPeriph(CMSDK_UART0_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPCEXP2.ConfigPeriph(CMSDK_UART1_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP2.ConfigPeriph(CMSDK_UART1_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPCEXP2.ConfigPeriph(CMSDK_UART2_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP2.ConfigPeriph(CMSDK_UART2_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPCEXP2.ConfigPeriph(CMSDK_UART3_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP2.ConfigPeriph(CMSDK_UART3_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPCEXP2.ConfigPeriph(CMSDK_UART4_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP2.ConfigPeriph(CMSDK_UART4_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPCEXP2.ConfigPeriph(CMSDK_UART5_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP2.ConfigPeriph(CMSDK_UART5_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPCEXP2.ConfigPeriph(CMSDK_CLCD_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP2.ConfigPeriph(CMSDK_CLCD_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPCEXP2.ConfigPeriph(CMSDK_RTC_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP2.ConfigPeriph(CMSDK_RTC_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
/*
* Grant non-secure access to all peripherals on AHB EXP0:
* Make sure that all possible peripherals are enabled by default
*/
- Driver_AHB_PPCEXP0.Initialize();
- Driver_AHB_PPCEXP0.ConfigPeriph(CMSDK_GPIO0_PPC_POS,
+ ret = Driver_AHB_PPCEXP0.Initialize();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_AHB_PPCEXP0.ConfigPeriph(CMSDK_GPIO0_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_AHB_PPCEXP0.ConfigPeriph(CMSDK_GPIO1_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_AHB_PPCEXP0.ConfigPeriph(CMSDK_GPIO1_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_AHB_PPCEXP0.ConfigPeriph(CMSDK_GPIO2_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_AHB_PPCEXP0.ConfigPeriph(CMSDK_GPIO2_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_AHB_PPCEXP0.ConfigPeriph(CMSDK_GPIO3_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_AHB_PPCEXP0.ConfigPeriph(CMSDK_GPIO3_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_AHB_PPCEXP0.ConfigPeriph(CMSDK_USB_ETHERNET_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_AHB_PPCEXP0.ConfigPeriph(CMSDK_USB_ETHERNET_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_AHB_PPCEXP0.ConfigPeriph(CMSDK_USER0_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_AHB_PPCEXP0.ConfigPeriph(CMSDK_USER0_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_AHB_PPCEXP0.ConfigPeriph(CMSDK_USER1_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_AHB_PPCEXP0.ConfigPeriph(CMSDK_USER1_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_AHB_PPCEXP0.ConfigPeriph(CMSDK_USER2_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_AHB_PPCEXP0.ConfigPeriph(CMSDK_USER2_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
/*
* Configure the response to a security violation as a
* bus error instead of RAZ/WI
*/
spctrl->secrespcfg |= CMSDK_SECRESPCFG_BUS_ERR_MASK;
+
+ return ARM_DRIVER_OK;
}
void ppc_configure_to_secure_priv(enum ppc_bank_e bank, uint16_t pos)
diff --git a/platform/ext/target/mps3/an524/target_cfg.h b/platform/ext/target/mps3/an524/target_cfg.h
index d0578611c..715e79afd 100644
--- a/platform/ext/target/mps3/an524/target_cfg.h
+++ b/platform/ext/target/mps3/an524/target_cfg.h
@@ -70,25 +70,6 @@ struct tfm_spm_partition_platform_data_t {
struct mpu_armv8m_region_cfg_t;
/**
- * \brief Enables the fault handlers BusFault, UsageFault,
- * MemManageFault and SecureFault.
- */
-void enable_fault_handlers(void);
-
-/**
- * \brief Configures all external interrupts to target the
- * NS state, apart for the ones associated to secure
- * peripherals (plus MPC and PPC)
- */
-void nvic_interrupt_target_state_cfg(void);
-
-/**
- * \brief This function enable the interrupts associated
- * to the secure peripherals (plus MPC and PPC)
- */
-void nvic_interrupt_enable(void);
-
-/**
* \brief This function enables the MPU
*/
enum mpu_armv8m_error_t mpu_enable(uint32_t privdef_en, uint32_t hfnmi_en);
@@ -116,8 +97,10 @@ enum mpu_armv8m_error_t mpu_clean(void);
/**
* \brief Configures the Memory Protection Controller.
+ *
+ * \return Returns error code.
*/
-void mpc_init_cfg(void);
+int32_t mpc_init_cfg(void);
/**
* \brief Clear MPC interrupt.
@@ -126,8 +109,10 @@ void mpc_clear_irq(void);
/**
* \brief Configures the Peripheral Protection Controller.
+ *
+ * \return Returns error code.
*/
-void ppc_init_cfg(void);
+int32_t ppc_init_cfg(void);
/**
* \brief Restict access to peripheral to secure privileged
@@ -154,4 +139,36 @@ void ppc_clear_irq(void);
*/
void sau_and_idau_cfg(void);
+/**
+ * \brief Enables the fault handlers and sets priorities.
