Introduce Trusted Firmware M support in Kernel on ARM Cortex M33 (#108)

Sherryzhang2 · web-flow · commit 524e78d58b6e · 2020-09-09T08:15:50.000-07:00
This port adds the support that FreeRTOS applications can call the secure services in Trusted Firmware M(TF-M) via PSA Platform Security Architecture(PSA) API based on Arm Cortex-M33 platform with GCC compiler. More information: PSA - https://www.arm.com/why-arm/architecture/platform-security-architecture TF-M - https://git.trustedfirmware.org/trusted-firmware-m.git/ Change-Id: I2e771b66e8d75927abc2505a187a16250d504db2 Signed-off-by: Sherry Zhang <sherry.zhang2@arm.com>
diff --git a/portable/ThirdParty/GCC/ARM_CM33_TFM/README.md b/portable/ThirdParty/GCC/ARM_CM33_TFM/README.md
@@ -0,0 +1,71 @@
+# Target of this port
+
+This port adds the support that FreeRTOS applications can call the secure
+services in Trusted Firmware M(TF-M) through Platform Security Architecture
+(PSA) API based on the ARM Cortex-M33 platform.
+
+The Platform Security Architecture (PSA) makes it quicker, easier and cheaper
+to design security into a device from the ground up. PSA is made up of four key
+stages: analyze, architect, implement, and certify. See [PSA Resource Page](https://developer.arm.com/architectures/security-architectures/platform-security-architecture).
+
+TF-M is an open source project. It provides a reference implementation of PSA
+for Arm M-profile architecture. Please get the details from this [link](https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/about/).
+
+# Derivation of the source code
+
+* ```os_wrapper_freertos.c```
+  The implementation of APIs which are defined in ```os_wrapper\mutex.h``` by TF-M
+  (tag: TF-Mv1.1). The implementation is based on FreeRTOS mutex type semaphore.
+
+# Usage notes
+
+To build a project based on this port:
+* Step 1: build the secure image. Please follow the **Build the Secure Side** section for details.
+* Step 2: build the nonsecure image. Please follow the **Build the Non-Secure Side** for details.
+
+## Build the Secure Side
+
+### Get the TF-M source code
+
+See the [link](https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/) to get the source code. This port is based on TF-M version **tag: TF-Mv1.1**.
+
+### Build TF-M
+
+Please refer to this [link](https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/docs/getting_started/tfm_build_instruction.rst) to build the secure side.
+_**Note:** ```CONFIG_TFM_ENABLE_CTX_MGMT``` must be configured as "OFF" when building TF-M_.
+
+## Build the Non-Secure Side
+
+Please copy all the files in ```freertos_kernel\portable\GCC\ARM_CM33_NTZ``` into the ```freertos_kernel\portable\GCC\ARM_CM33_TFM``` folder before using this port. Note that TrustZone is enabled in this port. The TF-M runs in the Secure Side.
+
+Please call the API ```tfm_ns_interface_init()``` which is defined in ```os_wrapper_freertos.c``` at the very beginning of your application. Otherwise, it will always fail when calling a TF-M service in the Nonsecure Side.
+
+### Configuration in FreeRTOS kernel
+
+* ```configRUN_FREERTOS_SECURE_ONLY```
+This macro should be configured as 0. In this port, TF-M runs in the Secure Side while FreeRTOS
+Kernel runs in the Non-Secure Side.
+
+* ```configENABLE_FPU```
+The setting of this macro is decided by the setting in Secure Side which is platform-specific.
+If the Secure Side enables Non-Secure access to FPU, then this macro can be configured as 0 or 1. Otherwise, this macro can only be configured as 0.
+
+* ```configENABLE_TRUSTZONE```
+This macro should be configured as 0 because TF-M doesn't use the secure context management function of FreeRTOS. New secure context management might be introduced when TF-M supports multiple secure context.
+
+
+### Integrate TF-M Non-Secure interface with FreeRTOS project
+
+To enable calling TF-M services by the Non-Secure Side, the files below should be included in the FreeRTOS project and built together.
