diff --git a/TESTS/psa/spm_client/COMPONENT_NSPE/main.cpp b/TESTS/psa/spm_client/COMPONENT_NSPE/main.cpp index edf6136..8713779 100644 --- a/TESTS/psa/spm_client/COMPONENT_NSPE/main.cpp +++ b/TESTS/psa/spm_client/COMPONENT_NSPE/main.cpp @@ -467,9 +467,6 @@ Case("Testing client psa_version() API on non-existing SID", psa_version_non_existing), Case("Testing client psa_version() API to a service that is not NSPE callable", psa_version_secure_access_only), Case("Testing client multiple calls on different channels to the same SID", multi_thread_diff_handles), -#if defined TARGET_MBED_SPM // TF-M issue: https://developer.trustedfirmware.org/T244 - Case("Testing client exceed num of max channels allowed", exceed_num_of_max_channels), -#endif }; utest::v1::status_t test_setup(const size_t number_of_cases) diff --git a/TESTS/psa/spm_server/COMPONENT_NSPE/main.cpp b/TESTS/psa/spm_server/COMPONENT_NSPE/main.cpp index 33b920f..9ad69d4 100644 --- a/TESTS/psa/spm_server/COMPONENT_NSPE/main.cpp +++ b/TESTS/psa/spm_server/COMPONENT_NSPE/main.cpp @@ -262,9 +262,6 @@ SPM_UTEST_CASE("Try to skip more bytes than left while reading", skip_more_than_left), SPM_UTEST_CASE("Test rhandle implementation by calculating the factorial function", rhandle_factorial), SPM_UTEST_CASE("Test a call flow between 2 secure partitions", cross_partition_call), -#if defined TARGET_MBED_SPM // TF-M issue: https://developer.trustedfirmware.org/T273 - SPM_UTEST_CASE("Test a common DOORBELL scenario", doorbell_test), -#endif }; //Declare your test specification with a custom setup handler diff --git a/TESTS/psa/spm_server/COMPONENT_SPE/server_tests_partition2.c b/TESTS/psa/spm_server/COMPONENT_SPE/server_tests_partition2.c index 4727bff..a20a62d 100644 --- a/TESTS/psa/spm_server/COMPONENT_SPE/server_tests_partition2.c +++ b/TESTS/psa/spm_server/COMPONENT_SPE/server_tests_partition2.c @@ -21,10 +21,6 @@ #include "psa/service.h" #include "mbed_spm_partitions.h" -#if defined(TARGET_MBED_SPM) -#include "cmsis_os2.h" -#endif - void server_part2_main(void *ptr) { psa_signal_t signals = 0; @@ -88,10 +84,6 @@ } // In doorbell scenario the server first calls psa_reply() psa_reply(msg.handle, PSA_SUCCESS); -#if defined(TARGET_MBED_SPM) - // Then the servers waits to some driver making long calculations - imitate using osDelay() - osDelay(20); -#endif // After work is done, ring the doorbell psa_notify(caller_part_id); break; diff --git a/TESTS/psa/spm_server/COMPONENT_SPE/tests.c b/TESTS/psa/spm_server/COMPONENT_SPE/tests.c index 3935935..15aef13 100644 --- a/TESTS/psa/spm_server/COMPONENT_SPE/tests.c +++ b/TESTS/psa/spm_server/COMPONENT_SPE/tests.c @@ -698,8 +698,5 @@ PSA_TEST_SERVER_NAME(skip_more_than_left), PSA_TEST_SERVER_NAME(rhandle_factorial), PSA_TEST_SERVER_NAME(cross_partition_call), -#if defined TARGET_MBED_SPM // TF-M issue: https://developer.trustedfirmware.org/T273 - PSA_TEST_SERVER_NAME(doorbell_test), -#endif NULL }; diff --git a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/handles_manager.c b/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/handles_manager.c deleted file mode 100644 index dbea860..0000000 --- a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/handles_manager.c +++ /dev/null @@ -1,160 +0,0 @@ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/* -------------------------------------- Includes ----------------------------------- */ - -#include "psa_defs.h" -#include "cmsis_os2.h" -#include "mbed_atomic.h" -#include "spm_internal.h" -#include "spm_panic.h" -#include "handles_manager.h" - -#include -#include -#include - - -/* ------------------------------------ Definitions ---------------------------------- */ - -#define PSA_HANDLE_MGR_HANDLE_INDEX_POS 16 -#define PSA_HANDLE_MGR_HANDLE_INDEX_MSK 0xFFFF - - -/* ------------------------------------- Functions ----------------------------------- */ - - -psa_handle_t psa_hndl_mgr_handle_create(psa_handle_manager_t *handle_mgr, void *handle_mem, int32_t friend_pid) -{ - // Make sanity checks on arguments - SPM_ASSERT(handle_mgr != NULL); - SPM_ASSERT(handle_mem != NULL); - - // Get active partition id - Needed for requester identification - spm_partition_t *curr_part_ptr = get_active_partition(); - int32_t current_pid = ((curr_part_ptr != NULL) ? curr_part_ptr->partition_id : PSA_NSPE_IDENTIFIER); - - // Generate a new handle identifier - uint32_t tmp_handle; - do { - tmp_handle = core_util_atomic_incr_u16(&(handle_mgr->handle_generator), 1); - } while (tmp_handle == PSA_HANDLE_MGR_INVALID_HANDLE); - psa_handle_t new_handle = PSA_NULL_HANDLE; - - // Look for a vacant space in handles pool for the generated handle - for (uint32_t pool_ix = 0; pool_ix < handle_mgr->pool_size; pool_ix++) { - - psa_handle_t expected = PSA_NULL_HANDLE; - - // Write the handles pool index in the upper 16 bits of the handle - psa_handle_t desired_handle = ((pool_ix << PSA_HANDLE_MGR_HANDLE_INDEX_POS) | tmp_handle); - - // Store the generated handle in the handles pool - if (core_util_atomic_cas_s32(&(handle_mgr->handles_pool[pool_ix].handle), - &expected, - desired_handle - )) { - - // Handle is successfully stored in handles pool - new_handle = desired_handle; - - // Store the handle memory in the handles pool, "coupled" with the stored handle - handle_mgr->handles_pool[pool_ix].handle_mem = handle_mem; - handle_mgr->handles_pool[pool_ix].handle_owner = current_pid; - handle_mgr->handles_pool[pool_ix].handle_friend = friend_pid; - - break; - } - - // Occupied index in handles pool - continue looping - } - - // Handle creation should only occur after a successful memory allocation - // and is not expected to fail. - SPM_ASSERT(new_handle != PSA_NULL_HANDLE); - - return new_handle; -} - - -void psa_hndl_mgr_handle_destroy(psa_handle_manager_t *handle_mgr, psa_handle_t handle) -{ - // Make sanity checks on arguments - SPM_ASSERT(handle_mgr != NULL); - SPM_ASSERT(handle != PSA_NULL_HANDLE); - - - // Get the handle's index in the handles pool - uint32_t pool_ix = ((handle >> PSA_HANDLE_MGR_HANDLE_INDEX_POS) & PSA_HANDLE_MGR_HANDLE_INDEX_MSK); - if (pool_ix >= handle_mgr->pool_size) { - SPM_PANIC("[ERROR] Handle's index [%lu] is bigger than handles pool size [%hu]! \n", pool_ix, handle_mgr->pool_size); - } - - if (handle_mgr->handles_pool[pool_ix].handle != handle) { - SPM_PANIC("[ERROR] Handle %ld is not found in expected index! \n", handle); - } - - // Get active partition id - Needed for requester identification - spm_partition_t *curr_part_ptr = get_active_partition(); - int32_t current_pid = ((curr_part_ptr != NULL) ? curr_part_ptr->partition_id : PSA_NSPE_IDENTIFIER); - - if ((handle_mgr->handles_pool[pool_ix].handle_owner != current_pid) && - (handle_mgr->handles_pool[pool_ix].handle_friend != current_pid) - ) { - SPM_PANIC("[ERROR] Request for destroy by non-owner or friend!\n"); - } - - handle_mgr->handles_pool[pool_ix].handle_owner = PSA_HANDLE_MGR_INVALID_FRIEND_OWNER; - handle_mgr->handles_pool[pool_ix].handle_friend = PSA_HANDLE_MGR_INVALID_FRIEND_OWNER; - core_util_atomic_store_s32(&(handle_mgr->handles_pool[pool_ix].handle), PSA_NULL_HANDLE); -} - - -void *psa_hndl_mgr_handle_get_mem(psa_handle_manager_t *handle_mgr, psa_handle_t handle) -{ - SPM_ASSERT(handle_mgr != NULL); - - if (handle == PSA_NULL_HANDLE) { - SPM_PANIC("[ERROR] Trying to get memory for an invalid handle! \n"); - } - - // Get the handle's index in the handles pool - uint32_t pool_ix = ((handle >> PSA_HANDLE_MGR_HANDLE_INDEX_POS) & PSA_HANDLE_MGR_HANDLE_INDEX_MSK); - if (pool_ix >= handle_mgr->pool_size) { - SPM_PANIC("[ERROR] Handle's index [%lu] is bigger than handles pool size [%hu]! \n", pool_ix, handle_mgr->pool_size); - } - - if (handle_mgr->handles_pool[pool_ix].handle != handle) { - SPM_PANIC("[ERROR] Handle %ld is not found in expected index! \n", handle); - } - - // Get active partition id - Needed for requester identification - spm_partition_t *curr_part_ptr = get_active_partition(); - int32_t current_pid = ((curr_part_ptr != NULL) ? curr_part_ptr->partition_id : PSA_NSPE_IDENTIFIER); - - if ((current_pid != handle_mgr->handles_pool[pool_ix].handle_owner) && - (current_pid != handle_mgr->handles_pool[pool_ix].handle_friend) - ) { - SPM_PANIC("[ERROR] Request for handle memory is not allowed for this partition! \n"); - } - - // If a valid handle is "coupled" with a NULL handle memory then - // it is an internal module error or memory was overwritten --> Assert - SPM_ASSERT(handle_mgr->handles_pool[pool_ix].handle_mem != NULL); - - return handle_mgr->handles_pool[pool_ix].handle_mem; -} diff --git a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/handles_manager.h b/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/handles_manager.h deleted file mode 100644 index 92e9111..0000000 --- a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/handles_manager.h +++ /dev/null @@ -1,160 +0,0 @@ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef __MBED_HANDLE_MANAGER_H__ -#define __MBED_HANDLE_MANAGER_H__ - -/* -------------------------------------- Includes ----------------------------------- */ - -#include "psa_defs.h" - -#include - -/* -------------------------------- Handle Manager Module ---------------------------- */ - -/* - * The Handle Manager module generates and exposes a unique - * identifier (handle) per handle memory (handle_mem) it receives. - * You can use the exposed handle identifier to relate to the "registered" - * handle memory. - * - * You can: - * - Ask for a unique handle identifier for a given handle memory [`handle_create`]. - * - Ask for a pointer to the handle memory corresponding to a - * handle identifier [`handle_get_mem`]. - * - Remove a handle from the handle manager module [`handle_destroy`]. - * - * Note: - * Handle generation is done exclusively. - * Once you have a handle, you can remove or get its memory non-exclusively. - * The assumption is that only one context is dealing with a handle after it is - * generated. - */ - -/* --------------------------------- extern "C" wrapper ------------------------------ */ - -#ifdef __cplusplus -extern "C" { -#endif - - - -/* ------------------------------------ Definitions ---------------------------------- */ - -#define PSA_HANDLE_MGR_INVALID_HANDLE ((uint16_t)PSA_NULL_HANDLE) - -#define PSA_HANDLE_MGR_INVALID_FRIEND_OWNER 0 // Denoting invalid friend or invalid owner - -// Handle manager pool indexes must be in range 0 - 0x7FFF. -// This is because the index is stored in the upper 16 bits of a handle, -// and the most significant bit must be zero to keep handles non-negative. -#define PSA_HANDLE_MGR_MAX_HANDLES_NUM 0x8000 - - - -/* -------------------------------------- Structs ------------------------------------ */ - -typedef struct psa_handle_item_t { - - psa_handle_t handle; /* The user-exposed handle [unique identifier]. */ - int32_t handle_owner; /* The partition ID of the handle creator. Allowed to get_mem() / destroy(). */ - int32_t handle_friend; /* The partition ID of a "friend" partition. Allowed to get_mem(). */ - void *handle_mem; /* Points to memory allocated by the use.r */ - -} psa_handle_item_t; - - -typedef struct psa_handle_manager_t { - - // Handle generator uses only 16 bits, and wraps. - // The reason for this is that we use the 16 upper bits to store the handle's index in the handles pool (for performance reasons) - uint16_t handle_generator; /* A counter supplying handle numbers. */ - uint16_t pool_size; /* The maximum number of handles that pool can contain. */ - psa_handle_item_t *handles_pool; /* Holds couples of handles and their memory "blocks". */ - -} psa_handle_manager_t; - - -/* -handles_pool - | - | - | - --> *--------------------------------------------------------------------------* - | handle | handle | handle | | | ... | - *--------------------------------------------------------------------------* - | handle_owner | handle_owner | handle_owner | | | ... | - *--------------------------------------------------------------------------* - | handle_friend | handle_friend | handle_friend | | | ... | - *--------------------------------------------------------------------------* - | handle_mem | handle_mem | handle_mem | | | ... | - *--------------------------------------------------------------------------* -*/ - - - -/* ------------------------------------- Functions ----------------------------------- */ - - -/* - * @brief Create unique handle identifier - * - * This function generates a unique handle identifier, and **couples** it with the received handle memory. - * If there is no vacant space for the new handle, the function fails. - * - * @note This function is expected to pass since it is always coupled with memory pool allocation of the same size. - * In case memory pool allocation fails, this function should not be called. - * This function will panic in the case of non-vacant space use. - * - * @param[in] handle_mgr A pointer to the handle manager object. - * @param[in] handle_mem A pointer to a pre-allocated handle memory for which to get a handle identifier. - * @param[in] friend_pid The partition ID allowed to `get_mem()` and `destroy()` in addition to the handle owner. - * Use `PSA_HANDLE_MGR_INVALID_FRIEND_OWNER` to denote that there is no friend partition. - * @return The created handle identifier - */ -psa_handle_t psa_hndl_mgr_handle_create(psa_handle_manager_t *handle_mgr, void *handle_mem, int32_t friend_pid); - - -/* - * @brief Remove a handle from the handle manager. - * - * @param handle_mgr A pointer to the handle manager object. - * @param handle The handle to be removed. - */ -void psa_hndl_mgr_handle_destroy(psa_handle_manager_t *handle_mgr, psa_handle_t handle); - - -/* - * @brief De-reference handle - * - * This function retrieves the pointer associated with the input . - * - * @note This function will panic if caller is not allowed to de-reference the memory, - * or handler does not correspond to a valid existing handle. - * - * @param handle_mgr A pointer to the handle manager object. - * @param handle The handle for which you request the corresponding memory handle. - * @return void* A pointer to the memory corresponding to the handle. - */ -void *psa_hndl_mgr_handle_get_mem(psa_handle_manager_t *handle_mgr, psa_handle_t handle); - - -#ifdef __cplusplus -} -#endif - -#endif /* __MBED_HANDLE_MANAGER_H__ */ diff --git a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/psa_setup.c b/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/psa_setup.c deleted file mode 100644 index da2b58e..0000000 --- a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/psa_setup.c +++ /dev/null @@ -1,1185 +0,0 @@ -/* Copyright (c) 2017-2019 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/******************************************************************************* - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - * THIS FILE IS AN AUTO-GENERATED FILE - DO NOT MODIFY IT. - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - * Template Version 1.0 - * Generated by tools/psa/generate_partition_code.py Version 1.1 - ******************************************************************************/ - -#include "cmsis.h" -#include "rtx_os.h" - -#include "mbed_toolchain.h" /* For using MBED_ALIGN macro */ - -#include "spm_panic.h" -#include "spm_internal.h" -#include "handles_manager.h" -#include "mbed_spm_partitions.h" - -#include "psa_manifest/sid.h" - -extern spm_db_t g_spm; - -/****************** Service Partitions ****************************************/ - -/* ----------------------------------------------------------------------------- - * ATTEST_SRV declarations - * -------------------------------------------------------------------------- */ -MBED_ALIGN(8) static uint8_t attest_srv_thread_stack[8192] = {0}; - -static osRtxThread_t attest_srv_thread_cb = {0}; -static const osThreadAttr_t attest_srv_thread_attr = { - .name = "attest_srv", - .attr_bits = 0, - .cb_mem = &attest_srv_thread_cb, - .cb_size = sizeof(attest_srv_thread_cb), - .stack_mem = attest_srv_thread_stack, - .stack_size = 8192, - .priority = osPriorityNormal, - .tz_module = 0, - .reserved = 0 -}; - -static osRtxMutex_t attest_srv_mutex = {0}; -static const osMutexAttr_t attest_srv_mutex_attr = { - .name = "attest_srv_mutex", - .attr_bits = osMutexRecursive | osMutexPrioInherit | osMutexRobust, - .cb_mem = &attest_srv_mutex, - .cb_size = sizeof(attest_srv_mutex), -}; - -spm_rot_service_t attest_srv_rot_services[] = { - { - .sid = PSA_ATTEST_GET_TOKEN_ID, - .mask = PSA_ATTEST_GET_TOKEN, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_STRICT, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, - { - .sid = PSA_ATTEST_GET_TOKEN_SIZE_ID, - .mask = PSA_ATTEST_GET_TOKEN_SIZE, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_STRICT, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, - { - .sid = PSA_ATTEST_INJECT_KEY_ID, - .mask = PSA_ATTEST_INJECT_KEY, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_STRICT, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, -}; - -/* External SIDs used by ATTEST_SRV */ -const uint32_t attest_srv_external_sids[7] = { - PSA_CRYPTO_INIT_ID, - PSA_HASH_ID, - PSA_ASYMMETRIC_ID, - PSA_KEY_MNG_ID, - PSA_CRYPTO_FREE_ID, - PSA_KEY_DERIVATION_ID, - PSA_PLATFORM_LC_GET, -}; - -extern void attest_main(void *ptr); - -void attest_srv_init(spm_partition_t *partition) -{ - if (NULL == partition) { - SPM_PANIC("partition is NULL!