Hi Reinhard,

Add more from user’s perspective:

The non-secure client id can be used to identify different “clients” from non-secure side. The example from tf-m existing secure service is the storage. Different client id can access different storage space. Therefore, the storage is “isolation” among the clients.

The users can create the custom secure service and leverage different client ids (let’s say non-secure client id here) to identify different non-secure “callers”:

The meaning of identifying different non-secure callers depends on the user case of the secure service. For example, different storage spaces, different access permissions, etc.
In RTOS, different non-secure client ids are managed via TZ_APIs (https://www.keil.com/pack/doc/CMSIS/Core/html/group__context__trustzone__functions.html) if they’re enabled.
The mapping between non-secure applications and the TZ secure contexts (stand for different client ids in tfm) is managed by NS RTOS kernel. When the ns applications get updated, then the mapping should also be maintained by RTOS kernel.

Hope this helps.

Refs:

[1]: TF-M non-secure ID manager http://git.trustedfirmware.org/trusted-firmware-m.git/tree/docs/user_guides/tfm_ns_client_identification.rst

[2]: PR to FreeRTOS which uses different non-secure id for storage service: https://github.com/Linaro/amazon-freertos/pull/1

Regards,

David Wang

From: TF-M <tf-m-bounces@lists.trustedfirmware.org> On Behalf Of Ken Liu via TF-M
Sent: Tuesday, April 28, 2020 7:00 PM
To: tf-m@lists.trustedfirmware.org
Cc: nd <nd@arm.com>
Subject: Re: [TF-M] Questions on TFM_NS_CLIENT_IDENTIFICATION

Hi Reinhard,

My assumption on the user side:

- For application developers, they don't need to care about the identification and just access secure service via API.

- For non-secure OS (or, a whole system level including SPE and NSPE) developers or integrators, they can implement a mechanism to help SPM identify the different non-secure threads, then SPM can do more granular client management (access control or other policies). If the don’t, then SPM take whole NSPE shares the same non-secure client id and no more granular client management.

Still need the real USER to provide more information in case my assumption covers partial scenarios only.

Thanks.

/Ken

From: TF-M <tf-m-bounces@lists.trustedfirmware.org> On Behalf Of Reinhard Keil via TF-M
Sent: Tuesday, April 28, 2020 2:57 PM
To: tf-m@lists.trustedfirmware.org
Cc: nd <nd@arm.com>
Subject: [TF-M] Questions on TFM_NS_CLIENT_IDENTIFICATION

I see that there has been some progress in the source code to further remove the overhead of TFM_NS_CLIENT_IDENTIFICATION when the option is disabled.

However, I still don’t understand the user view of that feature. How should I use it, also considering the fact that my application may get updated during lifetime.

Reinhard