From ae6bdc311c2126cd8856dd362a4076f3805e136c Mon Sep 17 00:00:00 2001 From: Oren Cohen Date: Wed, 24 Apr 2019 22:16:52 +0300 Subject: [PATCH 1/9] [trusted-firmware-m]: Updated to f2dea5b --- .../interface/src/tfm_ns_lock_rtx.c | 21 +-- .../COMPONENT_SPE/bl2/include/boot_record.h | 81 +++++++++++ .../bl2/include/tfm_boot_status.h | 10 ++ .../secure_fw/core/CMakeLists.inc | 71 ++++++++++ .../secure_fw/core/ipc/CMakeLists.inc | 74 ++++++++++ .../core/ipc/include/tfm_message_queue.h | 2 - .../secure_fw/core/ipc/include/tfm_spm.h | 10 +- .../core/ipc/include/tfm_spm_signal_defs.h | 15 ++ .../secure_fw/core/ipc/psa_client.c | 30 ++-- .../secure_fw/core/ipc/psa_service.c | 60 ++++---- .../secure_fw/core/ipc/tfm_arch_v8m.c | 10 +- .../secure_fw/core/ipc/tfm_spm.c | 114 +++------------ .../secure_fw/core/ipc/tfm_svcalls.c | 57 +++++--- .../secure_fw/core/secure_utilities.h | 12 +- .../secure_fw/core/tfm_boot_data.c | 24 ++-- .../COMPONENT_SPE/secure_fw/core/tfm_core.c | 44 ++++-- .../COMPONENT_SPE/secure_fw/core/tfm_core.h | 6 +- .../secure_fw/core/tfm_handler.c | 9 +- .../secure_fw/core/tfm_internal.h | 4 +- .../COMPONENT_SPE/secure_fw/core/tfm_nspm.c | 4 +- .../secure_fw/core/tfm_psa_api_client.c | 24 ++-- .../secure_fw/core/tfm_secure_api.c | 132 +++++++++--------- .../secure_fw/core/tfm_secure_api.h | 68 ++++++++- .../secure_fw/core/tfm_spm_services.c | 30 ++-- .../COMPONENT_SPE/secure_fw/core/tfm_svc.h | 4 +- .../secure_fw/spm/CMakeLists.inc | 61 ++++++++ .../COMPONENT_SPE/secure_fw/spm/spm_api.c | 53 +++++-- .../COMPONENT_SPE/secure_fw/spm/spm_api.h | 6 +- .../COMPONENT_SPE/secure_fw/spm/spm_db.h | 9 +- .../secure_fw/spm/spm_db_setup.h | 32 ++--- .../secure_fw/spm/spm_partition_defs.h | 2 +- .../TARGET_TFM/interface/include/tfm_api.h | 4 +- .../interface/include/tfm_ns_lock.h | 4 +- .../TARGET_TFM/interface/include/tfm_ns_svc.h | 6 +- 34 files changed, 722 insertions(+), 371 deletions(-) create mode 100644 components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/bl2/include/boot_record.h create mode 100644 components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/CMakeLists.inc create mode 100644 components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/CMakeLists.inc create mode 100644 components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_spm_signal_defs.h create mode 100644 components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/CMakeLists.inc diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_NSPE/interface/src/tfm_ns_lock_rtx.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_NSPE/interface/src/tfm_ns_lock_rtx.c index feece0be33..14fd76a0d6 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_NSPE/interface/src/tfm_ns_lock_rtx.c +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_NSPE/interface/src/tfm_ns_lock_rtx.c @@ -6,9 +6,9 @@ */ #include #include -#include "cmsis.h" -#include "rtx_os.h" + #include "cmsis_os2.h" + #include "tfm_api.h" #include "tfm_ns_lock.h" @@ -29,14 +29,11 @@ static struct ns_lock_state ns_lock = {.init=false, .id=NULL}; /** * \brief Mutex properties, NS lock */ - -static osRtxMutex_t ns_lock_cb = { 0 }; - static const osMutexAttr_t ns_lock_attrib = { .name = "ns_lock", .attr_bits = osMutexPrioInherit, - .cb_mem = &ns_lock_cb, - .cb_size = sizeof(ns_lock_cb) + .cb_mem = NULL, + .cb_size = 0U }; /** @@ -54,11 +51,15 @@ uint32_t tfm_ns_lock_dispatch(veneer_fn fn, } /* TFM request protected by NS lock */ - osMutexAcquire(ns_lock.id,osWaitForever); + if (osMutexAcquire(ns_lock.id,osWaitForever) != osOK) { + return TFM_ERROR_GENERIC; + } result = fn(arg0, arg1, arg2, arg3); - osMutexRelease(ns_lock.id); + if (osMutexRelease(ns_lock.id) != osOK) { + return TFM_ERROR_GENERIC; + } return result; } @@ -66,7 +67,7 @@ uint32_t tfm_ns_lock_dispatch(veneer_fn fn, /** * \brief NS world, Init NS lock */ -uint32_t tfm_ns_lock_init() +enum tfm_status_e tfm_ns_lock_init() { if (ns_lock.init == false) { ns_lock.id = osMutexNew(&ns_lock_attrib); diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/bl2/include/boot_record.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/bl2/include/boot_record.h new file mode 100644 index 0000000000..217a20684c --- /dev/null +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/bl2/include/boot_record.h @@ -0,0 +1,81 @@ +/* + * Copyright (c) 2018-2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __BOOT_RECORD_H__ +#define __BOOT_RECORD_H__ + +#include +#include +#include +#include "../ext/mcuboot/bootutil/include/bootutil/image.h" +#include "../ext/mcuboot/include/flash_map/flash_map.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/*! + * \enum shared_data_err_t + * + * \brief Return values for adding data entry to shared memory area + */ +enum shared_memory_err_t { + SHARED_MEMORY_OK = 0, + SHARED_MEMORY_OVERFLOW = 1, + SHARED_MEMORY_OVERWRITE = 2, + + /* This is used to force the maximum size */ + TLV_TYPE_MAX = INT_MAX +}; + +/*! + * \enum boot_status_err_t + * + * \brief Return values for saving boot status information to shared memory are + */ +enum boot_status_err_t { + BOOT_STATUS_OK, + BOOT_STATUS_ERROR, +}; + +/*! + * \brief Add a data item to the shared data area between bootloader and + * runtime SW + * + * \param[in] major_type TLV major type, identify consumer + * \param[in] minor_type TLV minor type, identify TLV type + * \param[in] size length of added data + * \param[in] data pointer to data + * + * \return Returns error code as specified in \ref shared_memory_err_t + */ +enum shared_memory_err_t +boot_add_data_to_shared_area(uint8_t major_type, + uint16_t minor_type, + size_t size, + const uint8_t *data); + +/*! + * \brief Add an image's all boot status information to the shared data area + * between bootloader and runtime SW + * + * \param[in] sw_module Identifier of the SW component + * \param[in] hdr Pointer to the image header stored in RAM + * \param[in] fap Pointer to the flash area where image is stored + * + * \return Returns error code as specified in \ref boot_status_err_t + */ +enum boot_status_err_t +boot_save_boot_status(uint8_t sw_module, + const struct image_header *hdr, + const struct flash_area *fap); + +#ifdef __cplusplus +} +#endif + +#endif /* __BOOT_RECORD_H__ */ diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/bl2/include/tfm_boot_status.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/bl2/include/tfm_boot_status.h index dbcc6ced47..f31743bebd 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/bl2/include/tfm_boot_status.h +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/bl2/include/tfm_boot_status.h @@ -197,6 +197,16 @@ struct shared_data_tlv_entry { uint16_t tlv_len; /* size of single TLV entry (including this header). */ }; +/** + * \struct tfm_boot_data + * + * \brief Store the data for the runtime SW + */ +struct tfm_boot_data { + struct shared_data_tlv_header header; + uint8_t data[]; +}; + #define SHARED_DATA_ENTRY_HEADER_SIZE sizeof(struct shared_data_tlv_entry) #define SHARED_DATA_ENTRY_SIZE(size) (size + SHARED_DATA_ENTRY_HEADER_SIZE) diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/CMakeLists.inc b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/CMakeLists.inc new file mode 100644 index 0000000000..0b290d5b01 --- /dev/null +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/CMakeLists.inc @@ -0,0 +1,71 @@ +#------------------------------------------------------------------------------- +# Copyright (c) 2017-2018, Arm Limited. All rights reserved. +# +# SPDX-License-Identifier: BSD-3-Clause +# +#------------------------------------------------------------------------------- + +#Definitions to compile the "core" module. +#This file assumes it will be included from a project specific cmakefile, and +#will not create a library or executable. +#Inputs: +# TFM_ROOT_DIR - directory where secure FW sourec is located. +# +#Outputs: +# Will modify include directories to make the source compile. +# ALL_SRC_C: C source files to be compiled will be added to this list. +# This shall be added to your add_executable or add_library command. +# ALL_SRC_CXX: C++ source files to be compiled will be added to this list. +# This shall be added to your add_executable or add_library command. +# ALL_SRC_ASM: assembly source files to be compiled will be added to this +# list. This shall be added to your add_executable or add_library +# command. +# Include directories will be modified by using the include_directories() +# commands as needed. + +#Get the current directory where this file is located. +set(SS_CORE_DIR ${CMAKE_CURRENT_LIST_DIR}) +if(NOT DEFINED TFM_ROOT_DIR) + message(FATAL_ERROR + "Please set TFM_ROOT_DIR before including this file.") +endif() + +set (SS_CORE_C_SRC + "${SS_CORE_DIR}/tfm_core.c" + "${SS_CORE_DIR}/tfm_handler.c" + "${SS_CORE_DIR}/tfm_secure_api.c" + "${SS_CORE_DIR}/tfm_spm_services.c" + "${SS_CORE_DIR}/tfm_nspm.c" + "${SS_CORE_DIR}/tfm_boot_data.c" + ) + +#Append all our source files to global lists. +list(APPEND ALL_SRC_C ${SS_CORE_C_SRC}) +unset(SS_CORE_C_SRC) + +#Setting include directories +embedded_include_directories(PATH ${TFM_ROOT_DIR} ABSOLUTE) +embedded_include_directories(PATH ${TFM_ROOT_DIR}/interface/include ABSOLUTE) +embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/spm ABSOLUTE) +embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/core ABSOLUTE) + +set(BUILD_CMSIS_CORE Off) +set(BUILD_RETARGET Off) +set(BUILD_NATIVE_DRIVERS Off) +set(BUILD_STARTUP Off) +set(BUILD_TARGET_CFG Off) +set(BUILD_TARGET_HARDWARE_KEYS Off) +set(BUILD_TARGET_NV_COUNTERS Off) +set(BUILD_CMSIS_DRIVERS Off) +set(BUILD_TIME Off) +set(BUILD_UART_STDOUT Off) +set(BUILD_FLASH Off) +set(BUILD_BOOT_SEED Off) +set(BUILD_DEVICE_ID Off) +if(NOT DEFINED PLATFORM_CMAKE_FILE) + message (FATAL_ERROR "Platform specific CMake is not defined. Please set PLATFORM_CMAKE_FILE.") +elseif(NOT EXISTS ${PLATFORM_CMAKE_FILE}) + message (FATAL_ERROR "Platform specific CMake \"${PLATFORM_CMAKE_FILE}\" file does not exist. Please fix value of PLATFORM_CMAKE_FILE.") +else() + include(${PLATFORM_CMAKE_FILE}) +endif() diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/CMakeLists.inc b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/CMakeLists.inc new file mode 100644 index 0000000000..59c074e60f --- /dev/null +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/CMakeLists.inc @@ -0,0 +1,74 @@ +#------------------------------------------------------------------------------- +# Copyright (c) 2018, Arm Limited. All rights reserved. +# +# SPDX-License-Identifier: BSD-3-Clause +# +#------------------------------------------------------------------------------- + +#Definitions to compile the "ipc" module. +#This file assumes it will be included from a project specific cmakefile, and +#will not create a library or executable. +#Inputs: +# TFM_ROOT_DIR - directory where secure FW sourec is located. +# +#Outputs: +# Will modify include directories to make the source compile. +# ALL_SRC_C: C source files to be compiled will be added to this list. +# This shall be added to your add_executable or add_library command. +# ALL_SRC_CXX: C++ source files to be compiled will be added to this list. +# This shall be added to your add_executable or add_library command. +# ALL_SRC_ASM: assembly source files to be compiled will be added to this +# list. This shall be added to your add_executable or add_library +# command. +# Include directories will be modified by using the include_directories() +# commands as needed. + +#Get the current directory where this file is located. +set(SS_IPC_DIR ${CMAKE_CURRENT_LIST_DIR}) +if(NOT DEFINED TFM_ROOT_DIR) + message(FATAL_ERROR + "Please set TFM_ROOT_DIR before including this file.") +endif() + +if (NOT DEFINED TFM_PSA_API) + message(FATAL_ERROR "Incomplete build configuration: TFM_PSA_API is undefined. ") +elseif (TFM_PSA_API) + set (SS_IPC_C_SRC "${SS_IPC_DIR}/tfm_svcalls.c" + "${SS_IPC_DIR}/psa_service.c" + "${SS_IPC_DIR}/psa_client.c" + "${SS_IPC_DIR}/tfm_arch_v8m.c" + "${SS_IPC_DIR}/tfm_thread.c" + "${SS_IPC_DIR}/tfm_wait.c" + "${SS_IPC_DIR}/tfm_utils.c" + "${SS_IPC_DIR}/tfm_message_queue.c" + "${SS_IPC_DIR}/tfm_pools.c" + "${SS_IPC_DIR}/tfm_spm.c" + "${SS_IPC_DIR}/../tfm_core.c" + "${SS_IPC_DIR}/../tfm_secure_api.c" + "${SS_IPC_DIR}/../tfm_spm_services.c" + "${SS_IPC_DIR}/../tfm_handler.c" + "${SS_IPC_DIR}/../tfm_psa_api_client.c" + "${SS_IPC_DIR}/../tfm_nspm.c" + "${SS_IPC_DIR}/../tfm_boot_data.c" + ) +endif() + +#Append all our source files to global lists. +list(APPEND ALL_SRC_C ${SS_IPC_C_SRC}) +unset(SS_IPC_C_SRC) + +#Setting include directories +embedded_include_directories(PATH ${TFM_ROOT_DIR} ABSOLUTE) +embedded_include_directories(PATH ${TFM_ROOT_DIR}/interface/include ABSOLUTE) +embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/spm ABSOLUTE) +embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/core ABSOLUTE) +embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/core/ipc ABSOLUTE) +embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/core/ipc/include ABSOLUTE) + +if(NOT DEFINED PLATFORM_CMAKE_FILE) + message (FATAL_ERROR "Platform specific CMake is not defined. Please set PLATFORM_CMAKE_FILE.") +elseif(NOT EXISTS ${PLATFORM_CMAKE_FILE}) + message (FATAL_ERROR "Platform specific CMake \"${PLATFORM_CMAKE_FILE}\" file does not exist. Please fix value of PLATFORM_CMAKE_FILE.") +else() + include(${PLATFORM_CMAKE_FILE}) +endif() diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_message_queue.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_message_queue.h index 44f5af44bf..a00c179893 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_message_queue.h +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_message_queue.h @@ -7,9 +7,7 @@ #ifndef __TFM_MESSAGE_QUEUE_H__ #define __TFM_MESSAGE_QUEUE_H__ -#ifndef TFM_MSG_QUEUE_MAX_MSG_NUM #define TFM_MSG_QUEUE_MAX_MSG_NUM 128 -#endif #define TFM_MSG_MAGIC 0x15154343 /* Message struct to collect parameter from client */ struct tfm_msg_body_t { diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_spm.