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
+ */
+enum tfm_plat_err_t enable_fault_handlers(void);
+
+/**
+ * \brief Configures the system reset request properties
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
+ */
+enum tfm_plat_err_t system_reset_cfg(void);
+
+/**
+ * \brief Configures all external interrupts to target the
+ * NS state, apart for the ones associated to secure
+ * peripherals (plus MPC and PPC)
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
+ */
+enum tfm_plat_err_t nvic_interrupt_target_state_cfg(void);
+
+/**
+ * \brief This function enable the interrupts associated
+ * to the secure peripherals (plus the isolation boundary violation
+ * interrupts)
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
+ */
+enum tfm_plat_err_t nvic_interrupt_enable(void);
+
#endif /* __TARGET_CFG_H__ */
diff --git a/platform/ext/target/musca_a/spm_hal.c b/platform/ext/target/musca_a/spm_hal.c
index 7bb8159f0..02232b4e5 100644
--- a/platform/ext/target/musca_a/spm_hal.c
+++ b/platform/ext/target/musca_a/spm_hal.c
@@ -25,12 +25,17 @@ extern const struct memory_region_limits memory_regions;
struct mpu_armv8m_dev_t dev_mpu_s = { MPU_BASE };
-void tfm_spm_hal_init_isolation_hw(void)
+enum tfm_plat_err_t tfm_spm_hal_init_isolation_hw(void)
{
+ int32_t ret = ARM_DRIVER_OK;
/* Configures non-secure memory spaces in the target */
sau_and_idau_cfg();
- mpc_init_cfg();
+ ret = mpc_init_cfg();
+ if (ret != ARM_DRIVER_OK) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
ppc_init_cfg();
+ return TFM_PLAT_ERR_SUCCESS;
}
void tfm_spm_hal_configure_default_isolation(
@@ -334,16 +339,15 @@ enum spm_err_t tfm_spm_hal_set_share_region(uint32_t share)
#endif /* !defined(TFM_PSA_API) */
#endif /* TFM_LVL != 1 */
-void tfm_spm_hal_setup_isolation_hw(void)
+enum tfm_plat_err_t tfm_spm_hal_setup_isolation_hw(void)
{
#if TFM_LVL != 1
if (tfm_spm_mpu_init() != SPM_ERR_OK) {
ERROR_MSG("Failed to set up initial MPU configuration! Halting.");
- while (1) {
- ;
- }
+ return TFM_PLAT_ERR_SYSTEM_ERR;
}
#endif
+ return TFM_PLAT_ERR_SUCCESS;
}
void MPC_Handler(void)
@@ -393,10 +397,12 @@ uint32_t tfm_spm_hal_get_ns_entry_point(void)
return *((uint32_t *)(memory_regions.non_secure_code_start+ 4));
}
-void tfm_spm_hal_set_secure_irq_priority(int32_t irq_line, uint32_t priority)
+enum tfm_plat_err_t tfm_spm_hal_set_secure_irq_priority(int32_t irq_line,
+ uint32_t priority)
{
uint32_t quantized_priority = priority >> (8U - __NVIC_PRIO_BITS);
NVIC_SetPriority(irq_line, quantized_priority);
+ return TFM_PLAT_ERR_SUCCESS;
}
void tfm_spm_hal_clear_pending_irq(int32_t irq_line)
@@ -432,3 +438,28 @@ enum irq_target_state_t tfm_spm_hal_set_irq_target_state(
return TFM_IRQ_TARGET_STATE_SECURE;
}
}
+
+enum tfm_plat_err_t tfm_spm_hal_enable_fault_handlers(void)
+{
+ return enable_fault_handlers();
+}
+
+enum tfm_plat_err_t tfm_spm_hal_system_reset_cfg(void)
+{
+ return system_reset_cfg();
+}
+
+enum tfm_plat_err_t tfm_spm_hal_init_debug(void)
+{
+ return init_debug();
+}
+
+enum tfm_plat_err_t tfm_spm_hal_nvic_interrupt_target_state_cfg(void)
+{
+ return nvic_interrupt_target_state_cfg();
+}
+
+enum tfm_plat_err_t tfm_spm_hal_nvic_interrupt_enable(void)
+{
+ return nvic_interrupt_enable();
+}
diff --git a/platform/ext/target/musca_a/target_cfg.c b/platform/ext/target/musca_a/target_cfg.c
index ec2968d12..20e069d87 100644
--- a/platform/ext/target/musca_a/target_cfg.c
+++ b/platform/ext/target/musca_a/target_cfg.c
@@ -20,6 +20,7 @@
#include "device_definition.h"
#include "region_defs.h"
#include "tfm_secure_api.h"
+#include "tfm_plat_defs.h"
#define MIN(A, B) (((A) < (B)) ? (A) : (B))
#define MAX(A, B) (((A) > (B)) ? (A) : (B))
@@ -101,7 +102,7 @@ struct tfm_spm_partition_platform_data_t tfm_peripheral_timer0 = {
CMSDK_TIMER0_APB_PPC_POS
};
-void enable_fault_handlers(void)
+enum tfm_plat_err_t enable_fault_handlers(void)
{
/* Explicitly set secure fault priority to the highest */
NVIC_SetPriority(SecureFault_IRQn, 0);
@@ -111,9 +112,10 @@ void enable_fault_handlers(void)
| SCB_SHCSR_BUSFAULTENA_Msk
| SCB_SHCSR_MEMFAULTENA_Msk
| SCB_SHCSR_SECUREFAULTENA_Msk;
+ return TFM_PLAT_ERR_SUCCESS;
}
-void system_reset_cfg(void)
+enum tfm_plat_err_t system_reset_cfg(void)
{
struct sysctrl_t *sysctrl = (struct sysctrl_t *)CMSDK_SYSCTRL_BASE_S;
uint32_t reg_value = SCB->AIRCR;
@@ -130,9 +132,11 @@ void system_reset_cfg(void)
reg_value |= (uint32_t)(SCB_AIRCR_WRITE_MASK | SCB_AIRCR_SYSRESETREQS_Msk);
SCB->AIRCR = reg_value;
+
+ return TFM_PLAT_ERR_SUCCESS;
}
-void tfm_spm_hal_init_debug(void)
+enum tfm_plat_err_t init_debug(void)
{
volatile struct sysctrl_t *sys_ctrl =
(struct sysctrl_t *)CMSDK_SYSCTRL_BASE_S;
@@ -168,10 +172,11 @@ void tfm_spm_hal_init_debug(void)
* input signals.
