From: abdellatif.elkhlifi@arm.com
To: meta-arm@lists.yoctoproject.org, Ross.Burton@arm.com
Cc: nd@arm.com, Vishnu Banavath <vishnu.banavath@arm.com>,
Rui Miguel Silva <rui.silva@arm.com>
Subject: [PATCH 6/9] arm-bsp/secure-partitions: Add psa client definitions for ff-m
Date: Thu, 9 Dec 2021 19:19:32 +0000 [thread overview]
Message-ID: <20211209191935.26017-7-abdellatif.elkhlifi@arm.com> (raw)
In-Reply-To: <20211209191935.26017-1-abdellatif.elkhlifi@arm.com>
From: Vishnu Banavath <vishnu.banavath@arm.com>
Add PSA client definitions in common include to add future
ff-m support.
Change-Id: I0860fa347fd882d6e99da136a4273a0ef5d7d684
Signed-off-by: Rui Miguel Silva <rui.silva@arm.com>
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
---
...-add-psa-client-definitions-for-ff-m.patch | 294 ++++++++++++++++++
.../trusted-services/ts-corstone1000.inc | 1 +
2 files changed, 295 insertions(+)
create mode 100644 meta-arm-bsp/recipes-security/trusted-services/secure-partitions/0010-add-psa-client-definitions-for-ff-m.patch
diff --git a/meta-arm-bsp/recipes-security/trusted-services/secure-partitions/0010-add-psa-client-definitions-for-ff-m.patch b/meta-arm-bsp/recipes-security/trusted-services/secure-partitions/0010-add-psa-client-definitions-for-ff-m.patch
new file mode 100644
index 0000000..6cb33ce
--- /dev/null
+++ b/meta-arm-bsp/recipes-security/trusted-services/secure-partitions/0010-add-psa-client-definitions-for-ff-m.patch
@@ -0,0 +1,294 @@
+Upstream-Status: Pending [Not submitted to upstream yet]
+Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
+
+From f37bd875d3f9cd4cc029b8a52aa0571da7ebd201 Mon Sep 17 00:00:00 2001
+From: Vishnu Banavath <vishnu.banavath@arm.com>
+Date: Fri, 3 Dec 2021 19:05:18 +0000
+Subject: [PATCH] add psa client definitions for ff-m
+
+Add PSA client definitions in common include to add future
+ff-m support.
+
+Signed-off-by: Rui Miguel Silva <rui.silva@arm.com>
+Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
+
+diff --git a/components/service/common/include/psa/client.h b/components/service/common/include/psa/client.h
+new file mode 100644
+index 0000000..bd2aac8
+--- /dev/null
++++ b/components/service/common/include/psa/client.h
+@@ -0,0 +1,194 @@
++/*
++ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
++ *
++ * SPDX-License-Identifier: BSD-3-Clause
++ */
++
++#ifndef SERVICE_PSA_IPC_H
++#define SERVICE_PSA_IPC_H
++
++#include <stddef.h>
++#include <stdint.h>
++
++#include <rpc_caller.h>
++#include <psa/error.h>
++
++#ifdef __cplusplus
++extern "C" {
++#endif
++
++#ifndef IOVEC_LEN
++#define IOVEC_LEN(arr) ((uint32_t)(sizeof(arr)/sizeof(arr[0])))
++#endif
++
++/*********************** PSA Client Macros and Types *************************/
++
++typedef int32_t psa_handle_t;
++
++/**
++ * The version of the PSA Framework API that is being used to build the calling
++ * firmware. Only part of features of FF-M v1.1 have been implemented. FF-M v1.1
++ * is compatible with v1.0.
++ */
++#define PSA_FRAMEWORK_VERSION (0x0101u)
++
++/**
++ * Return value from psa_version() if the requested RoT Service is not present
++ * in the system.
++ */
++#define PSA_VERSION_NONE (0u)
++
++/**
++ * The zero-value null handle can be assigned to variables used in clients and
++ * RoT Services, indicating that there is no current connection or message.
++ */
++#define PSA_NULL_HANDLE ((psa_handle_t)0)
++
++/**
++ * Tests whether a handle value returned by psa_connect() is valid.