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_spm.h index b089d008e9..62adf345af 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_spm.h +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_spm.h @@ -9,16 +9,13 @@ #include #include "tfm_list.h" +#include "tfm_secure_api.h" -#ifndef TFM_SPM_MAX_ROT_SERV_NUM #define TFM_SPM_MAX_ROT_SERV_NUM 28 -#endif #define TFM_VERSION_POLICY_RELAXED 0 #define TFM_VERSION_POLICY_STRICT 1 -#ifndef TFM_CONN_HANDLE_MAX_NUM #define TFM_CONN_HANDLE_MAX_NUM 32 -#endif /* RoT connection handle list */ struct tfm_conn_handle_t { @@ -283,12 +280,15 @@ int32_t tfm_spm_check_client_version(struct tfm_spm_service_t *service, * \param[in] buffer Pointer of memory reference * \param[in] len Length of memory reference in bytes * \param[in] ns_caller From non-secure caller + * \param[in] access Type of access specified by the + * \ref tfm_memory_access_e * * \retval IPC_SUCCESS Success * \retval IPC_ERROR_BAD_PARAMETERS Bad parameters input * \retval IPC_ERROR_MEMORY_CHECK Check failed */ -int32_t tfm_memory_check(void *buffer, size_t len, int32_t ns_caller); +int32_t tfm_memory_check(void *buffer, size_t len, int32_t ns_caller, + enum tfm_memory_access_e access); /* This function should be called before schedule function */ void tfm_spm_init(void); diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_spm_signal_defs.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_spm_signal_defs.h new file mode 100644 index 0000000000..0c1f01f055 --- /dev/null +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_spm_signal_defs.h @@ -0,0 +1,15 @@ +/* + * Copyright (c) 2018-2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ +#ifndef __TFM_SPM_SIGNAL_DEFS_H__ +#define __TFM_SPM_SIGNAL_DEFS_H__ + +#include "test/test_services/tfm_ipc_service/tfm_ipc_service_partition.h" +#include "test/test_services/tfm_core_test/tfm_ss_core_test_signal.h" +#include "test/test_services/tfm_core_test_2/tfm_ss_core_test_2_signal.h" +#include "secure_fw/services/secure_storage/tfm_sst_signal.h" + +#endif diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/psa_client.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/psa_client.c index f8fe605f02..8d71af7a8f 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/psa_client.c +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/psa_client.c @@ -13,25 +13,25 @@ __attribute__((naked)) uint32_t psa_framework_version(void) { - __ASM("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_FRAMEWORK_VERSION)); + __ASM volatile("SVC %0 \n" + "BX LR \n" + : : "I" (TFM_SVC_PSA_FRAMEWORK_VERSION)); } __attribute__((naked)) uint32_t psa_version(uint32_t sid) { - __ASM("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_VERSION)); + __ASM volatile("SVC %0 \n" + "BX LR \n" + : : "I" (TFM_SVC_PSA_VERSION)); } __attribute__((naked)) psa_handle_t psa_connect(uint32_t sid, uint32_t minor_version) { - __ASM("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_CONNECT)); + __ASM volatile("SVC %0 \n" + "BX LR \n" + : : "I" (TFM_SVC_PSA_CONNECT)); } __attribute__((naked)) @@ -41,15 +41,15 @@ psa_status_t psa_call(psa_handle_t handle, psa_outvec *out_vec, size_t out_len) { - __ASM("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_CALL)); + __ASM volatile("SVC %0 \n" + "BX LR \n" + : : "I" (TFM_SVC_PSA_CALL)); } __attribute__((naked)) void psa_close(psa_handle_t handle) { - __ASM("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_CLOSE)); + __ASM volatile("SVC %0 \n" + "BX LR \n" + : : "I" (TFM_SVC_PSA_CLOSE)); } diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/psa_service.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/psa_service.c index 487197168e..cd2e1cd09f 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/psa_service.c +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/psa_service.c @@ -15,25 +15,25 @@ __attribute__((naked)) psa_signal_t psa_wait(psa_signal_t signal_mask, uint32_t timeout) { - __ASM("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_WAIT)); + __ASM volatile("SVC %0 \n" + "BX LR \n" + : : "I" (TFM_SVC_PSA_WAIT)); } __attribute__((naked)) psa_status_t psa_get(psa_signal_t signal, psa_msg_t *msg) { - __ASM("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_GET)); + __ASM volatile("SVC %0 \n" + "BX LR \n" + : : "I" (TFM_SVC_PSA_GET)); } __attribute__((naked)) void psa_set_rhandle(psa_handle_t msg_handle, void *rhandle) { - __ASM("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_SET_RHANDLE)); + __ASM volatile("SVC %0 \n" + "BX LR \n" + : : "I" (TFM_SVC_PSA_SET_RHANDLE)); } __attribute__((naked)) @@ -41,56 +41,56 @@ size_t psa_read(psa_handle_t msg_handle, uint32_t invec_idx, void *buffer, size_t num_bytes) { - __ASM("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_READ)); + __ASM volatile("SVC %0 \n" + "BX LR \n" + : : "I" (TFM_SVC_PSA_READ)); } __attribute__((naked)) size_t psa_skip(psa_handle_t msg_handle, uint32_t invec_idx, size_t num_bytes) { - __ASM("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_SKIP)); + __ASM volatile("SVC %0 \n" + "BX LR \n" + : : "I" (TFM_SVC_PSA_SKIP)); } __attribute__((naked)) void psa_write(psa_handle_t msg_handle, uint32_t outvec_idx, const void *buffer, size_t num_bytes) { - __ASM("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_WRITE)); + __ASM volatile("SVC %0 \n" + "BX LR \n" + : : "I" (TFM_SVC_PSA_WRITE)); } __attribute__((naked)) void psa_reply(psa_handle_t msg_handle, psa_status_t retval) { - __ASM("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_REPLY)); + __ASM volatile("SVC %0 \n" + "BX LR \n" + : : "I" (TFM_SVC_PSA_REPLY)); } __attribute__((naked)) void psa_notify(int32_t partition_id) { - __ASM("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_NOTIFY)); + __ASM volatile("SVC %0 \n" + "BX LR \n" + : : "I" (TFM_SVC_PSA_NOTIFY)); } __attribute__((naked)) void psa_clear(void) { - __ASM("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_CLEAR)); + __ASM volatile("SVC %0 \n" + "BX LR \n" + : : "I" (TFM_SVC_PSA_CLEAR)); } __attribute__((naked)) void psa_eoi(psa_signal_t irq_signal) { - __ASM("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_EOI)); + __ASM volatile("SVC %0 \n" + "BX LR \n" + : : "I" (TFM_SVC_PSA_EOI)); } diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_arch_v8m.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_arch_v8m.c index bbf597a56e..137c3e75b6 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_arch_v8m.c +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_arch_v8m.c @@ -94,7 +94,7 @@ void tfm_initialize_context(struct tfm_state_context *ctx, #if defined(__ARM_ARCH_8M_MAIN__) __attribute__((naked)) void PendSV_Handler(void) { - __ASM( + __ASM volatile( "mrs r0, psp \n" "mrs r1, psplim \n" "push {r0, r1, r2, lr} \n" @@ -111,7 +111,7 @@ __attribute__((naked)) void PendSV_Handler(void) #elif defined(__ARM_ARCH_8M_BASE__) __attribute__((naked)) void PendSV_Handler(void) { - __ASM( + __ASM volatile( "mrs r0, psp \n" "mrs r1, psplim \n" "push {r0, r1, r2, lr} \n" @@ -143,14 +143,14 @@ __attribute__((naked)) void PendSV_Handler(void) /* Reserved for future usage */ __attribute__((naked)) void MemManage_Handler(void) { - __ASM("b ."); + __ASM volatile("b ."); } __attribute__((naked)) void BusFault_Handler(void) { - __ASM("b ."); + __ASM volatile("b ."); } __attribute__((naked)) void UsageFault_Handler(void) { - __ASM("b ."); + __ASM volatile("b ."); } diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_spm.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_spm.c index d80c18348c..bb5357dbbb 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_spm.c +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_spm.c @@ -12,6 +12,7 @@ #include "psa_client.h" #include "psa_service.h" #include "tfm_utils.h" +#include "platform/include/tfm_spm_hal.h" #include "spm_api.h" #include "spm_db.h" #include "spm_db_setup.h" @@ -46,7 +47,7 @@ TFM_POOL_DECLARE(msg_db_pool, sizeof(struct tfm_msg_body_t), TFM_MSG_QUEUE_MAX_MSG_NUM); static struct tfm_spm_service_db_t g_spm_service_db[] = { - #include "tfm_service_list.inc" + #include "secure_fw/services/tfm_service_list.inc" }; /********************** SPM functions for handler mode ***********************/ @@ -109,8 +110,6 @@ int32_t tfm_spm_free_conn_handle(struct tfm_spm_service_t *service, /* Remove node from handle list */ tfm_list_del_node(&node->list); - node->rhandle = NULL; - /* Back handle buffer to pool */ tfm_pool_free(node); return IPC_SUCCESS; @@ -273,7 +272,7 @@ int32_t tfm_spm_check_client_version(struct tfm_spm_service_t *service, switch (service->service_db->minor_policy) { case TFM_VERSION_POLICY_RELAXED: - if (minor_version > service->service_db->minor_version) { + if (minor_version < service->service_db->minor_version) { return IPC_ERROR_VERSION; } break; @@ -432,19 +431,15 @@ tfm_spm_partition_get_thread_info_ext(uint32_t partition_idx) return &g_spm_partition_db.partitions[partition_idx].sp_thrd; } -static uint32_t tfm_spm_partition_get_stack_size_ext(uint32_t partition_idx) +static uint32_t tfm_spm_partition_get_stack_base_ext(uint32_t partition_idx) { - return g_spm_partition_db.partitions[partition_idx].stack_size; + return (uint32_t)&(g_spm_partition_db.partitions[partition_idx]. + stack[TFM_STACK_SIZE]); } static uint32_t tfm_spm_partition_get_stack_limit_ext(uint32_t partition_idx) { - return g_spm_partition_db.partitions[partition_idx].stack_limit; -} - -static uint32_t tfm_spm_partition_get_stack_base_ext(uint32_t partition_idx) -{ - return tfm_spm_partition_get_stack_limit_ext(partition_idx) + tfm_spm_partition_get_stack_size_ext(partition_idx); + return (uint32_t)&g_spm_partition_db.partitions[partition_idx].stack; } static tfm_thrd_func_t @@ -460,46 +455,11 @@ static uint32_t tfm_spm_partition_get_priority_ext(uint32_t partition_idx) partition_priority; } -/* Macros to pick linker symbols and allow references to sections in all level*/ -#define REGION_DECLARE_EXT(a, b, c) extern uint32_t REGION_NAME(a, b, c) - -REGION_DECLARE_EXT(Image$$, ARM_LIB_HEAP, $$ZI$$Base); -REGION_DECLARE_EXT(Image$$, ARM_LIB_HEAP, $$ZI$$Limit); -REGION_DECLARE_EXT(Image$$, ER_TFM_DATA, $$ZI$$Base); -REGION_DECLARE_EXT(Image$$, ER_TFM_DATA, $$ZI$$Limit); -REGION_DECLARE_EXT(Image$$, ER_TFM_DATA, $$RW$$Base); -REGION_DECLARE_EXT(Image$$, ER_TFM_DATA, $$RW$$Limit); -REGION_DECLARE_EXT(Image$$, TFM_SECURE_STACK, $$ZI$$Base); -REGION_DECLARE_EXT(Image$$, TFM_SECURE_STACK, $$ZI$$Limit); -REGION_DECLARE_EXT(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Base); -REGION_DECLARE_EXT(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Limit); - -/* - * \brief Check the memory whether in the given range. - * - * \param[in] buffer Pointer of memory reference - * \param[in] len Length of memory reference in bytes - * \param[in] base The base address - * \param[in] limit The limit address, the first byte of next - * area memory - * - * \retval IPC_SUCCESS Success - * \retval IPC_ERROR_MEMORY_CHECK Check failed - */ -static int32_t memory_check_range(const void *buffer, size_t len, - uintptr_t base, uintptr_t limit) -{ - if (((uintptr_t)buffer >= base) && - ((uintptr_t)((uint8_t *)buffer + len - 1) < limit)) { - return IPC_SUCCESS; - } - return IPC_ERROR_MEMORY_CHECK; -} - /* FixMe: This is only valid for TFM LVL 1 now */ -int32_t tfm_memory_check(void *buffer, size_t len, int32_t ns_caller) +int32_t tfm_memory_check(void *buffer, size_t len, int32_t ns_caller, + enum tfm_memory_access_e access) { - uintptr_t base, limit; + int32_t err; /* If len is zero, this indicates an empty buffer and base is ignored */ if (len == 0) { @@ -514,55 +474,13 @@ int32_t tfm_memory_check(void *buffer, size_t len, int32_t ns_caller) return IPC_ERROR_MEMORY_CHECK; } - if (ns_caller) { - base = (uintptr_t)NS_DATA_START; - limit = (uintptr_t)(NS_DATA_START + NS_DATA_SIZE); - if (memory_check_range(buffer, len, base, limit) == IPC_SUCCESS) { - return IPC_SUCCESS; - } - - base = (uintptr_t)NS_CODE_START; - limit = (uintptr_t)(NS_CODE_START + NS_CODE_SIZE); - if (memory_check_range(buffer, len, base, limit) == IPC_SUCCESS) { - return IPC_SUCCESS; - } + if (access == TFM_MEMORY_ACCESS_RW) { + err = tfm_core_has_write_access_to_region(buffer, len, ns_caller); } else { - base = (uintptr_t)®ION_NAME(Image$$, ARM_LIB_HEAP, $$ZI$$Base); - limit = (uintptr_t)®ION_NAME(Image$$, ARM_LIB_HEAP, $$ZI$$Limit); - if (memory_check_range(buffer, len, base, limit) == IPC_SUCCESS) { - return IPC_SUCCESS; - } - - base = (uintptr_t)®ION_NAME(Image$$, ER_TFM_DATA, $$RW$$Base); - limit = (uintptr_t)®ION_NAME(Image$$, ER_TFM_DATA, $$RW$$Limit); - if (memory_check_range(buffer, len, base, limit) == IPC_SUCCESS) { - return IPC_SUCCESS; - } - - base = (uintptr_t)®ION_NAME(Image$$, ER_TFM_DATA, $$ZI$$Base); - limit = (uintptr_t)®ION_NAME(Image$$, ER_TFM_DATA, $$ZI$$Limit); - if (memory_check_range(buffer, len, base, limit) == IPC_SUCCESS) { - return IPC_SUCCESS; - } - - base = (uintptr_t)®ION_NAME(Image$$, TFM_SECURE_STACK, $$ZI$$Base); - limit = (uintptr_t)®ION_NAME(Image$$, TFM_SECURE_STACK, $$ZI$$Limit); - if (memory_check_range(buffer, len, base, limit) == IPC_SUCCESS) { - return IPC_SUCCESS; - } - - base = (uintptr_t)®ION_NAME(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Base); - limit = (uintptr_t)®ION_NAME(Image$$, TFM_UNPRIV_SCRATCH, - $$ZI$$Limit); - if (memory_check_range(buffer, len, base, limit) == IPC_SUCCESS) { - return IPC_SUCCESS; - } - - base = (uintptr_t)S_CODE_START; - limit = (uintptr_t)(S_CODE_START + S_CODE_SIZE); - if (memory_check_range(buffer, len, base, limit) == IPC_SUCCESS) { - return IPC_SUCCESS; - } + err = tfm_core_has_read_access_to_region(buffer, len, ns_caller); + } + if (err == 1) { + return IPC_SUCCESS; } return IPC_ERROR_MEMORY_CHECK; diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_svcalls.