*/
#endif
+ return TFM_PLAT_ERR_SUCCESS;
}
/*----------------- NVIC interrupt target state to NS configuration ----------*/
-void nvic_interrupt_target_state_cfg()
+enum tfm_plat_err_t nvic_interrupt_target_state_cfg(void)
{
/* Target every interrupt to NS; unimplemented interrupts will be WI */
for (uint8_t i=0; i<sizeof(NVIC->ITNS)/sizeof(NVIC->ITNS[0]); i++) {
@@ -181,16 +186,25 @@ void nvic_interrupt_target_state_cfg()
/* Make sure that MPC and PPC are targeted to S state */
NVIC_ClearTargetState(S_MPC_COMBINED_IRQn);
NVIC_ClearTargetState(S_PPC_COMBINED_IRQn);
+
+ return TFM_PLAT_ERR_SUCCESS;
}
/*----------------- NVIC interrupt enabling for S peripherals ----------------*/
-void nvic_interrupt_enable()
+enum tfm_plat_err_t nvic_interrupt_enable(void)
{
struct spctrl_def* spctrl = CMSDK_SPCTRL;
+ int32_t ret = ARM_DRIVER_OK;
/* MPC interrupt enabling */
- Driver_QSPI_MPC.EnableInterrupt();
- Driver_CODE_SRAM_MPC.EnableInterrupt();
+ ret = Driver_QSPI_MPC.EnableInterrupt();
+ if (ret != ARM_DRIVER_OK) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
+ ret = Driver_CODE_SRAM_MPC.EnableInterrupt();
+ if (ret != ARM_DRIVER_OK) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
NVIC_EnableIRQ(S_MPC_COMBINED_IRQn);
/* PPC interrupt enabling */
@@ -210,6 +224,8 @@ void nvic_interrupt_enable()
spctrl->secppcinten |= CMSDK_APB_PPCEXP2_INT_POS_MASK;
spctrl->secppcinten |= CMSDK_APB_PPCEXP3_INT_POS_MASK;
NVIC_EnableIRQ(S_PPC_COMBINED_IRQn);
+
+ return TFM_PLAT_ERR_SUCCESS;
}
/*------------------- SAU/IDAU configuration functions -----------------------*/
@@ -251,7 +267,7 @@ void sau_and_idau_cfg(void)
/*------------------- Memory configuration functions -------------------------*/
-void mpc_init_region_with_attr(ARM_DRIVER_MPC *region,
+int32_t mpc_init_region_with_attr(ARM_DRIVER_MPC *region,
uintptr_t region_base, uintptr_t region_limit,
uintptr_t attr_range_start, uintptr_t attr_range_limit,
ARM_MPC_SEC_ATTR attr)
@@ -263,61 +279,115 @@ void mpc_init_region_with_attr(ARM_DRIVER_MPC *region,
/* ConfigRegion checks whether the range addresses are aligned at MPC
* block border
*/
- region->ConfigRegion(range_start, range_limit, attr);
+ return region->ConfigRegion(range_start, range_limit, attr);
}
+ return ARM_DRIVER_OK;
}
-void mpc_init_cfg(void)
+int32_t mpc_init_cfg(void)
{
+ int32_t ret = ARM_DRIVER_OK;
+
ARM_DRIVER_MPC* mpc_data_region0 = &Driver_ISRAM0_MPC;
ARM_DRIVER_MPC* mpc_data_region1 = &Driver_ISRAM1_MPC;
ARM_DRIVER_MPC* mpc_data_region2 = &Driver_ISRAM2_MPC;
ARM_DRIVER_MPC* mpc_data_region3 = &Driver_ISRAM3_MPC;
- Driver_CODE_SRAM_MPC.Initialize();
- Driver_CODE_SRAM_MPC.ConfigRegion(memory_regions.non_secure_partition_base,
- memory_regions.non_secure_partition_limit,
- ARM_MPC_ATTR_NONSECURE);
+ ret = Driver_CODE_SRAM_MPC.Initialize();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_CODE_SRAM_MPC.ConfigRegion(
+ memory_regions.non_secure_partition_base,
+ memory_regions.non_secure_partition_limit,
+ ARM_MPC_ATTR_NONSECURE);
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
- mpc_data_region0->Initialize();
- mpc_data_region0->ConfigRegion(MPC_ISRAM0_RANGE_BASE_S,
+ ret = mpc_data_region0->Initialize();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = mpc_data_region0->ConfigRegion(MPC_ISRAM0_RANGE_BASE_S,
MPC_ISRAM0_RANGE_LIMIT_S,
ARM_MPC_ATTR_SECURE);
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
- mpc_data_region1->Initialize();
- mpc_data_region1->ConfigRegion(MPC_ISRAM1_RANGE_BASE_S,
+ ret = mpc_data_region1->Initialize();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = mpc_data_region1->ConfigRegion(MPC_ISRAM1_RANGE_BASE_S,
MPC_ISRAM1_RANGE_LIMIT_S,
ARM_MPC_ATTR_SECURE);
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
- mpc_data_region2->Initialize();
- mpc_data_region2->ConfigRegion(MPC_ISRAM2_RANGE_BASE_S,
+ ret = mpc_data_region2->Initialize();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = mpc_data_region2->ConfigRegion(MPC_ISRAM2_RANGE_BASE_S,
MPC_ISRAM2_RANGE_LIMIT_S,
ARM_MPC_ATTR_SECURE);
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