++ */
++#define PSA_HANDLE_IS_VALID(handle) ((psa_handle_t)(handle) > 0)
++
++/**
++ * Converts the handle value returned from a failed call psa_connect() into
++ * an error code.
++ */
++#define PSA_HANDLE_TO_ERROR(handle) ((psa_status_t)(handle))
++
++/**
++ * Maximum number of input and output vectors for a request to psa_call().
++ */
++#define PSA_MAX_IOVEC (4u)
++
++/**
++ * An IPC message type that indicates a generic client request.
++ */
++#define PSA_IPC_CALL (0)
++
++/**
++ * A read-only input memory region provided to an RoT Service.
++ */
++struct __attribute__ ((__packed__)) psa_invec {
++ uint32_t base; /*!< the start address of the memory buffer */
++ uint32_t len; /*!< the size in bytes */
++};
++
++/**
++ * A writable output memory region provided to an RoT Service.
++ */
++struct __attribute__ ((__packed__)) psa_outvec {
++ uint32_t base; /*!< the start address of the memory buffer */
++ uint32_t len; /*!< the size in bytes */
++};
++
++/*************************** PSA Client API **********************************/
++
++/**
++ * \brief Retrieve the version of the PSA Framework API that is implemented.
++ *
++ * \param[in] rpc_caller RPC caller to use
++ * \return version The version of the PSA Framework implementation
++ * that is providing the runtime services to the
++ * caller. The major and minor version are encoded
++ * as follows:
++ * \arg version[15:8] -- major version number.
++ * \arg version[7:0] -- minor version number.
++ */
++uint32_t psa_framework_version(struct rpc_caller *caller);
++
++/**
++ * \brief Retrieve the version of an RoT Service or indicate that it is not
++ * present on this system.
++ *
++ * \param[in] rpc_caller RPC caller to use
++ * \param[in] sid ID of the RoT Service to query.
++ *
++ * \retval PSA_VERSION_NONE The RoT Service is not implemented, or the
++ * caller is not permitted to access the service.
++ * \retval > 0 The version of the implemented RoT Service.
++ */
++uint32_t psa_version(struct rpc_caller *caller, uint32_t sid);
++
++/**
++ * \brief Connect to an RoT Service by its SID.
++ *
++ * \param[in] rpc_caller RPC caller to use
++ * \param[in] sid ID of the RoT Service to connect to.
++ * \param[in] version Requested version of the RoT Service.
++ *
++ * \retval > 0 A handle for the connection.
++ * \retval PSA_ERROR_CONNECTION_REFUSED The SPM or RoT Service has refused the
++ * connection.
++ * \retval PSA_ERROR_CONNECTION_BUSY The SPM or RoT Service cannot make the
++ * connection at the moment.
++ * \retval "PROGRAMMER ERROR" The call is a PROGRAMMER ERROR if one or more
++ * of the following are true:
++ * \arg The RoT Service ID is not present.
++ * \arg The RoT Service version is not supported.
++ * \arg The caller is not allowed to access the RoT
++ * service.
++ */
++psa_handle_t psa_connect(struct rpc_caller *caller, uint32_t sid,
++ uint32_t version);
++
++/**
++ * \brief Call an RoT Service on an established connection.
++ *
++ * \note FF-M 1.0 proposes 6 parameters for psa_call but the secure gateway ABI
++ * support at most 4 parameters. TF-M chooses to encode 'in_len',
++ * 'out_len', and 'type' into a 32-bit integer to improve efficiency.
++ * Compared with struct-based encoding, this method saves extra memory
++ * check and memory copy operation. The disadvantage is that the 'type'
++ * range has to be reduced into a 16-bit integer. So with this encoding,
++ * the valid range for 'type' is 0-32767.
++ *
++ * \param[in] rpc_caller RPC caller to use
++ * \param[in] handle A handle to an established connection.
++ * \param[in] type The request type.
++ * Must be zero( \ref PSA_IPC_CALL) or positive.
++ * \param[in] in_vec Array of input \ref psa_invec structures.
++ * \param[in] in_len Number of input \ref psa_invec structures.