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_svcalls.c index 5483ba3d43..29f9130499 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_svcalls.c +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_svcalls.c @@ -148,12 +148,16 @@ psa_status_t tfm_svcall_psa_call(uint32_t *args, int32_t ns_caller, uint32_t lr) * FixMe: From non-secure caller, vec and len are composed into a new * struct parameter. Need to extract them. */ + /* + * Read parameters from the arguments. It is a fatal error if the + * memory reference for buffer is invalid or not readable. + */ if (tfm_memory_check((void *)args[1], sizeof(uint32_t), - ns_caller) != IPC_SUCCESS) { + ns_caller, TFM_MEMORY_ACCESS_RO) != IPC_SUCCESS) { tfm_panic(); } if (tfm_memory_check((void *)args[2], sizeof(uint32_t), - ns_caller) != IPC_SUCCESS) { + ns_caller, TFM_MEMORY_ACCESS_RO) != IPC_SUCCESS) { tfm_panic(); } @@ -175,13 +179,22 @@ psa_status_t tfm_svcall_psa_call(uint32_t *args, int32_t ns_caller, uint32_t lr) tfm_panic(); } - /* It is a fatal error if an invalid memory reference was provide. */ + /* + * Read client invecs from the wrap input vector. It is a fatal error + * if the memory reference for the wrap input vector is invalid or not + * readable. + */ if (tfm_memory_check((void *)inptr, in_num * sizeof(psa_invec), - ns_caller) != IPC_SUCCESS) { + ns_caller, TFM_MEMORY_ACCESS_RO) != IPC_SUCCESS) { tfm_panic(); } + /* + * Read client outvecs from the wrap output vector and will update the + * actual length later. It is a fatal error if the memory reference for + * the wrap output vector is invalid or not read-write. + */ if (tfm_memory_check((void *)outptr, out_num * sizeof(psa_outvec), - ns_caller) != IPC_SUCCESS) { + ns_caller, TFM_MEMORY_ACCESS_RW) != IPC_SUCCESS) { tfm_panic(); } @@ -193,18 +206,22 @@ psa_status_t tfm_svcall_psa_call(uint32_t *args, int32_t ns_caller, uint32_t lr) tfm_memcpy(outvecs, outptr, out_num * sizeof(psa_outvec)); /* - * It is a fatal error if an invalid payload memory reference - * was provided. + * For client input vector, it is a fatal error if the provided payload + * memory reference was invalid or not readable. */ for (i = 0; i < in_num; i++) { if (tfm_memory_check((void *)invecs[i].base, invecs[i].len, - ns_caller) != IPC_SUCCESS) { + ns_caller, TFM_MEMORY_ACCESS_RO) != IPC_SUCCESS) { tfm_panic(); } } + /* + * For client output vector, it is a fatal error if the provided payload + * memory reference was invalid or not read-write. + */ for (i = 0; i < out_num; i++) { if (tfm_memory_check(outvecs[i].base, outvecs[i].len, - ns_caller) != IPC_SUCCESS) { + ns_caller, TFM_MEMORY_ACCESS_RW) != IPC_SUCCESS) { tfm_panic(); } } @@ -360,11 +377,11 @@ static psa_status_t tfm_svcall_psa_get(uint32_t *args) } /* - * It is a fatal error if the input msg pointer is not a valid memory - * reference. + * Write the message to the service buffer. It is a fatal error if the + * input msg pointer is not a valid memory reference or not read-write. */ if (tfm_memory_check((void *)msg, sizeof(psa_msg_t), - false) != IPC_SUCCESS) { + false, TFM_MEMORY_ACCESS_RW) != IPC_SUCCESS) { tfm_panic(); } @@ -517,11 +534,11 @@ static size_t tfm_svcall_psa_read(uint32_t *args) } /* - * It is a fatal error if the memory reference for buffer is invalid or - * not writable + * Copy the client data to the service buffer. It is a fatal error + * if the memory reference for buffer is invalid or not read-write. */ - /* FixMe: write permission check to be added */ - if (tfm_memory_check(buffer, num_bytes, false) != IPC_SUCCESS) { + if (tfm_memory_check(buffer, num_bytes, false, + TFM_MEMORY_ACCESS_RW) != IPC_SUCCESS) { tfm_panic(); } @@ -671,8 +688,12 @@ static void tfm_svcall_psa_write(uint32_t *args) tfm_panic(); } - /* It is a fatal error if the memory reference for buffer is valid */ - if (tfm_memory_check(buffer, num_bytes, false) != IPC_SUCCESS) { + /* + * Copy the service buffer to client outvecs. It is a fatal error + * if the memory reference for buffer is invalid or not readable. + */ + if (tfm_memory_check(buffer, num_bytes, false, + TFM_MEMORY_ACCESS_RO) != IPC_SUCCESS) { tfm_panic(); } diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/secure_utilities.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/secure_utilities.h index 8c96de8f3d..d367fe8400 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/secure_utilities.h +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/secure_utilities.h @@ -25,8 +25,6 @@ #define EXC_NUM_PENDSV (14) #define EXC_NUM_SYSTICK (15) -#define printf(...) - /* Disable NS exceptions by setting NS PRIMASK to 1 */ #define TFM_NS_EXC_DISABLE() __TZ_set_PRIMASK_NS(1) /* Enable NS exceptions by setting NS PRIMASK to 0 */ @@ -51,9 +49,9 @@ struct tfm_exc_stack_t { #endif #define LOG_MSG_THR(MSG) \ - __ASM("MOV r0, %0\n" \ - "SVC %1\n" \ - : : "r" (MSG), "I" (TFM_SVC_PRINT)) + __ASM volatile("MOV r0, %0\n" \ + "SVC %1\n" \ + : : "r" (MSG), "I" (TFM_SVC_PRINT)) #define LOG_MSG(MSG) \ do { \ @@ -96,14 +94,14 @@ __STATIC_INLINE uint32_t __get_active_exc_num(void) } __attribute__ ((always_inline)) -__STATIC_INLINE void __set_CONTROL_SPSEL(int32_t SPSEL) +__STATIC_INLINE void __set_CONTROL_SPSEL(uint32_t SPSEL) { CONTROL_Type ctrl; ctrl.w = __get_CONTROL(); ctrl.b.SPSEL = SPSEL; __set_CONTROL(ctrl.w); - __asm("ISB"); + __ISB(); } #endif /* __SECURE_UTILITIES_H__ */ diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_boot_data.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_boot_data.c index 9d659600d4..3ec8b8e7fd 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_boot_data.c +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_boot_data.c @@ -39,9 +39,9 @@ static uint32_t is_boot_data_valid = BOOT_DATA_INVALID; void tfm_core_validate_boot_data(void) { - struct shared_data_tlv_header *tlv_header; + struct tfm_boot_data *boot_data; - tlv_header = (struct shared_data_tlv_header *)BOOT_TFM_SHARED_DATA_BASE; + boot_data = (struct tfm_boot_data *)BOOT_TFM_SHARED_DATA_BASE; /* FixMe: Enhance sanity check of shared memory area, it might be invalid: * - temporal exposure of RAM to non-secure actors @@ -49,7 +49,7 @@ void tfm_core_validate_boot_data(void) * - version mismatch between bootloader and runtime binary * - etc. */ - if (tlv_header->tlv_magic == SHARED_DATA_TLV_INFO_MAGIC) { + if (boot_data->header.tlv_magic == SHARED_DATA_TLV_INFO_MAGIC) { is_boot_data_valid = BOOT_DATA_VALID; } } @@ -62,7 +62,7 @@ void tfm_core_get_boot_data_handler(uint32_t args[]) uint8_t *ptr; uint32_t running_partition_idx = tfm_spm_partition_get_running_partition_idx(); - struct shared_data_tlv_header *tlv_header; + struct tfm_boot_data *boot_data; struct shared_data_tlv_entry tlv_entry; uintptr_t tlv_end, offset; uint32_t res; @@ -88,8 +88,8 @@ void tfm_core_get_boot_data_handler(uint32_t args[]) } /* Get the boundaries of TLV section */ - tlv_header = (struct shared_data_tlv_header *)BOOT_TFM_SHARED_DATA_BASE; - tlv_end = BOOT_TFM_SHARED_DATA_BASE + tlv_header->tlv_tot_len; + boot_data = (struct tfm_boot_data *)BOOT_TFM_SHARED_DATA_BASE; + tlv_end = BOOT_TFM_SHARED_DATA_BASE + boot_data->header.tlv_tot_len; offset = BOOT_TFM_SHARED_DATA_BASE + SHARED_DATA_HEADER_SIZE; /* Add header to output buffer as well */ @@ -97,10 +97,10 @@ void tfm_core_get_boot_data_handler(uint32_t args[]) args[0] = TFM_ERROR_INVALID_PARAMETER; return; } else { - tlv_header = (struct shared_data_tlv_header *)buf_start; - tlv_header->tlv_magic = SHARED_DATA_TLV_INFO_MAGIC; - tlv_header->tlv_tot_len = SHARED_DATA_HEADER_SIZE; - ptr = (uint8_t *)tlv_header + SHARED_DATA_HEADER_SIZE; + boot_data = (struct tfm_boot_data *)buf_start; + boot_data->header.tlv_magic = SHARED_DATA_TLV_INFO_MAGIC; + boot_data->header.tlv_tot_len = SHARED_DATA_HEADER_SIZE; + ptr = boot_data->data; } /* Iterates over the TLV section and copy TLVs with requested major @@ -113,7 +113,7 @@ void tfm_core_get_boot_data_handler(uint32_t args[]) SHARED_DATA_ENTRY_HEADER_SIZE); if (GET_MAJOR(tlv_entry.tlv_type) == tlv_major) { /* Check buffer overflow */ - if ((ptr - buf_start + tlv_entry.tlv_len) > buf_size) { + if (((ptr - buf_start) + tlv_entry.tlv_len) > buf_size) { args[0] = TFM_ERROR_INVALID_PARAMETER; return; } @@ -121,7 +121,7 @@ void tfm_core_get_boot_data_handler(uint32_t args[]) tfm_memcpy(ptr, (const void *)offset, tlv_entry.tlv_len); ptr += tlv_entry.tlv_len; - tlv_header->tlv_tot_len += tlv_entry.tlv_len; + boot_data->header.tlv_tot_len += tlv_entry.tlv_len; } } args[0] = TFM_SUCCESS; diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_core.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_core.c index db5921061e..ef24f48848 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_core.c +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_core.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017-2018, Arm Limited. All rights reserved. + * Copyright (c) 2017-2019, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause * @@ -11,6 +11,7 @@ #include "tfm_internal.h" #include "tfm_api.h" #include "platform/include/tfm_spm_hal.h" +#include "uart_stdout.h" #include "secure_utilities.h" #include "secure_fw/spm/spm_api.h" #include "secure_fw/include/tfm_spm_services_api.h" @@ -43,8 +44,8 @@ __asm(" .global __ARM_use_no_argv\n"); #ifndef TFM_LVL #error TFM_LVL is not defined! #endif -#if (TFM_LVL != 1) && (TFM_LVL != 3) -#error Only TFM_LVL 1 and 3 are supported! +#if (TFM_LVL != 1) && (TFM_LVL != 2) && (TFM_LVL != 3) +#error Only TFM_LVL 1, 2 and 3 are supported! #endif /* Macros to pick linker symbols and allow to form the partition data base */ @@ -87,6 +88,7 @@ int32_t tfm_core_init(void) __enable_irq(); + stdio_init(); LOG_MSG("Secure image initializing!"); #ifdef TFM_CORE_DEBUG @@ -129,6 +131,23 @@ static int32_t tfm_core_set_secure_exception_priorities(void) /* FixMe: Explicitly set secure fault and Secure SVC priority to highest */ + /* + * Set secure PendSV priority to the lowest in SECURE state. + * + * IMPORTANT NOTE: + * + * Although the priority of the secure PendSV must be the lowest possible + * among other interrupts in the Secure state, it must be ensured that + * PendSV is not preempted nor masked by Non-Secure interrupts to ensure + * the integrity of the Secure operation. + * When AIRCR.PRIS is set, the Non-Secure execution can act on + * FAULTMASK_NS, PRIMASK_NS or BASEPRI_NS register to boost its priority + * number up to the value 0x80. + * For this reason, set the priority of the PendSV interrupt to the next + * priority level configurable on the platform, just below 0x80. + */ + NVIC_SetPriority(PendSV_IRQn, (1 << (__NVIC_PRIO_BITS - 1)) - 1); + return TFM_SUCCESS; } @@ -152,9 +171,13 @@ void tfm_core_spm_request_handler(const struct tfm_exc_stack_t *svc_ctx) int main(void) { - tfm_core_init(); + if (tfm_core_init() != 0) { + /* Placeholder for error handling, currently ignored. */ + } - tfm_spm_db_init(); + if (tfm_spm_db_init() != SPM_ERR_OK) { + /* Placeholder for error handling, currently ignored. */ + } tfm_spm_hal_setup_isolation_hw(); @@ -171,6 +194,12 @@ int main(void) */ } + /* + * Prioritise secure exceptions to avoid NS being able to pre-empt + * secure SVC or SecureFault. Do it before PSA API initialization. + */ + tfm_core_set_secure_exception_priorities(); + #ifdef TFM_PSA_API tfm_spm_init(); #endif @@ -187,10 +216,5 @@ int main(void) tfm_spm_partition_set_state(TFM_SP_NON_SECURE_ID, SPM_PARTITION_STATE_RUNNING); - /* Prioritise secure exceptions to avoid NS being able to pre-empt secure - * SVC or SecureFault - */ - tfm_core_set_secure_exception_priorities(); - jump_to_ns_code(); } diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_core.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_core.h index a30a0fa136..94470d0bdb 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_core.h +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_core.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017, Arm Limited. All rights reserved. + * Copyright (c) 2017-2019, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause * @@ -8,11 +8,11 @@ #ifndef __TFM_CORE_H__ #define __TFM_CORE_H__ -#include "arm_cmse.h" +#include #include "tfm_svc.h" #include "secure_utilities.h" -extern int32_t tfm_scratch_area_size; +extern uint32_t tfm_scratch_area_size; extern uint8_t *tfm_scratch_area; #endif /* __TFM_CORE_H__ */ diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_handler.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_handler.c index f104a1bf22..ef07a13ac7 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_handler.c +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_handler.c @@ -9,7 +9,6 @@ #include #include "secure_utilities.h" -#include "arm_acle.h" #include "tfm_svc.h" #include "tfm_secure_api.h" #include "region_defs.h" @@ -66,9 +65,9 @@ void SecureFault_Handler(void) /* Only save the context if sp is valid */ if ((sp >= S_DATA_START && - sp <= S_DATA_LIMIT - sizeof(tfm_fault_context) + 1) || + sp <= (S_DATA_LIMIT - sizeof(tfm_fault_context)) + 1) || (sp >= NS_DATA_START && - sp <= NS_DATA_LIMIT - sizeof(tfm_fault_context) + 1)) { + sp <= (NS_DATA_LIMIT - sizeof(tfm_fault_context)) + 1)) { tfm_memcpy(&tfm_fault_context, (const void *)sp, sizeof(tfm_fault_context)); @@ -103,7 +102,7 @@ void HardFault_Handler(void) #if defined(__ARM_ARCH_8M_MAIN__) __attribute__((naked)) void SVC_Handler(void) { - __ASM( + __ASM volatile( "TST lr, #4\n" /* Check store SP in thread mode to r0 */ "IT EQ\n" "BXEQ lr\n" @@ -116,7 +115,7 @@ __attribute__((naked)) void SVC_Handler(void) #elif defined(__ARM_ARCH_8M_BASE__) __attribute__((naked)) void SVC_Handler(void) { - __ASM( + __ASM volatile( ".syntax unified\n" "MOVS r0, #4\n" /* Check store SP in thread mode to r0 */ "MOV r1, lr\n" diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_internal.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_internal.h index 18a56ecdac..6273478833 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_internal.h +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_internal.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018, Arm Limited. All rights reserved. + * Copyright (c) 2018-2019, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause * @@ -35,7 +35,7 @@ void jump_to_ns_code(void); * \brief Called if veneer is running in thread mode */ uint32_t tfm_core_partition_request_svc_handler( - uint32_t *svc_args, uint32_t lr); + const uint32_t *svc_args, uint32_t lr); /** * \brief Called when secure service returns diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_nspm.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_nspm.c index 8912b0422e..3188e2831d 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_nspm.c +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_nspm.