\n"); - } - - partition->mutex = osMutexNew(&attest_srv_mutex_attr); - if (NULL == partition->mutex) { - SPM_PANIC("Failed to create mutex for secure partition attest_srv!\n"); - } - - for (uint32_t i = 0; i < ATTEST_SRV_ROT_SRV_COUNT; ++i) { - attest_srv_rot_services[i].partition = partition; - } - partition->rot_services = attest_srv_rot_services; - - partition->thread_id = osThreadNew(attest_main, NULL, &attest_srv_thread_attr); - if (NULL == partition->thread_id) { - SPM_PANIC("Failed to create start main thread of partition attest_srv!\n"); - } -} - -/* ----------------------------------------------------------------------------- - * CRYPTO_SRV declarations - * -------------------------------------------------------------------------- */ -MBED_ALIGN(8) static uint8_t crypto_srv_thread_stack[16384] = {0}; - -static osRtxThread_t crypto_srv_thread_cb = {0}; -static const osThreadAttr_t crypto_srv_thread_attr = { - .name = "crypto_srv", - .attr_bits = 0, - .cb_mem = &crypto_srv_thread_cb, - .cb_size = sizeof(crypto_srv_thread_cb), - .stack_mem = crypto_srv_thread_stack, - .stack_size = 16384, - .priority = osPriorityNormal, - .tz_module = 0, - .reserved = 0 -}; - -static osRtxMutex_t crypto_srv_mutex = {0}; -static const osMutexAttr_t crypto_srv_mutex_attr = { - .name = "crypto_srv_mutex", - .attr_bits = osMutexRecursive | osMutexPrioInherit | osMutexRobust, - .cb_mem = &crypto_srv_mutex, - .cb_size = sizeof(crypto_srv_mutex), -}; - -spm_rot_service_t crypto_srv_rot_services[] = { - { - .sid = PSA_CRYPTO_INIT_ID, - .mask = PSA_CRYPTO_INIT, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_STRICT, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, - { - .sid = PSA_MAC_ID, - .mask = PSA_MAC, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_STRICT, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, - { - .sid = PSA_HASH_ID, - .mask = PSA_HASH, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_STRICT, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, - { - .sid = PSA_ASYMMETRIC_ID, - .mask = PSA_ASYMMETRIC, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_STRICT, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, - { - .sid = PSA_SYMMETRIC_ID, - .mask = PSA_SYMMETRIC, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_STRICT, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, - { - .sid = PSA_AEAD_ID, - .mask = PSA_AEAD, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_STRICT, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, - { - .sid = PSA_KEY_MNG_ID, - .mask = PSA_KEY_MNG, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_STRICT, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, - { - .sid = PSA_RNG_ID, - .mask = PSA_RNG, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_STRICT, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, - { - .sid = PSA_CRYPTO_FREE_ID, - .mask = PSA_CRYPTO_FREE, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_STRICT, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, - { - .sid = PSA_KEY_DERIVATION_ID, - .mask = PSA_KEY_DERIVATION, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_STRICT, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, - { - .sid = PSA_ENTROPY_ID, - .mask = PSA_ENTROPY_INJECT, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_STRICT, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, -}; - -/* External SIDs used by CRYPTO_SRV */ -const uint32_t crypto_srv_external_sids[4] = { - PSA_ITS_GET, - PSA_ITS_SET, - PSA_ITS_INFO, - PSA_ITS_REMOVE, -}; - -extern void crypto_main(void *ptr); - -void crypto_srv_init(spm_partition_t *partition) -{ - if (NULL == partition) { - SPM_PANIC("partition is NULL!\n"); - } - - partition->mutex = osMutexNew(&crypto_srv_mutex_attr); - if (NULL == partition->mutex) { - SPM_PANIC("Failed to create mutex for secure partition crypto_srv!\n"); - } - - for (uint32_t i = 0; i < CRYPTO_SRV_ROT_SRV_COUNT; ++i) { - crypto_srv_rot_services[i].partition = partition; - } - partition->rot_services = crypto_srv_rot_services; - - partition->thread_id = osThreadNew(crypto_main, NULL, &crypto_srv_thread_attr); - if (NULL == partition->thread_id) { - SPM_PANIC("Failed to create start main thread of partition crypto_srv!\n"); - } -} - -/* ----------------------------------------------------------------------------- - * PLATFORM declarations - * -------------------------------------------------------------------------- */ -MBED_ALIGN(8) static uint8_t platform_thread_stack[1024] = {0}; - -static osRtxThread_t platform_thread_cb = {0}; -static const osThreadAttr_t platform_thread_attr = { - .name = "platform", - .attr_bits = 0, - .cb_mem = &platform_thread_cb, - .cb_size = sizeof(platform_thread_cb), - .stack_mem = platform_thread_stack, - .stack_size = 1024, - .priority = osPriorityNormal, - .tz_module = 0, - .reserved = 0 -}; - -static osRtxMutex_t platform_mutex = {0}; -static const osMutexAttr_t platform_mutex_attr = { - .name = "platform_mutex", - .attr_bits = osMutexRecursive | osMutexPrioInherit | osMutexRobust, - .cb_mem = &platform_mutex, - .cb_size = sizeof(platform_mutex), -}; - -spm_rot_service_t platform_rot_services[] = { - { - .sid = PSA_PLATFORM_LC_GET, - .mask = PSA_PLATFORM_LC_GET_MSK, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, - { - .sid = PSA_PLATFORM_LC_SET, - .mask = PSA_PLATFORM_LC_SET_MSK, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, - { - .sid = PSA_PLATFORM_SYSTEM_RESET, - .mask = PSA_PLATFORM_SYSTEM_RESET_MSK, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, - { - .sid = PSA_PLATFORM_IOCTL, - .mask = PSA_PLATFORM_IOCTL_MSK, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, -}; - -/* External SIDs used by PLATFORM */ -const uint32_t platform_external_sids[1] = { - PSA_ITS_RESET, -}; - -extern void platform_partition_entry(void *ptr); - -void platform_init(spm_partition_t *partition) -{ - if (NULL == partition) { - SPM_PANIC("partition is NULL!\n"); - } - - partition->mutex = osMutexNew(&platform_mutex_attr); - if (NULL == partition->mutex) { - SPM_PANIC("Failed to create mutex for secure partition platform!\n"); - } - - for (uint32_t i = 0; i < PLATFORM_ROT_SRV_COUNT; ++i) { - platform_rot_services[i].partition = partition; - } - partition->rot_services = platform_rot_services; - - partition->thread_id = osThreadNew(platform_partition_entry, NULL, &platform_thread_attr); - if (NULL == partition->thread_id) { - SPM_PANIC("Failed to create start main thread of partition platform!\n"); - } -} - -/* ----------------------------------------------------------------------------- - * ITS declarations - * -------------------------------------------------------------------------- */ -MBED_ALIGN(8) static uint8_t its_thread_stack[2048] = {0}; - -static osRtxThread_t its_thread_cb = {0}; -static const osThreadAttr_t its_thread_attr = { - .name = "its", - .attr_bits = 0, - .cb_mem = &its_thread_cb, - .cb_size = sizeof(its_thread_cb), - .stack_mem = its_thread_stack, - .stack_size = 2048, - .priority = osPriorityNormal, - .tz_module = 0, - .reserved = 0 -}; - -static osRtxMutex_t its_mutex = {0}; -static const osMutexAttr_t its_mutex_attr = { - .name = "its_mutex", - .attr_bits = osMutexRecursive | osMutexPrioInherit | osMutexRobust, - .cb_mem = &its_mutex, - .cb_size = sizeof(its_mutex), -}; - -spm_rot_service_t its_rot_services[] = { - { - .sid = PSA_ITS_GET, - .mask = PSA_ITS_GET_MSK, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, - { - .sid = PSA_ITS_SET, - .mask = PSA_ITS_SET_MSK, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, - { - .sid = PSA_ITS_INFO, - .mask = PSA_ITS_INFO_MSK, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, - { - .sid = PSA_ITS_REMOVE, - .mask = PSA_ITS_REMOVE_MSK, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, - { - .sid = PSA_ITS_RESET, - .mask = PSA_ITS_RESET_MSK, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED, - .allow_nspe = false, - .queue = { - .head = NULL, - .tail = NULL - } - }, -}; - -extern void its_entry(void *ptr); - -void its_init(spm_partition_t *partition) -{ - if (NULL == partition) { - SPM_PANIC("partition is NULL!\n"); - } - - partition->mutex = osMutexNew(&its_mutex_attr); - if (NULL == partition->mutex) { - SPM_PANIC("Failed to create mutex for secure partition its!\n"); - } - - for (uint32_t i = 0; i < ITS_ROT_SRV_COUNT; ++i) { - its_rot_services[i].partition = partition; - } - partition->rot_services = its_rot_services; - - partition->thread_id = osThreadNew(its_entry, NULL, &its_thread_attr); - if (NULL == partition->thread_id) { - SPM_PANIC("Failed to create start main thread of partition its!\n"); - } -} - - -/****************** Test Partitions *******************************************/ -#ifdef USE_PSA_TEST_PARTITIONS - -#ifdef USE_CRYPTO_ACL_TEST -/* ----------------------------------------------------------------------------- - * CRYPTO_ACL_TEST declarations - * -------------------------------------------------------------------------- */ -MBED_ALIGN(8) static uint8_t crypto_acl_test_thread_stack[512] = {0}; - -static osRtxThread_t crypto_acl_test_thread_cb = {0}; -static const osThreadAttr_t crypto_acl_test_thread_attr = { - .name = "crypto_acl_test", - .attr_bits = 0, - .cb_mem = &crypto_acl_test_thread_cb, - .cb_size = sizeof(crypto_acl_test_thread_cb), - .stack_mem = crypto_acl_test_thread_stack, - .stack_size = 512, - .priority = osPriorityNormal, - .tz_module = 0, - .reserved = 0 -}; - -static osRtxMutex_t crypto_acl_test_mutex = {0}; -static const osMutexAttr_t crypto_acl_test_mutex_attr = { - .name = "crypto_acl_test_mutex", - .attr_bits = osMutexRecursive | osMutexPrioInherit | osMutexRobust, - .cb_mem = &crypto_acl_test_mutex, - .cb_size = sizeof(crypto_acl_test_mutex), -}; - -spm_rot_service_t crypto_acl_test_rot_services[] = { - { - .sid = CRYPTO_GENERATE_KEY, - .mask = CRYPTO_GENERATE_KEY_MSK, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, - { - .sid = CRYPTO_OPEN_KEY, - .mask = CRYPTO_OPEN_KEY_MSK, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, - { - .sid = CRYPTO_CLOSE_KEY, - .mask = CRYPTO_CLOSE_KEY_MSK, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, - { - .sid = CRYPTO_DESTROY_KEY, - .mask = CRYPTO_DESTROY_KEY_MSK, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, - { - .sid = CRYPTO_GET_KEY_ATTRIBUTES, - .mask = CRYPTO_GET_KEY_ATTRIBUTES_MSK, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, - { - .sid = CRYPTO_IMPORT_KEY, - .mask = CRYPTO_IMPORT_KEY_MSK, - .partition = NULL, - .min_version = 1, - .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, -}; - -/* External SIDs used by CRYPTO_ACL_TEST */ -const uint32_t crypto_acl_test_external_sids[1] = { - PSA_KEY_MNG_ID, -}; - -extern void test_partition_main(void *ptr); - -void crypto_acl_test_init(spm_partition_t *partition) -{ - if (NULL == partition) { - SPM_PANIC("partition is NULL!\n"); - } - - partition->mutex = osMutexNew(&crypto_acl_test_mutex_attr); - if (NULL == partition->mutex) { - SPM_PANIC("Failed to create mutex for secure partition crypto_acl_test!\n"); - } - - for (uint32_t i = 0; i < CRYPTO_ACL_TEST_ROT_SRV_COUNT; ++i) { - crypto_acl_test_rot_services[i].partition = partition; - } - partition->rot_services = crypto_acl_test_rot_services; - - partition->thread_id = osThreadNew(test_partition_main, NULL, &crypto_acl_test_thread_attr); - if (NULL == partition->thread_id) { - SPM_PANIC("Failed to create start main thread of partition crypto_acl_test!\n"); - } -} - -#endif // USE_CRYPTO_ACL_TEST - -#ifdef USE_CLIENT_TESTS_PART1 -/* ----------------------------------------------------------------------------- - * CLIENT_TESTS_PART1 declarations - * -------------------------------------------------------------------------- */ -MBED_ALIGN(8) static uint8_t client_tests_part1_thread_stack[1024] = {0}; - -static osRtxThread_t client_tests_part1_thread_cb = {0}; -static const osThreadAttr_t client_tests_part1_thread_attr = { - .name = "client_tests_part1", - .attr_bits = 0, - .cb_mem = &client_tests_part1_thread_cb, - .cb_size = sizeof(client_tests_part1_thread_cb), - .stack_mem = client_tests_part1_thread_stack, - .stack_size = 1024, - .priority = osPriorityNormal, - .tz_module = 0, - .reserved = 0 -}; - -static osRtxMutex_t client_tests_part1_mutex = {0}; -static const osMutexAttr_t client_tests_part1_mutex_attr = { - .name = "client_tests_part1_mutex", - .attr_bits = osMutexRecursive | osMutexPrioInherit | osMutexRobust, - .cb_mem = &client_tests_part1_mutex, - .cb_size = sizeof(client_tests_part1_mutex), -}; - -spm_rot_service_t client_tests_part1_rot_services[] = { - { - .sid = CLIENT_TESTS_PART1_ROT_SRV1, - .mask = PART1_ROT_SRV1_MSK, - .partition = NULL, - .min_version = 5, - .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, - { - .sid = CLIENT_TESTS_PART1_DROP_CONN, - .mask = DROP_CONN_MSK, - .partition = NULL, - .min_version = 5, - .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, - { - .sid = CLIENT_TESTS_PART1_SECURE_CLIENTS_ONLY, - .mask = SECURE_CLIENTS_ONLY_MSK, - .partition = NULL, - .min_version = 5, - .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED, - .allow_nspe = false, - .queue = { - .head = NULL, - .tail = NULL - } - }, -}; - -extern void client_part_main(void *ptr); - -void client_tests_part1_init(spm_partition_t *partition) -{ - if (NULL == partition) { - SPM_PANIC("partition is NULL!\n"); - } - - partition->mutex = osMutexNew(&client_tests_part1_mutex_attr); - if (NULL == partition->mutex) { - SPM_PANIC("Failed to create mutex for secure partition client_tests_part1!\n"); - } - - for (uint32_t i = 0; i < CLIENT_TESTS_PART1_ROT_SRV_COUNT; ++i) { - client_tests_part1_rot_services[i].partition = partition; - } - partition->rot_services = client_tests_part1_rot_services; - - partition->thread_id = osThreadNew(client_part_main, NULL, &client_tests_part1_thread_attr); - if (NULL == partition->thread_id) { - SPM_PANIC("Failed to create start main thread of partition client_tests_part1!\n"); - } -} - -#endif // USE_CLIENT_TESTS_PART1 - -#ifdef USE_SERVER_TESTS_PART1 -/* ----------------------------------------------------------------------------- - * SERVER_TESTS_PART1 declarations - * -------------------------------------------------------------------------- */ -MBED_ALIGN(8) static uint8_t server_tests_part1_thread_stack[1024] = {0}; - -static osRtxThread_t server_tests_part1_thread_cb = {0}; -static const osThreadAttr_t server_tests_part1_thread_attr = { - .name = "server_tests_part1", - .attr_bits = 0, - .cb_mem = &server_tests_part1_thread_cb, - .cb_size = sizeof(server_tests_part1_thread_cb), - .stack_mem = server_tests_part1_thread_stack, - .stack_size = 1024, - .priority = osPriorityNormal, - .tz_module = 0, - .reserved = 0 -}; - -static osRtxMutex_t server_tests_part1_mutex = {0}; -static const osMutexAttr_t server_tests_part1_mutex_attr = { - .name = "server_tests_part1_mutex", - .attr_bits = osMutexRecursive | osMutexPrioInherit | osMutexRobust, - .cb_mem = &server_tests_part1_mutex, - .cb_size = sizeof(server_tests_part1_mutex), -}; - -spm_rot_service_t server_tests_part1_rot_services[] = { - { - .sid = SERVER_TESTS_PART1_CONTROL, - .mask = CONTROL_MSK, - .partition = NULL, - .min_version = 5, - .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, - { - .sid = SERVER_TESTS_PART1_TEST, - .mask = TEST_MSK, - .partition = NULL, - .min_version = 12, - .min_version_policy = PSA_MINOR_VERSION_POLICY_STRICT, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, -}; - -/* External SIDs used by SERVER_TESTS_PART1 */ -const uint32_t server_tests_part1_external_sids[2] = { - SERVER_TESTS_PART2_ROT_SRV_REVERSE, - SERVER_TESTS_PART2_ROT_SRV_DB_TST, -}; - -extern void server_part1_main(void *ptr); - -void server_tests_part1_init(spm_partition_t *partition) -{ - if (NULL == partition) { - SPM_PANIC("partition is NULL!\n"); - } - - partition->mutex = osMutexNew(&server_tests_part1_mutex_attr); - if (NULL == partition->mutex) { - SPM_PANIC("Failed to create mutex for secure partition server_tests_part1!\n"); - } - - for (uint32_t i = 0; i < SERVER_TESTS_PART1_ROT_SRV_COUNT; ++i) { - server_tests_part1_rot_services[i].partition = partition; - } - partition->rot_services = server_tests_part1_rot_services; - - partition->thread_id = osThreadNew(server_part1_main, NULL, &server_tests_part1_thread_attr); - if (NULL == partition->thread_id) { - SPM_PANIC("Failed to create start main thread of partition server_tests_part1!\n"); - } -} - -#endif // USE_SERVER_TESTS_PART1 - -#ifdef USE_SERVER_TESTS_PART2 -/* ----------------------------------------------------------------------------- - * SERVER_TESTS_PART2 declarations - * -------------------------------------------------------------------------- */ -MBED_ALIGN(8) static uint8_t server_tests_part2_thread_stack[1024] = {0}; - -static osRtxThread_t server_tests_part2_thread_cb = {0}; -static const osThreadAttr_t server_tests_part2_thread_attr = { - .name = "server_tests_part2", - .attr_bits = 0, - .cb_mem = &server_tests_part2_thread_cb, - .cb_size = sizeof(server_tests_part2_thread_cb), - .stack_mem = server_tests_part2_thread_stack, - .stack_size = 1024, - .priority = osPriorityNormal, - .tz_module = 0, - .reserved = 0 -}; - -static osRtxMutex_t server_tests_part2_mutex = {0}; -static const osMutexAttr_t server_tests_part2_mutex_attr = { - .name = "server_tests_part2_mutex", - .attr_bits = osMutexRecursive | osMutexPrioInherit | osMutexRobust, - .cb_mem = &server_tests_part2_mutex, - .cb_size = sizeof(server_tests_part2_mutex), -}; - -spm_rot_service_t server_tests_part2_rot_services[] = { - { - .sid = SERVER_TESTS_PART2_ROT_SRV_REVERSE, - .mask = ROT_SRV_REVERSE_MSK, - .partition = NULL, - .min_version = 5, - .min_version_policy = PSA_MINOR_VERSION_POLICY_STRICT, - .allow_nspe = false, - .queue = { - .head = NULL, - .tail = NULL - } - }, - { - .sid = SERVER_TESTS_PART2_ROT_SRV_DB_TST, - .mask = ROT_SRV_DB_TST_MSK, - .partition = NULL, - .min_version = 5, - .min_version_policy = PSA_MINOR_VERSION_POLICY_STRICT, - .allow_nspe = false, - .queue = { - .head = NULL, - .tail = NULL - } - }, -}; - -extern void server_part2_main(void *ptr); - -void server_tests_part2_init(spm_partition_t *partition) -{ - if (NULL == partition) { - SPM_PANIC("partition is NULL!