Kenji Arai
mbed-os5 only for TYBLE16
Dependents: TYBLE16_simple_data_logger TYBLE16_MP3_Air
components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/ns_callable/tfm_psa_api_veneers.c@1:9db0e321a9f4, 2019-12-31 (annotated)
- Committer:
- kenjiArai
- Date:
- Tue Dec 31 06:02:27 2019 +0000
- Revision:
- 1:9db0e321a9f4
- Parent:
- 0:5b88d5760320
updated based on mbed-os5.15.0
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| kenjiArai | 0:5b88d5760320 | 1 | /* |
| kenjiArai | 0:5b88d5760320 | 2 | * Copyright (c) 2018-2019, Arm Limited. All rights reserved. |
| kenjiArai | 0:5b88d5760320 | 3 | * |
| kenjiArai | 0:5b88d5760320 | 4 | * SPDX-License-Identifier: BSD-3-Clause |
| kenjiArai | 0:5b88d5760320 | 5 | * |
| kenjiArai | 0:5b88d5760320 | 6 | */ |
| kenjiArai | 0:5b88d5760320 | 7 | |
| kenjiArai | 0:5b88d5760320 | 8 | #include <stdbool.h> |
| kenjiArai | 0:5b88d5760320 | 9 | #include <stdio.h> |
| kenjiArai | 0:5b88d5760320 | 10 | #include "psa_client.h" |
| kenjiArai | 0:5b88d5760320 | 11 | #include "psa_service.h" |
| kenjiArai | 0:5b88d5760320 | 12 | #include "secure_utilities.h" |
| kenjiArai | 0:5b88d5760320 | 13 | #include "tfm_secure_api.h" |
| kenjiArai | 0:5b88d5760320 | 14 | #include "tfm_api.h" |
| kenjiArai | 0:5b88d5760320 | 15 | #include "tfm_svcalls.h" |
| kenjiArai | 0:5b88d5760320 | 16 | |
| kenjiArai | 0:5b88d5760320 | 17 | /* FixMe: check if this is really needed */ |
| kenjiArai | 0:5b88d5760320 | 18 | extern int32_t tfm_secure_lock; |
| kenjiArai | 0:5b88d5760320 | 19 | |
| kenjiArai | 0:5b88d5760320 | 20 | __attribute__ ((always_inline)) __STATIC_INLINE |
| kenjiArai | 0:5b88d5760320 | 21 | int32_t tfm_psa_veneer_sanity_check(struct tfm_sfn_req_s *desc_ptr) |
| kenjiArai | 0:5b88d5760320 | 22 | { |
| kenjiArai | 0:5b88d5760320 | 23 | if (desc_ptr->ns_caller) { |
| kenjiArai | 0:5b88d5760320 | 24 | if (tfm_secure_lock != 0) { |
| kenjiArai | 0:5b88d5760320 | 25 | /* Secure domain is already locked! |
| kenjiArai | 0:5b88d5760320 | 26 | * FixMe: Decide if this is a fault or permitted in case of PSA |
| kenjiArai | 0:5b88d5760320 | 27 | * API usage |
| kenjiArai | 0:5b88d5760320 | 28 | */ |
| kenjiArai | 0:5b88d5760320 | 29 | return TFM_ERROR_SECURE_DOMAIN_LOCKED; |
| kenjiArai | 0:5b88d5760320 | 30 | } |
| kenjiArai | 0:5b88d5760320 | 31 | } else { |
| kenjiArai | 0:5b88d5760320 | 32 | /* Secure partition should not call a different secure partition |
| kenjiArai | 0:5b88d5760320 | 33 | * using TFM PSA veneers |
| kenjiArai | 0:5b88d5760320 | 34 | */ |
| kenjiArai | 0:5b88d5760320 | 35 | return TFM_ERROR_INVALID_EXC_MODE; |
| kenjiArai | 0:5b88d5760320 | 36 | } |
| kenjiArai | 0:5b88d5760320 | 37 | return TFM_SUCCESS; |
| kenjiArai | 0:5b88d5760320 | 38 | } |
| kenjiArai | 0:5b88d5760320 | 39 | |
| kenjiArai | 0:5b88d5760320 | 40 | /* Veneer implementation */ |
| kenjiArai | 0:5b88d5760320 | 41 | |
| kenjiArai | 0:5b88d5760320 | 42 | #define TFM_CORE_NS_IPC_REQUEST_VENEER(fn, a, b, c, d) \ |