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018, Arm Limited. All rights reserved. + * Copyright (c) 2018-2019, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause * @@ -121,7 +121,7 @@ TZ_MemoryId_t TZ_AllocModuleContext_S (TZ_ModuleId_t module) } /* TZ_MemoryId_t must be a positive integer */ - tz_id = free_index + 1; + tz_id = (TZ_MemoryId_t)free_index + 1; NsClientIdList[free_index].ns_client_id = get_next_ns_client_id(); #ifdef PRINT_NSPM_DEBUG printf("TZ_AllocModuleContext_S called, returning id %d\r\n", diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_psa_api_client.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_psa_api_client.c index 36f2c16358..15c0317c8b 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_psa_api_client.c +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_psa_api_client.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018, Arm Limited. All rights reserved. + * Copyright (c) 2018-2019, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause * @@ -43,14 +43,20 @@ int32_t tfm_psa_veneer_sanity_check(struct tfm_sfn_req_s *desc_ptr) return tfm_core_ns_ipc_request(fn, (int32_t)a, (int32_t)b, \ (int32_t)c, (int32_t)d) +__attribute__ ((naked)) +static int32_t tfm_core_ipc_request(const struct tfm_sfn_req_s *desc_ptr) +{ + __ASM volatile("SVC %0 \n" + "BX LR \n" + : : "I" (TFM_SVC_IPC_REQUEST)); +} + __attribute__ ((always_inline)) __STATIC_INLINE int32_t tfm_core_ns_ipc_request(void *fn, int32_t arg1, int32_t arg2, int32_t arg3, int32_t arg4) { int32_t args[4] = {arg1, arg2, arg3, arg4}; - volatile struct tfm_sfn_req_s desc; - struct tfm_sfn_req_s *desc_ptr = &desc; - int32_t res; + struct tfm_sfn_req_s desc = {0}; desc.sfn = fn; desc.args = args; @@ -61,13 +67,7 @@ int32_t tfm_core_ns_ipc_request(void *fn, int32_t arg1, int32_t arg2, /* FIXME: Proper error handling to be implemented */ return TFM_ERROR_INVALID_EXC_MODE; } else { - __ASM("MOV r0, %1\n" - "SVC %2\n" - "MOV %0, r0\n" - : "=r" (res) - : "r" (desc_ptr), "I" (TFM_SVC_IPC_REQUEST) - : "r0"); - return res; + return tfm_core_ipc_request(&desc); } } @@ -99,7 +99,7 @@ psa_handle_t tfm_psa_connect_veneer(uint32_t sid, uint32_t minor_version) __tfm_secure_gateway_attributes__ psa_status_t tfm_psa_call_veneer(psa_handle_t handle, const psa_invec *in_vecs, - psa_outvec *out_vecs) + const psa_invec *out_vecs) { TFM_CORE_NS_IPC_REQUEST_VENEER(tfm_svcall_psa_call, handle, in_vecs, out_vecs, 0); diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_secure_api.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_secure_api.c index 0b11881bb7..65a4cb0167 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_secure_api.c +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_secure_api.c @@ -12,6 +12,7 @@ #include "tfm_secure_api.h" #include "tfm_nspm.h" #include "secure_utilities.h" +#include "uart_stdout.h" #include "secure_fw/spm/spm_api.h" #include "region_defs.h" #include "tfm_api.h" @@ -50,17 +51,17 @@ static int32_t is_iovec_api_call(void) return curr_part_data->iovec_api; } -static int32_t *prepare_partition_ctx( - struct tfm_exc_stack_t *svc_ctx, - struct tfm_sfn_req_s *desc_ptr, - int32_t *dst) +static uint32_t *prepare_partition_ctx( + const struct tfm_exc_stack_t *svc_ctx, + const struct tfm_sfn_req_s *desc_ptr, + uint32_t *dst) { /* XPSR = as was when called, but make sure it's thread mode */ - *(--dst) = svc_ctx->XPSR & 0xFFFFFE00; + *(--dst) = svc_ctx->XPSR & 0xFFFFFE00U; /* ReturnAddress = resume veneer in new context */ *(--dst) = svc_ctx->RetAddr; /* LR = sfn address */ - *(--dst) = (int32_t)desc_ptr->sfn; + *(--dst) = (uint32_t)desc_ptr->sfn; /* R12 = don't care */ *(--dst) = 0; @@ -74,20 +75,20 @@ static int32_t *prepare_partition_ctx( return dst; } -static int32_t *prepare_partition_iovec_ctx( - struct tfm_exc_stack_t *svc_ctx, - struct tfm_sfn_req_s *desc_ptr, - struct iovec_args_t *iovec_args, - int32_t *dst) +static uint32_t *prepare_partition_iovec_ctx( + const struct tfm_exc_stack_t *svc_ctx, + const struct tfm_sfn_req_s *desc_ptr, + const struct iovec_args_t *iovec_args, + uint32_t *dst) { /* XPSR = as was when called, but make sure it's thread mode */ - *(--dst) = svc_ctx->XPSR & 0xFFFFFE00; + *(--dst) = svc_ctx->XPSR & 0xFFFFFE00U; /* ReturnAddress = resume veneer in new context */ *(--dst) = svc_ctx->RetAddr; /* LR = sfn address */ - *(--dst) = (int32_t)desc_ptr->sfn; + *(--dst) = (uint32_t)desc_ptr->sfn; /* R12 = don't care */ - *(--dst) = 0; + *(--dst) = 0U; /* R0-R3 = sfn arguments */ *(--dst) = iovec_args->out_len; @@ -99,7 +100,7 @@ static int32_t *prepare_partition_iovec_ctx( } static void restore_caller_ctx( - struct tfm_exc_stack_t *svc_ctx, + const struct tfm_exc_stack_t *svc_ctx, struct tfm_exc_stack_t *target_ctx) { /* ReturnAddress = resume veneer after second SVC */ @@ -157,7 +158,7 @@ static int32_t check_address_range(const void *p, size_t s, * * \return 1 if the partition has access to the memory range, 0 otherwise. */ -static int32_t has_access_to_region(const void *p, size_t s, uint32_t flags) +static int32_t has_access_to_region(const void *p, size_t s, int flags) { int32_t range_access_allowed_by_mpu; @@ -192,22 +193,10 @@ static int32_t has_access_to_region(const void *p, size_t s, uint32_t flags) check_address_range(p, s, NS_DATA_START, NS_DATA_LIMIT+1-NS_DATA_START); } -/** - * \brief Check whether the current partition has read access to a memory range - * - * This function assumes, that the current MPU configuration is set for the - * partition to be checked. - * - * \param[in] p The start address of the range to check - * \param[in] s The size of the range to check - * \param[in] ns_caller Whether the current partition is a non-secure one - * - * \return 1 if the partition has access to the memory range, 0 otherwise. - */ -static int32_t has_read_access_to_region(const void *p, size_t s, - int32_t ns_caller) +int32_t tfm_core_has_read_access_to_region(const void *p, size_t s, + uint32_t ns_caller) { - uint32_t flags = CMSE_MPU_UNPRIV|CMSE_MPU_READ; + int flags = CMSE_MPU_UNPRIV|CMSE_MPU_READ; if (ns_caller) { flags |= CMSE_NONSECURE; @@ -216,21 +205,10 @@ static int32_t has_read_access_to_region(const void *p, size_t s, return has_access_to_region(p, s, flags); } -/** - * \brief Check whether the current partition has write access to a memory range - * - * This function assumes, that the current MPU configuration is set for the - * partition to be checked. - * - * \param[in] p The start address of the range to check - * \param[in] s The size of the range to check - * \param[in] ns_caller Whether the current partition is a non-secure one - * - * \return 1 if the partition has access to the memory range, 0 otherwise. - */ -static int32_t has_write_access_to_region(void *p, size_t s, int32_t ns_caller) +int32_t tfm_core_has_write_access_to_region(void *p, size_t s, + uint32_t ns_caller) { - uint32_t flags = CMSE_MPU_UNPRIV|CMSE_MPU_READWRITE; + int flags = CMSE_MPU_UNPRIV|CMSE_MPU_READWRITE; if (ns_caller) { flags |= CMSE_NONSECURE; @@ -247,15 +225,23 @@ static int32_t has_write_access_to_region(void *p, size_t s, int32_t ns_caller) * \return Return /ref TFM_SUCCESS if the iovec parameters are valid, error code * otherwise as in /ref tfm_status_e */ -static int32_t tfm_core_check_sfn_parameters(struct tfm_sfn_req_s *desc_ptr) +static int32_t tfm_core_check_sfn_parameters( + const struct tfm_sfn_req_s *desc_ptr) { struct psa_invec *in_vec = (psa_invec *)desc_ptr->args[0]; - size_t in_len = desc_ptr->args[1]; + size_t in_len; struct psa_outvec *out_vec = (psa_outvec *)desc_ptr->args[2]; - size_t out_len = desc_ptr->args[3]; + size_t out_len; uint32_t i; + if ((desc_ptr->args[1] < 0) || (desc_ptr->args[3] < 0)) { + return TFM_ERROR_INVALID_PARAMETER; + } + + in_len = (size_t)(desc_ptr->args[1]); + out_len = (size_t)(desc_ptr->args[3]); + /* The number of vectors are within range. Extra checks to avoid overflow */ if ((in_len > PSA_MAX_IOVEC) || (out_len > PSA_MAX_IOVEC) || (in_len + out_len > PSA_MAX_IOVEC)) { @@ -267,8 +253,9 @@ static int32_t tfm_core_check_sfn_parameters(struct tfm_sfn_req_s *desc_ptr) */ if (in_len > 0) { if ((in_vec == NULL) || - (has_write_access_to_region(in_vec, sizeof(psa_invec)*in_len, - desc_ptr->ns_caller) != 1)) { + (tfm_core_has_write_access_to_region(in_vec, + sizeof(psa_invec)*in_len, + desc_ptr->ns_caller) != 1)) { return TFM_ERROR_INVALID_PARAMETER; } } else { @@ -278,8 +265,9 @@ static int32_t tfm_core_check_sfn_parameters(struct tfm_sfn_req_s *desc_ptr) } if (out_len > 0) { if ((out_vec == NULL) || - (has_write_access_to_region(out_vec, sizeof(psa_outvec)*out_len, - desc_ptr->ns_caller) != 1)) { + (tfm_core_has_write_access_to_region(out_vec, + sizeof(psa_outvec)*out_len, + desc_ptr->ns_caller) != 1)) { return TFM_ERROR_INVALID_PARAMETER; } } else { @@ -294,8 +282,9 @@ static int32_t tfm_core_check_sfn_parameters(struct tfm_sfn_req_s *desc_ptr) for (i = 0; i < in_len; ++i) { if (in_vec[i].len > 0) { if ((in_vec[i].base == NULL) || - (has_read_access_to_region(in_vec[i].base, in_vec[i].len, - desc_ptr->ns_caller) != 1)) { + (tfm_core_has_read_access_to_region(in_vec[i].base, + in_vec[i].len, + desc_ptr->ns_caller) != 1)) { return TFM_ERROR_INVALID_PARAMETER; } } @@ -303,8 +292,9 @@ static int32_t tfm_core_check_sfn_parameters(struct tfm_sfn_req_s *desc_ptr) for (i = 0; i < out_len; ++i) { if (out_vec[i].len > 0) { if ((out_vec[i].base == NULL) || - (has_write_access_to_region(out_vec[i].base, out_vec[i].len, - desc_ptr->ns_caller) != 1)) { + (tfm_core_has_write_access_to_region(out_vec[i].base, + out_vec[i].len, + desc_ptr->ns_caller) != 1)) { return TFM_ERROR_INVALID_PARAMETER; } } @@ -316,7 +306,7 @@ static int32_t tfm_core_check_sfn_parameters(struct tfm_sfn_req_s *desc_ptr) static void tfm_copy_iovec_parameters(struct iovec_args_t *target, const struct iovec_args_t *source) { - int i; + size_t i; target->in_len = source->in_len; for (i = 0; i < source->in_len; ++i) { @@ -346,7 +336,7 @@ static void tfm_clear_iovec_parameters(struct iovec_args_t *args) } } -static int32_t tfm_start_partition(struct tfm_sfn_req_s *desc_ptr, +static int32_t tfm_start_partition(const struct tfm_sfn_req_s *desc_ptr, uint32_t excReturn) { uint32_t caller_partition_idx = desc_ptr->caller_part_idx; @@ -479,18 +469,21 @@ static int32_t tfm_start_partition(struct tfm_sfn_req_s *desc_ptr, iovec_args = (struct iovec_args_t *) ((uint32_t)®ION_NAME(Image$$, TFM_SECURE_STACK, $$ZI$$Limit)- sizeof(struct iovec_args_t)); - tfm_spm_partition_set_iovec(partition_idx, desc_ptr->args); + if (tfm_spm_partition_set_iovec(partition_idx, desc_ptr->args) != + SPM_ERR_OK) { + return TFM_ERROR_GENERIC; + } tfm_copy_iovec_parameters(iovec_args, &(curr_part_data->iovec_args)); /* Prepare the partition context, update stack ptr */ psp = (uint32_t)prepare_partition_iovec_ctx(svc_ctx, desc_ptr, iovec_args, - (int32_t *)partition_psp); + (uint32_t *)partition_psp); } else { /* Prepare the partition context, update stack ptr */ psp = (uint32_t)prepare_partition_ctx(svc_ctx, desc_ptr, - (int32_t *)partition_psp); + (uint32_t *)partition_psp); } __set_PSP(psp); __set_PSPLIM(partition_psplim); @@ -505,17 +498,20 @@ static int32_t tfm_start_partition(struct tfm_sfn_req_s *desc_ptr, iovec_args = (struct iovec_args_t *)(tfm_spm_partition_get_stack_top(partition_idx) - sizeof(struct iovec_args_t)); - tfm_spm_partition_set_iovec(partition_idx, desc_ptr->args); + if (tfm_spm_partition_set_iovec(partition_idx, desc_ptr->args) != + SPM_ERR_OK) { + return TFM_ERROR_GENERIC; + } tfm_copy_iovec_parameters(iovec_args, &(curr_part_data->iovec_args)); /* Prepare the partition context, update stack ptr */ psp = (uint32_t)prepare_partition_iovec_ctx(svc_ctx, desc_ptr, iovec_args, - (int32_t *)partition_psp); + (uint32_t *)partition_psp); } else { /* Prepare the partition context, update stack ptr */ psp = (uint32_t)prepare_partition_ctx(svc_ctx, desc_ptr, - (int32_t *)partition_psp); + (uint32_t *)partition_psp); } __set_PSP(psp); __set_PSPLIM(partition_psplim); @@ -538,7 +534,7 @@ static int32_t tfm_return_from_partition(uint32_t *excReturn) uint32_t return_partition_idx; uint32_t return_partition_flags; uint32_t psp = __get_PSP(); - int i; + size_t i; struct tfm_exc_stack_t *svc_ctx = (struct tfm_exc_stack_t *)psp; struct iovec_args_t *iovec_args; @@ -676,7 +672,7 @@ void tfm_secure_api_error_handler(void) } } -static int32_t tfm_check_sfn_req_integrity(struct tfm_sfn_req_s *desc_ptr) +static int32_t tfm_check_sfn_req_integrity(const struct tfm_sfn_req_s *desc_ptr) { if ((desc_ptr == NULL) || (desc_ptr->sp_id == 0) || @@ -688,7 +684,7 @@ static int32_t tfm_check_sfn_req_integrity(struct tfm_sfn_req_s *desc_ptr) } static int32_t tfm_core_check_sfn_req_rules( - struct tfm_sfn_req_s *desc_ptr) + const struct tfm_sfn_req_s *desc_ptr) { /* Check partition idx validity */ if (desc_ptr->caller_part_idx == SPM_INVALID_PARTITION_IDX) { @@ -1046,7 +1042,7 @@ void tfm_core_memory_permission_check_handler(uint32_t *svc_args) /* This SVC handler is called if veneer is running in thread mode */ uint32_t tfm_core_partition_request_svc_handler( - struct tfm_exc_stack_t *svc_ctx, uint32_t excReturn) + const struct tfm_exc_stack_t *svc_ctx, uint32_t excReturn) { struct tfm_sfn_req_s *desc_ptr; diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_secure_api.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_secure_api.h index 8ab85facdb..50f635708e 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_secure_api.h +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_secure_api.