Hi Bohdan,


The example implementation of tfm_ns_interface_dispatch() based on CMSIS-RTOS is in tf-m-tests tfm_ns_interface.c [1].
The implementation of tfm_ns_interface_dispatch()  depends on usage scenarios and NS OS/bare metal implementation. The implementation/requirement may vary in various use cases and NS RTOS. Therefore, trusted-firmware-m provides an example [2], rather than an actual implementation.
It is aligned with purpose of trusted-firmware-m that trusted-firmware-m focuses on secure side implementation and makes NS side implementation flexible for users/integration.
Anton’s proposal looks reasonable and promising. Users can develop their own NS interface implementation based on those examples, according to the usage scenarios.
[1] https://git.trustedfirmware.org/TF-M/tf-m-tests.git/tree/app/tfm_ns_interface.c#n18
[2] https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/interface/src/tfm_ns_interface.c.example


From: Anton Komlev via TF-M <tf-m@lists.trustedfirmware.org>
Sent: Friday, December 23, 2022 12:43 AM
To: Bohdan.Hunko@infineon.com; tf-m@lists.trustedfirmware.org
Subject: [TF-M] Re: Default implementation of tfm_ns_interface_dispatch()


Hi Bohdan,


Right, this integration process can be improved. If I understand you correctly you propose to generate several implementations of the interface for typical use cases.

I see an alternative in creating a set of typical integration examples in tf-m-extras repo. Ahead of that we need to split and decouple S <> NS build process for simplicity and avoid redo examples later.


Cheers and looking for other opinions,



From: Bohdan.Hunko--- via TF-M <tf-m@lists.trustedfirmware.org>
Sent: Thursday, December 22, 2022 3:24 PM
To: tf-m@lists.trustedfirmware.org
Subject: [TF-M] Default implementation of tfm_ns_interface_dispatch()


Hi all,


While working on TFM TZ related stuff I have noticed that TFM docs/integration_guide/index.rst states that



But currently  neither CMSIS RToS nor FreeRToS implements this function, also there is no default implementation for bare metal case. So currently it is user responsibility to implement this function. Also currently for TFM tests it is implemented in test repository (<tf-m-tests repo>/ app/tfm_ns_interface.c).


I think this is bad user experience because each user have to implement this function. I think TFM should provide implementation of this function for most common use cases (for example, CMSIS RToS, AWS FreeRToS, bare metal, …). Files with implementation should be installed during build process.

Default implementations will cover most of use cases and will fit for majority of the users.


This way TFM will be more user friendly.


What are your thoughts on this topic? Will TFM accept such a patch?



Bohdan Hunko


Cypress Semiconductor Ukraine



Mobile: +38099 50 19 714