New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
TF-M sources integration to Mbed-OS #9653
Merged
Merged
Changes from all commits
Commits
Show all changes
25 commits
Select commit
Hold shift + click to select a range
771cdaa
Add TF-M importer json
f5af459
Add TF-M autogen tool
73ea7ca
[trusted-firmware-m]: Updated to 45e5276
13d05db
Add TF-M sources to .astyleignore
9277d0f
Generate partition files
8e62826
Add mbed_lib.json to TF-M SPE
1f30b52
TF-M patch: General modifications
5f2e4b3
TF-M patch: Fix tfm_ns_lock_init issue (TF-M issue #239)
0c23e86
TF-M patch: Fix service handles not cleared issue (TF-M issue #230)
fc78640
TF-M patch: Fix fixed-size partitions stack size (TF-M issue #240)
011fa28
TF-M patch: Fix tfm_memory_check issue (TF-M issue #224)
da01e34
TF-M patch: Fix tfm_psa_call_venner wrong argument type (TF-M issue #…
008bf1b
TF-M patch: Fix wrong check in tfm_spm_check_client_version (TF-M is…
67a4e6d
TF-M patch: Fix psa_set_rhandle() issue during CONNECT (TF-M issue #216)
2198d5c
Update tfm_importer.json with SHAs of patches
cf3fd85
Align existing partitions to work with TF-M
5dbb8fe
Call tfm_ns_lock_init() on TFM NSPE boot
1db4e46
mbed_retarget changes
60c6740
Build SPM tests only for MBED_SPM targets
0ba963a
Adding TF-M integration guide
516af50
Consolidating tools/tfm and tools/spm into tools/psa
01a78e9
Add mbed_app.json for TF-M bare-metal build
4a45c16
Update .travis.yml psa_autogen job with TF-M code generation tool
9e33f0d
Re-generate TF-M partition files
6a90da4
Add BSD3-clause license file to TF-M folder
File filter
Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -22,4 +22,5 @@ TESTS/mbed_hal/trng/pithy | |
targets | ||
components/802.15.4_RF | ||
components/wifi | ||
components/TARGET_PSA/TARGET_TFM | ||
tools |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
87 changes: 87 additions & 0 deletions
87
components/TARGET_PSA/TARGET_TFM/COMPONENT_NSPE/interface/src/tfm_ns_lock_rtx.c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,87 @@ | ||
/* | ||
* Copyright (c) 2017-2018, Arm Limited. All rights reserved. | ||
* | ||
* SPDX-License-Identifier: BSD-3-Clause | ||
* | ||
*/ | ||
#include <stdint.h> | ||
#include <stdbool.h> | ||
|
||
#include "cmsis.h" | ||
#include "rtx_os.h" | ||
#include "cmsis_os2.h" | ||
|
||
#include "tfm_api.h" | ||
#include "tfm_ns_lock.h" | ||
|
||
/** | ||
* \brief struct ns_lock_state type | ||
*/ | ||
struct ns_lock_state | ||
{ | ||
bool init; | ||
osMutexId_t id; | ||
}; | ||
|
||
/** | ||
* \brief ns_lock status | ||
*/ | ||
static struct ns_lock_state ns_lock = {.init=false, .id=NULL}; | ||
|
||
/** | ||
* \brief Mutex properties, NS lock | ||
*/ | ||
|
||
static osRtxMutex_t ns_lock_cb = { 0 }; | ||
|
||
static const osMutexAttr_t ns_lock_attrib = { | ||
.name = "ns_lock", | ||