| kenjiArai | 0:5b88d5760320 | 43 | return tfm_core_ns_ipc_request(fn, (int32_t)a, (int32_t)b, \ |
| kenjiArai | 0:5b88d5760320 | 44 | (int32_t)c, (int32_t)d) |
| kenjiArai | 0:5b88d5760320 | 45 | |
| kenjiArai | 0:5b88d5760320 | 46 | __attribute__ ((naked, section("SFN"))) |
| kenjiArai | 0:5b88d5760320 | 47 | static int32_t tfm_core_ipc_request(const struct tfm_sfn_req_s *desc_ptr) |
| kenjiArai | 0:5b88d5760320 | 48 | { |
| kenjiArai | 0:5b88d5760320 | 49 | __ASM volatile("SVC %0 \n" |
| kenjiArai | 0:5b88d5760320 | 50 | "BX LR \n" |
| kenjiArai | 0:5b88d5760320 | 51 | : : "I" (TFM_SVC_IPC_REQUEST)); |
| kenjiArai | 0:5b88d5760320 | 52 | } |
| kenjiArai | 0:5b88d5760320 | 53 | |
| kenjiArai | 0:5b88d5760320 | 54 | __attribute__ ((always_inline)) __STATIC_INLINE |
| kenjiArai | 0:5b88d5760320 | 55 | int32_t tfm_core_ns_ipc_request(void *fn, int32_t arg1, int32_t arg2, |
| kenjiArai | 0:5b88d5760320 | 56 | int32_t arg3, int32_t arg4) |
| kenjiArai | 0:5b88d5760320 | 57 | { |
| kenjiArai | 0:5b88d5760320 | 58 | int32_t args[4] = {arg1, arg2, arg3, arg4}; |
| kenjiArai | 0:5b88d5760320 | 59 | struct tfm_sfn_req_s desc = {0}; |
| kenjiArai | 0:5b88d5760320 | 60 | |
| kenjiArai | 0:5b88d5760320 | 61 | desc.sfn = fn; |
| kenjiArai | 0:5b88d5760320 | 62 | desc.args = args; |
| kenjiArai | 0:5b88d5760320 | 63 | desc.ns_caller = cmse_nonsecure_caller(); |
| kenjiArai | 0:5b88d5760320 | 64 | |
| kenjiArai | 0:5b88d5760320 | 65 | if (__get_active_exc_num() != EXC_NUM_THREAD_MODE) |
| kenjiArai | 0:5b88d5760320 | 66 | { |
| kenjiArai | 0:5b88d5760320 | 67 | /* FIXME: Proper error handling to be implemented */ |
| kenjiArai | 0:5b88d5760320 | 68 | return TFM_ERROR_INVALID_EXC_MODE; |
| kenjiArai | 0:5b88d5760320 | 69 | } else { |
| kenjiArai | 0:5b88d5760320 | 70 | return tfm_core_ipc_request(&desc); |
| kenjiArai | 0:5b88d5760320 | 71 | } |
| kenjiArai | 0:5b88d5760320 | 72 | } |
| kenjiArai | 0:5b88d5760320 | 73 | |
| kenjiArai | 0:5b88d5760320 | 74 | /* FixMe: these functions need to have different attributes compared to those |
| kenjiArai | 0:5b88d5760320 | 75 | * legacy veneers which may be called by secure partitions. |
| kenjiArai | 0:5b88d5760320 | 76 | * They won't call legacy SFN but instead will be handlers for TF-M |
| kenjiArai | 0:5b88d5760320 | 77 | */ |
| kenjiArai | 0:5b88d5760320 | 78 | |
| kenjiArai | 0:5b88d5760320 | 79 | __tfm_secure_gateway_attributes__ |
| kenjiArai | 0:5b88d5760320 | 80 | uint32_t tfm_psa_framework_version_veneer(void) |
| kenjiArai | 0:5b88d5760320 | 81 | { |
| kenjiArai | 0:5b88d5760320 | 82 | TFM_CORE_NS_IPC_REQUEST_VENEER(tfm_svcall_psa_framework_version, 0, 0, |
| kenjiArai | 0:5b88d5760320 | 83 | 0, 0); |
| kenjiArai | 0:5b88d5760320 | 84 | } |
| kenjiArai | 0:5b88d5760320 | 85 | |
| kenjiArai | 0:5b88d5760320 | 86 | __tfm_secure_gateway_attributes__ |
| kenjiArai | 0:5b88d5760320 | 87 | uint32_t tfm_psa_version_veneer(uint32_t sid) |
| kenjiArai | 0:5b88d5760320 | 88 | { |
