Hi all,

 

The patch sets to decouple NS code from TF-M secure part have been merged.

Sorry for the early merge as other pending patches depend on this patch set.

 

Please rebase your patches if build reports an error about conflicting types of `tfm_ns_interface_init()`.
Sorry for any inconvenience.
 
If this decoupling brings any issue in NS integration with TF-M, sorry about the trouble and I’d appreciate it if you can share the issue details.
Any further comment or suggestion is welcome.

 

Best regards,

Hu Ziji

 

From: TF-M <tf-m-bounces@lists.trustedfirmware.org> On Behalf Of David Hu via TF-M
Sent: Tuesday, April 27, 2021 11:50 AM
To: tf-m@lists.trustedfirmware.org
Cc: nd <nd@arm.com>
Subject: Re: [TF-M] [Ask for review] Decouple NS specific code from TF-M NS interface

 

Hi all,

 

Thanks a lot for all your review and comments!

I’d like to merge the patch sets *this Friday* if there is no further critical comment.

Please feel free to continue to review and comment.

 

Best regards,

Hu Ziji

 

From: TF-M <tf-m-bounces@lists.trustedfirmware.org> On Behalf Of David Hu via TF-M
Sent: Thursday, April 15, 2021 4:12 PM
To: tf-m@lists.trustedfirmware.org
Cc: nd <nd@arm.com>
Subject: [TF-M] [Ask for review] Decouple NS specific code from TF-M NS interface

 

Hi all,

 

May I ask you to take a look at the following patch set to decouple NS specific code from TF-M NS interface?

https://review.trustedfirmware.org/q/topic:%22decouple-ns-interface%22+(status:open%20OR%20status:merged)

 

The decoupled NS code is moved from trusted-firmware-m repo to tf-m-tests repo, as an example of NS implementation.

https://review.trustedfirmware.org/q/topic:%22add-ns-code%22+(status:open%20OR%20status:merged)

 

The purpose of this change is to make it more flexible and simple to integrate NS OS with TF-M NS interface.

Currently TF-M provides some reference implementations of NS interface for NS OS integration. However, it may have limitations during NS OS integration as various NS OSes/application usages prefer different implementations.

 

Therefore, those NS OS specific code  is removed from TF-M interface for NS clients in this patch set. The removed NS code includes NS interface lock ops, os wrappers and NS test specific implementation.

Those NS code can be taken as an example in tf-m-tests. NS developers can follow or replace them during integration with TF-M, according to NS OS implementation and actual scenarios, without hacking trusted-firmware-m repo.

 

This patch set doesn’t change the current integration scheme. Instead, it exports the “tfm_ns_interface_dispatch()” API and enables NS OS to implement it according to NS OS and application specific requirement, such as NS interface lock operations.

 

Any comment is welcome!

 

Best regards,

Hu Ziji