.attr_bits = osMutexPrioInherit, | ||
.cb_mem = &ns_lock_cb, | ||
.cb_size = sizeof(ns_lock_cb) | ||
}; | ||
|
||
/** | ||
* \brief NS world, NS lock based dispatcher | ||
*/ | ||
uint32_t tfm_ns_lock_dispatch(veneer_fn fn, | ||
uint32_t arg0, uint32_t arg1, | ||
uint32_t arg2, uint32_t arg3) | ||
{ | ||
uint32_t result; | ||
|
||
/* Check the NS lock has been initialized */ | ||
if (ns_lock.init == false) { | ||
return TFM_ERROR_GENERIC; | ||
} | ||
|
||
/* TFM request protected by NS lock */ | ||
osMutexAcquire(ns_lock.id,osWaitForever); | ||
|
||
result = fn(arg0, arg1, arg2, arg3); | ||
|
||
osMutexRelease(ns_lock.id); | ||
|
||
return result; | ||
} | ||
|
||
/** | ||
* \brief NS world, Init NS lock | ||
*/ | ||
uint32_t tfm_ns_lock_init() | ||
{ | ||
if (ns_lock.init == false) { | ||
ns_lock.id = osMutexNew(&ns_lock_attrib); | ||
ns_lock.init = true; | ||
return TFM_SUCCESS; | ||
} | ||
else { | ||
return TFM_ERROR_GENERIC; | ||
} | ||
} | ||
|
||
bool tfm_ns_lock_get_init_state() | ||
{ | ||
return ns_lock.init; | ||
} | ||
|
75 changes: 75 additions & 0 deletions
75
components/TARGET_PSA/TARGET_TFM/COMPONENT_NSPE/interface/src/tfm_psa_ns_api.c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,75 @@ | ||
/* | ||
* Copyright (c) 2018, Arm Limited. All rights reserved. | ||
* | ||
* SPDX-License-Identifier: BSD-3-Clause | ||
* | ||
*/ | ||
|
||
#include "interface/include/psa_client.h" | ||
#include "tfm_ns_lock.h" | ||
#include "tfm_api.h" | ||
|
||
/**** API functions ****/ | ||
|
||
uint32_t psa_framework_version(void) | ||
{ | ||
return tfm_ns_lock_dispatch((veneer_fn)tfm_psa_framework_version_veneer, | ||
0, | ||
0, | ||
0, | ||
0); | ||
} | ||
|
||
uint32_t psa_version(uint32_t sid) | ||
{ | ||
return tfm_ns_lock_dispatch((veneer_fn)tfm_psa_version_veneer, | ||
sid, | ||
0, | ||
0, | ||
0); | ||
} | ||
|
||
psa_handle_t psa_connect(uint32_t sid, uint32_t minor_version) | ||
{ | ||
return tfm_ns_lock_dispatch((veneer_fn)tfm_psa_connect_veneer, | ||
sid, | ||
minor_version, | ||
0, | ||
0); | ||
} | ||
|
||
psa_status_t psa_call(psa_handle_t handle, | ||
const psa_invec *in_vec, | ||
size_t in_len, | ||
psa_outvec *out_vec, | ||
size_t out_len) | ||
{ | ||
/* FixMe: sanity check can be added to offload some NS thread checks from | ||
* TFM secure API | ||
*/ | ||
|
||
/* Due to v8M restrictions, TF-M NS API needs to add another layer of | ||
* serialization in order for NS to pass arguments to S | ||
*/ | ||
psa_invec in_vecs, out_vecs; | ||
|
||
in_vecs.base = in_vec; | ||
in_vecs.len = in_len; | ||
out_vecs.base = out_vec; | ||
out_vecs.len = out_len; | ||
return tfm_ns_lock_dispatch((veneer_fn)tfm_psa_call_veneer, | ||
(uint32_t)handle, | ||
(uint32_t)&in_vecs, | ||
(uint32_t)&out_vecs, | ||
0); | ||
} | ||
|
||
