Hi all,

I agree that TFM should focus on Secure side, but I also think that TFM should be user friendly, because having secure firmware that is hard to integrate is not a good roadmap…

Having examples surely helps, BUT we should understand that typically people who are developing NS firmware are not aware of secure side of thing and don’t want to spend time understanding why implementation of TFM function is not present, where they can find the implementation or how to write it.

I think providing most common implementations of this function as part of NS interface is a good solution because:

This is now a big function and it only uses Semaphores interface, thus it should be fairly easy to write and maintain
User still can write its own implementation if needed
Having this function as part of NS interface install folder simplifies integration process for NSPE developers.

Also we can provide descriptive comments in those files to state in which use case scenarios default implementation can and can’t be used.

I think our team will do this for our platform any way, so I think it may be effort free for upstream to take the files that we have implemented and place them in common code. We are planning to do this work somewhere around mid-2023.

Regards,

Bohdan Hunko

Cypress Semiconductor Ukraine

Engineer

CSUKR CSS ICW SW FW

Mobile: +38099 50 19 714
Bohdan.Hunko@infineon.com

From: David Hu <David.Hu@arm.com>
Sent: 23 December 2022 05:54
To: Anton Komlev <Anton.Komlev@arm.com>; Hunko Bohdan (CSUKR CSS ICW SW FW 3) <Bohdan.Hunko@infineon.com>; tf-m@lists.trustedfirmware.org
Cc: nd <nd@arm.com>
Subject: RE: Default implementation of tfm_ns_interface_dispatch()

Caution: This e-mail originated outside Infineon Technologies. Do not click on links or open attachments unless you validate it is safe.

Hi Bohdan,

The example implementation of tfm_ns_interface_dispatch() based on CMSIS-RTOS is in tf-m-tests tfm_ns_interface.c [1].

The implementation of tfm_ns_interface_dispatch()  depends on usage scenarios and NS OS/bare metal implementation. The implementation/requirement may vary in various use cases and NS RTOS. Therefore, trusted-firmware-m provides an example [2], rather than an actual implementation.

It is aligned with purpose of trusted-firmware-m that trusted-firmware-m focuses on secure side implementation and makes NS side implementation flexible for users/integration.

Anton’s proposal looks reasonable and promising. Users can develop their own NS interface implementation based on those examples, according to the usage scenarios.

[1] https://git.trustedfirmware.org/TF-M/tf-m-tests.git/tree/app/tfm_ns_interface.c#n18

[2] https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/interface/src/tfm_ns_interface.c.example

From: Anton Komlev via TF-M <tf-m@lists.trustedfirmware.org>
Sent: Friday, December 23, 2022 12:43 AM
To: Bohdan.Hunko@infineon.com; tf-m@lists.trustedfirmware.org
Subject: [TF-M] Re: Default implementation of tfm_ns_interface_dispatch()

Hi Bohdan,

Right, this integration process can be improved. If I understand you correctly you propose to generate several implementations of the interface for typical use cases.

I see an alternative in creating a set of typical integration examples in tf-m-extras repo. Ahead of that we need to split and decouple S <> NS build process for simplicity and avoid redo examples later.

Cheers and looking for other opinions,

Anton

From: Bohdan.Hunko--- via TF-M <tf-m@lists.trustedfirmware.org>
Sent: Thursday, December 22, 2022 3:24 PM
To: tf-m@lists.trustedfirmware.org
Subject: [TF-M] Default implementation of tfm_ns_interface_dispatch()

Hi all,

While working on TFM TZ related stuff I have noticed that TFM docs/integration_guide/index.rst states that

On Armv8-M TrustZone based platforms, NS OS shall implement interface API ``tfm_ns_interface_dispatch()`` to integrate with TF-M implementation of PSA APIs.

But currently neither CMSIS RToS nor FreeRToS implements this function, also there is no default implementation for bare metal case. So currently it is user responsibility to implement this function. Also currently for TFM tests it is implemented in test repository (<tf-m-tests repo>/ app/tfm_ns_interface.c).

I think this is bad user experience because each user have to implement this function. I think TFM should provide implementation of this function for most common use cases (for example, CMSIS RToS, AWS FreeRToS, bare metal, …). Files with implementation should be installed during build process.

Default implementations will cover most of use cases and will fit for majority of the users.