tfm: Add option to enable the SFN model

Add option to enable the SFN model when building TF-M.
The SFN model will eventually replace the Library model.

Change the default model to be IPC, which follows the default
configuration of TF-M.

Signed-off-by: Joakim Andersson <[email protected]>

Author: joerchan

modules/trusted-firmware-m/CMakeLists.txt

@@ -31,12 +31,17 @@ set(TFM_CRYPTO_MODULES
 
 
 if (CONFIG_BUILD_WITH_TFM)
-  if (CONFIG_TFM_IPC)
+  if (CONFIG_TFM_LIBRARY)
+    list(APPEND TFM_CMAKE_ARGS -DTFM_LIB_MODEL=ON)
+  else()
     list(APPEND TFM_CMAKE_ARGS -DTFM_LIB_MODEL=OFF)
     # PSA API awareness for the Non-Secure application
     target_compile_definitions(app PRIVATE "TFM_PSA_API")
-  else()
-    list(APPEND TFM_CMAKE_ARGS -DTFM_LIB_MODEL=ON)
+    if (CONFIG_TFM_SFN)
+      list(APPEND TFM_CMAKE_ARGS -DCONFIG_TFM_SPM_BACKEND="SFN")
+    else() # CONFIG_TFM_IPC
+      list(APPEND TFM_CMAKE_ARGS -DCONFIG_TFM_SPM_BACKEND="IPC")
+    endif()
   endif()
   if (CONFIG_TFM_REGRESSION_S)
     list(APPEND TFM_CMAKE_ARGS -DTEST_S=ON)
@@ -372,7 +377,7 @@ if (CONFIG_BUILD_WITH_TFM)
   endif()
 
   if(NOT CONFIG_TFM_BUILD_NS)
-    if(CONFIG_TFM_IPC)
+    if(CONFIG_TFM_IPC OR CONFIG_TFM_SFN)
       zephyr_library_sources_ifdef(CONFIG_TFM_PARTITION_PLATFORM                 ${TFM_INTERFACE_SOURCE_DIR}/tfm_platform_ipc_api.c)
       zephyr_library_sources_ifdef(CONFIG_TFM_PARTITION_PROTECTED_STORAGE        ${TFM_INTERFACE_SOURCE_DIR}/tfm_ps_ipc_api.c)
       zephyr_library_sources_ifdef(CONFIG_TFM_PARTITION_INTERNAL_TRUSTED_STORAGE ${TFM_INTERFACE_SOURCE_DIR}/tfm_its_ipc_api.c)

modules/trusted-firmware-m/Kconfig.tfm

@@ -276,14 +276,50 @@ config TFM_MCUBOOT_DATA_SHARING
 
 endif # TFM_BL2
 
+choice TFM_MODEL
+	prompt "TF-M Firmware Framework model"
+	default TFM_IPC
+	help
+	  The Firmware Framework M (FF-M) provides different programming models
+	  for Secure Partitions.
+
+config TFM_LIBRARY
+	bool "Library Model"
+	help
+	  Use the library model instead of PSA API.
+
+	  The library model conforms to the PSA Firmware Framework for M (FF-M)
+	  v1.0.
+
+	  NOTE: The Library Model will be removed and replaced by the SFN model.
+
 config TFM_IPC
-	bool "IPC" if TFM_PROFILE_TYPE_NOT_SET
-	default y if (TFM_PROFILE_TYPE_MEDIUM || TFM_PROFILE_TYPE_LARGE)
+	bool "IPC Model"
 	help
-	  When enabled, this option signifies that the TF-M build supports
-	  the PSA API (IPC mode) instead of the secure library mode. When
-	  TF-M Profile option is supplied, do not allow manual setting of
-	  the IPC mode, as it is determined by the profile setting.
+	  Use the IPC Model as the SPM backend for the PSA API.
+	  The IPC model supports the IPC and SFN Partition models, and
+	  isolation levels 1, 2 and 3.
+
+	  In this model each Secure Partition processes signals in any order,
+	  and can defer responding to a message while continuing to process
+	  other signals.
+
+	  The IPC model conforms to the PSA Firmware Framework for M (FF-M)
+	  v1.1.
+
+config TFM_SFN
+	bool "SFN model"
+	help
+	  Use the SFN Model as the SPM backend for the PSA API.
+	  The SFN model supports the SFN Partition model, and isolation level 1.
+
+	  In this model each Secure Partition is made up of a collection of
+	  callback functions which implement secure services.
+
+	  The SFN model conforms to the PSA Firmware Framework for M (FF-M)
+	  v1.1.
+
+endchoice # TFM_MODEL
 
 config TFM_REGRESSION_S
 	bool "TF-M Secure Regression tests"

modules/trusted-firmware-m/Kconfig.tfm.partitions

@@ -7,6 +7,9 @@ if BUILD_WITH_TFM
 
 config TFM_PARTITION_PROTECTED_STORAGE
 	bool "Secure partition 'Protected Storage'"
+	depends on TFM_PARTITION_PLATFORM # Specfically TFM_SP_PLATFORM_NV_COUNTER service
+	depends on TFM_PARTITION_INTERNAL_TRUSTED_STORAGE
+	depends on TFM_PARTITION_CRYPTO
 	default y
 	help
 	  Setting this option will cause '-DTFM_PARTITION_PROTECTED_STORAGE'
@@ -40,6 +43,7 @@ config TFM_PARTITION_CRYPTO
 
 config TFM_PARTITION_INITIAL_ATTESTATION
 	bool "Secure partition 'Initial Attestation'"
+	depends on TFM_PARTITION_CRYPTO
 	default y
 	help
 	  Setting this option will cause '-DTFM_PARTITION_INITIAL_ATTESTATION'
@@ -52,6 +56,7 @@ config TFM_PARTITION_INITIAL_ATTESTATION
 config TFM_PARTITION_PLATFORM
 	bool "Secure partition 'Platform'"
 	default y
+	depends on !TFM_SFN # Currently using PSA Framework version 1.0
 	help
 	  Setting this option will cause '-DTFM_PARTITION_PLATFORM'
 	  to be passed to the TF-M build system. Look at 'config_default.cmake'
@@ -61,8 +66,8 @@ config TFM_PARTITION_PLATFORM
 	  repository.
 
 config TFM_PARTITION_AUDIT_LOG
-	bool "Secure partition 'Audit Log'" if !TFM_IPC
-	depends on !TFM_IPC
+	bool "Secure partition 'Audit Log'"
+	depends on TFM_LIBRARY
 	default y
 	help
 	  Setting this option will cause '-DTFM_PARTITION_AUDIT_LOG'