/* Set MPC_ISRAM3 based on regions defined in region_defs.h */
- mpc_data_region3->Initialize();
- mpc_init_region_with_attr(mpc_data_region3,
+ ret = mpc_data_region3->Initialize();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = mpc_init_region_with_attr(mpc_data_region3,
MPC_ISRAM3_RANGE_BASE_S, MPC_ISRAM3_RANGE_LIMIT_S,
S_DATA_START, S_DATA_LIMIT,
ARM_MPC_ATTR_SECURE);
- mpc_init_region_with_attr(
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = mpc_init_region_with_attr(
mpc_data_region3,
MPC_ISRAM3_RANGE_BASE_NS, MPC_ISRAM3_RANGE_LIMIT_NS,
NS_DATA_START, NS_DATA_LIMIT,
ARM_MPC_ATTR_NONSECURE);
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
/* Lock down the MPC configuration */
- Driver_CODE_SRAM_MPC.LockDown();
- mpc_data_region0->LockDown();
- mpc_data_region1->LockDown();
- mpc_data_region2->LockDown();
- mpc_data_region3->LockDown();
+ ret = Driver_CODE_SRAM_MPC.LockDown();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = mpc_data_region0->LockDown();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = mpc_data_region1->LockDown();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = mpc_data_region2->LockDown();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = mpc_data_region3->LockDown();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
/* Add barriers to assure the MPC configuration is done before continue
* the execution.
*/
__DSB();
__ISB();
+
+ return ARM_DRIVER_OK;
}
/*---------------------- PPC configuration functions -------------------------*/
diff --git a/platform/ext/target/musca_a/target_cfg.h b/platform/ext/target/musca_a/target_cfg.h
index 7ee470f0d..742fab60d 100644
--- a/platform/ext/target/musca_a/target_cfg.h
+++ b/platform/ext/target/musca_a/target_cfg.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018 ARM Limited
+ * Copyright (c) 2018-2019 Arm Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -73,8 +73,10 @@ struct tfm_spm_partition_platform_data_t
/**
* \brief Configures the Memory Protection Controller.
+ *
+ * \return Returns error code.
*/
-void mpc_init_cfg(void);
+int32_t mpc_init_cfg(void);
/**
* \brief Configures the Peripheral Protection Controller.
@@ -111,5 +113,43 @@ void ppc_clear_irq(void);
*/
void sau_and_idau_cfg(void);
+/**
+ * \brief Enables the fault handlers and sets priorities.
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
+ */
+enum tfm_plat_err_t enable_fault_handlers(void);
+
+/**
+ * \brief Configures the system reset request properties
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
+ */
+enum tfm_plat_err_t system_reset_cfg(void);
+
+/**
+ * \brief Configures the system debug properties.
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
+ */
+enum tfm_plat_err_t init_debug(void);
+
+/**
+ * \brief Configures all external interrupts to target the
+ * NS state, apart for the ones associated to secure
+ * peripherals (plus MPC and PPC)
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
+ */
+enum tfm_plat_err_t nvic_interrupt_target_state_cfg(void);
+
+/**
+ * \brief This function enable the interrupts associated
+ * to the secure peripherals (plus the isolation boundary violation
+ * interrupts)
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
+ */
+enum tfm_plat_err_t nvic_interrupt_enable(void);
#endif /* __TARGET_CFG_H__ */
diff --git a/platform/ext/target/musca_b1/spm_hal.c b/platform/ext/target/musca_b1/spm_hal.c
index 2ab6f68af..d185b10a6 100644
--- a/platform/ext/target/musca_b1/spm_hal.c
+++ b/platform/ext/target/musca_b1/spm_hal.c
@@ -25,12 +25,20 @@ extern const struct memory_region_limits memory_regions;
struct mpu_armv8m_dev_t dev_mpu_s = { MPU_BASE };
-void tfm_spm_hal_init_isolation_hw(void)
+enum tfm_plat_err_t tfm_spm_hal_init_isolation_hw(void)
{
+ int32_t ret = ARM_DRIVER_OK;
/* Configures non-secure memory spaces in the target */
sau_and_idau_cfg();
- mpc_init_cfg();
- ppc_init_cfg();
+ ret = mpc_init_cfg();
+ if (ret != ARM_DRIVER_OK) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
+ ret = ppc_init_cfg();
+ if (ret != ARM_DRIVER_OK) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
