From 524e78d58b6ee60f74e9b7028f266c5722bf4c24 Mon Sep 17 00:00:00 2001 From: sherryzhang <43438402+Sherryzhang2@users.noreply.github.com> Date: Wed, 9 Sep 2020 23:15:50 +0800 Subject: [PATCH] Introduce Trusted Firmware M support in Kernel on ARM Cortex M33 (#108) This port adds the support that FreeRTOS applications can call the secure services in Trusted Firmware M(TF-M) via PSA Platform Security Architecture(PSA) API based on Arm Cortex-M33 platform with GCC compiler. More information: PSA - https://www.arm.com/why-arm/architecture/platform-security-architecture TF-M - https://git.trustedfirmware.org/trusted-firmware-m.git/ Change-Id: I2e771b66e8d75927abc2505a187a16250d504db2 Signed-off-by: Sherry Zhang --- .../ThirdParty/GCC/ARM_CM33_TFM/README.md | 71 ++++++++++++++ .../GCC/ARM_CM33_TFM/os_wrapper_freertos.c | 96 +++++++++++++++++++ 2 files changed, 167 insertions(+) create mode 100644 portable/ThirdParty/GCC/ARM_CM33_TFM/README.md create mode 100644 portable/ThirdParty/GCC/ARM_CM33_TFM/os_wrapper_freertos.c diff --git a/portable/ThirdParty/GCC/ARM_CM33_TFM/README.md b/portable/ThirdParty/GCC/ARM_CM33_TFM/README.md new file mode 100644 index 000000000..6b03f5624 --- /dev/null +++ b/portable/ThirdParty/GCC/ARM_CM33_TFM/README.md @@ -0,0 +1,71 @@ +# Target of this port + +This port adds the support that FreeRTOS applications can call the secure +services in Trusted Firmware M(TF-M) through Platform Security Architecture +(PSA) API based on the ARM Cortex-M33 platform. + +The Platform Security Architecture (PSA) makes it quicker, easier and cheaper +to design security into a device from the ground up. PSA is made up of four key +stages: analyze, architect, implement, and certify. See [PSA Resource Page](https://developer.arm.com/architectures/security-architectures/platform-security-architecture). + +TF-M is an open source project. It provides a reference implementation of PSA +for Arm M-profile architecture. Please get the details from this [link](https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/about/). + +# Derivation of the source code + +* ```os_wrapper_freertos.c``` + The implementation of APIs which are defined in ```os_wrapper\mutex.h``` by TF-M + (tag: TF-Mv1.1). The implementation is based on FreeRTOS mutex type semaphore. + +# Usage notes + +To build a project based on this port: +* Step 1: build the secure image. Please follow the **Build the Secure Side** section for details. +* Step 2: build the nonsecure image. Please follow the **Build the Non-Secure Side** for details. + +## Build the Secure Side + +### Get the TF-M source code + +See the [link](https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/) to get the source code. This port is based on TF-M version **tag: TF-Mv1.1**. + +### Build TF-M + +Please refer to this [link](https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/docs/getting_started/tfm_build_instruction.rst) to build the secure side. +_**Note:** ```CONFIG_TFM_ENABLE_CTX_MGMT``` must be configured as "OFF" when building TF-M_. + +## Build the Non-Secure Side + +Please copy all the files in ```freertos_kernel\portable\GCC\ARM_CM33_NTZ``` into the ```freertos_kernel\portable\GCC\ARM_CM33_TFM``` folder before using this port. Note that TrustZone is enabled in this port. The TF-M runs in the Secure Side. + +Please call the API ```tfm_ns_interface_init()``` which is defined in ```os_wrapper_freertos.c``` at the very beginning of your application. Otherwise, it will always fail when calling a TF-M service in the Nonsecure Side. + +### Configuration in FreeRTOS kernel + +* ```configRUN_FREERTOS_SECURE_ONLY``` +This macro should be configured as 0. In this port, TF-M runs in the Secure Side while FreeRTOS +Kernel runs in