\n"); - } - - partition->mutex = osMutexNew(&server_tests_part2_mutex_attr); - if (NULL == partition->mutex) { - SPM_PANIC("Failed to create mutex for secure partition server_tests_part2!\n"); - } - - for (uint32_t i = 0; i < SERVER_TESTS_PART2_ROT_SRV_COUNT; ++i) { - server_tests_part2_rot_services[i].partition = partition; - } - partition->rot_services = server_tests_part2_rot_services; - - partition->thread_id = osThreadNew(server_part2_main, NULL, &server_tests_part2_thread_attr); - if (NULL == partition->thread_id) { - SPM_PANIC("Failed to create start main thread of partition server_tests_part2!\n"); - } -} - -#endif // USE_SERVER_TESTS_PART2 - -#ifdef USE_SMOKE_TESTS_PART1 -/* ----------------------------------------------------------------------------- - * SMOKE_TESTS_PART1 declarations - * -------------------------------------------------------------------------- */ -MBED_ALIGN(8) static uint8_t smoke_tests_part1_thread_stack[512] = {0}; - -static osRtxThread_t smoke_tests_part1_thread_cb = {0}; -static const osThreadAttr_t smoke_tests_part1_thread_attr = { - .name = "smoke_tests_part1", - .attr_bits = 0, - .cb_mem = &smoke_tests_part1_thread_cb, - .cb_size = sizeof(smoke_tests_part1_thread_cb), - .stack_mem = smoke_tests_part1_thread_stack, - .stack_size = 512, - .priority = osPriorityNormal, - .tz_module = 0, - .reserved = 0 -}; - -static osRtxMutex_t smoke_tests_part1_mutex = {0}; -static const osMutexAttr_t smoke_tests_part1_mutex_attr = { - .name = "smoke_tests_part1_mutex", - .attr_bits = osMutexRecursive | osMutexPrioInherit | osMutexRobust, - .cb_mem = &smoke_tests_part1_mutex, - .cb_size = sizeof(smoke_tests_part1_mutex), -}; - -spm_rot_service_t smoke_tests_part1_rot_services[] = { - { - .sid = SMOKE_TESTS_PART1_ROT_SRV1, - .mask = ROT_SRV1_MSK, - .partition = NULL, - .min_version = 5, - .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED, - .allow_nspe = true, - .queue = { - .head = NULL, - .tail = NULL - } - }, -}; - -extern void smoke_part_main(void *ptr); - -void smoke_tests_part1_init(spm_partition_t *partition) -{ - if (NULL == partition) { - SPM_PANIC("partition is NULL!\n"); - } - - partition->mutex = osMutexNew(&smoke_tests_part1_mutex_attr); - if (NULL == partition->mutex) { - SPM_PANIC("Failed to create mutex for secure partition smoke_tests_part1!\n"); - } - - for (uint32_t i = 0; i < SMOKE_TESTS_PART1_ROT_SRV_COUNT; ++i) { - smoke_tests_part1_rot_services[i].partition = partition; - } - partition->rot_services = smoke_tests_part1_rot_services; - - partition->thread_id = osThreadNew(smoke_part_main, NULL, &smoke_tests_part1_thread_attr); - if (NULL == partition->thread_id) { - SPM_PANIC("Failed to create start main thread of partition smoke_tests_part1!\n"); - } -} - -#endif // USE_SMOKE_TESTS_PART1 - -#endif // USE_PSA_TEST_PARTITIONS - -/****************** SPM DB initialization *************************************/ -spm_partition_t g_partitions[] = { - /* ATTEST_SRV */ - { - .partition_id = ATTEST_SRV_ID, - .thread_id = 0, - .flags = ATTEST_SRV_WAIT_ANY_SID_MSK | ATTEST_SRV_WAIT_ANY_IRQ_MSK, - .rot_services = NULL, - .rot_services_count = ATTEST_SRV_ROT_SRV_COUNT, - .extern_sids = attest_srv_external_sids, - .extern_sids_count = ATTEST_SRV_EXT_ROT_SRV_COUNT, - .irq_mapper = NULL, - }, - - /* CRYPTO_SRV */ - { - .partition_id = CRYPTO_SRV_ID, - .thread_id = 0, - .flags = CRYPTO_SRV_WAIT_ANY_SID_MSK | CRYPTO_SRV_WAIT_ANY_IRQ_MSK, - .rot_services = NULL, - .rot_services_count = CRYPTO_SRV_ROT_SRV_COUNT, - .extern_sids = crypto_srv_external_sids, - .extern_sids_count = CRYPTO_SRV_EXT_ROT_SRV_COUNT, - .irq_mapper = NULL, - }, - - /* PLATFORM */ - { - .partition_id = PLATFORM_ID, - .thread_id = 0, - .flags = PLATFORM_WAIT_ANY_SID_MSK | PLATFORM_WAIT_ANY_IRQ_MSK, - .rot_services = NULL, - .rot_services_count = PLATFORM_ROT_SRV_COUNT, - .extern_sids = platform_external_sids, - .extern_sids_count = PLATFORM_EXT_ROT_SRV_COUNT, - .irq_mapper = NULL, - }, - - /* ITS */ - { - .partition_id = ITS_ID, - .thread_id = 0, - .flags = ITS_WAIT_ANY_SID_MSK | ITS_WAIT_ANY_IRQ_MSK, - .rot_services = NULL, - .rot_services_count = ITS_ROT_SRV_COUNT, - .extern_sids = NULL, - .extern_sids_count = ITS_EXT_ROT_SRV_COUNT, - .irq_mapper = NULL, - }, - -#ifdef USE_PSA_TEST_PARTITIONS - -#ifdef USE_CRYPTO_ACL_TEST /* CRYPTO_ACL_TEST */ - { - .partition_id = CRYPTO_ACL_TEST_ID, - .thread_id = 0, - .flags = CRYPTO_ACL_TEST_WAIT_ANY_SID_MSK | CRYPTO_ACL_TEST_WAIT_ANY_IRQ_MSK, - .rot_services = NULL, - .rot_services_count = CRYPTO_ACL_TEST_ROT_SRV_COUNT, - .extern_sids = crypto_acl_test_external_sids, - .extern_sids_count = CRYPTO_ACL_TEST_EXT_ROT_SRV_COUNT, - .irq_mapper = NULL, - }, -#endif // USE_CRYPTO_ACL_TEST - -#ifdef USE_CLIENT_TESTS_PART1 /* CLIENT_TESTS_PART1 */ - { - .partition_id = CLIENT_TESTS_PART1_ID, - .thread_id = 0, - .flags = CLIENT_TESTS_PART1_WAIT_ANY_SID_MSK | CLIENT_TESTS_PART1_WAIT_ANY_IRQ_MSK, - .rot_services = NULL, - .rot_services_count = CLIENT_TESTS_PART1_ROT_SRV_COUNT, - .extern_sids = NULL, - .extern_sids_count = CLIENT_TESTS_PART1_EXT_ROT_SRV_COUNT, - .irq_mapper = NULL, - }, -#endif // USE_CLIENT_TESTS_PART1 - -#ifdef USE_SERVER_TESTS_PART1 /* SERVER_TESTS_PART1 */ - { - .partition_id = SERVER_TESTS_PART1_ID, - .thread_id = 0, - .flags = SERVER_TESTS_PART1_WAIT_ANY_SID_MSK | SERVER_TESTS_PART1_WAIT_ANY_IRQ_MSK, - .rot_services = NULL, - .rot_services_count = SERVER_TESTS_PART1_ROT_SRV_COUNT, - .extern_sids = server_tests_part1_external_sids, - .extern_sids_count = SERVER_TESTS_PART1_EXT_ROT_SRV_COUNT, - .irq_mapper = NULL, - }, -#endif // USE_SERVER_TESTS_PART1 - -#ifdef USE_SERVER_TESTS_PART2 /* SERVER_TESTS_PART2 */ - { - .partition_id = SERVER_TESTS_PART2_ID, - .thread_id = 0, - .flags = SERVER_TESTS_PART2_WAIT_ANY_SID_MSK | SERVER_TESTS_PART2_WAIT_ANY_IRQ_MSK, - .rot_services = NULL, - .rot_services_count = SERVER_TESTS_PART2_ROT_SRV_COUNT, - .extern_sids = NULL, - .extern_sids_count = SERVER_TESTS_PART2_EXT_ROT_SRV_COUNT, - .irq_mapper = NULL, - }, -#endif // USE_SERVER_TESTS_PART2 - -#ifdef USE_SMOKE_TESTS_PART1 /* SMOKE_TESTS_PART1 */ - { - .partition_id = SMOKE_TESTS_PART1_ID, - .thread_id = 0, - .flags = SMOKE_TESTS_PART1_WAIT_ANY_SID_MSK | SMOKE_TESTS_PART1_WAIT_ANY_IRQ_MSK, - .rot_services = NULL, - .rot_services_count = SMOKE_TESTS_PART1_ROT_SRV_COUNT, - .extern_sids = NULL, - .extern_sids_count = SMOKE_TESTS_PART1_EXT_ROT_SRV_COUNT, - .irq_mapper = NULL, - }, -#endif // USE_SMOKE_TESTS_PART1 - -#endif // USE_PSA_TEST_PARTITIONS - -}; - -/****************** MMIO regions **********************************************/ -const mem_region_t *mem_regions = NULL; -const uint32_t mem_region_count = 0; - -/****************** Partitions init function *********************************/ -uint32_t init_partitions(spm_partition_t **partitions) -{ - uint32_t partition_idx = 0; - - if (NULL == partitions) { - SPM_PANIC("partitions is NULL!\n"); - } - - attest_srv_init(&(g_partitions[partition_idx++])); - crypto_srv_init(&(g_partitions[partition_idx++])); - platform_init(&(g_partitions[partition_idx++])); - its_init(&(g_partitions[partition_idx++])); - -#ifdef USE_PSA_TEST_PARTITIONS - -#ifdef USE_CRYPTO_ACL_TEST - crypto_acl_test_init(&(g_partitions[partition_idx++])); -#endif // USE_CRYPTO_ACL_TEST - -#ifdef USE_CLIENT_TESTS_PART1 - client_tests_part1_init(&(g_partitions[partition_idx++])); -#endif // USE_CLIENT_TESTS_PART1 - -#ifdef USE_SERVER_TESTS_PART1 - server_tests_part1_init(&(g_partitions[partition_idx++])); -#endif // USE_SERVER_TESTS_PART1 - -#ifdef USE_SERVER_TESTS_PART2 - server_tests_part2_init(&(g_partitions[partition_idx++])); -#endif // USE_SERVER_TESTS_PART2 - -#ifdef USE_SMOKE_TESTS_PART1 - smoke_tests_part1_init(&(g_partitions[partition_idx++])); -#endif // USE_SMOKE_TESTS_PART1 - -#endif // USE_PSA_TEST_PARTITIONS - - *partitions = g_partitions; - return partition_idx; -} - diff --git a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/spm_client.c b/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/spm_client.c deleted file mode 100644 index d227d6b..0000000 --- a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/spm_client.c +++ /dev/null @@ -1,353 +0,0 @@ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include -#include "mbed_toolchain.h" -#include "rtx_os.h" -#include "spm_client.h" -#include "spm_messages.h" -#include "spm_internal.h" -#include "spm_panic.h" -#include "handles_manager.h" - -extern spm_db_t g_spm; - -static inline spm_rot_service_t *rot_service_in_partition_get_by_sid(spm_partition_t *partition, uint32_t sid) -{ - for (uint32_t i = 0; i < partition->rot_services_count; ++i) { - spm_rot_service_t *rot_service = &(partition->rot_services[i]); - if (rot_service->sid == sid) { - return rot_service; - } - } - - return NULL; -} - -static inline spm_rot_service_t *rot_service_get(uint32_t sid) -{ - for (uint32_t i = 0; i < g_spm.partition_count; ++i) { - spm_rot_service_t *rot_service = rot_service_in_partition_get_by_sid(&(g_spm.partitions[i]), sid); - if (NULL != rot_service) { - return rot_service; - } - } - - return NULL; -} - -static inline void spm_validate_connection_allowed(spm_rot_service_t *target, spm_partition_t *source) -{ - if ((NULL == source) && (false == target->allow_nspe)) { - SPM_PANIC("SID 0x%lx is not allowed to be called from NSPE\n", target->sid); - } - - if (NULL != source) { - if (NULL == source->extern_sids) { - SPM_PANIC("Partition %ld did not declare extern functions\n", source->partition_id); - } - - for (uint32_t i = 0; i < source->extern_sids_count; i++) { - if (source->extern_sids[i] == target->sid) { - return; - } - } - - SPM_PANIC("SID 0x%lx is not in partition %ld extern functions list\n", target->sid, source->partition_id); - } -} - -static inline psa_handle_t create_channel_handle(void *handle_mem, int32_t friend_pid) -{ - return psa_hndl_mgr_handle_create(&(g_spm.channels_handle_mgr), handle_mem, friend_pid); -} - -static inline spm_ipc_channel_t *get_channel_from_handle(psa_handle_t handle) -{ - return (spm_ipc_channel_t *)psa_hndl_mgr_handle_get_mem(&(g_spm.channels_handle_mgr), handle); -} - -static void spm_rot_service_queue_enqueue(spm_rot_service_t *rot_service, spm_ipc_channel_t *item) -{ - osStatus_t os_status = osMutexAcquire(rot_service->partition->mutex, osWaitForever); - SPM_ASSERT(osOK == os_status); - PSA_UNUSED(os_status); - - if (rot_service->queue.tail == NULL) { - rot_service->queue.head = item; - } else { - rot_service->queue.tail->next = item; - } - - rot_service->queue.tail = item; - - uint32_t flags = osThreadFlagsSet(rot_service->partition->thread_id, rot_service->mask); - // osThreadFlagsSet() sets the msb on failure. - // flags is not allowed to be 0 since only dequeue operation can clear the flags, - // and both operations (enqueue and dequeue) are mutex protected. - SPM_ASSERT((flags & SPM_CMSIS_RTOS_ERROR_BIT_MSK) == 0); - SPM_ASSERT(flags & rot_service->mask); - PSA_UNUSED(flags); - - os_status = osMutexRelease(rot_service->partition->mutex); - SPM_ASSERT(osOK == os_status); -} - -void psa_connect_async(uint32_t sid, spm_pending_connect_msg_t *msg) -{ - SPM_ASSERT(msg != NULL); - - spm_rot_service_t *dst_rot_service = rot_service_get(sid); - if (NULL == dst_rot_service) { - SPM_PANIC("SID 0x%lx is invalid!\n", sid); - } - - if (((dst_rot_service->min_version_policy == PSA_MINOR_VERSION_POLICY_RELAXED) && (msg->min_version > dst_rot_service->min_version)) || - ((dst_rot_service->min_version_policy == PSA_MINOR_VERSION_POLICY_STRICT) && (msg->min_version != dst_rot_service->min_version))) { - SPM_PANIC("minor version %lu does not comply with sid %lu minor version %lu and minor policy %lu", - msg->min_version, dst_rot_service->sid, dst_rot_service->min_version, dst_rot_service->min_version_policy); - } - - spm_partition_t *origin_partition = get_active_partition(); - spm_validate_connection_allowed(dst_rot_service, origin_partition); - - if (!is_buffer_accessible(msg, sizeof(*msg), origin_partition)) { - SPM_PANIC("Pending connect message is inaccessible\n"); - } - - // Allocating from SPM-Core internal memory - spm_ipc_channel_t *channel = (spm_ipc_channel_t *)osMemoryPoolAlloc(g_spm.channel_mem_pool, PSA_POLL); - if (NULL == channel) { - msg->rc = PSA_CONNECTION_REFUSED; - if (origin_partition != NULL) { - osStatus_t os_status = osSemaphoreRelease(msg->completion_sem_id); - SPM_ASSERT(osOK == os_status); - PSA_UNUSED(os_status); - } else { - nspe_done(msg->completion_sem_id); - } - - return; - } - - // Create the handle in the user message so we could destroy it in case of failure. - msg->rc = (psa_status_t)create_channel_handle(channel, dst_rot_service->partition->partition_id); - - // NOTE: all struct fields must be initialized as the allocated memory is not zeroed. - channel->state = SPM_CHANNEL_STATE_CONNECTING; - channel->src_partition = origin_partition; - channel->dst_rot_service = dst_rot_service; - channel->msg_ptr = msg; - channel->msg_type = PSA_IPC_CONNECT; - channel->rhandle = NULL; - channel->next = NULL; - channel->is_dropped = FALSE; - - spm_rot_service_queue_enqueue(dst_rot_service, channel); -} - -psa_handle_t psa_connect(uint32_t sid, uint32_t minor_version) -{ - osRtxSemaphore_t msg_sem_storage = {0}; - const osSemaphoreAttr_t msg_sem_attr = { - .name = NULL, - .attr_bits = 0, - .cb_mem = &msg_sem_storage, - .cb_size = sizeof(msg_sem_storage), - }; - - spm_pending_connect_msg_t msg = { - .min_version = minor_version, - .rc = PSA_NULL_HANDLE, - .completion_sem_id = osSemaphoreNew( - SPM_COMPLETION_SEM_MAX_COUNT, - SPM_COMPLETION_SEM_INITIAL_COUNT, - &msg_sem_attr) - }; - - if (NULL == msg.completion_sem_id) { - SPM_PANIC("could not create a semaphore for connect message"); - } - - psa_connect_async(sid, &msg); - - osStatus_t os_status = osSemaphoreAcquire(msg.completion_sem_id, osWaitForever); - SPM_ASSERT(osOK == os_status); - - os_status = osSemaphoreDelete(msg.completion_sem_id); - SPM_ASSERT(osOK == os_status); - - PSA_UNUSED(os_status); - - return (psa_handle_t)msg.rc; -} - -void psa_call_async(psa_handle_t handle, spm_pending_call_msg_t *msg) -{ - SPM_ASSERT(msg != NULL); - spm_ipc_channel_t *channel = get_channel_from_handle(handle); - SPM_ASSERT(channel != NULL); - - if (!is_buffer_accessible(msg, sizeof(*msg), channel->src_partition)) { - SPM_PANIC("Pending call message is inaccessible\n"); - } - - if (channel->is_dropped == TRUE) { - msg->rc = PSA_DROP_CONNECTION; - - if (channel->src_partition == NULL) { - nspe_done(msg->completion_sem_id); - } else { - osStatus_t os_status = osSemaphoreRelease(msg->completion_sem_id); - SPM_ASSERT(osOK == os_status); - PSA_UNUSED(os_status); - } - - return; - } - - channel_state_switch(&channel->state, - SPM_CHANNEL_STATE_IDLE, SPM_CHANNEL_STATE_PENDING); - - channel->msg_ptr = msg; - channel->msg_type = PSA_IPC_CALL; - - validate_iovec(msg->in_vec, msg->in_vec_size, msg->out_vec, msg->out_vec_size); - spm_rot_service_queue_enqueue(channel->dst_rot_service, channel); -} - -psa_status_t psa_call( - psa_handle_t handle, - const psa_invec *in_vec, - size_t in_len, - const psa_outvec *out_vec, - size_t out_len -) -{ - osRtxSemaphore_t msg_sem_storage = {0}; - const osSemaphoreAttr_t msg_sem_attr = { - .name = NULL, - .attr_bits = 0, - .cb_mem = &msg_sem_storage, - .cb_size = sizeof(msg_sem_storage), - }; - - spm_pending_call_msg_t msg = { - .in_vec = in_vec, - .in_vec_size = in_len, - .out_vec = out_vec, - .out_vec_size = out_len, - .rc = PSA_SUCCESS, - .completion_sem_id = osSemaphoreNew( - SPM_COMPLETION_SEM_MAX_COUNT, - SPM_COMPLETION_SEM_INITIAL_COUNT, - &msg_sem_attr) - }; - - if (NULL == msg.completion_sem_id) { - SPM_PANIC("could not create a semaphore for connect message"); - } - - psa_call_async(handle, &msg); - - osStatus_t os_status = osSemaphoreAcquire(msg.completion_sem_id, osWaitForever); - SPM_ASSERT(osOK == os_status); - - os_status = osSemaphoreDelete(msg.completion_sem_id); - SPM_ASSERT(osOK == os_status); - - PSA_UNUSED(os_status); - - return (psa_status_t)msg.rc; -} - -void psa_close_async(psa_handle_t handle, spm_pending_close_msg_t *msg) -{ - SPM_ASSERT(msg != NULL); - - spm_ipc_channel_t *channel = get_channel_from_handle(handle); - SPM_ASSERT(channel != NULL); - - if (!is_buffer_accessible(msg, sizeof(*msg), channel->src_partition)) { - SPM_PANIC("Pending close message is inaccessible\n"); - } - - channel_state_assert(&(channel->state), SPM_CHANNEL_STATE_IDLE); - - channel->msg_ptr = msg; - channel->msg_type = PSA_IPC_DISCONNECT; - - spm_rot_service_queue_enqueue(channel->dst_rot_service, channel); -} - -void psa_close(psa_handle_t handle) -{ - if (handle == PSA_NULL_HANDLE) { - // Invalid handles will fail inside handle manager [called from psa_close_async()] - return; - } - - osRtxSemaphore_t msg_sem_storage = {0}; - const osSemaphoreAttr_t msg_sem_attr = { - .name = NULL, - .attr_bits = 0, - .cb_mem = &msg_sem_storage, - .cb_size = sizeof(msg_sem_storage), - }; - - spm_pending_close_msg_t msg = { - .handle = handle, - .completion_sem_id = osSemaphoreNew(SPM_COMPLETION_SEM_MAX_COUNT, - SPM_COMPLETION_SEM_INITIAL_COUNT, - &msg_sem_attr - ), - - }; - - if (NULL == msg.completion_sem_id) { - SPM_PANIC("Could not create a semaphore for close message"); - } - - psa_close_async(handle, &msg); - - osStatus_t os_status = osSemaphoreAcquire(msg.completion_sem_id, osWaitForever); - SPM_ASSERT(osOK == os_status); - - os_status = osSemaphoreDelete(msg.completion_sem_id); - SPM_ASSERT(osOK == os_status); - - PSA_UNUSED(os_status); -} - -uint32_t psa_framework_version(void) -{ - return (uint32_t)PSA_FRAMEWORK_VERSION; -} - - -uint32_t psa_version(uint32_t sid) -{ - uint32_t version = PSA_VERSION_NONE; - spm_rot_service_t *service = rot_service_get(sid); - if (service != NULL) { - if ((get_active_partition() != NULL) || (service->allow_nspe)) { - version = service->min_version; - } - } - - return version; -} diff --git a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/spm_common.c b/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/spm_common.c deleted file mode 100644 index 94e070f..0000000 --- a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/spm_common.c +++ /dev/null @@ -1,172 +0,0 @@ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "cmsis_os2.h" -#include "mbed_atomic.h" -#include "psa_defs.h" -#include "spm_internal.h" -#include "spm_panic.h" - -inline void validate_iovec( - const void *in_vec, - const uint32_t in_len, - const void *out_vec, - const uint32_t out_len -) -{ - if ( - !