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017-2018, Arm Limited. All rights reserved. + * Copyright (c) 2017-2019, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause * @@ -8,11 +8,12 @@ #ifndef __TFM_SECURE_API_H__ #define __TFM_SECURE_API_H__ -#include "arm_cmse.h" +#include #include "tfm_svc.h" #include "secure_utilities.h" #include "tfm_core.h" #include "tfm_api.h" +#include "bl2/include/tfm_boot_status.h" /*! * \def __tfm_secure_gateway_attributes__ @@ -46,7 +47,7 @@ struct tfm_sfn_req_s { int32_t *args; uint32_t caller_part_idx; int32_t iovec_api; - int32_t ns_caller : 1; + uint32_t ns_caller; }; enum tfm_buffer_share_region_e { @@ -81,13 +82,44 @@ extern int32_t tfm_core_memory_permission_check(const void *ptr, uint32_t size, int32_t access); -extern int32_t tfm_core_get_boot_data(uint8_t major_type, void *ptr, +extern int32_t tfm_core_get_boot_data(uint8_t major_type, + struct tfm_boot_data *boot_data, uint32_t len); -int32_t tfm_core_sfn_request(struct tfm_sfn_req_s *desc_ptr); +int32_t tfm_core_sfn_request(const struct tfm_sfn_req_s *desc_ptr); int32_t tfm_core_sfn_request_thread_mode(struct tfm_sfn_req_s *desc_ptr); +/** + * \brief Check whether the current partition has read access to a memory range + * + * This function assumes, that the current MPU configuration is set for the + * partition to be checked. + * + * \param[in] p The start address of the range to check + * \param[in] s The size of the range to check + * \param[in] ns_caller Whether the current partition is a non-secure one + * + * \return 1 if the partition has access to the memory range, 0 otherwise. + */ +int32_t tfm_core_has_read_access_to_region(const void *p, size_t s, + uint32_t ns_caller); + +/** + * \brief Check whether the current partition has write access to a memory range + * + * This function assumes, that the current MPU configuration is set for the + * partition to be checked. + * + * \param[in] p The start address of the range to check + * \param[in] s The size of the range to check + * \param[in] ns_caller Whether the current partition is a non-secure one + * + * \return 1 if the partition has access to the memory range, 0 otherwise. + */ +int32_t tfm_core_has_write_access_to_region(void *p, size_t s, + uint32_t ns_caller); + #define TFM_CORE_IOVEC_SFN_REQUEST(id, fn, a, b, c, d) \ return tfm_core_partition_request(id, fn, TFM_SFN_API_IOVEC, \ (int32_t)a, (int32_t)b, (int32_t)c, (int32_t)d) @@ -106,7 +138,31 @@ int32_t tfm_core_partition_request(uint32_t id, void *fn, int32_t iovec_api, desc.sp_id = id; desc.sfn = fn; desc.args = args; - desc.ns_caller = cmse_nonsecure_caller(); + /* + * This preprocessor condition checks if a version of GCC smaller than + * 7.3.1 is being used to compile the code. + * These versions are affected by a bug on the cmse_nonsecure_caller + * intrinsic which returns incorrect results. + * Please check Bug 85203 on GCC Bugzilla for more information. + */ +#if defined(__GNUC__) && !defined(__ARMCC_VERSION) && \ + (__GNUC__ < 7 || \ + (__GNUC__ == 7 && (__GNUC_MINOR__ < 3 || \ + (__GNUC_MINOR__ == 3 && __GNUC_PATCHLEVEL__ < 1)))) + /* + * Use the fact that, if called from Non-Secure, the LSB of the return + * address is set to 0. + */ + desc.ns_caller = (uint32_t)!( + (intptr_t)__builtin_extract_return_addr(__builtin_return_address(0U)) + & 1); +#else + /* + * Convert the result of cmse_nonsecure_caller from an int to a uint32_t + * to prevent using an int in the tfm_sfn_req_s structure. + */ + desc.ns_caller = (cmse_nonsecure_caller() != 0) ? 1U : 0U; +#endif /* Check for GCC compiler version smaller than 7.3.1 */ desc.iovec_api = iovec_api; if (__get_active_exc_num() != EXC_NUM_THREAD_MODE) { /* FixMe: Error severity TBD */ diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_spm_services.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_spm_services.c index 2714851424..dadf66f02c 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_spm_services.c +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_spm_services.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017-2018, Arm Limited. All rights reserved. + * Copyright (c) 2017-2019, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause * @@ -13,7 +13,7 @@ #include "secure_fw/include/tfm_spm_services_api.h" uint8_t *tfm_scratch_area; -int32_t tfm_scratch_area_size; +uint32_t tfm_scratch_area_size; nsfptr_t ns_entry; void jump_to_ns_code(void) @@ -36,9 +36,9 @@ void jump_to_ns_code(void) #if defined(__ARM_ARCH_8M_MAIN__) __attribute__((naked)) int32_t tfm_core_sfn_request( - struct tfm_sfn_req_s *desc_ptr) + const struct tfm_sfn_req_s *desc_ptr) { - __ASM( + __ASM volatile( "PUSH {r4-r12, lr}\n" "SVC %[SVC_REQ]\n" "MOV r4, #0\n" @@ -58,9 +58,9 @@ __attribute__((naked)) int32_t tfm_core_sfn_request( } #elif defined(__ARM_ARCH_8M_BASE__) __attribute__((naked)) int32_t tfm_core_sfn_request( - struct tfm_sfn_req_s *desc_ptr) + const struct tfm_sfn_req_s *desc_ptr) { - __ASM( + __ASM volatile( ".syntax unified\n" "PUSH {lr}\n" "PUSH {r4-r7}\n" @@ -104,7 +104,7 @@ int32_t tfm_core_memory_permission_check(const void *ptr, uint32_t len, int32_t access) { - __ASM( + __ASM volatile( "SVC %0\n" "BX lr\n" : : "I" (TFM_SVC_MEMORY_CHECK)); @@ -113,7 +113,7 @@ int32_t tfm_core_memory_permission_check(const void *ptr, __attribute__((naked)) int32_t tfm_core_get_caller_client_id(int32_t *caller_client_id) { - __ASM( + __ASM volatile( "SVC %0\n" "BX LR\n" : : "I" (TFM_SVC_GET_CALLER_CLIENT_ID)); @@ -122,7 +122,7 @@ int32_t tfm_core_get_caller_client_id(int32_t *caller_client_id) __attribute__((naked)) int32_t tfm_spm_request_reset_vote(void) { - __ASM( + __ASM volatile( "MOVS R0, %0\n" "B tfm_spm_request\n" : : "I" (TFM_SPM_REQUEST_RESET_VOTE)); @@ -131,7 +131,7 @@ int32_t tfm_spm_request_reset_vote(void) __attribute__((naked)) int32_t tfm_spm_request(void) { - __ASM( + __ASM volatile( "SVC %0\n" "BX lr\n" : : "I" (TFM_SVC_SPM_REQUEST)); @@ -140,7 +140,7 @@ int32_t tfm_spm_request(void) __attribute__((naked)) int32_t tfm_core_validate_secure_caller(void) { - __ASM( + __ASM volatile( "SVC %0\n" "BX lr\n" : : "I" (TFM_SVC_VALIDATE_SECURE_CALLER)); @@ -149,16 +149,18 @@ int32_t tfm_core_validate_secure_caller(void) __attribute__((naked)) int32_t tfm_core_set_buffer_area(enum tfm_buffer_share_region_e share) { - __ASM( + __ASM volatile( "SVC %0\n" "BX lr\n" : : "I" (TFM_SVC_SET_SHARE_AREA)); } __attribute__((naked)) -int32_t tfm_core_get_boot_data(uint8_t major_type, void *ptr, uint32_t len) +int32_t tfm_core_get_boot_data(uint8_t major_type, + struct tfm_boot_data *boot_status, + uint32_t len) { - __ASM( + __ASM volatile( "SVC %0\n" "BX lr\n" : : "I" (TFM_SVC_GET_BOOT_DATA)); diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_svc.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_svc.h index 44ad9ff73d..e4ed34b1b6 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_svc.h +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_svc.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017-2018, Arm Limited. All rights reserved. + * Copyright (c) 2017-2019, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause * @@ -43,6 +43,6 @@ typedef enum { #endif } tfm_svc_number_t; -#define SVC(code) __ASM("svc %0" : : "I" (code)) +#define SVC(code) __ASM volatile("svc %0" : : "I" (code)) #endif /* __TFM_SVC_H__ */ diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/CMakeLists.inc b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/CMakeLists.inc new file mode 100644 index 0000000000..d1e57d888f --- /dev/null +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/CMakeLists.inc @@ -0,0 +1,61 @@ +#------------------------------------------------------------------------------- +# Copyright (c) 2017-2018, Arm Limited. All rights reserved. +# +# SPDX-License-Identifier: BSD-3-Clause +# +#------------------------------------------------------------------------------- + +#Definitions to compile the "spm" module. +#This file assumes it will be included from a project specific cmakefile, and +#will not create a library or executable. +#Inputs: +# TFM_ROOT_DIR - root directory of the TF-M repository. +# +#Outputs: +# Will modify include directories to make the source compile. +# ALL_SRC_C: C source files to be compiled will be added to this list. This shall be added to your add_executable or add_library command. +# ALL_SRC_CXX: C++ source files to be compiled will be added to this list. This shall be added to your add_executable or add_library command. +# ALL_SRC_ASM: assembly source files to be compiled will be added to this list. This shall be added to your add_executable or add_library command. +# Include directories will be modified by using the include_directories() commands as needed. + +#Get the current directory where this file is located. +set(SS_SPM_DIR ${CMAKE_CURRENT_LIST_DIR}) +if(NOT DEFINED TFM_ROOT_DIR) + message(FATAL_ERROR "Please set TFM_ROOT_DIR before including this file.") +endif() + +set (SS_SPM_C_SRC "${SS_SPM_DIR}/spm_api.c") + + +#Append all our source files to global lists. +list(APPEND ALL_SRC_C ${SS_SPM_C_SRC}) +unset(SS_SPM_C_SRC) + +#Setting include directories +embedded_include_directories(PATH ${TFM_ROOT_DIR} ABSOLUTE) +embedded_include_directories(PATH ${TFM_ROOT_DIR}/interface/include ABSOLUTE) +embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/spm ABSOLUTE) +embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/core ABSOLUTE) +embedded_include_directories(PATH ${TFM_ROOT_DIR} ABSOLUTE) + +set(BUILD_CMSIS_CORE Off) +set(BUILD_RETARGET Off) +set(BUILD_NATIVE_DRIVERS Off) +set(BUILD_STARTUP Off) +set(BUILD_TARGET_CFG Off) +set(BUILD_TARGET_HARDWARE_KEYS Off) +set(BUILD_TARGET_NV_COUNTERS Off) +set(BUILD_CMSIS_DRIVERS Off) +set(BUILD_TIME Off) +set(BUILD_UART_STDOUT Off) +set(BUILD_FLASH Off) +set(BUILD_BOOT_SEED Off) +set(BUILD_DEVICE_ID Off) +if(NOT DEFINED PLATFORM_CMAKE_FILE) + message (FATAL_ERROR "Platform specific CMake is not defined. Please set PLATFORM_CMAKE_FILE.") +elseif(NOT EXISTS ${PLATFORM_CMAKE_FILE}) + message (FATAL_ERROR "Platform specific CMake \"${PLATFORM_CMAKE_FILE}\" file does not exist. Please fix value of PLATFORM_CMAKE_FILE.") +else() + include(${PLATFORM_CMAKE_FILE}) +endif() + diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_api.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_api.c index ff994d8bab..02b3f07c96 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_api.c +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_api.c @@ -33,7 +33,7 @@ typedef enum { * returned. */ static void tfm_spm_partition_err_handler( - struct spm_partition_desc_t *partition, + const struct spm_partition_desc_t *partition, sp_error_type_t err_type, int32_t err_code) { @@ -42,17 +42,32 @@ static void tfm_spm_partition_err_handler( printf("Partition init failed for partition id 0x%08X\r\n", partition->static_data.partition_id); } else { - printf("Unknown partition error %d for partition id 0x%08X\r\n", - err_type, partition->static_data.partition_id); + printf( + "Unknown partition error %d (code: %d) for partition id 0x%08X\r\n", + err_type, err_code, partition->static_data.partition_id); } +#else + (void)err_type; + (void)err_code; #endif tfm_spm_partition_set_state(partition->static_data.partition_id, SPM_PARTITION_STATE_CLOSED); } +/* + * This function prevents name clashes between the variable names accessibles in + * the scope of where tfm_partition_list.inc is included and the varaible names + * defined inside tfm_partition_list.inc file. + */ +static inline enum spm_err_t add_user_defined_partitions(void) { + #include "secure_fw/services/tfm_partition_list.inc" + + return SPM_ERR_OK; +} + uint32_t get_partition_idx(uint32_t partition_id) { - int i; + uint32_t i; if (partition_id == INVALID_PARTITION_ID) { return SPM_INVALID_PARTITION_IDX; @@ -70,8 +85,9 @@ uint32_t get_partition_idx(uint32_t partition_id) enum spm_err_t tfm_spm_db_init(void) { struct spm_partition_desc_t *part_ptr; + enum spm_err_t err; - tfm_memset (&g_spm_partition_db, 0, sizeof(g_spm_partition_db)); + (void)tfm_memset (&g_spm_partition_db, 0, sizeof(g_spm_partition_db)); /* This function initialises partition db */ g_spm_partition_db.running_partition_idx = SPM_INVALID_PARTITION_IDX; @@ -121,8 +137,10 @@ enum spm_err_t tfm_spm_db_init(void) part_ptr->runtime_data.partition_state = SPM_PARTITION_STATE_UNINIT; ++g_spm_partition_db.partition_count; - /* Add user-defined secure partitions */ - #include "tfm_partition_list.inc" + err = add_user_defined_partitions(); + if (err != SPM_ERR_OK) { + return err; + } g_spm_partition_db.is_init = 1; @@ -154,7 +172,7 @@ enum spm_err_t tfm_spm_partition_init(void) int32_t res; desc.args = args; - desc.ns_caller = 0; + desc.ns_caller = 0U; desc.iovec_api = TFM_SFN_API_IOVEC; desc.sfn = (sfn_t)part->static_data.partition_init; desc.sp_id = part->static_data.partition_id; @@ -314,20 +332,25 @@ enum spm_err_t tfm_spm_partition_set_share(uint32_t partition_idx, return ret; } -void tfm_spm_partition_set_iovec(uint32_t partition_idx, int32_t *args) +enum spm_err_t tfm_spm_partition_set_iovec(uint32_t partition_idx, + const int32_t *args) { struct spm_partition_runtime_data_t *runtime_data = &g_spm_partition_db.partitions[partition_idx].runtime_data; - int32_t i; + size_t i; - runtime_data->iovec_args.in_len = args[1]; - for (i = 0; i < runtime_data->iovec_args.in_len; ++i) { + if ((args[1] < 0) || (args[3] < 0)) { + return SPM_ERR_INVALID_PARAMETER; + } + + runtime_data->iovec_args.in_len = (size_t)args[1]; + for (i = 0U; i < runtime_data->iovec_args.in_len; ++i) { runtime_data->iovec_args.in_vec[i].base = ((psa_invec *)args[0])[i].base; runtime_data->iovec_args.in_vec[i].len = ((psa_invec *)args[0])[i].len; } - runtime_data->iovec_args.out_len = args[3]; - for (i = 0; i < runtime_data->iovec_args.out_len; ++i) { + runtime_data->iovec_args.out_len = (size_t)args[3]; + for (i = 0U; i < runtime_data->iovec_args.out_len; ++i) { runtime_data->iovec_args.out_vec[i].base = ((psa_outvec *)args[2])[i].base; runtime_data->iovec_args.out_vec[i].len = @@ -335,6 +358,8 @@ void tfm_spm_partition_set_iovec(uint32_t partition_idx, int32_t *args) } runtime_data->orig_outvec = (psa_outvec *)args[2]; runtime_data->iovec_api = 1; + + return SPM_ERR_OK; } uint32_t tfm_spm_partition_get_running_partition_idx(void) diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_api.