Is my understanding correct that the existing set of secure services (audit, crypto, sst, etc) that use the "Library" or function-call-based-model to enter the SPE are being redesigned to conform to the PSA IPC model, meaning that each service will be re-implemented as a SP with a forever loop?

If so, does this mean that the existing set of NS-facing APIs associated with each secure service will be re-implemented as libraries that funnel all of their calls into the SPE through the 3 PSA IPC calls (psa_connect(), psa_call(), and psa_close())?

Alan