secure-partition-manager-mm.rst - OpenGrok cross reference for /aosp_15_r20/external/arm-trusted-firmware/docs/components/secure-partition-manager-mm.rst

Lines Matching full:secure
1 Secure Partition Manager (MM)
7 Two implementations of a Secure Partition Manager co-exist in the TF-A codebase:
9 -  SPM based on the FF-A specification (:ref:`Secure Partition Manager`).
15 This document describes the latter implementation where the Secure Partition Manager
16 resides at EL3 and management services run from isolated Secure Partitions at S-EL0.
24 applications to provide security services like DRM, secure payment and
26 used by Non-secure world applications to access these services. A Trusted OS
38 centres and enterprise servers) the secure software stack typically does not
50 A **Secure Partition** is a software execution environment instantiated in
52 Since S-EL0 is an unprivileged Exception Level, a Secure Partition relies on
54 resources. Essentially, it is a software sandbox in the Secure world that runs
64 Note that currently TF-A only supports handling one Secure Partition.
66 A Secure Partition enables TF-A to implement only the essential secure
68 Furthermore, multiple Secure Partitions can be used to isolate unrelated
71 The following diagram illustrates the place of a Secure Partition in a typical
72 Armv8-A software stack. A single or multiple Secure Partitions provide secure
73 services to software components in the Non-secure world and other Secure
78 The TF-A build system is responsible for including the Secure Partition image
80 Secure Partition image. A BL31 component called **Secure Partition Manager
86 - Allocate resources requested by the Secure Partition.
88 - Perform architectural and system setup required by the Secure Partition to
91 - Implement a standard interface that is used for initialising a Secure
96 - Implement a standard interface that is used by a Secure Partition to fulfil
99 - Implement a standard interface that is used by the Non-secure world for
100   accessing the services exported by a Secure Partition. A service can be
111 architecture of a Secure Partition. This section describes the specific choices
116 Building TF-A with Secure Partition support
120 implementation supports inclusion of only a single Secure Partition in which a
124 It is not currently possible for BL31 to integrate SPM support and a Secure
126 SPM bootflow, a Secure Partition image executing at S-EL0 replaces the Secure
133 Interface). This will be referred to as the *Standalone MM Secure Partition* in
142 First, build the Standalone MM Secure Partition. To build it, refer to the
145 Then build TF-A with SPM support and include the Standalone MM Secure Partition
153 Describing Secure Partition resources
157 resources required by the Secure Partition. Some instructions are given below.
161 - A Secure Partition is considered a BL32 image, so the same defines that apply
162   to BL32 images apply to a Secure Partition: ``BL32_BASE`` and ``BL32_LIMIT``.
165   used by the Secure Partition: ``PLAT_SP_IMAGE_MMAP_REGIONS`` and
174     describe the memory regions that the SPM needs to allocate for a Secure
179     with information about the memory map of the Secure Partition.
184 Accessing Secure Partition services
188 accessing services implemented in the Secure world. The ``MM_COMMUNICATE``
190 0060A*) is used to invoke a Secure Partition service as a Fast Call.
199 buffer shared with the Secure Partition.
207 Exchanging data with the Secure Partition
210 The exchange of data between the Non-secure world and the partition takes place
214 to the Non-secure world or discovered through a platform discovery mechanism
215 e.g. ACPI table or device tree. It is possible for the Non-secure world to
222 agreed between the Non-secure world and the Secure Partition. For example, in
224 describes that the communication buffer shared between the Non-secure world and
225 the Management Mode (MM) in the Secure world must be of the type
231 Runtime model of the Secure Partition
234 This section describes how the Secure Partition interfaces with the SPM.
239 In order to instantiate one or more secure services in the Secure Partition in
244   amongst multiple software components in the Secure world or cannot be directly
247 - Interfaces that establish the control path between the SPM and the Secure
251 Secure Partition to initialise itself and export its services in S-EL0. These
252 interfaces are not accessible from the Non-secure world.