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_api.h index 89d4564e16..67accd5e8a 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_api.h +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_api.h @@ -20,6 +20,7 @@ enum spm_err_t { SPM_ERR_PARTITION_DB_NOT_INIT, SPM_ERR_PARTITION_ALREADY_ACTIVE, SPM_ERR_PARTITION_NOT_AVAILABLE, + SPM_ERR_INVALID_PARAMETER, SPM_ERR_INVALID_CONFIG, }; @@ -297,11 +298,14 @@ enum spm_err_t tfm_spm_partition_set_share(uint32_t partition_idx, * args[2] is out_vec * args[3] is out_len * + * \return Error code \ref spm_err_t + * * \note This function doesn't check if partition_idx is valid. * \note This function assumes that the iovecs that are passed in args are * valid, and does no sanity check on them at all. */ -void tfm_spm_partition_set_iovec(uint32_t partition_idx, int32_t *args); +enum spm_err_t tfm_spm_partition_set_iovec(uint32_t partition_idx, + const int32_t *args); /** * \brief Initialize partition database diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_db.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_db.h index 8247424eda..7bfaa3c12b 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_db.h +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_db.h @@ -21,7 +21,7 @@ typedef psa_status_t(*sp_init_function)(void); #define TFM_PARTITION_TYPE_APP "APPLICATION-ROT" #define TFM_PARTITION_TYPE_PSA "PSA-ROT" -#define TFM_STACK_SIZE 1024 +#define TFM_STACK_SIZE (1024 * 5) #ifdef TFM_PSA_API enum tfm_partition_priority { @@ -65,10 +65,11 @@ struct spm_partition_desc_t { #ifdef TFM_PSA_API struct tfm_thrd_ctx sp_thrd; /* - * stack_limit points to starting address of the partitions' stack plus the partitions' stack size. + * FixMe: Hard code stack is not aligned with the definition in the + * manifest. It will use the partition stacks in the linker scripts/sct + * files include Level 1 to 3. */ - uint32_t stack_limit; - uint32_t stack_size; + uint8_t stack[TFM_STACK_SIZE] __attribute__((aligned(8))); #endif }; diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_db_setup.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_db_setup.h index 7ffc651f89..57da372eae 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_db_setup.h +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_db_setup.h @@ -76,7 +76,7 @@ struct spm_partition_db_t { } while (0) #endif -#define PARTITION_DECLARE(partition, flag, type, id, priority, part_stack_size) \ +#define PARTITION_DECLARE(partition, flag, type, id, priority) \ do { \ REGION_DECLARE(Image$$, partition, $$Base); \ REGION_DECLARE(Image$$, partition, $$Limit); \ @@ -102,12 +102,8 @@ struct spm_partition_db_t { if (g_spm_partition_db.partition_count >= SPM_MAX_PARTITIONS) { \ return SPM_ERR_INVALID_CONFIG; \ } \ - __attribute__((section(".data.partitions_stacks"))) \ - static uint8_t partition##_stack[part_stack_size] __attribute__((aligned(8))); \ part_ptr = &(g_spm_partition_db.partitions[ \ g_spm_partition_db.partition_count]); \ - part_ptr->stack_limit = (uint32_t)partition##_stack; \ - part_ptr->stack_size = part_stack_size; \ PARTITION_INIT_STATIC_DATA(part_ptr->static_data, partition, flags, \ id, priority); \ PARTITION_INIT_RUNTIME_DATA(part_ptr->runtime_data, partition); \ @@ -115,21 +111,21 @@ struct spm_partition_db_t { ++g_spm_partition_db.partition_count; \ } while (0) -#define PARTITION_ADD_INIT_FUNC(partition, init_func) \ - do { \ - extern int32_t init_func(void); \ - uint32_t partition_idx = get_partition_idx(partition##_ID); \ - struct spm_partition_desc_t *part_ptr = \ - &(g_spm_partition_db.partitions[partition_idx]); \ - part_ptr->static_data.partition_init = init_func; \ +#define PARTITION_ADD_INIT_FUNC(partition, init_func) \ + do { \ + extern int32_t init_func(void); \ + uint32_t partition_idx = get_partition_idx(partition##_ID); \ + struct spm_partition_desc_t *part_ptr = \ + &(g_spm_partition_db.partitions[partition_idx]); \ + part_ptr->static_data.partition_init = init_func; \ } while (0) -#define PARTITION_ADD_PERIPHERAL(partition, peripheral) \ - do { \ - uint32_t partition_idx = get_partition_idx(partition##_ID); \ - struct spm_partition_desc_t *part_ptr = \ - &(g_spm_partition_db.partitions[partition_idx]); \ - part_ptr->platform_data = peripheral; \ +#define PARTITION_ADD_PERIPHERAL(partition, peripheral) \ + do { \ + uint32_t partition_idx = get_partition_idx(partition##_ID); \ + struct spm_partition_desc_t *part_ptr = \ + &(g_spm_partition_db.partitions[partition_idx]); \ + part_ptr->platform_data = peripheral; \ } while (0) #endif /* __SPM_DB_SETUP_H__ */ diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_partition_defs.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_partition_defs.h index 0533881f87..85ab1eca6e 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_partition_defs.h +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_partition_defs.h @@ -29,7 +29,7 @@ */ #define TFM_SP_CORE_ID (1) -#include "tfm_partition_defs.inc" +#include "secure_fw/services/tfm_partition_defs.inc" /* This limit is only used to define the size of the database reserved for * partitions. There's no requirement that it match the number of partitions diff --git a/components/TARGET_PSA/TARGET_TFM/interface/include/tfm_api.h b/components/TARGET_PSA/TARGET_TFM/interface/include/tfm_api.h index d6ce6893a0..2ba93c0916 100644 --- a/components/TARGET_PSA/TARGET_TFM/interface/include/tfm_api.h +++ b/components/TARGET_PSA/TARGET_TFM/interface/include/tfm_api.h @@ -110,13 +110,13 @@ psa_handle_t tfm_psa_connect_veneer(uint32_t sid, uint32_t minor_version); * * \param[in] handle Handle to connection * \param[in] in_vecs invec containing pointer/count of input vectors - * \param[in] out_vecs outvec containing pointer/count of output vectors + * \param[in] out_vecs invec containing pointer/count of output vectors * * \return Returns \ref psa_status_t status code */ psa_status_t tfm_psa_call_veneer(psa_handle_t handle, const psa_invec *in_vecs, - psa_outvec *out_vecs); + const psa_invec *out_vecs); /** * \brief Close connection to secure function referenced by a connection handle diff --git a/components/TARGET_PSA/TARGET_TFM/interface/include/tfm_ns_lock.h b/components/TARGET_PSA/TARGET_TFM/interface/include/tfm_ns_lock.h index 0c73a60a68..d3cf055433 100644 --- a/components/TARGET_PSA/TARGET_TFM/interface/include/tfm_ns_lock.h +++ b/components/TARGET_PSA/TARGET_TFM/interface/include/tfm_ns_lock.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017-2018, Arm Limited. All rights reserved. + * Copyright (c) 2017-2019, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause * @@ -32,7 +32,7 @@ uint32_t tfm_ns_lock_dispatch(veneer_fn fn, * \details Needs to be called during non-secure app init * to initialize the TFM NS lock object */ -uint32_t tfm_ns_lock_init(); +enum tfm_status_e tfm_ns_lock_init(); #ifdef __cplusplus } diff --git a/components/TARGET_PSA/TARGET_TFM/interface/include/tfm_ns_svc.h b/components/TARGET_PSA/TARGET_TFM/interface/include/tfm_ns_svc.h index 0399af9f0c..366a70a91a 100644 --- a/components/TARGET_PSA/TARGET_TFM/interface/include/tfm_ns_svc.h +++ b/components/TARGET_PSA/TARGET_TFM/interface/include/tfm_ns_svc.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017-2018, Arm Limited. All rights reserved. + * Copyright (c) 2017-2019, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause * @@ -24,7 +24,7 @@ extern "C" { * \brief Macro to encode an svc instruction * */ -#define SVC(code) __ASM("svc %0" : : "I" (code)) +#define SVC(code) __ASM volatile("svc %0" : : "I" (code)) /** * \def LIST_SVC_NSPM @@ -59,7 +59,7 @@ enum tfm_svc_num { }; /* number of user SVC functions */ -#define USER_SVC_COUNT (SVC_TFM_MAX - 1) +#define USER_SVC_COUNT ((uint32_t)SVC_TFM_MAX - 1) #ifdef __cplusplus } From fb068d2cb4e89cacf0e9f413075bb4b211f1484f Mon Sep 17 00:00:00 2001 From: Michael Schwarcz Date: Thu, 7 Feb 2019 11:51:12 +0200 Subject: [PATCH 2/9] TF-M patch: General modifications - Remove un-needed files - Disable printf and uart - Modify include paths - Guard macros from mbed_lib with ifndef (cherry picked from commit 1f30b52488e88704cdb51c8c26e7225e580e5cc2) (cherry picked from commit 71cd34df3265d98da5c9b34e4e18ef039d7bef5c) (cherry picked from commit 185d2865da45cc2c6ac3acb755b90c196934d7d5) --- .../COMPONENT_SPE/bl2/include/boot_record.h | 81 ------------------- .../secure_fw/core/CMakeLists.inc | 71 ---------------- .../secure_fw/core/ipc/CMakeLists.inc | 74 ----------------- .../core/ipc/include/tfm_message_queue.h | 2 + .../secure_fw/core/ipc/include/tfm_spm.h | 4 + .../core/ipc/include/tfm_spm_signal_defs.h | 15 ---- .../secure_fw/core/ipc/tfm_spm.c | 2 +- .../secure_fw/core/secure_utilities.h | 2 + .../COMPONENT_SPE/secure_fw/core/tfm_core.c | 2 - .../secure_fw/core/tfm_secure_api.c | 1 - .../secure_fw/spm/CMakeLists.inc | 61 -------------- .../COMPONENT_SPE/secure_fw/spm/spm_api.c | 2 +- .../secure_fw/spm/spm_partition_defs.h | 2 +- 13 files changed, 11 insertions(+), 308 deletions(-) delete mode 100644 components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/bl2/include/boot_record.h delete mode 100644 components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/CMakeLists.inc delete mode 100644 components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/CMakeLists.inc delete mode 100644 components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_spm_signal_defs.h delete mode 100644 components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/CMakeLists.inc diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/bl2/include/boot_record.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/bl2/include/boot_record.h deleted file mode 100644 index 217a20684c..0000000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/bl2/include/boot_record.h +++ /dev/null @@ -1,81 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#ifndef __BOOT_RECORD_H__ -#define __BOOT_RECORD_H__ - -#include -#include -#include -#include "../ext/mcuboot/bootutil/include/bootutil/image.h" -#include "../ext/mcuboot/include/flash_map/flash_map.h" - -#ifdef __cplusplus -extern "C" { -#endif - -/*! - * \enum shared_data_err_t - * - * \brief Return values for adding data entry to shared memory area - */ -enum shared_memory_err_t { - SHARED_MEMORY_OK = 0, - SHARED_MEMORY_OVERFLOW = 1, - SHARED_MEMORY_OVERWRITE = 2, - - /* This is used to force the maximum size */ - TLV_TYPE_MAX = INT_MAX -}; - -/*! - * \enum boot_status_err_t - * - * \brief Return values for saving boot status information to shared memory are - */ -enum boot_status_err_t { - BOOT_STATUS_OK, - BOOT_STATUS_ERROR, -}; - -/*! - * \brief Add a data item to the shared data area between bootloader and - * runtime SW - * - * \param[in] major_type TLV major type, identify consumer - * \param[in] minor_type TLV minor type, identify TLV type - * \param[in] size length of added data - * \param[in] data pointer to data - * - * \return Returns error code as specified in \ref shared_memory_err_t - */ -enum shared_memory_err_t -boot_add_data_to_shared_area(uint8_t major_type, - uint16_t minor_type, - size_t size, - const uint8_t *data); - -/*! - * \brief Add an image's all boot status information to the shared data area - * between bootloader and runtime SW - * - * \param[in] sw_module Identifier of the SW component - * \param[in] hdr Pointer to the image header stored in RAM - * \param[in] fap Pointer to the flash area where image is stored - * - * \return Returns error code as specified in \ref boot_status_err_t - */ -enum boot_status_err_t -boot_save_boot_status(uint8_t sw_module, - const struct image_header *hdr, - const struct flash_area *fap); - -#ifdef __cplusplus -} -#endif - -#endif /* __BOOT_RECORD_H__ */ diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/CMakeLists.inc b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/CMakeLists.inc deleted file mode 100644 index 0b290d5b01..0000000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/CMakeLists.inc +++ /dev/null @@ -1,71 +0,0 @@ -#------------------------------------------------------------------------------- -# Copyright (c) 2017-2018, Arm Limited. All rights reserved. -# -# SPDX-License-Identifier: BSD-3-Clause -# -#------------------------------------------------------------------------------- - -#Definitions to compile the "core" module. -#This file assumes it will be included from a project specific cmakefile, and -#will not create a library or executable. -#Inputs: -# TFM_ROOT_DIR - directory where secure FW sourec is located. -# -#Outputs: -# Will modify include directories to make the source compile. -# ALL_SRC_C: C source files to be compiled will be added to this list. -# This shall be added to your add_executable or add_library command. -# ALL_SRC_CXX: C++ source files to be compiled will be added to this list. -# This shall be added to your add_executable or add_library command. -# ALL_SRC_ASM: assembly source files to be compiled will be added to this -# list. This shall be added to your add_executable or add_library -# command. -# Include directories will be modified by using the include_directories() -# commands as needed. - -#Get the current directory where this file is located. -set(SS_CORE_DIR ${CMAKE_CURRENT_LIST_DIR}) -if(NOT DEFINED TFM_ROOT_DIR) - message(FATAL_ERROR - "Please set TFM_ROOT_DIR before including this file.") -endif() - -set (SS_CORE_C_SRC - "${SS_CORE_DIR}/tfm_core.c" - "${SS_CORE_DIR}/tfm_handler.c" - "${SS_CORE_DIR}/tfm_secure_api.c" - "${SS_CORE_DIR}/tfm_spm_services.c" - "${SS_CORE_DIR}/tfm_nspm.c" - "${SS_CORE_DIR}/tfm_boot_data.c" - ) - -#Append all our source files to global lists. -list(APPEND ALL_SRC_C ${SS_CORE_C_SRC}) -unset(SS_CORE_C_SRC) - -#Setting include directories -embedded_include_directories(PATH ${TFM_ROOT_DIR} ABSOLUTE) -embedded_include_directories(PATH ${TFM_ROOT_DIR}/interface/include ABSOLUTE) -embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/spm ABSOLUTE) -embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/core ABSOLUTE) - -set(BUILD_CMSIS_CORE Off) -set(BUILD_RETARGET Off) -set(BUILD_NATIVE_DRIVERS Off) -set(BUILD_STARTUP Off) -set(BUILD_TARGET_CFG Off) -set(BUILD_TARGET_HARDWARE_KEYS Off) -set(BUILD_TARGET_NV_COUNTERS Off) -set(BUILD_CMSIS_DRIVERS Off) -set(BUILD_TIME Off) -set(BUILD_UART_STDOUT Off) -set(BUILD_FLASH Off) -set(BUILD_BOOT_SEED Off) -set(BUILD_DEVICE_ID Off) -if(NOT DEFINED PLATFORM_CMAKE_FILE) - message (FATAL_ERROR "Platform specific CMake is not defined. Please set PLATFORM_CMAKE_FILE.") -elseif(NOT