+ return TFM_PLAT_ERR_SUCCESS;
}
void tfm_spm_hal_configure_default_isolation(
@@ -334,16 +342,15 @@ enum spm_err_t tfm_spm_hal_set_share_region(uint32_t share)
#endif /* !defined(TFM_PSA_API) */
#endif /* TFM_LVL != 1 */
-void tfm_spm_hal_setup_isolation_hw(void)
+enum tfm_plat_err_t tfm_spm_hal_setup_isolation_hw(void)
{
#if TFM_LVL != 1
if (tfm_spm_mpu_init() != SPM_ERR_OK) {
ERROR_MSG("Failed to set up initial MPU configuration! Halting.");
- while (1) {
- ;
- }
+ return TFM_PLAT_ERR_SYSTEM_ERR;
}
#endif
+ return TFM_PLAT_ERR_SUCCESS;
}
void MPC_Handler(void)
@@ -393,10 +400,12 @@ uint32_t tfm_spm_hal_get_ns_entry_point(void)
return *((uint32_t *)(memory_regions.non_secure_code_start+ 4));
}
-void tfm_spm_hal_set_secure_irq_priority(int32_t irq_line, uint32_t priority)
+enum tfm_plat_err_t tfm_spm_hal_set_secure_irq_priority(int32_t irq_line,
+ uint32_t priority)
{
uint32_t quantized_priority = priority >> (8U - __NVIC_PRIO_BITS);
NVIC_SetPriority(irq_line, quantized_priority);
+ return TFM_PLAT_ERR_SUCCESS;
}
void tfm_spm_hal_clear_pending_irq(int32_t irq_line)
@@ -432,3 +441,28 @@ enum irq_target_state_t tfm_spm_hal_set_irq_target_state(
return TFM_IRQ_TARGET_STATE_SECURE;
}
}
+
+enum tfm_plat_err_t tfm_spm_hal_enable_fault_handlers(void)
+{
+ return enable_fault_handlers();
+}
+
+enum tfm_plat_err_t tfm_spm_hal_system_reset_cfg(void)
+{
+ return system_reset_cfg();
+}
+
+enum tfm_plat_err_t tfm_spm_hal_init_debug(void)
+{
+ return init_debug();
+}
+
+enum tfm_plat_err_t tfm_spm_hal_nvic_interrupt_target_state_cfg(void)
+{
+ return nvic_interrupt_target_state_cfg();
+}
+
+enum tfm_plat_err_t tfm_spm_hal_nvic_interrupt_enable(void)
+{
+ return nvic_interrupt_enable();
+}
diff --git a/platform/ext/target/musca_b1/target_cfg.c b/platform/ext/target/musca_b1/target_cfg.c
index 91fcab5dd..9edbb6755 100644
--- a/platform/ext/target/musca_b1/target_cfg.c
+++ b/platform/ext/target/musca_b1/target_cfg.c
@@ -21,6 +21,7 @@
#include "device_definition.h"
#include "region_defs.h"
#include "tfm_secure_api.h"
+#include "tfm_plat_defs.h"
/* Macros to pick linker symbols */
#define REGION(a, b, c) a##b##c
@@ -133,7 +134,7 @@ struct tfm_spm_partition_platform_data_t tfm_peripheral_timer0 = {
CMSDK_TIMER0_APB_PPC_POS
};
-void enable_fault_handlers(void)
+enum tfm_plat_err_t enable_fault_handlers(void)
{
/* Explicitly set secure fault priority to the highest */
NVIC_SetPriority(SecureFault_IRQn, 0);
@@ -143,9 +144,10 @@ void enable_fault_handlers(void)
| SCB_SHCSR_BUSFAULTENA_Msk
| SCB_SHCSR_MEMFAULTENA_Msk
| SCB_SHCSR_SECUREFAULTENA_Msk;
+ return TFM_PLAT_ERR_SUCCESS;
}
-void system_reset_cfg(void)
+enum tfm_plat_err_t system_reset_cfg(void)
{
struct sysctrl_t *sysctrl = (struct sysctrl_t *)CMSDK_SYSCTRL_BASE_S;
uint32_t reg_value = SCB->AIRCR;
@@ -162,9 +164,11 @@ void system_reset_cfg(void)
reg_value |= (uint32_t)(SCB_AIRCR_WRITE_MASK | SCB_AIRCR_SYSRESETREQS_Msk);
SCB->AIRCR = reg_value;
+
+ return TFM_PLAT_ERR_SUCCESS;
}
-void tfm_spm_hal_init_debug(void)
+enum tfm_plat_err_t init_debug(void)
{
volatile uint32_t *dbg_ctrl_p = (uint32_t*)DBG_CTRL_ADDR;
@@ -197,10 +201,11 @@ void tfm_spm_hal_init_debug(void)
*/
(void)dbg_ctrl_p;
#endif
+ return TFM_PLAT_ERR_SUCCESS;
}
/*----------------- NVIC interrupt target state to NS configuration ----------*/
-void nvic_interrupt_target_state_cfg()
+enum tfm_plat_err_t nvic_interrupt_target_state_cfg(void)
{
/* Target every interrupt to NS; unimplemented interrupts will be WI */
for (uint8_t i=0; i<sizeof(NVIC->ITNS)/sizeof(NVIC->ITNS[0]); i++) {
@@ -210,14 +215,24 @@ void nvic_interrupt_target_state_cfg()
/* Make sure that MPC and PPC are targeted to S state */
NVIC_ClearTargetState(S_MPC_COMBINED_IRQn);
NVIC_ClearTargetState(S_PPC_COMBINED_IRQn);
+
+ return TFM_PLAT_ERR_SUCCESS;
}
/*----------------- NVIC interrupt enabling for S peripherals ----------------*/
-void nvic_interrupt_enable()
+enum tfm_plat_err_t nvic_interrupt_enable(void)
{
+ int32_t ret = ARM_DRIVER_OK;
+
/* MPC interrupt enabling */
- Driver_EFLASH0_MPC.EnableInterrupt();
