Hi,

Partition is described through configuration in YAML files (manifests). This configuration includes following properties (see Adding Secure Partition - Add manifest):

Name, type, priority, model, …
List of services provided by partition
MMIO regions
List of IRQs
Dependencies

Each platform should provide implementation of HAL which is specific to standard partitions like Crypto, ITS, etc. It’s mandatory to provide proper isolation of memory/peripheral that are used by platform specific code that provides HAL implementation or add a custom dependency for standard partition.

Currently platform can use following approaches to resolve the problem of extending YAML of standard TF-M partition:

Create a platform specific copy of partition YAML, see https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/15639 as an example of such approach.
Modify standard partition by introducing optional fields, see https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/17718.

These both solution are not flexible enough. It requires to modify platform independent code or maintain own copy of partition YAML file with needed changes.

I think it make sense to integrate partition YAML extension tool in TF-M. Platform/application should be able to provide manifest-extension file(s). Such manifest-extension file may provide additional properties which should be joined with properties provided by standard partition manifest files.

For example to solve problem for https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/15639 ARM RSS platform may provide following manifest-extension file with structure like this:

{

"extensions": [

{

"name": "TFM_SP_INITIAL_ATTESTATION",

"dependencies": [

"TFM_MEASURED_BOOT"

]

}

]

}

Tool which parses manifests should add a new dependency on "TFM_MEASURED_BOOT" to list of dependencies for "TFM_SP_INITIAL_ATTESTATION" partition.

Please, share your opinion on this topic.

Best regards,

Roman.