Hi Reinhard,

I think two topics have been mixed here. With my previous email, I mainly wanted to clarify that HAL APIs are meant to be independent of hardware components so we shouldn’t try to change it to TZ calls. HW specific details can be covered in the platform layers.

For PSA Level 3 isolation, I believe the work is being planned at the moment. The general approach is that TF-M team will publish an RFC for everyone to comment and the discussion can happen within the specific context of Level 3 isolation. The discussion can cover multiple platforms specifically.

Thanks,

Abhishek

From: Reinhard Keil <Reinhard.Keil@arm.com>
Sent: 06 March 2020 16:17
To: tf-m@lists.trustedfirmware.org; Abhishek Pandit <Abhishek.Pandit@arm.com>
Cc: nd <nd@arm.com>; Anton Komlev <Anton.Komlev@arm.com>
Subject: [TF-M] TrustZone initialisation procedure

Abhishek,

A few days, I posted the reasons why MPC/PPC should not be used for level 3 isolation. Did you had a chance to read that?

MPC/PPC implement system wide isolation. IMHO, reprogramming it for level 3 isolation should be not considered as it creates various problems for the system designer.

You did also ask, how to ensure that security is actually enabled, basically if security has been initalized. The best approach would be to check if the SAU->CTRL is correctly set; if not the system should shut down.

Reinhard