++ * \param[in,out] out_vec Array of output \ref psa_outvec structures.
++ * \param[in] out_len Number of output \ref psa_outvec structures.
++ *
++ * \retval >=0 RoT Service-specific status value.
++ * \retval <0 RoT Service-specific error code.
++ * \retval PSA_ERROR_PROGRAMMER_ERROR The connection has been terminated by the
++ * RoT Service. The call is a PROGRAMMER ERROR if
++ * one or more of the following are true:
++ * \arg An invalid handle was passed.
++ * \arg The connection is already handling a request.
++ * \arg type < 0.
++ * \arg An invalid memory reference was provided.
++ * \arg in_len + out_len > PSA_MAX_IOVEC.
++ * \arg The message is unrecognized by the RoT
++ * Service or incorrectly formatted.
++ */
++psa_status_t psa_call(struct rpc_caller *caller, psa_handle_t handle,
++ int32_t type, const struct psa_invec *in_vec,
++ size_t in_len, struct psa_outvec *out_vec, size_t out_len);
++
++/**
++ * \brief Close a connection to an RoT Service.
++ *
++ * \param[in] rpc_caller RPC caller to use
++ * \param[in] handle A handle to an established connection, or the
++ * null handle.
++ *
++ * \retval void Success.
++ * \retval "PROGRAMMER ERROR" The call is a PROGRAMMER ERROR if one or more
++ * of the following are true:
++ * \arg An invalid handle was provided that is not
++ * the null handle.
++ * \arg The connection is currently handling a
++ * request.
++ */
++void psa_close(struct rpc_caller *caller, psa_handle_t handle);
++
++#ifdef __cplusplus
++}
++#endif
++
++#endif /* SERVICE_PSA_IPC_H */
++
++
+diff --git a/components/service/common/include/psa/sid.h b/components/service/common/include/psa/sid.h
+new file mode 100644
+index 0000000..aaa973c
+--- /dev/null
++++ b/components/service/common/include/psa/sid.h
+@@ -0,0 +1,71 @@
++/*
++ * Copyright (c) 2019-2021, Arm Limited. All rights reserved.
++ *
++ * SPDX-License-Identifier: BSD-3-Clause
++ *
++ */
++
++#ifndef __PSA_MANIFEST_SID_H__
++#define __PSA_MANIFEST_SID_H__
++
++#ifdef __cplusplus
++extern "C" {
++#endif
++
++/******** TFM_SP_PS ********/
++#define TFM_PROTECTED_STORAGE_SERVICE_SID (0x00000060U)
++#define TFM_PROTECTED_STORAGE_SERVICE_VERSION (1U)
++#define TFM_PROTECTED_STORAGE_SERVICE_HANDLE (0x40000101U)
++
++/* Invalid UID */
++#define TFM_PS_INVALID_UID 0
++
++/* PS message types that distinguish PS services. */
++#define TFM_PS_SET 1001
++#define TFM_PS_GET 1002
++#define TFM_PS_GET_INFO 1003
++#define TFM_PS_REMOVE 1004
++#define TFM_PS_GET_SUPPORT 1005
++
++/******** TFM_SP_ITS ********/
++#define TFM_INTERNAL_TRUSTED_STORAGE_SERVICE_SID (0x00000070U)
++#define TFM_INTERNAL_TRUSTED_STORAGE_SERVICE_VERSION (1U)
++#define TFM_INTERNAL_TRUSTED_STORAGE_SERVICE_HANDLE (0x40000102U)
++
++/******** TFM_SP_CRYPTO ********/
++#define TFM_CRYPTO_SID (0x00000080U)
++#define TFM_CRYPTO_VERSION (1U)
++#define TFM_CRYPTO_HANDLE (0x40000100U)
++
++/******** TFM_SP_PLATFORM ********/
++#define TFM_SP_PLATFORM_SYSTEM_RESET_SID (0x00000040U)
++#define TFM_SP_PLATFORM_SYSTEM_RESET_VERSION (1U)
++#define TFM_SP_PLATFORM_IOCTL_SID (0x00000041U)
++#define TFM_SP_PLATFORM_IOCTL_VERSION (1U)