- Driver_CODE_SRAM_MPC.EnableInterrupt();
+ ret = Driver_EFLASH0_MPC.EnableInterrupt();
+ if (ret != ARM_DRIVER_OK) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
+ ret = Driver_CODE_SRAM_MPC.EnableInterrupt();
+ if (ret != ARM_DRIVER_OK) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
NVIC_EnableIRQ(S_MPC_COMBINED_IRQn);
/* PPC interrupt enabling */
@@ -230,11 +245,25 @@ void nvic_interrupt_enable()
Driver_APB_PPC0.ClearInterrupt();
/* Enable PPC interrupts for APB PPC */
- Driver_APB_PPC0.EnableInterrupt();
- Driver_APB_PPC1.EnableInterrupt();
- Driver_APB_PPCEXP0.EnableInterrupt();
- Driver_APB_PPCEXP1.EnableInterrupt();
+ ret = Driver_APB_PPC0.EnableInterrupt();
+ if (ret != ARM_DRIVER_OK) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
+ ret = Driver_APB_PPC1.EnableInterrupt();
+ if (ret != ARM_DRIVER_OK) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
+ ret = Driver_APB_PPCEXP0.EnableInterrupt();
+ if (ret != ARM_DRIVER_OK) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
+ ret = Driver_APB_PPCEXP1.EnableInterrupt();
+ if (ret != ARM_DRIVER_OK) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
NVIC_EnableIRQ(S_PPC_COMBINED_IRQn);
+
+ return TFM_PLAT_ERR_SUCCESS;
}
/*------------------- SAU/IDAU configuration functions -----------------------*/
@@ -284,50 +313,89 @@ void sau_and_idau_cfg(void)
/*------------------- Memory configuration functions -------------------------*/
-void mpc_init_cfg(void)
+int32_t mpc_init_cfg(void)
{
+ int32_t ret = ARM_DRIVER_OK;
+
ARM_DRIVER_MPC* mpc_data_region0 = &Driver_ISRAM0_MPC;
ARM_DRIVER_MPC* mpc_data_region1 = &Driver_ISRAM1_MPC;
ARM_DRIVER_MPC* mpc_data_region2 = &Driver_ISRAM2_MPC;
ARM_DRIVER_MPC* mpc_data_region3 = &Driver_ISRAM3_MPC;
- Driver_EFLASH0_MPC.Initialize();
- Driver_EFLASH0_MPC.ConfigRegion(memory_regions.non_secure_partition_base,
- memory_regions.non_secure_partition_limit,
- ARM_MPC_ATTR_NONSECURE);
+ ret = Driver_EFLASH0_MPC.Initialize();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_EFLASH0_MPC.ConfigRegion(
+ memory_regions.non_secure_partition_base,
+ memory_regions.non_secure_partition_limit,
+ ARM_MPC_ATTR_NONSECURE);
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
#ifdef BL2
/* Secondary image region */
- Driver_EFLASH0_MPC.ConfigRegion(memory_regions.secondary_partition_base,
- memory_regions.secondary_partition_limit,
- ARM_MPC_ATTR_NONSECURE);
+ ret = Driver_EFLASH0_MPC.ConfigRegion(
+ memory_regions.secondary_partition_base,
+ memory_regions.secondary_partition_limit,
+ ARM_MPC_ATTR_NONSECURE);
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
#endif /* BL2 */
- mpc_data_region0->Initialize();
- mpc_data_region0->ConfigRegion(MPC_ISRAM0_RANGE_BASE_S,
+ ret = mpc_data_region0->Initialize();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = mpc_data_region0->ConfigRegion(MPC_ISRAM0_RANGE_BASE_S,
MPC_ISRAM0_RANGE_LIMIT_S,
ARM_MPC_ATTR_SECURE);
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
- mpc_data_region1->Initialize();
- mpc_data_region1->ConfigRegion(MPC_ISRAM1_RANGE_BASE_S,
+ ret = mpc_data_region1->Initialize();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = mpc_data_region1->ConfigRegion(MPC_ISRAM1_RANGE_BASE_S,
MPC_ISRAM1_RANGE_LIMIT_S,
ARM_MPC_ATTR_SECURE);
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
- mpc_data_region2->Initialize();
- mpc_data_region2->ConfigRegion(MPC_ISRAM2_RANGE_BASE_NS,
+ ret = mpc_data_region2->Initialize();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = mpc_data_region2->ConfigRegion(MPC_ISRAM2_RANGE_BASE_NS,
MPC_ISRAM2_RANGE_LIMIT_NS,
ARM_MPC_ATTR_NONSECURE);
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
- mpc_data_region3->Initialize();
- mpc_data_region3->ConfigRegion(MPC_ISRAM3_RANGE_BASE_NS,
+ ret = mpc_data_region3->Initialize();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = mpc_data_region3->ConfigRegion(MPC_ISRAM3_RANGE_BASE_NS,
MPC_ISRAM3_RANGE_LIMIT_NS,
ARM_MPC_ATTR_NONSECURE);
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
/* Add barriers to assure the MPC configuration is done before continue
* the execution.