( - ((in_vec != NULL) || (in_len == 0)) && - ((out_vec != NULL) || (out_len == 0)) && - (in_len + out_len <= PSA_MAX_IOVEC) - ) - ) { - SPM_PANIC("Failed iovec Validation invec=(0X%p) inlen=(%lu) outvec=(0X%p) outlen=(%lu)\n", in_vec, in_len, out_vec, out_len); - } -} - -inline void channel_state_switch(uint8_t *current_state, uint8_t expected_state, uint8_t new_state) -{ - uint8_t actual_state = expected_state; - if (!core_util_atomic_cas_u8(current_state, &actual_state, new_state)) { - SPM_PANIC("channel in incorrect processing state: %hhu while %hhu is expected!\n", - actual_state, expected_state); - } -} - -inline void channel_state_assert(const uint8_t *current_state, uint8_t expected_state) -{ - uint8_t actual_state = core_util_atomic_load_u8(current_state); - if (actual_state != expected_state) { - SPM_PANIC("channel in incorrect processing state: %hhu while %hhu is expected!\n", - actual_state, expected_state); - } -} - -extern const mem_region_t *mem_regions; -extern const uint32_t mem_region_count; - -const mem_region_t *get_mem_regions(int32_t partition_id, uint32_t *region_count) -{ - uint32_t i; - - SPM_ASSERT(NULL != region_count); - *region_count = 0; - - if (partition_id == MEM_PARTITIONS_ALL) { - *region_count = mem_region_count; - return mem_regions; - } - - // The entries in the array of memory regions are grouped by partition id. - // This is ensured by the way this array is automatically generated from the manifest files. - for (i = 0; i < mem_region_count && mem_regions[i].partition_id != partition_id; i++); - - if (i == mem_region_count) { - return NULL; - } - - const mem_region_t *regions = &mem_regions[i]; - for (; i < mem_region_count && mem_regions[i].partition_id == partition_id; i++, (*region_count)++); - - return regions; -} - -extern spm_db_t g_spm; - -spm_partition_t *get_active_partition(void) -{ - osThreadId_t active_thread_id = osThreadGetId(); - SPM_ASSERT(NULL != active_thread_id); - - for (uint32_t i = 0; i < g_spm.partition_count; ++i) { - if (g_spm.partitions[i].thread_id == active_thread_id) { - return &(g_spm.partitions[i]); - } - } - - return NULL; // Valid in case of NSPE -} - -bool is_buffer_accessible(const void *ptr, size_t size, spm_partition_t *accessing_partition) -{ - if (NULL == ptr) { - return false; - } - - if (size == 0) { - return true; - } - - // Check wrap around of ptr + size - if (((uintptr_t)ptr + size - 1) < (uintptr_t)ptr) { - return false; - } - - // Note: Sanity checks on platform addresses and sizes is done in psa_spm_init() - - uint32_t secure_ram_base = PSA_SECURE_RAM_START; - size_t secure_ram_len = PSA_SECURE_RAM_SIZE; - uint32_t secure_rom_base = PSA_SECURE_ROM_START; - size_t secure_rom_len = PSA_SECURE_ROM_SIZE; - - uint32_t non_secure_ram_base = PSA_NON_SECURE_RAM_START; - size_t non_secure_ram_len = PSA_NON_SECURE_RAM_SIZE; - uint32_t non_secure_rom_base = PSA_NON_SECURE_ROM_START; - size_t non_secure_rom_len = PSA_NON_SECURE_ROM_SIZE; - - - // Check NSPE case - if (accessing_partition == NULL) { - - // Make sure the NSPE is accessing the non-secure ram range OR the non-secure flash range - - // RAM - if (((uintptr_t)ptr >= (uintptr_t)non_secure_ram_base) && ((uintptr_t)ptr < ((uintptr_t)non_secure_ram_base + non_secure_ram_len)) && - (((uintptr_t)ptr + size) <= ((uintptr_t)non_secure_ram_base + non_secure_ram_len)) - ) { - return true; - } - - // FLASH - if (((uintptr_t)ptr >= (uintptr_t)non_secure_rom_base) && ((uintptr_t)ptr < ((uintptr_t)non_secure_rom_base + non_secure_rom_len)) && - (((uintptr_t)ptr + size) <= ((uintptr_t)non_secure_rom_base + non_secure_rom_len)) - ) { - return true; - } - } else { // Check SPE case - // As we do not expect secure partitions to use SPE addresses for iovecs, we make sure here that the SPE is accessing - // the secure ram range OR the secure flash range - - // RAM - if (((uintptr_t)ptr >= (uintptr_t)secure_ram_base) && ((uintptr_t)ptr < ((uintptr_t)secure_ram_base + secure_ram_len)) && - (((uintptr_t)ptr + size) <= ((uintptr_t)secure_ram_base + secure_ram_len)) - ) { - return true; - } - - // FLASH - if (((uintptr_t)ptr >= (uintptr_t)secure_rom_base) && ((uintptr_t)ptr < ((uintptr_t)secure_rom_base + secure_rom_len)) && - (((uintptr_t)ptr + size) <= ((uintptr_t)secure_rom_base + secure_rom_len)) - ) { - return true; - } - - } - - return false; -} diff --git a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/spm_init.c b/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/spm_init.c deleted file mode 100644 index c873eee..0000000 --- a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/spm_init.c +++ /dev/null @@ -1,167 +0,0 @@ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "mbed_assert.h" -#include "rtx_os.h" -#include "spm_internal.h" -#include "handles_manager.h" -#include "spm_api.h" - -MBED_STATIC_ASSERT( - MBED_CONF_SPM_IPC_MAX_NUM_OF_CHANNELS <= PSA_HANDLE_MGR_MAX_HANDLES_NUM, - "Number of channels exceeds maximum number of handles allowed in handles manager!" -); - -MBED_STATIC_ASSERT( - MBED_CONF_SPM_IPC_MAX_NUM_OF_MESSAGES <= PSA_HANDLE_MGR_MAX_HANDLES_NUM, - "Number of active messages exceeds maximum number of handles allowed in handles manager!" -); - - -// Sanity check - memory ranges are well formed - -MBED_STATIC_ASSERT( - (PSA_SECURE_RAM_START + PSA_SECURE_RAM_SIZE - 1) > PSA_SECURE_RAM_START, - "Illegal secure ram region!" -); - -MBED_STATIC_ASSERT( - (PSA_SECURE_ROM_START + PSA_SECURE_ROM_SIZE - 1) > PSA_SECURE_ROM_START, - "Illegal secure flash region!" -); - -MBED_STATIC_ASSERT( - (PSA_NON_SECURE_RAM_START + PSA_NON_SECURE_RAM_SIZE - 1) > PSA_NON_SECURE_RAM_START, - "Illegal non-secure ram region!" -); - -MBED_STATIC_ASSERT( - (PSA_NON_SECURE_ROM_START + PSA_NON_SECURE_ROM_SIZE - 1) > PSA_NON_SECURE_ROM_START, - "Illegal non-secure flash region!" -); - -MBED_STATIC_ASSERT( - (PSA_SHARED_RAM_START + PSA_SHARED_RAM_SIZE - 1) > PSA_SHARED_RAM_START, - "Illegal shared ram region!" -); - - -// Sanity check - memory ranges are not overlapping - -#ifndef MIN -#define MIN( a, b ) ( ( ( a ) < ( b ) ) ? ( a ) : ( b ) ) -#endif - -#ifndef MAX -#define MAX( a, b ) ( ( ( a ) > ( b ) ) ? ( a ) : ( b ) ) -#endif - -#define OVERLAP_CHECK( name1, start1, size1, name2, start2, size2) \ - MBED_STATIC_ASSERT( \ - MAX(start1, start2) >= MIN((start1 + size1), (start2 + size2)), \ - name1 " and " name2 " are overlapping!!!" \ - ) - -OVERLAP_CHECK( - "PSA_SECURE_RAM", PSA_SECURE_RAM_START, PSA_SECURE_RAM_SIZE, - "PSA_NON_SECURE_RAM", PSA_NON_SECURE_RAM_START, PSA_NON_SECURE_RAM_SIZE -); - -OVERLAP_CHECK( - "PSA_SECURE_RAM", PSA_SECURE_RAM_START, PSA_SECURE_RAM_SIZE, - "PSA_SHARED_RAM", PSA_SHARED_RAM_START, PSA_SHARED_RAM_SIZE -); - -OVERLAP_CHECK( - "PSA_SHARED_RAM", PSA_SHARED_RAM_START, PSA_SHARED_RAM_SIZE, - "PSA_NON_SECURE_RAM", PSA_NON_SECURE_RAM_START, PSA_NON_SECURE_RAM_SIZE -); - -OVERLAP_CHECK( - "PSA_SECURE_FLASH", PSA_SECURE_ROM_START, PSA_SECURE_ROM_SIZE, - "PSA_NON_SECURE_FLASH", PSA_NON_SECURE_ROM_START, PSA_NON_SECURE_ROM_SIZE -); - - -psa_handle_item_t g_channels_handle_storage[MBED_CONF_SPM_IPC_MAX_NUM_OF_CHANNELS] = {0}; -spm_ipc_channel_t g_channel_data[MBED_CONF_SPM_IPC_MAX_NUM_OF_CHANNELS] = {0}; -osRtxMemoryPool_t g_channel_mem_pool_storage = {0}; -osMemoryPoolAttr_t g_channel_mem_pool_attr = { - .name = "SPM_channel_pool", - .attr_bits = 0, - .cb_mem = &g_channel_mem_pool_storage, - .cb_size = sizeof(g_channel_mem_pool_storage), - .mp_mem = g_channel_data, - .mp_size = sizeof(g_channel_data) -}; - -psa_handle_item_t g_messages_handle_storage[MBED_CONF_SPM_IPC_MAX_NUM_OF_MESSAGES] = {0}; -spm_active_msg_t g_active_messages_data[MBED_CONF_SPM_IPC_MAX_NUM_OF_MESSAGES] = {0}; -osRtxMemoryPool_t g_active_messages_mem_pool_storage = {0}; -osMemoryPoolAttr_t g_active_messages_mem_pool_attr = { - .name = "SPM_active_messages_pool", - .attr_bits = 0, - .cb_mem = &g_active_messages_mem_pool_storage, - .cb_size = sizeof(g_active_messages_mem_pool_storage), - .mp_mem = g_active_messages_data, - .mp_size = sizeof(g_active_messages_data) -}; - -spm_db_t g_spm = { - .partitions = NULL, - .partition_count = 0, - .channels_handle_mgr = { - .handle_generator = PSA_HANDLE_MGR_INVALID_HANDLE, - .pool_size = MBED_CONF_SPM_IPC_MAX_NUM_OF_CHANNELS, - .handles_pool = g_channels_handle_storage - }, - .messages_handle_mgr = { - .handle_generator = PSA_HANDLE_MGR_INVALID_HANDLE, - .pool_size = MBED_CONF_SPM_IPC_MAX_NUM_OF_MESSAGES, - .handles_pool = g_messages_handle_storage - }, - .channel_mem_pool = NULL, - .active_messages_mem_pool = NULL -}; - -// forward declaration -uint32_t init_partitions(spm_partition_t **partitions); - -void psa_spm_init(void) -{ - spm_hal_memory_protection_init(); - - g_spm.channel_mem_pool = osMemoryPoolNew( - MBED_CONF_SPM_IPC_MAX_NUM_OF_CHANNELS, - sizeof(spm_ipc_channel_t), - &g_channel_mem_pool_attr - ); - if (NULL == g_spm.channel_mem_pool) { - error("%s - Failed to create channel memory pool!\n", __func__); - } - - g_spm.active_messages_mem_pool = osMemoryPoolNew( - MBED_CONF_SPM_IPC_MAX_NUM_OF_MESSAGES, - sizeof(spm_active_msg_t), - &g_active_messages_mem_pool_attr - ); - if (NULL == g_spm.active_messages_mem_pool) { - error("%s - Failed to create active messages memory pool!\n", __func__); - } - - g_spm.partition_count = init_partitions(&(g_spm.partitions)); -} diff --git a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/spm_internal.h b/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/spm_internal.h deleted file mode 100644 index ab6d0e3..0000000 --- a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/spm_internal.h +++ /dev/null @@ -1,250 +0,0 @@ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef SPM_INTERNAL_H -#define SPM_INTERNAL_H - -#include -#include "cmsis_os2.h" -#include "cmsis.h" -#include "psa_defs.h" -#include "spm_messages.h" -#include "spm_panic.h" -#include "handles_manager.h" -#include "cmsis_compiler.h" - -#ifdef __cplusplus -extern "C" { -#endif - -#define SPM_COMPLETION_SEM_MAX_COUNT (1UL) /* Maximum number of available tokens for a completion semaphore. */ -#define SPM_COMPLETION_SEM_INITIAL_COUNT (0UL) /* Initial number of available tokens for a completion semaphore. */ - -#define PSA_MMIO_PERM_READ_ONLY (0x000000001) -#define PSA_MMIO_PERM_READ_WRITE (0x000000003) - -#define PSA_RESERVED_ERROR_MIN (INT32_MIN + 1) -#define PSA_RESERVED_ERROR_MAX (INT32_MIN + 127) - -#define SPM_CHANNEL_STATE_INVALID (0x01) -#define SPM_CHANNEL_STATE_CONNECTING (0x02) -#define SPM_CHANNEL_STATE_IDLE (0x03) -#define SPM_CHANNEL_STATE_PENDING (0x04) -#define SPM_CHANNEL_STATE_ACTIVE (0x05) - -#define MEM_PARTITIONS_ALL (0) /* A constant to use to retrieve the memory regions for all the partitions at once. */ - -#define SPM_CMSIS_RTOS_ERROR_BIT_MSK (0x80000000) - -#ifndef TRUE -#define TRUE (1) -#endif - -#ifndef FALSE -#define FALSE (0) -#endif - -struct spm_partition; -struct spm_ipc_channel; - -/* - * Structure to describe MMIO region along with owning partition. - */ -typedef struct mem_region { - const uint32_t base; - const uint32_t size; - const uint32_t permission; - const int32_t partition_id; -} mem_region_t; - -typedef union spm_iovec { - psa_invec in; - psa_outvec out; -} spm_iovec_t; - -/* - * IRQ signal mapper definition. - * The function will not return on invalid signal. - */ -typedef IRQn_Type(*spm_signal_to_irq_mapper_t)(uint32_t); - -/* - * Structure to aggregate channels queue in a Root of Trust Service. - */ -typedef struct spm_channel_linked_list { - struct spm_ipc_channel *head; /* List's first object*/ - struct spm_ipc_channel *tail; /* List's last object*/ -} spm_channel_linked_list_t; - -/* - * Structure containing resources and attributes of a Root of Trust Service. - */ -typedef struct spm_rot_service { - const uint32_t sid; /* The Root of Trust Service ID.*/ - const uint32_t mask; /* The signal for this Root of Trust Service*/ - struct spm_partition *partition; /* Pointer to the Partition which the Root of Trust Service belongs to.*/ - const uint32_t min_version; /* Minor version of the Root of Trust Service interface.*/ - const uint32_t min_version_policy; /* Minor version policy of the Root of Trust Service.*/ - const bool allow_nspe; /* Whether to allow non-secure clients to connect to the Root of Trust Service.*/ - spm_channel_linked_list_t queue; /* Queue of channels holding ROT_SRV operations waiting to be served. */ -} spm_rot_service_t; - -/* - * Structure containing Partition->RoT-Service channel information. - */ -typedef struct spm_ipc_channel { - struct spm_partition *src_partition; /* Pointer to the Partition which connects to the Root of Trust Service.*/ - spm_rot_service_t *dst_rot_service; /* Pointer to the connected Root of Trust Service.*/ - void *rhandle; /* Reverse handle to be used for this channel.*/ - void *msg_ptr; /* Message data sent from user. */ - struct spm_ipc_channel *next; /* Next channel in the chain.*/ - uint8_t msg_type; /* The message type.*/ - uint8_t state; /* The current processing state of the channel.*/ - uint8_t is_dropped; /* Indicates whether the channel has been dropped by the partition.*/ -} spm_ipc_channel_t; - -/* - * Structure containing the currently active message for a Root of Trust Service. - */ -typedef struct spm_active_msg { - spm_ipc_channel_t *channel; /* Pointer to the channel delivering this message.*/ - spm_iovec_t iovecs[PSA_MAX_IOVEC]; /* IOvecs sent for message and response.*/ - uint8_t out_index; /* First index of outvecs in iovecs*/ -} spm_active_msg_t; - -/* - * Structure containing resources and attributes of a secure partition. - */ -typedef struct spm_partition { - const int32_t partition_id; /* The Partition ID.*/ - osThreadId_t thread_id; /* Thread ID of the Partition thread.*/ - const uint32_t flags; /* Mask of all the signals the partition supports.*/ - spm_rot_service_t *rot_services; /* Array of the Partition's Root of Trust Services.*/ - const uint32_t rot_services_count; /* Number of the Partition's Root of Trust Services.*/ - const uint32_t *extern_sids; /* Array of Root of Trust Service IDs that the partition can connect to.*/ - const uint32_t extern_sids_count; /* Number of Root of Trust Services which the partition can connect to.*/ - osMutexId_t mutex; /* Mutex for all rot_service's queues operations. */ - spm_signal_to_irq_mapper_t irq_mapper; /* a function which maps signal to irq number*/ -} spm_partition_t; - -/* - * Structure containing the SPM internal data. - */ -typedef struct spm_db { - spm_partition_t *partitions; /* Array of all the Secure Partitions in the system.*/ - uint32_t partition_count; /* Number of Secure Partitions in the system.*/ - psa_handle_manager_t channels_handle_mgr; - psa_handle_manager_t messages_handle_mgr; - osMemoryPoolId_t channel_mem_pool; /* Channel memory pool identifier.*/ - osMemoryPoolId_t active_messages_mem_pool; /* Channel memory pool identifier.