EXISTS ${PLATFORM_CMAKE_FILE}) - message (FATAL_ERROR "Platform specific CMake \"${PLATFORM_CMAKE_FILE}\" file does not exist. Please fix value of PLATFORM_CMAKE_FILE.") -else() - include(${PLATFORM_CMAKE_FILE}) -endif() diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/CMakeLists.inc b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/CMakeLists.inc deleted file mode 100644 index 59c074e60f..0000000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/CMakeLists.inc +++ /dev/null @@ -1,74 +0,0 @@ -#------------------------------------------------------------------------------- -# Copyright (c) 2018, Arm Limited. All rights reserved. -# -# SPDX-License-Identifier: BSD-3-Clause -# -#------------------------------------------------------------------------------- - -#Definitions to compile the "ipc" module. -#This file assumes it will be included from a project specific cmakefile, and -#will not create a library or executable. -#Inputs: -# TFM_ROOT_DIR - directory where secure FW sourec is located. -# -#Outputs: -# Will modify include directories to make the source compile. -# ALL_SRC_C: C source files to be compiled will be added to this list. -# This shall be added to your add_executable or add_library command. -# ALL_SRC_CXX: C++ source files to be compiled will be added to this list. -# This shall be added to your add_executable or add_library command. -# ALL_SRC_ASM: assembly source files to be compiled will be added to this -# list. This shall be added to your add_executable or add_library -# command. -# Include directories will be modified by using the include_directories() -# commands as needed. - -#Get the current directory where this file is located. -set(SS_IPC_DIR ${CMAKE_CURRENT_LIST_DIR}) -if(NOT DEFINED TFM_ROOT_DIR) - message(FATAL_ERROR - "Please set TFM_ROOT_DIR before including this file.") -endif() - -if (NOT DEFINED TFM_PSA_API) - message(FATAL_ERROR "Incomplete build configuration: TFM_PSA_API is undefined. ") -elseif (TFM_PSA_API) - set (SS_IPC_C_SRC "${SS_IPC_DIR}/tfm_svcalls.c" - "${SS_IPC_DIR}/psa_service.c" - "${SS_IPC_DIR}/psa_client.c" - "${SS_IPC_DIR}/tfm_arch_v8m.c" - "${SS_IPC_DIR}/tfm_thread.c" - "${SS_IPC_DIR}/tfm_wait.c" - "${SS_IPC_DIR}/tfm_utils.c" - "${SS_IPC_DIR}/tfm_message_queue.c" - "${SS_IPC_DIR}/tfm_pools.c" - "${SS_IPC_DIR}/tfm_spm.c" - "${SS_IPC_DIR}/../tfm_core.c" - "${SS_IPC_DIR}/../tfm_secure_api.c" - "${SS_IPC_DIR}/../tfm_spm_services.c" - "${SS_IPC_DIR}/../tfm_handler.c" - "${SS_IPC_DIR}/../tfm_psa_api_client.c" - "${SS_IPC_DIR}/../tfm_nspm.c" - "${SS_IPC_DIR}/../tfm_boot_data.c" - ) -endif() - -#Append all our source files to global lists. -list(APPEND ALL_SRC_C ${SS_IPC_C_SRC}) -unset(SS_IPC_C_SRC) - -#Setting include directories -embedded_include_directories(PATH ${TFM_ROOT_DIR} ABSOLUTE) -embedded_include_directories(PATH ${TFM_ROOT_DIR}/interface/include ABSOLUTE) -embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/spm ABSOLUTE) -embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/core ABSOLUTE) -embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/core/ipc ABSOLUTE) -embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/core/ipc/include ABSOLUTE) - -if(NOT DEFINED PLATFORM_CMAKE_FILE) - message (FATAL_ERROR "Platform specific CMake is not defined. Please set PLATFORM_CMAKE_FILE.") -elseif(NOT EXISTS ${PLATFORM_CMAKE_FILE}) - message (FATAL_ERROR "Platform specific CMake \"${PLATFORM_CMAKE_FILE}\" file does not exist. Please fix value of PLATFORM_CMAKE_FILE.") -else() - include(${PLATFORM_CMAKE_FILE}) -endif() diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_message_queue.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_message_queue.h index a00c179893..44f5af44bf 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_message_queue.h +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_message_queue.h @@ -7,7 +7,9 @@ #ifndef __TFM_MESSAGE_QUEUE_H__ #define __TFM_MESSAGE_QUEUE_H__ +#ifndef TFM_MSG_QUEUE_MAX_MSG_NUM #define TFM_MSG_QUEUE_MAX_MSG_NUM 128 +#endif #define TFM_MSG_MAGIC 0x15154343 /* Message struct to collect parameter from client */ struct tfm_msg_body_t { diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_spm.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_spm.h index 62adf345af..e4df835df8 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_spm.h +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_spm.h @@ -11,11 +11,15 @@ #include "tfm_list.h" #include "tfm_secure_api.h" +#ifndef TFM_SPM_MAX_ROT_SERV_NUM #define TFM_SPM_MAX_ROT_SERV_NUM 28 +#endif #define TFM_VERSION_POLICY_RELAXED 0 #define TFM_VERSION_POLICY_STRICT 1 +#ifndef TFM_CONN_HANDLE_MAX_NUM #define TFM_CONN_HANDLE_MAX_NUM 32 +#endif /* RoT connection handle list */ struct tfm_conn_handle_t { diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_spm_signal_defs.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_spm_signal_defs.h deleted file mode 100644 index 0c1f01f055..0000000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_spm_signal_defs.h +++ /dev/null @@ -1,15 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -#ifndef __TFM_SPM_SIGNAL_DEFS_H__ -#define __TFM_SPM_SIGNAL_DEFS_H__ - -#include "test/test_services/tfm_ipc_service/tfm_ipc_service_partition.h" -#include "test/test_services/tfm_core_test/tfm_ss_core_test_signal.h" -#include "test/test_services/tfm_core_test_2/tfm_ss_core_test_2_signal.h" -#include "secure_fw/services/secure_storage/tfm_sst_signal.h" - -#endif diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_spm.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_spm.c index bb5357dbbb..25cbf9bcb2 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_spm.c +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_spm.c @@ -47,7 +47,7 @@ TFM_POOL_DECLARE(msg_db_pool, sizeof(struct tfm_msg_body_t), TFM_MSG_QUEUE_MAX_MSG_NUM); static struct tfm_spm_service_db_t g_spm_service_db[] = { - #include "secure_fw/services/tfm_service_list.inc" + #include "tfm_service_list.inc" }; /********************** SPM functions for handler mode ***********************/ diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/secure_utilities.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/secure_utilities.h index d367fe8400..82a4f5a8a0 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/secure_utilities.h +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/secure_utilities.h @@ -25,6 +25,8 @@ #define EXC_NUM_PENDSV (14) #define EXC_NUM_SYSTICK (15) +#define printf(...) + /* Disable NS exceptions by setting NS PRIMASK to 1 */ #define TFM_NS_EXC_DISABLE() __TZ_set_PRIMASK_NS(1) /* Enable NS exceptions by setting NS PRIMASK to 0 */ diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_core.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_core.c index ef24f48848..7d831b5451 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_core.c +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_core.c @@ -11,7 +11,6 @@ #include "tfm_internal.h" #include "tfm_api.h" #include "platform/include/tfm_spm_hal.h" -#include "uart_stdout.h" #include "secure_utilities.h" #include "secure_fw/spm/spm_api.h" #include "secure_fw/include/tfm_spm_services_api.h" @@ -88,7 +87,6 @@ int32_t tfm_core_init(void) __enable_irq(); - stdio_init(); LOG_MSG("Secure image initializing!"); #ifdef TFM_CORE_DEBUG diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_secure_api.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_secure_api.c index 65a4cb0167..affabbdd13 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_secure_api.c +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_secure_api.c @@ -12,7 +12,6 @@ #include "tfm_secure_api.h" #include "tfm_nspm.h" #include "secure_utilities.h" -#include "uart_stdout.h" #include "secure_fw/spm/spm_api.h" #include "region_defs.h" #include "tfm_api.h" diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/CMakeLists.inc b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/CMakeLists.inc deleted file mode 100644 index d1e57d888f..0000000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/CMakeLists.inc +++ /dev/null @@ -1,61 +0,0 @@ -#------------------------------------------------------------------------------- -# Copyright (c) 2017-2018, Arm Limited. All rights reserved. -# -# SPDX-License-Identifier: BSD-3-Clause -# -#------------------------------------------------------------------------------- - -#Definitions to compile the "spm" module. -#This file assumes it will be included from a project specific cmakefile, and -#will not create a library or executable. -#Inputs: -# TFM_ROOT_DIR - root directory of the TF-M repository. -# -#Outputs: -# Will modify include directories to make the source compile. -# ALL_SRC_C: C source files to be compiled will be added to this list. This shall be added to your add_executable or add_library command. -# ALL_SRC_CXX: C++ source files to be compiled will be added to this list. This shall be added to your add_executable or add_library command. -# ALL_SRC_ASM: assembly source files to be compiled will be added to this list. This shall be added to your add_executable or add_library command. -# Include directories will be modified by using the include_directories() commands as needed. - -#Get the current directory where this file is located. -set(SS_SPM_DIR ${CMAKE_CURRENT_LIST_DIR}) -if(NOT DEFINED TFM_ROOT_DIR) - message(FATAL_ERROR "Please set TFM_ROOT_DIR before including this file.") -endif() - -set (SS_SPM_C_SRC "${SS_SPM_DIR}/spm_api.c") - - -#Append all our source files to global lists. -list(APPEND ALL_SRC_C ${SS_SPM_C_SRC}) -unset(SS_SPM_C_SRC) - -#Setting include directories -embedded_include_directories(PATH ${TFM_ROOT_DIR} ABSOLUTE) -embedded_include_directories(PATH ${TFM_ROOT_DIR}/interface/include ABSOLUTE) -embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/spm ABSOLUTE) -embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/core ABSOLUTE) -embedded_include_directories(PATH ${TFM_ROOT_DIR} ABSOLUTE) - -set(BUILD_CMSIS_CORE Off) -set(BUILD_RETARGET Off) -set(BUILD_NATIVE_DRIVERS Off) -set(BUILD_STARTUP Off) -set(BUILD_TARGET_CFG Off) -set(BUILD_TARGET_HARDWARE_KEYS Off) -set(BUILD_TARGET_NV_COUNTERS Off) -set(BUILD_CMSIS_DRIVERS Off) -set(BUILD_TIME Off) -set(BUILD_UART_STDOUT Off) -set(BUILD_FLASH Off) -set(BUILD_BOOT_SEED Off) -set(BUILD_DEVICE_ID Off) -if(NOT DEFINED PLATFORM_CMAKE_FILE) - message (FATAL_ERROR "Platform specific CMake is not defined. Please set PLATFORM_CMAKE_FILE.") -elseif(NOT EXISTS ${PLATFORM_CMAKE_FILE}) - message (FATAL_ERROR "Platform specific CMake \"${PLATFORM_CMAKE_FILE}\" file does not exist. Please fix value of PLATFORM_CMAKE_FILE.") -else() - include(${PLATFORM_CMAKE_FILE}) -endif() - diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_api.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_api.c index 02b3f07c96..f00f5145d2 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_api.c +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_api.c @@ -60,7 +60,7 @@ static void tfm_spm_partition_err_handler( * defined inside tfm_partition_list.inc file. */ static inline enum spm_err_t add_user_defined_partitions(void) { - #include "secure_fw/services/tfm_partition_list.inc" + #include "tfm_partition_list.inc" return SPM_ERR_OK; } diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_partition_defs.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_partition_defs.h index 85ab1eca6e..0533881f87 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_partition_defs.h +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_partition_defs.h @@ -29,7 +29,7 @@ */ #define TFM_SP_CORE_ID (1) -#include "secure_fw/services/tfm_partition_defs.inc" +#include "tfm_partition_defs.inc" /* This limit is only used to define the size of the database reserved for * partitions. There's no requirement that it match the number of partitions From 5d41a2aeae71b13f2763bea4e55899646291e0eb Mon Sep 17 00:00:00 2001 From: Michael Schwarcz Date: Thu, 7 Feb 2019 12:05:25 +0200 Subject: [PATCH 3/9] TF-M patch: Fix tfm_ns_lock_init issue (TF-M issue #239) - Link to bug tracking: https://developer.trustedfirmware.org/T239 (cherry picked from commit 5f2e4b3911ca3a776fab55a6d12054904614cced) --- .../COMPONENT_NSPE/interface/src/tfm_ns_lock_rtx.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_NSPE/interface/src/tfm_ns_lock_rtx.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_NSPE/interface/src/tfm_ns_lock_rtx.c index 14fd76a0d6..0c677623aa 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_NSPE/interface/src/tfm_ns_lock_rtx.c +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_NSPE/interface/src/tfm_ns_lock_rtx.c @@ -6,9 +6,9 @@ */ #include #include - +#include "cmsis.h" +#include "rtx_os.h" #include "cmsis_os2.h" - #include "tfm_api.h" #include "tfm_ns_lock.h" @@ -29,11 +29,14 @@ static struct ns_lock_state ns_lock = {.init=false, .id=NULL}; /** * \brief Mutex properties, NS lock */ + +static osRtxMutex_t ns_lock_cb = { 0 }; + static const osMutexAttr_t ns_lock_attrib = { .name = "ns_lock", .attr_bits = osMutexPrioInherit, - .cb_mem = NULL, - .cb_size = 0U + .cb_mem = &ns_lock_cb, + .cb_size = sizeof(ns_lock_cb) }; /** From 9c1e080e39adc7211c8c2c12cd652da3dc124299 Mon Sep 17 00:00:00 2001 From: Michael Schwarcz Date: Thu, 7 Feb 2019 12:10:03 +0200 Subject: [PATCH 4/9] TF-M patch: Fix service handles not cleared issue (TF-M issue #230) - Link to bug tracking: https://developer.trustedfirmware.org/T230 (cherry picked from commit 0c23e8698958b6e716114267fbdf6d82a16b6e0c) --- .../TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_spm.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_spm.