Page MenuHomePhabricator

Provide different build options for TF-M Core NSPM on NS client support
Closed, WontfixPublic


NSPM at present provides both TrustZone context management functions and tfm_register_client_id API in the same runtime, dynamically identifying which API are implemented by NS RTOS.
Provide different compilation options to support in the binary:

  • no TZ API and no client_id API (no concurrent service requests, all NS requests are associated with client id -1)
  • no client_id API (all NS context are client id -1) but provide TZ API for multiple contexts (to not block concurrent service requests)
  • support TZ API and mandate call to register_client_api before secure service call

Event Timeline

wmnt triaged this task as High priority.Nov 14 2018, 7:29 AM
wmnt created this task.
wmnt added a comment.Nov 19 2018, 4:41 PM

A bugfix is provided for incorrect default behaviour if NS client identification is turned off in the build environment in change:

Further work for full implementation ongoing.

wmnt closed this task as Wontfix.Sep 9 2019, 2:17 PM

Various aspects of this task are to be addressed in different broader conceptual changes in the code base.