Hi,

Believe you still remember I shared the non-secure client ID management update in tech forum a few months ago (slides, video (passcode: dqHBI$2z)).

The patches and document are available in tf.org for public review. The integration reference and test suite are also provided.

 

If you’re using SPM to manage the NSID (fixed `-1` for all NS connections) which is the default option (`TFM_NS_CLIENT_IDENTIFICATION` is OFF), then it basically won’t affect you (if you don’t play with `TFM_NS_CLIENT_IDENTIFICATION` flag which is changed).

 

NSCE (non-secure client extension) module is introduced to manage the non-secure context in TF-M which includes the NSID as a member.

If you have a requirement to support different NSIDs for NS tasks, then it’s for that purpose.

 

Patches:

https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/11288 (add non-secure context management)

https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/11289 (add NSCE interface API)

https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/11616 (Doc)

https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/11294 (Add NSCE support in nspm and build system)

 

RTOS integration reference (based on RTX):

https://review.trustedfirmware.org/c/TF-M/tf-m-tests/+/11290/ (NSID manager example)

https://review.trustedfirmware.org/c/TF-M/tf-m-tests/+/11291/ (TZ API to NSCE API shim layer)

 

A test suite is added. Tip of the test cases:

https://review.trustedfirmware.org/c/TF-M/tf-m-tests/+/11659/

 

Welcome to comment.

Thanks.

 

Regards,

David Wang

ARM Electronic Technology (Shanghai) Co., Ltd

Phone: +86-21-6154 9142 (ext. 59142)