Looking at the declaration and body of this function, the first parameter is clearly a partition index (index into g_spm_partition_db.partitions[]), and all the call sites in secure_fw/spm/cmsis_func/spm_func.c use it that way. The three call sites in secure_fw/spm/cmsis_func/main.c, though, all pass a PID instead. This happens to work because g_spm_partition_db.partitions[0].static_data->partition_id == 0 and g_spm_partition_db.partitions[1].static_data->partition_id == 1. I don't see anything that guarantees that that will always be true, though.
There is a static function get_partition_id() in secure_fw/spm/cmsis_func/spm_func.c that maps from PID to partition index - should that be exported and called to address this?
Thanks,
Chris Brand
.
Hi,
Reading https://tf-m-user-guide.trustedfirmware.org/technical_references/design_doc… it mentions the plan to move ns_agent_mailbox to have "a positive valued Partition ID in the manifest" and it also states that "A standard Secure Partition gets errors when calling the Extended API".
Given that it will not possible to use the PID to identify the ns_agent_mailbox, how will the Extended API functions know whether the caller is a standard Secure Partition or not?
There was a patch https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/15142 that introduced a flag to identify the ns_agent_tz partition - would this be similar?
Also, is there a plan for which release this functionality is expected to appear?
Thanks,
Chris Brand
Hi everyone,
I have noticed that GCC toolchain uses CONFIG_TFM_FP to determine FP setting while IAR and Clang use TFM_SYSTEM_FP cmake variable. I was not able to find any docs on this variable, and also there is no assignment of this variable in TFM source code (only read operation from this variable).
Is this intendent behavior?
Regards,
Bohdan Hunko
Cypress Semiconductor Ukraine
Engineer
CSUKR CSS ICW SW FW
Mobile: +38099 50 19 714
Bohdan.Hunko(a)infineon.com<mailto:Bohdan.Hunko@infineon.com>
Hi experts,
We are developing a demo based on TF-M framework, and we also developed an
application RoT partition SP1 and a PSA RoT partition SP2.
The secure partition SP1 needs calling a SP2's service during SP1's
init(), when the SP1_init() calls a SP2 service, as the SP2 partition
hasn't
been inited, the SP2_init() executes before handling requestS from SP1.
But the returned connect handle is an invalid handle, return
PSA_ERROR_GENERIC_ERROR.
I am wondering why an invalid connect handle is returned? Any hints?
Best Regards,
Poppy Wu
吴偏偏
Macronix Microelectronics (Suzhou) Co.,Ltd
旺宏微电子(苏州)有限公司
http://www.mxic.com.cn
============================================================================
CONFIDENTIALITY NOTE:
This e-mail and any attachments may contain confidential information and/or personal data, which is protected by applicable laws. Please be reminded that duplication, disclosure, distribution, or use of this e-mail (and/or its attachments) or any part thereof is prohibited. If you receive this e-mail in error, please notify us immediately and delete this mail as well as its attachment(s) from your system. In addition, please be informed that collection, processing, and/or use of personal data is prohibited unless expressly permitted by personal data protection laws. Thank you for your attention and cooperation.
Macronix International Co., Ltd.
=====================================================================
Hi,
The next Technical Forum is planned on Thursday, May 26, 7:00-8:00 UTC (East time zone).
Please reply on this email with your proposals for agenda topics.
Recording and slides of previous meetings are here:
https://www.trustedfirmware.org/meetings/tf-m-technical-forum/
Best regards,
Anton
Hi everyone,
While looking through TFM code I have noticed that tfm_arch_is_priv() is defined for v6 and v7 in secure_fw/spm/cmsis_psa/arch/tfm_arch_v6m_v7m.h but not defined for v8.
Also tfm_arch_v6m_v7m.h is located in secure_fw/spm/cmsis_psa/arch/ folder, while tfm_arch_v8m.h is located in secure_fw/spm/include/.
I think that tfm_arch_is_priv() should also be defined for v8 and also tfm_arch_v6m_v7m.h should be moved to secure_fw/spm/include/. If file will be moved then we can clean up some target_include_directories() which used secure_fw/spm/cmsis_psa/arch/ folder.
Any thoughts on this?
Regards,
Bohdan Hunko
Cypress Semiconductor Ukraine
Engineer
CSUKR CSS ICW SW FW
Mobile: +38099 50 19 714
Bohdan.Hunko(a)infineon.com<mailto:Bohdan.Hunko@infineon.com>
Hi Kevin,
Thanks for your instruction.
We're developing an application RoT partition which access a sensor via an
SPI interface(Based on RA6M4_EK development board). After commands have
been transferred to the sensor,
an SPI_TX_INTERRUPT should be triggered, then calls spi_tx_isr().
Now let's put aside binding secure interrupts to each secure partition,
just talk about how to enable SPI interrupts in secure world simply.
Here is my implementation:
1.Configure this SPI peripheral as secure peripheral.
2.Assign SPI tx and rx interrupts to secure state by setting NVIC->ITNS
register.
3.Enable SPI tx and rx interrupts by seeting NVIC->ISER register.
But during debug, I found that spi0_tx_isr() (The ISRs are also placed
under this application RoT partition's folder) has never been triggered.
Is there anything that I miss?