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_spm.c index 25cbf9bcb2..7f5da53d87 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_spm.c +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_spm.c @@ -110,6 +110,8 @@ int32_t tfm_spm_free_conn_handle(struct tfm_spm_service_t *service, /* Remove node from handle list */ tfm_list_del_node(&node->list); + node->rhandle = NULL; + /* Back handle buffer to pool */ tfm_pool_free(node); return IPC_SUCCESS; From 78ed87028718b1b926d847ff6fc2f91d44e53d6d Mon Sep 17 00:00:00 2001 From: Michael Schwarcz Date: Thu, 7 Feb 2019 12:12:01 +0200 Subject: [PATCH 5/9] TF-M patch: Fix fixed-size partitions stack size (TF-M issue #240) - Link to bug tracking: https://developer.trustedfirmware.org/T240 (cherry picked from commit fc7864055982f3b8e7e556f9dd8d0c94a1c772bc) --- .../COMPONENT_SPE/secure_fw/core/ipc/tfm_spm.c | 12 ++++++++---- .../TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_api.c | 6 ++++-- .../TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_db.h | 7 +++---- .../COMPONENT_SPE/secure_fw/spm/spm_db_setup.h | 6 +++++- 4 files changed, 20 insertions(+), 11 deletions(-) diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_spm.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_spm.c index 7f5da53d87..a60568069a 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_spm.c +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_spm.c @@ -433,15 +433,19 @@ tfm_spm_partition_get_thread_info_ext(uint32_t partition_idx) return &g_spm_partition_db.partitions[partition_idx].sp_thrd; } -static uint32_t tfm_spm_partition_get_stack_base_ext(uint32_t partition_idx) +static uint32_t tfm_spm_partition_get_stack_size_ext(uint32_t partition_idx) { - return (uint32_t)&(g_spm_partition_db.partitions[partition_idx]. - stack[TFM_STACK_SIZE]); + return g_spm_partition_db.partitions[partition_idx].stack_size; } static uint32_t tfm_spm_partition_get_stack_limit_ext(uint32_t partition_idx) { - return (uint32_t)&g_spm_partition_db.partitions[partition_idx].stack; + return g_spm_partition_db.partitions[partition_idx].stack_limit; +} + +static uint32_t tfm_spm_partition_get_stack_base_ext(uint32_t partition_idx) +{ + return tfm_spm_partition_get_stack_limit_ext(partition_idx) + tfm_spm_partition_get_stack_size_ext(partition_idx); } static tfm_thrd_func_t diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_api.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_api.c index f00f5145d2..2559ac83b3 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_api.c +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_api.c @@ -98,12 +98,11 @@ enum spm_err_t tfm_spm_db_init(void) */ /* For the non secure Execution environment */ -#if TFM_LVL != 1 extern uint32_t Image$$ARM_LIB_STACK$$ZI$$Base[]; extern uint32_t Image$$ARM_LIB_STACK$$ZI$$Limit[]; uint32_t psp_stack_bottom = (uint32_t)Image$$ARM_LIB_STACK$$ZI$$Base; uint32_t psp_stack_top = (uint32_t)Image$$ARM_LIB_STACK$$ZI$$Limit; -#endif + if (g_spm_partition_db.partition_count >= SPM_MAX_PARTITIONS) { return SPM_ERR_INVALID_CONFIG; } @@ -119,6 +118,9 @@ enum spm_err_t tfm_spm_db_init(void) * RW start address to psp_stack_bottom to get RW access to stack */ part_ptr->memory_data.rw_start = psp_stack_bottom; +#else + part_ptr->stack_limit = psp_stack_bottom; + part_ptr->stack_size = psp_stack_top - psp_stack_bottom; #endif part_ptr->runtime_data.partition_state = SPM_PARTITION_STATE_UNINIT; diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_db.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_db.h index 7bfaa3c12b..22d34ee8ff 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_db.h +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_db.h @@ -65,11 +65,10 @@ struct spm_partition_desc_t { #ifdef TFM_PSA_API struct tfm_thrd_ctx sp_thrd; /* - * FixMe: Hard code stack is not aligned with the definition in the - * manifest. It will use the partition stacks in the linker scripts/sct - * files include Level 1 to 3. + * stack_limit points to starting address of the partitions' stack plus the partitions' stack size. */ - uint8_t stack[TFM_STACK_SIZE] __attribute__((aligned(8))); + uint32_t stack_limit; + uint32_t stack_size; #endif }; diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_db_setup.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_db_setup.h index 57da372eae..099a800673 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_db_setup.h +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_db_setup.h @@ -76,7 +76,7 @@ struct spm_partition_db_t { } while (0) #endif -#define PARTITION_DECLARE(partition, flag, type, id, priority) \ +#define PARTITION_DECLARE(partition, flag, type, id, priority, part_stack_size) \ do { \ REGION_DECLARE(Image$$, partition, $$Base); \ REGION_DECLARE(Image$$, partition, $$Limit); \ @@ -102,8 +102,12 @@ struct spm_partition_db_t { if (g_spm_partition_db.partition_count >= SPM_MAX_PARTITIONS) { \ return SPM_ERR_INVALID_CONFIG; \ } \ + __attribute__((section(".data.partitions_stacks"))) \ + static uint8_t partition##_stack[part_stack_size] __attribute__((aligned(8))); \ part_ptr = &(g_spm_partition_db.partitions[ \ g_spm_partition_db.partition_count]); \ + part_ptr->stack_limit = (uint32_t)partition##_stack; \ + part_ptr->stack_size = part_stack_size; \ PARTITION_INIT_STATIC_DATA(part_ptr->static_data, partition, flags, \ id, priority); \ PARTITION_INIT_RUNTIME_DATA(part_ptr->runtime_data, partition); \ From 280715f9b74ab29459d81edaf02b39e7a6acb13c Mon Sep 17 00:00:00 2001 From: Michael Schwarcz Date: Thu, 7 Feb 2019 12:14:41 +0200 Subject: [PATCH 6/9] TF-M patch: Fix tfm_psa_call_venner wrong argument type (TF-M issue #241) - Link to bug tracking: https://developer.trustedfirmware.org/T241 (cherry picked from commit da01e3411fcf8010f4ae581946cf4b0e7753e024) --- .../COMPONENT_SPE/secure_fw/core/tfm_psa_api_client.c | 2 +- components/TARGET_PSA/TARGET_TFM/interface/include/tfm_api.h | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_psa_api_client.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_psa_api_client.c index 15c0317c8b..3c341bd902 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_psa_api_client.c +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_psa_api_client.c @@ -99,7 +99,7 @@ psa_handle_t tfm_psa_connect_veneer(uint32_t sid, uint32_t minor_version) __tfm_secure_gateway_attributes__ psa_status_t tfm_psa_call_veneer(psa_handle_t handle, const psa_invec *in_vecs, - const psa_invec *out_vecs) + psa_outvec *out_vecs) { TFM_CORE_NS_IPC_REQUEST_VENEER(tfm_svcall_psa_call, handle, in_vecs, out_vecs, 0); diff --git a/components/TARGET_PSA/TARGET_TFM/interface/include/tfm_api.h b/components/TARGET_PSA/TARGET_TFM/interface/include/tfm_api.h index 2ba93c0916..d6ce6893a0 100644 --- a/components/TARGET_PSA/TARGET_TFM/interface/include/tfm_api.h +++ b/components/TARGET_PSA/TARGET_TFM/interface/include/tfm_api.h @@ -110,13 +110,13 @@ psa_handle_t tfm_psa_connect_veneer(uint32_t sid, uint32_t minor_version); * * \param[in] handle Handle to connection * \param[in] in_vecs invec containing pointer/count of input vectors - * \param[in] out_vecs invec containing pointer/count of output vectors + * \param[in] out_vecs outvec containing pointer/count of output vectors * * \return Returns \ref psa_status_t status code */ psa_status_t tfm_psa_call_veneer(psa_handle_t handle, const psa_invec *in_vecs, - const psa_invec *out_vecs); + psa_outvec *out_vecs); /** * \brief Close connection to secure function referenced by a connection handle From ea81bf91c90ae23dd9de012bfd7498613be00601 Mon Sep 17 00:00:00 2001 From: Michael Schwarcz Date: Thu, 7 Feb 2019 14:31:27 +0200 Subject: [PATCH 7/9] TF-M patch: Fix wrong check in tfm_spm_check_client_version (TF-M issue #236) - Link to bug tracking: https://developer.trustedfirmware.org/T236 (cherry picked from commit 008bf1b2d176c04fb33985e0677e90e3800cb4ca) --- .../TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_spm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_spm.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_spm.c index a60568069a..fe82120a04 100644 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_spm.c +++ b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_spm.c @@ -274,7 +274,7 @@ int32_t tfm_spm_check_client_version(struct tfm_spm_service_t *service, switch (service->service_db->minor_policy) { case TFM_VERSION_POLICY_RELAXED: - if (minor_version < service->service_db->minor_version) { + if (minor_version > service->service_db->minor_version) { return IPC_ERROR_VERSION; } break; From 5342015bb12a486a1c563175a8a7129f0737c925 Mon Sep 17 00:00:00 2001 From: Oren Cohen Date: Sun, 28 Apr 2019 14:12:41 +0300 Subject: [PATCH 8/9] TF-M patch: Add necessary include in tfm_ns_lock.h --- components/TARGET_PSA/TARGET_TFM/interface/include/tfm_ns_lock.h | 1 + 1 file changed, 1 insertion(+) diff --git a/components/TARGET_PSA/TARGET_TFM/interface/include/tfm_ns_lock.h b/components/TARGET_PSA/TARGET_TFM/interface/include/tfm_ns_lock.h index d3cf055433..d9acd00528 100644 --- a/components/TARGET_PSA/TARGET_TFM/interface/include/tfm_ns_lock.h +++ b/components/TARGET_PSA/TARGET_TFM/interface/include/tfm_ns_lock.h @@ -12,6 +12,7 @@ extern "C" { #endif #include +#include "tfm_api.h" typedef int32_t (*veneer_fn) (uint32_t arg0, uint32_t arg1, uint32_t arg2, uint32_t arg3); From 14ad60ae010beab6acd820844a26f50565effbbf Mon Sep 17 00:00:00 2001 From: Oren Cohen Date: Sun, 28 Apr 2019 14:17:36 +0300 Subject: [PATCH 9/9] Update commit sha's --- tools/importer/tfm_importer.json | 80 ++++++++++++++++---------------- 1 file changed, 40 insertions(+), 40 deletions(-) diff --git a/tools/importer/tfm_importer.json b/tools/importer/tfm_importer.json index 4b8d92dd3e..3d0ac1a22d 100644 --- a/tools/importer/tfm_importer.json +++ b/tools/importer/tfm_importer.json @@ -1,75 +1,75 @@ { - "files" : [ + "files": [ { - "src_file" : "interface/src/tfm_ns_lock_rtx.c", - "dest_file" : "components/TARGET_PSA/TARGET_TFM/COMPONENT_NSPE/interface/src/tfm_ns_lock_rtx.c" + "src_file": "interface/src/tfm_ns_lock_rtx.c", + "dest_file": "components/TARGET_PSA/TARGET_TFM/COMPONENT_NSPE/interface/src/tfm_ns_lock_rtx.c" }, { - "src_file" : "interface/src/tfm_psa_ns_api.c", - "dest_file" : "components/TARGET_PSA/TARGET_TFM/COMPONENT_NSPE/interface/src/tfm_psa_ns_api.c" + "src_file": "interface/src/tfm_psa_ns_api.c", + "dest_file": "components/TARGET_PSA/TARGET_TFM/COMPONENT_NSPE/interface/src/tfm_psa_ns_api.c" }, { - "src_file" : "interface/include/psa_client.h", - "dest_file" : "components/TARGET_PSA/TARGET_TFM/interface/include/psa_client.h" + "src_file": "interface/include/psa_client.h", + "dest_file": "components/TARGET_PSA/TARGET_TFM/interface/include/psa_client.h" }, { - "src_file" : "interface/include/psa_service.h", - "dest_file" : "components/TARGET_PSA/TARGET_TFM/interface/include/psa_service.h" + "src_file": "interface/include/psa_service.h", + "dest_file": "components/TARGET_PSA/TARGET_TFM/interface/include/psa_service.h" }, { - "src_file" : "interface/include/tfm_api.h", - "dest_file" : "components/TARGET_PSA/TARGET_TFM/interface/include/tfm_api.h" + "src_file": "interface/include/tfm_api.h", + "dest_file": "components/TARGET_PSA/TARGET_TFM/interface/include/tfm_api.h" }, { - "src_file" : "interface/include/tfm_ns_lock.h", - "dest_file" : "components/TARGET_PSA/TARGET_TFM/interface/include/tfm_ns_lock.h" + "src_file": "interface/include/tfm_ns_lock.h", + "dest_file": "components/TARGET_PSA/TARGET_TFM/interface/include/tfm_ns_lock.h" }, { - "src_file" : "interface/include/tfm_ns_svc.h", - "dest_file" : "components/TARGET_PSA/TARGET_TFM/interface/include/tfm_ns_svc.h" + "src_file": "interface/include/tfm_ns_svc.h", + "dest_file": "components/TARGET_PSA/TARGET_TFM/interface/include/tfm_ns_svc.h" }, { - "src_file" : "interface/include/tfm_nspm_svc_handler.h", - "dest_file" : "components/TARGET_PSA/TARGET_TFM/interface/include/tfm_nspm_svc_handler.h" + "src_file": "interface/include/tfm_nspm_svc_handler.h", + "dest_file": "components/TARGET_PSA/TARGET_TFM/interface/include/tfm_nspm_svc_handler.h" }, { - "src_file" : "platform/include/tfm_spm_hal.h", - "dest_file" : "components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/platform/include/tfm_spm_hal.h" + "src_file": "platform/include/tfm_spm_hal.h", + "dest_file": "components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/platform/include/tfm_spm_hal.h" } ], - "folders" : [ + "folders": [ { - "src_folder" : "secure_fw/core", - "dest_folder" : "components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core" + "src_folder": "secure_fw/core", + "dest_folder": "components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core" }, { - "src_folder" : "secure_fw/core/ipc", - "dest_folder" : "components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc" + "src_folder": "secure_fw/core/ipc", + "dest_folder": "components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc" }, { - "src_folder" : "secure_fw/core/ipc/include", - "dest_folder" : "components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include" + "src_folder": "secure_fw/core/ipc/include", + "dest_folder": "components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include" }, { - "src_folder" : "secure_fw/include", - "dest_folder" : "components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/include" + "src_folder": "secure_fw/include", + "dest_folder": "components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/include" }, { - "src_folder" : "secure_fw/spm", - "dest_folder" : "components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm" + "src_folder": "secure_fw/spm", + "dest_folder": "components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm" }, { - "src_folder" : "bl2/include", - "dest_folder" : "components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/bl2/include" + "src_folder": "bl2/include", + "dest_folder": "components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/bl2/include" } ], - "commit_sha" : [ - "185d2865da45cc2c6ac3acb755b90c196934d7d5", - "e89c1a68ce8f690ce0d6029cd9196b03906060de", - "3fbc73e046e59e45b58ea2935c5d2fe5e89e67d8", - "f0e4583b72c887c87bd06797d1dc815f4f9e3300", - "ad8ddd8e6e4f8cb378e16617931cfd80515fb51f", - "3badc126cf4c3b6ff224d57cb469f9be546b30e2", - "5a9dff2e04c3471caafb94962fe6fc1357305c1a" + "commit_sha": [ + "fb068d2cb4e89cacf0e9f413075bb4b211f1484f", + "5d41a2aeae71b13f2763bea4e55899646291e0eb", + "9c1e080e39adc7211c8c2c12cd652da3dc124299", + "78ed87028718b1b926d847ff6fc2f91d44e53d6d", + "280715f9b74ab29459d81edaf02b39e7a6acb13c", + "ea81bf91c90ae23dd9de012bfd7498613be00601", + "5342015bb12a486a1c563175a8a7129f0737c925" ] }