*/
__DSB();
__ISB();
+
+ return ARM_DRIVER_OK;
}
void mpc_revert_non_secure_to_secure_cfg(void)
@@ -356,76 +424,139 @@ void mpc_revert_non_secure_to_secure_cfg(void)
/*---------------------- PPC configuration functions -------------------------*/
-void ppc_init_cfg(void)
+int32_t ppc_init_cfg(void)
{
struct spctrl_def* spctrl = CMSDK_SPCTRL;
+ int32_t ret = ARM_DRIVER_OK;
/* Grant non-secure access to peripherals in the APB PPC0
* (timer0 and 1, dualtimer, mhu 0 and 1)
*/
- Driver_APB_PPC0.Initialize();
- Driver_APB_PPC0.ConfigPeriph(CMSDK_TIMER0_APB_PPC_POS,
+ ret = Driver_APB_PPC0.Initialize();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPC0.ConfigPeriph(CMSDK_TIMER0_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPC0.ConfigPeriph(CMSDK_TIMER1_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPC0.ConfigPeriph(CMSDK_TIMER1_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPC0.ConfigPeriph(CMSDK_DTIMER_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPC0.ConfigPeriph(CMSDK_DTIMER_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPC0.ConfigPeriph(CMSDK_MHU0_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPC0.ConfigPeriph(CMSDK_MHU0_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPC0.ConfigPeriph(CMSDK_MHU1_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPC0.ConfigPeriph(CMSDK_MHU1_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
/* Grant non-secure access for APB peripherals on EXP1 */
- Driver_APB_PPCEXP1.Initialize();
- Driver_APB_PPCEXP1.ConfigPeriph(MUSCA_B1_PWM0_APB_PPC_POS,
+ ret = Driver_APB_PPCEXP1.Initialize();
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP1.ConfigPeriph(MUSCA_B1_PWM0_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPCEXP1.ConfigPeriph(MUSCA_B1_PWM1_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP1.ConfigPeriph(MUSCA_B1_PWM1_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPCEXP1.ConfigPeriph(MUSCA_B1_PWM2_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP1.ConfigPeriph(MUSCA_B1_PWM2_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPCEXP1.ConfigPeriph(MUSCA_B1_I2S_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP1.ConfigPeriph(MUSCA_B1_I2S_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPCEXP1.ConfigPeriph(MUSCA_B1_UART0_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP1.ConfigPeriph(MUSCA_B1_UART0_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPCEXP1.ConfigPeriph(MUSCA_B1_UART1_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP1.ConfigPeriph(MUSCA_B1_UART1_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_AND_NONPRIV);
- Driver_APB_PPCEXP1.ConfigPeriph(MUSCA_B1_I2C0_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP1.ConfigPeriph(MUSCA_B1_I2C0_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPCEXP1.ConfigPeriph(MUSCA_B1_I2C1_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP1.ConfigPeriph(MUSCA_B1_I2C1_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPCEXP1.ConfigPeriph(MUSCA_B1_SPI_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP1.ConfigPeriph(MUSCA_B1_SPI_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPCEXP1.ConfigPeriph(MUSCA_B1_GPTIMER_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP1.ConfigPeriph(MUSCA_B1_GPTIMER_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPCEXP1.ConfigPeriph(MUSCA_B1_RTC_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP1.ConfigPeriph(MUSCA_B1_RTC_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPCEXP1.ConfigPeriph(MUSCA_B1_PVT_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP1.ConfigPeriph(MUSCA_B1_PVT_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
- Driver_APB_PPCEXP1.ConfigPeriph(MUSCA_B1_SDIO_APB_PPC_POS,
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
+ ret = Driver_APB_PPCEXP1.ConfigPeriph(MUSCA_B1_SDIO_APB_PPC_POS,
ARM_PPC_NONSECURE_ONLY,
ARM_PPC_PRIV_ONLY);
+ if (ret != ARM_DRIVER_OK) {
+ return ret;
+ }
/* Configure the response to a security violation as a
* bus error instead of RAZ/WI
*/
spctrl->secrespcfg |= 1U;
+
+ return ARM_DRIVER_OK;
}
void ppc_configure_to_non_secure(enum ppc_bank_e bank, uint16_t pos)
diff --git a/platform/ext/target/musca_b1/target_cfg.h b/platform/ext/target/musca_b1/target_cfg.h
index fabc345c7..26f2968b8 100644
--- a/platform/ext/target/musca_b1/target_cfg.h
+++ b/platform/ext/target/musca_b1/target_cfg.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2019 ARM Limited
+ * Copyright (c) 2018-2019 Arm Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -81,8 +81,10 @@ struct tfm_spm_partition_platform_data_t
/**
* \brief Configures the Memory Protection Controller.
+ *
+ * \return Returns error code.
*/
-void mpc_init_cfg(void);
+int32_t mpc_init_cfg(void);
/**
* \brief Set to secure the initialized non-secure regions of
@@ -92,8 +94,10 @@ void mpc_revert_non_secure_to_secure_cfg(void);
/**
* \brief Configures the Peripheral Protection Controller.
+ *
+ * \return Returns error code.
*/
-void ppc_init_cfg(void);
+int32_t ppc_init_cfg(void);
/**
* \brief Restict access to peripheral to secure
@@ -125,6 +129,45 @@ void ppc_clear_irq(void);
*/
void sau_and_idau_cfg(void);
+/**
+ * \brief Enables the fault handlers and sets priorities.
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
+ */
+enum tfm_plat_err_t enable_fault_handlers(void);
+
+/**
+ * \brief Configures the system reset request properties
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
+ */
+enum tfm_plat_err_t system_reset_cfg(void);
+
+/**
+ * \brief Configures the system debug properties.