void psa_close(psa_handle_t handle) | ||
{ | ||
tfm_ns_lock_dispatch((veneer_fn)tfm_psa_close_veneer, | ||
(uint32_t)handle, | ||
0, | ||
0, | ||
0); | ||
} | ||
|
37 changes: 37 additions & 0 deletions
37
components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/autogen/tfm_partition_defs.inc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
/* Copyright (c) 2017-2019 ARM Limited | ||
* | ||
* SPDX-License-Identifier: Apache-2.0 | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
*/ | ||
|
||
/*********** WARNING: This is an auto-generated file. Do not edit! ***********/ | ||
|
||
#ifndef __TFM_PARTITION_DEFS_INC__ | ||
#define __TFM_PARTITION_DEFS_INC__ | ||
|
||
#ifdef TFM_PSA_API | ||
#define ITS_ID (TFM_SP_BASE + 0) | ||
#endif | ||
|
||
#ifdef TFM_PSA_API | ||
#define PLATFORM_ID (TFM_SP_BASE + 1) | ||
#endif | ||
|
||
#ifdef TFM_PSA_API | ||
#define CRYPTO_SRV_ID (TFM_SP_BASE + 2) | ||
#endif | ||
|
||
#define TFM_MAX_USER_PARTITIONS (3) | ||
|
||
#endif /* __TFM_PARTITION_DEFS_INC__ */ |
37 changes: 37 additions & 0 deletions
37
components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/autogen/tfm_partition_list.inc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
/* | ||
* Copyright (c) 2018-2019, Arm Limited. All rights reserved. | ||
* | ||
* SPDX-License-Identifier: BSD-3-Clause | ||
* | ||
*/ | ||
|
||
/*********** WARNING: This is an auto-generated file. Do not edit! ***********/ | ||
|
||
#ifndef __TFM_PARTITION_LIST_INC__ | ||
#define __TFM_PARTITION_LIST_INC__ | ||
|
||
#ifdef TFM_PSA_API | ||
/******** ITS ********/ | ||
PARTITION_DECLARE(ITS, 0 | ||
| SPM_PART_FLAG_IPC | ||
, "APPLICATION-ROT", 10, NORMAL, 2048); | ||
PARTITION_ADD_INIT_FUNC(ITS, its_entry); | ||
#endif /* TFM_PSA_API */ | ||
|
||
#ifdef TFM_PSA_API | ||
/******** PLATFORM ********/ | ||
PARTITION_DECLARE(PLATFORM, 0 | ||
| SPM_PART_FLAG_IPC | ||
, "APPLICATION-ROT", 8, NORMAL, 1024); | ||
PARTITION_ADD_INIT_FUNC(PLATFORM, platform_partition_entry); | ||
#endif /* TFM_PSA_API */ | ||
|
||
#ifdef TFM_PSA_API | ||
/******** CRYPTO_SRV ********/ | ||
PARTITION_DECLARE(CRYPTO_SRV, 0 | ||
| SPM_PART_FLAG_IPC | ||
, "APPLICATION-ROT", 35, NORMAL, 16384); | ||
PARTITION_ADD_INIT_FUNC(CRYPTO_SRV, crypto_main); | ||
#endif /* TFM_PSA_API */ | ||
|
||
#endif /* __TFM_PARTITION_LIST_INC__ */ |
44 changes: 44 additions & 0 deletions
44
components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/autogen/tfm_service_list.inc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
/* | ||
* Copyright (c) 2018-2019, Arm Limited. All rights reserved. | ||
* | ||
* SPDX-License-Identifier: BSD-3-Clause | ||
* | ||
*/ | ||
|
||
/*********** WARNING: This is an auto-generated file. Do not edit! ***********/ | ||
|
||
#ifndef __TFM_SERVICE_LIST_INC__ | ||