*/ -} spm_db_t; - -/* - * Returns a pointer to the currently active secure partition or NULL in case called from NSPE. - */ -spm_partition_t *get_active_partition(void); - -/* - * Return an array of memory regions used by a given partition. - * - * @param[in] partition_id - a partition ID to find memory regions for, if MEM_PARTITIONS_ALL then - * memory regions for all the partitions are returned - * @param[out] region_count - will be set to the number of memory regions returned - */ -const mem_region_t *get_mem_regions(int32_t partition_id, uint32_t *region_count); - -// Platform dependent APIs - -/* - * Validates that a memory block accessible from a specific partition - * - * @param[in] ptr - Pointer to the beggining of the memory block. - * @param[in] size - Size of the memory block in bytes. - * @param[in] accessing_partition - Which partition is trying to access the memory. - * @return `true` if the entire memory block is accessable from given partition. - */ -bool is_buffer_accessible(const void *ptr, size_t size, spm_partition_t *accessing_partition); - -/** - * Alerts NSPE that a proccess (connect or call) has ended. - * - * @param[in] completion_sem_id - semaphore id in NSPE. - */ -void nspe_done(osSemaphoreId_t completion_sem_id); - -/* - * Validates parameters sent from caller and queues a connect message on the correct ROT_SRV. - * - * @param[in] sid - desired RoT service ID - * @param[in] msg - pointer to connect message struct - */ -void psa_connect_async(uint32_t sid, spm_pending_connect_msg_t *msg); - -/* - * Validates parameters sent from caller and queues a call message on the correct ROT_SRV. - * - * @param[in] handle - channel handle for the connection - * @param[in] msg - pointer to call message struct - */ -void psa_call_async(psa_handle_t handle, spm_pending_call_msg_t *msg); - -/* - * Validates parameters sent from caller and queues a disconnect message on the correct ROT_SRV. - * - * @param[in] handle - handle of channel to close - * @param[in] msg - pointer to close message struct - */ -void psa_close_async(psa_handle_t handle, spm_pending_close_msg_t *msg); - - -/* - * Validates IOvecs. - * - * @param[in] in_vec - psa_invec array - * @param[in] in_len - number of elements in in_vec - * @param[in] out_vec - psa_outvec array - * @param[in] out_len - number of elements in out_vec -*/ -void validate_iovec( - const void *in_vec, - const uint32_t in_len, - const void *out_vec, - const uint32_t out_len -); - -/* - * Assert and modify PSA IPC channel state machine state - * - * @param[in,out] current_state - current state - * @param[in] expected_state - expected state - * @param[in] new_state - new state -*/ -void channel_state_switch(uint8_t *current_state, uint8_t expected_state, uint8_t new_state); - -/* - * Assert PSA IPC channel state machine state - * - * @param[in] current_state - current state - * @param[in] expected_state - expected state -*/ -void channel_state_assert(const uint8_t *current_state, uint8_t expected_state); - -#ifdef __cplusplus -} -#endif - -#endif // SPM_INTERNAL_H diff --git a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/spm_main.c b/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/spm_main.c deleted file mode 100644 index 8237286..0000000 --- a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/spm_main.c +++ /dev/null @@ -1,34 +0,0 @@ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#if defined(COMPONENT_SPM_MAILBOX) - -#include "ipc_queue.h" -extern ipc_consumer_queue_t *cons_queue; -// this is the dispatcher thread for dual-chip systems -int main(void) -{ - while (true) { - ipc_queue_drain(cons_queue); - } -} - -#else - -#error "Non dual-chip platforms are not yet supported" - -#endif // defined(COMPONENT_SPM_MAILBOX) diff --git a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/spm_panic.h b/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/spm_panic.h deleted file mode 100644 index 31c1369..0000000 --- a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/spm_panic.h +++ /dev/null @@ -1,66 +0,0 @@ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef __MBED_SPM_PANIC_H__ -#define __MBED_SPM_PANIC_H__ - -/** @addtogroup SPM - * @{ - */ - -#include "mbed_toolchain.h" -#include "mbed_assert.h" -#include "mbed_error.h" - - -#ifdef __cplusplus -extern "C" { -#endif - - -#ifdef SPM_SPE_BUILD - -#error "Trying to build for SPE with SPM_SPE_BUILD flag - Not supported" - -#else - -/** - * Generate a system panic - * - * @param[in] format The format string to output on panic - * @param[in] ... (Additional arguments) Depending on the format string - */ -#define SPM_PANIC(format, ...) error("%s %u: " format, __func__, __LINE__, ##__VA_ARGS__) - - -/** - * Assert on condition (debug build only) - * - * @param[in] expr Condition to be asserted - */ -#define SPM_ASSERT(expr) MBED_ASSERT(expr) - -#endif - - -#ifdef __cplusplus -} -#endif - -/** @}*/ // end of SPM group - -#endif // __MBED_SPM_PANIC_H__ diff --git a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/spm_server.c b/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/spm_server.c deleted file mode 100644 index efb9bb6..0000000 --- a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/spm_server.c +++ /dev/null @@ -1,564 +0,0 @@ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include -#include "mbed_toolchain.h" -#include "spm_server.h" -#include "spm_messages.h" -#include "spm_internal.h" -#include "spm_panic.h" -#include "handles_manager.h" -#include "cmsis.h" - -extern spm_db_t g_spm; - -static inline spm_partition_t *get_partition_by_pid(int32_t partition_id) -{ - for (uint32_t i = 0; i < g_spm.partition_count; ++i) { - if (g_spm.partitions[i].partition_id == partition_id) { - return &(g_spm.partitions[i]); - } - } - - return NULL; -} - -static inline psa_handle_t create_msg_handle(void *handle_mem, int32_t friend_pid) -{ - return psa_hndl_mgr_handle_create(&(g_spm.messages_handle_mgr), handle_mem, friend_pid); -} - -static inline spm_active_msg_t *get_msg_from_handle(psa_handle_t handle) -{ - return (spm_active_msg_t *)psa_hndl_mgr_handle_get_mem(&(g_spm.messages_handle_mgr), handle); -} - -static inline void destroy_msg_handle(psa_handle_t handle) -{ - psa_hndl_mgr_handle_destroy(&(g_spm.messages_handle_mgr), handle); -} - -static inline void destroy_channel_handle(psa_handle_t handle) -{ - psa_hndl_mgr_handle_destroy(&(g_spm.channels_handle_mgr), handle); -} - - -static inline spm_rot_service_t *get_rot_service(spm_partition_t *prt, psa_signal_t signal) -{ - for (size_t i = 0; i < prt->rot_services_count; i++) { - if (prt->rot_services[i].mask == signal) { - return &prt->rot_services[i]; - } - } - - return NULL; -} - -/* - * This function validates the parameters sent from the user and copies it to an active message - * - * Function assumptions: - * * channel is allocated from SPM Core memory - * * channel->msg_ptr potentially allocated from nonsecure memory - * * user_msg allocated from secure partition memory - not trusted by SPM Core -*/ -static void copy_message_to_spm(spm_ipc_channel_t *channel, psa_msg_t *user_msg) -{ - // Memory allocated from MemoryPool isn't zeroed - thus a temporary variable will make sure we will start from a clear state. - spm_active_msg_t temp_active_message = { - .channel = channel, - .iovecs = {{.in = {0}}}, - .out_index = 0, - }; - - if (channel->msg_type == PSA_IPC_CALL) { - if (!is_buffer_accessible(channel->msg_ptr, sizeof(spm_pending_call_msg_t), channel->src_partition)) { - SPM_PANIC("message data is inaccessible\n"); - } - - spm_pending_call_msg_t *call_msg_data = (spm_pending_call_msg_t *)channel->msg_ptr; - - // Copy pointers and sizes to secure memory to prevent TOCTOU - const psa_invec *temp_invec = call_msg_data->in_vec; - const uint32_t temp_invec_size = call_msg_data->in_vec_size; - const psa_outvec *temp_outvec = call_msg_data->out_vec; - const uint32_t temp_outvec_size = call_msg_data->out_vec_size; - - validate_iovec(temp_invec, temp_invec_size, temp_outvec, temp_outvec_size); - temp_active_message.out_index = (uint8_t)temp_invec_size; - - if (temp_invec_size > 0) { - if (!is_buffer_accessible(temp_invec, temp_invec_size * sizeof(*temp_invec), channel->src_partition)) { - SPM_PANIC("in_vec is inaccessible\n"); - } - - for (uint32_t i = 0; i < temp_invec_size; ++i) { - if (temp_invec[i].len == 0) { - continue; - } - - // Copy struct - temp_active_message.iovecs[i].in = temp_invec[i]; - user_msg->in_size[i] = temp_invec[i].len; - - // Copy then check to prevent TOCTOU - if (!is_buffer_accessible( - temp_active_message.iovecs[i].in.base, - temp_active_message.iovecs[i].in.len, - channel->src_partition)) { - SPM_PANIC("in_vec[%ld] is inaccessible\n", i); - } - } - } - - if (temp_outvec_size > 0) { - if (!is_buffer_accessible(temp_outvec, temp_outvec_size * sizeof(*temp_outvec), channel->src_partition)) { - SPM_PANIC("out_vec is inaccessible\n"); - } - - for (uint32_t i = 0; i < temp_outvec_size; ++i) { - if (temp_outvec[i].len == 0) { - continue; - } - - // Copy struct - temp_active_message.iovecs[temp_invec_size + i].out = temp_outvec[i]; - user_msg->out_size[i] = temp_outvec[i].len; - - // Copy then check to prevent TOCTOU - if (!is_buffer_accessible( - temp_active_message.iovecs[temp_invec_size + i].out.base, - temp_active_message.iovecs[temp_invec_size + i].out.len, - channel->src_partition)) { - SPM_PANIC("out_vec[%lu] is inaccessible\n", i); - } - } - } - } - - // Allocating from SPM-Core internal memory - spm_active_msg_t *active_msg = (spm_active_msg_t *)osMemoryPoolAlloc(g_spm.active_messages_mem_pool, osWaitForever); - if (NULL == active_msg) { - SPM_PANIC("Could not allocate active message"); - } - - // Copy struct - *active_msg = temp_active_message; - - psa_handle_t handle = create_msg_handle(active_msg, PSA_HANDLE_MGR_INVALID_FRIEND_OWNER); - - user_msg->type = channel->msg_type; - user_msg->rhandle = channel->rhandle; - user_msg->handle = handle; - - if (channel->src_partition == NULL) { - user_msg->client_id = PSA_NSPE_IDENTIFIER; - } else { - user_msg->client_id = channel->src_partition->partition_id; - } -} - -static spm_ipc_channel_t *spm_rot_service_queue_dequeue(spm_rot_service_t *rot_service) -{ - osStatus_t os_status = osMutexAcquire(rot_service->partition->mutex, osWaitForever); - SPM_ASSERT(osOK == os_status); - PSA_UNUSED(os_status); - - spm_ipc_channel_t *ret = rot_service->queue.head; - - if (ret == NULL) { - SPM_PANIC("Dequeue from empty queue"); - } - - rot_service->queue.head = ret->next; - ret->next = NULL; - - if (rot_service->queue.head == NULL) { - rot_service->queue.tail = NULL; - - uint32_t flags = osThreadFlagsClear(rot_service->mask); - - // osThreadFlagsClear() sets the msb on failure - SPM_ASSERT((flags & SPM_CMSIS_RTOS_ERROR_BIT_MSK) == 0); - SPM_ASSERT(flags & rot_service->mask); - PSA_UNUSED(flags); - } - - os_status = osMutexRelease(rot_service->partition->mutex); - SPM_ASSERT(osOK == os_status); - - return ret; -} - -psa_signal_t psa_wait(psa_signal_t signal_mask, uint32_t timeout) -{ - spm_partition_t *curr_partition = get_active_partition(); - SPM_ASSERT(NULL != curr_partition); // active thread in SPM must be in partition DB - - psa_signal_t flags_all = curr_partition->flags | PSA_DOORBELL; - if (signal_mask == PSA_WAIT_ANY) { - signal_mask = flags_all; - } else { - if ((~flags_all) & signal_mask) { - SPM_PANIC("signal mask 0x%lx must have only bits from 0x%lx!\n", - signal_mask, flags_all); - } - } - - psa_signal_t asserted_signals = osThreadFlagsWait( - signal_mask, - osFlagsWaitAny | osFlagsNoClear, - (PSA_BLOCK & timeout) ? osWaitForever : 0 - ); - - // Asserted_signals must be a subset of the supported ROT_SRV and interrupt signals. - SPM_ASSERT((asserted_signals == (asserted_signals & flags_all)) || - ((PSA_BLOCK != timeout) && (osFlagsErrorTimeout == asserted_signals))); - - return (osFlagsErrorTimeout == asserted_signals) ? 0 : asserted_signals; -} - -psa_status_t psa_get(psa_signal_t signal, psa_msg_t *msg) -{ - spm_partition_t *curr_partition = get_active_partition(); - SPM_ASSERT(NULL != curr_partition); // active thread in SPM must be in partition DB - - if (!is_buffer_accessible(msg, sizeof(*msg), curr_partition)) { - SPM_PANIC("msg is inaccessible\n"); - } - - memset(msg, 0, sizeof(*msg)); - - // signal must be ONLY ONE of the bits of curr_partition->flags_rot_srv - bool is_one_bit = ((signal != 0) && !(signal & (signal - 1))); - if (!is_one_bit || !(signal & curr_partition->flags)) { - SPM_PANIC( - "signal 0x%lx must have only 1 bit ON and must be a subset of 0x%lx!\n", - signal, - curr_partition->flags - ); - } - - uint32_t active_flags = osThreadFlagsGet(); - if (0 == (signal & active_flags)) { - SPM_PANIC("flag is not active!\n"); - } - - spm_rot_service_t *curr_rot_service = get_rot_service(curr_partition, signal); - if (curr_rot_service == NULL) { - SPM_PANIC("Received signal (0x%08lx) that does not match any root of trust service", signal); - } - spm_ipc_channel_t *curr_channel = spm_rot_service_queue_dequeue(curr_rot_service); - - switch (curr_channel->msg_type) { - case PSA_IPC_CONNECT: - channel_state_assert( - &curr_channel->state, - SPM_CHANNEL_STATE_CONNECTING - ); - break; - - case PSA_IPC_CALL: - channel_state_switch( - &curr_channel->state, - SPM_CHANNEL_STATE_PENDING, - SPM_CHANNEL_STATE_ACTIVE - ); - break; - - case PSA_IPC_DISCONNECT: { - channel_state_assert( - &curr_channel->state, - SPM_CHANNEL_STATE_IDLE - ); - break; - } - default: - SPM_PANIC("psa_get - unexpected message type=0x%08hhX", curr_channel->msg_type); - break; - } - - copy_message_to_spm(curr_channel, msg); - return PSA_SUCCESS; -} - -static size_t read_or_skip(psa_handle_t msg_handle, uint32_t invec_idx, void *buf, size_t num_bytes) -{ - spm_active_msg_t *active_msg = get_msg_from_handle(msg_handle); - - channel_state_assert(&active_msg->channel->state, SPM_CHANNEL_STATE_ACTIVE); - - if (invec_idx >= PSA_MAX_IOVEC) { - SPM_PANIC("Invalid invec_idx\n"); - } - - if (invec_idx >= active_msg->out_index) { - return 0; - } - - psa_invec *active_iovec = &active_msg->iovecs[invec_idx].in; - - if (num_bytes > active_iovec->len) { - num_bytes = active_iovec->len; - } - - if (num_bytes > 0) { - if (buf) { - memcpy(buf, active_iovec->base, num_bytes); - } - active_iovec->base = (void *)((uint8_t *)active_iovec->base + num_bytes); - active_iovec->len -= num_bytes; - } - - return num_bytes; -} - -size_t psa_read(psa_handle_t msg_handle, uint32_t invec_idx, void *buf, size_t num_bytes) -{ - spm_partition_t *curr_partition = get_active_partition(); - SPM_ASSERT(NULL != curr_partition); // active thread in SPM must be in partition DB - - if (!is_buffer_accessible(buf, num_bytes, curr_partition)) { - SPM_PANIC("buffer is inaccessible\n"); - } - - return read_or_skip(msg_handle, invec_idx, buf, num_bytes); -} - -size_t psa_skip(psa_handle_t msg_handle, uint32_t invec_idx, size_t num_bytes) -{ - return read_or_skip(msg_handle, invec_idx, NULL, num_bytes); -} - -void psa_write(psa_handle_t msg_handle, uint32_t outvec_idx, const void *buffer, size_t num_bytes) -{ - if (0 == num_bytes) { - return; - } - - spm_partition_t *curr_partition = get_active_partition(); - SPM_ASSERT(NULL != curr_partition); // active thread in S - - if (!is_buffer_accessible(buffer, num_bytes, curr_partition)) { - SPM_PANIC("buffer is inaccessible\n"); - } - - spm_active_msg_t *active_msg = get_msg_from_handle(msg_handle); - - channel_state_assert(&active_msg->channel->state, SPM_CHANNEL_STATE_ACTIVE); - - outvec_idx += active_msg->out_index; - if (outvec_idx >= PSA_MAX_IOVEC) { - SPM_PANIC("Invalid outvec_idx\n"); - } - - psa_outvec *active_iovec = &active_msg->iovecs[outvec_idx].out; - if (num_bytes > active_iovec->len) { - SPM_PANIC("Invalid write operation (Requested %zu, Avialable %zu)\n", num_bytes, active_iovec->len); - } - - memcpy((uint8_t *)(active_iovec->base), buffer, num_bytes); - active_iovec->base = (void *)((uint8_t *)active_iovec->base + num_bytes); - active_iovec->len -= num_bytes; - - return; -} - -void psa_reply(psa_handle_t msg_handle, psa_status_t status) -{ - spm_active_msg_t *active_msg = get_msg_from_handle(msg_handle); - spm_ipc_channel_t *active_channel = active_msg->channel; - SPM_ASSERT(active_channel != NULL); - SPM_ASSERT(active_channel->msg_ptr != NULL); - - // !!!!!NOTE!!!!! handles must be destroyed before osMemoryPoolFree(). - // Message creation blocked on resource exhaustion and handle will be created - // only after a successful memory allocation and is not expected to fail. - { - destroy_msg_handle(msg_handle); - - memset(active_msg, 0, sizeof(*active_msg)); - osStatus_t os_status = osMemoryPoolFree(g_spm.active_messages_mem_pool, active_msg); - SPM_ASSERT(osOK == os_status); - PSA_UNUSED(os_status); - } - - osSemaphoreId_t completion_sem_id = NULL; - bool nspe_call = (active_channel->src_partition == NULL); - switch (active_channel->msg_type) { - case PSA_IPC_CONNECT: { - if ((status != PSA_SUCCESS) && (status != PSA_CONNECTION_REFUSED)) { - SPM_PANIC("status (0X%08lx) is not allowed for PSA_IPC_CONNECT", status); - } - - spm_pending_connect_msg_t *connect_msg_data = (spm_pending_connect_msg_t *)(active_channel->msg_ptr); - completion_sem_id = connect_msg_data->completion_sem_id; - if (status == PSA_CONNECTION_REFUSED) { - channel_state_assert(&active_channel->state, SPM_CHANNEL_STATE_CONNECTING); - // !!!!!NOTE!!!!! handles must be destroyed before osMemoryPoolFree(). - // Channel creation fails on resource exhaustion and handle will be created - // only after a successful memory allocation and is not expected to fail. - { - // In psa_connect the handle was written to user's memory before - // the connection was established. - // Channel state machine and ACL will prevent attacker from - // doing bad stuff before we overwrite it with a negative return code. - destroy_channel_handle((psa_handle_t)connect_msg_data->rc); - - memset(active_channel, 0, sizeof(*active_channel)); - osStatus_t os_status = osMemoryPoolFree(g_spm.channel_mem_pool, active_channel); - SPM_ASSERT(osOK == os_status); - PSA_UNUSED(os_status); - } - // Replace the handle we created in the user's memory with the error code - connect_msg_data->rc = status; - active_channel = NULL; - } else { - channel_state_switch(&active_channel->state, - SPM_CHANNEL_STATE_CONNECTING, SPM_CHANNEL_STATE_IDLE); - } - break; - } - case PSA_IPC_CALL: { - if ((status >= PSA_RESERVED_ERROR_MIN) && (status <= PSA_RESERVED_ERROR_MAX)) { - SPM_PANIC("status (0X%08lx) is not allowed for PSA_IPC_CALL", status); - } - - channel_state_switch(&active_channel->state, - SPM_CHANNEL_STATE_ACTIVE, SPM_CHANNEL_STATE_IDLE); - - if (status == PSA_DROP_CONNECTION) { - active_channel->is_dropped = TRUE; - } - - spm_pending_call_msg_t *call_msg_data = (spm_pending_call_msg_t *)(active_channel->msg_ptr); - call_msg_data->rc = status; - completion_sem_id = call_msg_data->completion_sem_id; - break; - } - case PSA_IPC_DISCONNECT: { - spm_pending_close_msg_t *close_msg_data = (spm_pending_close_msg_t *)(active_channel->msg_ptr); - completion_sem_id = close_msg_data->completion_sem_id; - - channel_state_switch(&(active_channel->state), - SPM_CHANNEL_STATE_IDLE, - SPM_CHANNEL_STATE_INVALID - ); - - // !!!!!NOTE!!!!! handles must be destroyed before osMemoryPoolFree(). - // Channel creation fails on resource exhaustion and handle will be created - // only after a successful memory allocation and is not expected to fail. - { - destroy_channel_handle(close_msg_data->handle); - - memset(active_channel, 0, sizeof(*active_channel)); - osStatus_t os_status = osMemoryPoolFree(g_spm.channel_mem_pool, active_channel); - active_channel = NULL; - SPM_ASSERT(osOK == os_status); - PSA_UNUSED(os_status); - } - break; - - // Note: The status code is ignored for PSA_IPC_DISCONNECT message type - } - default: - SPM_PANIC("psa_reply() - Unexpected message type=0x%08hhX", active_channel->msg_type); - break; - } - - if (active_channel != NULL) { - active_channel->msg_ptr = NULL; - active_channel->msg_type = 0; // uninitialized - } - - if (nspe_call) { - nspe_done(completion_sem_id); - } else { - osStatus_t os_status = osSemaphoreRelease(completion_sem_id); - SPM_ASSERT(osOK == os_status); - PSA_UNUSED(os_status); - } - - return; -} - -void psa_notify(int32_t partition_id) -{ - spm_partition_t *target_partition = get_partition_by_pid(partition_id); - if (NULL == target_partition) { - SPM_PANIC("Could not find partition (partition_id = %ld)\n", - partition_id - ); - } - - uint32_t flags = osThreadFlagsSet(target_partition->thread_id, PSA_DOORBELL); - // osThreadFlagsSet() sets the msb on failure - // flags is allowed to be 0 since by the time osThreadFlagsSet() returns - // the flag could have been cleared by another thread - SPM_ASSERT((flags & SPM_CMSIS_RTOS_ERROR_BIT_MSK) == 0); - PSA_UNUSED(flags); -} - -void psa_clear(void) -{ - uint32_t flags = osThreadFlagsClear(PSA_DOORBELL); - - // osThreadFlagsClear() sets the msb on failure - SPM_ASSERT((flags & SPM_CMSIS_RTOS_ERROR_BIT_MSK) == 0); - - // psa_clear() must not be called when doorbell signal is not currently asserted - if ((flags & PSA_DOORBELL) != PSA_DOORBELL) { - SPM_PANIC("psa_call() called without signaled doorbell\n"); - } -} - -void psa_set_rhandle(psa_handle_t msg_handle, void *rhandle) -{ - spm_active_msg_t *active_msg = get_msg_from_handle(msg_handle); - active_msg->channel->rhandle = rhandle; -} - -void psa_eoi(uint32_t irq_signal) -{ - spm_partition_t *curr_partition = get_active_partition(); - SPM_ASSERT(NULL != curr_partition); - if (curr_partition->irq_mapper == NULL) { - SPM_PANIC("Try to clear an interrupt flag without declaring IRQ"); - } - - if (0 == (curr_partition->flags & irq_signal)) { - SPM_PANIC("Signal %lu not in irq range\n", irq_signal); - } - - bool is_one_bit = ((irq_signal != 0) && !(irq_signal & (irq_signal - 1))); - if (!is_one_bit) { - SPM_PANIC("signal 0x%lx must have only 1 bit ON!\n", irq_signal); - } - - IRQn_Type irq_line = curr_partition->irq_mapper(irq_signal); - uint32_t flags = osThreadFlagsClear(irq_signal); - // osThreadFlagsClear() sets the msb on failure - SPM_ASSERT((flags & SPM_CMSIS_RTOS_ERROR_BIT_MSK) == 0); - - // psa_eoi() must not be called with an unasserted flag. - if ((flags & irq_signal) != irq_signal) { - SPM_PANIC("psa_eoi() called without signaled IRQ\n"); - } - - NVIC_EnableIRQ(irq_line); -} diff --git a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/spm_server.h b/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/spm_server.h deleted file mode 100644 index 80f3de8..0000000 --- a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/spm_server.h +++ /dev/null @@ -1,152 +0,0 @@ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef __MBED_SPM_SERVER_H__ -#define __MBED_SPM_SERVER_H__ - -/** @addtogroup SPM - * The Secure Partition Manager (SPM) is responsible for isolating software in partitions,@n - * managing the execution of software within partitions and providing IPC between partitions. - * @{ - */ - -/* -------------------------------------- Includes ----------------------------------- */ - -#include "psa_defs.h" - -/* --------------------------------- extern "C" wrapper ------------------------------ */ - -#ifdef __cplusplus -extern "C" { -#endif - -/** @addtogroup RoT-Service-API - * The C interface for a root of trust (RoT) Service in a partition. - * @{ - */ - -/** - * Return the signals that have been asserted.@n - * - * @param[in] signal_mask A set of signals to query. - * @param[in] timeout timeout value:@n - * @a PSA_BLOCK block the caller until any signal is asserted.@n - * @a PSA_POLL Returns immediately. - * @return asserted signals. - */ -psa_signal_t psa_wait(psa_signal_t signal_mask, uint32_t timeout); - -/** - * Get the message that corresponds to a given signal. - * - * @param[in] signal An asserted signal returned from psa_wait(). - * @param[out] msg Pointer to a psa_msg structure. - * @return 0 for success or@n - * @a PSA_ERR_NOMSG if the message could not be delivered. - */ -psa_status_t psa_get(psa_signal_t signal, psa_msg_t *msg); - -/** - * Associate the caller-provided private data with a specified handle. - * - * @param[in] msg_handle Handle for the caller's message. - * @param[in] rhandle Reverse handle allocated by the Root of Trust Service. - */ -void psa_set_rhandle(psa_handle_t msg_handle, void *rhandle); - -/** - * Copy up to @a len bytes from position @a offset within the client message - * payload into the Secure Partition buffer @a buffer.@n - * - * @note Callers should know how much data is available to read based on the@n - * @a size attribute of the psa_msg structure returned from psa_get().@n - * The copy is truncated if the requested range extends beyond the end of the payload.@n - * In such a case, the remaining space in @a buffer is not modified. - * - * @param[in] msg_handle Handle for the client's message. - * @param[in] invec_idx ::psa_invec index to be read. - * @param[out] buf Buffer to copy the requested data to. - * @param[in] num_bytes Number of bytes to read from the client's message payload. - * @return Number of bytes copied or 0 if offset is greater than the size attribute of psa_msg. - */ -size_t psa_read(psa_handle_t msg_handle, uint32_t invec_idx, void *buf, size_t num_bytes); - -/** - * Advance the current read offset by skipping @a num_bytes bytes for input vector - * indexed by @а invec_idx.@n - * If @a num_bytes is greater than the remaining number of bytes in the vector, then - * all the remaining bytes are skipped. - * - * @param[in] msg_handle Handle for the client's message. - * @param[in] invec_idx ::psa_invec index to be skipped. - * @param[in] num_bytes Number of bytes to skip. - * @return Number of bytes skipped or 0 if offset is greater than the size attribute of psa_msg. - */ -size_t psa_skip(psa_handle_t msg_handle, uint32_t invec_idx, size_t num_bytes); - -/** - * Write a response payload of @a bytes bytes starting at position @a offset in the client's response buffer. - * - * @note If the caller writes data beyond the client's response buffer size - * (@a response_size attribute of the psa_msg structure returned from psa_get()) a fatal error occurs. - * - * @param[in] msg_handle Handle for the client's message. - * @param[in] outvec_idx ::psa_outvec index to be written to. - * @param[in] buffer Buffer with the data to write. - * @param[in] num_bytes Number of bytes to write. - */ -void psa_write(psa_handle_t msg_handle, uint32_t outvec_idx, const void *buffer, size_t num_bytes); - -/** - * Complete handling of specific message and unblocks the client. - * - * A return code must be specified, which is sent to the client.@n - * Negative return code represent errors; positive integers are application-specific. - * - * @param[in] msg_handle Handle for the client's message. - * @param[in] status Message result value to be reported to the client. - */ -void psa_reply(psa_handle_t msg_handle, psa_status_t status); - -/** - * Send a doorbell signal to a specific partition that is listening for that signal type. - * - * @param[in] partition_id partition ID of the target partition. - */ -void psa_notify(int32_t partition_id); - -/** - * Clear the doorbell signal. - */ -void psa_clear(void); - -/** - * Inform the SPM that an interrupt has been handled (end of interrupt). - * - * @param[in] irq_signal The interrupt signal that has been processed. - */ -void psa_eoi(uint32_t irq_signal); - -/** @}*/ // end of RoT-Service-API group - -#ifdef __cplusplus -} -#endif - -/** @}*/ // end of SPM group - -#endif /* __MBED_SPM_SERVER_H__ */ diff --git a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPM_MAILBOX/COMPONENT_NSPE/spm_client_proxy.c b/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPM_MAILBOX/COMPONENT_NSPE/spm_client_proxy.c deleted file mode 100644 index fcfc1a6..0000000 --- a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPM_MAILBOX/COMPONENT_NSPE/spm_client_proxy.c +++ /dev/null @@ -1,229 +0,0 @@ -/* Copyright (c) 2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - - -// Includes -// -------- - -#include -#include "ipc_defs.h" -#include "ipc_queue.h" -#include "spm_client.h" -#include "spm_messages.h" -#include "mbed_assert.h" -#include "cmsis_os2.h" - - -// Globals -// ------- - -extern ipc_producer_queue_t *prod_queue; - -// API Functions Implementation -// ---------------------------- -uint32_t psa_framework_version(void) -{ - return (uint32_t)PSA_FRAMEWORK_VERSION; -} - -uint32_t psa_version(uint32_t sid) -{ - osRtxSemaphore_t res_sem_storage = {0, 0, 0, 0, 0, 0, 0, 0}; - - const osSemaphoreAttr_t res_sem_attr = { - .name = "VER_RES_SEM", - .attr_bits = 0, - .cb_mem = &res_sem_storage, - .cb_size = sizeof(res_sem_storage), - }; - - const spm_pending_version_msg_t msg = { - .rc = PSA_VERSION_NONE, - .completion_sem_id = osSemaphoreNew(IPC_RES_SEM_MAX_COUNT, - IPC_RES_SEM_INITIAL_COUNT, - &res_sem_attr - ) - }; - - MBED_ASSERT(msg.completion_sem_id != NULL); - - ipc_queue_item_t queue_item = { - .a = PSA_IPC_VERSION, - .b = (uint32_t)(&msg), - .c = sid - }; - - ipc_queue_enqueue(prod_queue, queue_item); - - osStatus_t os_status = osSemaphoreAcquire(msg.completion_sem_id, osWaitForever); - MBED_ASSERT(osOK == os_status); - - os_status = osSemaphoreDelete(msg.completion_sem_id); - MBED_ASSERT(osOK == os_status); - - PSA_UNUSED(os_status); - - return msg.rc; -} - -psa_handle_t psa_connect(uint32_t sid, uint32_t minor_version) -{ - osRtxSemaphore_t res_sem_storage = {0, 0, 0, 0, 0, 0, 0, 0}; - - const osSemaphoreAttr_t res_sem_attr = { - .name = "CONN_RES_SEM", - .attr_bits = 0, - .cb_mem = &res_sem_storage, - .cb_size = sizeof(res_sem_storage), - }; - - const spm_pending_connect_msg_t msg = { - .min_version = minor_version, - .rc = PSA_SUCCESS, - .completion_sem_id = osSemaphoreNew(IPC_RES_SEM_MAX_COUNT, - IPC_RES_SEM_INITIAL_COUNT, - &res_sem_attr - ) - }; - - MBED_ASSERT(msg.completion_sem_id != NULL); - - ipc_queue_item_t queue_item = { - .a = PSA_IPC_CONNECT, - .b = (uint32_t)(&msg), - .c = sid - }; - - ipc_queue_enqueue(prod_queue, queue_item); - - osStatus_t os_status = osSemaphoreAcquire(msg.completion_sem_id, osWaitForever); - MBED_ASSERT(osOK == os_status); - - os_status = osSemaphoreDelete(msg.completion_sem_id); - MBED_ASSERT(osOK == os_status); - - PSA_UNUSED(os_status); - - return (psa_handle_t)(msg.rc); -} - -psa_status_t psa_call(psa_handle_t handle, - const psa_invec *in_vec, - size_t in_len, - const psa_outvec *out_vec, - size_t out_len - ) -{ - // - Immediate errors are checked here. - // - Other errors are checked on the SPM core code - - // TODO: Panic instead - MBED_ASSERT(handle > 0); - // TODO: Panic instead - MBED_ASSERT((in_vec != NULL) || (in_len == 0)); - // TODO: Panic instead - MBED_ASSERT((out_vec != NULL) || (out_len == 0)); - // TODO: Panic instead - MBED_ASSERT(in_len + out_len <= PSA_MAX_IOVEC); - - osRtxSemaphore_t res_sem_storage = {0, 0, 0, 0, 0, 0, 0, 0}; - - const osSemaphoreAttr_t res_sem_attr = { - .name = "CALL_RES_SEM", - .attr_bits = 0, - .cb_mem = &res_sem_storage, - .cb_size = sizeof(res_sem_storage), - }; - - const spm_pending_call_msg_t msg = { - .in_vec = in_vec, - .in_vec_size = in_len, - .out_vec = out_vec, - .out_vec_size = out_len, - .rc = PSA_SUCCESS, - .completion_sem_id = osSemaphoreNew(IPC_RES_SEM_MAX_COUNT, - IPC_RES_SEM_INITIAL_COUNT, - &res_sem_attr - ) - }; - - MBED_ASSERT(msg.completion_sem_id != NULL); - - ipc_queue_item_t queue_item = { - .a = PSA_IPC_CALL, - .b = (uint32_t)(&msg), - .c = (uint32_t)handle - }; - - ipc_queue_enqueue(prod_queue, queue_item); - - osStatus_t os_status = osSemaphoreAcquire(msg.completion_sem_id, osWaitForever); - MBED_ASSERT(osOK == os_status); - - os_status = osSemaphoreDelete(msg.completion_sem_id); - MBED_ASSERT(osOK == os_status); - - PSA_UNUSED(os_status); - - return msg.rc; -} - - -void psa_close(psa_handle_t handle) -{ - if (handle == PSA_NULL_HANDLE) { - return; - } - - // - Immediate errors are checked here. - // - Other errors are checked on the SPM core code - // TODO: Panic instead - MBED_ASSERT(handle >= 0); - - osRtxSemaphore_t res_sem_storage = {0, 0, 0, 0, 0, 0, 0, 0}; - const osSemaphoreAttr_t res_sem_attr = { - .name = "CLOSE_RES_SEM", - .attr_bits = 0, - .cb_mem = &res_sem_storage, - .cb_size = sizeof(res_sem_storage), - }; - - spm_pending_close_msg_t msg = { - .handle = handle, - .completion_sem_id = osSemaphoreNew(IPC_RES_SEM_MAX_COUNT, - IPC_RES_SEM_INITIAL_COUNT, - &res_sem_attr - ) - }; - - MBED_ASSERT(msg.completion_sem_id != NULL); - ipc_queue_item_t queue_item = { - .a = PSA_IPC_DISCONNECT, - .b = (uint32_t)(&msg), - .c = (uint32_t)handle - }; - - ipc_queue_enqueue(prod_queue, queue_item); - - osStatus_t os_status = osSemaphoreAcquire(msg.completion_sem_id, osWaitForever); - MBED_ASSERT(osOK == os_status); - - os_status = osSemaphoreDelete(msg.completion_sem_id); - MBED_ASSERT(osOK == os_status); - - PSA_UNUSED(os_status); -} diff --git a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPM_MAILBOX/COMPONENT_NSPE/spm_mailbox_nspe.c b/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPM_MAILBOX/COMPONENT_NSPE/spm_mailbox_nspe.c deleted file mode 100644 index e3646f0..0000000 --- a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPM_MAILBOX/COMPONENT_NSPE/spm_mailbox_nspe.c +++ /dev/null @@ -1,123 +0,0 @@ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "cmsis_os2.h" -#include "psa_defs.h" -#include "mbed_assert.h" -#include "ipc_queue.h" -#include "ipc_defs.h" -#include "spm_api.h" - -static os_mutex_t queue_mutex_storage; -static os_semaphore_t full_sema; -static os_semaphore_t read_sema; - -static const osMutexAttr_t queue_mutex_attr = { - .name = "Q_MUT", - .attr_bits = osMutexRecursive | osMutexPrioInherit | osMutexRobust, - .cb_mem = &queue_mutex_storage, - .cb_size = sizeof(queue_mutex_storage) -}; - -// Full queue semaphore attributes for the consumer queue -static const osSemaphoreAttr_t full_sem_attr = { - .name = "Q_W_SEM", - .attr_bits = 0, - .cb_mem = &full_sema, - .cb_size = sizeof(full_sema) -}; - -// Read semaphore attributes for the consumer queue -static const osSemaphoreAttr_t read_sem_attr = { - .name = "Q_R_SEM", - .attr_bits = 0, - .cb_mem = &read_sema, - .cb_size = sizeof(read_sema) -}; - -static ipc_producer_queue_t _prod_queue; -ipc_producer_queue_t *prod_queue = &_prod_queue; -static ipc_consumer_queue_t _cons_queue; -ipc_consumer_queue_t *cons_queue = &_cons_queue; - - -void on_new_item(void) -{ - spm_hal_mailbox_notify(); -} - -void on_vacancy(void) -{ - spm_hal_mailbox_notify(); -} - -void on_popped_item(ipc_queue_item_t item) -{ - osStatus_t os_status = osSemaphoreRelease((osSemaphoreId_t)(item.b)); - MBED_ASSERT(osOK == os_status); - PSA_UNUSED(os_status); -} - - -void spm_ipc_mailbox_init(void) -{ - // Initialization by data from shared memory - // ----------------------------------------- - - // This table is holding addresses of the platform's shared memory. - addr_table_t *shared_addr_table_ptr = (addr_table_t *)PSA_SHARED_RAM_START; - MBED_ASSERT(shared_addr_table_ptr->magic == ADDR_TABLE_MAGIC); - - ipc_base_queue_t *tx_queue_mem_ptr = (ipc_base_queue_t *)(shared_addr_table_ptr->tx_queue_ptr); - MBED_ASSERT(tx_queue_mem_ptr->magic == IPC_QUEUE_BASE_MAGIC); - - ipc_base_queue_t *rx_queue_mem_ptr = (ipc_base_queue_t *)(shared_addr_table_ptr->rx_queue_ptr); - MBED_ASSERT(rx_queue_mem_ptr->magic == IPC_QUEUE_BASE_MAGIC); - - osMutexId_t