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
+ */
+enum tfm_plat_err_t init_debug(void);
+
+/**
+ * \brief Configures all external interrupts to target the
+ * NS state, apart for the ones associated to secure
+ * peripherals (plus MPC and PPC)
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
+ */
+enum tfm_plat_err_t nvic_interrupt_target_state_cfg(void);
+
+/**
+ * \brief This function enable the interrupts associated
+ * to the secure peripherals (plus the isolation boundary violation
+ * interrupts)
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
+ */
+enum tfm_plat_err_t nvic_interrupt_enable(void);
+
#ifdef __cplusplus
}
#endif
diff --git a/platform/include/tfm_spm_hal.h b/platform/include/tfm_spm_hal.h
index 9f1e7a69a..2a33fe5ea 100644
--- a/platform/include/tfm_spm_hal.h
+++ b/platform/include/tfm_spm_hal.h
@@ -11,6 +11,7 @@
#include <stdint.h>
#include "tfm_secure_api.h"
#include "spm_api.h"
+#include "tfm_plat_defs.h"
/**
* \brief Holds peripheral specific data fields required to manage the
@@ -70,15 +71,19 @@ struct tfm_spm_partition_memory_data_t
* default configuration for them.
*
* This function is called during TF-M core early startup, before DB init
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
*/
-void tfm_spm_hal_init_isolation_hw(void);
+enum tfm_plat_err_t tfm_spm_hal_init_isolation_hw(void);
/**
* \brief This function initialises the HW used for isolation, and sets the
* default configuration for them.
* This function is called during TF-M core early startup, after DB init
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
*/
-void tfm_spm_hal_setup_isolation_hw(void);
+enum tfm_plat_err_t tfm_spm_hal_setup_isolation_hw(void);
/**
* \brief Configure peripherals for a partition based on the platfotm data from
@@ -102,34 +107,44 @@ void tfm_spm_hal_configure_default_isolation(
* option unless explicitly noted by the chip vendor.
* The implementation has to expect that one of those defines is going to
* be set. Otherwise, a compile error needs to be triggered.
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
*/
-void tfm_spm_hal_init_debug(void);
+enum tfm_plat_err_t tfm_spm_hal_init_debug(void);
/**
* \brief Enables the fault handlers and sets priorities.
*
* Secure fault (if present) must have the highest possible priority
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
*/
-void enable_fault_handlers(void);
+enum tfm_plat_err_t tfm_spm_hal_enable_fault_handlers(void);
/**
* \brief Configures the system reset request properties
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
*/
-void system_reset_cfg(void);
+enum tfm_plat_err_t tfm_spm_hal_system_reset_cfg(void);
/**
* \brief Configures all external interrupts to target the
* NS state, apart for the ones associated to secure
* peripherals (plus MPC and PPC)
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
*/
-void nvic_interrupt_target_state_cfg(void);
+enum tfm_plat_err_t tfm_spm_hal_nvic_interrupt_target_state_cfg(void);
/**
* \brief This function enable the interrupts associated
* to the secure peripherals (plus the isolation boundary violation
* interrupts)
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
*/
-void nvic_interrupt_enable(void);
+enum tfm_plat_err_t tfm_spm_hal_nvic_interrupt_enable(void);
/**
* \brief Get the VTOR value of non-secure image
@@ -162,8 +177,11 @@ uint32_t tfm_spm_hal_get_ns_entry_point(void);
* \details This function sets the priority for the IRQ passed in the parameter.
* The precision of the priority value might be adjusted to match the
* available priority bits in the underlying target platform.
+ *
+ * \return Returns values as specified by the \ref tfm_plat_err_t
*/
-void tfm_spm_hal_set_secure_irq_priority(int32_t irq_line, uint32_t priority);
+enum tfm_plat_err_t tfm_spm_hal_set_secure_irq_priority(int32_t irq_line,
+ uint32_t priority);
/**
* \brief Clears a pending IRQ
diff --git a/secure_fw/core/tfm_core.c b/secure_fw/core/tfm_core.c
index 81e179fa7..f2a790de3 100644
--- a/secure_fw/core/tfm_core.c
+++ b/secure_fw/core/tfm_core.c
@@ -86,10 +86,10 @@ int32_t tfm_core_init(void)
size_t i;
/* Enables fault handlers */
- enable_fault_handlers();
+ tfm_spm_hal_enable_fault_handlers();
/* Configures the system reset request properties */
- system_reset_cfg();
+ tfm_spm_hal_system_reset_cfg();
/* Configures debug authentication */
tfm_spm_hal_init_debug();
@@ -112,7 +112,7 @@ int32_t tfm_core_init(void)
/* Configures all interrupts to retarget NS state, except for
* secure peripherals
*/
- nvic_interrupt_target_state_cfg();
+ tfm_spm_hal_nvic_interrupt_target_state_cfg();
for (i = 0; i < tfm_core_irq_signals_count; ++i) {
tfm_spm_hal_set_secure_irq_priority(
@@ -123,7 +123,7 @@ int32_t tfm_core_init(void)
}
/* Enable secure peripherals interrupts */
- nvic_interrupt_enable();
+ tfm_spm_hal_nvic_interrupt_enable();
#ifdef TFM_PSA_API
/* FixMe: In case of IPC messaging, scratch area must not be referenced