262 Hence, the SVC conduit must be used by the Secure Partition to access interfaces
267 from a Secure Partition as a SMC request to the SPM in EL3. Upon servicing the
284 instruction (ERET) to S-EL0. Later, the Secure Partition issues an SVC
288 - A request to initialise the Secure Partition during system boot.
292 Communication initiated by Secure Partition
295 A request is initiated from the Secure Partition by executing a SVC instruction.
301 the Secure EL1&0 translation regime).
307 Secure Service calls range (see `SMC Calling Convention`_ (*Arm DEN 0028B*)
313 Secure Partition Event Management
316 The Secure Partition provides an Event Management interface that is used by the
317 SPM to delegate service requests to the Secure Partition. The interface also
318 allows the Secure Partition to:
358   This function returns the version of the Secure Partition Manager
381 Secure Partition Initialisation
388 handling requests for services implemented by the Secure Partition. The
395 used as the target of the ERET instruction to start initialisation of the Secure
408 The platform port of a Secure Partition specifies to the SPM a list of regions
410 description and initialises the Secure EL1&0 translation regime as follows.
491      buffer will be mapped in the Secure EL1&0 translation regime with read-only
503 The SPM receives requests for Secure Partition services through a synchronous
504 invocation (i.e. a SMC from the Non-secure world). These requests are delegated
507 was made to signal either completion of Secure Partition initialisation or
526     The values depend upon the original event that was delegated to the Secure
529     - ``SUCCESS`` : Used to indicate that the Secure Partition was initialised
548     from the Non-secure world.
552     - ``NOT_SUPPORTED``: Function was called from the Non-secure world.
559     Address of a buffer shared between the SPM and Secure Partition to pass
563     The buffer is mapped in the Secure EL1&0 translation regime with read-only
587   A Secure Partition must only call ``MM_SP_EVENT_COMPLETE_AARCH64`` to signal
592   When the SPM receives this call from a Secure Partition, the corresponding
594   instruction, to the instruction immediately after the call in the Secure
599   event to the Secure Partition. The return parameters of this interface must
603 Secure Partition Memory Management
606 A Secure Partition executes at S-EL0, which is an unprivileged Exception Level.
608 address map from a Secure Partition. This is done by mapping these regions in
609 the Secure EL1&0 Translation regime with appropriate memory attributes.
614 All memory required by the Secure Partition is allocated upfront in the SPM,
615 even before handing over to the Secure Partition for the first time. The initial
617 port and should allow the Secure Partition to run its initialisation code.
619 However, they might not suit the final needs of the Secure Partition because its
620 final memory layout might not be known until the Secure Partition initialises
621 itself. As the Secure Partition initialises its runtime environment it might,
622 for example, load dynamically some modules. For instance, a Secure Partition
625 a part of the Secure Partition image. The location of various sections in an
629 In this case, the Secure Partition needs a way to change the access permissions
632 available to the Secure Partition during a specific time window: from the first
633 entry into the Secure Partition up to the first ``SP_EVENT_COMPLETE`` call that
634 signals the Secure Partition has finished its initialisation. Once the
640 Secure Partition.
686     - ``INVALID_PARAMETERS``: The Secure Partition is not allowed to access the
690       any memory page that is accessible by the Secure Partition, or the
691       function was called from the Non-secure world. Also returned if it is
700   memory region accessible from a Secure Partition. The size of the memory
701   region is equal to the Translation Granule size used in the Secure EL1&0
707   The caller must obtain the Translation Granule Size of the Secure EL1&0
713   is not accessible from a Secure Partition.
733     of the Translation Granule Size used in the Secure EL1&0 translation
771       has been specified. The Base Address is not correctly aligned. The Secure
779       memory region that is accessible by the Secure Partition. Function was
780       called from the Non-secure world. Also returned if it is used after
789   memory region accessible from a Secure Partition. The size of the memory
790   region is equal to the Translation Granule size used in the Secure EL1&0
795   the Secure Partition sends the first ``MM_SP_EVENT_COMPLETE_AARCH64`` to
800   The caller must obtain the Translation Granule Size of the Secure EL1&0