++#define TFM_SP_PLATFORM_NV_COUNTER_SID (0x00000042U)
++#define TFM_SP_PLATFORM_NV_COUNTER_VERSION (1U)
++
++/******** TFM_SP_INITIAL_ATTESTATION ********/
++#define TFM_ATTESTATION_SERVICE_SID (0x00000020U)
++#define TFM_ATTESTATION_SERVICE_VERSION (1U)
++#define TFM_ATTESTATION_SERVICE_HANDLE (0x40000103U)
++
++/******** TFM_SP_FWU ********/
++#define TFM_FWU_WRITE_SID (0x000000A0U)
++#define TFM_FWU_WRITE_VERSION (1U)
++#define TFM_FWU_INSTALL_SID (0x000000A1U)
++#define TFM_FWU_INSTALL_VERSION (1U)
++#define TFM_FWU_ABORT_SID (0x000000A2U)
++#define TFM_FWU_ABORT_VERSION (1U)
++#define TFM_FWU_QUERY_SID (0x000000A3U)
++#define TFM_FWU_QUERY_VERSION (1U)
++#define TFM_FWU_REQUEST_REBOOT_SID (0x000000A4U)
++#define TFM_FWU_REQUEST_REBOOT_VERSION (1U)
++#define TFM_FWU_ACCEPT_SID (0x000000A5U)
++#define TFM_FWU_ACCEPT_VERSION (1U)
++
++#ifdef __cplusplus
++}
++#endif
++
++#endif /* __PSA_MANIFEST_SID_H__ */
+--
+2.17.1
+
diff --git a/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc b/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc
index 4d55027..bf8c696 100644
--- a/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc
+++ b/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc
@@ -20,6 +20,7 @@ SRC_URI:append = " \
file://0007-Add-openamp-to-SE-proxy-deployment.patch \
file://0008-Implement-mhu-driver-and-the-OpenAmp-conversion-laye.patch \
file://0009-Add-openamp-rpc-caller.patch \
+ file://0010-add-psa-client-definitions-for-ff-m.patch \
"
SRCREV_ts = "882a2db4f9181fc6ddb505b82262f82e5a0c2fd5"
--
2.17.1
next prev parent reply other threads:[~2021-12-09 19:19 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-09 19:19 [PATCH 0/9] corstone1000: secure partitions patchset abdellatif.elkhlifi
2021-12-09 19:19 ` [PATCH 1/9] arm-bsp/u-boot: corstone1000: setting the boot console output abdellatif.elkhlifi
2021-12-09 19:19 ` [PATCH 2/9] arm-bsp/u-boot: corstone1000: remove the use of fdt_addr_r abdellatif.elkhlifi
2021-12-09 19:19 ` [PATCH 3/9] arm-bsp/trusted-firmware-m: corstone1000: Aligning with TF-M master abdellatif.elkhlifi
2021-12-09 19:19 ` [PATCH 4/9] arm-bsp/secure-partitions: add openamp rpc caller abdellatif.elkhlifi
2021-12-09 19:19 ` [PATCH 5/9] arm-bsp/optee-os: add openamp-virtio abdellatif.elkhlifi
2021-12-09 19:19 ` abdellatif.elkhlifi [this message]
2021-12-09 19:19 ` [PATCH 7/9] arm-bsp/secure-partitions: add common service component to ipc support abdellatif.elkhlifi
2021-12-09 19:19 ` [PATCH 8/9] arm-bsp/secure-partitions: add secure storage ipc backend abdellatif.elkhlifi
2021-12-09 19:19 ` [PATCH 9/9] arm-bsp/secure-partitions: Use secure storage ipc and openamp for se_proxy abdellatif.elkhlifi
2021-12-10 14:50 ` [PATCH 0/9] corstone1000: secure partitions patchset Jon Mason
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211209191935.26017-7-abdellatif.elkhlifi@arm.com \
--to=abdellatif.elkhlifi@arm.com \
--cc=Ross.Burton@arm.com \
--cc=meta-arm@lists.yoctoproject.org \
--cc=nd@arm.com \
--cc=rui.silva@arm.com \
--cc=vishnu.banavath@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.