the Non-Secure Side. + +* ```configENABLE_FPU``` +The setting of this macro is decided by the setting in Secure Side which is platform-specific. +If the Secure Side enables Non-Secure access to FPU, then this macro can be configured as 0 or 1. Otherwise, this macro can only be configured as 0. + +* ```configENABLE_TRUSTZONE``` +This macro should be configured as 0 because TF-M doesn't use the secure context management function of FreeRTOS. New secure context management might be introduced when TF-M supports multiple secure context. + + +### Integrate TF-M Non-Secure interface with FreeRTOS project + +To enable calling TF-M services by the Non-Secure Side, the files below should be included in the FreeRTOS project and built together. +* files in ```trusted-firmware-m\build\install\export\tfm\src``` + These files contain the implementation of PSA Functional Developer APIs which can be called by Non-Secure Side directly and PSA Firmware Framework APIs in the IPC model. These files should be taken + as part of the Non-Secure source code. +* files in ```trusted-firmware-m\build\install\export\tfm\include``` + These files are the necessary header files to call TF-M services. +* ```trusted-firmware-m\build\install\export\tfm\veneers\s_veneers.o``` + This object file contains all the Non-Secure callable functions exported by + TF-M and it should be linked when generating the Non-Secure image. + + + +*Copyright (c) 2020, Arm Limited. All rights reserved.* diff --git a/portable/ThirdParty/GCC/ARM_CM33_TFM/os_wrapper_freertos.c b/portable/ThirdParty/GCC/ARM_CM33_TFM/os_wrapper_freertos.c new file mode 100644 index 000000000..5e9145b08 --- /dev/null +++ b/portable/ThirdParty/GCC/ARM_CM33_TFM/os_wrapper_freertos.c @@ -0,0 +1,96 @@ +/* + * Copyright (c) 2019-2020, Arm Limited. All rights reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + */ + +/* + * This file contains the implementation of APIs which are defined in + * os_wrapper/mutex.h by TF-M(tag: TF-Mv1.1). The implementation is based + * on FreeRTOS mutex type semaphore. + */ + +#include "os_wrapper/mutex.h" + +#include "FreeRTOS.h" +#include "semphr.h" +#include "mpu_wrappers.h" + +#if( configSUPPORT_STATIC_ALLOCATION == 1 ) + /* + * In the static allocation, the RAM is required to hold the semaphore's + * state. + */ + StaticSemaphore_t xSecureMutexBuffer; +#endif + +void * os_wrapper_mutex_create( void ) +{ +SemaphoreHandle_t xMutexHandle = NULL; + +#if( configSUPPORT_DYNAMIC_ALLOCATION == 1 ) + xMutexHandle = xSemaphoreCreateMutex(); +#elif( configSUPPORT_STATIC_ALLOCATION == 1 ) + xMutexHandle = xSemaphoreCreateMutexStatic( &xSecureMutexBuffer ); +#endif + return ( void * ) xMutexHandle; +} +/*-----------------------------------------------------------*/ + +uint32_t os_wrapper_mutex_acquire( void * handle, uint32_t timeout ) +{ +BaseType_t xRet; + + if( ! handle ) + return OS_WRAPPER_ERROR; + + xRet = xSemaphoreTake( ( SemaphoreHandle_t ) handle, + ( timeout == OS_WRAPPER_WAIT_FOREVER ) ? + portMAX_DELAY : ( TickType_t ) timeout ); + + if( xRet != pdPASS ) + return OS_WRAPPER_ERROR; + else + return OS_WRAPPER_SUCCESS; +} +/*-----------------------------------------------------------*/ + +uint32_t os_wrapper_mutex_release( void * handle ) +{ +BaseType_t xRet; + + if( !handle ) + return OS_WRAPPER_ERROR; + + xRet = xSemaphoreGive( ( SemaphoreHandle_t ) handle ); + + if( xRet != pdPASS ) + return OS_WRAPPER_ERROR; + else + return OS_WRAPPER_SUCCESS; +} +/*-----------------------------------------------------------*/ + +uint32_t os_wrapper_mutex_delete( void * handle ) +{ + vSemaphoreDelete( ( SemaphoreHandle_t ) handle ); + + return OS_WRAPPER_SUCCESS; +} +/*-----------------------------------------------------------*/