1 /*
2  * Copyright (c) 2020-2022, Arm Limited. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  *
6  */
7 
8 #ifndef __TFM_HAL_ISOLATION_H__
9 #define __TFM_HAL_ISOLATION_H__
10 
11 #include <stddef.h>
12 #include <stdint.h>
13 #include <stdbool.h>
14 #include "fih.h"
15 #include "tfm_hal_defs.h"
16 #include "load/partition_defs.h"
17 #include "load/asset_defs.h"
18 
19 #ifdef __cplusplus
20 extern "C" {
21 #endif
22 
23 /* Memory access attributes */
24 #define TFM_HAL_ACCESS_EXECUTABLE       (1UL << 0)
25 #define TFM_HAL_ACCESS_READABLE         (1UL << 1)
26 #define TFM_HAL_ACCESS_WRITABLE         (1UL << 2)
27 #define TFM_HAL_ACCESS_UNPRIVILEGED     (1UL << 3)
28 #define TFM_HAL_ACCESS_DEVICE           (1UL << 4)
29 #define TFM_HAL_ACCESS_NS               (1UL << 5)
30 
31 #define TFM_HAL_ACCESS_READWRITE  \
32         (TFM_HAL_ACCESS_READABLE | TFM_HAL_ACCESS_WRITABLE)
33 
34 #ifdef TFM_FIH_PROFILE_ON
35 
36 /**
37  * \brief This function is responsible for checking all critical isolation
38           configurations.
39  *
40  * \return TFM_HAL_SUCCESS - the verification passed.
41  *         TFM_HAL_ERROR_GENERIC - the verification failed.
42  */
43 fih_int tfm_hal_verify_static_boundaries(void);
44 
45 #endif /* TFM_FIH_PROFILE_ON */
46 /**
47  * \brief  Sets up the static isolation boundaries which are constant throughout
48  *         the runtime of the system, including the SPE/NSPE and partition
49  *         boundaries.
50  *
51  * \param[out]   p_spm_boundary    Pointer of the boundary value
52  *
53  * \return TFM_HAL_SUCCESS - the isolation boundaries have been set up.
54  *         TFM_HAL_ERROR_GENERIC - failed to set up the isolation boundaries.
55  */
56 FIH_RET_TYPE(enum tfm_hal_status_t) tfm_hal_set_up_static_boundaries(
57                                                 uintptr_t *p_spm_boundary);
58 
59 /**
60  * \brief  Activate one Secure Partition boundary.
61  *
62  * \param[in]   p_ldinf         Partition load information.
63  * \param[in]   boundary        Platform boundary value for partition.
64  *
65  * \return TFM_HAL_SUCCESS          The isolation boundaries update succeeded.
66  *         TFM_HAL_ERROR_GENERIC    Failed to update the isolation boundaries.
67  */
68 FIH_RET_TYPE(enum tfm_hal_status_t) tfm_hal_activate_boundary(
69                             const struct partition_load_info_t *p_ldinf,
70                             uintptr_t boundary);
71 
72 /**
73  * \brief  This API checks if a given range of memory can be accessed with
74  *         specified access types in boundary. The boundary belongs to
75  *         a partition which contains all asset info.
76  *
77  * \param[in]   boundary      The boundary that the given memory is to be
78  *                            checked with.
79  * \param[in]   base          The base address of the region.
80  * \param[in]   size          The size of the region.
81  * \param[in]   access_type   The memory access types to be checked between
82  *                            given memory and boundaries.
83  *
84  * \return TFM_HAL_SUCCESS - The memory region has the access permissions.
85  *         TFM_HAL_ERROR_MEM_FAULT - The memory region has not the access
86  *                                   permissions.
87  *         TFM_HAL_ERROR_INVALID_INPUT - Invalid inputs.
88  *         TFM_HAL_ERROR_GENERIC - An error occurred.
89  */
90 FIH_RET_TYPE(enum tfm_hal_status_t) tfm_hal_memory_check(
91                                            uintptr_t boundary, uintptr_t base,
92                                            size_t size, uint32_t access_type);
93 
94 /**
95  * \brief  This API binds partition boundaries with the platform. The platform
96  *         maintains the platform-specific settings for SPM further
97  *         usage, such as update partition boundaries or
98  *         check resource accessibility. The platform needs to manage
99  *         the settings with internal mechanism, and return a value
100  *         to SPM. SPM delivers this value back to platform when
101  *         necessary. And SPM checks this value to decide if the
102  *         platform-specific settings need to be updated. Hence
103  *         multiple partitions can have the same value if they have
104  *         the same platform-specific settings, depending on isolation level.
105  *
106  * \param[in]   p_ldinf           Partition load information.
107  * \param[in]   p_boundary        Pointer of the boundary value
108  *
109  * \return TFM_HAL_SUCCESS          - A platform value bound successfully.
110  *         TFM_HAL_ERROR_GENERIC    - Error occurred while binding.
111  */
112 FIH_RET_TYPE(enum tfm_hal_status_t) tfm_hal_bind_boundary(
113                                     const struct partition_load_info_t *p_ldinf,
114                                     uintptr_t *p_boundary);
115 
116 /**
117  * \brief  This API let the platform decide if a boundary switch is needed.
118  *
119  * \param[in]   boundary_from  The current boundary to be switched.
120  * \param[in]   boundary_to    The target boundary to be switched to.
121  *
122  * \return true  - a switching is needed.
123  *         false - do not need a switch.
124  */
125 bool tfm_hal_boundary_need_switch(uintptr_t boundary_from,
126                                   uintptr_t boundary_to);
127 
128 #ifdef __cplusplus
129 }
130 #endif
131 
132 #endif /* __TFM_HAL_ISOLATION_H__ */
133