| kenjiArai | 0:5b88d5760320 | 89 | TFM_CORE_NS_IPC_REQUEST_VENEER(tfm_svcall_psa_version, sid, 0, 0, 0); |
| kenjiArai | 0:5b88d5760320 | 90 | } |
| kenjiArai | 0:5b88d5760320 | 91 | |
| kenjiArai | 0:5b88d5760320 | 92 | __tfm_secure_gateway_attributes__ |
| kenjiArai | 0:5b88d5760320 | 93 | psa_handle_t tfm_psa_connect_veneer(uint32_t sid, uint32_t minor_version) |
| kenjiArai | 0:5b88d5760320 | 94 | { |
| kenjiArai | 0:5b88d5760320 | 95 | TFM_CORE_NS_IPC_REQUEST_VENEER(tfm_svcall_psa_connect, sid, |
| kenjiArai | 0:5b88d5760320 | 96 | minor_version, 0, 0); |
| kenjiArai | 0:5b88d5760320 | 97 | } |
| kenjiArai | 0:5b88d5760320 | 98 | |
| kenjiArai | 0:5b88d5760320 | 99 | __tfm_secure_gateway_attributes__ |
| kenjiArai | 0:5b88d5760320 | 100 | psa_status_t tfm_psa_call_veneer(psa_handle_t handle, |
| kenjiArai | 0:5b88d5760320 | 101 | const psa_invec *in_vecs, |
| kenjiArai | 0:5b88d5760320 | 102 | psa_outvec *out_vecs) |
| kenjiArai | 0:5b88d5760320 | 103 | { |
| kenjiArai | 0:5b88d5760320 | 104 | TFM_CORE_NS_IPC_REQUEST_VENEER(tfm_svcall_psa_call, handle, in_vecs, |
| kenjiArai | 0:5b88d5760320 | 105 | out_vecs, 0); |
| kenjiArai | 0:5b88d5760320 | 106 | } |
| kenjiArai | 0:5b88d5760320 | 107 | |
| kenjiArai | 0:5b88d5760320 | 108 | __tfm_secure_gateway_attributes__ |
| kenjiArai | 0:5b88d5760320 | 109 | psa_status_t tfm_psa_close_veneer(psa_handle_t handle) |
| kenjiArai | 0:5b88d5760320 | 110 | { |
| kenjiArai | 0:5b88d5760320 | 111 | TFM_CORE_NS_IPC_REQUEST_VENEER(tfm_svcall_psa_close, handle, 0, 0, 0); |
| kenjiArai | 0:5b88d5760320 | 112 | } |
| kenjiArai | 0:5b88d5760320 | 113 | |
| kenjiArai | 0:5b88d5760320 | 114 | void tfm_psa_ipc_request_handler(uint32_t svc_ctx[]) |
| kenjiArai | 0:5b88d5760320 | 115 | { |
| kenjiArai | 0:5b88d5760320 | 116 | uint32_t *r0_ptr = svc_ctx; |
| kenjiArai | 0:5b88d5760320 | 117 | |
| kenjiArai | 0:5b88d5760320 | 118 | /* The only argument to the SVC call is stored in the stacked r0 */ |
| kenjiArai | 0:5b88d5760320 | 119 | struct tfm_sfn_req_s *desc_ptr = (struct tfm_sfn_req_s *) *r0_ptr; |
| kenjiArai | 0:5b88d5760320 | 120 | |
| kenjiArai | 0:5b88d5760320 | 121 | if(tfm_psa_veneer_sanity_check(desc_ptr) != TFM_SUCCESS) { |
| kenjiArai | 0:5b88d5760320 | 122 | /* FixMe: consider error handling - this may be critical error */ |
| kenjiArai | 0:5b88d5760320 | 123 | *r0_ptr = TFM_ERROR_INVALID_PARAMETER; |
| kenjiArai | 0:5b88d5760320 | 124 | return; |
| kenjiArai | 0:5b88d5760320 | 125 | } |
| kenjiArai | 0:5b88d5760320 | 126 | |
| kenjiArai | 0:5b88d5760320 | 127 | /* Store SVC return value in stacked r0 */ |
| kenjiArai | 0:5b88d5760320 | 128 | *r0_ptr = desc_ptr->sfn((int32_t)desc_ptr->args, |
| kenjiArai | 0:5b88d5760320 | 129 | desc_ptr->ns_caller, |
| kenjiArai | 0:5b88d5760320 | 130 | 0, |
| kenjiArai | 0:5b88d5760320 | 131 | 0); |
| kenjiArai | 0:5b88d5760320 | 132 | |
| kenjiArai | 0:5b88d5760320 | 133 | return; |
| kenjiArai | 0:5b88d5760320 | 134 | } |