| Gyorgy Szing | db9783c | 2019-04-17 21:08:48 +0200 | [diff] [blame^] | 1 | ###################### |
| 2 | TF-M integration guide |
| 3 | ###################### |
| 4 | The purpose of this document is to provide a guide on how to integrate TF-M |
| 5 | with other hardware platforms and operating systems. |
| 6 | |
| 7 | ***************** |
| 8 | How to build TF-M |
| 9 | ***************** |
| 10 | Follow the :doc:`Build instructions <tfm_build_instruction>`. |
| 11 | |
| 12 | ******************************************************** |
| 13 | How to export files for building non-secure applications |
| 14 | ******************************************************** |
| 15 | Explained in the :doc:`Build instructions <tfm_build_instruction>`. |
| 16 | |
| 17 | ************************* |
| 18 | How to add a new platform |
| 19 | ************************* |
| 20 | The hardware platforms currently supported are: |
| 21 | |
| 22 | - Soft Macro Model (SMM) Cortex-M33 SSE-200 subsystem for MPS2+ (AN521) |
| 23 | - Cortex-M23 IoT Kit subsystem for MPS2+ (AN519) |
| 24 | - Musca-A1 test chip board (Cortex-M33 SSE-200 subsystem) |
| 25 | - Musca-B1 test chip board (Cortex-M33 SSE-200 subsystem) |
| 26 | |
| 27 | The files related to the supported platforms are contained under the |
| 28 | ``platform`` subfolder. The platform specific files are under |
| 29 | ``platform/ext/target``, which is organised by boards |
| 30 | (e.g. ``platform/ext/target/mps2``), while the folder ``platform/ext/common`` |
| 31 | is used to store source and header files which are platform generic. |
| 32 | |
| 33 | More information about subsystems supported by the MPS2+ board can be found in: |
| 34 | `MPS2+ homepage <https://developer.arm.com/products/system-design/development-boards/fpga-prototyping-boards/mps2>`__ |
| 35 | |
| 36 | More information about the Musca-A1 test chip board can be found in: |
| 37 | `Musca-A homepage <https://developer.arm.com/products/system-design/development-boards/iot-test-chips-and-boards/musca-a-test-chip-board>`__ |
| 38 | |
| 39 | More information about the Musca-B1 test chip board can be found in: |
| 40 | `Musca-B1 homepage <https://www.arm.com/products/development-tools/development-boards/musca-b1-iot>`__ |
| 41 | |
| 42 | Generic drivers and startup/scatter files |
| 43 | ========================================= |
| 44 | The addition of a new platform means the creation of a new subfolder inside |
| 45 | ``target/<board_name>`` to provide an implementation of the drivers currently |
| 46 | used by TF-M, in particular MPC, PPC, and USART drivers. In addition to the |
| 47 | drivers, startup and scatter files need to be provided for the supported |
| 48 | toolchains. |
| 49 | |
| 50 | There are also board specific drivers which are used by the board |
| 51 | platform to interact with the external world, for example during tests, that |
| 52 | have to be provided, e.g. to blink LEDs or count time in the MPS2 board. |
| 53 | |
| 54 | .. Note:: |
| 55 | |
| 56 | Currently SST and BL2 bootloader use different flash interface |
| 57 | |
| 58 | Target configuration files |
| 59 | ========================== |
| 60 | Inside the base root folder of the selected target, each implementation has to |
| 61 | provide its own copy of ``target_cfg.c/.h``. This file has target specific |
| 62 | configuration functions and settings that are called by the TF-M during the |
| 63 | platform configuration step during TF-M boot. Examples of the configurations |
| 64 | performed during this phase are the MPC configuration, the SAU configuration, |
| 65 | or eventually PPC configuration if supported by the hardware platform. |
| 66 | Similarly, the ``uart_stdout.c`` is used to provide functions needed to redirect |
| 67 | the stdout on UART (this is currently used by TF-M to log messages). |
| 68 | |
| 69 | Platform retarget files |
| 70 | ======================= |
| 71 | An important part that each new platform has to provide is the set of retarget |
| 72 | files which are contained inside the ``retarget`` folder. These files define the |
| 73 | peripheral base addresses for the platform, both for the secure and non-secure |
| 74 | aliases (when available), and bind those addresses to the base addresses used by |
| 75 | the devices available in the hardware platform. |
| 76 | |
| 77 | *************************** |
| 78 | How to integrate another OS |
| 79 | *************************** |
| 80 | To work with TF-M, the OS needs to support the Armv8-M architecture and, in |
| 81 | particular, it needs to be able to run in the non-secure world. More |
| 82 | information about OS migration to the Armv8-M architecture can be found in the |
| 83 | :doc:`OS requirements <os_migration_guide_armv8m>`. Depending upon the system |
| 84 | configuration this may require configuring drivers to use appropriate address |
| 85 | ranges. |
| 86 | |
| 87 | Interface with TF-M |
| 88 | =================== |
| 89 | The files needed for the interface with TF-M are exported at the |
| 90 | ``<build_dir>/install/export/tfm`` path. The NS side is only allowed to call |
| 91 | TF-M secure functions (veneers) from the NS Thread mode. For this reason, the |
| 92 | API is a collection of functions in the ``<build_dir>/install/export/tfm/inc`` |
| 93 | directory. For example, the interface for the Secure STorage (SST) service |
| 94 | is described in the file ``psa_sst_api.h`` as a collection of functions that |
| 95 | call service veneer functions. This API is a wrapper for the secure veneers, |
| 96 | and returns the return value from the service to the caller. |
| 97 | |
| 98 | The secure storage service uses a numerical ID, to identify the clients that use |
| 99 | the service. For details see |
| 100 | :doc:`ns client identification documentation <tfm_ns_client_identification>`. |
| 101 | |
| 102 | Interface with non-secure world regression tests |
| 103 | ================================================ |
| 104 | A non-secure application that wants to run the non-secure regression tests |
| 105 | needs to call the ``tfm_non_secure_client_run_tests()``. This function is |
| 106 | exported into the header file ``test_framework_integ_test.h`` inside the |
| 107 | ``<build_dir>/install`` folder structure in the test specific files, |
| 108 | i.e. ``<build_dir>/install/export/tfm/test/inc``. The non-secure regression |
| 109 | tests are precompiled and delivered as a static library which is available in |
| 110 | ``<build_dir>/install/export/tfm/test/lib``, so that the non-secure application |
| 111 | needs to link against the library to be able to invoke the |
| 112 | ``tfm_non_secure_client_run_tests()`` function. The SST non-secure side |
| 113 | regression tests rely on some OS functionality e.g. threads, mutexes etc. These |
| 114 | functions comply with CMSIS RTOS2 standard and have been exported as thin |
| 115 | wrappers defined in ``os_wrapper.h`` contained in |
| 116 | ``<build_dir>/install/export/tfm/test/inc``. OS needs to provide the |
| 117 | implementation of these wrappers to be able to run the tests. |
| 118 | |
| 119 | NS client Identification |
| 120 | ======================== |
| 121 | See |
| 122 | :doc:`ns client identification documentation <tfm_ns_client_identification>`. |
| 123 | |
| 124 | -------------- |
| 125 | |
| 126 | *Copyright (c) 2017-2019, Arm Limited. All rights reserved.* |