queue_mutex = osMutexNew(&queue_mutex_attr); - MBED_ASSERT(queue_mutex != NULL); // TODO: Panic instead - - osSemaphoreId_t full_queue_sem = osSemaphoreNew(IPC_QUEUE_SEM_MAX_COUNT, IPC_QUEUE_SEM_INITIAL_COUNT, &full_sem_attr); - MBED_ASSERT(full_queue_sem != NULL); // TODO: Panic instead - - osSemaphoreId_t queue_read_sem = osSemaphoreNew(IPC_QUEUE_SEM_MAX_COUNT, IPC_QUEUE_SEM_INITIAL_COUNT, &read_sem_attr); - MBED_ASSERT(queue_read_sem != NULL); // TODO: Panic instead - - ipc_producer_queue_init(prod_queue, tx_queue_mem_ptr, queue_mutex, full_queue_sem); - ipc_consumer_queue_init(cons_queue, rx_queue_mem_ptr, queue_read_sem); -} - -void spm_mailbox_irq_callback(void) -{ - osStatus_t os_status = osSemaphoreRelease(prod_queue->full_queue_sem); - MBED_ASSERT((osOK == os_status) || (osErrorResource == os_status)); - - os_status = osSemaphoreRelease(cons_queue->read_sem); - MBED_ASSERT((osOK == os_status) || (osErrorResource == os_status)); - - PSA_UNUSED(os_status); -} - -/******************************************************************************* -* Function Name: psa_spm_mailbox_dispatcher -*******************************************************************************/ -void psa_spm_mailbox_dispatcher(void *arg) -{ - while (true) { - ipc_queue_drain(cons_queue); - } -} diff --git a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPM_MAILBOX/COMPONENT_SPE/spm_mailbox_spe.c b/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPM_MAILBOX/COMPONENT_SPE/spm_mailbox_spe.c deleted file mode 100644 index cccd002..0000000 --- a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPM_MAILBOX/COMPONENT_SPE/spm_mailbox_spe.c +++ /dev/null @@ -1,178 +0,0 @@ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "psa_defs.h" -#include "spm_client.h" -#include "spm_messages.h" -#include "spm_internal.h" -#include "mbed_assert.h" -#include "ipc_queue.h" -#include "ipc_defs.h" -#include "spm_api.h" - -static os_mutex_t queue_mutex_storage; -static os_semaphore_t full_sema; -static os_semaphore_t read_sema; - -static const osMutexAttr_t queue_mutex_attr = { - .name = "Q_MUT", - .attr_bits = osMutexRecursive | osMutexPrioInherit | osMutexRobust, - .cb_mem = &queue_mutex_storage, - .cb_size = sizeof(queue_mutex_storage) -}; - -// Full queue semaphore attributes for the consumer queue -static const osSemaphoreAttr_t full_sem_attr = { - .name = "Q_W_SEM", - .attr_bits = 0, - .cb_mem = &full_sema, - .cb_size = sizeof(full_sema) -}; - -// Read semaphore attributes for the consumer queue -static const osSemaphoreAttr_t read_sem_attr = { - .name = "Q_R_SEM", - .attr_bits = 0, - .cb_mem = &read_sema, - .cb_size = sizeof(read_sema) -}; - - -static ipc_producer_queue_t _prod_queue; -ipc_producer_queue_t *prod_queue = &_prod_queue; -static ipc_consumer_queue_t _cons_queue; -ipc_consumer_queue_t *cons_queue = &_cons_queue; - -MBED_STATIC_ASSERT( - (sizeof(addr_table_t) + sizeof(ipc_base_queue_t) + sizeof(ipc_base_queue_t)) <= PSA_SHARED_RAM_SIZE, - "shared memory size is too small!" -); - -void spm_mailbox_irq_callback(void) -{ - osStatus_t os_status = osSemaphoreRelease(prod_queue->full_queue_sem); - MBED_ASSERT((osOK == os_status) || (osErrorResource == os_status)); - - os_status = osSemaphoreRelease(cons_queue->read_sem); - MBED_ASSERT((osOK == os_status) || (osErrorResource == os_status)); - - PSA_UNUSED(os_status); -} - -void on_new_item(void) -{ - spm_hal_mailbox_notify(); -} - -void on_vacancy(void) -{ - spm_hal_mailbox_notify(); -} - -void on_popped_item(ipc_queue_item_t item) -{ - // item.a hold the message type (connect / call /close) - switch (item.a) { - case PSA_IPC_CONNECT: { - psa_connect_async(item.c, (spm_pending_connect_msg_t *)(item.b)); - break; - } - - case PSA_IPC_CALL: { - psa_call_async((psa_handle_t)(item.c), (spm_pending_call_msg_t *)(item.b)); - break; - } - - case PSA_IPC_DISCONNECT: { - psa_close_async((psa_handle_t)(item.c), (spm_pending_close_msg_t *)(item.b)); - break; - } - - case PSA_IPC_VERSION: { - spm_pending_version_msg_t *msg = (spm_pending_version_msg_t *)(item.b); - if (!is_buffer_accessible(msg, sizeof(*msg), NULL)) { - SPM_PANIC("message data is inaccessible\n"); - } - - msg->rc = psa_version(item.c); - nspe_done(msg->completion_sem_id); - break; - } - - default: { - MBED_ASSERT(false); - } - } -} - -void spm_ipc_mailbox_init(void) -{ - uint32_t *shared_memory_start = (uint32_t *)PSA_SHARED_RAM_START; - - // This struct is set with initial values for the address table (addresses of CM0+ / CM4 shared memory) - const addr_table_t shared_addr_table = { - .magic = ADDR_TABLE_MAGIC, - .tx_queue_ptr = (uintptr_t)(shared_memory_start + - (sizeof(addr_table_t) / sizeof(uint32_t)) - ), - .rx_queue_ptr = (uintptr_t)(shared_memory_start + - ((sizeof(addr_table_t) + sizeof(ipc_base_queue_t)) / sizeof(uint32_t)) - ) - }; - - // This struct is set with initial values to be used for IPC queues initialization. - // Same values are used to initial both tx and rx queues. - const ipc_base_queue_t queue_mem = { - .magic = IPC_QUEUE_BASE_MAGIC, - .read_idx = 0, - .write_idx = 0, - .data = {{0, 0}} - }; - - ipc_base_queue_t *tx_queue_mem_ptr = (ipc_base_queue_t *)(shared_addr_table.tx_queue_ptr); - ipc_base_queue_t *rx_queue_mem_ptr = (ipc_base_queue_t *)(shared_addr_table.rx_queue_ptr); - - // Copy initial queue values for tx & tx queues to the right location in the CM0+ / CM4 shared memory - memcpy(tx_queue_mem_ptr, &queue_mem, sizeof(ipc_base_queue_t)); - memcpy(rx_queue_mem_ptr, &queue_mem, sizeof(ipc_base_queue_t)); - - // Copy the content of shared_addr_table to the start address of CM0+ / CM4 shared memory. - memcpy(shared_memory_start, &shared_addr_table, sizeof(shared_addr_table)); - - // Init producer queue and consumer queue - - osMutexId_t queue_mutex = osMutexNew(&queue_mutex_attr); - MBED_ASSERT(queue_mutex != NULL); // TODO: Panic instead - - osSemaphoreId_t full_queue_sem = osSemaphoreNew(IPC_QUEUE_SEM_MAX_COUNT, IPC_QUEUE_SEM_INITIAL_COUNT, &full_sem_attr); - MBED_ASSERT(full_queue_sem != NULL); // TODO: Panic instead - - osSemaphoreId_t queue_read_sem = osSemaphoreNew(IPC_QUEUE_SEM_MAX_COUNT, IPC_QUEUE_SEM_INITIAL_COUNT, &read_sem_attr); - MBED_ASSERT(queue_read_sem != NULL); // TODO: Panic instead - - ipc_producer_queue_init(prod_queue, rx_queue_mem_ptr, queue_mutex, full_queue_sem); - ipc_consumer_queue_init(cons_queue, tx_queue_mem_ptr, queue_read_sem); -} - -void nspe_done(osSemaphoreId_t completion_sem_id) -{ - ipc_queue_item_t item_to_enqueue = { - .b = (uint32_t)(completion_sem_id) - }; - - ipc_queue_enqueue(prod_queue, item_to_enqueue); -} diff --git a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPM_MAILBOX/ipc_defs.h b/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPM_MAILBOX/ipc_defs.h deleted file mode 100644 index 02ef35f..0000000 --- a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPM_MAILBOX/ipc_defs.h +++ /dev/null @@ -1,50 +0,0 @@ -/* Copyright (c) 2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - - -#ifndef __PSA_MBED_IPC_DEFS_H__ -#define __PSA_MBED_IPC_DEFS_H__ - - -// Includes -// -------- - -#include - -#include "mbed_assert.h" - - -// Definitions -// ----------- - -#define IPC_RES_SEM_MAX_COUNT (1UL) // Maximum number of available tokens for an IPC result semaphore -#define IPC_RES_SEM_INITIAL_COUNT (0UL) // Initial number of available tokens for an IPC result semaphore - -#define ADDR_TABLE_MAGIC 0x3d339a77 - - -// NOTE: STRUCT SIZE MUST BE 4 BYTES ALIGNED !! -typedef struct addr_table_t { - uint32_t magic; - uintptr_t tx_queue_ptr; - uintptr_t rx_queue_ptr; - -} addr_table_t; -MBED_STATIC_ASSERT((sizeof(addr_table_t) % sizeof(uint32_t) == 0), "addr_table_t: Struct size must be 4 bytes aligned!"); - - -#endif // __PSA_MBED_IPC_DEFS_H__ diff --git a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPM_MAILBOX/ipc_queue.c b/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPM_MAILBOX/ipc_queue.c deleted file mode 100644 index 4b2cacf..0000000 --- a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPM_MAILBOX/ipc_queue.c +++ /dev/null @@ -1,121 +0,0 @@ -/* Copyright (c) 2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - - -// Includes -// -------- - -#include "mbed_assert.h" -#include "ipc_queue.h" -#include "psa_defs.h" - - -// API Implmentation -// ----------------- - -void ipc_producer_queue_init(ipc_producer_queue_t *queue, - ipc_base_queue_t *base_queue_mem, - osMutexId_t mutex, - osSemaphoreId_t full_queue_sem - ) -{ - MBED_ASSERT(queue != NULL); - MBED_ASSERT(base_queue_mem != NULL); - MBED_ASSERT(base_queue_mem->magic == IPC_QUEUE_BASE_MAGIC); - MBED_ASSERT(mutex != NULL); - MBED_ASSERT(full_queue_sem != NULL); - - queue->magic = IPC_QUEUE_PRODUCER_MAGIC; - queue->read_idx = &(base_queue_mem->read_idx); - queue->write_idx = &(base_queue_mem->write_idx); - queue->data = base_queue_mem->data; - queue->mutex = mutex; - queue->full_queue_sem = full_queue_sem; -} - -void ipc_consumer_queue_init(ipc_consumer_queue_t *queue, - ipc_base_queue_t *base_queue_mem, - osSemaphoreId_t read_sem - ) -{ - MBED_ASSERT(queue != NULL); - MBED_ASSERT(base_queue_mem != NULL); - MBED_ASSERT(base_queue_mem->magic == IPC_QUEUE_BASE_MAGIC); - MBED_ASSERT(read_sem != NULL); - - queue->magic = IPC_QUEUE_CONSUMER_MAGIC; - queue->read_idx = &(base_queue_mem->read_idx); - queue->write_idx = &(base_queue_mem->write_idx); - queue->data = base_queue_mem->data; - queue->read_sem = read_sem; -} - -void ipc_queue_enqueue(ipc_producer_queue_t *queue, - ipc_queue_item_t queue_item - ) -{ - MBED_ASSERT(queue != NULL); - MBED_ASSERT(queue->magic == IPC_QUEUE_PRODUCER_MAGIC); - - osStatus_t os_status = osMutexAcquire(queue->mutex, osWaitForever); - MBED_ASSERT(osOK == os_status); - - // While queue is full, wait on full_queue_sem - while (((*(queue->write_idx) + 1) % IPC_QUEUE_SLOTS) == *(queue->read_idx)) { - os_status = osSemaphoreAcquire(queue->full_queue_sem, IPC_QUEUE_WAIT_ON_FULL_MS); - MBED_ASSERT((osOK == os_status) || (osErrorTimeout == os_status)); - } - - // Write data to queue (shallow copy) - (queue->data)[*(queue->write_idx)] = queue_item; - *(queue->write_idx) = ((*(queue->write_idx) + 1) % IPC_QUEUE_SLOTS); - - // If the queue was empty before the push, call the supplied CB function - if (((*(queue->read_idx) + 1) % IPC_QUEUE_SLOTS) == *(queue->write_idx)) { - on_new_item(); - } - - os_status = osMutexRelease(queue->mutex); - MBED_ASSERT(osOK == os_status); - PSA_UNUSED(os_status); -} - -void ipc_queue_drain(ipc_consumer_queue_t *queue) -{ - MBED_ASSERT(queue != NULL); - MBED_ASSERT(queue->magic == IPC_QUEUE_CONSUMER_MAGIC); - - // queue->read_sem is released when the queue becomes non empty - osStatus_t os_status = osSemaphoreAcquire(queue->read_sem, IPC_QUEUE_WAIT_ON_EMPTY_MS); - MBED_ASSERT((osOK == os_status) || (osErrorTimeout == os_status)); - PSA_UNUSED(os_status); - - // While queue is not empty, keep on popping queue items - while (*(queue->read_idx) != *(queue->write_idx)) { - - // Pop an item from the queue (shallow copy) - ipc_queue_item_t popped_item = (queue->data)[*(queue->read_idx)]; - *(queue->read_idx) = ((*(queue->read_idx) + 1) % IPC_QUEUE_SLOTS); - - // If queue was full before this pop, call the corresponding CB function - if (((*(queue->write_idx) + 2) % IPC_QUEUE_SLOTS) == *(queue->read_idx)) { - on_vacancy(); - } - - on_popped_item(popped_item); - } -} diff --git a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPM_MAILBOX/ipc_queue.h b/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPM_MAILBOX/ipc_queue.h deleted file mode 100644 index 2f005a7..0000000 --- a/components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPM_MAILBOX/ipc_queue.h +++ /dev/null @@ -1,126 +0,0 @@ -/* Copyright (c) 2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - - -#ifndef __PSA_MBED_IPC_QUEUE_H__ -#define __PSA_MBED_IPC_QUEUE_H__ - - -// Includes -// -------- - -#include "mbed_assert.h" -#include "cmsis_os2.h" -#include "cmsis_compiler.h" -#include "rtx_lib.h" - - -// IPC Queue Definitions -// --------------------- - - -#ifndef IPC_QUEUE_SLOTS -#define IPC_QUEUE_SLOTS 4 -#endif - -// Maximum number of queue items equals (IPC_QUEUE_SLOTS - 1). -// Therefore we enforce a minimum of 2 IPC_QUEUE_SLOTS -#if IPC_QUEUE_SLOTS <= 1 -#undef IPC_QUEUE_SLOTS -#define IPC_QUEUE_SLOTS 2 -#endif - -#define IPC_QUEUE_BASE_MAGIC 0x63284A0C -#define IPC_QUEUE_PRODUCER_MAGIC 0XA248D9FF -#define IPC_QUEUE_CONSUMER_MAGIC 0XA68B6542 - -#define IPC_QUEUE_WAIT_ON_FULL_MS 500 -#define IPC_QUEUE_WAIT_ON_EMPTY_MS 500 - -#define IPC_QUEUE_SEM_MAX_COUNT (1UL) // Maximum number of available tokens for an IPC Queue semaphore -#define IPC_QUEUE_SEM_INITIAL_COUNT (0UL) // Initial number of available tokens for an IPC Queue semaphore - -// NOTE: STRUCT SIZE MUST BE 4 BYTES ALIGNED !! -typedef __PACKED_STRUCT ipc_queue_item_t { - uint32_t a; - uint32_t b; - uint32_t c; - -} __ALIGNED(4) ipc_queue_item_t; -MBED_STATIC_ASSERT((sizeof(ipc_queue_item_t) % sizeof(uint32_t) == 0), "ipc_queue_item_t: Struct size must be 4 bytes aligned!"); - - -// NOTE: STRUCT SIZE MUST BE 4 BYTES ALIGNED !! -typedef __PACKED_STRUCT ipc_base_queue_t { - uint32_t magic; - volatile uint32_t read_idx; - volatile uint32_t write_idx; - ipc_queue_item_t data[IPC_QUEUE_SLOTS]; - -} __ALIGNED(4) ipc_base_queue_t; -MBED_STATIC_ASSERT((sizeof(ipc_base_queue_t) % sizeof(uint32_t) == 0), "ipc_base_queue_t: Struct size must be 4 bytes aligned!"); - -typedef struct ipc_producer_queue_t { - uint32_t magic; - volatile __PACKED uint32_t *read_idx; - volatile __PACKED uint32_t *write_idx; - __PACKED ipc_queue_item_t *data; - osMutexId_t mutex; - osSemaphoreId_t full_queue_sem; - -} ipc_producer_queue_t; - -typedef struct ipc_consumer_queue_t { - uint32_t magic; - volatile __PACKED uint32_t *read_idx; - volatile __PACKED uint32_t *write_idx; - __PACKED ipc_queue_item_t *data; - osSemaphoreId_t read_sem; - -} ipc_consumer_queue_t; - - -// Event handling functions -// ------------------------ - -void on_new_item(void); -void on_vacancy(void); -void on_popped_item(ipc_queue_item_t item); - - -// IPC Queue API -// ------------- - -void ipc_producer_queue_init(ipc_producer_queue_t *queue, - ipc_base_queue_t *base_queue_mem, - osMutexId_t mutex, - osSemaphoreId_t full_queue_sem - ); - -void ipc_consumer_queue_init(ipc_consumer_queue_t *queue, - ipc_base_queue_t *base_queue_mem, - osSemaphoreId_t read_sem - ); - -void ipc_queue_enqueue(ipc_producer_queue_t *queue, - ipc_queue_item_t item_ptr - ); - -void ipc_queue_drain(ipc_consumer_queue_t *queue); - - -#endif // __PSA_MBED_IPC_QUEUE_H__ diff --git a/components/TARGET_PSA/TARGET_MBED_SPM/mbed_lib.json b/components/TARGET_PSA/TARGET_MBED_SPM/mbed_lib.json deleted file mode 100644 index 68c7d67..0000000 --- a/components/TARGET_PSA/TARGET_MBED_SPM/mbed_lib.json +++ /dev/null @@ -1,13 +0,0 @@ -{ - "name": "spm", - "config": { - "ipc_max_num_of_channels": { - "help": "maximum number of PSA channels that can be opened at the same time", - "value": 10 - }, - "ipc_max_num_of_messages": { - "help": "maximum number of messages SPM Core can handle at a time", - "value": 10 - } - } -} diff --git a/components/TARGET_PSA/TARGET_MBED_SPM/psa_defs.h b/components/TARGET_PSA/TARGET_MBED_SPM/psa_defs.h deleted file mode 100644 index c4d84bc..0000000 --- a/components/TARGET_PSA/TARGET_MBED_SPM/psa_defs.h +++ /dev/null @@ -1,117 +0,0 @@ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef __MBED_PSA_DEFS_H__ -#define __MBED_PSA_DEFS_H__ - -/** @addtogroup SPM - * @{ - */ - -/* -------------------------------------- Includes ----------------------------------- */ - -#include -#include -#include "psa/error.h" - -/* --------------------------------- extern "C" wrapper ------------------------------ */ - -#ifdef __cplusplus -extern "C" { -#endif - -/* ------------------------------------ Definitions ---------------------------------- */ - -#if !defined(UINT32_MAX) -#define UINT32_MAX ((uint32_t)-1) -#endif - -#if !defined(INT32_MIN) -#define INT32_MIN (-0x7fffffff - 1) -#endif - -#define PSA_FRAMEWORK_VERSION (0x0100) /**< Version of the PSA Framework API. */ -#define PSA_VERSION_NONE (0L) /**< Identifier for an unimplemented Root of Trust (RoT) Service. */ - -#define PSA_NSPE_IDENTIFIER (-1L) /**< "Partition" identifier of the NSPE.*/ - -#define PSA_NULL_HANDLE ((psa_handle_t)0) /**< Denotes an invalid handle.*/ - -#define PSA_MAX_IOVEC (4UL) /**< Maximum number of psa_invec and psa_outvec structures allowed for psa_call().*/ - -#define PSA_POLL (0x00000000UL) /**< Returns immediately even if none of the requested signals is asserted.*/ -#define PSA_BLOCK (0x80000000UL) /**< Block the caller until one of the requested signals is asserted.*/ -#define PSA_WAIT_ANY (0xFFFFFFFFUL) /**< A mask value that includes all Secure Partition signals.*/ - -#define PSA_MINOR_VERSION_POLICY_RELAXED (0UL) /**< Don't perform minor version check during psa_connect().*/ -#define PSA_MINOR_VERSION_POLICY_STRICT (1UL) /**< Force minor version check during psa_connect().*/ - -#define PSA_DOORBELL (0x00000008UL) /**< Mask for PSA_DOORBELL signal.*/ - -#define PSA_IPC_CONNECT (1) /**< The IPC message type that indicates a new connection.*/ -#define PSA_IPC_CALL (2) /**< The IPC message type that indicates a client request.*/ -#define PSA_IPC_DISCONNECT (3) /**< The IPC message type that indicates the end of a connection.*/ -#define PSA_IPC_VERSION (4) /**< The IPC message type that indicates a client query for a specific sid.