Best Regards,
Poppy Wu
吴偏偏
Macronix Microelectronics (Suzhou) Co.,Ltd
旺宏微电子(苏州)有限公司
http://www.mxic.com.cn
Kevin Peng via TF-M <tf-m(a)lists.trustedfirmware.org>
2022/05/17 09:45
Please respond to
Kevin Peng <Kevin.Peng(a)arm.com>
To
Edward Yang <EdwardYang(a)mxic.com.cn>, "tf-m(a)lists.trustedfirmware.org"
<tf-m(a)lists.trustedfirmware.org>
cc
Subject
[TF-M] Re: Enable SPI interrupt in secure partition
Hi Poppy,
First-Level Interrupt Handling (FLIH) should be recommended in your use
case as you have latency requirements.
Here is an example:
https://git.trustedfirmware.org/TF-M/tf-m-tests.git/tree/test/secure_fw/sui…
You’ll firstly need to add an “irq” item in the manifest and “handling
” it with “FLIH”:
https://git.trustedfirmware.org/TF-M/tf-m-tests.git/tree/test/secure_fw/sui…
And also add the “mmio_regions” item with the associated device (SPI) to
give access permissions to the Secure Partition.
The IRQ handling should be in the Secure Partition:
https://git.trustedfirmware.org/TF-M/tf-m-tests.git/tree/test/secure_fw/sui…
Note that, no PSA APIs are allowed in the handling.
Best Regards,
Kevin
From: Edward Yang via TF-M <tf-m(a)lists.trustedfirmware.org>
Sent: Monday, May 16, 2022 5:38 PM
To: tf-m(a)lists.trustedfirmware.org
Subject: [TF-M] Enable SPI interrupt in secure partition
Hi experts,
Recently we're developing a demo based on TF-M, this demo involves using
SPI module to drive a sensor by sending commands in a secure partition.
And we need to enable SPI receive and send interrupt in this secure
partition and the latency shall be as small as possible. I am wondering
how to implement this secure interrupts. Is there any example code or
instrucstions?
Thanks.
Best Regards,
Poppy Wu
吴偏偏
Macronix Microelectronics (Suzhou) Co.,Ltd
旺宏微电子(苏州)有限公司
http://www.mxic.com.cn
CONFIDENTIALITY NOTE:
This e-mail and any attachments may contain confidential information
and/or personal data, which is protected by applicable laws. Please be
reminded that duplication, disclosure, distribution, or use of this e-mail
(and/or its attachments) or any part thereof is prohibited. If you receive
this e-mail in error, please notify us immediately and delete this mail as
well as its attachment(s) from your system. In addition, please be
informed that collection, processing, and/or use of personal data is
prohibited unless expressly permitted by personal data protection laws.
Thank you for your attention and cooperation.
Macronix International Co., Ltd.
=====================================================================--
TF-M mailing list -- tf-m(a)lists.trustedfirmware.org
To unsubscribe send an email to tf-m-leave(a)lists.trustedfirmware.org
============================================================================
CONFIDENTIALITY NOTE:
This e-mail and any attachments may contain confidential information and/or personal data, which is protected by applicable laws. Please be reminded that duplication, disclosure, distribution, or use of this e-mail (and/or its attachments) or any part thereof is prohibited. If you receive this e-mail in error, please notify us immediately and delete this mail as well as it attachments from your system. In addition, please be informed that collection, processing, and/or use of personal data is prohibited unless expressly permitted by personal data protection laws. Thank you for your attention and cooperation.
Macronix International Co., Ltd.
=====================================================================
Hi experts,
Recently we're developing a demo based on TF-M, this demo involves using
SPI module to drive a sensor by sending commands in a secure partition.
And we need to enable SPI receive and send interrupt in this secure
partition and the latency shall be as small as possible. I am wondering
how to implement this secure interrupts. Is there any example code or
instrucstions?
Thanks.
Best Regards,
Poppy Wu
吴偏偏
Macronix Microelectronics (Suzhou) Co.,Ltd
旺宏微电子(苏州)有限公司
http://www.mxic.com.cn
============================================================================
CONFIDENTIALITY NOTE:
This e-mail and any attachments may contain confidential information and/or personal data, which is protected by applicable laws. Please be reminded that duplication, disclosure, distribution, or use of this e-mail (and/or its attachments) or any part thereof is prohibited. If you receive this e-mail in error, please notify us immediately and delete this mail as well as its attachment(s) from your system. In addition, please be informed that collection, processing, and/or use of personal data is prohibited unless expressly permitted by personal data protection laws. Thank you for your attention and cooperation.
Macronix International Co., Ltd.
=====================================================================
Hi TF-Mers,
There are several versions of mem* API set in the system.
At the very beginning, the whole secure firmware was put in the library model, and it is expected to be self-contained -- at least at the source level as the first step. Hence a 'tfm_mem*' API set is created for secure firmware usage. The same reason for involving 'spm_mem*' in the PSA compliance model.
When we designed HAL for SPM, we noticed that SPM HAL actually run in the same domain as SPM, hence we encouraged developers to use 'spm_mem*' in SPM HAL.
This brings a bit of difficulty, especially when the platform sources are shared for multiple targets, while other targets do not have 'spm_mem*' API.
As 'mem*' is actually common enough (as they are fundamental API of libc), hence redefine the name is applicable only a system is highly self-contained. In our case, using 'mem*' API can bring much convenience. Hence I am thinking to let sources other than SPM use 'mem*' API, they are platform, partitions and runtime libraries. For SPM sources (under secure_fw/spm), a source-level 'spm_mem*' is kept, to keep the possibility to make SPM itself really self-contained. Now it is only source-level because 'spm_mem*' is actually forwarded to 'mem*'.
I am creating a patch to change this, and want to know your opinion.
Thanks.
/Ken