+* files in ```trusted-firmware-m\build\install\export\tfm\src```
+  These files contain the implementation of PSA Functional Developer APIs which can be called by Non-Secure Side directly and PSA Firmware Framework APIs in the IPC model. These files should be taken
+  as part of the Non-Secure source code.
+* files in ```trusted-firmware-m\build\install\export\tfm\include```
+  These files are the necessary header files to call TF-M services.
+* ```trusted-firmware-m\build\install\export\tfm\veneers\s_veneers.o```
+  This object file contains all the Non-Secure callable functions exported by
+  TF-M and it should be linked when generating the Non-Secure image.
+
+
+
+*Copyright (c) 2020, Arm Limited. All rights reserved.*
diff --git a/portable/ThirdParty/GCC/ARM_CM33_TFM/os_wrapper_freertos.c b/portable/ThirdParty/GCC/ARM_CM33_TFM/os_wrapper_freertos.c
@@ -0,0 +1,96 @@
+/*
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy of
+ * this software and associated documentation files (the "Software"), to deal in
+ * the Software without restriction, including without limitation the rights to
+ * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+ * the Software, and to permit persons to whom the Software is furnished to do so,
+ * subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+ * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+ * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ *
+ */
+
+/*
+ * This file contains the implementation of APIs which are defined in
+ * os_wrapper/mutex.h by TF-M(tag: TF-Mv1.1). The implementation is based
+ * on FreeRTOS mutex type semaphore.
+ */
+
+#include "os_wrapper/mutex.h"
+
+#include "FreeRTOS.h"
+#include "semphr.h"
+#include "mpu_wrappers.h"
+
+#if( configSUPPORT_STATIC_ALLOCATION == 1 )
+	/*
+	 * In the static allocation, the RAM is required to hold the semaphore's
+	 * state.
+	 */
+	StaticSemaphore_t xSecureMutexBuffer;
+#endif
+
+void * os_wrapper_mutex_create( void )
+{
+SemaphoreHandle_t xMutexHandle = NULL;
+
+#if( configSUPPORT_DYNAMIC_ALLOCATION == 1 )
+	xMutexHandle = xSemaphoreCreateMutex();
+#elif( configSUPPORT_STATIC_ALLOCATION == 1 )
+	xMutexHandle = xSemaphoreCreateMutexStatic( &xSecureMutexBuffer );
+#endif
+	return ( void * ) xMutexHandle;
+}
+/*-----------------------------------------------------------*/
+
+uint32_t os_wrapper_mutex_acquire( void * handle, uint32_t timeout )
+{
+BaseType_t xRet;
+
+	if( ! handle )
+		return OS_WRAPPER_ERROR;
+
+	xRet = xSemaphoreTake( ( SemaphoreHandle_t ) handle,
+						   ( timeout == OS_WRAPPER_WAIT_FOREVER ) ?
+                           portMAX_DELAY : ( TickType_t ) timeout );
+
+	if( xRet != pdPASS )
+		return OS_WRAPPER_ERROR;
+	else
+		return OS_WRAPPER_SUCCESS;
+}
+/*-----------------------------------------------------------*/
+
+uint32_t os_wrapper_mutex_release( void * handle )
+{
+BaseType_t xRet;
+
+	if( !handle )
+		return OS_WRAPPER_ERROR;
+
+	xRet = xSemaphoreGive( ( SemaphoreHandle_t ) handle );
+
+	if( xRet != pdPASS )
+		return OS_WRAPPER_ERROR;
+	else
+		return OS_WRAPPER_SUCCESS;
+}
+/*-----------------------------------------------------------*/
+
+uint32_t os_wrapper_mutex_delete( void * handle )
+{
+	vSemaphoreDelete( ( SemaphoreHandle_t ) handle );
+
+	return OS_WRAPPER_SUCCESS;
+}
+/*-----------------------------------------------------------*/