*/ - -/* Error codes */ -#define PSA_DROP_CONNECTION (INT32_MIN) /**< The result code in a call to psa_reply() to indicate a nonrecoverable error in the client.*/ -#define PSA_CONNECTION_REFUSED (INT32_MIN + 1) /**< The return value from psa_connect() if the RoT Service or SPM was unable to establish a connection.*/ -#define PSA_CONNECTION_BUSY (INT32_MIN + 2) /**< The return value from psa_connect() if the RoT Service rejects the connection for a transient reason.*/ -#define PSA_UNUSED(var) ((void)(var)) - -/* -------------------------------------- Typedefs ----------------------------------- */ - -typedef uint32_t psa_signal_t; -typedef int32_t psa_handle_t; - -/* -------------------------------------- Structs ------------------------------------ */ - -/** - * Structure containing the PSA IPC message sent from a client partition to an RoT Service. - */ -typedef struct psa_msg { - uint32_t type; /**< The message type.*/ - psa_handle_t handle; /**< Handle for the internal message structure.*/ - int32_t client_id; /**< Message origin.*/ - void *rhandle; /**< Reverse handle.*/ - size_t in_size[PSA_MAX_IOVEC]; /**< Array of sizes in bytes of the message payloads.*/ - size_t out_size[PSA_MAX_IOVEC]; /**< Array of sizes in bytes of the response buffers.*/ -} psa_msg_t; - -/** - * Structure that describes a scatter-gather input buffer. - */ -typedef struct psa_invec { - const void *base; /**< Starting address of the buffer.*/ - size_t len; /**< Length in bytes of the buffer.*/ -} psa_invec; - -/** - * Structure which describes a scatter-gather output buffer. - */ -typedef struct psa_outvec { - void *base; /**< Starting address of the buffer.*/ - size_t len; /**< Length in bytes of the buffer.*/ -} psa_outvec; - -#ifdef __cplusplus -} -#endif - -/** @}*/ // end of SPM group - -#endif /* __MBED_PSA_DEFS_H__ */ diff --git a/components/TARGET_PSA/TARGET_MBED_SPM/spm_client.h b/components/TARGET_PSA/TARGET_MBED_SPM/spm_client.h deleted file mode 100644 index 5cb0f30..0000000 --- a/components/TARGET_PSA/TARGET_MBED_SPM/spm_client.h +++ /dev/null @@ -1,112 +0,0 @@ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef __MBED_SPM_CLIENT_H__ -#define __MBED_SPM_CLIENT_H__ - -/** @addtogroup SPM - * The Secure Partition Manager (SPM) is responsible for isolating software in partitions,@n - * managing the execution of software within partitions and providing IPC between partitions. - * @{ - */ - -/* -------------------------------------- Includes ----------------------------------- */ - -#include "psa_defs.h" - -/* --------------------------------- extern "C" wrapper ------------------------------ */ - -#ifdef __cplusplus -extern "C" { -#endif - -/** @addtogroup Client-API - * The C interface for connecting to a Root of Trust Service and calling it.@n - * All functions are blocking. - * @{ - */ - -/** - * Retrieve the version of the PSA Framework API that is implemented. - * - * @note The PSA Framework API version is made of the major and minor versions as follows: - * @code - * ((major_version << 8) | minor_version) - * @endcode - * @return The PSA Framework API version - */ -uint32_t psa_framework_version(void); - -/** - * Retrieve the minor version of a Root of Trust Service by its SID. - * - * @param[in] sid The Root of Trust Service ID - * @return Minor version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust Service is not present on the system. - */ -uint32_t psa_version(uint32_t sid); - -/** - * Connect to a Root of Trust Service by its SID. - * - * @note A minor version number must be provided to allow the Root of Trust Service to handle minor variations of the protocol. - * - * @param[in] sid The Root of Trust Service ID. - * @param[in] minor_version The minor version to be used for this connection. - * @return A handle for the connection if greater than 0, else:@n - * @a PSA_CONNECTION_REFUSED if the Root of Trust Service cannot handle any more connections.@n - */ -psa_handle_t psa_connect(uint32_t sid, uint32_t minor_version); - -/** - * Call a connected Root of Trust Service.@n - * The caller must provide an array of ::psa_invec structures as the input payload. - * - * @param[in] handle Handle for the connection. - * @param[in] in_vec Array of ::psa_invec structures. - * @param[in] in_len Number of ::psa_invec structures in in_vec. (At most ::PSA_MAX_IOVEC - out_len) - * @param[out] out_vec Array of ::psa_outvec structures for optional Root of Trust Service response. - * @param[in] out_len Number of ::psa_outvec structures in out_vec. (At most ::PSA_MAX_IOVEC - in_len) - * @return 0 for success or@n - * @a positive numbers for application-specific return code. - * @a negative numbers for application-specific error code. - * @a PSA_DROP_CONNECTION if the connection has been dropped by the RoT Service. - */ -psa_status_t psa_call( - psa_handle_t handle, - const psa_invec *in_vec, - size_t in_len, - const psa_outvec *out_vec, - size_t out_len -); - -/** - * Close a connection to a Root of Trust Service. - * Sends the ::PSA_IPC_DISCONNECT message to the Root of Trust Service, so it can clean up resources. - * - * @param[in] handle Handle for the connection. - */ -void psa_close(psa_handle_t handle); - -/** @}*/ // end of Client-API group - -#ifdef __cplusplus -} -#endif - -/** @}*/ // end of SPM group - -#endif /* __MBED_SPM_CLIENT_H__ */ diff --git a/components/TARGET_PSA/TARGET_MBED_SPM/spm_init.h b/components/TARGET_PSA/TARGET_MBED_SPM/spm_init.h deleted file mode 100644 index f9ef0ad..0000000 --- a/components/TARGET_PSA/TARGET_MBED_SPM/spm_init.h +++ /dev/null @@ -1,51 +0,0 @@ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef __MBED_SPM_INIT_H__ -#define __MBED_SPM_INIT_H__ - -#if defined(COMPONENT_SPE) - -/* - * Initialize SPM - */ -void psa_spm_init(void); - -#endif // defined(COMPONENT_SPE) - -#if defined(COMPONENT_SPM_MAILBOX) - -/* - * Initialize SPM mailbox driver - */ -void spm_ipc_mailbox_init(void); - -#if defined(COMPONENT_NSPE) - -/* - * PSA mailbox dispatcher - * - * Dispatcher thread never returns and expected to be called - * from startup code as a detached thread entry point - */ -void psa_spm_mailbox_dispatcher(void); - -#endif // defined(COMPONENT_NSPE) - -#endif // defined(COMPONENT_SPM_MAILBOX) - -#endif // __MBED_SPM_INIT_H__ diff --git a/components/TARGET_PSA/TARGET_MBED_SPM/spm_messages.h b/components/TARGET_PSA/TARGET_MBED_SPM/spm_messages.h deleted file mode 100644 index 66c29a3..0000000 --- a/components/TARGET_PSA/TARGET_MBED_SPM/spm_messages.h +++ /dev/null @@ -1,66 +0,0 @@ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef SPM_MESSAGES_H -#define SPM_MESSAGES_H - -#include "cmsis_compiler.h" -#include "cmsis_os2.h" -#include "psa_defs.h" - -// All spm_pending_*_msg structs below are packed since in a dual processor -// solution they are used in both processors - -/* - * Structure containing data sent from NSPE for ROT_SRV call. - */ -typedef __PACKED_STRUCT spm_pending_call_msg { - const psa_invec *in_vec; /* Invecs sent.*/ - uint32_t in_vec_size; /* Number of Invecs sent.*/ - const psa_outvec *out_vec; /* Outvecs for response.*/ - uint32_t out_vec_size; /* Number of Outvecs for response.*/ - psa_status_t rc; /* Return code to be filled by the Root of Trust Service.*/ - osSemaphoreId_t completion_sem_id; /* Semaphore to be released at the end of execution */ -} __ALIGNED(4) spm_pending_call_msg_t; - -/* - * Structure containing data sent from NSPE for connection. - */ -typedef __PACKED_STRUCT spm_pending_connect_msg { - uint32_t min_version; /* Minor version of the Root of Trust Service interface.*/ - psa_status_t rc; /* Return code to be filled by the Root of Trust Service.*/ - osSemaphoreId_t completion_sem_id; /* Semaphore to be released at the end of execution */ -} __ALIGNED(4) spm_pending_connect_msg_t; - - -/* - * Structure containing data sent from NSPE for RoT-Service version query. - */ -typedef __PACKED_STRUCT spm_pending_version_msg { - uint32_t rc; /* Return code to be filled by the Root of Trust Service.*/ - osSemaphoreId_t completion_sem_id; /* Semaphore to be released at the end of execution */ -} __ALIGNED(4) spm_pending_version_msg_t; - -/* - * Structure containing data sent from NSPE for closing a connection. - */ -typedef __PACKED_STRUCT spm_pending_close_msg { - psa_handle_t handle; /* Handle of channel to be closed */ - osSemaphoreId_t completion_sem_id; /* Semaphore to be released at the end of execution */ -} __ALIGNED(4) spm_pending_close_msg_t; - -#endif // SPM_MESSAGES_H diff --git a/components/TARGET_PSA/inc/psa/client.h b/components/TARGET_PSA/inc/psa/client.h index 5f234cb..effc0ce 100644 --- a/components/TARGET_PSA/inc/psa/client.h +++ b/components/TARGET_PSA/inc/psa/client.h @@ -17,9 +17,6 @@ #if defined(TARGET_TFM) #include "interface/include/psa_client.h" -#elif defined(TARGET_MBED_SPM) -#include "TARGET_MBED_SPM/psa_defs.h" -#include "TARGET_MBED_SPM/spm_client.h" #else #ifndef __MBED_OS_DEFAULT_PSA_CLIENT_API_H__ diff --git a/components/TARGET_PSA/inc/psa/service.h b/components/TARGET_PSA/inc/psa/service.h index b146831..355c966 100644 --- a/components/TARGET_PSA/inc/psa/service.h +++ b/components/TARGET_PSA/inc/psa/service.h @@ -21,12 +21,6 @@ #include "secure_fw/core/ipc/include/tfm_utils.h" #define SPM_PANIC(format, ...) tfm_panic() -#elif defined(TARGET_MBED_SPM) - -#include "TARGET_MBED_SPM/psa_defs.h" -#include "TARGET_MBED_SPM/COMPONENT_SPE/spm_server.h" -#include "TARGET_MBED_SPM/COMPONENT_SPE/spm_panic.h" - #else #error "Compiling psa service header on non-secure target is not allowed" diff --git a/components/TARGET_PSA/services/storage/its/COMPONENT_SPE/its_partition.c b/components/TARGET_PSA/services/storage/its/COMPONENT_SPE/its_partition.c index 7743d52..b73a88d 100644 --- a/components/TARGET_PSA/services/storage/its/COMPONENT_SPE/its_partition.c +++ b/components/TARGET_PSA/services/storage/its/COMPONENT_SPE/its_partition.c @@ -24,11 +24,7 @@ #include "pits_impl.h" #include "mbed_error.h" -#if defined(TARGET_MBED_SPM) -#include "kv_config.h" -#else int kv_init_storage_config(); -#endif #ifdef __cplusplus extern "C" diff --git a/doxyfile_options b/doxyfile_options index fefa7a1..bfe3239 100644 --- a/doxyfile_options +++ b/doxyfile_options @@ -2103,7 +2103,6 @@ DEVICE_STORAGE \ DEVICE_WATCHDOG \ COMPONENT_SPE \ - COMPONENT_SPM_MAILBOX \ "TFM_LVL=1" \ "MBED_DEPRECATED_SINCE(d, m)=" \ "MBED_ENABLE_IF_CALLBACK_COMPATIBLE(F, M)=" \ diff --git a/doxygen_options.json b/doxygen_options.json index 717ec40..2579019 100644 --- a/doxygen_options.json +++ b/doxygen_options.json @@ -6,7 +6,7 @@ "SEARCH_INCLUDES": "YES", "INCLUDE_PATH": "", "INCLUDE_FILE_PATTERNS": "", - "PREDEFINED": "DOXYGEN_ONLY DEVICE_ANALOGIN DEVICE_ANALOGOUT DEVICE_CAN DEVICE_CRC DEVICE_ETHERNET DEVICE_EMAC DEVICE_FLASH DEVICE_I2C DEVICE_I2CSLAVE DEVICE_I2C_ASYNCH DEVICE_INTERRUPTIN DEVICE_ITM DEVICE_LPTICKER DEVICE_MPU DEVICE_PORTIN DEVICE_PORTINOUT DEVICE_PORTOUT DEVICE_PWMOUT DEVICE_RTC DEVICE_TRNG DEVICE_SERIAL DEVICE_SERIAL_ASYNCH DEVICE_SERIAL_FC DEVICE_SLEEP DEVICE_SPI DEVICE_SPI_ASYNCH DEVICE_SPISLAVE DEVICE_QSPI DEVICE_STORAGE DEVICE_WATCHDOG DEVICE_RESET_REASON COMPONENT_SPE COMPONENT_SPM_MAILBOX \"TFM_LVL=1\" \"MBED_DEPRECATED_SINCE(f, g)=\" \"MBED_ENABLE_IF_CALLBACK_COMPATIBLE(F, M)=\" \"MBED_DEPRECATED(s)=\" \"BLE_ROLE_OBSERVER=1\" \"BLE_ROLE_BROADCASTER=1\" \"BLE_ROLE_PERIPHERAL=1\" \"BLE_ROLE_CENTRAL=1\" \"BLE_FEATURE_GATT_CLIENT=1\" \"BLE_FEATURE_GATT_SERVER=1\" \"BLE_FEATURE_SECURITY=1\" \"BLE_FEATURE_SECURE_CONNECTIONS=1\" \"BLE_FEATURE_SIGNING=1\" \"BLE_FEATURE_PHY_MANAGEMENT=1\" \"BLE_FEATURE_WHITELIST=1\" \"BLE_FEATURE_PRIVACY=1\" \"BLE_FEATURE_PERIODIC_ADVERTISING=1\" \"BLE_FEATURE_EXTENDED_ADVERTISING=1\"", + "PREDEFINED": "DOXYGEN_ONLY DEVICE_ANALOGIN DEVICE_ANALOGOUT DEVICE_CAN DEVICE_CRC DEVICE_ETHERNET DEVICE_EMAC DEVICE_FLASH DEVICE_I2C DEVICE_I2CSLAVE DEVICE_I2C_ASYNCH DEVICE_INTERRUPTIN DEVICE_ITM DEVICE_LPTICKER DEVICE_MPU DEVICE_PORTIN DEVICE_PORTINOUT DEVICE_PORTOUT DEVICE_PWMOUT DEVICE_RTC DEVICE_TRNG DEVICE_SERIAL DEVICE_SERIAL_ASYNCH DEVICE_SERIAL_FC DEVICE_SLEEP DEVICE_SPI DEVICE_SPI_ASYNCH DEVICE_SPISLAVE DEVICE_QSPI DEVICE_STORAGE DEVICE_WATCHDOG DEVICE_RESET_REASON COMPONENT_SPE \"TFM_LVL=1\" \"MBED_DEPRECATED_SINCE(f, g)=\" \"MBED_ENABLE_IF_CALLBACK_COMPATIBLE(F, M)=\" \"MBED_DEPRECATED(s)=\" \"BLE_ROLE_OBSERVER=1\" \"BLE_ROLE_BROADCASTER=1\" \"BLE_ROLE_PERIPHERAL=1\" \"BLE_ROLE_CENTRAL=1\" \"BLE_FEATURE_GATT_CLIENT=1\" \"BLE_FEATURE_GATT_SERVER=1\" \"BLE_FEATURE_SECURITY=1\" \"BLE_FEATURE_SECURE_CONNECTIONS=1\" \"BLE_FEATURE_SIGNING=1\" \"BLE_FEATURE_PHY_MANAGEMENT=1\" \"BLE_FEATURE_WHITELIST=1\" \"BLE_FEATURE_PRIVACY=1\" \"BLE_FEATURE_PERIODIC_ADVERTISING=1\" \"BLE_FEATURE_EXTENDED_ADVERTISING=1\"", "EXPAND_AS_DEFINED": "", "SKIP_FUNCTION_MACROS": "NO", "STRIP_CODE_COMMENTS": "NO", diff --git a/hal/spm_api.h b/hal/spm_api.h index 593fbff..cc00974 100644 --- a/hal/spm_api.h +++ b/hal/spm_api.h @@ -64,31 +64,6 @@ #endif // defined(COMPONENT_SPE) -/* ---------------------------------- HAL-Mailbox API ----------------------- */ - -#if defined(COMPONENT_SPM_MAILBOX) -/** - * @brief Wakeup mailbox dispatcher thread - * - * Arm implements this function, which is expected to be called by target- - * specific Inter-Processor-Communication logic on mailbox interrupt handler. - * - */ -void spm_mailbox_irq_callback(void); - -/** - * @brief Notify the peer processor about a general event occurrence. - * - * Wake up the peer processor waiting on the mailbox driver event. - * - * @note Implement the functions below with target-specific code. - */ -void spm_hal_mailbox_notify(void); - -#endif // defined(COMPONENT_SPM_MAILBOX) - -/** @}*/ - #ifdef __cplusplus } #endif diff --git a/rtos/source/TARGET_CORTEX/mbed_rtos_rtx.c b/rtos/source/TARGET_CORTEX/mbed_rtos_rtx.c index 5792a7b..05e1796 100644 --- a/rtos/source/TARGET_CORTEX/mbed_rtos_rtx.c +++ b/rtos/source/TARGET_CORTEX/mbed_rtos_rtx.c @@ -1,5 +1,5 @@ /* mbed Microcontroller Library - * Copyright (c) 2018-2018 ARM Limited + * Copyright (c) 2018-2020 ARM Limited * SPDX-License-Identifier: Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -24,29 +24,10 @@ #include "mbed_critical.h" #include "mbed_boot.h" -#if defined(TARGET_MBED_SPM) -#include "spm_init.h" -#include "spm_api.h" -#endif #if defined(TARGET_TFM) && defined(COMPONENT_NSPE) #include "TARGET_TFM/interface/include/tfm_ns_lock.h" #endif -#if defined(COMPONENT_NSPE) && defined(COMPONENT_SPM_MAILBOX) - -MBED_ALIGN(8) char psa_spm_dispatcher_th_stack[0x100]; -mbed_rtos_storage_thread_t psa_spm_dispatcher_th_tcb; -const osThreadAttr_t psa_spm_dispatcher_th_attr = { - .name = "SPM_DISP", - .priority = osPriorityNormal, - .stack_mem = psa_spm_dispatcher_th_stack, - .stack_size = sizeof(psa_spm_dispatcher_th_stack), - .cb_mem = &psa_spm_dispatcher_th_tcb, - .cb_size = sizeof(psa_spm_dispatcher_th_tcb) -}; - -#endif // defined(COMPONENT_NSPE) && defined(COMPONENT_SPM_MAILBOX) - osThreadAttr_t _main_thread_attr; #ifndef MBED_CONF_APP_MAIN_STACK_SIZE @@ -83,26 +64,6 @@ _main_thread_attr.tz_module = 1U; #endif -#if defined(COMPONENT_SPM_MAILBOX) - spm_ipc_mailbox_init(); -#endif // defined(COMPONENT_SPM_MAILBOX) - -#if defined(TARGET_MBED_SPM) - -#if defined(COMPONENT_SPE) - // At this point, the mailbox is already initialized - psa_spm_init(); - spm_hal_start_nspe(); -#endif // defined(COMPONENT_SPE) - -#if defined(COMPONENT_NSPE) && defined(COMPONENT_SPM_MAILBOX) - osThreadId_t spm_result = osThreadNew((osThreadFunc_t)psa_spm_mailbox_dispatcher, NULL, &psa_spm_dispatcher_th_attr); - if ((void *)spm_result == NULL) { - MBED_ERROR1(MBED_MAKE_ERROR(MBED_MODULE_PLATFORM, MBED_ERROR_CODE_INITIALIZATION_FAILED), "Dispatcher thread not created", &psa_spm_dispatcher_th_attr); - } -#endif // defined(COMPONENT_NSPE) && defined(COMPONENT_SPM_MAILBOX) -#endif // defined(TARGET_MBED_SPM) - #if defined(TARGET_TFM) && defined(COMPONENT_NSPE) tfm_ns_lock_init(); #endif // defined(TARGET_TFM) && defined(COMPONENT_NSPE) diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/mbed_overrides.c b/targets/TARGET_Cypress/TARGET_PSOC6/mbed_overrides.c index ad64aca..f030dd4 100644 --- a/targets/TARGET_Cypress/TARGET_PSOC6/mbed_overrides.c +++ b/targets/TARGET_Cypress/TARGET_PSOC6/mbed_overrides.c @@ -33,10 +33,6 @@ #include "cy_serial_flash_qspi.h" #endif /* defined(MBED_CONF_TARGET_XIP_ENABLE) */ -#if defined(COMPONENT_SPM_MAILBOX) -void mailbox_init(void); -#endif - #if (defined(CY_CFG_PWR_SYS_IDLE_MODE) && (CY_CFG_PWR_SYS_IDLE_MODE == CY_CFG_PWR_MODE_ACTIVE)) /******************************************************************************* @@ -63,7 +59,7 @@ *******************************************************************************/ void mbed_sdk_init(void) { -#if (CY_CPU_CORTEX_M0P && !defined(COMPONENT_SPM_MAILBOX)) +#if CY_CPU_CORTEX_M0P /* Disable global interrupts */ __disable_irq(); #endif @@ -72,18 +68,12 @@ /* Placed here as it must be done after proper LIBC initialization. */ SystemInit(); -#if defined(COMPONENT_SPM_MAILBOX) - mailbox_init(); -#endif - /* Set up the device based on configurator selections */ cybsp_init(); -#if (CY_CPU_CORTEX_M0P) -#if !defined(COMPONENT_SPM_MAILBOX) +#if CY_CPU_CORTEX_M0P /* Enable global interrupts */ __enable_irq(); -#endif #else /* * Init the us Ticker here to avoid imposing on the limited stack space of the idle thread.