#define __TFM_SERVICE_LIST_INC__ | ||
|
||
#ifdef TFM_PSA_API | ||
/******** ITS ********/ | ||
{"PSA_ITS_GET", ITS_ID, PSA_ITS_GET_MSK, 0x00011A00, true, 1, TFM_VERSION_POLICY_RELAXED}, | ||
{"PSA_ITS_SET", ITS_ID, PSA_ITS_SET_MSK, 0x00011A01, true, 1, TFM_VERSION_POLICY_RELAXED}, | ||
{"PSA_ITS_INFO", ITS_ID, PSA_ITS_INFO_MSK, 0x00011A02, true, 1, TFM_VERSION_POLICY_RELAXED}, | ||
{"PSA_ITS_REMOVE", ITS_ID, PSA_ITS_REMOVE_MSK, 0x00011A03, true, 1, TFM_VERSION_POLICY_RELAXED}, | ||
{"PSA_ITS_RESET", ITS_ID, PSA_ITS_RESET_MSK, 0x00011A04, false, 1, TFM_VERSION_POLICY_RELAXED}, | ||
#endif /* TFM_PSA_API */ | ||
|
||
#ifdef TFM_PSA_API | ||
/******** PLATFORM ********/ | ||
{"PSA_PLATFORM_LC_GET", PLATFORM_ID, PSA_PLATFORM_LC_GET_MSK, 0x00011000, true, 1, TFM_VERSION_POLICY_RELAXED}, | ||
{"PSA_PLATFORM_LC_SET", PLATFORM_ID, PSA_PLATFORM_LC_SET_MSK, 0x00011001, true, 1, TFM_VERSION_POLICY_RELAXED}, | ||
{"PSA_PLATFORM_SYSTEM_RESET", PLATFORM_ID, PSA_PLATFORM_SYSTEM_RESET_MSK, 0x00011002, true, 1, TFM_VERSION_POLICY_RELAXED}, | ||
#endif /* TFM_PSA_API */ | ||
|
||
#ifdef TFM_PSA_API | ||
/******** CRYPTO_SRV ********/ | ||
{"PSA_CRYPTO_INIT_ID", CRYPTO_SRV_ID, PSA_CRYPTO_INIT, 0x00000F00, true, 1, TFM_VERSION_POLICY_STRICT}, | ||
{"PSA_MAC_ID", CRYPTO_SRV_ID, PSA_MAC, 0x00000F01, true, 1, TFM_VERSION_POLICY_STRICT}, | ||
{"PSA_HASH_ID", CRYPTO_SRV_ID, PSA_HASH, 0x00000F02, true, 1, TFM_VERSION_POLICY_STRICT}, | ||
{"PSA_ASYMMETRIC_ID", CRYPTO_SRV_ID, PSA_ASYMMETRIC, 0x00000F03, true, 1, TFM_VERSION_POLICY_STRICT}, | ||
{"PSA_SYMMETRIC_ID", CRYPTO_SRV_ID, PSA_SYMMETRIC, 0x00000F04, true, 1, TFM_VERSION_POLICY_STRICT}, | ||
{"PSA_AEAD_ID", CRYPTO_SRV_ID, PSA_AEAD, 0x00000F05, true, 1, TFM_VERSION_POLICY_STRICT}, | ||
{"PSA_KEY_MNG_ID", CRYPTO_SRV_ID, PSA_KEY_MNG, 0x00000F06, true, 1, TFM_VERSION_POLICY_STRICT}, | ||
{"PSA_RNG_ID", CRYPTO_SRV_ID, PSA_RNG, 0x00000F07, true, 1, TFM_VERSION_POLICY_STRICT}, | ||
{"PSA_CRYPTO_FREE_ID", CRYPTO_SRV_ID, PSA_CRYPTO_FREE, 0x00000F08, true, 1, TFM_VERSION_POLICY_STRICT}, | ||
{"PSA_GENERATOR_ID", CRYPTO_SRV_ID, PSA_GENERATOR, 0x00000F09, true, 1, TFM_VERSION_POLICY_STRICT}, | ||
{"PSA_ENTROPY_ID", CRYPTO_SRV_ID, PSA_ENTROPY_INJECT, 0x00000F0A, true, 1, TFM_VERSION_POLICY_STRICT}, | ||
#endif /* TFM_PSA_API */ | ||
|
||
#endif /* __TFM_SERVICE_LIST_INC__ */ |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ARMmbed/mbed-os-maintainers Heads up, another large block of code that's about to be ignored by astyle
Might need to talk with techleads about why components seems to be special in regards to code styling.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Everything under
TARGET_TFM
is imported from an external source, so it should be ignored by astyle as I see it.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM