deleted file mode 100644
@@ -1,287 +0,0 @@
-From 13de79cd4f0d25b812e5f4ad4a19bc075496be83 Mon Sep 17 00:00:00 2001
-From: Vishnu Banavath <vishnu.banavath@arm.com>
-Date: Fri, 3 Dec 2021 16:36:51 +0000
-Subject: [PATCH 01/20] Add openamp to SE proxy deployment
-
-Openamp is required to communicate between secure partitions(running on
-Cortex-A) and trusted-firmware-m(running on Cortex-M).
-These changes are to fetch libmetal and openamp from github repo's
-and build it.
-
-Upstream-Status: Pending
-Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
-Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
----
- deployments/se-proxy/opteesp/lse.S | 28 ++++++++
- deployments/se-proxy/se-proxy.cmake | 8 +++
- external/openamp/libmetal-init-cache.cmake.in | 20 ++++++
- external/openamp/libmetal.cmake | 67 +++++++++++++++++++
- external/openamp/openamp-init-cache.cmake.in | 20 ++++++
- external/openamp/openamp.cmake | 66 ++++++++++++++++++
- 6 files changed, 209 insertions(+)
- create mode 100644 deployments/se-proxy/opteesp/lse.S
- create mode 100644 external/openamp/libmetal-init-cache.cmake.in
- create mode 100644 external/openamp/libmetal.cmake
- create mode 100644 external/openamp/openamp-init-cache.cmake.in
- create mode 100644 external/openamp/openamp.cmake
-
-diff --git a/deployments/se-proxy/opteesp/lse.S b/deployments/se-proxy/opteesp/lse.S
-new file mode 100644
-index 000000000000..8e466d65fc2b
---- /dev/null
-+++ b/deployments/se-proxy/opteesp/lse.S
-@@ -0,0 +1,28 @@
-+// SPDX-License-Identifier: BSD-3-Clause
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ */
-+
-+.text
-+.globl __aarch64_cas4_acq_rel
-+.globl __aarch64_cas4_sync
-+
-+__aarch64_cas4_acq_rel:
-+ mov w16, w0
-+ ldaxr w0, [x2]
-+ cmp w0, w16
-+0: bne 1f
-+
-+ stlxr w17, w1, [x2]
-+ cbnz w17, 0b
-+1: ret
-+
-+__aarch64_cas4_sync:
-+ mov w16, w0
-+ ldxr w0, [x2]
-+ cmp w0, w16
-+0: bne 1f
-+
-+ stlxr w17, w1, [x2]
-+ cbnz w17, 0b
-+1: ret
-diff --git a/deployments/se-proxy/se-proxy.cmake b/deployments/se-proxy/se-proxy.cmake
-index 426c66c05350..d39873a0fe81 100644
---- a/deployments/se-proxy/se-proxy.cmake
-+++ b/deployments/se-proxy/se-proxy.cmake
-@@ -61,6 +61,7 @@ add_components(TARGET "se-proxy"
- target_sources(se-proxy PRIVATE
- ${CMAKE_CURRENT_LIST_DIR}/common/se_proxy_sp.c
- ${CMAKE_CURRENT_LIST_DIR}/common/service_proxy_factory.c
-+ ${CMAKE_CURRENT_LIST_DIR}/opteesp/lse.S
- )
-
- #-------------------------------------------------------------------------------
-@@ -73,6 +74,13 @@ include(../../../external/nanopb/nanopb.cmake)
- target_link_libraries(se-proxy PRIVATE nanopb::protobuf-nanopb-static)
- protobuf_generate_all(TGT "se-proxy" NAMESPACE "protobuf" BASE_DIR "${TS_ROOT}/protocols")
-
-+# libmetal
-+include(../../../external/openamp/libmetal.cmake)
-+
-+# OpenAMP
-+include(../../../external/openamp/openamp.cmake)
-+target_link_libraries(se-proxy PRIVATE openamp libmetal)
-+
- #################################################################
-
- target_include_directories(se-proxy PRIVATE
-diff --git a/external/openamp/libmetal-init-cache.cmake.in b/external/openamp/libmetal-init-cache.cmake.in
-new file mode 100644
-index 000000000000..04c25fbde960
---- /dev/null
-+++ b/external/openamp/libmetal-init-cache.cmake.in
-@@ -0,0 +1,20 @@
-+#-------------------------------------------------------------------------------
-+# Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.
-+# Copyright (c) 2021-2022, Linaro. All rights reserved.
-+#
-+# SPDX-License-Identifier: BSD-3-Clause
-+#
-+#-------------------------------------------------------------------------------
-+
-+set(CMAKE_INSTALL_PREFIX "@BUILD_INSTALL_DIR@" CACHE STRING "")
-+set(CMAKE_TOOLCHAIN_FILE "@TS_EXTERNAL_LIB_TOOLCHAIN_FILE@" CACHE STRING "")
-+set(BUILD_SHARED_LIBS Off CACHE BOOL "")
-+set(BUILD_STATIC_LIBS On CACHE BOOL "")
-+
-+set(WITH_DOC OFF CACHE BOOL "")
-+set(WITH_TESTS OFF CACHE BOOL "")
-+set(WITH_EXAMPLES OFF CACHE BOOL "")
-+set(WITH_DEFAULT_LOGGER OFF CACHE BOOL "")
-+set(MACHINE "template" CACHE STRING "")
-+
-+@_cmake_fragment@
-diff --git a/external/openamp/libmetal.cmake b/external/openamp/libmetal.cmake
-new file mode 100644
-index 000000000000..6e5004ff555c
---- /dev/null
-+++ b/external/openamp/libmetal.cmake
-@@ -0,0 +1,67 @@
-+#-------------------------------------------------------------------------------
-+# Copyright (c) 2022 Linaro Limited
-+# Copyright (c) 2022, Arm Limited. All rights reserved.
-+#
-+# SPDX-License-Identifier: BSD-3-Clause
-+#
-+#-------------------------------------------------------------------------------
-+
-+set (LIBMETAL_URL "https://github.com/OpenAMP/libmetal.git"
-+ CACHE STRING "libmetal repository URL")
-+set (LIBMETAL_INSTALL_DIR "${CMAKE_CURRENT_BINARY_DIR}/libmetal_install"
-+ CACHE DIR "libmetal installation directory")
-+set(LIBMETAL_SOURCE_DIR "${CMAKE_CURRENT_BINARY_DIR}/_deps/libmetal"
-+ CACHE DIR "libmetal source-code")
-+set (LIBMETAL_PACKAGE_DIR "${LIBMETAL_INSTALL_DIR}/libmetal/cmake"
-+ CACHE DIR "libmetal CMake package directory")
-+set (LIBMETAL_TARGET_NAME "libmetal")
-+set (LIBMETAL_REFSPEC "f252f0e007fbfb8b3a52b1d5901250ddac96baad"
-+ CACHE STRING "The version of libmetal to use")
-+set(LIBMETAL_BINARY_DIR "${CMAKE_CURRENT_BINARY_DIR}/_deps/libmetal-build")
-+
-+set(GIT_OPTIONS
-+ GIT_REPOSITORY ${LIBMETAL_URL}
-+ GIT_TAG ${LIBMETAL_REFSPEC}
-+ GIT_SHALLOW FALSE
-+)
-+
-+if(NOT LIBMETAL_DEBUG)
-+ set(LIBMETAL_BUILD_TYPE "Release")
-+else()
-+ set(LIBMETAL_BUILD_TYPE "Debug")
-+endif()
-+
-+include(FetchContent)
-+
-+# Checking git
-+find_program(GIT_COMMAND "git")
-+if (NOT GIT_COMMAND)
-+ message(FATAL_ERROR "Please install git")
-+endif()
-+
-+# Only pass libc settings to libmetal if needed. For environments where the
-+# standard library is not overridden, this is not needed.
-+if(TARGET stdlib::c)
-+ include(${TS_ROOT}/tools/cmake/common/PropertyCopy.cmake)
-+
-+ # Save libc settings
-+ save_interface_target_properties(TGT stdlib::c PREFIX LIBC)
-+ # Translate libc settings to cmake code fragment. Will be inserted into
-+ # libmetal-init-cache.cmake.in when LazyFetch configures the file.
-+ translate_interface_target_properties(PREFIX LIBC RES _cmake_fragment)
-+ unset_saved_properties(LIBC)
-+endif()
-+
-+include(${TS_ROOT}/tools/cmake/common/LazyFetch.cmake REQUIRED)
-+LazyFetch_MakeAvailable(DEP_NAME libmetal
-+ FETCH_OPTIONS "${GIT_OPTIONS}"
-+ INSTALL_DIR "${LIBMETAL_INSTALL_DIR}"
-+ CACHE_FILE "${TS_ROOT}/external/openamp/libmetal-init-cache.cmake.in"
-+ SOURCE_DIR "${LIBMETAL_SOURCE_DIR}"
-+)
-+unset(_cmake_fragment)
-+
-+#Create an imported target to have clean abstraction in the build-system.
-+add_library(libmetal STATIC IMPORTED)
-+set_property(TARGET libmetal PROPERTY IMPORTED_LOCATION "${LIBMETAL_INSTALL_DIR}/lib/${CMAKE_STATIC_LIBRARY_PREFIX}metal${CMAKE_STATIC_LIBRARY_SUFFIX}")
-+set_property(TARGET libmetal PROPERTY INTERFACE_INCLUDE_DIRECTORIES "${LIBMETAL_INSTALL_DIR}/include")
-diff --git a/external/openamp/openamp-init-cache.cmake.in b/external/openamp/openamp-init-cache.cmake.in
-new file mode 100644
-index 000000000000..302b80511bce
---- /dev/null
-+++ b/external/openamp/openamp-init-cache.cmake.in
-@@ -0,0 +1,20 @@
-+#-------------------------------------------------------------------------------
-+# Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.
-+# Copyright (c) 2021-2022, Linaro. All rights reserved.
-+#
-+# SPDX-License-Identifier: BSD-3-Clause
-+#
-+#-------------------------------------------------------------------------------
-+
-+set(CMAKE_INSTALL_PREFIX "@BUILD_INSTALL_DIR@" CACHE STRING "")
-+set(CMAKE_TOOLCHAIN_FILE "@TS_EXTERNAL_LIB_TOOLCHAIN_FILE@" CACHE STRING "")
-+set(BUILD_SHARED_LIBS Off CACHE BOOL "")
-+set(BUILD_STATIC_LIBS On CACHE BOOL "")
-+
-+set(LIBMETAL_INCLUDE_DIR "@CMAKE_CURRENT_BINARY_DIR@/libmetal_install/include" CACHE
-+ STRING "")
-+set(LIBMETAL_LIB "@CMAKE_CURRENT_BINARY_DIR@/libmetal_install/lib" CACHE STRING "")
-+set(RPMSG_BUFFER_SIZE "512" CACHE STRING "")
-+set(MACHINE "template" CACHE STRING "")
-+
-+@_cmake_fragment@
-diff --git a/external/openamp/openamp.cmake b/external/openamp/openamp.cmake
-new file mode 100644
-index 000000000000..449f35f4fda4
---- /dev/null
-+++ b/external/openamp/openamp.cmake
-@@ -0,0 +1,66 @@
-+#-------------------------------------------------------------------------------
-+# Copyright (c) 2022 Linaro Limited
-+# Copyright (c) 2022, Arm Limited. All rights reserved.
-+#
-+# SPDX-License-Identifier: BSD-3-Clause
-+#
-+#-------------------------------------------------------------------------------
-+
-+set (OPENAMP_URL "https://github.com/OpenAMP/open-amp.git"
-+ CACHE STRING "OpenAMP repository URL")
-+set (OPENAMP_INSTALL_DIR "${CMAKE_CURRENT_BINARY_DIR}/openamp_install"
-+ CACHE DIR "OpenAMP installation directory")
-+set (OPENAMP_SOURCE_DIR "${CMAKE_CURRENT_BINARY_DIR}/_deps/openamp"
-+ CACHE DIR "OpenAMP source code directory")
-+set (OPENAMP_PACKAGE_DIR "${OPENAMP_INSTALL_DIR}/openamp/cmake"
-+ CACHE DIR "OpenAMP CMake package directory")
-+set (OPENAMP_TARGET_NAME "openamp")
-+set (OPENAMP_REFSPEC "347397decaa43372fc4d00f965640ebde042966d"
-+ CACHE STRING "The version of openamp to use")
-+
-+set(GIT_OPTIONS
-+ GIT_REPOSITORY ${OPENAMP_URL}
-+ GIT_TAG ${OPENAMP_REFSPEC}
-+ GIT_SHALLOW FALSE
-+)
-+
-+if(NOT OPENAMP_DEBUG)
-+ set(OPENAMP_BUILD_TYPE "Release")
-+else()
-+ set(OPENAMP_BUILD_TYPE "Debug")
-+endif()
-+
-+include(FetchContent)
-+
-+# Checking git
-+find_program(GIT_COMMAND "git")
-+if (NOT GIT_COMMAND)
-+ message(FATAL_ERROR "Please install git")
-+endif()
-+
-+# Only pass libc settings to openamp if needed. For environments where the
-+# standard library is not overridden, this is not needed.
-+if(TARGET stdlib::c)
-+ include(${TS_ROOT}/tools/cmake/common/PropertyCopy.cmake)
-+
-+ # Save libc settings
-+ save_interface_target_properties(TGT stdlib::c PREFIX LIBC)
-+ # Translate libc settings to cmake code fragment. Will be inserted into
-+ # libmetal-init-cache.cmake.in when LazyFetch configures the file.
-+ translate_interface_target_properties(PREFIX LIBC RES _cmake_fragment)
-+ unset_saved_properties(LIBC)
-+endif()
-+
-+include(${TS_ROOT}/tools/cmake/common/LazyFetch.cmake REQUIRED)
-+LazyFetch_MakeAvailable(DEP_NAME openamp
-+ FETCH_OPTIONS "${GIT_OPTIONS}"
-+ INSTALL_DIR "${OPENAMP_INSTALL_DIR}"
-+ CACHE_FILE "${TS_ROOT}/external/openamp/openamp-init-cache.cmake.in"
-+ SOURCE_DIR "${OPENAMP_SOURCE_DIR}"
-+)
-+unset(_cmake_fragment)
-+
-+#Create an imported target to have clean abstraction in the build-system.
-+add_library(openamp STATIC IMPORTED)
-+set_property(TARGET openamp PROPERTY IMPORTED_LOCATION "${OPENAMP_INSTALL_DIR}/lib/${CMAKE_STATIC_LIBRARY_PREFIX}open_amp${CMAKE_STATIC_LIBRARY_SUFFIX}")
-+set_property(TARGET openamp PROPERTY INTERFACE_INCLUDE_DIRECTORIES "${OPENAMP_INSTALL_DIR}/include")
-2.38.1
-
similarity index 78%
rename from meta-arm-bsp/recipes-security/trusted-services/corstone1000/0013-Add-stub-capsule-update-service-components.patch
rename to meta-arm-bsp/recipes-security/trusted-services/corstone1000/0001-Add-stub-capsule-update-service-components.patch
@@ -1,7 +1,7 @@
-From 050be6fdfee656b0556766cc1db30f4c0ea87c79 Mon Sep 17 00:00:00 2001
+From a965129153a0cca340535fe2cf99dbfef9b557da Mon Sep 17 00:00:00 2001
From: Julian Hall <julian.hall@arm.com>
Date: Tue, 12 Oct 2021 15:45:41 +0100
-Subject: [PATCH 13/20] Add stub capsule update service components
+Subject: [PATCH 1/6] Add stub capsule update service components
To facilitate development of a capsule update service provider,
stub components are added to provide a starting point for an
@@ -18,15 +18,12 @@ Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
.../provider/capsule_update_provider.c | 133 ++++++++++++++++++
.../provider/capsule_update_provider.h | 51 +++++++
.../capsule_update/provider/component.cmake | 13 ++
- deployments/se-proxy/common/se_proxy_sp.c | 3 +
- .../se-proxy/common/service_proxy_factory.c | 16 +++
- .../se-proxy/common/service_proxy_factory.h | 1 +
- deployments/se-proxy/se-proxy.cmake | 1 +
+ .../se-proxy/infra/corstone1000/infra.cmake | 1 +
deployments/se-proxy/se_proxy_interfaces.h | 9 +-
.../capsule_update/capsule_update_proto.h | 13 ++
protocols/service/capsule_update/opcodes.h | 17 +++
protocols/service/capsule_update/parameters.h | 15 ++
- 12 files changed, 292 insertions(+), 4 deletions(-)
+ 9 files changed, 272 insertions(+), 4 deletions(-)
create mode 100644 components/service/capsule_update/backend/capsule_update_backend.h
create mode 100644 components/service/capsule_update/provider/capsule_update_provider.c
create mode 100644 components/service/capsule_update/provider/capsule_update_provider.h
@@ -280,75 +277,18 @@ index 000000000000..1d412eb234d9
+target_sources(${TGT} PRIVATE
+ "${CMAKE_CURRENT_LIST_DIR}/capsule_update_provider.c"
+ )
-diff --git a/deployments/se-proxy/common/se_proxy_sp.c b/deployments/se-proxy/common/se_proxy_sp.c
-index a37396f4454b..a38ad6ca3f56 100644
---- a/deployments/se-proxy/common/se_proxy_sp.c
-+++ b/deployments/se-proxy/common/se_proxy_sp.c
-@@ -77,6 +77,9 @@ void __noreturn sp_main(struct ffa_init_info *init_info)
- }
- rpc_demux_attach(&rpc_demux, SE_PROXY_INTERFACE_ID_ATTEST, rpc_iface);
-
-+ rpc_iface = capsule_update_proxy_create();
-+ rpc_demux_attach(&rpc_demux, SE_PROXY_INTERFACE_ID_CAPSULE_UPDATE, rpc_iface);
-+
- /* End of boot phase */
- result = sp_msg_wait(&req_msg);
- if (result != SP_RESULT_OK) {
-diff --git a/deployments/se-proxy/common/service_proxy_factory.c b/deployments/se-proxy/common/service_proxy_factory.c
-index 7edeef8b434a..591cc9eeb59e 100644
---- a/deployments/se-proxy/common/service_proxy_factory.c
-+++ b/deployments/se-proxy/common/service_proxy_factory.c
-@@ -13,6 +13,7 @@
- #include <service/crypto/factory/crypto_provider_factory.h>
- #include <service/secure_storage/frontend/secure_storage_provider/secure_storage_provider.h>
- #include <trace.h>
-+#include <service/capsule_update/provider/capsule_update_provider.h>
-
- /* Stub backends */
- #include <service/crypto/backend/psa_ipc/crypto_ipc_backend.h>
-@@ -93,3 +94,18 @@ struct rpc_interface *its_proxy_create(void)
-
- return secure_storage_provider_init(&its_provider, backend);
- }
-+
-+struct rpc_interface *capsule_update_proxy_create(void)
-+{
-+ static struct capsule_update_provider capsule_update_provider;
-+ static struct rpc_caller *capsule_update_caller;
-+
-+ capsule_update_caller = openamp_caller_init(&openamp);
-+
-+ if (!capsule_update_caller)
-+ return NULL;
-+
-+ capsule_update_provider.client.caller = capsule_update_caller;
-+
-+ return capsule_update_provider_init(&capsule_update_provider);
-+}
-diff --git a/deployments/se-proxy/common/service_proxy_factory.h b/deployments/se-proxy/common/service_proxy_factory.h
-index 298d407a2371..02aa7fe2550d 100644
---- a/deployments/se-proxy/common/service_proxy_factory.h
-+++ b/deployments/se-proxy/common/service_proxy_factory.h
-@@ -17,6 +17,7 @@ struct rpc_interface *attest_proxy_create(void);
- struct rpc_interface *crypto_proxy_create(void);
- struct rpc_interface *ps_proxy_create(void);
- struct rpc_interface *its_proxy_create(void);
-+struct rpc_interface *capsule_update_proxy_create(void);
-
- #ifdef __cplusplus
- }
-diff --git a/deployments/se-proxy/se-proxy.cmake b/deployments/se-proxy/se-proxy.cmake
-index 3dbbc36c968d..f0db2d43f443 100644
---- a/deployments/se-proxy/se-proxy.cmake
-+++ b/deployments/se-proxy/se-proxy.cmake
-@@ -51,6 +51,7 @@ add_components(TARGET "se-proxy"
- "components/service/attestation/provider/serializer/packed-c"
+diff --git a/deployments/se-proxy/infra/corstone1000/infra.cmake b/deployments/se-proxy/infra/corstone1000/infra.cmake
+index 4e7e2bd58028..e60b5400617f 100644
+--- a/deployments/se-proxy/infra/corstone1000/infra.cmake
++++ b/deployments/se-proxy/infra/corstone1000/infra.cmake
+@@ -21,6 +21,7 @@ add_components(TARGET "se-proxy"
+ "components/service/attestation/key_mngr/local"
"components/service/attestation/reporter/psa_ipc"
- "components/service/attestation/client/psa_ipc"
+ "components/service/crypto/backend/psa_ipc"
+ "components/service/capsule_update/provider"
- "components/rpc/openamp/caller/sp"
+ "components/service/secure_storage/backend/secure_storage_ipc"
+ )
- # Stub service provider backends
diff --git a/deployments/se-proxy/se_proxy_interfaces.h b/deployments/se-proxy/se_proxy_interfaces.h
index 48908f846990..3d4a7c204785 100644
--- a/deployments/se-proxy/se_proxy_interfaces.h
@@ -432,5 +372,5 @@ index 000000000000..285d924186be
+
+#endif /* CAPSULE_UPDATE_PARAMETERS_H */
--
-2.38.1
+2.40.0
similarity index 96%
rename from meta-arm-bsp/recipes-security/trusted-services/corstone1000/0018-Fixes-in-AEAD-for-psa-arch-test-54-and-58.patch
rename to meta-arm-bsp/recipes-security/trusted-services/corstone1000/0002-Fixes-in-AEAD-for-psa-arch-test-54-and-58.patch
@@ -1,7 +1,7 @@
-From 1a4d46fdc0b5745b9cfb0789e4b778111bd6dbbb Mon Sep 17 00:00:00 2001
+From 51a7024967187644011c5043ef0f733cf81b26be Mon Sep 17 00:00:00 2001
From: Satish Kumar <satish.kumar01@arm.com>
Date: Mon, 14 Feb 2022 08:22:25 +0000
-Subject: [PATCH 18/20] Fixes in AEAD for psa-arch test 54 and 58.
+Subject: [PATCH 2/6] Fixes in AEAD for psa-arch test 54 and 58.
Upstream-Status: Pending [Not submitted to upstream yet]
Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com>
@@ -29,7 +29,7 @@ index c4ffb20cf7f8..a91f66c14008 100644
/* Mandatory input data parameter */
diff --git a/components/service/crypto/include/psa/crypto_sizes.h b/components/service/crypto/include/psa/crypto_sizes.h
-index 4d7bf6e959b0..e3c4df2927b3 100644
+index 30aa102da581..130d27295878 100644
--- a/components/service/crypto/include/psa/crypto_sizes.h
+++ b/components/service/crypto/include/psa/crypto_sizes.h
@@ -351,7 +351,7 @@
@@ -117,5 +117,5 @@ index 0be266b52403..435fd3b523ce 100644
/* Variable length input parameter tags */
--
-2.38.1
+2.40.0
deleted file mode 100644
@@ -1,1091 +0,0 @@
-From 28aedac78016e5063ebd675a43e6c3655f87b442 Mon Sep 17 00:00:00 2001
-From: Vishnu Banavath <vishnu.banavath@arm.com>
-Date: Fri, 3 Dec 2021 18:00:46 +0000
-Subject: [PATCH 02/20] Implement mhu driver and the OpenAmp conversion layer.
-
-This commit adds an mhu driver (v2.1 and v2) to the secure
-partition se_proxy and a conversion layer to communicate with
-the secure enclave using OpenAmp.
-
-Upstream-Status: Pending
-Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
-Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
----
- .../se-proxy/opteesp/default_se-proxy.dts.in | 16 +
- .../drivers/arm/mhu_driver/component.cmake | 12 +
- platform/drivers/arm/mhu_driver/mhu_v2.h | 391 ++++++++++++
- platform/drivers/arm/mhu_driver/mhu_v2_x.c | 602 ++++++++++++++++++
- .../providers/arm/corstone1000/platform.cmake | 10 +
- 5 files changed, 1031 insertions(+)
- create mode 100644 platform/drivers/arm/mhu_driver/component.cmake
- create mode 100644 platform/drivers/arm/mhu_driver/mhu_v2.h
- create mode 100644 platform/drivers/arm/mhu_driver/mhu_v2_x.c
- create mode 100644 platform/providers/arm/corstone1000/platform.cmake
-
-diff --git a/deployments/se-proxy/opteesp/default_se-proxy.dts.in b/deployments/se-proxy/opteesp/default_se-proxy.dts.in
-index 5748d2f80f88..267b4f923540 100644
---- a/deployments/se-proxy/opteesp/default_se-proxy.dts.in
-+++ b/deployments/se-proxy/opteesp/default_se-proxy.dts.in
-@@ -17,4 +17,20 @@
- xlat-granule = <0>; /* 4KiB */
- messaging-method = <3>; /* Direct messaging only */
- legacy-elf-format = <1>;
-+
-+ device-regions {
-+ compatible = "arm,ffa-manifest-device-regions";
-+ mhu-sender {
-+ /* Armv8 A Foundation Platform values */
-+ base-address = <0x00000000 0x1b820000>;
-+ pages-count = <16>;
-+ attributes = <0x3>; /* read-write */
-+ };
-+ mhu-receiver {
-+ /* Armv8 A Foundation Platform values */
-+ base-address = <0x00000000 0x1b830000>;
-+ pages-count = <16>;
-+ attributes = <0x3>; /* read-write */
-+ };
-+ };
- };
-diff --git a/platform/drivers/arm/mhu_driver/component.cmake b/platform/drivers/arm/mhu_driver/component.cmake
-new file mode 100644
-index 000000000000..77a5a50b67d1
---- /dev/null
-+++ b/platform/drivers/arm/mhu_driver/component.cmake
-@@ -0,0 +1,12 @@
-+#-------------------------------------------------------------------------------
-+# Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+#
-+# SPDX-License-Identifier: BSD-3-Clause
-+#
-+#-------------------------------------------------------------------------------
-+
-+# Add source files for using mhu driver
-+target_sources(${TGT}
-+ PRIVATE
-+ "${CMAKE_CURRENT_LIST_DIR}/mhu_v2_x.c"
-+)
-diff --git a/platform/drivers/arm/mhu_driver/mhu_v2.h b/platform/drivers/arm/mhu_driver/mhu_v2.h
-new file mode 100644
-index 000000000000..2e4ba80fab95
---- /dev/null
-+++ b/platform/drivers/arm/mhu_driver/mhu_v2.h
-@@ -0,0 +1,391 @@
-+/*
-+ * Copyright (c) 2021 Arm Limited
-+ *
-+ * Licensed under the Apache License, Version 2.0 (the "License");
-+ * you may not use this file except in compliance with the License.
-+ * You may obtain a copy of the License at
-+ *
-+ * http://www.apache.org/licenses/LICENSE-2.0
-+ *
-+ * Unless required by applicable law or agreed to in writing, software
-+ * distributed under the License is distributed on an "AS IS" BASIS,
-+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-+ * See the License for the specific language governing permissions and
-+ * limitations under the License.
-+ */
-+
-+/**
-+ * \file mhu_v2_x.h
-+ * \brief Driver for Arm MHU v2.0 and v2.1
-+ */
-+
-+#ifndef __MHU_V2_X_H__
-+#define __MHU_V2_X_H__
-+
-+#include <stdint.h>
-+#include <stdbool.h>
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+#define MHU_2_X_INTR_NR2R_OFF (0x0u)
-+#define MHU_2_X_INTR_R2NR_OFF (0x1u)
-+#define MHU_2_1_INTR_CHCOMB_OFF (0x2u)
-+
-+#define MHU_2_X_INTR_NR2R_MASK (0x1u << MHU_2_X_INTR_NR2R_OFF)
-+#define MHU_2_X_INTR_R2NR_MASK (0x1u << MHU_2_X_INTR_R2NR_OFF)
-+#define MHU_2_1_INTR_CHCOMB_MASK (0x1u << MHU_2_1_INTR_CHCOMB_OFF)
-+
-+enum mhu_v2_x_frame_t {
-+ MHU_V2_X_SENDER_FRAME = 0x0u,
-+ MHU_V2_X_RECEIVER_FRAME = 0x1u,
-+};
-+
-+enum mhu_v2_x_supported_revisions {
-+ MHU_REV_READ_FROM_HW = 0,
-+ MHU_REV_2_0,
-+ MHU_REV_2_1,
-+};
-+
-+struct mhu_v2_x_dev_t {
-+ uint32_t base;
-+ enum mhu_v2_x_frame_t frame;
-+ uint32_t subversion; /*!< Hardware subversion: v2.X */
-+ bool is_initialized; /*!< Indicates if the MHU driver
-+ * is initialized and enabled
-+ */
-+};
-+
-+/**
-+ * \brief MHU v2 error enumeration types.
-+ */
-+enum mhu_v2_x_error_t {
-+ MHU_V_2_X_ERR_NONE = 0,
-+ MHU_V_2_X_ERR_NOT_INIT = -1,
-+ MHU_V_2_X_ERR_ALREADY_INIT = -2,
-+ MHU_V_2_X_ERR_UNSUPPORTED_VERSION = -3,
-+ MHU_V_2_X_ERR_INVALID_ARG = -4,
-+ MHU_V_2_X_ERR_GENERAL = -5
-+};
-+
-+/**
-+ * \brief Initializes the driver
-+ *
-+ * \param[in] dev MHU device struct \ref mhu_v2_x_dev_t
-+ * \param[in] rev MHU revision (if can't be identified from HW)
-+ *
-+ * Reads the MHU hardware version
-+ *
-+ * \return Returns mhu_v2_x_error_t error code
-+ *
-+ * \note MHU revision only has to be specified when versions can't be read
-+ * from HW (ARCH_MAJOR_REV reg reads as 0x0).
-+ *
-+ * \note This function doesn't check if dev is NULL.
-+ */
-+enum mhu_v2_x_error_t mhu_v2_x_driver_init(struct mhu_v2_x_dev_t *dev,
-+ enum mhu_v2_x_supported_revisions rev);
-+
-+/**
-+ * \brief Returns the number of channels implemented.
-+ *
-+ * \param[in] dev MHU device struct \ref mhu_v2_x_dev_t
-+ *
-+ * Returns the number of channels implemented.
-+ *
-+ * \return Returns the number of channels implemented.
-+ *
-+ * \note This function doesn't check if dev is NULL.
-+ */
-+uint32_t mhu_v2_x_get_num_channel_implemented(
-+ const struct mhu_v2_x_dev_t *dev);
-+
-+/**
-+ * \brief Sends the value over a channel.
-+ *
-+ * \param[in] dev MHU device struct \ref mhu_v2_x_dev_t
-+ * \param[in] channel Channel to send the value over.
-+ * \param[in] val Value to send.
-+ *
-+ * Sends the value over a channel.
-+ *
-+ * \return Returns mhu_v2_x_error_t error code
-+ *
-+ * \note This function doesn't check if dev is NULL.
-+ * \note This function doesn't check if channel is implemented.
-+ */
-+enum mhu_v2_x_error_t mhu_v2_x_channel_send(const struct mhu_v2_x_dev_t *dev,
-+ uint32_t channel, uint32_t val);
-+
-+/**
-+ * \brief Clears the channel after the value is send over it.
-+ *
-+ * \param[in] dev MHU device struct \ref mhu_v2_x_dev_t
-+ * \param[in] channel Channel to clear.
-+ *
-+ * Clears the channel after the value is send over it.
-+ *
-+ * \return Returns mhu_v2_x_error_t error code
-+ *
-+ * \note This function doesn't check if dev is NULL.
-+ * \note This function doesn't check if channel is implemented.
-+ */
-+enum mhu_v2_x_error_t mhu_v2_x_channel_clear(const struct mhu_v2_x_dev_t *dev,
-+ uint32_t channel);
-+
-+/**
-+ * \brief Receives the value over a channel.
-+ *
-+ * \param[in] dev MHU device struct \ref mhu_v2_x_dev_t
-+ * \param[in] channel Channel to receive the value from.
-+ * \param[out] value Pointer to variable that will store the value.
-+ *
-+ * Receives the value over a channel.
-+ *
-+ * \return Returns mhu_v2_x_error_t error code
-+ *
-+ * \note This function doesn't check if dev is NULL.
-+ * \note This function doesn't check if channel is implemented.
-+ */
-+enum mhu_v2_x_error_t mhu_v2_x_channel_receive(
-+ const struct mhu_v2_x_dev_t *dev, uint32_t channel, uint32_t *value);
-+
-+/**
-+ * \brief Sets bits in the Channel Mask.
-+ *
-+ * \param[in] dev MHU device struct \ref mhu_v2_x_dev_t
-+ * \param[in] channel Which channel's mask to set.
-+ * \param[in] mask Mask to be set over a receiver frame.
-+ *
-+ * Sets bits in the Channel Mask.
-+ *
-+ * \return Returns mhu_v2_x_error_t error code
-+ *
-+ * \note This function doesn't check if dev is NULL.
-+ * \note This function doesn't check if channel is implemented.
-+ */
-+enum mhu_v2_x_error_t mhu_v2_x_channel_mask_set(
-+ const struct mhu_v2_x_dev_t *dev, uint32_t channel, uint32_t mask);
-+
-+/**
-+ * \brief Clears bits in the Channel Mask.
-+ *
-+ * \param[in] dev MHU device struct \ref mhu_v2_x_dev_t
-+ * \param[in] channel Which channel's mask to clear.
-+ * \param[in] mask Mask to be clear over a receiver frame.
-+ *
-+ * Clears bits in the Channel Mask.
-+ *
-+ * \return Returns mhu_v2_x_error_t error code
-+ *
-+ * \note This function doesn't check if dev is NULL.
-+ * \note This function doesn't check if channel is implemented.
-+ */
-+enum mhu_v2_x_error_t mhu_v2_x_channel_mask_clear(
-+ const struct mhu_v2_x_dev_t *dev, uint32_t channel, uint32_t mask);
-+
-+/**
-+ * \brief Enables the Channel interrupt.
-+ *
-+ * \param[in] dev MHU device struct \ref mhu_v2_x_dev_t
-+ * \param[in] channel Which channel's interrupt to enable.
-+ *
-+ * Enables the Channel clear interrupt.
-+ *
-+ * \return Returns mhu_v2_x_error_t error code
-+ *
-+ * \note This function doesn't check if dev is NULL.
-+ * \note This function doesn't check if channel is implemented.
-+ */
-+enum mhu_v2_x_error_t mhu_v2_x_channel_interrupt_enable(
-+ const struct mhu_v2_x_dev_t *dev, uint32_t channel);
-+
-+/**
-+ * \brief Disables the Channel interrupt.
-+ *
-+ * \param[in] dev MHU device struct \ref mhu_v2_x_dev_t
-+ * \param[in] channel Which channel's interrupt to disable.
-+ *
-+ * Disables the Channel interrupt.
-+ *
-+ * \return Returns mhu_v2_x_error_t error code
-+ *
-+ * \note This function doesn't check if dev is NULL.
-+ * \note This function doesn't check if channel is implemented.
-+ */
-+enum mhu_v2_x_error_t mhu_v2_x_channel_interrupt_disable(
-+ const struct mhu_v2_x_dev_t *dev, uint32_t channel);
-+
-+/**
-+ * \brief Cleares the Channel interrupt.
-+ *
-+ * \param[in] dev MHU device struct \ref mhu_v2_x_dev_t
-+ * \param[in] channel Which channel's interrupt to clear.
-+ *
-+ * Cleares the Channel interrupt.
-+ *
-+ * \return Returns mhu_v2_x_error_t error code
-+ *
-+ * \note This function doesn't check if dev is NULL.
-+ * \note This function doesn't check if channel is implemented.
-+ */
-+enum mhu_v2_x_error_t mhu_v2_x_channel_interrupt_clear(
-+ const struct mhu_v2_x_dev_t *dev, uint32_t channel);
-+
-+/**
-+ * \brief Initiates a MHU transfer with the handshake signals.
-+ *
-+ * \param[in] dev MHU device struct \ref mhu_v2_x_dev_t
-+ *
-+ * Initiates a MHU transfer with the handshake signals in a blocking mode.
-+ *
-+ * \return Returns mhu_v2_x_error_t error code
-+ *
-+ * \note This function doesn't check if dev is NULL.
-+ */
-+enum mhu_v2_x_error_t mhu_v2_x_initiate_transfer(
-+ const struct mhu_v2_x_dev_t *dev);
-+
-+/**
-+ * \brief Closes a MHU transfer with the handshake signals.
-+ *
-+ * \param[in] dev MHU device struct \ref mhu_v2_x_dev_t
-+ *
-+ * Closes a MHU transfer with the handshake signals in a blocking mode.
-+ *
-+ * \return Returns mhu_v2_x_error_t error code
-+ *
-+ * \note This function doesn't check if dev is NULL.
-+ */
-+enum mhu_v2_x_error_t mhu_v2_x_close_transfer(
-+ const struct mhu_v2_x_dev_t *dev);
-+
-+/**
-+ * \brief Returns the value of access request signal.
-+ *
-+ * \param[in] dev MHU device struct \ref mhu_v2_x_dev_t
-+ * \param[out] val Pointer to variable that will store the value.
-+ *
-+ * For more information please read the MHU v2 user guide
-+ *
-+ * \return Returns mhu_v2_x_error_t error code
-+ *
-+ * \note This function doesn't check if dev is NULL.
-+ */
-+enum mhu_v2_x_error_t mhu_v2_x_get_access_request(
-+ const struct mhu_v2_x_dev_t *dev, uint32_t *val);
-+
-+/**
-+ * \brief Sets the value of access request signal to high.
-+ *
-+ * \param[in] dev MHU device struct \ref mhu_v2_x_dev_t
-+ *
-+ * For more information please read the MHU v2 user guide
-+ *
-+ * \return Returns mhu_v2_x_error_t error code
-+ *
-+ * \note This function doesn't check if dev is NULL.
-+ */
-+enum mhu_v2_x_error_t mhu_v2_x_set_access_request(
-+ const struct mhu_v2_x_dev_t *dev);
-+
-+/**
-+ * \brief Sets the value of access request signal to low.
-+ *
-+ * \param[in] dev MHU device struct \ref mhu_v2_x_dev_t
-+ *
-+ * For more information please read the MHU v2 user guide
-+ *
-+ * \return Returns mhu_v2_x_error_t error code
-+ *
-+ * \note This function doesn't check if dev is NULL.
-+ */
-+enum mhu_v2_x_error_t mhu_v2_x_reset_access_request(
-+ const struct mhu_v2_x_dev_t *dev);
-+
-+/**
-+ * \brief Returns the value of access ready signal.
-+ *
-+ * \param[in] dev MHU device struct \ref mhu_v2_x_dev_t
-+ * \param[out] val Pointer to variable that will store the value.
-+ *
-+ * For more information please read the MHU v2 user guide
-+ *
-+ * \return Returns mhu_v2_x_error_t error code
-+ *
-+ * \note This function doesn't check if dev is NULL.
-+ */
-+enum mhu_v2_x_error_t mhu_v2_x_get_access_ready(
-+ const struct mhu_v2_x_dev_t *dev, uint32_t *val);
-+
-+/**
-+ * \brief Returns the MHU interrupt status.
-+ *
-+ * \param[in] dev MHU device struct \ref mhu_v2_x_dev_t
-+ *
-+ * \return Interrupt status register value. Masking is needed for individual
-+ * interrupts.
-+ *
-+ * \note This function doesn't check if dev is NULL.
-+ */
-+uint32_t mhu_v2_x_get_interrupt_status(const struct mhu_v2_x_dev_t *dev);
-+
-+/**
-+ * \brief Enables MHU interrupts.
-+ *
-+ * \param[in] dev MHU device struct \ref mhu_v2_x_dev_t
-+ * \param[in] mask Bit mask for enabling/disabling interrupts
-+ *
-+ * \return Returns mhu_v2_x_error_t error code
-+ *
-+ * \note This function doesn't check if dev is NULL.
-+ */
-+enum mhu_v2_x_error_t mhu_v2_x_interrupt_enable(
-+ const struct mhu_v2_x_dev_t *dev, uint32_t mask);
-+
-+/**
-+ * \brief Disables MHU interrupts.
-+ *
-+ * \param[in] dev MHU device struct \ref mhu_v2_x_dev_t
-+ * \param[in] mask Bit mask for enabling/disabling interrupts
-+ *
-+ * \return Returns mhu_v2_x_error_t error code
-+ *
-+ * \note This function doesn't check if dev is NULL.
-+ */
-+enum mhu_v2_x_error_t mhu_v2_x_interrupt_disable(
-+ const struct mhu_v2_x_dev_t *dev, uint32_t mask);
-+
-+/**
-+ * \brief Clears MHU interrupts.
-+ *
-+ * \param[in] dev MHU device struct \ref mhu_v2_x_dev_t
-+ * \param[in] mask Bit mask for clearing interrupts
-+ *
-+ * \return Returns mhu_v2_x_error_t error code
-+ *
-+ * \note This function doesn't check if dev is NULL.
-+ */
-+enum mhu_v2_x_error_t mhu_v2_x_interrupt_clear(
-+ const struct mhu_v2_x_dev_t *dev, uint32_t mask);
-+
-+/**
-+ * \brief Returns the first channel number whose interrupt bit is high.
-+ *
-+ * \param[in] dev MHU device struct \ref mhu_v2_x_dev_t
-+ * \param[out] channel Pointer to variable that will have the channel value.
-+ *
-+ * \return Returns the first channel number whose interrupt bit is high.
-+ * \return Returns mhu_v2_x_error_t error code.
-+ *
-+ * \note This function doesn't check if dev is NULL.
-+ */
-+enum mhu_v2_x_error_t mhu_v2_1_get_ch_interrupt_num(
-+ const struct mhu_v2_x_dev_t *dev, uint32_t *channel);
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif /* __MHU_V2_X_H__ */
-diff --git a/platform/drivers/arm/mhu_driver/mhu_v2_x.c b/platform/drivers/arm/mhu_driver/mhu_v2_x.c
-new file mode 100644
-index 000000000000..01d8f659a73a
---- /dev/null
-+++ b/platform/drivers/arm/mhu_driver/mhu_v2_x.c
-@@ -0,0 +1,602 @@
-+/*
-+ * Copyright (c) 2021 Arm Limited
-+ *
-+ * Licensed under the Apache License, Version 2.0 (the "License");
-+ * you may not use this file except in compliance with the License.
-+ * You may obtain a copy of the License at
-+ *
-+ * http://www.apache.org/licenses/LICENSE-2.0
-+ *
-+ * Unless required by applicable law or agreed to in writing, software
-+ * distributed under the License is distributed on an "AS IS" BASIS,
-+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-+ * See the License for the specific language governing permissions and
-+ * limitations under the License.
-+ */
-+#include <stdint.h>
-+#include <stdbool.h>
-+#include "mhu_v2.h"
-+
-+#define _MHU_V2_X_MAX_CHANNELS 124
-+#define _MHU_V2_1_MAX_CHCOMB_INT 4
-+#define ENABLE 0x1
-+#define DISABLE 0x0
-+#define CLEAR_INTR 0x1
-+#define CH_PER_CH_COMB 0x20
-+#define SEND_FRAME(p_mhu) ((struct _mhu_v2_x_send_frame_t *)p_mhu)
-+#define RECV_FRAME(p_mhu) ((struct _mhu_v2_x_recv_frame_t *)p_mhu)
-+
-+#define MHU_MAJOR_REV_V2 0x1u
-+#define MHU_MINOR_REV_2_0 0x0u
-+#define MHU_MINOR_REV_2_1 0x1u
-+
-+struct _mhu_v2_x_send_ch_window_t {
-+ /* Offset: 0x00 (R/ ) Channel Status */
-+ volatile uint32_t ch_st;
-+ /* Offset: 0x04 (R/ ) Reserved */
-+ volatile uint32_t reserved_0;
-+ /* Offset: 0x08 (R/ ) Reserved */
-+ volatile uint32_t reserved_1;
-+ /* Offset: 0x0C ( /W) Channel Set */
-+ volatile uint32_t ch_set;
-+ /* Offset: 0x10 (R/ ) Channel Interrupt Status (Reserved in 2.0) */
-+ volatile uint32_t ch_int_st;
-+ /* Offset: 0x14 ( /W) Channel Interrupt Clear (Reserved in 2.0) */
-+ volatile uint32_t ch_int_clr;
-+ /* Offset: 0x18 (R/W) Channel Interrupt Enable (Reserved in 2.0) */
-+ volatile uint32_t ch_int_en;
-+ /* Offset: 0x1C (R/ ) Reserved */
-+ volatile uint32_t reserved_2;
-+};
-+
-+struct _mhu_v2_x_send_frame_t {
-+ /* Offset: 0x000 ( / ) Sender Channel Window 0 -123 */
-+ struct _mhu_v2_x_send_ch_window_t send_ch_window[_MHU_V2_X_MAX_CHANNELS];
-+ /* Offset: 0xF80 (R/ ) Message Handling Unit Configuration */
-+ volatile uint32_t mhu_cfg;
-+ /* Offset: 0xF84 (R/W) Response Configuration */
-+ volatile uint32_t resp_cfg;
-+ /* Offset: 0xF88 (R/W) Access Request */
-+ volatile uint32_t access_request;
-+ /* Offset: 0xF8C (R/ ) Access Ready */
-+ volatile uint32_t access_ready;
-+ /* Offset: 0xF90 (R/ ) Interrupt Status */
-+ volatile uint32_t int_st;
-+ /* Offset: 0xF94 ( /W) Interrupt Clear */
-+ volatile uint32_t int_clr;
-+ /* Offset: 0xF98 (R/W) Interrupt Enable */
-+ volatile uint32_t int_en;
-+ /* Offset: 0xF9C (R/ ) Reserved */
-+ volatile uint32_t reserved_0;
-+ /* Offset: 0xFA0 (R/W) Channel Combined Interrupt Stat (Reserved in 2.0) */
-+ volatile uint32_t ch_comb_int_st[_MHU_V2_1_MAX_CHCOMB_INT];
-+ /* Offset: â€0xFC4‬ (R/ ) Reserved */
-+ volatile uint32_t reserved_1[6];
-+ /* Offset: 0xFC8 (R/ ) Implementer Identification Register */
-+ volatile uint32_t iidr;
-+ /* Offset: 0xFCC (R/ ) Architecture Identification Register */
-+ volatile uint32_t aidr;
-+ /* Offset: 0xFD0 (R/ ) */
-+ volatile uint32_t pid_1[4];
-+ /* Offset: 0xFE0 (R/ ) */
-+ volatile uint32_t pid_0[4];
-+ /* Offset: 0xFF0 (R/ ) */
-+ volatile uint32_t cid[4];
-+};
-+
-+struct _mhu_v2_x_rec_ch_window_t {
-+ /* Offset: 0x00 (R/ ) Channel Status */
-+ volatile uint32_t ch_st;
-+ /* Offset: 0x04 (R/ ) Channel Status Masked */
-+ volatile uint32_t ch_st_msk;
-+ /* Offset: 0x08 ( /W) Channel Clear */
-+ volatile uint32_t ch_clr;
-+ /* Offset: 0x0C (R/ ) Reserved */
-+ volatile uint32_t reserved_0;
-+ /* Offset: 0x10 (R/ ) Channel Mask Status */
-+ volatile uint32_t ch_msk_st;
-+ /* Offset: 0x14 ( /W) Channel Mask Set */
-+ volatile uint32_t ch_msk_set;
-+ /* Offset: 0x18 ( /W) Channel Mask Clear */
-+ volatile uint32_t ch_msk_clr;
-+ /* Offset: 0x1C (R/ ) Reserved */
-+ volatile uint32_t reserved_1;
-+};
-+
-+struct _mhu_v2_x_recv_frame_t {
-+ /* Offset: 0x000 ( / ) Receiver Channel Window 0 -123 */
-+ struct _mhu_v2_x_rec_ch_window_t rec_ch_window[_MHU_V2_X_MAX_CHANNELS];
-+ /* Offset: 0xF80 (R/ ) Message Handling Unit Configuration */
-+ volatile uint32_t mhu_cfg;
-+ /* Offset: 0xF84 (R/ ) Reserved */
-+ volatile uint32_t reserved_0[3];
-+ /* Offset: 0xF90 (R/ ) Interrupt Status (Reserved in 2.0) */
-+ volatile uint32_t int_st;
-+ /* Offset: 0xF94 (R/ ) Interrupt Clear (Reserved in 2.0) */
-+ volatile uint32_t int_clr;
-+ /* Offset: 0xF98 (R/W) Interrupt Enable (Reserved in 2.0) */
-+ volatile uint32_t int_en;
-+ /* Offset: 0xF9C (R/ ) Reserved */
-+ volatile uint32_t reserved_1;
-+ /* Offset: 0xFA0 (R/ ) Channel Combined Interrupt Stat (Reserved in 2.0) */
-+ volatile uint32_t ch_comb_int_st[_MHU_V2_1_MAX_CHCOMB_INT];
-+ /* Offset: 0xFB0 (R/ ) Reserved */
-+ volatile uint32_t reserved_2[6];
-+ /* Offset: 0xFC8 (R/ ) Implementer Identification Register */
-+ volatile uint32_t iidr;
-+ /* Offset: 0xFCC (R/ ) Architecture Identification Register */
-+ volatile uint32_t aidr;
-+ /* Offset: 0xFD0 (R/ ) */
-+ volatile uint32_t pid_1[4];
-+ /* Offset: 0xFE0 (R/ ) */
-+ volatile uint32_t pid_0[4];
-+ /* Offset: 0xFF0 (R/ ) */
-+ volatile uint32_t cid[4];
-+};
-+
-+union _mhu_v2_x_frame_t {
-+ struct _mhu_v2_x_send_frame_t send_frame;
-+ struct _mhu_v2_x_recv_frame_t recv_frame;
-+};
-+
-+enum mhu_v2_x_error_t mhu_v2_x_driver_init(struct mhu_v2_x_dev_t *dev,
-+ enum mhu_v2_x_supported_revisions rev)
-+{
-+ uint32_t AIDR = 0;
-+ union _mhu_v2_x_frame_t *p_mhu = (union _mhu_v2_x_frame_t *)dev->base;
-+
-+ if (dev->is_initialized) {
-+ return MHU_V_2_X_ERR_ALREADY_INIT;
-+ }
-+
-+ if (rev == MHU_REV_READ_FROM_HW) {
-+ /* Read revision from HW */
-+ if (dev->frame == MHU_V2_X_RECEIVER_FRAME) {
-+ AIDR = p_mhu->recv_frame.aidr;
-+ } else {
-+ AIDR = p_mhu->send_frame.aidr;
-+ }
-+
-+ /* Get bits 7:4 to read major revision */
-+ if ( ((AIDR >> 4) & 0b1111) != MHU_MAJOR_REV_V2) {
-+ /* Unsupported MHU version */
-+ return MHU_V_2_X_ERR_UNSUPPORTED_VERSION;
-+ } /* No need to save major version, driver only supports MHUv2 */
-+
-+ /* Get bits 3:0 to read minor revision */
-+ dev->subversion = AIDR & 0b1111;
-+
-+ if (dev->subversion != MHU_MINOR_REV_2_0 &&
-+ dev->subversion != MHU_MINOR_REV_2_1) {
-+ /* Unsupported subversion */
-+ return MHU_V_2_X_ERR_UNSUPPORTED_VERSION;
-+ }
-+ } else {
-+ /* Revisions were provided by caller */
-+ if (rev == MHU_REV_2_0) {
-+ dev->subversion = MHU_MINOR_REV_2_0;
-+ } else if (rev == MHU_REV_2_1) {
-+ dev->subversion = MHU_MINOR_REV_2_1;
-+ } else {
-+ /* Unsupported subversion */
-+ return MHU_V_2_X_ERR_UNSUPPORTED_VERSION;
-+ }/* No need to save major version, driver only supports MHUv2 */
-+ }
-+
-+ dev->is_initialized = true;
-+
-+ return MHU_V_2_X_ERR_NONE;
-+}
-+
-+uint32_t mhu_v2_x_get_num_channel_implemented(const struct mhu_v2_x_dev_t *dev)
-+{
-+ union _mhu_v2_x_frame_t *p_mhu = (union _mhu_v2_x_frame_t *)dev->base;
-+
-+ if ( !(dev->is_initialized) ) {
-+ return MHU_V_2_X_ERR_NOT_INIT;
-+ }
-+
-+ if(dev->frame == MHU_V2_X_SENDER_FRAME) {
-+ return (SEND_FRAME(p_mhu))->mhu_cfg;
-+ } else {
-+ return (RECV_FRAME(p_mhu))->mhu_cfg;
-+ }
-+}
-+
-+enum mhu_v2_x_error_t mhu_v2_x_channel_send(const struct mhu_v2_x_dev_t *dev,
-+ uint32_t channel, uint32_t val)
-+{
-+ union _mhu_v2_x_frame_t *p_mhu = (union _mhu_v2_x_frame_t *)dev->base;
-+
-+ if ( !(dev->is_initialized) ) {
-+ return MHU_V_2_X_ERR_NOT_INIT;
-+ }
-+
-+ if(dev->frame == MHU_V2_X_SENDER_FRAME) {
-+ (SEND_FRAME(p_mhu))->send_ch_window[channel].ch_set = val;
-+ return MHU_V_2_X_ERR_NONE;
-+ } else {
-+ return MHU_V_2_X_ERR_INVALID_ARG;
-+ }
-+}
-+
-+enum mhu_v2_x_error_t mhu_v2_x_channel_clear(const struct mhu_v2_x_dev_t *dev,
-+ uint32_t channel)
-+{
-+ union _mhu_v2_x_frame_t *p_mhu = (union _mhu_v2_x_frame_t *)dev->base;
-+
-+ if ( !(dev->is_initialized) ) {
-+ return MHU_V_2_X_ERR_NOT_INIT;
-+ }
-+
-+ if(dev->frame == MHU_V2_X_RECEIVER_FRAME) {
-+ (RECV_FRAME(p_mhu))->rec_ch_window[channel].ch_clr = UINT32_MAX;
-+ return MHU_V_2_X_ERR_NONE;
-+ } else {
-+ return MHU_V_2_X_ERR_INVALID_ARG;
-+ }
-+}
-+
-+enum mhu_v2_x_error_t mhu_v2_x_channel_receive(
-+ const struct mhu_v2_x_dev_t *dev, uint32_t channel, uint32_t *value)
-+{
-+ union _mhu_v2_x_frame_t *p_mhu = (union _mhu_v2_x_frame_t *)dev->base;
-+
-+ if ( !(dev->is_initialized) ) {
-+ return MHU_V_2_X_ERR_NOT_INIT;
-+ }
-+
-+ if(dev->frame == MHU_V2_X_RECEIVER_FRAME) {
-+ *value = (RECV_FRAME(p_mhu))->rec_ch_window[channel].ch_st;
-+ return MHU_V_2_X_ERR_NONE;
-+ } else {
-+ return MHU_V_2_X_ERR_INVALID_ARG;
-+ }
-+}
-+
-+enum mhu_v2_x_error_t mhu_v2_x_channel_mask_set(
-+ const struct mhu_v2_x_dev_t *dev, uint32_t channel, uint32_t mask)
-+{
-+ union _mhu_v2_x_frame_t *p_mhu = (union _mhu_v2_x_frame_t *)dev->base;
-+
-+ if ( !(dev->is_initialized) ) {
-+ return MHU_V_2_X_ERR_NOT_INIT;
-+ }
-+
-+ if(dev->frame == MHU_V2_X_RECEIVER_FRAME) {
-+ (RECV_FRAME(p_mhu))->rec_ch_window[channel].ch_msk_set = mask;
-+ return MHU_V_2_X_ERR_NONE;
-+ } else {
-+ return MHU_V_2_X_ERR_INVALID_ARG;
-+ }
-+}
-+
-+enum mhu_v2_x_error_t mhu_v2_x_channel_mask_clear(
-+ const struct mhu_v2_x_dev_t *dev, uint32_t channel, uint32_t mask)
-+{
-+ union _mhu_v2_x_frame_t *p_mhu = (union _mhu_v2_x_frame_t *)dev->base;
-+
-+ if ( !(dev->is_initialized) ) {
-+ return MHU_V_2_X_ERR_NOT_INIT;
-+ }
-+
-+ if(dev->frame == MHU_V2_X_RECEIVER_FRAME) {
-+ (RECV_FRAME(p_mhu))->rec_ch_window[channel].ch_msk_clr = mask;
-+ return MHU_V_2_X_ERR_NONE;
-+ } else {
-+ return MHU_V_2_X_ERR_INVALID_ARG;
-+ }
-+}
-+
-+enum mhu_v2_x_error_t mhu_v2_x_channel_interrupt_enable(
-+ const struct mhu_v2_x_dev_t *dev, uint32_t channel)
-+{
-+ union _mhu_v2_x_frame_t *p_mhu = (union _mhu_v2_x_frame_t *)dev->base;
-+
-+ if ( !(dev->is_initialized) ) {
-+ return MHU_V_2_X_ERR_NOT_INIT;
-+ }
-+
-+ if (dev->subversion == MHU_MINOR_REV_2_1) {
-+ return MHU_V_2_X_ERR_UNSUPPORTED_VERSION;
-+ }
-+
-+ if(dev->frame == MHU_V2_X_SENDER_FRAME) {
-+ (SEND_FRAME(p_mhu))->send_ch_window[channel].ch_int_en = ENABLE;
-+ return MHU_V_2_X_ERR_NONE;
-+ } else {
-+ return MHU_V_2_X_ERR_INVALID_ARG;
-+ }
-+}
-+
-+enum mhu_v2_x_error_t mhu_v2_x_channel_interrupt_disable(
-+ const struct mhu_v2_x_dev_t *dev, uint32_t channel)
-+{
-+ union _mhu_v2_x_frame_t *p_mhu = (union _mhu_v2_x_frame_t *)dev->base;
-+
-+ if ( !(dev->is_initialized) ) {
-+ return MHU_V_2_X_ERR_NOT_INIT;
-+ }
-+
-+ if (dev->subversion == MHU_MINOR_REV_2_1) {
-+ return MHU_V_2_X_ERR_UNSUPPORTED_VERSION;
-+ }
-+
-+ if(dev->frame == MHU_V2_X_SENDER_FRAME) {
-+ (SEND_FRAME(p_mhu))->send_ch_window[channel].ch_int_en = DISABLE;
-+ return MHU_V_2_X_ERR_NONE;
-+ } else {
-+ return MHU_V_2_X_ERR_INVALID_ARG;
-+ }
-+}
-+
-+enum mhu_v2_x_error_t mhu_v2_x_channel_interrupt_clear(
-+ const struct mhu_v2_x_dev_t *dev, uint32_t channel)
-+{
-+ union _mhu_v2_x_frame_t *p_mhu = (union _mhu_v2_x_frame_t *)dev->base;
-+
-+ if ( !(dev->is_initialized) ) {
-+ return MHU_V_2_X_ERR_NOT_INIT;
-+ }
-+
-+ if (dev->subversion == MHU_MINOR_REV_2_1) {
-+ return MHU_V_2_X_ERR_UNSUPPORTED_VERSION;
-+ }
-+
-+ if(dev->frame == MHU_V2_X_SENDER_FRAME) {
-+ (SEND_FRAME(p_mhu))->send_ch_window[channel].ch_int_clr = CLEAR_INTR;
-+ return MHU_V_2_X_ERR_NONE;
-+ } else {
-+ return MHU_V_2_X_ERR_INVALID_ARG;
-+ }
-+}
-+
-+enum mhu_v2_x_error_t mhu_v2_x_initiate_transfer(
-+ const struct mhu_v2_x_dev_t *dev)
-+{
-+ union _mhu_v2_x_frame_t *p_mhu = (union _mhu_v2_x_frame_t *)dev->base;
-+
-+ if ( !(dev->is_initialized) ) {
-+ return MHU_V_2_X_ERR_NOT_INIT;
-+ }
-+
-+ if(dev->frame != MHU_V2_X_SENDER_FRAME) {
-+ return MHU_V_2_X_ERR_INVALID_ARG;
-+ }
-+
-+ (SEND_FRAME(p_mhu))->access_request = ENABLE;
-+
-+ while ( !((SEND_FRAME(p_mhu))->access_ready) ) {
-+ /* Wait in a loop for access ready signal to be high */
-+ ;
-+ }
-+
-+ return MHU_V_2_X_ERR_NONE;
-+}
-+
-+enum mhu_v2_x_error_t mhu_v2_x_close_transfer(const struct mhu_v2_x_dev_t *dev)
-+{
-+ union _mhu_v2_x_frame_t *p_mhu = (union _mhu_v2_x_frame_t *)dev->base;
-+
-+ if ( !(dev->is_initialized) ) {
-+ return MHU_V_2_X_ERR_NOT_INIT;
-+ }
-+
-+ if(dev->frame != MHU_V2_X_SENDER_FRAME) {
-+ return MHU_V_2_X_ERR_INVALID_ARG;
-+ }
-+
-+ (SEND_FRAME(p_mhu))->access_request = DISABLE;
-+
-+ return MHU_V_2_X_ERR_NONE;
-+}
-+
-+enum mhu_v2_x_error_t mhu_v2_x_get_access_request(
-+ const struct mhu_v2_x_dev_t *dev, uint32_t *val)
-+{
-+ union _mhu_v2_x_frame_t *p_mhu = (union _mhu_v2_x_frame_t *)dev->base;
-+
-+ if ( !(dev->is_initialized) ) {
-+ return MHU_V_2_X_ERR_NOT_INIT;
-+ }
-+
-+ if(dev->frame != MHU_V2_X_SENDER_FRAME) {
-+ return MHU_V_2_X_ERR_INVALID_ARG;
-+ }
-+
-+ *val = (SEND_FRAME(p_mhu))->access_request;
-+
-+ return MHU_V_2_X_ERR_NONE;
-+}
-+
-+enum mhu_v2_x_error_t mhu_v2_x_set_access_request(
-+ const struct mhu_v2_x_dev_t *dev)
-+{
-+ union _mhu_v2_x_frame_t *p_mhu = (union _mhu_v2_x_frame_t *)dev->base;
-+
-+ if ( !(dev->is_initialized) ) {
-+ return MHU_V_2_X_ERR_NOT_INIT;
-+ }
-+
-+ if(dev->frame != MHU_V2_X_SENDER_FRAME) {
-+ return MHU_V_2_X_ERR_INVALID_ARG;
-+ }
-+
-+ (SEND_FRAME(p_mhu))->access_request = ENABLE;
-+
-+ return MHU_V_2_X_ERR_NONE;
-+}
-+
-+enum mhu_v2_x_error_t mhu_v2_x_reset_access_request(
-+ const struct mhu_v2_x_dev_t *dev)
-+{
-+ union _mhu_v2_x_frame_t *p_mhu = (union _mhu_v2_x_frame_t *)dev->base;
-+
-+ if ( !(dev->is_initialized) ) {
-+ return MHU_V_2_X_ERR_NOT_INIT;
-+ }
-+
-+ if(dev->frame != MHU_V2_X_SENDER_FRAME) {
-+ return MHU_V_2_X_ERR_INVALID_ARG;
-+ }
-+
-+ (SEND_FRAME(p_mhu))->access_request = DISABLE;
-+
-+ return MHU_V_2_X_ERR_NONE;
-+}
-+
-+enum mhu_v2_x_error_t mhu_v2_x_get_access_ready(
-+ const struct mhu_v2_x_dev_t *dev, uint32_t *val)
-+{
-+ union _mhu_v2_x_frame_t *p_mhu = (union _mhu_v2_x_frame_t *)dev->base;
-+
-+ if ( !(dev->is_initialized) ) {
-+ return MHU_V_2_X_ERR_NOT_INIT;
-+ }
-+
-+ if(dev->frame != MHU_V2_X_SENDER_FRAME) {
-+ return MHU_V_2_X_ERR_INVALID_ARG;
-+ }
-+
-+ *val = (SEND_FRAME(p_mhu))->access_ready;
-+
-+ return MHU_V_2_X_ERR_NONE;
-+}
-+
-+uint32_t mhu_v2_x_get_interrupt_status(const struct mhu_v2_x_dev_t *dev)
-+{
-+ union _mhu_v2_x_frame_t *p_mhu = (union _mhu_v2_x_frame_t *)dev->base;
-+
-+ if ( !(dev->is_initialized) ) {
-+ return MHU_V_2_X_ERR_NOT_INIT;
-+ }
-+
-+ if(dev->frame == MHU_V2_X_SENDER_FRAME) {
-+ return (SEND_FRAME(p_mhu))->int_st;
-+ } else {
-+ return (RECV_FRAME(p_mhu))->int_st;
-+ }
-+}
-+
-+enum mhu_v2_x_error_t mhu_v2_x_interrupt_enable(
-+ const struct mhu_v2_x_dev_t *dev, uint32_t mask)
-+{
-+ union _mhu_v2_x_frame_t *p_mhu = (union _mhu_v2_x_frame_t *)dev->base;
-+
-+ if ( !(dev->is_initialized) ) {
-+ return MHU_V_2_X_ERR_NOT_INIT;
-+ }
-+
-+ if (dev->subversion == MHU_MINOR_REV_2_0) {
-+ if (mask & MHU_2_1_INTR_CHCOMB_MASK) {
-+ /* Combined channel IRQ is not present in v2.0 */
-+ return MHU_V_2_X_ERR_INVALID_ARG;
-+ }
-+
-+ if (dev->frame == MHU_V2_X_RECEIVER_FRAME) {
-+ /* Only sender frame has these registers */
-+ return MHU_V_2_X_ERR_UNSUPPORTED_VERSION;
-+ }
-+ }
-+
-+ if(dev->frame == MHU_V2_X_SENDER_FRAME) {
-+ (SEND_FRAME(p_mhu))->int_en |= mask;
-+ } else {
-+ (RECV_FRAME(p_mhu))->int_en |= mask;
-+ }
-+
-+ return MHU_V_2_X_ERR_NONE;
-+}
-+
-+enum mhu_v2_x_error_t mhu_v2_x_interrupt_disable(
-+ const struct mhu_v2_x_dev_t *dev, uint32_t mask)
-+{
-+ union _mhu_v2_x_frame_t *p_mhu = (union _mhu_v2_x_frame_t *)dev->base;
-+
-+ if ( !(dev->is_initialized) ) {
-+ return MHU_V_2_X_ERR_NOT_INIT;
-+ }
-+
-+ if (dev->subversion == MHU_MINOR_REV_2_0) {
-+ if (mask & MHU_2_1_INTR_CHCOMB_MASK) {
-+ /* Combined channel IRQ is not present in v2.0 */
-+ return MHU_V_2_X_ERR_INVALID_ARG;
-+ }
-+
-+ if (dev->frame == MHU_V2_X_RECEIVER_FRAME) {
-+ /* Only sender frame has these registers */
-+ return MHU_V_2_X_ERR_UNSUPPORTED_VERSION;
-+ }
-+ }
-+
-+ if(dev->frame == MHU_V2_X_SENDER_FRAME) {
-+ (SEND_FRAME(p_mhu))->int_en &= ~mask;
-+ } else {
-+ (RECV_FRAME(p_mhu))->int_en &= ~mask;
-+ }
-+
-+ return MHU_V_2_X_ERR_NONE;
-+}
-+
-+enum mhu_v2_x_error_t mhu_v2_x_interrupt_clear(
-+ const struct mhu_v2_x_dev_t *dev, uint32_t mask)
-+{
-+ union _mhu_v2_x_frame_t *p_mhu = (union _mhu_v2_x_frame_t *)dev->base;
-+
-+ if ( !(dev->is_initialized) ) {
-+ return MHU_V_2_X_ERR_NOT_INIT;
-+ }
-+
-+ if (dev->subversion == MHU_MINOR_REV_2_0) {
-+ if (mask & MHU_2_1_INTR_CHCOMB_MASK) {
-+ /* Combined channel IRQ is not present in v2.0 */
-+ return MHU_V_2_X_ERR_INVALID_ARG;
-+ }
-+
-+ if (dev->frame == MHU_V2_X_RECEIVER_FRAME) {
-+ /* Only sender frame has these registers */
-+ return MHU_V_2_X_ERR_UNSUPPORTED_VERSION;
-+ }
-+ }
-+
-+ if(dev->frame == MHU_V2_X_SENDER_FRAME) {
-+ (SEND_FRAME(p_mhu))->int_clr = mask;
-+ } else {
-+ (RECV_FRAME(p_mhu))->int_clr = mask;
-+ }
-+
-+ return MHU_V_2_X_ERR_NONE;
-+}
-+
-+enum mhu_v2_x_error_t mhu_v2_1_get_ch_interrupt_num(
-+ const struct mhu_v2_x_dev_t *dev, uint32_t *channel)
-+{
-+ uint32_t i, j, status;
-+ union _mhu_v2_x_frame_t *p_mhu = (union _mhu_v2_x_frame_t *)dev->base;
-+
-+ if ( !(dev->is_initialized) ) {
-+ return MHU_V_2_X_ERR_NOT_INIT;
-+ }
-+
-+ if (dev->subversion != MHU_MINOR_REV_2_1) {
-+ /* Feature is only supported in MHU v2.1 */
-+ return MHU_V_2_X_ERR_UNSUPPORTED_VERSION;
-+ }
-+
-+ for(i = 0; i < _MHU_V2_1_MAX_CHCOMB_INT; i++) {
-+ if(dev->frame == MHU_V2_X_SENDER_FRAME) {
-+ status = (SEND_FRAME(p_mhu))->ch_comb_int_st[i];
-+ } else {
-+ status = (RECV_FRAME(p_mhu))->ch_comb_int_st[i];
-+ }
-+
-+ for(j = 0; j < CH_PER_CH_COMB; j++) {
-+ if ((status >> CH_PER_CH_COMB - j - 1) & (ENABLE)) {
-+ *channel = (CH_PER_CH_COMB - j -1 + (i * CH_PER_CH_COMB));
-+ return MHU_V_2_X_ERR_NONE;
-+ }
-+ }
-+ }
-+
-+ return MHU_V_2_X_ERR_GENERAL;
-+}
-diff --git a/platform/providers/arm/corstone1000/platform.cmake b/platform/providers/arm/corstone1000/platform.cmake
-new file mode 100644
-index 000000000000..bb778bb9719b
---- /dev/null
-+++ b/platform/providers/arm/corstone1000/platform.cmake
-@@ -0,0 +1,10 @@
-+#-------------------------------------------------------------------------------
-+# Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+#
-+# SPDX-License-Identifier: BSD-3-Clause
-+#
-+# Platform definition for the 'fvp_base_revc-2xaem8a' virtual platform.
-+#-------------------------------------------------------------------------------
-+
-+# include MHU driver
-+include(${TS_ROOT}/platform/drivers/arm/mhu_driver/component.cmake)
-2.38.1
-
deleted file mode 100644
@@ -1,1196 +0,0 @@
-From 55394c4c9681af71b1ed7f7ebc7c44b2e1737113 Mon Sep 17 00:00:00 2001
-From: Vishnu Banavath <vishnu.banavath@arm.com>
-Date: Fri, 3 Dec 2021 19:00:54 +0000
-Subject: [PATCH 03/20] Add openamp rpc caller
-
-Upstream-Status: Pending
-Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
-Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
----
- components/rpc/common/caller/rpc_caller.c | 10 +
- components/rpc/common/interface/rpc_caller.h | 8 +
- .../rpc/openamp/caller/sp/component.cmake | 15 +
- .../rpc/openamp/caller/sp/openamp_caller.c | 203 +++++++
- .../rpc/openamp/caller/sp/openamp_caller.h | 43 ++
- .../rpc/openamp/caller/sp/openamp_mhu.c | 191 ++++++
- .../rpc/openamp/caller/sp/openamp_mhu.h | 19 +
- .../rpc/openamp/caller/sp/openamp_virtio.c | 555 ++++++++++++++++++
- .../rpc/openamp/caller/sp/openamp_virtio.h | 24 +
- .../se-proxy/opteesp/default_se-proxy.dts.in | 6 +
- deployments/se-proxy/se-proxy.cmake | 1 +
- 11 files changed, 1075 insertions(+)
- create mode 100644 components/rpc/openamp/caller/sp/component.cmake
- create mode 100644 components/rpc/openamp/caller/sp/openamp_caller.c
- create mode 100644 components/rpc/openamp/caller/sp/openamp_caller.h
- create mode 100644 components/rpc/openamp/caller/sp/openamp_mhu.c
- create mode 100644 components/rpc/openamp/caller/sp/openamp_mhu.h
- create mode 100644 components/rpc/openamp/caller/sp/openamp_virtio.c
- create mode 100644 components/rpc/openamp/caller/sp/openamp_virtio.h
-
-diff --git a/components/rpc/common/caller/rpc_caller.c b/components/rpc/common/caller/rpc_caller.c
-index 2dceabeb8967..20d889c162b0 100644
---- a/components/rpc/common/caller/rpc_caller.c
-+++ b/components/rpc/common/caller/rpc_caller.c
-@@ -37,3 +37,13 @@ void rpc_caller_end(struct rpc_caller *s, rpc_call_handle handle)
- {
- s->call_end(s->context, handle);
- }
-+
-+void *rpc_caller_virt_to_phys(struct rpc_caller *s, void *va)
-+{
-+ return s->virt_to_phys(s->context, va);
-+}
-+
-+void *rpc_caller_phys_to_virt(struct rpc_caller *s, void *pa)
-+{
-+ return s->phys_to_virt(s->context, pa);
-+}
-diff --git a/components/rpc/common/interface/rpc_caller.h b/components/rpc/common/interface/rpc_caller.h
-index 387489cdb1b2..ef9bb64905ed 100644
---- a/components/rpc/common/interface/rpc_caller.h
-+++ b/components/rpc/common/interface/rpc_caller.h
-@@ -45,6 +45,10 @@ struct rpc_caller
- rpc_opstatus_t *opstatus, uint8_t **resp_buf, size_t *resp_len);
-
- void (*call_end)(void *context, rpc_call_handle handle);
-+
-+ void *(*virt_to_phys)(void *context, void *va);
-+
-+ void *(*phys_to_virt)(void *context, void *pa);
- };
-
- /*
-@@ -87,6 +91,10 @@ RPC_CALLER_EXPORTED rpc_status_t rpc_caller_invoke(struct rpc_caller *s, rpc_cal
- */
- RPC_CALLER_EXPORTED void rpc_caller_end(struct rpc_caller *s, rpc_call_handle handle);
-
-+RPC_CALLER_EXPORTED void *rpc_caller_virt_to_phys(struct rpc_caller *s, void *va);
-+
-+RPC_CALLER_EXPORTED void *rpc_caller_phys_to_virt(struct rpc_caller *s, void *pa);
-+
- #ifdef __cplusplus
- }
- #endif
-diff --git a/components/rpc/openamp/caller/sp/component.cmake b/components/rpc/openamp/caller/sp/component.cmake
-new file mode 100644
-index 000000000000..fc919529d731
---- /dev/null
-+++ b/components/rpc/openamp/caller/sp/component.cmake
-@@ -0,0 +1,15 @@
-+#-------------------------------------------------------------------------------
-+# Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
-+#
-+# SPDX-License-Identifier: BSD-3-Clause
-+#
-+#-------------------------------------------------------------------------------
-+if (NOT DEFINED TGT)
-+ message(FATAL_ERROR "mandatory parameter TGT is not defined.")
-+endif()
-+
-+target_sources(${TGT} PRIVATE
-+ "${CMAKE_CURRENT_LIST_DIR}/openamp_caller.c"
-+ "${CMAKE_CURRENT_LIST_DIR}/openamp_virtio.c"
-+ "${CMAKE_CURRENT_LIST_DIR}/openamp_mhu.c"
-+ )
-diff --git a/components/rpc/openamp/caller/sp/openamp_caller.c b/components/rpc/openamp/caller/sp/openamp_caller.c
-new file mode 100644
-index 000000000000..6cdfb756568f
---- /dev/null
-+++ b/components/rpc/openamp/caller/sp/openamp_caller.c
-@@ -0,0 +1,203 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ * Copyright (c) 2021, Linaro Limited. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#include <stddef.h>
-+#include <trace.h>
-+#include "openamp_caller.h"
-+#include "openamp_mhu.h"
-+#include "openamp_virtio.h"
-+#include <protocols/rpc/common/packed-c/status.h>
-+
-+#define OPENAMP_TRANSACTION_IDLE 0x0
-+#define OPENAMP_TRANSACTION_INPROGRESS 0x1
-+#define OPENAMP_TRANSACTION_INVOKED 0x2
-+
-+static rpc_call_handle openamp_call_begin(void *context, uint8_t **req_buf,
-+ size_t req_len)
-+{
-+ struct openamp_caller *openamp = context;
-+ const struct openamp_platform_ops *ops = openamp->platform_ops;
-+ rpc_call_handle handle;
-+ int ret;
-+
-+ if (!req_buf) {
-+ EMSG("openamp: call_begin: not req_buf");
-+ return NULL;
-+ }
-+
-+ if (req_len > UINT32_MAX || req_len == 0) {
-+ EMSG("openamp: call_begin: resp_len invalid: %lu", req_len);
-+ return NULL;
-+ }
-+
-+ if (openamp->status != OPENAMP_TRANSACTION_IDLE) {
-+ EMSG("openamp: call_begin: transaction not idle");
-+ return NULL;
-+ }
-+
-+ ret = ops->platform_call_begin(openamp, req_buf, req_len);
-+ if (ret < 0) {
-+ EMSG("openamp: call_begin: platform begin failed: %d", ret);
-+ return NULL;
-+ }
-+
-+ openamp->status = OPENAMP_TRANSACTION_INPROGRESS;
-+ handle = openamp;
-+
-+ return handle;
-+}
-+
-+static rpc_status_t openamp_call_invoke(void *context, rpc_call_handle handle,
-+ uint32_t opcode, int *opstatus,
-+ uint8_t **resp_buf, size_t *resp_len)
-+{
-+ struct openamp_caller *openamp = context;
-+ const struct openamp_platform_ops *ops = openamp->platform_ops;
-+ rpc_status_t status;
-+ int ret;
-+
-+ (void)opcode;
-+
-+ if ((handle != openamp) || !opstatus || !resp_buf || !resp_len) {
-+ EMSG("openamp: call_invoke: invalid arguments");
-+ return TS_RPC_ERROR_INVALID_PARAMETER;
-+ }
-+
-+ if (openamp->status != OPENAMP_TRANSACTION_INPROGRESS) {
-+ EMSG("openamp: call_invoke: transaction needed to be started");
-+ return TS_RPC_ERROR_NOT_READY;
-+ }
-+
-+ ret = ops->platform_call_invoke(openamp, opstatus, resp_buf, resp_len);
-+ if (ret < 0)
-+ return TS_RPC_ERROR_INTERNAL;
-+
-+ openamp->status = OPENAMP_TRANSACTION_INVOKED;
-+ *opstatus = 0;
-+
-+ return TS_RPC_CALL_ACCEPTED;
-+}
-+
-+static void openamp_call_end(void *context, rpc_call_handle handle)
-+{
-+ struct openamp_caller *openamp = context;
-+ const struct openamp_platform_ops *ops = openamp->platform_ops;
-+
-+ if (handle != openamp) {
-+ EMSG("openamp: call_end: invalid arguments");
-+ return;
-+ }
-+
-+ if (openamp->status == OPENAMP_TRANSACTION_IDLE) {
-+ EMSG("openamp: call_end: transaction idle");
-+ return;
-+ }
-+
-+ ops->platform_call_end(openamp);
-+
-+ openamp->status = OPENAMP_TRANSACTION_IDLE;
-+}
-+
-+static void *openamp_virt_to_phys(void *context, void *va)
-+{
-+ struct openamp_caller *openamp = context;
-+ const struct openamp_platform_ops *ops = openamp->platform_ops;
-+
-+ return ops->platform_virt_to_phys(openamp, va);
-+}
-+
-+static void *openamp_phys_to_virt(void *context, void *pa)
-+{
-+ struct openamp_caller *openamp = context;
-+ const struct openamp_platform_ops *ops = openamp->platform_ops;
-+
-+ return ops->platform_phys_to_virt(openamp, pa);
-+}
-+
-+static int openamp_init(struct openamp_caller *openamp)
-+{
-+ const struct openamp_platform_ops *ops = openamp->platform_ops;
-+ int ret;
-+
-+ ret = ops->transport_init(openamp);
-+ if (ret < 0)
-+ return ret;
-+
-+ ret = ops->platform_init(openamp);
-+ if (ret < 0)
-+ goto denit_transport;
-+
-+ return 0;
-+
-+denit_transport:
-+ ops->transport_deinit(openamp);
-+
-+ return ret;
-+}
-+
-+static const struct openamp_platform_ops openamp_virtio_ops = {
-+ .transport_init = openamp_mhu_init,
-+ .transport_deinit = openamp_mhu_deinit,
-+ .transport_notify = openamp_mhu_notify_peer,
-+ .transport_receive = openamp_mhu_receive,
-+ .platform_init = openamp_virtio_init,
-+ .platform_call_begin = openamp_virtio_call_begin,
-+ .platform_call_invoke = openamp_virtio_call_invoke,
-+ .platform_call_end = openamp_virtio_call_end,
-+ .platform_virt_to_phys = openamp_virtio_virt_to_phys,
-+ .platform_phys_to_virt = openamp_virtio_phys_to_virt,
-+};
-+
-+struct rpc_caller *openamp_caller_init(struct openamp_caller *openamp)
-+{
-+ struct rpc_caller *rpc = &openamp->rpc_caller;
-+ int ret;
-+
-+ if (openamp->ref_count)
-+ return rpc;
-+
-+ rpc_caller_init(rpc, openamp);
-+
-+ rpc->call_begin = openamp_call_begin;
-+ rpc->call_invoke = openamp_call_invoke;
-+ rpc->call_end = openamp_call_end;
-+ rpc->virt_to_phys = openamp_virt_to_phys;
-+ rpc->phys_to_virt = openamp_phys_to_virt;
-+ openamp->platform_ops = &openamp_virtio_ops;
-+
-+ ret = openamp_init(openamp);
-+ if (ret < 0) {
-+ EMSG("openamp_init: failed to start: %d", ret);
-+ return rpc;
-+ }
-+ openamp->ref_count++;
-+
-+ return rpc;
-+}
-+
-+void openamp_caller_deinit(struct openamp_caller *openamp)
-+{
-+ struct rpc_caller *rpc = &openamp->rpc_caller;
-+
-+ if (--openamp->ref_count)
-+ return;
-+
-+ rpc->context = NULL;
-+ rpc->call_begin = NULL;
-+ rpc->call_invoke = NULL;
-+ rpc->call_end = NULL;
-+}
-+
-+int openamp_caller_discover(struct openamp_caller *openamp)
-+{
-+ return openamp_init(openamp);
-+}
-+
-+int openamp_caller_open(struct openamp_caller *openamp)
-+{
-+
-+}
-diff --git a/components/rpc/openamp/caller/sp/openamp_caller.h b/components/rpc/openamp/caller/sp/openamp_caller.h
-new file mode 100644
-index 000000000000..3fb67c56cc53
---- /dev/null
-+++ b/components/rpc/openamp/caller/sp/openamp_caller.h
-@@ -0,0 +1,43 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ * Copyright (c) 2021, Linaro Limited. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+#ifndef OPENAMP_CALLER_H
-+#define OPENAMP_CALLER_H
-+
-+#include <stddef.h>
-+#include <rpc_caller.h>
-+
-+struct openamp_caller {
-+ struct rpc_caller rpc_caller;
-+ const struct openamp_platform_ops *platform_ops;
-+ uint32_t ref_count;
-+ uint8_t status;
-+
-+ void *transport;
-+ void *platform;
-+};
-+
-+struct openamp_platform_ops {
-+ int (*transport_init)(struct openamp_caller *openamp);
-+ int (*transport_deinit)(struct openamp_caller *openamp);
-+ int (*transport_notify)(struct openamp_caller *openamp);
-+ int (*transport_receive)(struct openamp_caller *openamp);
-+ int (*platform_init)(struct openamp_caller *openamp);
-+ int (*platform_deinit)(struct openamp_caller *openamp);
-+ int (*platform_call_begin)(struct openamp_caller *openamp,
-+ uint8_t **req_buf, size_t req_len);
-+ int (*platform_call_invoke)(struct openamp_caller *openamp,
-+ int *opstatus, uint8_t **resp_buf,
-+ size_t *resp_len);
-+ int (*platform_call_end)(struct openamp_caller *openamp);
-+ void *(*platform_virt_to_phys)(struct openamp_caller *openamp, void *va);
-+ void *(*platform_phys_to_virt)(struct openamp_caller *openamp, void *pa);
-+};
-+
-+struct rpc_caller *openamp_caller_init(struct openamp_caller *openamp);
-+void openamp_caller_deinit(struct openamp_caller *openamp);
-+
-+#endif
-diff --git a/components/rpc/openamp/caller/sp/openamp_mhu.c b/components/rpc/openamp/caller/sp/openamp_mhu.c
-new file mode 100644
-index 000000000000..ffdadaf870a3
---- /dev/null
-+++ b/components/rpc/openamp/caller/sp/openamp_mhu.c
-@@ -0,0 +1,191 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ * Copyright (c) 2021, Linaro Limited. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#include <config/interface/config_store.h>
-+#include <config/interface/config_blob.h>
-+#include <platform/interface/device_region.h>
-+#include <platform/drivers/arm/mhu_driver/mhu_v2.h>
-+#include <trace.h>
-+#include <errno.h>
-+#include <stdlib.h>
-+#include <stdint.h>
-+#include <stddef.h>
-+#include <limits.h>
-+
-+#include "openamp_caller.h"
-+
-+#define MHU_V_2_NOTIFY_CHANNEL 0
-+#define MHU_V_2_NOTIFY_VALUE 0xff
-+
-+struct openamp_mhu {
-+ struct device_region rx_region;
-+ struct device_region tx_region;
-+ struct mhu_v2_x_dev_t rx_dev;
-+ struct mhu_v2_x_dev_t tx_dev;
-+};
-+
-+static int openamp_mhu_device_get(const char *dev,
-+ struct device_region *dev_region)
-+{
-+ bool found;
-+
-+ found = config_store_query(CONFIG_CLASSIFIER_DEVICE_REGION, dev, 0,
-+ dev_region, sizeof(*dev_region));
-+ if (!found)
-+ return -EINVAL;
-+
-+ if (!dev_region->base_addr)
-+ return -EINVAL;
-+
-+ IMSG("mhu: device region found: %s addr: 0x%x size: %d", dev,
-+ dev_region->base_addr, dev_region->io_region_size);
-+
-+ return 0;
-+}
-+
-+int openamp_mhu_receive(struct openamp_caller *openamp)
-+{
-+ struct mhu_v2_x_dev_t *rx_dev;
-+ enum mhu_v2_x_error_t ret;
-+ struct openamp_mhu *mhu;
-+ uint32_t channel = 0;
-+ uint32_t irq_status;
-+
-+ if (!openamp->transport) {
-+ EMSG("openamp: mhu: receive transport not initialized");
-+ return -EINVAL;
-+ }
-+
-+ mhu = openamp->transport;
-+ rx_dev = &mhu->rx_dev;
-+
-+ irq_status = 0;
-+
-+ do {
-+ irq_status = mhu_v2_x_get_interrupt_status(rx_dev);
-+ } while(!irq_status);
-+
-+ ret = mhu_v2_1_get_ch_interrupt_num(rx_dev, &channel);
-+
-+ ret = mhu_v2_x_channel_clear(rx_dev, channel);
-+ if (ret != MHU_V_2_X_ERR_NONE) {
-+ EMSG("openamp: mhu: failed to clear channel: %d", channel);
-+ return -EPROTO;
-+ }
-+
-+ return 0;
-+}
-+
-+int openamp_mhu_notify_peer(struct openamp_caller *openamp)
-+{
-+ struct mhu_v2_x_dev_t *tx_dev;
-+ enum mhu_v2_x_error_t ret;
-+ struct openamp_mhu *mhu;
-+ uint32_t access_ready;
-+
-+ if (!openamp->transport) {
-+ EMSG("openamp: mhu: notify transport not initialized");
-+ return -EINVAL;
-+ }
-+
-+ mhu = openamp->transport;
-+ tx_dev = &mhu->tx_dev;
-+
-+ ret = mhu_v2_x_set_access_request(tx_dev);
-+ if (ret != MHU_V_2_X_ERR_NONE) {
-+ EMSG("openamp: mhu: set access request failed");
-+ return -EPROTO;
-+ }
-+
-+ do {
-+ ret = mhu_v2_x_get_access_ready(tx_dev, &access_ready);
-+ if (ret != MHU_V_2_X_ERR_NONE) {
-+ EMSG("openamp: mhu: failed to get access_ready");
-+ return -EPROTO;
-+ }
-+ } while (!access_ready);
-+
-+ ret = mhu_v2_x_channel_send(tx_dev, MHU_V_2_NOTIFY_CHANNEL,
-+ MHU_V_2_NOTIFY_VALUE);
-+ if (ret != MHU_V_2_X_ERR_NONE) {
-+ EMSG("openamp: mhu: failed send over channel");
-+ return -EPROTO;
-+ }
-+
-+ ret = mhu_v2_x_reset_access_request(tx_dev);
-+ if (ret != MHU_V_2_X_ERR_NONE) {
-+ EMSG("openamp: mhu: failed reset access request");
-+ return -EPROTO;
-+ }
-+
-+ return 0;
-+}
-+
-+int openamp_mhu_init(struct openamp_caller *openamp)
-+{
-+ struct mhu_v2_x_dev_t *rx_dev;
-+ struct mhu_v2_x_dev_t *tx_dev;
-+ struct openamp_mhu *mhu;
-+ int ret;
-+
-+ /* if we already have initialized skip this */
-+ if (openamp->transport)
-+ return 0;
-+
-+ mhu = malloc(sizeof(*mhu));
-+ if (!mhu)
-+ return -1;
-+
-+ ret = openamp_mhu_device_get("mhu-sender", &mhu->tx_region);
-+ if (ret < 0)
-+ goto free_mhu;
-+
-+ ret = openamp_mhu_device_get("mhu-receiver", &mhu->rx_region);
-+ if (ret < 0)
-+ goto free_mhu;
-+
-+ rx_dev = &mhu->rx_dev;
-+ tx_dev = &mhu->tx_dev;
-+
-+ rx_dev->base = (unsigned int)mhu->rx_region.base_addr;
-+ rx_dev->frame = MHU_V2_X_RECEIVER_FRAME;
-+
-+ tx_dev->base = (unsigned int)mhu->tx_region.base_addr;
-+ tx_dev->frame = MHU_V2_X_SENDER_FRAME;
-+
-+ ret = mhu_v2_x_driver_init(rx_dev, MHU_REV_READ_FROM_HW);
-+ if (ret < 0)
-+ goto free_mhu;
-+
-+ ret = mhu_v2_x_driver_init(tx_dev, MHU_REV_READ_FROM_HW);
-+ if (ret < 0)
-+ goto free_mhu;
-+
-+ openamp->transport = (void *)mhu;
-+
-+ return 0;
-+
-+free_mhu:
-+ free(mhu);
-+
-+ return ret;
-+}
-+
-+int openamp_mhu_deinit(struct openamp_caller *openamp)
-+{
-+ struct openamp_mhu *mhu;
-+
-+ if (!openamp->transport)
-+ return 0;
-+
-+ mhu = openamp->transport;
-+ free(mhu);
-+
-+ openamp->transport = NULL;
-+
-+ return 0;
-+}
-diff --git a/components/rpc/openamp/caller/sp/openamp_mhu.h b/components/rpc/openamp/caller/sp/openamp_mhu.h
-new file mode 100644
-index 000000000000..2ae5cb8ee1c6
---- /dev/null
-+++ b/components/rpc/openamp/caller/sp/openamp_mhu.h
-@@ -0,0 +1,19 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ * Copyright (c) 2021, Linaro Limited. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+#ifndef OPENAMP_MHU_H
-+#define OPENAMP_MHU_H
-+
-+#include <stddef.h>
-+#include "openamp_caller.h"
-+
-+int openamp_mhu_init(struct openamp_caller *openamp);
-+int openamp_mhu_deinit(struct openamp_caller *openamp);
-+
-+int openamp_mhu_notify_peer(struct openamp_caller *openamp);
-+int openamp_mhu_receive(struct openamp_caller *openamp);
-+
-+#endif
-diff --git a/components/rpc/openamp/caller/sp/openamp_virtio.c b/components/rpc/openamp/caller/sp/openamp_virtio.c
-new file mode 100644
-index 000000000000..b7c1aa929111
---- /dev/null
-+++ b/components/rpc/openamp/caller/sp/openamp_virtio.c
-@@ -0,0 +1,555 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ * Copyright (c) 2021, Linaro Limited. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#include <metal/device.h>
-+#include <metal/spinlock.h>
-+#include <openamp/open_amp.h>
-+#include <platform/interface/device_region.h>
-+#include <config/interface/config_store.h>
-+
-+#include <stddef.h>
-+#include <trace.h>
-+#include "openamp_caller.h"
-+
-+#define OPENAMP_SHEM_DEVICE_NAME "openamp-virtio"
-+#define OPENAMP_RPMSG_ENDPOINT_NAME OPENAMP_SHEM_DEVICE_NAME
-+#define OPENAMP_RPMSG_ENDPOINT_ADDR 1024
-+
-+#define OPENAMP_SHEM_PHYS 0x88000000
-+#define OPENAMP_SHEM_PHYS_PAGES 1
-+#define OPENAMP_SHEM_SE_PHYS 0xa8000000
-+
-+#define OPENAMP_SHEM_VDEV_SIZE (4 * 1024)
-+#define OPENAMP_SHEM_VRING_SIZE (4 * 1024)
-+
-+#define OPENAMP_BUFFER_NO_WAIT 0
-+#define OPENAMP_BUFFER_WAIT 1
-+
-+#define VIRTQUEUE_NR 2
-+#define VQ_TX 0
-+#define VQ_RX 1
-+
-+#define VRING_DESCRIPTORS 16
-+#define VRING_ALIGN 4
-+
-+#define container_of(ptr, type, member) \
-+ ((type *)((char *)(ptr) - (unsigned long)(&((type *)0)->member)))
-+
-+struct openamp_virtio_shm {
-+ uintptr_t base_addr;
-+ size_t size;
-+ uintptr_t vdev_status;
-+ size_t vdev_status_size;
-+ uintptr_t payload_addr;
-+ size_t payload_size;
-+ uintptr_t vring_tx;
-+ size_t vring_tx_size;
-+ uintptr_t vring_rx;
-+ size_t vring_rx_size;
-+
-+ metal_phys_addr_t shm_physmap[OPENAMP_SHEM_PHYS_PAGES];
-+};
-+
-+struct openamp_virtio_metal {
-+ struct metal_spinlock lock;
-+ struct metal_device shm_dev;
-+ struct metal_device *io_dev;
-+
-+ struct metal_io_region *io;
-+ struct openamp_virtio_shm shm;
-+};
-+
-+struct openamp_virtio_device {
-+ struct virtio_device virtio_dev;
-+ struct virtqueue *vq[VIRTQUEUE_NR];
-+ struct virtio_vring_info rvrings[VIRTQUEUE_NR];
-+};
-+
-+struct openamp_virtio_rpmsg {
-+ struct rpmsg_virtio_device rpmsg_vdev;
-+ struct rpmsg_endpoint ep;
-+ uint8_t *req_buf;
-+ uint32_t req_len;
-+ uint8_t *resp_buf;
-+ size_t resp_len;
-+};
-+
-+struct openamp_virtio {
-+ struct openamp_caller *openamp;
-+ struct openamp_virtio_rpmsg rpmsg;
-+ struct openamp_virtio_device vdev;
-+ struct openamp_virtio_metal metal;
-+};
-+
-+static struct openamp_virtio *openamp_virtio_from_dev(struct virtio_device *vdev)
-+{
-+ struct openamp_virtio_device *openamp_vdev;
-+
-+ openamp_vdev = container_of(vdev, struct openamp_virtio_device,
-+ virtio_dev);
-+
-+ return container_of(openamp_vdev, struct openamp_virtio, vdev);
-+}
-+
-+static struct openamp_virtio_rpmsg *openamp_virtio_rpmsg_from_dev(struct rpmsg_device *rdev)
-+{
-+ struct rpmsg_virtio_device *rvdev;
-+
-+ rvdev = container_of(rdev, struct rpmsg_virtio_device, rdev);
-+
-+ return container_of(rvdev, struct openamp_virtio_rpmsg, rpmsg_vdev);
-+
-+}
-+
-+static void openamp_virtio_metal_device_setup(struct metal_device *shm_dev,
-+ struct openamp_virtio_shm *shm)
-+{
-+ struct metal_io_region *shm_region;
-+
-+ shm_region = &shm_dev->regions[0];
-+
-+ shm_dev->name = OPENAMP_SHEM_DEVICE_NAME;
-+ shm_dev->num_regions = 1;
-+
-+ shm_region->virt = (void *)shm->payload_addr;
-+ shm_region->size = shm->payload_size;
-+
-+ shm_region->physmap = &shm->shm_physmap;
-+ shm_region->page_shift = (metal_phys_addr_t)(-1);
-+ shm_region->page_mask = (metal_phys_addr_t)(-1);
-+}
-+
-+static int openamp_virtio_metal_init(struct openamp_virtio_metal *metal)
-+{
-+ struct metal_init_params params = METAL_INIT_DEFAULTS;
-+ struct metal_device *shm_dev = &metal->shm_dev;
-+ int ret;
-+
-+ openamp_virtio_metal_device_setup(shm_dev, &metal->shm);
-+
-+ metal_spinlock_init(&metal->lock);
-+
-+ ret = metal_init(¶ms);
-+ if (ret < 0)
-+ return ret;
-+
-+ ret = metal_register_generic_device(shm_dev);
-+ if (ret < 0)
-+ goto metal_finish;
-+
-+ ret = metal_device_open("generic", OPENAMP_SHEM_DEVICE_NAME,
-+ &metal->io_dev);
-+ if (ret < 0)
-+ goto metal_finish;
-+
-+ metal->io = metal_device_io_region(metal->io_dev, 0);
-+ if (!metal->io) {
-+ EMSG("openamp: virtio: failed to init metal io");
-+ ret = -EPROTO;
-+ goto metal_finish;
-+ }
-+
-+ return 0;
-+
-+metal_finish:
-+ metal_finish();
-+ return ret;
-+}
-+
-+static unsigned char openamp_virtio_status_get(struct virtio_device *vdev)
-+{
-+ struct openamp_virtio *virtio = openamp_virtio_from_dev(vdev);
-+ struct openamp_virtio_shm *shm = &virtio->metal.shm;
-+
-+ uint32_t status = *(volatile uint32_t *)shm->vdev_status;
-+
-+ return status;
-+}
-+
-+static void openamp_virtio_status_set(struct virtio_device *vdev,
-+ unsigned char status)
-+{
-+ struct openamp_virtio *virtio = openamp_virtio_from_dev(vdev);
-+ struct openamp_virtio_shm *shm = &virtio->metal.shm;
-+
-+ *(volatile uint32_t *)shm->vdev_status = status;
-+}
-+
-+static int count;
-+
-+static uint32_t openamp_virtio_features_get(struct virtio_device *vdev)
-+{
-+ return 1 << VIRTIO_RPMSG_F_NS;
-+}
-+
-+static void openamp_virtio_notify(struct virtqueue *vq)
-+{
-+ struct openamp_virtio_device *openamp_vdev;
-+ struct openamp_caller *openamp;
-+ struct openamp_virtio *virtio;
-+ int ret;
-+
-+ openamp_vdev = container_of(vq->vq_dev, struct openamp_virtio_device, virtio_dev);
-+ virtio = container_of(openamp_vdev, struct openamp_virtio, vdev);
-+ openamp = virtio->openamp;
-+
-+ ret = openamp->platform_ops->transport_notify(openamp);
-+ if (ret < 0)
-+ EMSG("openamp: virtio: erro in transport_notify: %d", ret);
-+}
-+
-+const static struct virtio_dispatch openamp_virtio_dispatch = {
-+ .get_status = openamp_virtio_status_get,
-+ .set_status = openamp_virtio_status_set,
-+ .get_features = openamp_virtio_features_get,
-+ .notify = openamp_virtio_notify,
-+};
-+
-+static int openamp_virtio_device_setup(struct openamp_virtio *virtio)
-+{
-+ struct openamp_virtio_metal *metal = &virtio->metal;
-+ struct openamp_virtio_device *openamp_vdev = &virtio->vdev;
-+ struct virtio_device *vdev = &openamp_vdev->virtio_dev;
-+ struct openamp_virtio_shm *shm = &metal->shm;
-+ struct virtio_vring_info *rvring;
-+
-+ rvring = &openamp_vdev->rvrings[0];
-+
-+ vdev->role = RPMSG_REMOTE;
-+ vdev->vrings_num = VIRTQUEUE_NR;
-+ vdev->func = &openamp_virtio_dispatch;
-+
-+ openamp_vdev->vq[VQ_TX] = virtqueue_allocate(VRING_DESCRIPTORS);
-+ if (!openamp_vdev->vq[VQ_TX]) {
-+ EMSG("openamp: virtio: failed to allocate virtqueue 0");
-+ return -ENOMEM;
-+ }
-+ rvring->io = metal->io;
-+ rvring->info.vaddr = (void *)shm->vring_tx;
-+ rvring->info.num_descs = VRING_DESCRIPTORS;
-+ rvring->info.align = VRING_ALIGN;
-+ rvring->vq = openamp_vdev->vq[VQ_TX];
-+
-+ openamp_vdev->vq[VQ_RX] = virtqueue_allocate(VRING_DESCRIPTORS);
-+ if (!openamp_vdev->vq[VQ_RX]) {
-+ EMSG("openamp: virtio: failed to allocate virtqueue 1");
-+ goto free_vq;
-+ }
-+ rvring = &openamp_vdev->rvrings[VQ_RX];
-+ rvring->io = metal->io;
-+ rvring->info.vaddr = (void *)shm->vring_rx;
-+ rvring->info.num_descs = VRING_DESCRIPTORS;
-+ rvring->info.align = VRING_ALIGN;
-+ rvring->vq = openamp_vdev->vq[VQ_RX];
-+
-+ vdev->vrings_info = &openamp_vdev->rvrings[0];
-+
-+ return 0;
-+
-+free_vq:
-+ virtqueue_free(openamp_vdev->vq[VQ_TX]);
-+ virtqueue_free(openamp_vdev->vq[VQ_RX]);
-+
-+ return -ENOMEM;
-+}
-+
-+static int openamp_virtio_rpmsg_endpoint_callback(struct rpmsg_endpoint *ep,
-+ void *data, size_t len,
-+ uint32_t src, void *priv)
-+{
-+ struct openamp_virtio_rpmsg *vrpmsg;
-+ struct rpmsg_device *rdev;
-+ struct openamp_virtio *virtio;
-+
-+ rdev = ep->rdev;
-+ vrpmsg = openamp_virtio_rpmsg_from_dev(rdev);
-+ virtio = container_of(vrpmsg, struct openamp_virtio, rpmsg);
-+
-+ rpmsg_hold_rx_buffer(ep, data);
-+ vrpmsg->resp_buf = data;
-+ vrpmsg->resp_len = len;
-+
-+ return 0;
-+}
-+
-+static void openamp_virtio_rpmsg_service_unbind(struct rpmsg_endpoint *ep)
-+{
-+ struct openamp_virtio_rpmsg *vrpmsg;
-+ struct rpmsg_device *rdev;
-+
-+ rdev = container_of(ep, struct rpmsg_device, ns_ept);
-+ vrpmsg = openamp_virtio_rpmsg_from_dev(rdev);
-+
-+ rpmsg_destroy_ept(&vrpmsg->ep);
-+}
-+
-+static void openamp_virtio_rpmsg_endpoint_bind(struct rpmsg_device *rdev,
-+ const char *name,
-+ unsigned int dest)
-+{
-+ struct openamp_virtio_rpmsg *vrpmsg;
-+
-+ vrpmsg = openamp_virtio_rpmsg_from_dev(rdev);
-+
-+ rpmsg_create_ept(&vrpmsg->ep, rdev, name, RPMSG_ADDR_ANY, dest,
-+ openamp_virtio_rpmsg_endpoint_callback,
-+ openamp_virtio_rpmsg_service_unbind);
-+}
-+
-+static int openamp_virtio_rpmsg_device_setup(struct openamp_virtio *virtio,
-+ struct device_region *virtio_dev)
-+{
-+ struct openamp_virtio_rpmsg *vrpmsg = &virtio->rpmsg;
-+ struct rpmsg_virtio_device *rpmsg_vdev = &vrpmsg->rpmsg_vdev;
-+ struct openamp_virtio_device *openamp_vdev = &virtio->vdev;
-+ struct virtio_device *vdev = &openamp_vdev->virtio_dev;
-+ struct openamp_virtio_metal *metal = &virtio->metal;
-+ int ret;
-+
-+ /*
-+ * we assume here that we are the client side and do not need to
-+ * initialize the share memory poll (this is done at server side).
-+ */
-+ ret = rpmsg_init_vdev(rpmsg_vdev, vdev,
-+ openamp_virtio_rpmsg_endpoint_bind, metal->io,
-+ NULL);
-+ if (ret < 0) {
-+ EMSG("openamp: virtio: init vdev failed: %d", ret);
-+ return ret;
-+ }
-+
-+
-+ ret = rpmsg_create_ept(&vrpmsg->ep, &rpmsg_vdev->rdev,
-+ OPENAMP_RPMSG_ENDPOINT_NAME, RPMSG_ADDR_ANY,
-+ RPMSG_ADDR_ANY,
-+ openamp_virtio_rpmsg_endpoint_callback,
-+ openamp_virtio_rpmsg_service_unbind);
-+ if (ret < 0) {
-+ EMSG("openamp: virtio: failed to create endpoint: %d", ret);
-+ return ret;
-+ }
-+
-+ /* set default remote addr */
-+ vrpmsg->ep.dest_addr = OPENAMP_RPMSG_ENDPOINT_ADDR;
-+
-+ return 0;
-+}
-+
-+static void openamp_virtio_shm_set(struct openamp_virtio *virtio,
-+ struct device_region *virtio_region)
-+{
-+ struct openamp_virtio_shm *shm = &virtio->metal.shm;
-+
-+ shm->base_addr = virtio_region->base_addr;
-+ shm->size = virtio_region->io_region_size;
-+
-+ shm->vdev_status = shm->base_addr;
-+ shm->vdev_status_size = OPENAMP_SHEM_VDEV_SIZE;
-+
-+ shm->vring_rx = shm->base_addr + shm->size -
-+ (2 * OPENAMP_SHEM_VRING_SIZE);
-+ shm->vring_rx_size = OPENAMP_SHEM_VRING_SIZE;
-+
-+ shm->vring_tx = shm->vring_rx + shm->vring_rx_size;
-+ shm->vring_tx_size = OPENAMP_SHEM_VRING_SIZE;
-+
-+ shm->payload_addr = shm->vdev_status + shm->vdev_status_size;
-+ shm->payload_size = shm->size - shm->vdev_status_size -
-+ shm->vring_rx_size - shm->vring_tx_size;
-+
-+ shm->shm_physmap[0] = OPENAMP_SHEM_PHYS + shm->vdev_status_size;
-+
-+ IMSG("SHEM: base: 0x%0x size: 0x%0x size: %d",
-+ shm->base_addr, shm->size, shm->size);
-+ IMSG("VDEV: base: 0x%0x size: 0x%0x size: %d",
-+ shm->vdev_status, shm->vdev_status_size, shm->vdev_status_size);
-+ IMSG("PAYLOAD: base: 0x%0x size: 0x%0x size: %d",
-+ shm->payload_addr, shm->payload_size, shm->payload_size);
-+ IMSG("VRING_TX: base: 0x%0x size: 0x%0x size: %d",
-+ shm->vring_tx, shm->vring_tx_size, shm->vring_tx_size);
-+ IMSG("VRING_RX: base: 0x%0x size: 0x%0x size: %d",
-+ shm->vring_rx, shm->vring_rx_size, shm->vring_rx_size);
-+ IMSG("PHYMAP: base: 0x%0x", shm->shm_physmap[0]);
-+}
-+
-+static int openamp_virtio_device_get(const char *dev,
-+ struct device_region *dev_region)
-+{
-+ bool found;
-+
-+ found = config_store_query(CONFIG_CLASSIFIER_DEVICE_REGION, dev, 0,
-+ dev_region, sizeof(*dev_region));
-+ if (!found) {
-+ EMSG("openamp: virtio: device region not found: %s", dev);
-+ return -EINVAL;
-+ }
-+
-+ if (dev_region->base_addr == 0 || dev_region->io_region_size == 0) {
-+ EMSG("openamp: virtio: device region not valid");
-+ return -EINVAL;
-+ }
-+
-+ IMSG("openamp: virtio: device region found: %s addr: 0x%x size: %d",
-+ dev, dev_region->base_addr, dev_region->io_region_size);
-+
-+ return 0;
-+}
-+
-+int openamp_virtio_call_begin(struct openamp_caller *openamp, uint8_t **req_buf,
-+ size_t req_len)
-+{
-+ struct openamp_virtio *virtio = openamp->platform;
-+ struct openamp_virtio_rpmsg *vrpmsg = &virtio->rpmsg;
-+ struct rpmsg_endpoint *ep = &vrpmsg->ep;
-+
-+
-+ *req_buf = rpmsg_get_tx_payload_buffer(ep, &vrpmsg->req_len,
-+ OPENAMP_BUFFER_WAIT);
-+ if (*req_buf == NULL)
-+ return -EINVAL;
-+
-+ if (vrpmsg->req_len < req_len)
-+ return -E2BIG;
-+
-+ vrpmsg->req_buf = *req_buf;
-+
-+ return 0;
-+}
-+
-+int openamp_virtio_call_invoke(struct openamp_caller *openamp, int *opstatus,
-+ uint8_t **resp_buf, size_t *resp_len)
-+{
-+ const struct openamp_platform_ops *ops = openamp->platform_ops;
-+ struct openamp_virtio *virtio = openamp->platform;
-+ struct openamp_virtio_device *openamp_vdev = &virtio->vdev;
-+ struct openamp_virtio_rpmsg *vrpmsg = &virtio->rpmsg;
-+ struct rpmsg_endpoint *ep = &vrpmsg->ep;
-+ int ret;
-+
-+ ret = rpmsg_send_nocopy(ep, vrpmsg->req_buf, vrpmsg->req_len);
-+ if (ret < 0) {
-+ EMSG("openamp: virtio: send nocopy failed: %d", ret);
-+ return -EIO;
-+ }
-+
-+ if (ret != vrpmsg->req_len) {
-+ EMSG("openamp: virtio: send less bytes %d than requested %d",
-+ ret, vrpmsg->req_len);
-+ return -EIO;
-+ }
-+
-+ if (!ops->transport_receive)
-+ return 0;
-+
-+ ret = ops->transport_receive(openamp);
-+ if (ret < 0) {
-+ EMSG("openamp: virtio: failed transport_receive");
-+ return -EIO;
-+ }
-+
-+ virtqueue_notification(openamp_vdev->vq[VQ_RX]);
-+
-+ *resp_buf = vrpmsg->resp_buf;
-+ *resp_len = vrpmsg->resp_len;
-+
-+ return 0;
-+}
-+
-+void openamp_virtio_call_end(struct openamp_caller *openamp)
-+{
-+ struct openamp_virtio *virtio = openamp->platform;
-+ struct openamp_virtio_rpmsg *vrpmsg = &virtio->rpmsg;
-+
-+ rpmsg_release_rx_buffer(&vrpmsg->ep, vrpmsg->resp_buf);
-+
-+ vrpmsg->req_buf = NULL;
-+ vrpmsg->req_len = 0;
-+ vrpmsg->resp_buf = NULL;
-+ vrpmsg->resp_len = 0;
-+}
-+
-+void *openamp_virtio_virt_to_phys(struct openamp_caller *openamp, void *va)
-+{
-+ struct openamp_virtio *virtio = openamp->platform;
-+ struct openamp_virtio_metal *metal = &virtio->metal;
-+
-+ return metal_io_virt_to_phys(metal->io, va);
-+}
-+
-+void *openamp_virtio_phys_to_virt(struct openamp_caller *openamp, void *pa)
-+{
-+ struct openamp_virtio *virtio = openamp->platform;
-+ struct openamp_virtio_metal *metal = &virtio->metal;
-+
-+ return metal_io_phys_to_virt(metal->io, pa);
-+}
-+
-+int openamp_virtio_init(struct openamp_caller *openamp)
-+{
-+ struct device_region virtio_dev;
-+ struct openamp_virtio *virtio;
-+ int ret;
-+
-+ if (openamp->platform)
-+ return 0;
-+
-+
-+ virtio = malloc(sizeof(*virtio));
-+ if (!virtio)
-+ return -ENOMEM;
-+
-+ virtio->openamp = openamp;
-+
-+ ret = openamp_virtio_device_get(OPENAMP_SHEM_DEVICE_NAME, &virtio_dev);
-+ if (ret < 0)
-+ goto free_virtio;
-+
-+ openamp_virtio_shm_set(virtio, &virtio_dev);
-+
-+ ret = openamp_virtio_metal_init(&virtio->metal);
-+ if (ret < 0)
-+ goto free_virtio;
-+
-+ ret = openamp_virtio_device_setup(virtio);
-+ if (ret < 0)
-+ goto finish_metal;
-+
-+ ret = openamp_virtio_rpmsg_device_setup(virtio, &virtio_dev);
-+ if (ret < 0) {
-+ EMSG("openamp: virtio: rpmsg device setup failed: %d", ret);
-+ goto finish_metal;
-+ }
-+
-+ openamp->platform = virtio;
-+
-+ return 0;
-+
-+finish_metal:
-+ metal_finish();
-+
-+free_virtio:
-+ free(virtio);
-+
-+ return ret;
-+}
-+
-+int openamp_virtio_deinit(struct openamp_caller *openamp)
-+{
-+ struct openamp_virtio *virtio;
-+
-+ if (!openamp->platform)
-+ return 0;
-+
-+ virtio = openamp->platform;
-+
-+ metal_finish();
-+ free(virtio);
-+
-+ openamp->platform = NULL;
-+
-+ return 0;
-+}
-diff --git a/components/rpc/openamp/caller/sp/openamp_virtio.h b/components/rpc/openamp/caller/sp/openamp_virtio.h
-new file mode 100644
-index 000000000000..915128ff65ce
---- /dev/null
-+++ b/components/rpc/openamp/caller/sp/openamp_virtio.h
-@@ -0,0 +1,24 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ * Copyright (c) 2021, Linaro Limited. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+#ifndef OPENAMP_VIRTIO_H
-+#define OPENAMP_VIRTIO_H
-+
-+#include <stddef.h>
-+#include "openamp_caller.h"
-+
-+int openamp_virtio_call_begin(struct openamp_caller *openamp, uint8_t **req_buf,
-+ size_t req_len);
-+int openamp_virtio_call_invoke(struct openamp_caller *openamp, int *opstatus,
-+ uint8_t **resp_buf, size_t *resp_len);
-+int openamp_virtio_call_end(struct openamp_caller *openamp);
-+void *openamp_virtio_virt_to_phys(struct openamp_caller *openamp, void *va);
-+void *openamp_virtio_phys_to_virt(struct openamp_caller *openamp, void *pa);
-+
-+int openamp_virtio_init(struct openamp_caller *openamp);
-+int openamp_virtio_deinit(struct openamp_caller *openamp);
-+
-+#endif
-diff --git a/deployments/se-proxy/opteesp/default_se-proxy.dts.in b/deployments/se-proxy/opteesp/default_se-proxy.dts.in
-index 267b4f923540..04c181586b06 100644
---- a/deployments/se-proxy/opteesp/default_se-proxy.dts.in
-+++ b/deployments/se-proxy/opteesp/default_se-proxy.dts.in
-@@ -32,5 +32,11 @@
- pages-count = <16>;
- attributes = <0x3>; /* read-write */
- };
-+ openamp-virtio {
-+ /* Armv8 A Foundation Platform values */
-+ base-address = <0x00000000 0x88000000>;
-+ pages-count = <256>;
-+ attributes = <0x3>; /* read-write */
-+ };
- };
- };
-diff --git a/deployments/se-proxy/se-proxy.cmake b/deployments/se-proxy/se-proxy.cmake
-index d39873a0fe81..34fe5ff1b925 100644
---- a/deployments/se-proxy/se-proxy.cmake
-+++ b/deployments/se-proxy/se-proxy.cmake
-@@ -47,6 +47,7 @@ add_components(TARGET "se-proxy"
- "components/service/attestation/include"
- "components/service/attestation/provider"
- "components/service/attestation/provider/serializer/packed-c"
-+ "components/rpc/openamp/caller/sp"
-
- # Stub service provider backends
- "components/rpc/dummy"
-2.38.1
-
similarity index 99%
rename from meta-arm-bsp/recipes-security/trusted-services/corstone1000/0020-FMP-Support-in-Corstone1000.patch
rename to meta-arm-bsp/recipes-security/trusted-services/corstone1000/0003-FMP-Support-in-Corstone1000.patch
@@ -1,7 +1,7 @@
-From 70cf374fb55f2d62ecbe28049253df33b42b6749 Mon Sep 17 00:00:00 2001
+From 5c8ac10337ac853d8a82992fb6e1d91b122b99d2 Mon Sep 17 00:00:00 2001
From: Satish Kumar <satish.kumar01@arm.com>
Date: Fri, 8 Jul 2022 09:48:06 +0100
-Subject: [PATCH 20/20] FMP Support in Corstone1000.
+Subject: [PATCH 3/6] FMP Support in Corstone1000.
The FMP support is used by u-boot to pupolate ESRT information
for the kernel.
@@ -414,5 +414,5 @@ index 000000000000..95fba2a04d5c
+
+#endif /* CORSTONE1000_FMP_SERVICE_H */
--
-2.38.1
+2.40.0
similarity index 95%
rename from meta-arm-bsp/recipes-security/trusted-services/corstone1000/0024-TF-Mv1.7-alignment-Align-PSA-Crypto-SIDs.patch
rename to meta-arm-bsp/recipes-security/trusted-services/corstone1000/0004-TF-Mv1.7-alignment-Align-PSA-Crypto-SIDs.patch
@@ -1,24 +1,25 @@
-From ca7d37502f9453125aead14c7ee5181336cbe8f4 Mon Sep 17 00:00:00 2001
+From c294197b17358b20c75757b9a06d628f43cd7884 Mon Sep 17 00:00:00 2001
From: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
Date: Thu, 9 Feb 2023 00:22:40 +0000
-Subject: [PATCH 1/3] TF-Mv1.7 alignment: Align PSA Crypto SIDs
+Subject: [PATCH 4/6] TF-Mv1.7 alignment: Align PSA Crypto SIDs
This patch is to change the PSA Crypto SIDs to match the values of the
PSA Crypto SID definitions in TF-M v1.7 running on the secure enclave
Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
Upstream-Status: Pending [Not submitted yet]
+Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
---
.../service/common/include/psa/crypto_sid.h | 241 ++++++++++++++++++
- components/service/common/include/psa/sid.h | 78 +-----
+ components/service/common/include/psa/sid.h | 76 +-----
.../caller/psa_ipc/crypto_caller_sign_hash.h | 4 +-
.../psa_ipc/crypto_caller_verify_hash.h | 4 +-
- 4 files changed, 249 insertions(+), 78 deletions(-)
+ 4 files changed, 248 insertions(+), 77 deletions(-)
create mode 100644 components/service/common/include/psa/crypto_sid.h
diff --git a/components/service/common/include/psa/crypto_sid.h b/components/service/common/include/psa/crypto_sid.h
new file mode 100644
-index 00000000..5b05f46d
+index 000000000000..5b05f46d7d72
--- /dev/null
+++ b/components/service/common/include/psa/crypto_sid.h
@@ -0,0 +1,241 @@
@@ -264,16 +265,9 @@ index 00000000..5b05f46d
+
+#endif /* __PSA_CRYPTO_SID_H__ */
diff --git a/components/service/common/include/psa/sid.h b/components/service/common/include/psa/sid.h
-index 8103a9af..50ad070e 100644
+index 8e2c6bdf2919..5aaa659d49a0 100644
--- a/components/service/common/include/psa/sid.h
+++ b/components/service/common/include/psa/sid.h
-@@ -1,5 +1,5 @@
- /*
-- * Copyright (c) 2019-2021, Arm Limited. All rights reserved.
-+ * Copyright (c) 2019-2023, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
@@ -12,6 +12,9 @@
extern "C" {
#endif
@@ -284,9 +278,9 @@ index 8103a9af..50ad070e 100644
/******** TFM_SP_PS ********/
#define TFM_PROTECTED_STORAGE_SERVICE_SID (0x00000060U)
#define TFM_PROTECTED_STORAGE_SERVICE_VERSION (1U)
-@@ -43,79 +46,6 @@ extern "C" {
- #define TFM_PLATFORM_SERVICE_HANDLE (0x40000105U)
-
+@@ -37,79 +40,6 @@ extern "C" {
+ #define TFM_CRYPTO_VERSION (1U)
+ #define TFM_CRYPTO_HANDLE (0x40000100U)
-/**
- * \brief Define a progressive numerical value for each SID which can be used
@@ -365,7 +359,7 @@ index 8103a9af..50ad070e 100644
#define TFM_SP_PLATFORM_SYSTEM_RESET_SID (0x00000040U)
#define TFM_SP_PLATFORM_SYSTEM_RESET_VERSION (1U)
diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h
-index e4a2b167..9276748d 100644
+index 29bd56e60708..bebfe05c7c49 100644
--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h
+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h
@@ -37,7 +37,7 @@ static inline psa_status_t crypto_caller_sign_hash(struct service_client *contex
@@ -387,7 +381,7 @@ index e4a2b167..9276748d 100644
.alg = alg,
};
diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h
-index cc9279ee..bcd8e0e4 100644
+index 66281d588626..d0a3850678cb 100644
--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h
+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h
@@ -63,7 +63,7 @@ static inline psa_status_t crypto_caller_verify_hash(struct service_client *cont
@@ -409,5 +403,5 @@ index cc9279ee..bcd8e0e4 100644
#ifdef __cplusplus
--
-2.25.1
+2.40.0
deleted file mode 100644
@@ -1,298 +0,0 @@
-From fb6d2f33e26c7b6ef88d552feca1f835da3f0df6 Mon Sep 17 00:00:00 2001
-From: Vishnu Banavath <vishnu.banavath@arm.com>
-Date: Fri, 3 Dec 2021 19:05:18 +0000
-Subject: [PATCH 04/20] add psa client definitions for ff-m
-
-Add PSA client definitions in common include to add future
-ff-m support.
-
-Upstream-Status: Pending
-Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
-Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
----
- .../service/common/include/psa/client.h | 194 ++++++++++++++++++
- components/service/common/include/psa/sid.h | 71 +++++++
- 2 files changed, 265 insertions(+)
- create mode 100644 components/service/common/include/psa/client.h
- create mode 100644 components/service/common/include/psa/sid.h
-
-diff --git a/components/service/common/include/psa/client.h b/components/service/common/include/psa/client.h
-new file mode 100644
-index 000000000000..69ccf14f40a3
---- /dev/null
-+++ b/components/service/common/include/psa/client.h
-@@ -0,0 +1,194 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#ifndef SERVICE_PSA_IPC_H
-+#define SERVICE_PSA_IPC_H
-+
-+#include <stddef.h>
-+#include <stdint.h>
-+
-+#include <rpc_caller.h>
-+#include <psa/error.h>
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+#ifndef IOVEC_LEN
-+#define IOVEC_LEN(arr) ((uint32_t)(sizeof(arr)/sizeof(arr[0])))
-+#endif
-+
-+/*********************** PSA Client Macros and Types *************************/
-+
-+typedef int32_t psa_handle_t;
-+
-+/**
-+ * The version of the PSA Framework API that is being used to build the calling
-+ * firmware. Only part of features of FF-M v1.1 have been implemented. FF-M v1.1
-+ * is compatible with v1.0.
-+ */
-+#define PSA_FRAMEWORK_VERSION (0x0101u)
-+
-+/**
-+ * Return value from psa_version() if the requested RoT Service is not present
-+ * in the system.
-+ */
-+#define PSA_VERSION_NONE (0u)
-+
-+/**
-+ * The zero-value null handle can be assigned to variables used in clients and
-+ * RoT Services, indicating that there is no current connection or message.
-+ */
-+#define PSA_NULL_HANDLE ((psa_handle_t)0)
-+
-+/**
-+ * Tests whether a handle value returned by psa_connect() is valid.
-+ */
-+#define PSA_HANDLE_IS_VALID(handle) ((psa_handle_t)(handle) > 0)
-+
-+/**
-+ * Converts the handle value returned from a failed call psa_connect() into
-+ * an error code.
-+ */
-+#define PSA_HANDLE_TO_ERROR(handle) ((psa_status_t)(handle))
-+
-+/**
-+ * Maximum number of input and output vectors for a request to psa_call().
-+ */
-+#define PSA_MAX_IOVEC (4u)
-+
-+/**
-+ * An IPC message type that indicates a generic client request.
-+ */
-+#define PSA_IPC_CALL (0)
-+
-+/**
-+ * A read-only input memory region provided to an RoT Service.
-+ */
-+struct __attribute__ ((__packed__)) psa_invec {
-+ uint32_t base; /*!< the start address of the memory buffer */
-+ uint32_t len; /*!< the size in bytes */
-+};
-+
-+/**
-+ * A writable output memory region provided to an RoT Service.
-+ */
-+struct __attribute__ ((__packed__)) psa_outvec {
-+ uint32_t base; /*!< the start address of the memory buffer */
-+ uint32_t len; /*!< the size in bytes */
-+};
-+
-+/*************************** PSA Client API **********************************/
-+
-+/**
-+ * \brief Retrieve the version of the PSA Framework API that is implemented.
-+ *
-+ * \param[in] rpc_caller RPC caller to use
-+ * \return version The version of the PSA Framework implementation
-+ * that is providing the runtime services to the
-+ * caller. The major and minor version are encoded
-+ * as follows:
-+ * \arg version[15:8] -- major version number.
-+ * \arg version[7:0] -- minor version number.
-+ */
-+uint32_t psa_framework_version(struct rpc_caller *caller);
-+
-+/**
-+ * \brief Retrieve the version of an RoT Service or indicate that it is not
-+ * present on this system.
-+ *
-+ * \param[in] rpc_caller RPC caller to use
-+ * \param[in] sid ID of the RoT Service to query.
-+ *
-+ * \retval PSA_VERSION_NONE The RoT Service is not implemented, or the
-+ * caller is not permitted to access the service.
-+ * \retval > 0 The version of the implemented RoT Service.
-+ */
-+uint32_t psa_version(struct rpc_caller *caller, uint32_t sid);
-+
-+/**
-+ * \brief Connect to an RoT Service by its SID.
-+ *
-+ * \param[in] rpc_caller RPC caller to use
-+ * \param[in] sid ID of the RoT Service to connect to.
-+ * \param[in] version Requested version of the RoT Service.
-+ *
-+ * \retval > 0 A handle for the connection.
-+ * \retval PSA_ERROR_CONNECTION_REFUSED The SPM or RoT Service has refused the
-+ * connection.
-+ * \retval PSA_ERROR_CONNECTION_BUSY The SPM or RoT Service cannot make the
-+ * connection at the moment.
-+ * \retval "PROGRAMMER ERROR" The call is a PROGRAMMER ERROR if one or more
-+ * of the following are true:
-+ * \arg The RoT Service ID is not present.
-+ * \arg The RoT Service version is not supported.
-+ * \arg The caller is not allowed to access the RoT
-+ * service.
-+ */
-+psa_handle_t psa_connect(struct rpc_caller *caller, uint32_t sid,
-+ uint32_t version);
-+
-+/**
-+ * \brief Call an RoT Service on an established connection.
-+ *
-+ * \note FF-M 1.0 proposes 6 parameters for psa_call but the secure gateway ABI
-+ * support at most 4 parameters. TF-M chooses to encode 'in_len',
-+ * 'out_len', and 'type' into a 32-bit integer to improve efficiency.
-+ * Compared with struct-based encoding, this method saves extra memory
-+ * check and memory copy operation. The disadvantage is that the 'type'
-+ * range has to be reduced into a 16-bit integer. So with this encoding,
-+ * the valid range for 'type' is 0-32767.
-+ *
-+ * \param[in] rpc_caller RPC caller to use
-+ * \param[in] handle A handle to an established connection.
-+ * \param[in] type The request type.
-+ * Must be zero( \ref PSA_IPC_CALL) or positive.
-+ * \param[in] in_vec Array of input \ref psa_invec structures.
-+ * \param[in] in_len Number of input \ref psa_invec structures.
-+ * \param[in,out] out_vec Array of output \ref psa_outvec structures.
-+ * \param[in] out_len Number of output \ref psa_outvec structures.
-+ *
-+ * \retval >=0 RoT Service-specific status value.
-+ * \retval <0 RoT Service-specific error code.
-+ * \retval PSA_ERROR_PROGRAMMER_ERROR The connection has been terminated by the
-+ * RoT Service. The call is a PROGRAMMER ERROR if
-+ * one or more of the following are true:
-+ * \arg An invalid handle was passed.
-+ * \arg The connection is already handling a request.
-+ * \arg type < 0.
-+ * \arg An invalid memory reference was provided.
-+ * \arg in_len + out_len > PSA_MAX_IOVEC.
-+ * \arg The message is unrecognized by the RoT
-+ * Service or incorrectly formatted.
-+ */
-+psa_status_t psa_call(struct rpc_caller *caller, psa_handle_t handle,
-+ int32_t type, const struct psa_invec *in_vec,
-+ size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-+
-+/**
-+ * \brief Close a connection to an RoT Service.
-+ *
-+ * \param[in] rpc_caller RPC caller to use
-+ * \param[in] handle A handle to an established connection, or the
-+ * null handle.
-+ *
-+ * \retval void Success.
-+ * \retval "PROGRAMMER ERROR" The call is a PROGRAMMER ERROR if one or more
-+ * of the following are true:
-+ * \arg An invalid handle was provided that is not
-+ * the null handle.
-+ * \arg The connection is currently handling a
-+ * request.
-+ */
-+void psa_close(struct rpc_caller *caller, psa_handle_t handle);
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif /* SERVICE_PSA_IPC_H */
-+
-+
-diff --git a/components/service/common/include/psa/sid.h b/components/service/common/include/psa/sid.h
-new file mode 100644
-index 000000000000..aaa973c6e987
---- /dev/null
-+++ b/components/service/common/include/psa/sid.h
-@@ -0,0 +1,71 @@
-+/*
-+ * Copyright (c) 2019-2021, Arm Limited. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ *
-+ */
-+
-+#ifndef __PSA_MANIFEST_SID_H__
-+#define __PSA_MANIFEST_SID_H__
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+/******** TFM_SP_PS ********/
-+#define TFM_PROTECTED_STORAGE_SERVICE_SID (0x00000060U)
-+#define TFM_PROTECTED_STORAGE_SERVICE_VERSION (1U)
-+#define TFM_PROTECTED_STORAGE_SERVICE_HANDLE (0x40000101U)
-+
-+/* Invalid UID */
-+#define TFM_PS_INVALID_UID 0
-+
-+/* PS message types that distinguish PS services. */
-+#define TFM_PS_SET 1001
-+#define TFM_PS_GET 1002
-+#define TFM_PS_GET_INFO 1003
-+#define TFM_PS_REMOVE 1004
-+#define TFM_PS_GET_SUPPORT 1005
-+
-+/******** TFM_SP_ITS ********/
-+#define TFM_INTERNAL_TRUSTED_STORAGE_SERVICE_SID (0x00000070U)
-+#define TFM_INTERNAL_TRUSTED_STORAGE_SERVICE_VERSION (1U)
-+#define TFM_INTERNAL_TRUSTED_STORAGE_SERVICE_HANDLE (0x40000102U)
-+
-+/******** TFM_SP_CRYPTO ********/
-+#define TFM_CRYPTO_SID (0x00000080U)
-+#define TFM_CRYPTO_VERSION (1U)
-+#define TFM_CRYPTO_HANDLE (0x40000100U)
-+
-+/******** TFM_SP_PLATFORM ********/
-+#define TFM_SP_PLATFORM_SYSTEM_RESET_SID (0x00000040U)
-+#define TFM_SP_PLATFORM_SYSTEM_RESET_VERSION (1U)
-+#define TFM_SP_PLATFORM_IOCTL_SID (0x00000041U)
-+#define TFM_SP_PLATFORM_IOCTL_VERSION (1U)
-+#define TFM_SP_PLATFORM_NV_COUNTER_SID (0x00000042U)
-+#define TFM_SP_PLATFORM_NV_COUNTER_VERSION (1U)
-+
-+/******** TFM_SP_INITIAL_ATTESTATION ********/
-+#define TFM_ATTESTATION_SERVICE_SID (0x00000020U)
-+#define TFM_ATTESTATION_SERVICE_VERSION (1U)
-+#define TFM_ATTESTATION_SERVICE_HANDLE (0x40000103U)
-+
-+/******** TFM_SP_FWU ********/
-+#define TFM_FWU_WRITE_SID (0x000000A0U)
-+#define TFM_FWU_WRITE_VERSION (1U)
-+#define TFM_FWU_INSTALL_SID (0x000000A1U)
-+#define TFM_FWU_INSTALL_VERSION (1U)
-+#define TFM_FWU_ABORT_SID (0x000000A2U)
-+#define TFM_FWU_ABORT_VERSION (1U)
-+#define TFM_FWU_QUERY_SID (0x000000A3U)
-+#define TFM_FWU_QUERY_VERSION (1U)
-+#define TFM_FWU_REQUEST_REBOOT_SID (0x000000A4U)
-+#define TFM_FWU_REQUEST_REBOOT_VERSION (1U)
-+#define TFM_FWU_ACCEPT_SID (0x000000A5U)
-+#define TFM_FWU_ACCEPT_VERSION (1U)
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif /* __PSA_MANIFEST_SID_H__ */
-2.38.1
-
deleted file mode 100644
@@ -1,295 +0,0 @@
-From 0311fc8f131fe7a2b0f4dd9988c610fda47394aa Mon Sep 17 00:00:00 2001
-From: Vishnu Banavath <vishnu.banavath@arm.com>
-Date: Fri, 3 Dec 2021 19:13:03 +0000
-Subject: [PATCH 05/20] Add common service component to ipc support
-
-Add support for inter processor communication for PSA
-including, the openamp client side structures lib.
-
-Upstream-Status: Pending
-Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
-Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
----
- .../service/common/psa_ipc/component.cmake | 13 ++
- .../service/common/psa_ipc/service_psa_ipc.c | 97 +++++++++++++
- .../psa_ipc/service_psa_ipc_openamp_lib.h | 131 ++++++++++++++++++
- deployments/se-proxy/se-proxy.cmake | 1 +
- 4 files changed, 242 insertions(+)
- create mode 100644 components/service/common/psa_ipc/component.cmake
- create mode 100644 components/service/common/psa_ipc/service_psa_ipc.c
- create mode 100644 components/service/common/psa_ipc/service_psa_ipc_openamp_lib.h
-
-diff --git a/components/service/common/psa_ipc/component.cmake b/components/service/common/psa_ipc/component.cmake
-new file mode 100644
-index 000000000000..5a1c9e62e2f0
---- /dev/null
-+++ b/components/service/common/psa_ipc/component.cmake
-@@ -0,0 +1,13 @@
-+#-------------------------------------------------------------------------------
-+# Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+#
-+# SPDX-License-Identifier: BSD-3-Clause
-+#
-+#-------------------------------------------------------------------------------
-+if (NOT DEFINED TGT)
-+ message(FATAL_ERROR "mandatory parameter TGT is not defined.")
-+endif()
-+
-+target_sources(${TGT} PRIVATE
-+ "${CMAKE_CURRENT_LIST_DIR}/service_psa_ipc.c"
-+ )
-diff --git a/components/service/common/psa_ipc/service_psa_ipc.c b/components/service/common/psa_ipc/service_psa_ipc.c
-new file mode 100644
-index 000000000000..e8093c20a523
---- /dev/null
-+++ b/components/service/common/psa_ipc/service_psa_ipc.c
-@@ -0,0 +1,97 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#include <stddef.h>
-+#include <stdint.h>
-+#include <string.h>
-+#include <trace.h>
-+
-+#include <protocols/rpc/common/packed-c/status.h>
-+#include <psa/error.h>
-+#include <rpc_caller.h>
-+
-+#include <psa/client.h>
-+#include "service_psa_ipc_openamp_lib.h"
-+
-+psa_handle_t psa_connect(struct rpc_caller *caller, uint32_t sid,
-+ uint32_t version)
-+{
-+ psa_status_t psa_status = PSA_SUCCESS;
-+ struct s_openamp_msg *resp_msg = NULL;
-+ struct ns_openamp_msg *req_msg;
-+ rpc_call_handle rpc_handle;
-+ size_t resp_len;
-+ uint8_t *resp;
-+ uint8_t *req;
-+ int ret;
-+
-+ rpc_handle = rpc_caller_begin(caller, &req,
-+ sizeof(struct ns_openamp_msg));
-+ if (!rpc_handle) {
-+ EMSG("psa_connect: could not get handle");
-+ return PSA_ERROR_GENERIC_ERROR;
-+ }
-+
-+ req_msg = (struct ns_openamp_msg *)req;
-+
-+ req_msg->call_type = OPENAMP_PSA_CONNECT;
-+ req_msg->params.psa_connect_params.sid = sid;
-+ req_msg->params.psa_connect_params.version = version;
-+
-+ ret = rpc_caller_invoke(caller, rpc_handle, 0, &psa_status, &resp,
-+ &resp_len);
-+ if (ret != TS_RPC_CALL_ACCEPTED) {
-+ EMSG("psa_connect: invoke failed: %d", ret);
-+ return PSA_ERROR_GENERIC_ERROR;
-+ }
-+
-+ if (psa_status == PSA_SUCCESS)
-+ resp_msg = (struct s_openamp_msg *)resp;
-+
-+ rpc_caller_end(caller, rpc_handle);
-+
-+ return resp_msg ? (psa_handle_t)resp_msg->reply : PSA_NULL_HANDLE;
-+}
-+
-+psa_status_t psa_call(struct rpc_caller *caller, psa_handle_t handle,
-+ int32_t type, const struct psa_invec *in_vec,
-+ size_t in_len, struct psa_outvec *out_vec, size_t out_len)
-+{
-+
-+}
-+
-+void psa_close(struct rpc_caller *caller, psa_handle_t handle)
-+{
-+ psa_status_t psa_status = PSA_SUCCESS;
-+ struct s_openamp_msg *resp_msg = NULL;
-+ struct ns_openamp_msg *req_msg;
-+ rpc_call_handle rpc_handle;
-+ size_t resp_len;
-+ uint8_t *resp;
-+ uint8_t *req;
-+ int ret;
-+
-+ rpc_handle = rpc_caller_begin(caller, &req,
-+ sizeof(struct ns_openamp_msg));
-+ if (!rpc_handle) {
-+ EMSG("psa_close: could not get handle");
-+ return;
-+ }
-+
-+ req_msg = (struct ns_openamp_msg *)req;
-+
-+ req_msg->call_type = OPENAMP_PSA_CLOSE;
-+ req_msg->params.psa_close_params.handle = handle;
-+
-+ ret = rpc_caller_invoke(caller, rpc_handle, 0, &psa_status, &resp,
-+ &resp_len);
-+ if (ret != TS_RPC_CALL_ACCEPTED) {
-+ EMSG("psa_close: invoke failed: %d", ret);
-+ return;
-+ }
-+
-+ rpc_caller_end(caller, rpc_handle);
-+}
-diff --git a/components/service/common/psa_ipc/service_psa_ipc_openamp_lib.h b/components/service/common/psa_ipc/service_psa_ipc_openamp_lib.h
-new file mode 100644
-index 000000000000..33ea96660572
---- /dev/null
-+++ b/components/service/common/psa_ipc/service_psa_ipc_openamp_lib.h
-@@ -0,0 +1,131 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#ifndef SERVICE_PSA_IPC_OPENAMP_LIB_H
-+#define SERVICE_PSA_IPC_OPENAMP_LIB_H
-+
-+#include <stddef.h>
-+#include <stdint.h>
-+
-+#include <compiler.h>
-+#include <psa/error.h>
-+
-+#include <stdint.h>
-+#include <psa/client.h>
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+/* PSA client call type value */
-+#define OPENAMP_PSA_FRAMEWORK_VERSION (0x1)
-+#define OPENAMP_PSA_VERSION (0x2)
-+#define OPENAMP_PSA_CONNECT (0x3)
-+#define OPENAMP_PSA_CALL (0x4)
-+#define OPENAMP_PSA_CLOSE (0x5)
-+
-+/* Return code of openamp APIs */
-+#define OPENAMP_SUCCESS (0)
-+#define OPENAMP_MAP_FULL (INT32_MIN + 1)
-+#define OPENAMP_MAP_ERROR (INT32_MIN + 2)
-+#define OPENAMP_INVAL_PARAMS (INT32_MIN + 3)
-+#define OPENAMP_NO_PERMS (INT32_MIN + 4)
-+#define OPENAMP_NO_PEND_EVENT (INT32_MIN + 5)
-+#define OPENAMP_CHAN_BUSY (INT32_MIN + 6)
-+#define OPENAMP_CALLBACK_REG_ERROR (INT32_MIN + 7)
-+#define OPENAMP_INIT_ERROR (INT32_MIN + 8)
-+
-+#define HOLD_INPUT_BUFFER (1) /* IF true, TF-M Library will hold the openamp
-+ * buffer so that openamp shared memory buffer
-+ * does not get freed.
-+ */
-+
-+/*
-+ * This structure holds the parameters used in a PSA client call.
-+ */
-+typedef struct __packed psa_client_in_params {
-+ union {
-+ struct __packed {
-+ uint32_t sid;
-+ } psa_version_params;
-+
-+ struct __packed {
-+ uint32_t sid;
-+ uint32_t version;
-+ } psa_connect_params;
-+
-+ struct __packed {
-+ psa_handle_t handle;
-+ int32_t type;
-+ uint32_t in_vec;
-+ uint32_t in_len;
-+ uint32_t out_vec;
-+ uint32_t out_len;
-+ } psa_call_params;
-+
-+ struct __packed {
-+ psa_handle_t handle;
-+ } psa_close_params;
-+ };
-+} psa_client_in_params_t;
-+
-+/* Openamp message passed from NSPE to SPE to deliver a PSA client call */
-+struct __packed ns_openamp_msg {
-+ uint32_t call_type; /* PSA client call type */
-+ struct psa_client_in_params params; /* Contain parameters used in PSA
-+ * client call
-+ */
-+
-+ int32_t client_id; /* Optional client ID of the
-+ * non-secure caller.
-+ * It is required to identify the
-+ * non-secure task when NSPE OS
-+ * enforces non-secure task
-+ * isolation
-+ */
-+ int32_t request_id; /* This is the unique ID for a
-+ * request send to TF-M by the
-+ * non-secure core. TF-M forward
-+ * the ID back to non-secure on the
-+ * reply to a given request. Using
-+ * this id, the non-secure library
-+ * can identify the request for
-+ * which the reply has received.
-+ */
-+};
-+
-+/*
-+ * This structure holds the location of the out data of the PSA client call.
-+ */
-+struct __packed psa_client_out_params {
-+ uint32_t out_vec;
-+ uint32_t out_len;
-+};
-+
-+
-+/* Openamp message from SPE to NSPE delivering the reply back for a PSA client
-+ * call.
-+ */
-+struct __packed s_openamp_msg {
-+ int32_t request_id; /* Using this id, the non-secure
-+ * library identifies the request.
-+ * TF-M forwards the same
-+ * request-id received on the
-+ * initial request.
-+ */
-+ int32_t reply; /* Reply of the PSA client call */
-+ struct psa_client_out_params params; /* Contain out data result of the
-+ * PSA client call.
-+ */
-+};
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif /* SERVICE_PSA_IPC_OPENAMP_LIB_H */
-+
-+
-diff --git a/deployments/se-proxy/se-proxy.cmake b/deployments/se-proxy/se-proxy.cmake
-index 34fe5ff1b925..dd0c5d00c21e 100644
---- a/deployments/se-proxy/se-proxy.cmake
-+++ b/deployments/se-proxy/se-proxy.cmake
-@@ -24,6 +24,7 @@ add_components(TARGET "se-proxy"
- "components/service/common/include"
- "components/service/common/serializer/protobuf"
- "components/service/common/client"
-+ "components/service/common/psa_ipc"
- "components/service/common/provider"
- "components/service/discovery/provider"
- "components/service/discovery/provider/serializer/packed-c"
-2.38.1
-
similarity index 90%
rename from meta-arm-bsp/recipes-security/trusted-services/corstone1000/0025-TF-Mv1.7-alignment-Align-crypto-iovec-definition.patch
rename to meta-arm-bsp/recipes-security/trusted-services/corstone1000/0005-TF-Mv1.7-alignment-Align-crypto-iovec-definition.patch
@@ -1,7 +1,7 @@
-From a3e203136e7c552069ae582273e0540a219c105f Mon Sep 17 00:00:00 2001
+From 355e9e1425bbe1d4f27eadf81b91ad047d7b42b5 Mon Sep 17 00:00:00 2001
From: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
Date: Thu, 9 Feb 2023 00:01:06 +0000
-Subject: [PATCH 2/3] TF-Mv1.7 alignment: Align crypto iovec definition
+Subject: [PATCH 5/6] TF-Mv1.7 alignment: Align crypto iovec definition
This patch is to align psa_ipc_crypto_pack_iovec with TF-M v1.7
And propagate changes accross psa_ipc functions
@@ -9,6 +9,7 @@ More accuratly change sfn_id to function_id
Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
Upstream-Status: Pending [Not submitted yet]
+Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
---
.../backend/psa_ipc/crypto_ipc_backend.h | 34 +++++++++----------
.../caller/psa_ipc/crypto_caller_aead.h | 24 ++++++-------
@@ -32,7 +33,7 @@ Upstream-Status: Pending [Not submitted yet]
19 files changed, 73 insertions(+), 73 deletions(-)
diff --git a/components/service/crypto/backend/psa_ipc/crypto_ipc_backend.h b/components/service/crypto/backend/psa_ipc/crypto_ipc_backend.h
-index ec25eaf8..aacd3fcc 100644
+index 678a35810d71..47243648a99f 100644
--- a/components/service/crypto/backend/psa_ipc/crypto_ipc_backend.h
+++ b/components/service/crypto/backend/psa_ipc/crypto_ipc_backend.h
@@ -28,23 +28,23 @@ struct psa_ipc_crypto_aead_pack_input {
@@ -77,7 +78,7 @@ index ec25eaf8..aacd3fcc 100644
#define iov_size sizeof(struct psa_ipc_crypto_pack_iovec)
diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h
-index f6aadd8b..efdffdf7 100644
+index 66a2bc958687..f63996a8aad3 100644
--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h
+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h
@@ -44,7 +44,7 @@ static inline psa_status_t crypto_caller_aead_encrypt(
@@ -102,94 +103,94 @@ index f6aadd8b..efdffdf7 100644
struct rpc_caller *caller = ipc->caller;
psa_status_t status;
struct psa_ipc_crypto_pack_iovec iov = {
-- .sfn_id = TFM_CRYPTO_AEAD_ENCRYPT_SETUP_SID,
-+ .function_id = TFM_CRYPTO_AEAD_ENCRYPT_SETUP_SID,
- .key_id = key,
- .alg = alg,
- .op_handle = (*op_handle),
-@@ -185,7 +185,7 @@ static inline psa_status_t crypto_caller_aead_decrypt_setup(
+- .sfn_id = TFM_CRYPTO_AEAD_ENCRYPT_SETUP_SID,
++ .function_id = TFM_CRYPTO_AEAD_ENCRYPT_SETUP_SID,
+ .key_id = key,
+ .alg = alg,
+ .op_handle = (*op_handle),
+@@ -186,7 +186,7 @@ static inline psa_status_t crypto_caller_aead_decrypt_setup(
struct rpc_caller *caller = ipc->caller;
psa_status_t status;
struct psa_ipc_crypto_pack_iovec iov = {
-- .sfn_id = TFM_CRYPTO_AEAD_DECRYPT_SETUP_SID,
-+ .function_id = TFM_CRYPTO_AEAD_DECRYPT_SETUP_SID,
- .key_id = key,
- .alg = alg,
- .op_handle = (*op_handle),
-@@ -214,7 +214,7 @@ static inline psa_status_t crypto_caller_aead_generate_nonce(
+- .sfn_id = TFM_CRYPTO_AEAD_DECRYPT_SETUP_SID,
++ .function_id = TFM_CRYPTO_AEAD_DECRYPT_SETUP_SID,
+ .key_id = key,
+ .alg = alg,
+ .op_handle = (*op_handle),
+@@ -217,7 +217,7 @@ static inline psa_status_t crypto_caller_aead_generate_nonce(
struct rpc_caller *caller = ipc->caller;
psa_status_t status;
struct psa_ipc_crypto_pack_iovec iov = {
-- .sfn_id = TFM_CRYPTO_AEAD_GENERATE_NONCE_SID,
-+ .function_id = TFM_CRYPTO_AEAD_GENERATE_NONCE_SID,
- .op_handle = op_handle,
+- .sfn_id = TFM_CRYPTO_AEAD_GENERATE_NONCE_SID,
++ .function_id = TFM_CRYPTO_AEAD_GENERATE_NONCE_SID,
+ .op_handle = op_handle,
};
-@@ -243,7 +243,7 @@ static inline psa_status_t crypto_caller_aead_set_nonce(
+@@ -248,7 +248,7 @@ static inline psa_status_t crypto_caller_aead_set_nonce(
struct rpc_caller *caller = ipc->caller;
psa_status_t status;
struct psa_ipc_crypto_pack_iovec iov = {
-- .sfn_id = TFM_CRYPTO_AEAD_SET_NONCE_SID,
-+ .function_id = TFM_CRYPTO_AEAD_SET_NONCE_SID,
- .op_handle = op_handle,
+- .sfn_id = TFM_CRYPTO_AEAD_SET_NONCE_SID,
++ .function_id = TFM_CRYPTO_AEAD_SET_NONCE_SID,
+ .op_handle = op_handle,
};
-@@ -270,7 +270,7 @@ static inline psa_status_t crypto_caller_aead_set_lengths(
+@@ -277,7 +277,7 @@ static inline psa_status_t crypto_caller_aead_set_lengths(
struct rpc_caller *caller = ipc->caller;
psa_status_t status;
struct psa_ipc_crypto_pack_iovec iov = {
-- .sfn_id = TFM_CRYPTO_AEAD_SET_LENGTHS_SID,
-+ .function_id = TFM_CRYPTO_AEAD_SET_LENGTHS_SID,
- .ad_length = ad_length,
- .plaintext_length = plaintext_length,
- .op_handle = op_handle,
-@@ -299,7 +299,7 @@ static inline psa_status_t crypto_caller_aead_update_ad(
+- .sfn_id = TFM_CRYPTO_AEAD_SET_LENGTHS_SID,
++ .function_id = TFM_CRYPTO_AEAD_SET_LENGTHS_SID,
+ .ad_length = ad_length,
+ .plaintext_length = plaintext_length,
+ .op_handle = op_handle,
+@@ -307,7 +307,7 @@ static inline psa_status_t crypto_caller_aead_update_ad(
struct rpc_caller *caller = ipc->caller;
psa_status_t status;
struct psa_ipc_crypto_pack_iovec iov = {
-- .sfn_id = TFM_CRYPTO_AEAD_UPDATE_AD_SID,
-+ .function_id = TFM_CRYPTO_AEAD_UPDATE_AD_SID,
- .op_handle = op_handle,
+- .sfn_id = TFM_CRYPTO_AEAD_UPDATE_AD_SID,
++ .function_id = TFM_CRYPTO_AEAD_UPDATE_AD_SID,
+ .op_handle = op_handle,
};
-@@ -339,7 +339,7 @@ static inline psa_status_t crypto_caller_aead_update(
+@@ -349,7 +349,7 @@ static inline psa_status_t crypto_caller_aead_update(
struct rpc_caller *caller = ipc->caller;
psa_status_t status;
struct psa_ipc_crypto_pack_iovec iov = {
-- .sfn_id = TFM_CRYPTO_AEAD_UPDATE_SID,
-+ .function_id = TFM_CRYPTO_AEAD_UPDATE_SID,
- .op_handle = op_handle,
+- .sfn_id = TFM_CRYPTO_AEAD_UPDATE_SID,
++ .function_id = TFM_CRYPTO_AEAD_UPDATE_SID,
+ .op_handle = op_handle,
};
-@@ -383,7 +383,7 @@ static inline psa_status_t crypto_caller_aead_finish(
+@@ -395,7 +395,7 @@ static inline psa_status_t crypto_caller_aead_finish(
struct rpc_caller *caller = ipc->caller;
psa_status_t status;
struct psa_ipc_crypto_pack_iovec iov = {
-- .sfn_id = TFM_CRYPTO_AEAD_FINISH_SID,
-+ .function_id = TFM_CRYPTO_AEAD_FINISH_SID,
- .op_handle = op_handle,
+- .sfn_id = TFM_CRYPTO_AEAD_FINISH_SID,
++ .function_id = TFM_CRYPTO_AEAD_FINISH_SID,
+ .op_handle = op_handle,
};
-@@ -436,7 +436,7 @@ static inline psa_status_t crypto_caller_aead_verify(
+@@ -448,7 +448,7 @@ static inline psa_status_t crypto_caller_aead_verify(
struct rpc_caller *caller = ipc->caller;
psa_status_t status;
struct psa_ipc_crypto_pack_iovec iov = {
-- .sfn_id = TFM_CRYPTO_AEAD_VERIFY_SID,
-+ .function_id = TFM_CRYPTO_AEAD_VERIFY_SID,
- .op_handle = op_handle,
+- .sfn_id = TFM_CRYPTO_AEAD_VERIFY_SID,
++ .function_id = TFM_CRYPTO_AEAD_VERIFY_SID,
+ .op_handle = op_handle,
};
-@@ -482,7 +482,7 @@ static inline psa_status_t crypto_caller_aead_abort(
+@@ -494,7 +494,7 @@ static inline psa_status_t crypto_caller_aead_abort(
struct rpc_caller *caller = ipc->caller;
psa_status_t status;
struct psa_ipc_crypto_pack_iovec iov = {
-- .sfn_id = TFM_CRYPTO_AEAD_ABORT_SID,
-+ .function_id = TFM_CRYPTO_AEAD_ABORT_SID,
- .op_handle = op_handle,
+- .sfn_id = TFM_CRYPTO_AEAD_ABORT_SID,
++ .function_id = TFM_CRYPTO_AEAD_ABORT_SID,
+ .op_handle = op_handle,
};
diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_decrypt.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_decrypt.h
-index ff01815c..c387eb55 100644
+index d3e43b25f7e5..03682e7cdaa0 100644
--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_decrypt.h
+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_decrypt.h
@@ -38,7 +38,7 @@ static inline psa_status_t crypto_caller_asymmetric_decrypt(
@@ -202,7 +203,7 @@ index ff01815c..c387eb55 100644
.alg = alg,
};
diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_encrypt.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_encrypt.h
-index 1daf1689..8eb3de45 100644
+index 124b088f94d8..60f5770e3a1e 100644
--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_encrypt.h
+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_encrypt.h
@@ -38,7 +38,7 @@ static inline psa_status_t crypto_caller_asymmetric_encrypt(
@@ -215,7 +216,7 @@ index 1daf1689..8eb3de45 100644
.alg = alg,
};
diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h
-index fbefb28d..20aa46a5 100644
+index 8d906aeef2a0..4f885f3445ab 100644
--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h
+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h
@@ -34,7 +34,7 @@ static inline psa_status_t crypto_caller_cipher_encrypt_setup(
@@ -282,7 +283,7 @@ index fbefb28d..20aa46a5 100644
};
struct psa_invec in_vec[] = {
diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_copy_key.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_copy_key.h
-index 9a988171..48157d7e 100644
+index b2e57e1e7255..71cf4381dfe5 100644
--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_copy_key.h
+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_copy_key.h
@@ -33,7 +33,7 @@ static inline psa_status_t crypto_caller_copy_key(struct service_client *context
@@ -295,7 +296,7 @@ index 9a988171..48157d7e 100644
};
struct psa_invec in_vec[] = {
diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_destroy_key.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_destroy_key.h
-index d00f4faa..6d0a05e6 100644
+index 94a01580b482..85bd2b4cde97 100644
--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_destroy_key.h
+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_destroy_key.h
@@ -31,7 +31,7 @@ static inline psa_status_t crypto_caller_destroy_key(struct service_client *cont
@@ -308,7 +309,7 @@ index d00f4faa..6d0a05e6 100644
};
struct psa_invec in_vec[] = {
diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_key.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_key.h
-index 8ac5477f..9a6b7013 100644
+index b6dfda38bc23..5e9543085139 100644
--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_key.h
+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_key.h
@@ -34,7 +34,7 @@ static inline psa_status_t crypto_caller_export_key(struct service_client *conte
@@ -321,7 +322,7 @@ index 8ac5477f..9a6b7013 100644
};
struct psa_invec in_vec[] = {
diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_public_key.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_public_key.h
-index b24c47f1..52bdd757 100644
+index d154db89bf0b..349dc6cb949c 100644
--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_public_key.h
+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_public_key.h
@@ -34,7 +34,7 @@ static inline psa_status_t crypto_caller_export_public_key(struct service_client
@@ -334,7 +335,7 @@ index b24c47f1..52bdd757 100644
};
struct psa_invec in_vec[] = {
diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_key.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_key.h
-index 1b66ed40..7ed1673b 100644
+index 41dc3a1806ec..31c6901ab88a 100644
--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_key.h
+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_key.h
@@ -32,7 +32,7 @@ static inline psa_status_t crypto_caller_generate_key(struct service_client *con
@@ -347,7 +348,7 @@ index 1b66ed40..7ed1673b 100644
struct psa_invec in_vec[] = {
{ .base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec) },
diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_random.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_random.h
-index 7c538237..4fb87aa8 100644
+index 50437327ec2a..ce51ded30b1f 100644
--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_random.h
+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_random.h
@@ -32,7 +32,7 @@ static inline psa_status_t crypto_caller_generate_random(struct service_client *
@@ -360,7 +361,7 @@ index 7c538237..4fb87aa8 100644
struct psa_invec in_vec[] = {
{ .base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec) },
diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_get_key_attributes.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_get_key_attributes.h
-index 22f1d18f..2caa3bd3 100644
+index 3531bd06147f..ea90af7df782 100644
--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_get_key_attributes.h
+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_get_key_attributes.h
@@ -33,7 +33,7 @@ static inline psa_status_t crypto_caller_get_key_attributes(
@@ -373,7 +374,7 @@ index 22f1d18f..2caa3bd3 100644
};
struct psa_invec in_vec[] = {
diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h
-index 9f37908a..4fb60d44 100644
+index f63e9812af6c..f7ffaf38c7d0 100644
--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h
+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h
@@ -33,7 +33,7 @@ static inline psa_status_t crypto_caller_hash_setup(
@@ -431,7 +432,7 @@ index 9f37908a..4fb60d44 100644
};
struct psa_invec in_vec[] = {
diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_import_key.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_import_key.h
-index d4703366..1458163c 100644
+index 72a43c428adf..0c946a25488f 100644
--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_import_key.h
+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_import_key.h
@@ -33,7 +33,7 @@ static inline psa_status_t crypto_caller_import_key(struct service_client *conte
@@ -444,7 +445,7 @@ index d4703366..1458163c 100644
struct psa_invec in_vec[] = {
{ .base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec) },
diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_key_derivation.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_key_derivation.h
-index 5ce4fb6c..16be9916 100644
+index cacadf09d2c4..8bc32977535d 100644
--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_key_derivation.h
+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_key_derivation.h
@@ -33,7 +33,7 @@ static inline psa_status_t crypto_caller_key_derivation_setup(
@@ -538,7 +539,7 @@ index 5ce4fb6c..16be9916 100644
.key_id = private_key,
};
diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_mac.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_mac.h
-index 3a820192..30222800 100644
+index a0092bfd94e7..596923387596 100644
--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_mac.h
+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_mac.h
@@ -34,7 +34,7 @@ static inline psa_status_t crypto_caller_mac_sign_setup(
@@ -596,7 +597,7 @@ index 3a820192..30222800 100644
};
struct psa_invec in_vec[] = {
diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_purge_key.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_purge_key.h
-index a3a796e2..f6ab0978 100644
+index 36a01765b1a3..b5894e06d1ff 100644
--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_purge_key.h
+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_purge_key.h
@@ -31,7 +31,7 @@ static inline psa_status_t crypto_caller_purge_key(struct service_client *contex
@@ -609,7 +610,7 @@ index a3a796e2..f6ab0978 100644
};
struct psa_invec in_vec[] = {
diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h
-index 9276748d..8b53e3dc 100644
+index bebfe05c7c49..254ee5a90d89 100644
--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h
+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h
@@ -37,7 +37,7 @@ static inline psa_status_t crypto_caller_sign_hash(struct service_client *contex
@@ -631,7 +632,7 @@ index 9276748d..8b53e3dc 100644
.alg = alg,
};
diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h
-index bcd8e0e4..c9ed865b 100644
+index d0a3850678cb..515f2a8da39f 100644
--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h
+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h
@@ -31,13 +31,13 @@ static inline psa_status_t crypto_caller_common(struct service_client *context,
@@ -651,5 +652,5 @@ index bcd8e0e4..c9ed865b 100644
.alg = alg,
};
--
-2.25.1
+2.40.0
deleted file mode 100644
@@ -1,523 +0,0 @@
-From ed4371d63cb52c121be9678bc225055944286c30 Mon Sep 17 00:00:00 2001
-From: Vishnu Banavath <vishnu.banavath@arm.com>
-Date: Fri, 3 Dec 2021 19:19:24 +0000
-Subject: [PATCH 06/20] Add secure storage ipc backend
-
-Add secure storage ipc ff-m implementation which may use
-openamp as rpc to communicate with other processor.
-
-Upstream-Status: Pending
-Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
-Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
----
- .../service/common/psa_ipc/service_psa_ipc.c | 143 +++++++++++-
- .../secure_storage_ipc/component.cmake | 14 ++
- .../secure_storage_ipc/secure_storage_ipc.c | 214 ++++++++++++++++++
- .../secure_storage_ipc/secure_storage_ipc.h | 52 +++++
- deployments/se-proxy/se-proxy.cmake | 1 +
- 5 files changed, 420 insertions(+), 4 deletions(-)
- create mode 100644 components/service/secure_storage/backend/secure_storage_ipc/component.cmake
- create mode 100644 components/service/secure_storage/backend/secure_storage_ipc/secure_storage_ipc.c
- create mode 100644 components/service/secure_storage/backend/secure_storage_ipc/secure_storage_ipc.h
-
-diff --git a/components/service/common/psa_ipc/service_psa_ipc.c b/components/service/common/psa_ipc/service_psa_ipc.c
-index e8093c20a523..95a07c135f31 100644
---- a/components/service/common/psa_ipc/service_psa_ipc.c
-+++ b/components/service/common/psa_ipc/service_psa_ipc.c
-@@ -16,6 +16,52 @@
- #include <psa/client.h>
- #include "service_psa_ipc_openamp_lib.h"
-
-+static struct psa_invec *psa_call_in_vec_param(uint8_t *req)
-+{
-+ return (struct psa_invec *)(req + sizeof(struct ns_openamp_msg));
-+}
-+
-+static struct psa_outvec *psa_call_out_vec_param(uint8_t *req, size_t in_len)
-+{
-+ return (struct psa_outvec *)(req + sizeof(struct ns_openamp_msg) +
-+ (in_len * sizeof(struct psa_invec)));
-+}
-+
-+static size_t psa_call_header_len(const struct psa_invec *in_vec, size_t in_len,
-+ struct psa_outvec *out_vec, size_t out_len)
-+{
-+ return sizeof(struct ns_openamp_msg) + (in_len * sizeof(*in_vec)) +
-+ (out_len * sizeof(*out_vec));
-+}
-+
-+static size_t psa_call_in_vec_len(const struct psa_invec *in_vec, size_t in_len)
-+{
-+ size_t req_len = 0;
-+ int i;
-+
-+ if (!in_vec || !in_len)
-+ return 0;
-+
-+ for (i = 0; i < in_len; i++)
-+ req_len += in_vec[i].len;
-+
-+ return req_len;
-+}
-+
-+static size_t psa_call_out_vec_len(const struct psa_outvec *out_vec, size_t out_len)
-+{
-+ size_t resp_len = 0;
-+ int i;
-+
-+ if (!out_vec || !out_len)
-+ return 0;
-+
-+ for (i = 0; i < out_len; i++)
-+ resp_len += out_vec[i].len;
-+
-+ return resp_len;
-+}
-+
- psa_handle_t psa_connect(struct rpc_caller *caller, uint32_t sid,
- uint32_t version)
- {
-@@ -31,7 +77,7 @@ psa_handle_t psa_connect(struct rpc_caller *caller, uint32_t sid,
- rpc_handle = rpc_caller_begin(caller, &req,
- sizeof(struct ns_openamp_msg));
- if (!rpc_handle) {
-- EMSG("psa_connect: could not get handle");
-+ EMSG("psa_connect: could not get rpc handle");
- return PSA_ERROR_GENERIC_ERROR;
- }
-
-@@ -56,14 +102,100 @@ psa_handle_t psa_connect(struct rpc_caller *caller, uint32_t sid,
- return resp_msg ? (psa_handle_t)resp_msg->reply : PSA_NULL_HANDLE;
- }
-
--psa_status_t psa_call(struct rpc_caller *caller, psa_handle_t handle,
-+psa_status_t psa_call(struct rpc_caller *caller, psa_handle_t psa_handle,
- int32_t type, const struct psa_invec *in_vec,
- size_t in_len, struct psa_outvec *out_vec, size_t out_len)
- {
-+ psa_status_t psa_status = PSA_SUCCESS;
-+ struct s_openamp_msg *resp_msg = NULL;
-+ struct psa_outvec *out_vec_param;
-+ struct psa_invec *in_vec_param;
-+ struct ns_openamp_msg *req_msg;
-+ rpc_call_handle rpc_handle;
-+ size_t out_vec_len;
-+ size_t in_vec_len;
-+ size_t header_len;
-+ uint8_t *payload;
-+ size_t resp_len;
-+ uint8_t *resp;
-+ uint8_t *req;
-+ int ret;
-+ int i;
-+
-+ if ((psa_handle == PSA_NULL_HANDLE) || !caller)
-+ return PSA_ERROR_INVALID_ARGUMENT;
-+
-+ header_len = psa_call_header_len(in_vec, in_len, out_vec, out_len);
-+ in_vec_len = psa_call_in_vec_len(in_vec, in_len);
-+ out_vec_len = psa_call_out_vec_len(out_vec, out_len);
-
-+ rpc_handle = rpc_caller_begin(caller, &req, header_len + in_vec_len);
-+ if (!rpc_handle) {
-+ EMSG("psa_call: could not get handle");
-+ return PSA_ERROR_GENERIC_ERROR;
-+ }
-+
-+ payload = req + header_len;
-+
-+ out_vec_param = psa_call_out_vec_param(req, in_len);
-+ in_vec_param = psa_call_in_vec_param(req);
-+
-+ req_msg = (struct ns_openamp_msg *)req;
-+
-+ req_msg->call_type = OPENAMP_PSA_CALL;
-+ req_msg->request_id = 1234;
-+ req_msg->params.psa_call_params.handle = psa_handle;
-+ req_msg->params.psa_call_params.type = type;
-+ req_msg->params.psa_call_params.in_len = in_len;
-+ req_msg->params.psa_call_params.in_vec = rpc_caller_virt_to_phys(caller, in_vec_param);
-+ req_msg->params.psa_call_params.out_len = out_len;
-+ req_msg->params.psa_call_params.out_vec = rpc_caller_virt_to_phys(caller, out_vec_param);
-+
-+ for (i = 0; i < in_len; i++) {
-+ in_vec_param[i].base = rpc_caller_virt_to_phys(caller, payload);
-+ in_vec_param[i].len = in_vec[i].len;
-+
-+ memcpy(payload, in_vec[i].base, in_vec[i].len);
-+ payload += in_vec[i].len;
-+ }
-+
-+ for (i = 0; i < out_len; i++) {
-+ out_vec_param[i].base = NULL;
-+ out_vec_param[i].len = out_vec[i].len;
-+ }
-+
-+ ret = rpc_caller_invoke(caller, rpc_handle, 0, &psa_status, &resp,
-+ &resp_len);
-+ if (ret != TS_RPC_CALL_ACCEPTED) {
-+ EMSG("psa_call: invoke failed: %d", ret);
-+ return PSA_ERROR_GENERIC_ERROR;
-+ }
-+
-+ if (psa_status != PSA_SUCCESS) {
-+ EMSG("psa_call: psa_status invoke failed: %d", psa_status);
-+ return PSA_ERROR_GENERIC_ERROR;
-+ }
-+
-+ resp_msg = (struct s_openamp_msg *)resp;
-+
-+ if (!resp_msg || !out_len || resp_msg->reply != PSA_SUCCESS)
-+ goto caller_end;
-+
-+ out_vec_param = (struct psa_outvec *)rpc_caller_phys_to_virt(caller,
-+ resp_msg->params.out_vec);
-+
-+ for (i = 0; i < resp_msg->params.out_len; i++) {
-+ memcpy(out_vec[i].base, rpc_caller_phys_to_virt(caller, out_vec_param[i].base),
-+ out_vec[i].len);
-+ }
-+
-+caller_end:
-+ rpc_caller_end(caller, rpc_handle);
-+
-+ return resp_msg ? resp_msg->reply : PSA_ERROR_COMMUNICATION_FAILURE;
- }
-
--void psa_close(struct rpc_caller *caller, psa_handle_t handle)
-+void psa_close(struct rpc_caller *caller, psa_handle_t psa_handle)
- {
- psa_status_t psa_status = PSA_SUCCESS;
- struct s_openamp_msg *resp_msg = NULL;
-@@ -74,6 +206,9 @@ void psa_close(struct rpc_caller *caller, psa_handle_t handle)
- uint8_t *req;
- int ret;
-
-+ if ((psa_handle == PSA_NULL_HANDLE) || !caller)
-+ return;
-+
- rpc_handle = rpc_caller_begin(caller, &req,
- sizeof(struct ns_openamp_msg));
- if (!rpc_handle) {
-@@ -84,7 +219,7 @@ void psa_close(struct rpc_caller *caller, psa_handle_t handle)
- req_msg = (struct ns_openamp_msg *)req;
-
- req_msg->call_type = OPENAMP_PSA_CLOSE;
-- req_msg->params.psa_close_params.handle = handle;
-+ req_msg->params.psa_close_params.handle = psa_handle;
-
- ret = rpc_caller_invoke(caller, rpc_handle, 0, &psa_status, &resp,
- &resp_len);
-diff --git a/components/service/secure_storage/backend/secure_storage_ipc/component.cmake b/components/service/secure_storage/backend/secure_storage_ipc/component.cmake
-new file mode 100644
-index 000000000000..5d8f6714e0bd
---- /dev/null
-+++ b/components/service/secure_storage/backend/secure_storage_ipc/component.cmake
-@@ -0,0 +1,14 @@
-+#-------------------------------------------------------------------------------
-+# Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.
-+#
-+# SPDX-License-Identifier: BSD-3-Clause
-+#
-+#-------------------------------------------------------------------------------
-+if (NOT DEFINED TGT)
-+ message(FATAL_ERROR "mandatory parameter TGT is not defined.")
-+endif()
-+
-+target_sources(${TGT} PRIVATE
-+ "${CMAKE_CURRENT_LIST_DIR}/secure_storage_ipc.c"
-+ )
-+
-diff --git a/components/service/secure_storage/backend/secure_storage_ipc/secure_storage_ipc.c b/components/service/secure_storage/backend/secure_storage_ipc/secure_storage_ipc.c
-new file mode 100644
-index 000000000000..9b55f77dd395
---- /dev/null
-+++ b/components/service/secure_storage/backend/secure_storage_ipc/secure_storage_ipc.c
-@@ -0,0 +1,214 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#include <protocols/rpc/common/packed-c/status.h>
-+#include "secure_storage_ipc.h"
-+#include <psa/client.h>
-+#include <psa/sid.h>
-+#include <rpc_caller.h>
-+#include <string.h>
-+#include <trace.h>
-+
-+
-+static psa_status_t secure_storage_ipc_set(void *context, uint32_t client_id,
-+ psa_storage_uid_t uid, size_t data_length,
-+ const void *p_data, psa_storage_create_flags_t create_flags)
-+{
-+ struct secure_storage_ipc *ipc = context;
-+ struct rpc_caller *caller = ipc->client.caller;
-+ psa_handle_t psa_handle;
-+ psa_status_t psa_status;
-+ struct psa_invec in_vec[] = {
-+ { .base = &uid, .len = sizeof(uid) },
-+ { .base = p_data, .len = data_length },
-+ { .base = &create_flags, .len = sizeof(create_flags) },
-+ };
-+
-+ (void)client_id;
-+
-+ ipc->client.rpc_status = TS_RPC_CALL_ACCEPTED;
-+
-+ /* Validating input parameters */
-+ if (p_data == NULL)
-+ return PSA_ERROR_INVALID_ARGUMENT;
-+
-+ psa_status = psa_call(caller, TFM_PROTECTED_STORAGE_SERVICE_HANDLE,
-+ TFM_PS_SET, in_vec, IOVEC_LEN(in_vec), NULL, 0);
-+ if (psa_status < 0)
-+ EMSG("ipc_set: psa_call failed: %d", psa_status);
-+
-+ return psa_status;
-+}
-+
-+static psa_status_t secure_storage_ipc_get(void *context,
-+ uint32_t client_id,
-+ psa_storage_uid_t uid,
-+ size_t data_offset,
-+ size_t data_size,
-+ void *p_data,
-+ size_t *p_data_length)
-+{
-+ struct secure_storage_ipc *ipc = context;
-+ struct rpc_caller *caller = ipc->client.caller;
-+ psa_handle_t psa_handle;
-+ psa_status_t psa_status;
-+ uint32_t offset = (uint32_t)data_offset;
-+ struct psa_invec in_vec[] = {
-+ { .base = &uid, .len = sizeof(uid) },
-+ { .base = &offset, .len = sizeof(offset) },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = p_data, .len = data_size },
-+ };
-+
-+ if (!p_data_length) {
-+ EMSG("ipc_get: p_data_length not defined");
-+ return PSA_ERROR_INVALID_ARGUMENT;
-+ }
-+
-+ psa_status = psa_call(caller, TFM_PROTECTED_STORAGE_SERVICE_HANDLE,
-+ TFM_PS_GET, in_vec, IOVEC_LEN(in_vec),
-+ out_vec, IOVEC_LEN(out_vec));
-+ if (psa_status == PSA_SUCCESS)
-+ *p_data_length = out_vec[0].len;
-+
-+ return psa_status;
-+}
-+
-+static psa_status_t secure_storage_ipc_get_info(void *context,
-+ uint32_t client_id,
-+ psa_storage_uid_t uid,
-+ struct psa_storage_info_t *p_info)
-+{
-+ struct secure_storage_ipc *ipc = context;
-+ struct rpc_caller *caller = ipc->client.caller;
-+ psa_handle_t psa_handle;
-+ psa_status_t psa_status;
-+ struct psa_invec in_vec[] = {
-+ { .base = &uid, .len = sizeof(uid) },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = p_info, .len = sizeof(*p_info) },
-+ };
-+
-+ (void)client_id;
-+
-+ /* Validating input parameters */
-+ if (!p_info)
-+ return PSA_ERROR_INVALID_ARGUMENT;
-+
-+ psa_status = psa_call(caller, TFM_PROTECTED_STORAGE_SERVICE_HANDLE,
-+ TFM_PS_GET_INFO, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+ if (psa_status != PSA_SUCCESS)
-+ EMSG("ipc_get_info: failed to psa_call: %d", psa_status);
-+
-+ return psa_status;
-+}
-+
-+static psa_status_t secure_storage_ipc_remove(void *context,
-+ uint32_t client_id,
-+ psa_storage_uid_t uid)
-+{
-+ struct secure_storage_ipc *ipc = context;
-+ struct rpc_caller *caller = ipc->client.caller;
-+ psa_handle_t psa_handle;
-+ psa_status_t psa_status;
-+ struct psa_invec in_vec[] = {
-+ { .base = &uid, .len = sizeof(uid) },
-+ };
-+
-+ (void)client_id;
-+
-+ psa_status = psa_call(caller, TFM_PROTECTED_STORAGE_SERVICE_HANDLE,
-+ TFM_PS_REMOVE, in_vec,
-+ IOVEC_LEN(in_vec), NULL, 0);
-+ if (psa_status != PSA_SUCCESS)
-+ EMSG("ipc_remove: failed to psa_call: %d", psa_status);
-+
-+ return psa_status;
-+}
-+
-+static psa_status_t secure_storage_ipc_create(void *context,
-+ uint32_t client_id,
-+ uint64_t uid,
-+ size_t capacity,
-+ uint32_t create_flags)
-+{
-+ (void)context;
-+ (void)uid;
-+ (void)client_id;
-+ (void)capacity;
-+ (void)create_flags;
-+
-+ return PSA_ERROR_NOT_SUPPORTED;
-+}
-+
-+static psa_status_t secure_storage_set_extended(void *context,
-+ uint32_t client_id,
-+ uint64_t uid,
-+ size_t data_offset,
-+ size_t data_length,
-+ const void *p_data)
-+{
-+ (void)context;
-+ (void)uid;
-+ (void)client_id;
-+ (void)data_offset;
-+ (void)data_length;
-+ (void)p_data;
-+
-+ return PSA_ERROR_NOT_SUPPORTED;
-+}
-+
-+static uint32_t secure_storage_get_support(void *context, uint32_t client_id)
-+{
-+ struct secure_storage_ipc *ipc = context;
-+ struct rpc_caller *caller = ipc->client.caller;
-+ psa_handle_t psa_handle;
-+ psa_status_t psa_status;
-+ uint32_t support_flags;
-+ struct psa_outvec out_vec[] = {
-+ { .base = &support_flags, .len = sizeof(support_flags) },
-+ };
-+
-+ (void)client_id;
-+
-+ psa_status = psa_call(caller, TFM_PROTECTED_STORAGE_SERVICE_HANDLE,
-+ TFM_PS_GET_SUPPORT, NULL, 0,
-+ out_vec, IOVEC_LEN(out_vec));
-+ if (psa_status != PSA_SUCCESS)
-+ EMSG("ipc_get_support: failed to psa_call: %d", psa_status);
-+
-+ return psa_status;
-+}
-+
-+struct storage_backend *secure_storage_ipc_init(struct secure_storage_ipc *context,
-+ struct rpc_caller *caller)
-+{
-+ service_client_init(&context->client, caller);
-+
-+ static const struct storage_backend_interface interface =
-+ {
-+ .set = secure_storage_ipc_set,
-+ .get = secure_storage_ipc_get,
-+ .get_info = secure_storage_ipc_get_info,
-+ .remove = secure_storage_ipc_remove,
-+ .create = secure_storage_ipc_create,
-+ .set_extended = secure_storage_set_extended,
-+ .get_support = secure_storage_get_support,
-+ };
-+
-+ context->backend.context = context;
-+ context->backend.interface = &interface;
-+
-+ return &context->backend;
-+}
-+
-+void secure_storage_ipc_deinit(struct secure_storage_ipc *context)
-+{
-+ service_client_deinit(&context->client);
-+}
-diff --git a/components/service/secure_storage/backend/secure_storage_ipc/secure_storage_ipc.h b/components/service/secure_storage/backend/secure_storage_ipc/secure_storage_ipc.h
-new file mode 100644
-index 000000000000..e8c1e8fd2f92
---- /dev/null
-+++ b/components/service/secure_storage/backend/secure_storage_ipc/secure_storage_ipc.h
-@@ -0,0 +1,52 @@
-+/*
-+ * Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#ifndef SECURE_STORAGE_IPC_H
-+#define SECURE_STORAGE_IPC_H
-+
-+#include <service/secure_storage/backend/storage_backend.h>
-+#include <service/common/client/service_client.h>
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+/**
-+ * @brief Secure storage ipc instance
-+ */
-+struct secure_storage_ipc
-+{
-+ struct storage_backend backend;
-+ struct service_client client;
-+};
-+
-+/**
-+ * @brief Initialize a secure storage ipc client
-+ *
-+ * A secure storage client is a storage backend that makes RPC calls
-+ * to a remote secure storage provider.
-+ *
-+ * @param[in] context Instance data
-+ * @param[in] rpc_caller RPC caller instance
-+ *
-+ *
-+ * @return Pointer to inialized storage backend or NULL on failure
-+ */
-+struct storage_backend *secure_storage_ipc_init(struct secure_storage_ipc *context,
-+ struct rpc_caller *caller);
-+
-+/**
-+ * @brief Deinitialize a secure storage ipc client
-+ *
-+ * @param[in] context Instance data
-+ */
-+void secure_storage_ipc_deinit(struct secure_storage_ipc *context);
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif /* SECURE_STORAGE_IPC_H */
-diff --git a/deployments/se-proxy/se-proxy.cmake b/deployments/se-proxy/se-proxy.cmake
-index dd0c5d00c21e..cd51460406ca 100644
---- a/deployments/se-proxy/se-proxy.cmake
-+++ b/deployments/se-proxy/se-proxy.cmake
-@@ -45,6 +45,7 @@ add_components(TARGET "se-proxy"
- "components/service/crypto/factory/full"
- "components/service/secure_storage/include"
- "components/service/secure_storage/frontend/secure_storage_provider"
-+ "components/service/secure_storage/backend/secure_storage_ipc"
- "components/service/attestation/include"
- "components/service/attestation/provider"
- "components/service/attestation/provider/serializer/packed-c"
-2.38.1
-
similarity index 80%
rename from meta-arm-bsp/recipes-security/trusted-services/corstone1000/0026-TF-Mv1.7-alignment-PSA-crypto-client-in-out_vec.patch
rename to meta-arm-bsp/recipes-security/trusted-services/corstone1000/0006-TF-Mv1.7-alignment-PSA-crypto-client-in-out_vec.patch
@@ -1,7 +1,7 @@
-From ee7e13dcc14110aa16f7c6453cfe72f088857ed2 Mon Sep 17 00:00:00 2001
+From 507008e501c4f5bea0841547a052b3dffd86eb20 Mon Sep 17 00:00:00 2001
From: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
Date: Thu, 9 Feb 2023 00:34:23 +0000
-Subject: [PATCH 3/3] TF-Mv1.7 alignment: PSA crypto client in/out_vec
+Subject: [PATCH 6/6] TF-Mv1.7 alignment: PSA crypto client in/out_vec
Few psa crypto operations have different in/out_vec expectations
This patch is fixing the differences between psa crypto client in TS
@@ -20,6 +20,7 @@ operations:
Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
Upstream-Status: Pending [Not submitted yet]
+Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
---
.../crypto/client/caller/psa_ipc/crypto_caller_aead.h | 6 ++----
.../crypto/client/caller/psa_ipc/crypto_caller_cipher.h | 6 ++----
@@ -27,44 +28,44 @@ Upstream-Status: Pending [Not submitted yet]
3 files changed, 6 insertions(+), 8 deletions(-)
diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h
-index efdffdf7..e862c2de 100644
+index f63996a8aad3..393ba447663a 100644
--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h
+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h
-@@ -222,14 +222,13 @@ static inline psa_status_t crypto_caller_aead_generate_nonce(
- {.base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec)},
+@@ -226,14 +226,13 @@ static inline psa_status_t crypto_caller_aead_generate_nonce(
+ .len = sizeof(struct psa_ipc_crypto_pack_iovec) },
};
struct psa_outvec out_vec[] = {
-- {.base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t)},
- {.base = psa_ptr_to_u32(nonce), .len = nonce_size}
+- { .base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t) },
+ { .base = psa_ptr_to_u32(nonce), .len = nonce_size },
};
status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
- IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
- *nonce_length = out_vec[1].len;
+ *nonce_length = out_vec[0].len;
+
return status;
}
-
-@@ -353,7 +352,6 @@ static inline psa_status_t crypto_caller_aead_update(
- {.base = psa_ptr_const_to_u32(input), .len = input_length}
+@@ -364,7 +363,6 @@ static inline psa_status_t crypto_caller_aead_update(
+ { .base = psa_ptr_const_to_u32(input), .len = input_length },
};
struct psa_outvec out_vec[] = {
-- {.base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t)},
- {.base = psa_ptr_const_to_u32(output), .len = output_size},
+- { .base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t) },
+ { .base = psa_ptr_const_to_u32(output), .len = output_size },
};
-@@ -365,7 +363,7 @@ static inline psa_status_t crypto_caller_aead_update(
+@@ -376,7 +374,7 @@ static inline psa_status_t crypto_caller_aead_update(
status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
- in_len, out_vec, IOVEC_LEN(out_vec));
+ in_len, out_vec, IOVEC_LEN(out_vec));
- *output_length = out_vec[1].len;
+ *output_length = out_vec[0].len;
+
return status;
}
-
diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h
-index 20aa46a5..948865e4 100644
+index 4f885f3445ab..0d32444b6bbf 100644
--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h
+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h
@@ -98,14 +98,13 @@ static inline psa_status_t crypto_caller_cipher_generate_iv(
@@ -100,7 +101,7 @@ index 20aa46a5..948865e4 100644
return status;
}
diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h
-index 4fb60d44..1e422130 100644
+index f7ffaf38c7d0..77ef4ead1d03 100644
--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h
+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h
@@ -172,6 +172,8 @@ static inline psa_status_t crypto_caller_hash_clone(
@@ -113,5 +114,5 @@ index 4fb60d44..1e422130 100644
struct psa_outvec out_vec[] = {
{ .base = psa_ptr_to_u32(target_op_handle),
--
-2.25.1
+2.40.0
deleted file mode 100644
@@ -1,63 +0,0 @@
-From d1377a5ed909e3a1d9caca56aeda262a80322a4b Mon Sep 17 00:00:00 2001
-From: Vishnu Banavath <vishnu.banavath@arm.com>
-Date: Fri, 3 Dec 2021 19:25:34 +0000
-Subject: [PATCH 07/20] Use secure storage ipc and openamp for se_proxy
-
-Remove mock up backend for secure storage in se proxy
-deployment and use instead the secure storage ipc backend with
-openamp as rpc to secure enclave side.
-
-Upstream-Status: Pending
-Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
-Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
----
- .../se-proxy/common/service_proxy_factory.c | 16 +++++++++++++---
- 1 file changed, 13 insertions(+), 3 deletions(-)
-
-diff --git a/deployments/se-proxy/common/service_proxy_factory.c b/deployments/se-proxy/common/service_proxy_factory.c
-index acfb6e8873fa..57290056d614 100644
---- a/deployments/se-proxy/common/service_proxy_factory.c
-+++ b/deployments/se-proxy/common/service_proxy_factory.c
-@@ -6,15 +6,20 @@
-
- #include <stddef.h>
- #include <rpc/common/endpoint/rpc_interface.h>
-+#include <rpc/openamp/caller/sp/openamp_caller.h>
- #include <service/attestation/provider/attest_provider.h>
- #include <service/attestation/provider/serializer/packed-c/packedc_attest_provider_serializer.h>
- #include <service/crypto/factory/crypto_provider_factory.h>
- #include <service/secure_storage/frontend/secure_storage_provider/secure_storage_provider.h>
-+#include <trace.h>
-
- /* Stub backends */
- #include <service/crypto/backend/stub/stub_crypto_backend.h>
-+#include <service/secure_storage/backend/secure_storage_ipc/secure_storage_ipc.h>
- #include <service/secure_storage/backend/mock_store/mock_store.h>
-
-+struct openamp_caller openamp;
-+
- struct rpc_interface *attest_proxy_create(void)
- {
- struct rpc_interface *attest_iface;
-@@ -47,10 +52,15 @@ struct rpc_interface *crypto_proxy_create(void)
-
- struct rpc_interface *ps_proxy_create(void)
- {
-- static struct mock_store ps_backend;
- static struct secure_storage_provider ps_provider;
--
-- struct storage_backend *backend = mock_store_init(&ps_backend);
-+ static struct secure_storage_ipc ps_backend;
-+ static struct rpc_caller *storage_caller;
-+ struct storage_backend *backend;
-+
-+ storage_caller = openamp_caller_init(&openamp);
-+ if (!storage_caller)
-+ return NULL;
-+ backend = secure_storage_ipc_init(&ps_backend, &openamp.rpc_caller);
-
- return secure_storage_provider_init(&ps_provider, backend);
- }
-2.38.1
-
deleted file mode 100644
@@ -1,72 +0,0 @@
-From 1b50ab6b6ff1c6f27ab320e18fb0d4aeb1122f0d Mon Sep 17 00:00:00 2001
-From: Satish Kumar <satish.kumar01@arm.com>
-Date: Sun, 12 Dec 2021 10:43:48 +0000
-Subject: [PATCH 08/20] Run psa-arch-test
-
-Fixes needed to run psa-arch-test
-
-Upstream-Status: Pending
-Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
-Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
----
- components/service/common/psa_ipc/service_psa_ipc.c | 1 +
- .../backend/secure_storage_ipc/secure_storage_ipc.c | 8 --------
- .../service/secure_storage/include/psa/storage_common.h | 4 ++--
- 3 files changed, 3 insertions(+), 10 deletions(-)
-
-diff --git a/components/service/common/psa_ipc/service_psa_ipc.c b/components/service/common/psa_ipc/service_psa_ipc.c
-index 95a07c135f31..5e5815dbc9cf 100644
---- a/components/service/common/psa_ipc/service_psa_ipc.c
-+++ b/components/service/common/psa_ipc/service_psa_ipc.c
-@@ -185,6 +185,7 @@ psa_status_t psa_call(struct rpc_caller *caller, psa_handle_t psa_handle,
- resp_msg->params.out_vec);
-
- for (i = 0; i < resp_msg->params.out_len; i++) {
-+ out_vec[i].len = out_vec_param[i].len;
- memcpy(out_vec[i].base, rpc_caller_phys_to_virt(caller, out_vec_param[i].base),
- out_vec[i].len);
- }
-diff --git a/components/service/secure_storage/backend/secure_storage_ipc/secure_storage_ipc.c b/components/service/secure_storage/backend/secure_storage_ipc/secure_storage_ipc.c
-index 9b55f77dd395..a1f369db253e 100644
---- a/components/service/secure_storage/backend/secure_storage_ipc/secure_storage_ipc.c
-+++ b/components/service/secure_storage/backend/secure_storage_ipc/secure_storage_ipc.c
-@@ -31,10 +31,6 @@ static psa_status_t secure_storage_ipc_set(void *context, uint32_t client_id,
-
- ipc->client.rpc_status = TS_RPC_CALL_ACCEPTED;
-
-- /* Validating input parameters */
-- if (p_data == NULL)
-- return PSA_ERROR_INVALID_ARGUMENT;
--
- psa_status = psa_call(caller, TFM_PROTECTED_STORAGE_SERVICE_HANDLE,
- TFM_PS_SET, in_vec, IOVEC_LEN(in_vec), NULL, 0);
- if (psa_status < 0)
-@@ -96,10 +92,6 @@ static psa_status_t secure_storage_ipc_get_info(void *context,
-
- (void)client_id;
-
-- /* Validating input parameters */
-- if (!p_info)
-- return PSA_ERROR_INVALID_ARGUMENT;
--
- psa_status = psa_call(caller, TFM_PROTECTED_STORAGE_SERVICE_HANDLE,
- TFM_PS_GET_INFO, in_vec,
- IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-diff --git a/components/service/secure_storage/include/psa/storage_common.h b/components/service/secure_storage/include/psa/storage_common.h
-index 4f6ba2a7d822..1fd6b40dc803 100644
---- a/components/service/secure_storage/include/psa/storage_common.h
-+++ b/components/service/secure_storage/include/psa/storage_common.h
-@@ -20,8 +20,8 @@ typedef uint64_t psa_storage_uid_t;
- typedef uint32_t psa_storage_create_flags_t;
-
- struct psa_storage_info_t {
-- size_t capacity;
-- size_t size;
-+ uint32_t capacity;
-+ uint32_t size;
- psa_storage_create_flags_t flags;
- };
-
-2.38.1
-
deleted file mode 100644
@@ -1,168 +0,0 @@
-From a6fba503ffddae004e23b32559212e749e8586f6 Mon Sep 17 00:00:00 2001
-From: Satish Kumar <satish.kumar01@arm.com>
-Date: Sun, 12 Dec 2021 10:57:17 +0000
-Subject: [PATCH 09/20] Use address instead of pointers
-
-Since secure enclave is 32bit and we 64bit there is an issue
-in the protocol communication design that force us to handle
-on our side the manipulation of address and pointers to make
-this work.
-
-Upstream-Status: Pending
-Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
-Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
----
- .../service/common/include/psa/client.h | 15 ++++++++++++++
- .../service/common/psa_ipc/service_psa_ipc.c | 20 ++++++++++++-------
- .../secure_storage_ipc/secure_storage_ipc.c | 20 +++++++++----------
- 3 files changed, 38 insertions(+), 17 deletions(-)
-
-diff --git a/components/service/common/include/psa/client.h b/components/service/common/include/psa/client.h
-index 69ccf14f40a3..12dcd68f8a76 100644
---- a/components/service/common/include/psa/client.h
-+++ b/components/service/common/include/psa/client.h
-@@ -81,6 +81,21 @@ struct __attribute__ ((__packed__)) psa_outvec {
- uint32_t len; /*!< the size in bytes */
- };
-
-+static void *psa_u32_to_ptr(uint32_t addr)
-+{
-+ return (void *)(uintptr_t)addr;
-+}
-+
-+static uint32_t psa_ptr_to_u32(void *ptr)
-+{
-+ return (uintptr_t)ptr;
-+}
-+
-+static uint32_t psa_ptr_const_to_u32(const void *ptr)
-+{
-+ return (uintptr_t)ptr;
-+}
-+
- /*************************** PSA Client API **********************************/
-
- /**
-diff --git a/components/service/common/psa_ipc/service_psa_ipc.c b/components/service/common/psa_ipc/service_psa_ipc.c
-index 5e5815dbc9cf..435c6c0a2eba 100644
---- a/components/service/common/psa_ipc/service_psa_ipc.c
-+++ b/components/service/common/psa_ipc/service_psa_ipc.c
-@@ -62,6 +62,11 @@ static size_t psa_call_out_vec_len(const struct psa_outvec *out_vec, size_t out_
- return resp_len;
- }
-
-+static uint32_t psa_virt_to_phys_u32(struct rpc_caller *caller, void *va)
-+{
-+ return (uintptr_t)rpc_caller_virt_to_phys(caller, va);
-+}
-+
- psa_handle_t psa_connect(struct rpc_caller *caller, uint32_t sid,
- uint32_t version)
- {
-@@ -147,20 +152,20 @@ psa_status_t psa_call(struct rpc_caller *caller, psa_handle_t psa_handle,
- req_msg->params.psa_call_params.handle = psa_handle;
- req_msg->params.psa_call_params.type = type;
- req_msg->params.psa_call_params.in_len = in_len;
-- req_msg->params.psa_call_params.in_vec = rpc_caller_virt_to_phys(caller, in_vec_param);
-+ req_msg->params.psa_call_params.in_vec = psa_virt_to_phys_u32(caller, in_vec_param);
- req_msg->params.psa_call_params.out_len = out_len;
-- req_msg->params.psa_call_params.out_vec = rpc_caller_virt_to_phys(caller, out_vec_param);
-+ req_msg->params.psa_call_params.out_vec = psa_virt_to_phys_u32(caller, out_vec_param);
-
- for (i = 0; i < in_len; i++) {
-- in_vec_param[i].base = rpc_caller_virt_to_phys(caller, payload);
-+ in_vec_param[i].base = psa_virt_to_phys_u32(caller, payload);
- in_vec_param[i].len = in_vec[i].len;
-
-- memcpy(payload, in_vec[i].base, in_vec[i].len);
-+ memcpy(payload, psa_u32_to_ptr(in_vec[i].base), in_vec[i].len);
- payload += in_vec[i].len;
- }
-
- for (i = 0; i < out_len; i++) {
-- out_vec_param[i].base = NULL;
-+ out_vec_param[i].base = 0;
- out_vec_param[i].len = out_vec[i].len;
- }
-
-@@ -182,11 +187,12 @@ psa_status_t psa_call(struct rpc_caller *caller, psa_handle_t psa_handle,
- goto caller_end;
-
- out_vec_param = (struct psa_outvec *)rpc_caller_phys_to_virt(caller,
-- resp_msg->params.out_vec);
-+ psa_u32_to_ptr(resp_msg->params.out_vec));
-
- for (i = 0; i < resp_msg->params.out_len; i++) {
- out_vec[i].len = out_vec_param[i].len;
-- memcpy(out_vec[i].base, rpc_caller_phys_to_virt(caller, out_vec_param[i].base),
-+ memcpy(psa_u32_to_ptr(out_vec[i].base),
-+ rpc_caller_phys_to_virt(caller, psa_u32_to_ptr(out_vec_param[i].base)),
- out_vec[i].len);
- }
-
-diff --git a/components/service/secure_storage/backend/secure_storage_ipc/secure_storage_ipc.c b/components/service/secure_storage/backend/secure_storage_ipc/secure_storage_ipc.c
-index a1f369db253e..bda442a61d5c 100644
---- a/components/service/secure_storage/backend/secure_storage_ipc/secure_storage_ipc.c
-+++ b/components/service/secure_storage/backend/secure_storage_ipc/secure_storage_ipc.c
-@@ -22,9 +22,9 @@ static psa_status_t secure_storage_ipc_set(void *context, uint32_t client_id,
- psa_handle_t psa_handle;
- psa_status_t psa_status;
- struct psa_invec in_vec[] = {
-- { .base = &uid, .len = sizeof(uid) },
-- { .base = p_data, .len = data_length },
-- { .base = &create_flags, .len = sizeof(create_flags) },
-+ { .base = psa_ptr_to_u32(&uid), .len = sizeof(uid) },
-+ { .base = psa_ptr_const_to_u32(p_data), .len = data_length },
-+ { .base = psa_ptr_to_u32(&create_flags), .len = sizeof(create_flags) },
- };
-
- (void)client_id;
-@@ -53,11 +53,11 @@ static psa_status_t secure_storage_ipc_get(void *context,
- psa_status_t psa_status;
- uint32_t offset = (uint32_t)data_offset;
- struct psa_invec in_vec[] = {
-- { .base = &uid, .len = sizeof(uid) },
-- { .base = &offset, .len = sizeof(offset) },
-+ { .base = psa_ptr_to_u32(&uid), .len = sizeof(uid) },
-+ { .base = psa_ptr_to_u32(&offset), .len = sizeof(offset) },
- };
- struct psa_outvec out_vec[] = {
-- { .base = p_data, .len = data_size },
-+ { .base = psa_ptr_to_u32(p_data), .len = data_size },
- };
-
- if (!p_data_length) {
-@@ -84,10 +84,10 @@ static psa_status_t secure_storage_ipc_get_info(void *context,
- psa_handle_t psa_handle;
- psa_status_t psa_status;
- struct psa_invec in_vec[] = {
-- { .base = &uid, .len = sizeof(uid) },
-+ { .base = psa_ptr_to_u32(&uid), .len = sizeof(uid) },
- };
- struct psa_outvec out_vec[] = {
-- { .base = p_info, .len = sizeof(*p_info) },
-+ { .base = psa_ptr_to_u32(p_info), .len = sizeof(*p_info) },
- };
-
- (void)client_id;
-@@ -110,7 +110,7 @@ static psa_status_t secure_storage_ipc_remove(void *context,
- psa_handle_t psa_handle;
- psa_status_t psa_status;
- struct psa_invec in_vec[] = {
-- { .base = &uid, .len = sizeof(uid) },
-+ { .base = psa_ptr_to_u32(&uid), .len = sizeof(uid) },
- };
-
- (void)client_id;
-@@ -164,7 +164,7 @@ static uint32_t secure_storage_get_support(void *context, uint32_t client_id)
- psa_status_t psa_status;
- uint32_t support_flags;
- struct psa_outvec out_vec[] = {
-- { .base = &support_flags, .len = sizeof(support_flags) },
-+ { .base = psa_ptr_to_u32(&support_flags), .len = sizeof(support_flags) },
- };
-
- (void)client_id;
-2.38.1
-
deleted file mode 100644
@@ -1,323 +0,0 @@
-From b142f3c162fb1c28982d26b5ac2181ba79197a28 Mon Sep 17 00:00:00 2001
-From: Rui Miguel Silva <rui.silva@linaro.org>
-Date: Tue, 7 Dec 2021 11:50:00 +0000
-Subject: [PATCH 10/20] Add psa ipc attestation to se proxy
-
-Implement attestation client API as psa ipc and include it to
-se proxy deployment.
-
-Upstream-Status: Pending
-Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
-Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
----
- .../client/psa_ipc/component.cmake | 13 +++
- .../client/psa_ipc/iat_ipc_client.c | 86 +++++++++++++++++++
- .../reporter/psa_ipc/component.cmake | 13 +++
- .../reporter/psa_ipc/psa_ipc_attest_report.c | 45 ++++++++++
- components/service/common/include/psa/sid.h | 4 +
- .../se-proxy/common/service_proxy_factory.c | 6 ++
- deployments/se-proxy/se-proxy.cmake | 7 +-
- ...ble-using-hard-coded-attestation-key.patch | 29 -------
- external/psa_arch_tests/psa_arch_tests.cmake | 4 -
- 9 files changed, 171 insertions(+), 36 deletions(-)
- create mode 100644 components/service/attestation/client/psa_ipc/component.cmake
- create mode 100644 components/service/attestation/client/psa_ipc/iat_ipc_client.c
- create mode 100644 components/service/attestation/reporter/psa_ipc/component.cmake
- create mode 100644 components/service/attestation/reporter/psa_ipc/psa_ipc_attest_report.c
- delete mode 100644 external/psa_arch_tests/0001-Disable-using-hard-coded-attestation-key.patch
-
-diff --git a/components/service/attestation/client/psa_ipc/component.cmake b/components/service/attestation/client/psa_ipc/component.cmake
-new file mode 100644
-index 000000000000..a5bc6b4a387e
---- /dev/null
-+++ b/components/service/attestation/client/psa_ipc/component.cmake
-@@ -0,0 +1,13 @@
-+#-------------------------------------------------------------------------------
-+# Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+#
-+# SPDX-License-Identifier: BSD-3-Clause
-+#
-+#-------------------------------------------------------------------------------
-+if (NOT DEFINED TGT)
-+ message(FATAL_ERROR "mandatory parameter TGT is not defined.")
-+endif()
-+
-+target_sources(${TGT} PRIVATE
-+ "${CMAKE_CURRENT_LIST_DIR}/iat_ipc_client.c"
-+ )
-diff --git a/components/service/attestation/client/psa_ipc/iat_ipc_client.c b/components/service/attestation/client/psa_ipc/iat_ipc_client.c
-new file mode 100644
-index 000000000000..30bd0a13a385
---- /dev/null
-+++ b/components/service/attestation/client/psa_ipc/iat_ipc_client.c
-@@ -0,0 +1,86 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#include <stddef.h>
-+#include <string.h>
-+
-+#include "../psa/iat_client.h"
-+#include <protocols/rpc/common/packed-c/status.h>
-+#include <psa/initial_attestation.h>
-+#include <psa/client.h>
-+#include <psa/sid.h>
-+#include <service/common/client/service_client.h>
-+
-+/**
-+ * @brief The singleton psa_iat_client instance
-+ *
-+ * The psa attestation C API assumes a single backend service provider.
-+ */
-+static struct service_client instance;
-+
-+
-+psa_status_t psa_iat_client_init(struct rpc_caller *caller)
-+{
-+ return service_client_init(&instance, caller);
-+}
-+
-+void psa_iat_client_deinit(void)
-+{
-+ service_client_deinit(&instance);
-+}
-+
-+int psa_iat_client_rpc_status(void)
-+{
-+ return instance.rpc_status;
-+}
-+
-+psa_status_t psa_initial_attest_get_token(const uint8_t *auth_challenge,
-+ size_t challenge_size,
-+ uint8_t *token_buf,
-+ size_t token_buf_size,
-+ size_t *token_size)
-+{
-+ psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
-+ struct rpc_caller *caller = instance.caller;
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_const_to_u32(auth_challenge), .len = challenge_size},
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(token_buf), .len = token_buf_size},
-+ };
-+
-+ if (!token_buf || !token_buf_size)
-+ return PSA_ERROR_INVALID_ARGUMENT;
-+
-+ status = psa_call(caller, TFM_ATTESTATION_SERVICE_HANDLE,
-+ TFM_ATTEST_GET_TOKEN, in_vec, IOVEC_LEN(in_vec),
-+ out_vec, IOVEC_LEN(out_vec));
-+ if (status == PSA_SUCCESS) {
-+ *token_size = out_vec[0].len;
-+ }
-+
-+ return status;
-+}
-+
-+psa_status_t psa_initial_attest_get_token_size(size_t challenge_size,
-+ size_t *token_size)
-+{
-+ struct rpc_caller *caller = instance.caller;
-+ psa_status_t status;
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&challenge_size), .len = sizeof(uint32_t)}
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(token_size), .len = sizeof(uint32_t)}
-+ };
-+
-+ status = psa_call(caller, TFM_ATTESTATION_SERVICE_HANDLE,
-+ TFM_ATTEST_GET_TOKEN_SIZE,
-+ in_vec, IOVEC_LEN(in_vec),
-+ out_vec, IOVEC_LEN(out_vec));
-+
-+ return status;
-+}
-diff --git a/components/service/attestation/reporter/psa_ipc/component.cmake b/components/service/attestation/reporter/psa_ipc/component.cmake
-new file mode 100644
-index 000000000000..b37830c618fe
---- /dev/null
-+++ b/components/service/attestation/reporter/psa_ipc/component.cmake
-@@ -0,0 +1,13 @@
-+#-------------------------------------------------------------------------------
-+# Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+#
-+# SPDX-License-Identifier: BSD-3-Clause
-+#
-+#-------------------------------------------------------------------------------
-+if (NOT DEFINED TGT)
-+ message(FATAL_ERROR "mandatory parameter TGT is not defined.")
-+endif()
-+
-+target_sources(${TGT} PRIVATE
-+ "${CMAKE_CURRENT_LIST_DIR}/psa_ipc_attest_report.c"
-+ )
-diff --git a/components/service/attestation/reporter/psa_ipc/psa_ipc_attest_report.c b/components/service/attestation/reporter/psa_ipc/psa_ipc_attest_report.c
-new file mode 100644
-index 000000000000..15805e8ed4b1
---- /dev/null
-+++ b/components/service/attestation/reporter/psa_ipc/psa_ipc_attest_report.c
-@@ -0,0 +1,45 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+/**
-+ * A attestation reporter for psa ipc
-+ */
-+
-+#include <stddef.h>
-+#include <psa/error.h>
-+#include <service/attestation/reporter/attest_report.h>
-+#include <psa/initial_attestation.h>
-+
-+#define TOKEN_BUF_SIZE 1024
-+
-+static uint8_t token_buf[TOKEN_BUF_SIZE];
-+
-+int attest_report_create(int32_t client_id, const uint8_t *auth_challenge_data,
-+ size_t auth_challenge_len, const uint8_t **report,
-+ size_t *report_len)
-+{
-+ *report = token_buf;
-+ psa_status_t ret;
-+ size_t token_size = 0;
-+
-+ ret = psa_initial_attest_get_token(auth_challenge_data,
-+ auth_challenge_len, token_buf,
-+ TOKEN_BUF_SIZE, &token_size);
-+ if (ret != PSA_SUCCESS) {
-+ *report = NULL;
-+ *report_len = 0;
-+ return ret;
-+ }
-+
-+ *report_len = token_size;
-+
-+ return PSA_SUCCESS;
-+}
-+
-+void attest_report_destroy(const uint8_t *report)
-+{
-+ (void)report;
-+}
-diff --git a/components/service/common/include/psa/sid.h b/components/service/common/include/psa/sid.h
-index aaa973c6e987..833f5039425f 100644
---- a/components/service/common/include/psa/sid.h
-+++ b/components/service/common/include/psa/sid.h
-@@ -50,6 +50,10 @@ extern "C" {
- #define TFM_ATTESTATION_SERVICE_VERSION (1U)
- #define TFM_ATTESTATION_SERVICE_HANDLE (0x40000103U)
-
-+/* Initial Attestation message types that distinguish Attest services. */
-+#define TFM_ATTEST_GET_TOKEN 1001
-+#define TFM_ATTEST_GET_TOKEN_SIZE 1002
-+
- /******** TFM_SP_FWU ********/
- #define TFM_FWU_WRITE_SID (0x000000A0U)
- #define TFM_FWU_WRITE_VERSION (1U)
-diff --git a/deployments/se-proxy/common/service_proxy_factory.c b/deployments/se-proxy/common/service_proxy_factory.c
-index 57290056d614..4b8cceccbe4d 100644
---- a/deployments/se-proxy/common/service_proxy_factory.c
-+++ b/deployments/se-proxy/common/service_proxy_factory.c
-@@ -23,12 +23,18 @@ struct openamp_caller openamp;
- struct rpc_interface *attest_proxy_create(void)
- {
- struct rpc_interface *attest_iface;
-+ struct rpc_caller *attest_caller;
-
- /* Static objects for proxy instance */
- static struct attest_provider attest_provider;
-
-+ attest_caller = openamp_caller_init(&openamp);
-+ if (!attest_caller)
-+ return NULL;
-+
- /* Initialize the service provider */
- attest_iface = attest_provider_init(&attest_provider);
-+ psa_iat_client_init(&openamp.rpc_caller);
-
- attest_provider_register_serializer(&attest_provider,
- TS_RPC_ENCODING_PACKED_C, packedc_attest_provider_serializer_instance());
-diff --git a/deployments/se-proxy/se-proxy.cmake b/deployments/se-proxy/se-proxy.cmake
-index cd51460406ca..3dbbc36c968d 100644
---- a/deployments/se-proxy/se-proxy.cmake
-+++ b/deployments/se-proxy/se-proxy.cmake
-@@ -49,14 +49,15 @@ add_components(TARGET "se-proxy"
- "components/service/attestation/include"
- "components/service/attestation/provider"
- "components/service/attestation/provider/serializer/packed-c"
-+ "components/service/attestation/reporter/psa_ipc"
-+ "components/service/attestation/client/psa_ipc"
- "components/rpc/openamp/caller/sp"
-
- # Stub service provider backends
- "components/rpc/dummy"
- "components/rpc/common/caller"
-- "components/service/attestation/reporter/stub"
-- "components/service/attestation/key_mngr/stub"
-- "components/service/crypto/backend/stub"
-+ "components/service/attestation/key_mngr/local"
-+ "components/service/crypto/backend/psa_ipc"
- "components/service/crypto/client/psa"
- "components/service/secure_storage/backend/mock_store"
- )
-diff --git a/external/psa_arch_tests/0001-Disable-using-hard-coded-attestation-key.patch b/external/psa_arch_tests/0001-Disable-using-hard-coded-attestation-key.patch
-deleted file mode 100644
-index 6664961ab662..000000000000
---- a/external/psa_arch_tests/0001-Disable-using-hard-coded-attestation-key.patch
-+++ /dev/null
-@@ -1,29 +0,0 @@
--From dbd25f94eb62a9855bf342dd97503a49ea50f83e Mon Sep 17 00:00:00 2001
--From: Gyorgy Szing <Gyorgy.Szing@arm.com>
--Date: Tue, 8 Feb 2022 17:06:37 +0000
--Subject: [PATCH 1/1] Disable using hard-coded attestation key
--
--Modify platform config to disable using a hard-coded attestation
--key.
--
--Signed-off-by: Gyorgy Szing <Gyorgy.Szing@arm.com>
-----
-- api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_config.h | 2 +-
-- 1 file changed, 1 insertion(+), 1 deletion(-)
--
--diff --git a/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_config.h
--index 6112ba7..1cdf581 100755
----- a/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_config.h
--+++ b/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_config.h
--@@ -60,7 +60,7 @@ typedef uint32_t cfg_id_t;
-- #define CRYPTO_VERSION_BETA3
--
-- /* Use hardcoded public key */
---#define PLATFORM_OVERRIDE_ATTEST_PK
--+//#define PLATFORM_OVERRIDE_ATTEST_PK
--
-- /*
-- * Include of PSA defined Header files
----
--2.17.1
--
-diff --git a/external/psa_arch_tests/psa_arch_tests.cmake b/external/psa_arch_tests/psa_arch_tests.cmake
-index a8b77a1fc05e..1995df3e0b49 100644
---- a/external/psa_arch_tests/psa_arch_tests.cmake
-+++ b/external/psa_arch_tests/psa_arch_tests.cmake
-@@ -15,10 +15,6 @@ set(GIT_OPTIONS
- GIT_REPOSITORY ${PSA_ARCH_TESTS_URL}
- GIT_TAG ${PSA_ARCH_TESTS_REFSPEC}
- GIT_SHALLOW FALSE
-- PATCH_COMMAND git stash
-- COMMAND git tag -f ts-before-am
-- COMMAND git am ${CMAKE_CURRENT_LIST_DIR}/0001-Disable-using-hard-coded-attestation-key.patch
-- COMMAND git reset ts-before-am
- )
-
- # Ensure list of defines is separated correctly
-2.38.1
-
deleted file mode 100644
@@ -1,163 +0,0 @@
-From 4240977f7c38950f5edb316bb08ae05cb7b99875 Mon Sep 17 00:00:00 2001
-From: Satish Kumar <satish.kumar01@arm.com>
-Date: Thu, 9 Dec 2021 14:11:06 +0000
-Subject: [PATCH 11/20] Setup its backend as openamp rpc using secure storage
- ipc implementation.
-
-Upstream-Status: Pending
-Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
-Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
----
- components/service/common/include/psa/sid.h | 12 +++++-----
- .../secure_storage_ipc/secure_storage_ipc.c | 20 ++++++++---------
- .../secure_storage_ipc/secure_storage_ipc.h | 1 +
- .../se-proxy/common/service_proxy_factory.c | 22 +++++++++++++------
- 4 files changed, 32 insertions(+), 23 deletions(-)
-
-diff --git a/components/service/common/include/psa/sid.h b/components/service/common/include/psa/sid.h
-index 833f5039425f..4a951d4a3502 100644
---- a/components/service/common/include/psa/sid.h
-+++ b/components/service/common/include/psa/sid.h
-@@ -20,12 +20,12 @@ extern "C" {
- /* Invalid UID */
- #define TFM_PS_INVALID_UID 0
-
--/* PS message types that distinguish PS services. */
--#define TFM_PS_SET 1001
--#define TFM_PS_GET 1002
--#define TFM_PS_GET_INFO 1003
--#define TFM_PS_REMOVE 1004
--#define TFM_PS_GET_SUPPORT 1005
-+/* PS / ITS message types that distinguish PS services. */
-+#define TFM_PS_ITS_SET 1001
-+#define TFM_PS_ITS_GET 1002
-+#define TFM_PS_ITS_GET_INFO 1003
-+#define TFM_PS_ITS_REMOVE 1004
-+#define TFM_PS_ITS_GET_SUPPORT 1005
-
- /******** TFM_SP_ITS ********/
- #define TFM_INTERNAL_TRUSTED_STORAGE_SERVICE_SID (0x00000070U)
-diff --git a/components/service/secure_storage/backend/secure_storage_ipc/secure_storage_ipc.c b/components/service/secure_storage/backend/secure_storage_ipc/secure_storage_ipc.c
-index bda442a61d5c..0e1b48c0d2e2 100644
---- a/components/service/secure_storage/backend/secure_storage_ipc/secure_storage_ipc.c
-+++ b/components/service/secure_storage/backend/secure_storage_ipc/secure_storage_ipc.c
-@@ -31,8 +31,8 @@ static psa_status_t secure_storage_ipc_set(void *context, uint32_t client_id,
-
- ipc->client.rpc_status = TS_RPC_CALL_ACCEPTED;
-
-- psa_status = psa_call(caller, TFM_PROTECTED_STORAGE_SERVICE_HANDLE,
-- TFM_PS_SET, in_vec, IOVEC_LEN(in_vec), NULL, 0);
-+ psa_status = psa_call(caller, ipc->service_handle, TFM_PS_ITS_SET,
-+ in_vec, IOVEC_LEN(in_vec), NULL, 0);
- if (psa_status < 0)
- EMSG("ipc_set: psa_call failed: %d", psa_status);
-
-@@ -65,8 +65,8 @@ static psa_status_t secure_storage_ipc_get(void *context,
- return PSA_ERROR_INVALID_ARGUMENT;
- }
-
-- psa_status = psa_call(caller, TFM_PROTECTED_STORAGE_SERVICE_HANDLE,
-- TFM_PS_GET, in_vec, IOVEC_LEN(in_vec),
-+ psa_status = psa_call(caller, ipc->service_handle,
-+ TFM_PS_ITS_GET, in_vec, IOVEC_LEN(in_vec),
- out_vec, IOVEC_LEN(out_vec));
- if (psa_status == PSA_SUCCESS)
- *p_data_length = out_vec[0].len;
-@@ -92,8 +92,8 @@ static psa_status_t secure_storage_ipc_get_info(void *context,
-
- (void)client_id;
-
-- psa_status = psa_call(caller, TFM_PROTECTED_STORAGE_SERVICE_HANDLE,
-- TFM_PS_GET_INFO, in_vec,
-+ psa_status = psa_call(caller, ipc->service_handle,
-+ TFM_PS_ITS_GET_INFO, in_vec,
- IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
- if (psa_status != PSA_SUCCESS)
- EMSG("ipc_get_info: failed to psa_call: %d", psa_status);
-@@ -115,8 +115,8 @@ static psa_status_t secure_storage_ipc_remove(void *context,
-
- (void)client_id;
-
-- psa_status = psa_call(caller, TFM_PROTECTED_STORAGE_SERVICE_HANDLE,
-- TFM_PS_REMOVE, in_vec,
-+ psa_status = psa_call(caller, ipc->service_handle,
-+ TFM_PS_ITS_REMOVE, in_vec,
- IOVEC_LEN(in_vec), NULL, 0);
- if (psa_status != PSA_SUCCESS)
- EMSG("ipc_remove: failed to psa_call: %d", psa_status);
-@@ -169,8 +169,8 @@ static uint32_t secure_storage_get_support(void *context, uint32_t client_id)
-
- (void)client_id;
-
-- psa_status = psa_call(caller, TFM_PROTECTED_STORAGE_SERVICE_HANDLE,
-- TFM_PS_GET_SUPPORT, NULL, 0,
-+ psa_status = psa_call(caller, ipc->service_handle,
-+ TFM_PS_ITS_GET_SUPPORT, NULL, 0,
- out_vec, IOVEC_LEN(out_vec));
- if (psa_status != PSA_SUCCESS)
- EMSG("ipc_get_support: failed to psa_call: %d", psa_status);
-diff --git a/components/service/secure_storage/backend/secure_storage_ipc/secure_storage_ipc.h b/components/service/secure_storage/backend/secure_storage_ipc/secure_storage_ipc.h
-index e8c1e8fd2f92..d9949f6a9305 100644
---- a/components/service/secure_storage/backend/secure_storage_ipc/secure_storage_ipc.h
-+++ b/components/service/secure_storage/backend/secure_storage_ipc/secure_storage_ipc.h
-@@ -21,6 +21,7 @@ struct secure_storage_ipc
- {
- struct storage_backend backend;
- struct service_client client;
-+ int32_t service_handle;
- };
-
- /**
-diff --git a/deployments/se-proxy/common/service_proxy_factory.c b/deployments/se-proxy/common/service_proxy_factory.c
-index 4b8cceccbe4d..1110ac46bf8b 100644
---- a/deployments/se-proxy/common/service_proxy_factory.c
-+++ b/deployments/se-proxy/common/service_proxy_factory.c
-@@ -5,6 +5,7 @@
- */
-
- #include <stddef.h>
-+#include <psa/sid.h>
- #include <rpc/common/endpoint/rpc_interface.h>
- #include <rpc/openamp/caller/sp/openamp_caller.h>
- #include <service/attestation/provider/attest_provider.h>
-@@ -60,23 +61,30 @@ struct rpc_interface *ps_proxy_create(void)
- {
- static struct secure_storage_provider ps_provider;
- static struct secure_storage_ipc ps_backend;
-- static struct rpc_caller *storage_caller;
-+ struct rpc_caller *storage_caller;
- struct storage_backend *backend;
-
- storage_caller = openamp_caller_init(&openamp);
- if (!storage_caller)
- return NULL;
- backend = secure_storage_ipc_init(&ps_backend, &openamp.rpc_caller);
-+ ps_backend.service_handle = TFM_PROTECTED_STORAGE_SERVICE_HANDLE;
-
- return secure_storage_provider_init(&ps_provider, backend);
- }
-
- struct rpc_interface *its_proxy_create(void)
- {
-- static struct mock_store its_backend;
-- static struct secure_storage_provider its_provider;
--
-- struct storage_backend *backend = mock_store_init(&its_backend);
--
-- return secure_storage_provider_init(&its_provider, backend);
-+ static struct secure_storage_provider its_provider;
-+ static struct secure_storage_ipc its_backend;
-+ struct rpc_caller *storage_caller;
-+ struct storage_backend *backend;
-+
-+ storage_caller = openamp_caller_init(&openamp);
-+ if (!storage_caller)
-+ return NULL;
-+ backend = secure_storage_ipc_init(&its_backend, &openamp.rpc_caller);
-+ its_backend.service_handle = TFM_INTERNAL_TRUSTED_STORAGE_SERVICE_HANDLE;
-+
-+ return secure_storage_provider_init(&its_provider, backend);
- }
-2.38.1
-
deleted file mode 100644
@@ -1,2570 +0,0 @@
-From 0b5d96b1a9f927dc141047600edf2249af7022c5 Mon Sep 17 00:00:00 2001
-From: Rui Miguel Silva <rui.silva@linaro.org>
-Date: Thu, 9 Dec 2021 14:17:39 +0000
-Subject: [PATCH 12/20] add psa ipc crypto backend
-
-Add psa ipc crypto backend and attach it to se proxy
-deployment.
-
-Upstream-Status: Pending
-Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
----
- components/service/common/include/psa/sid.h | 73 +++++
- .../crypto/backend/psa_ipc/component.cmake | 21 ++
- .../backend/psa_ipc/crypto_ipc_backend.c | 26 ++
- .../backend/psa_ipc/crypto_ipc_backend.h | 70 ++++
- .../client/caller/psa_ipc/crypto_caller.h | 34 ++
- .../caller/psa_ipc/crypto_caller_aead.h | 252 +++++++++++++++
- .../crypto_caller_asymmetric_decrypt.h | 76 +++++
- .../crypto_caller_asymmetric_encrypt.h | 76 +++++
- .../caller/psa_ipc/crypto_caller_cipher.h | 246 +++++++++++++++
- .../caller/psa_ipc/crypto_caller_copy_key.h | 57 ++++
- .../psa_ipc/crypto_caller_destroy_key.h | 51 +++
- .../caller/psa_ipc/crypto_caller_export_key.h | 59 ++++
- .../psa_ipc/crypto_caller_export_public_key.h | 59 ++++
- .../psa_ipc/crypto_caller_generate_key.h | 55 ++++
- .../psa_ipc/crypto_caller_generate_random.h | 57 ++++
- .../crypto_caller_get_key_attributes.h | 56 ++++
- .../caller/psa_ipc/crypto_caller_hash.h | 220 +++++++++++++
- .../caller/psa_ipc/crypto_caller_import_key.h | 57 ++++
- .../psa_ipc/crypto_caller_key_attributes.h | 51 +++
- .../psa_ipc/crypto_caller_key_derivation.h | 298 ++++++++++++++++++
- .../client/caller/psa_ipc/crypto_caller_mac.h | 207 ++++++++++++
- .../caller/psa_ipc/crypto_caller_purge_key.h | 51 +++
- .../caller/psa_ipc/crypto_caller_sign_hash.h | 64 ++++
- .../psa_ipc/crypto_caller_verify_hash.h | 59 ++++
- .../crypto/include/psa/crypto_client_struct.h | 8 +-
- .../service/crypto/include/psa/crypto_sizes.h | 2 +-
- .../se-proxy/common/service_proxy_factory.c | 15 +-
- .../providers/arm/corstone1000/platform.cmake | 2 +
- 28 files changed, 2292 insertions(+), 10 deletions(-)
- create mode 100644 components/service/crypto/backend/psa_ipc/component.cmake
- create mode 100644 components/service/crypto/backend/psa_ipc/crypto_ipc_backend.c
- create mode 100644 components/service/crypto/backend/psa_ipc/crypto_ipc_backend.h
- create mode 100644 components/service/crypto/client/caller/psa_ipc/crypto_caller.h
- create mode 100644 components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h
- create mode 100644 components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_decrypt.h
- create mode 100644 components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_encrypt.h
- create mode 100644 components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h
- create mode 100644 components/service/crypto/client/caller/psa_ipc/crypto_caller_copy_key.h
- create mode 100644 components/service/crypto/client/caller/psa_ipc/crypto_caller_destroy_key.h
- create mode 100644 components/service/crypto/client/caller/psa_ipc/crypto_caller_export_key.h
- create mode 100644 components/service/crypto/client/caller/psa_ipc/crypto_caller_export_public_key.h
- create mode 100644 components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_key.h
- create mode 100644 components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_random.h
- create mode 100644 components/service/crypto/client/caller/psa_ipc/crypto_caller_get_key_attributes.h
- create mode 100644 components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h
- create mode 100644 components/service/crypto/client/caller/psa_ipc/crypto_caller_import_key.h
- create mode 100644 components/service/crypto/client/caller/psa_ipc/crypto_caller_key_attributes.h
- create mode 100644 components/service/crypto/client/caller/psa_ipc/crypto_caller_key_derivation.h
- create mode 100644 components/service/crypto/client/caller/psa_ipc/crypto_caller_mac.h
- create mode 100644 components/service/crypto/client/caller/psa_ipc/crypto_caller_purge_key.h
- create mode 100644 components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h
- create mode 100644 components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h
-
-diff --git a/components/service/common/include/psa/sid.h b/components/service/common/include/psa/sid.h
-index 4a951d4a3502..7a29cc253bad 100644
---- a/components/service/common/include/psa/sid.h
-+++ b/components/service/common/include/psa/sid.h
-@@ -37,6 +37,79 @@ extern "C" {
- #define TFM_CRYPTO_VERSION (1U)
- #define TFM_CRYPTO_HANDLE (0x40000100U)
-
-+/**
-+ * \brief Define a progressive numerical value for each SID which can be used
-+ * when dispatching the requests to the service
-+ */
-+enum {
-+ TFM_CRYPTO_GET_KEY_ATTRIBUTES_SID = (0u),
-+ TFM_CRYPTO_RESET_KEY_ATTRIBUTES_SID,
-+ TFM_CRYPTO_OPEN_KEY_SID,
-+ TFM_CRYPTO_CLOSE_KEY_SID,
-+ TFM_CRYPTO_IMPORT_KEY_SID,
-+ TFM_CRYPTO_DESTROY_KEY_SID,
-+ TFM_CRYPTO_EXPORT_KEY_SID,
-+ TFM_CRYPTO_EXPORT_PUBLIC_KEY_SID,
-+ TFM_CRYPTO_PURGE_KEY_SID,
-+ TFM_CRYPTO_COPY_KEY_SID,
-+ TFM_CRYPTO_HASH_COMPUTE_SID,
-+ TFM_CRYPTO_HASH_COMPARE_SID,
-+ TFM_CRYPTO_HASH_SETUP_SID,
-+ TFM_CRYPTO_HASH_UPDATE_SID,
-+ TFM_CRYPTO_HASH_FINISH_SID,
-+ TFM_CRYPTO_HASH_VERIFY_SID,
-+ TFM_CRYPTO_HASH_ABORT_SID,
-+ TFM_CRYPTO_HASH_CLONE_SID,
-+ TFM_CRYPTO_MAC_COMPUTE_SID,
-+ TFM_CRYPTO_MAC_VERIFY_SID,
-+ TFM_CRYPTO_MAC_SIGN_SETUP_SID,
-+ TFM_CRYPTO_MAC_VERIFY_SETUP_SID,
-+ TFM_CRYPTO_MAC_UPDATE_SID,
-+ TFM_CRYPTO_MAC_SIGN_FINISH_SID,
-+ TFM_CRYPTO_MAC_VERIFY_FINISH_SID,
-+ TFM_CRYPTO_MAC_ABORT_SID,
-+ TFM_CRYPTO_CIPHER_ENCRYPT_SID,
-+ TFM_CRYPTO_CIPHER_DECRYPT_SID,
-+ TFM_CRYPTO_CIPHER_ENCRYPT_SETUP_SID,
-+ TFM_CRYPTO_CIPHER_DECRYPT_SETUP_SID,
-+ TFM_CRYPTO_CIPHER_GENERATE_IV_SID,
-+ TFM_CRYPTO_CIPHER_SET_IV_SID,
-+ TFM_CRYPTO_CIPHER_UPDATE_SID,
-+ TFM_CRYPTO_CIPHER_FINISH_SID,
-+ TFM_CRYPTO_CIPHER_ABORT_SID,
-+ TFM_CRYPTO_AEAD_ENCRYPT_SID,
-+ TFM_CRYPTO_AEAD_DECRYPT_SID,
-+ TFM_CRYPTO_AEAD_ENCRYPT_SETUP_SID,
-+ TFM_CRYPTO_AEAD_DECRYPT_SETUP_SID,
-+ TFM_CRYPTO_AEAD_GENERATE_NONCE_SID,
-+ TFM_CRYPTO_AEAD_SET_NONCE_SID,
-+ TFM_CRYPTO_AEAD_SET_LENGTHS_SID,
-+ TFM_CRYPTO_AEAD_UPDATE_AD_SID,
-+ TFM_CRYPTO_AEAD_UPDATE_SID,
-+ TFM_CRYPTO_AEAD_FINISH_SID,
-+ TFM_CRYPTO_AEAD_VERIFY_SID,
-+ TFM_CRYPTO_AEAD_ABORT_SID,
-+ TFM_CRYPTO_SIGN_MESSAGE_SID,
-+ TFM_CRYPTO_VERIFY_MESSAGE_SID,
-+ TFM_CRYPTO_SIGN_HASH_SID,
-+ TFM_CRYPTO_VERIFY_HASH_SID,
-+ TFM_CRYPTO_ASYMMETRIC_ENCRYPT_SID,
-+ TFM_CRYPTO_ASYMMETRIC_DECRYPT_SID,
-+ TFM_CRYPTO_KEY_DERIVATION_SETUP_SID,
-+ TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY_SID,
-+ TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY_SID,
-+ TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES_SID,
-+ TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY_SID,
-+ TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT_SID,
-+ TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES_SID,
-+ TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY_SID,
-+ TFM_CRYPTO_KEY_DERIVATION_ABORT_SID,
-+ TFM_CRYPTO_RAW_KEY_AGREEMENT_SID,
-+ TFM_CRYPTO_GENERATE_RANDOM_SID,
-+ TFM_CRYPTO_GENERATE_KEY_SID,
-+ TFM_CRYPTO_SID_MAX,
-+};
-+
- /******** TFM_SP_PLATFORM ********/
- #define TFM_SP_PLATFORM_SYSTEM_RESET_SID (0x00000040U)
- #define TFM_SP_PLATFORM_SYSTEM_RESET_VERSION (1U)
-diff --git a/components/service/crypto/backend/psa_ipc/component.cmake b/components/service/crypto/backend/psa_ipc/component.cmake
-new file mode 100644
-index 000000000000..93c297a83ac6
---- /dev/null
-+++ b/components/service/crypto/backend/psa_ipc/component.cmake
-@@ -0,0 +1,21 @@
-+#-------------------------------------------------------------------------------
-+# Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+#
-+# SPDX-License-Identifier: BSD-3-Clause
-+#
-+#-------------------------------------------------------------------------------
-+if (NOT DEFINED TGT)
-+ message(FATAL_ERROR "mandatory parameter TGT is not defined.")
-+endif()
-+
-+target_sources(${TGT} PRIVATE
-+ "${CMAKE_CURRENT_LIST_DIR}/crypto_ipc_backend.c"
-+ )
-+
-+# The ipc crypto backend uses the psa crypto client to realize the
-+# psa crypto API that the crypto provider depends on. This define
-+# configures the psa crypto client to be built with the ipc crypto
-+# caller.
-+target_compile_definitions(${TGT} PRIVATE
-+ PSA_CRYPTO_CLIENT_CALLER_SELECTION_H="service/crypto/client/caller/psa_ipc/crypto_caller.h"
-+)
-diff --git a/components/service/crypto/backend/psa_ipc/crypto_ipc_backend.c b/components/service/crypto/backend/psa_ipc/crypto_ipc_backend.c
-new file mode 100644
-index 000000000000..e47cd4ffb4ce
---- /dev/null
-+++ b/components/service/crypto/backend/psa_ipc/crypto_ipc_backend.c
-@@ -0,0 +1,26 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#include <stddef.h>
-+#include <psa/crypto.h>
-+#include <service/crypto/client/psa/psa_crypto_client.h>
-+#include <protocols/rpc/common/packed-c/status.h>
-+#include "crypto_ipc_backend.h"
-+
-+psa_status_t crypto_ipc_backend_init(struct rpc_caller *caller)
-+{
-+ psa_status_t status = psa_crypto_client_init(caller);
-+
-+ if (status == PSA_SUCCESS)
-+ status = psa_crypto_init();
-+
-+ return status;
-+}
-+
-+void crypto_ipc_backend_deinit(void)
-+{
-+ psa_crypto_client_deinit();
-+}
-diff --git a/components/service/crypto/backend/psa_ipc/crypto_ipc_backend.h b/components/service/crypto/backend/psa_ipc/crypto_ipc_backend.h
-new file mode 100644
-index 000000000000..c13c20e84131
---- /dev/null
-+++ b/components/service/crypto/backend/psa_ipc/crypto_ipc_backend.h
-@@ -0,0 +1,70 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#ifndef CRYPTO_IPC_BACKEND_H
-+#define CRYPTO_IPC_BACKEND_H
-+
-+#include <service/crypto/client/psa/psa_crypto_client.h>
-+#include <psa/error.h>
-+#include <rpc_caller.h>
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+/**
-+ * \brief This type is used to overcome a limitation in the number of maximum
-+ * IOVECs that can be used especially in psa_aead_encrypt and
-+ * psa_aead_decrypt. To be removed in case the AEAD APIs number of
-+ * parameters passed gets restructured
-+ */
-+#define TFM_CRYPTO_MAX_NONCE_LENGTH (16u)
-+struct psa_ipc_crypto_aead_pack_input {
-+ uint8_t nonce[TFM_CRYPTO_MAX_NONCE_LENGTH];
-+ uint32_t nonce_length;
-+};
-+
-+struct psa_ipc_crypto_pack_iovec {
-+ uint32_t sfn_id; /*!< Secure function ID used to dispatch the
-+ * request
-+ */
-+ uint16_t step; /*!< Key derivation step */
-+ psa_key_id_t key_id; /*!< Key id */
-+ psa_algorithm_t alg; /*!< Algorithm */
-+ uint32_t op_handle; /*!< Frontend context handle associated to a
-+ * multipart operation
-+ */
-+ uint32_t capacity; /*!< Key derivation capacity */
-+
-+ struct psa_ipc_crypto_aead_pack_input aead_in; /*!< FixMe: Temporarily used for
-+ * AEAD until the API is
-+ * restructured
-+ */
-+};
-+
-+#define iov_size sizeof(struct psa_ipc_crypto_pack_iovec)
-+
-+/**
-+ * \brief Initialize the psa ipc crypto backend
-+ *
-+ * Initializes a crypto backend that uses the psa API client with a
-+ * psa_ipc_backend caller to realize the PSA crypto API used by the crypto
-+ * service proviser.
-+ *
-+ * \return PSA_SUCCESS if backend initialized successfully
-+ */
-+psa_status_t crypto_ipc_backend_init(struct rpc_caller *caller);
-+
-+/**
-+ * \brief Clean-up to free any resource used by the crypto backend
-+ */
-+void crypto_ipc_backend_deinit(void);
-+
-+#ifdef __cplusplus
-+} /* extern "C" */
-+#endif
-+
-+#endif /* CRYPTO_IPC_BACKEND_H */
-diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller.h
-new file mode 100644
-index 000000000000..0a972187062f
---- /dev/null
-+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller.h
-@@ -0,0 +1,34 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#ifndef PSA_IPC_CRYPTO_CALLER_H
-+#define PSA_IPC_CRYPTO_CALLER_H
-+
-+/**
-+ * Includes all header files that form the psa ipc crypto caller
-+ * interface. May be used by a client that needs to call operations
-+ * provided by a crypto service instance using the psa ipc interface.
-+ */
-+#include "crypto_caller_aead.h"
-+#include "crypto_caller_asymmetric_decrypt.h"
-+#include "crypto_caller_asymmetric_encrypt.h"
-+#include "crypto_caller_cipher.h"
-+#include "crypto_caller_copy_key.h"
-+#include "crypto_caller_destroy_key.h"
-+#include "crypto_caller_export_key.h"
-+#include "crypto_caller_export_public_key.h"
-+#include "crypto_caller_generate_key.h"
-+#include "crypto_caller_generate_random.h"
-+#include "crypto_caller_get_key_attributes.h"
-+#include "crypto_caller_hash.h"
-+#include "crypto_caller_import_key.h"
-+#include "crypto_caller_key_derivation.h"
-+#include "crypto_caller_mac.h"
-+#include "crypto_caller_purge_key.h"
-+#include "crypto_caller_sign_hash.h"
-+#include "crypto_caller_verify_hash.h"
-+
-+#endif /* PSA_IPC_CRYPTO_CALLER_H */
-diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h
-new file mode 100644
-index 000000000000..78517fe32ca9
---- /dev/null
-+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h
-@@ -0,0 +1,252 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#ifndef PSA_IPC_CRYPTO_CALLER_AEAD_H
-+#define PSA_IPC_CRYPTO_CALLER_AEAD_H
-+
-+#include <string.h>
-+#include <stdlib.h>
-+#include <psa/crypto.h>
-+#include <psa/client.h>
-+#include <psa/sid.h>
-+#include <service/common/client/service_client.h>
-+#include <service/crypto/backend/psa_ipc/crypto_ipc_backend.h>
-+#include <protocols/rpc/common/packed-c/status.h>
-+#include <protocols/service/crypto/packed-c/opcodes.h>
-+#include <protocols/service/crypto/packed-c/key_attributes.h>
-+#include <protocols/service/crypto/packed-c/import_key.h>
-+#include "crypto_caller_key_attributes.h"
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+static inline psa_status_t crypto_caller_aead_encrypt(
-+ struct service_client *context,
-+ psa_key_id_t key,
-+ psa_algorithm_t alg,
-+ const uint8_t *nonce,
-+ size_t nonce_length,
-+ const uint8_t *additional_data,
-+ size_t additional_data_length,
-+ const uint8_t *plaintext,
-+ size_t plaintext_length,
-+ uint8_t *aeadtext,
-+ size_t aeadtext_size,
-+ size_t *aeadtext_length)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ size_t in_len;
-+ int i;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_AEAD_ENCRYPT_SID,
-+ .key_id = key,
-+ .alg = alg,
-+ .aead_in = { .nonce = {0}, .nonce_length = nonce_length },
-+ };
-+
-+ if (!additional_data && additional_data_length)
-+ return PSA_ERROR_INVALID_ARGUMENT;
-+
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ { .base = psa_ptr_const_to_u32(plaintext),
-+ .len = plaintext_length },
-+ { .base = psa_ptr_const_to_u32(additional_data),
-+ .len = additional_data_length},
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(aeadtext), .len = aeadtext_size },
-+ };
-+
-+ if (nonce_length > TFM_CRYPTO_MAX_NONCE_LENGTH)
-+ return PSA_ERROR_INVALID_ARGUMENT;
-+
-+ if (nonce) {
-+ for (i = 0; i < nonce_length; i++)
-+ iov.aead_in.nonce[i] = nonce[i];
-+ }
-+
-+ in_len = IOVEC_LEN(in_vec);
-+
-+ if (!additional_data)
-+ in_len--;
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ in_len, out_vec, IOVEC_LEN(out_vec));
-+
-+ *aeadtext_length = out_vec[0].len;
-+
-+ return status;
-+}
-+
-+static inline psa_status_t crypto_caller_aead_decrypt(
-+ struct service_client *context,
-+ psa_key_id_t key,
-+ psa_algorithm_t alg,
-+ const uint8_t *nonce,
-+ size_t nonce_length,
-+ const uint8_t *additional_data,
-+ size_t additional_data_length,
-+ const uint8_t *aeadtext,
-+ size_t aeadtext_length,
-+ uint8_t *plaintext,
-+ size_t plaintext_size,
-+ size_t *plaintext_length)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ size_t in_len;
-+ int i;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_AEAD_DECRYPT_SID,
-+ .key_id = key,
-+ .alg = alg,
-+ .aead_in = { .nonce = {0}, .nonce_length = nonce_length },
-+ };
-+
-+ if (!additional_data && additional_data_length)
-+ return PSA_ERROR_INVALID_ARGUMENT;
-+
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ { .base = psa_ptr_const_to_u32(aeadtext),
-+ .len = aeadtext_length },
-+ { .base = psa_ptr_const_to_u32(additional_data),
-+ .len = additional_data_length},
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(plaintext), .len = plaintext_size },
-+ };
-+
-+ if (nonce_length > TFM_CRYPTO_MAX_NONCE_LENGTH)
-+ return PSA_ERROR_INVALID_ARGUMENT;
-+
-+ if (nonce) {
-+ for (i = 0; i < nonce_length; i++)
-+ iov.aead_in.nonce[i] = nonce[i];
-+ }
-+
-+ in_len = IOVEC_LEN(in_vec);
-+
-+ if (!additional_data)
-+ in_len--;
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ in_len, out_vec, IOVEC_LEN(out_vec));
-+
-+ *plaintext_length = out_vec[0].len;
-+
-+ return status;
-+}
-+
-+static inline psa_status_t crypto_caller_aead_encrypt_setup(
-+ struct service_client *context,
-+ uint32_t *op_handle,
-+ psa_key_id_t key,
-+ psa_algorithm_t alg)
-+{
-+ return PSA_ERROR_NOT_SUPPORTED;
-+}
-+
-+static inline psa_status_t crypto_caller_aead_decrypt_setup(
-+ struct service_client *context,
-+ uint32_t *op_handle,
-+ psa_key_id_t key,
-+ psa_algorithm_t alg)
-+{
-+ return PSA_ERROR_NOT_SUPPORTED;
-+}
-+
-+static inline psa_status_t crypto_caller_aead_generate_nonce(
-+ struct service_client *context,
-+ uint32_t op_handle,
-+ uint8_t *nonce,
-+ size_t nonce_size,
-+ size_t *nonce_length)
-+{
-+ return PSA_ERROR_NOT_SUPPORTED;
-+}
-+
-+static inline psa_status_t crypto_caller_aead_set_nonce(
-+ struct service_client *context,
-+ uint32_t op_handle,
-+ const uint8_t *nonce,
-+ size_t nonce_length)
-+{
-+ return PSA_ERROR_NOT_SUPPORTED;
-+}
-+
-+static inline psa_status_t crypto_caller_aead_set_lengths(
-+ struct service_client *context,
-+ uint32_t op_handle,
-+ size_t ad_length,
-+ size_t plaintext_length)
-+{
-+ return PSA_ERROR_NOT_SUPPORTED;
-+}
-+
-+static inline psa_status_t crypto_caller_aead_update_ad(
-+ struct service_client *context,
-+ uint32_t op_handle,
-+ const uint8_t *input,
-+ size_t input_length)
-+{
-+ return PSA_ERROR_NOT_SUPPORTED;
-+}
-+
-+static inline psa_status_t crypto_caller_aead_update(
-+ struct service_client *context,
-+ uint32_t op_handle,
-+ const uint8_t *input,
-+ size_t input_length,
-+ uint8_t *output,
-+ size_t output_size,
-+ size_t *output_length)
-+{
-+ return PSA_ERROR_NOT_SUPPORTED;
-+}
-+
-+static inline psa_status_t crypto_caller_aead_finish(
-+ struct service_client *context,
-+ uint32_t op_handle,
-+ uint8_t *aeadtext,
-+ size_t aeadtext_size,
-+ size_t *aeadtext_length,
-+ uint8_t *tag,
-+ size_t tag_size,
-+ size_t *tag_length)
-+{
-+ return PSA_ERROR_NOT_SUPPORTED;
-+}
-+
-+static inline psa_status_t crypto_caller_aead_verify(
-+ struct service_client *context,
-+ uint32_t op_handle,
-+ uint8_t *plaintext,
-+ size_t plaintext_size,
-+ size_t *plaintext_length,
-+ const uint8_t *tag,
-+ size_t tag_length)
-+{
-+ return PSA_ERROR_NOT_SUPPORTED;
-+}
-+
-+static inline psa_status_t crypto_caller_aead_abort(
-+ struct service_client *context,
-+ uint32_t op_handle)
-+{
-+ return PSA_ERROR_NOT_SUPPORTED;
-+}
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif /* PSA_IPC_CRYPTO_CALLER_AEAD_H */
-diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_decrypt.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_decrypt.h
-new file mode 100644
-index 000000000000..ff01815c09e9
---- /dev/null
-+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_decrypt.h
-@@ -0,0 +1,76 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#ifndef PSA_IPC_CRYPTO_CALLER_ASYMMETRIC_DECRYPT_H
-+#define PSA_IPC_CRYPTO_CALLER_ASYMMETRIC_DECRYPT_H
-+
-+#include <string.h>
-+#include <stdlib.h>
-+#include <psa/crypto.h>
-+#include <psa/client.h>
-+#include <psa/sid.h>
-+#include <service/common/client/service_client.h>
-+#include <service/crypto/backend/psa_ipc/crypto_ipc_backend.h>
-+#include <protocols/rpc/common/packed-c/status.h>
-+#include <protocols/service/crypto/packed-c/opcodes.h>
-+#include <protocols/service/crypto/packed-c/key_attributes.h>
-+#include <protocols/service/crypto/packed-c/import_key.h>
-+#include "crypto_caller_key_attributes.h"
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+static inline psa_status_t crypto_caller_asymmetric_decrypt(
-+ struct service_client *context,
-+ psa_key_id_t id,
-+ psa_algorithm_t alg,
-+ const uint8_t *input, size_t input_length,
-+ const uint8_t *salt, size_t salt_length,
-+ uint8_t *output, size_t output_size,
-+ size_t *output_length)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ size_t in_len;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_ASYMMETRIC_DECRYPT_SID,
-+ .key_id = id,
-+ .alg = alg,
-+ };
-+
-+ /* Sanitize optional input */
-+ if (!salt && salt_length)
-+ return PSA_ERROR_INVALID_ARGUMENT;
-+
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ { .base = psa_ptr_const_to_u32(input), .len = input_length },
-+ { .base = psa_ptr_const_to_u32(salt), .len = salt_length },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(output), .len = output_size },
-+ };
-+
-+
-+ in_len = IOVEC_LEN(in_vec);
-+ if (!salt)
-+ in_len--;
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ in_len, out_vec, IOVEC_LEN(out_vec));
-+
-+ *output_length = out_vec[0].len;
-+
-+ return status;
-+}
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif /* PSA_IPC_CRYPTO_CALLER_ASYMMETRIC_DECRYPT_H */
-diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_encrypt.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_encrypt.h
-new file mode 100644
-index 000000000000..1daf1689c076
---- /dev/null
-+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_encrypt.h
-@@ -0,0 +1,76 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#ifndef PSA_IPC_CRYPTO_CALLER_ASYMMETRIC_ENCRYPT_H
-+#define PSA_IPC_CRYPTO_CALLER_ASYMMETRIC_ENCRYPT_H
-+
-+#include <string.h>
-+#include <stdlib.h>
-+#include <psa/crypto.h>
-+#include <psa/client.h>
-+#include <psa/sid.h>
-+#include <service/common/client/service_client.h>
-+#include <service/crypto/backend/psa_ipc/crypto_ipc_backend.h>
-+#include <protocols/rpc/common/packed-c/status.h>
-+#include <protocols/service/crypto/packed-c/opcodes.h>
-+#include <protocols/service/crypto/packed-c/key_attributes.h>
-+#include <protocols/service/crypto/packed-c/import_key.h>
-+#include "crypto_caller_key_attributes.h"
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+static inline psa_status_t crypto_caller_asymmetric_encrypt(
-+ struct service_client *context,
-+ psa_key_id_t id,
-+ psa_algorithm_t alg,
-+ const uint8_t *input, size_t input_length,
-+ const uint8_t *salt, size_t salt_length,
-+ uint8_t *output, size_t output_size,
-+ size_t *output_length)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ size_t in_len;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_ASYMMETRIC_ENCRYPT_SID,
-+ .key_id = id,
-+ .alg = alg,
-+ };
-+
-+ /* Sanitize optional input */
-+ if (!salt && salt_length)
-+ return PSA_ERROR_INVALID_ARGUMENT;
-+
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ { .base = psa_ptr_const_to_u32(input), .len = input_length },
-+ { .base = psa_ptr_const_to_u32(salt), .len = salt_length },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(output), .len = output_size },
-+ };
-+
-+
-+ in_len = IOVEC_LEN(in_vec);
-+ if (!salt)
-+ in_len--;
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ in_len, out_vec, IOVEC_LEN(out_vec));
-+
-+ *output_length = out_vec[0].len;
-+
-+ return status;
-+}
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif /* PSA_IPC_CRYPTO_CALLER_ASYMMETRIC_ENCRYPT_H */
-diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h
-new file mode 100644
-index 000000000000..fbefb28d813a
---- /dev/null
-+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h
-@@ -0,0 +1,246 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#ifndef PSA_IPC_CRYPTO_CALLER_CIPHER_H
-+#define PSA_IPC_CRYPTO_CALLER_CIPHER_H
-+
-+#include <string.h>
-+#include <stdlib.h>
-+#include <psa/crypto.h>
-+#include <psa/client.h>
-+#include <psa/sid.h>
-+#include <service/common/client/service_client.h>
-+#include <service/crypto/backend/psa_ipc/crypto_ipc_backend.h>
-+#include <protocols/rpc/common/packed-c/status.h>
-+#include <protocols/service/crypto/packed-c/opcodes.h>
-+#include <protocols/service/crypto/packed-c/key_attributes.h>
-+#include <protocols/service/crypto/packed-c/import_key.h>
-+#include "crypto_caller_key_attributes.h"
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+static inline psa_status_t crypto_caller_cipher_encrypt_setup(
-+ struct service_client *context,
-+ uint32_t *op_handle,
-+ psa_key_id_t key,
-+ psa_algorithm_t alg)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_CIPHER_ENCRYPT_SETUP_SID,
-+ .key_id = key,
-+ .alg = alg,
-+ .op_handle = *op_handle,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(op_handle), .len = sizeof(uint32_t) }
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ return status;
-+}
-+
-+static inline psa_status_t crypto_caller_cipher_decrypt_setup(
-+ struct service_client *context,
-+ uint32_t *op_handle,
-+ psa_key_id_t key,
-+ psa_algorithm_t alg)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_CIPHER_DECRYPT_SETUP_SID,
-+ .key_id = key,
-+ .alg = alg,
-+ .op_handle = *op_handle,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(op_handle), .len = sizeof(uint32_t) }
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ return status;
-+}
-+
-+static inline psa_status_t crypto_caller_cipher_generate_iv(
-+ struct service_client *context,
-+ uint32_t op_handle,
-+ uint8_t *iv,
-+ size_t iv_size,
-+ size_t *iv_length)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_CIPHER_GENERATE_IV_SID,
-+ .op_handle = op_handle,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t) },
-+ { .base = psa_ptr_to_u32(iv), .len = iv_size },
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ *iv_length = out_vec[1].len;
-+
-+ return status;
-+}
-+
-+static inline psa_status_t crypto_caller_cipher_set_iv(
-+ struct service_client *context,
-+ uint32_t op_handle,
-+ const uint8_t *iv,
-+ size_t iv_length)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_CIPHER_SET_IV_SID,
-+ .op_handle = op_handle,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ { .base = psa_ptr_const_to_u32(iv), .len = iv_length },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t) },
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ return status;
-+}
-+
-+static inline psa_status_t crypto_caller_cipher_update(
-+ struct service_client *context,
-+ uint32_t op_handle,
-+ const uint8_t *input,
-+ size_t input_length,
-+ uint8_t *output,
-+ size_t output_size,
-+ size_t *output_length)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_CIPHER_UPDATE_SID,
-+ .op_handle = op_handle,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ { .base = psa_ptr_const_to_u32(input), .len = input_length },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t) },
-+ { .base = psa_ptr_to_u32(output), .len = output_size },
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ *output_length = out_vec[1].len;
-+
-+ return status;
-+}
-+
-+static inline psa_status_t crypto_caller_cipher_finish(
-+ struct service_client *context,
-+ uint32_t op_handle,
-+ uint8_t *output,
-+ size_t output_size,
-+ size_t *output_length)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_CIPHER_FINISH_SID,
-+ .op_handle = op_handle,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t) },
-+ { .base = psa_ptr_to_u32(output), .len = output_size },
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ *output_length = out_vec[1].len;
-+
-+ return status;
-+}
-+
-+static inline psa_status_t crypto_caller_cipher_abort(
-+ struct service_client *context,
-+ uint32_t op_handle)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_CIPHER_ABORT_SID,
-+ .op_handle = op_handle,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t) },
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ return status;
-+}
-+
-+static inline size_t crypto_caller_cipher_max_update_size(const struct service_client *context)
-+{
-+ /* Returns the maximum number of bytes that may be
-+ * carried as a parameter of the cipher_update operation
-+ * using the ipc encoding.
-+ */
-+ size_t payload_space = context->service_info.max_payload;
-+ size_t overhead = iov_size;
-+
-+ /* Allow for output to be a whole number of blocks */
-+ overhead += PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE;
-+
-+ return (payload_space > overhead) ? payload_space - overhead : 0;
-+}
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif /* PSA_IPC_CRYPTO_CALLER_CIPHER_H */
-diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_copy_key.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_copy_key.h
-new file mode 100644
-index 000000000000..9a988171b098
---- /dev/null
-+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_copy_key.h
-@@ -0,0 +1,57 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#ifndef PSA_IPC_CRYPTO_CALLER_COPY_KEY_H
-+#define PSA_IPC_CRYPTO_CALLER_COPY_KEY_H
-+
-+#include <string.h>
-+#include <stdlib.h>
-+#include <psa/crypto.h>
-+#include <psa/client.h>
-+#include <psa/sid.h>
-+#include <service/common/client/service_client.h>
-+#include <service/crypto/backend/psa_ipc/crypto_ipc_backend.h>
-+#include <protocols/rpc/common/packed-c/status.h>
-+#include <protocols/service/crypto/packed-c/opcodes.h>
-+#include <protocols/service/crypto/packed-c/key_attributes.h>
-+#include <protocols/service/crypto/packed-c/import_key.h>
-+#include "crypto_caller_key_attributes.h"
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+static inline psa_status_t crypto_caller_copy_key(struct service_client *context,
-+ psa_key_id_t source_key,
-+ const psa_key_attributes_t *attributes,
-+ psa_key_id_t *target_key)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_COPY_KEY_SID,
-+ .key_id = source_key,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec) },
-+ { .base = psa_ptr_const_to_u32(attributes), .len = sizeof(psa_key_attributes_t) },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(target_key), .len = sizeof(psa_key_id_t) }
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ return status;
-+}
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif /* PSA_IPC_CRYPTO_CALLER_COPY_KEY_H */
-diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_destroy_key.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_destroy_key.h
-new file mode 100644
-index 000000000000..d00f4faa7a52
---- /dev/null
-+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_destroy_key.h
-@@ -0,0 +1,51 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#ifndef PSA_IPC_CRYPTO_CALLER_DESTROY_KEY_H
-+#define PSA_IPC_CRYPTO_CALLER_DESTROY_KEY_H
-+
-+#include <string.h>
-+#include <stdlib.h>
-+#include <psa/crypto.h>
-+#include <psa/client.h>
-+#include <psa/sid.h>
-+#include <service/common/client/service_client.h>
-+#include <service/crypto/backend/psa_ipc/crypto_ipc_backend.h>
-+#include <protocols/rpc/common/packed-c/status.h>
-+#include <protocols/service/crypto/packed-c/opcodes.h>
-+#include <protocols/service/crypto/packed-c/key_attributes.h>
-+#include <protocols/service/crypto/packed-c/import_key.h>
-+#include "crypto_caller_key_attributes.h"
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+static inline psa_status_t crypto_caller_destroy_key(struct service_client *context,
-+ psa_key_id_t id)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_DESTROY_KEY_SID,
-+ .key_id = id,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec) },
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), NULL, 0);
-+
-+ return status;
-+}
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif /* PSA_IPC_CRYPTO_CALLER_DESTROY_KEY_H */
-diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_key.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_key.h
-new file mode 100644
-index 000000000000..8ac5477f7b9a
---- /dev/null
-+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_key.h
-@@ -0,0 +1,59 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#ifndef PSA_IPC_CRYPTO_CALLER_EXPORT_KEY_H
-+#define PSA_IPC_CRYPTO_CALLER_EXPORT_KEY_H
-+
-+#include <string.h>
-+#include <stdlib.h>
-+#include <psa/crypto.h>
-+#include <psa/client.h>
-+#include <psa/sid.h>
-+#include <service/common/client/service_client.h>
-+#include <service/crypto/backend/psa_ipc/crypto_ipc_backend.h>
-+#include <protocols/rpc/common/packed-c/status.h>
-+#include <protocols/service/crypto/packed-c/opcodes.h>
-+#include <protocols/service/crypto/packed-c/key_attributes.h>
-+#include <protocols/service/crypto/packed-c/import_key.h>
-+#include "crypto_caller_key_attributes.h"
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+static inline psa_status_t crypto_caller_export_key(struct service_client *context,
-+ psa_key_id_t id,
-+ uint8_t *data,
-+ size_t data_size,
-+ size_t *data_length)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_EXPORT_KEY_SID,
-+ .key_id = id,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec) },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(data), .len = data_size }
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ *data_length = out_vec[0].len;
-+
-+ return status;
-+}
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif /* PSA_IPC_CRYPTO_CALLER_EXPORT_KEY_H */
-diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_public_key.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_public_key.h
-new file mode 100644
-index 000000000000..b24c47f1257e
---- /dev/null
-+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_public_key.h
-@@ -0,0 +1,59 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#ifndef PSA_IPC_CRYPTO_CALLER_EXPORT_PUBLIC_KEY_H
-+#define PSA_IPC_CRYPTO_CALLER_EXPORT_PUBLIC_KEY_H
-+
-+#include <string.h>
-+#include <stdlib.h>
-+#include <psa/crypto.h>
-+#include <psa/client.h>
-+#include <psa/sid.h>
-+#include <service/common/client/service_client.h>
-+#include <service/crypto/backend/psa_ipc/crypto_ipc_backend.h>
-+#include <protocols/rpc/common/packed-c/status.h>
-+#include <protocols/service/crypto/packed-c/opcodes.h>
-+#include <protocols/service/crypto/packed-c/key_attributes.h>
-+#include <protocols/service/crypto/packed-c/import_key.h>
-+#include "crypto_caller_key_attributes.h"
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+static inline psa_status_t crypto_caller_export_public_key(struct service_client *context,
-+ psa_key_id_t id,
-+ uint8_t *data,
-+ size_t data_size,
-+ size_t *data_length)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_EXPORT_PUBLIC_KEY_SID,
-+ .key_id = id,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec) },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(data), .len = data_size }
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ *data_length = out_vec[0].len;
-+
-+ return status;
-+}
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif /* PSA_IPC_CRYPTO_CALLER_EXPORT_PUBLIC_KEY_H */
-diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_key.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_key.h
-new file mode 100644
-index 000000000000..1b66ed4020de
---- /dev/null
-+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_key.h
-@@ -0,0 +1,55 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#ifndef PSA_IPC_CRYPTO_CALLER_GENERATE_KEY_H
-+#define PSA_IPC_CRYPTO_CALLER_GENERATE_KEY_H
-+
-+#include <string.h>
-+#include <stdlib.h>
-+#include <psa/crypto.h>
-+#include <psa/client.h>
-+#include <psa/sid.h>
-+#include <service/common/client/service_client.h>
-+#include <service/crypto/backend/psa_ipc/crypto_ipc_backend.h>
-+#include <protocols/rpc/common/packed-c/status.h>
-+#include <protocols/service/crypto/packed-c/opcodes.h>
-+#include <protocols/service/crypto/packed-c/key_attributes.h>
-+#include <protocols/service/crypto/packed-c/import_key.h>
-+#include "crypto_caller_key_attributes.h"
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+static inline psa_status_t crypto_caller_generate_key(struct service_client *context,
-+ const psa_key_attributes_t *attributes,
-+ psa_key_id_t *id)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_GENERATE_KEY_SID,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec) },
-+ { .base = psa_ptr_const_to_u32(attributes), .len = sizeof(psa_key_attributes_t) },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(id), .len = sizeof(psa_key_id_t) }
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ return status;
-+}
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif /* PSA_IPC_CRYPTO_CALLER_GENERATE_KEY_H */
-diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_random.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_random.h
-new file mode 100644
-index 000000000000..7c538237805a
---- /dev/null
-+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_random.h
-@@ -0,0 +1,57 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#ifndef PSA_IPC_CRYPTO_CALLER_GENERATE_RANDOM_H
-+#define PSA_IPC_CRYPTO_CALLER_GENERATE_RANDOM_H
-+
-+#include <string.h>
-+#include <stdlib.h>
-+#include <psa/crypto.h>
-+#include <psa/client.h>
-+#include <psa/sid.h>
-+#include <service/common/client/service_client.h>
-+#include <service/crypto/backend/psa_ipc/crypto_ipc_backend.h>
-+#include <protocols/rpc/common/packed-c/status.h>
-+#include <protocols/service/crypto/packed-c/opcodes.h>
-+#include <protocols/service/crypto/packed-c/key_attributes.h>
-+#include <protocols/service/crypto/packed-c/import_key.h>
-+#include "crypto_caller_key_attributes.h"
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+static inline psa_status_t crypto_caller_generate_random(struct service_client *context,
-+ uint8_t *output,
-+ size_t output_size)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_GENERATE_RANDOM_SID,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec) },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(output), .len = output_size }
-+ };
-+
-+ if (!output_size)
-+ return PSA_SUCCESS;
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ return status;
-+}
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif /* PSA_IPC_CRYPTO_CALLER_GENERATE_RANDOM_H */
-diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_get_key_attributes.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_get_key_attributes.h
-new file mode 100644
-index 000000000000..22f1d18f1476
---- /dev/null
-+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_get_key_attributes.h
-@@ -0,0 +1,56 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#ifndef PSA_IPC_CRYPTO_CALLER_GET_KEY_ATTRIBUTES_H
-+#define PSA_IPC_CRYPTO_CALLER_GET_KEY_ATTRIBUTES_H
-+
-+#include <string.h>
-+#include <stdlib.h>
-+#include <psa/crypto.h>
-+#include <psa/client.h>
-+#include <psa/sid.h>
-+#include <service/common/client/service_client.h>
-+#include <service/crypto/backend/psa_ipc/crypto_ipc_backend.h>
-+#include <protocols/rpc/common/packed-c/status.h>
-+#include <protocols/service/crypto/packed-c/opcodes.h>
-+#include <protocols/service/crypto/packed-c/key_attributes.h>
-+#include <protocols/service/crypto/packed-c/import_key.h>
-+#include "crypto_caller_key_attributes.h"
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+static inline psa_status_t crypto_caller_get_key_attributes(
-+ struct service_client *context,
-+ psa_key_id_t key,
-+ psa_key_attributes_t *attributes)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_GET_KEY_ATTRIBUTES_SID,
-+ .key_id = key,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec) },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(attributes), .len = sizeof(psa_key_attributes_t) }
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ return status;
-+}
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif /* PSA_IPC_CRYPTO_CALLER_GET_KEY_ATTRIBUTES_H */
-diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h
-new file mode 100644
-index 000000000000..9f37908a2f25
---- /dev/null
-+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h
-@@ -0,0 +1,220 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#ifndef PSA_IPC_CRYPTO_CALLER_HASH_H
-+#define PSA_IPC_CRYPTO_CALLER_HASH_H
-+
-+#include <string.h>
-+#include <stdlib.h>
-+#include <psa/crypto.h>
-+#include <psa/client.h>
-+#include <psa/sid.h>
-+#include <service/common/client/service_client.h>
-+#include <service/crypto/backend/psa_ipc/crypto_ipc_backend.h>
-+#include <protocols/rpc/common/packed-c/status.h>
-+#include <protocols/service/crypto/packed-c/opcodes.h>
-+#include <protocols/service/crypto/packed-c/key_attributes.h>
-+#include <protocols/service/crypto/packed-c/import_key.h>
-+#include "crypto_caller_key_attributes.h"
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+static inline psa_status_t crypto_caller_hash_setup(
-+ struct service_client *context,
-+ uint32_t *op_handle,
-+ psa_algorithm_t alg)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_HASH_SETUP_SID,
-+ .alg = alg,
-+ .op_handle = *op_handle,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(op_handle), .len = sizeof(uint32_t) }
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ return status;
-+}
-+
-+static inline psa_status_t crypto_caller_hash_update(
-+ struct service_client *context,
-+ uint32_t op_handle,
-+ const uint8_t *input,
-+ size_t input_length)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_HASH_UPDATE_SID,
-+ .op_handle = op_handle,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ { .base = psa_ptr_const_to_u32(input), .len = input_length },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t) },
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ return status;
-+}
-+
-+static inline psa_status_t crypto_caller_hash_finish(
-+ struct service_client *context,
-+ uint32_t op_handle,
-+ uint8_t *hash,
-+ size_t hash_size,
-+ size_t *hash_length)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_HASH_FINISH_SID,
-+ .op_handle = op_handle,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t) },
-+ { .base = psa_ptr_to_u32(hash), .len = hash_size},
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ *hash_length = out_vec[1].len;
-+
-+ return status;
-+}
-+
-+static inline psa_status_t crypto_caller_hash_abort(
-+ struct service_client *context,
-+ uint32_t op_handle)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_HASH_ABORT_SID,
-+ .op_handle = op_handle,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t) },
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ return status;
-+}
-+
-+static inline psa_status_t crypto_caller_hash_verify(
-+ struct service_client *context,
-+ uint32_t op_handle,
-+ const uint8_t *hash,
-+ size_t hash_length)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_HASH_VERIFY_SID,
-+ .op_handle = op_handle,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ { .base = psa_ptr_const_to_u32(hash), .len = hash_length},
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t) },
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ return status;
-+}
-+
-+static inline psa_status_t crypto_caller_hash_clone(
-+ struct service_client *context,
-+ uint32_t source_op_handle,
-+ uint32_t *target_op_handle)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_HASH_CLONE_SID,
-+ .op_handle = source_op_handle,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(target_op_handle),
-+ .len = sizeof(uint32_t) },
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ return status;
-+}
-+
-+static inline psa_status_t crypto_caller_hash_suspend(struct service_client *context,
-+ uint32_t op_handle,
-+ uint8_t *hash_state,
-+ size_t hash_state_size,
-+ size_t *hash_state_length)
-+{
-+ return PSA_ERROR_NOT_SUPPORTED;
-+}
-+
-+static inline psa_status_t crypto_caller_hash_resume(struct service_client *context,
-+ uint32_t op_handle,
-+ const uint8_t *hash_state,
-+ size_t hash_state_length)
-+{
-+ return PSA_ERROR_NOT_SUPPORTED;
-+}
-+
-+static inline size_t crypto_caller_hash_max_update_size(const struct service_client *context)
-+{
-+ /* Returns the maximum number of bytes that may be
-+ * carried as a parameter of the hash_update operation
-+ * using the packed-c encoding.
-+ */
-+ size_t payload_space = context->service_info.max_payload;
-+ size_t overhead = iov_size;
-+
-+ return (payload_space > overhead) ? payload_space - overhead : 0;
-+}
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif /* PSA_IPC_CRYPTO_CALLER_HASH_H */
-diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_import_key.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_import_key.h
-new file mode 100644
-index 000000000000..d47033662790
---- /dev/null
-+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_import_key.h
-@@ -0,0 +1,57 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#ifndef PSA_IPC_CRYPTO_CALLER_IMPORT_KEY_H
-+#define PSA_IPC_CRYPTO_CALLER_IMPORT_KEY_H
-+
-+#include <string.h>
-+#include <stdlib.h>
-+#include <psa/crypto.h>
-+#include <psa/client.h>
-+#include <psa/sid.h>
-+#include <service/common/client/service_client.h>
-+#include <service/crypto/backend/psa_ipc/crypto_ipc_backend.h>
-+#include <protocols/rpc/common/packed-c/status.h>
-+#include <protocols/service/crypto/packed-c/opcodes.h>
-+#include <protocols/service/crypto/packed-c/key_attributes.h>
-+#include <protocols/service/crypto/packed-c/import_key.h>
-+#include "crypto_caller_key_attributes.h"
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+static inline psa_status_t crypto_caller_import_key(struct service_client *context,
-+ const psa_key_attributes_t *attributes,
-+ const uint8_t *data, size_t data_length,
-+ psa_key_id_t *id)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_IMPORT_KEY_SID,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec) },
-+ { .base = psa_ptr_const_to_u32(attributes), .len = sizeof(psa_key_attributes_t) },
-+ { .base = psa_ptr_const_to_u32(data), .len = data_length }
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(id), .len = sizeof(psa_key_id_t) }
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ return status;
-+}
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif /* PACKEDC_CRYPTO_CALLER_IMPORT_KEY_H */
-diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_key_attributes.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_key_attributes.h
-new file mode 100644
-index 000000000000..2fad2f0a64e6
---- /dev/null
-+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_key_attributes.h
-@@ -0,0 +1,51 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#ifndef PACKEDC_CRYPTO_CALLER_KEY_ATTRIBUTES_H
-+#define PACKEDC_CRYPTO_CALLER_KEY_ATTRIBUTES_H
-+
-+#include <psa/crypto.h>
-+#include <protocols/service/crypto/packed-c/key_attributes.h>
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+static inline void packedc_crypto_caller_translate_key_attributes_to_proto(
-+ struct ts_crypto_key_attributes *proto_attributes,
-+ const psa_key_attributes_t *psa_attributes)
-+{
-+ proto_attributes->type = psa_get_key_type(psa_attributes);
-+ proto_attributes->key_bits = psa_get_key_bits(psa_attributes);
-+ proto_attributes->lifetime = psa_get_key_lifetime(psa_attributes);
-+ proto_attributes->id = psa_get_key_id(psa_attributes);
-+
-+ proto_attributes->policy.usage = psa_get_key_usage_flags(psa_attributes);
-+ proto_attributes->policy.alg = psa_get_key_algorithm(psa_attributes);
-+ }
-+
-+static inline void packedc_crypto_caller_translate_key_attributes_from_proto(
-+ psa_key_attributes_t *psa_attributes,
-+ const struct ts_crypto_key_attributes *proto_attributes)
-+{
-+ psa_set_key_type(psa_attributes, proto_attributes->type);
-+ psa_set_key_bits(psa_attributes, proto_attributes->key_bits);
-+ psa_set_key_lifetime(psa_attributes, proto_attributes->lifetime);
-+
-+ if (proto_attributes->lifetime == PSA_KEY_LIFETIME_PERSISTENT) {
-+
-+ psa_set_key_id(psa_attributes, proto_attributes->id);
-+ }
-+
-+ psa_set_key_usage_flags(psa_attributes, proto_attributes->policy.usage);
-+ psa_set_key_algorithm(psa_attributes, proto_attributes->policy.alg);
-+}
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif /* PACKEDC_CRYPTO_CALLER_KEY_ATTRIBUTES_H */
-diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_key_derivation.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_key_derivation.h
-new file mode 100644
-index 000000000000..5ce4fb6cca82
---- /dev/null
-+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_key_derivation.h
-@@ -0,0 +1,298 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#ifndef PSA_IPC_CRYPTO_CALLER_KEY_DERIVATION_H
-+#define PSA_IPC_CRYPTO_CALLER_KEY_DERIVATION_H
-+
-+#include <string.h>
-+#include <stdlib.h>
-+#include <psa/crypto.h>
-+#include <psa/client.h>
-+#include <psa/sid.h>
-+#include <service/common/client/service_client.h>
-+#include <service/crypto/backend/psa_ipc/crypto_ipc_backend.h>
-+#include <protocols/rpc/common/packed-c/status.h>
-+#include <protocols/service/crypto/packed-c/opcodes.h>
-+#include <protocols/service/crypto/packed-c/key_attributes.h>
-+#include <protocols/service/crypto/packed-c/import_key.h>
-+#include "crypto_caller_key_attributes.h"
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+static inline psa_status_t crypto_caller_key_derivation_setup(
-+ struct service_client *context,
-+ uint32_t *op_handle,
-+ psa_algorithm_t alg)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_KEY_DERIVATION_SETUP_SID,
-+ .alg = alg,
-+ .op_handle = *op_handle,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(op_handle), .len = sizeof(uint32_t) }
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ return status;
-+}
-+
-+static inline psa_status_t crypto_caller_key_derivation_get_capacity(
-+ struct service_client *context,
-+ const uint32_t op_handle,
-+ size_t *capacity)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY_SID,
-+ .op_handle = op_handle,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(capacity), .len = sizeof(uint32_t) }
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ return status;
-+}
-+
-+static inline psa_status_t crypto_caller_key_derivation_set_capacity(
-+ struct service_client *context,
-+ uint32_t op_handle,
-+ size_t capacity)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY_SID,
-+ .capacity = capacity,
-+ .op_handle = op_handle,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), NULL, 0);
-+
-+ return status;
-+}
-+
-+static inline psa_status_t crypto_caller_key_derivation_input_bytes(
-+ struct service_client *context,
-+ uint32_t op_handle,
-+ psa_key_derivation_step_t step,
-+ const uint8_t *data,
-+ size_t data_length)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES_SID,
-+ .step = step,
-+ .op_handle = op_handle,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ { .base = psa_ptr_const_to_u32(data), .len = data_length },
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), NULL, 0);
-+
-+ return status;
-+}
-+
-+static inline psa_status_t crypto_caller_key_derivation_input_key(
-+ struct service_client *context,
-+ uint32_t op_handle,
-+ psa_key_derivation_step_t step,
-+ psa_key_id_t key)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY_SID,
-+ .key_id = key,
-+ .step = step,
-+ .op_handle = op_handle,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), NULL, 0);
-+
-+ return status;
-+}
-+
-+static inline psa_status_t crypto_caller_key_derivation_output_bytes(
-+ struct service_client *context,
-+ uint32_t op_handle,
-+ uint8_t *output,
-+ size_t output_length)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES_SID,
-+ .op_handle = op_handle,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(output), .len = output_length },
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ return status;
-+}
-+
-+static inline psa_status_t crypto_caller_key_derivation_output_key(
-+ struct service_client *context,
-+ const psa_key_attributes_t *attributes,
-+ uint32_t op_handle,
-+ psa_key_id_t *key)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY_SID,
-+ .op_handle = op_handle,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ { .base = psa_ptr_const_to_u32(attributes),
-+ .len = sizeof(psa_key_attributes_t) },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(key), .len = sizeof(psa_key_id_t)},
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ return status;
-+}
-+
-+static inline psa_status_t crypto_caller_key_derivation_abort(
-+ struct service_client *context,
-+ uint32_t op_handle)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_KEY_DERIVATION_ABORT_SID,
-+ .op_handle = op_handle,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t) },
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ return status;
-+}
-+
-+static inline psa_status_t crypto_caller_key_derivation_key_agreement(
-+ struct service_client *context,
-+ uint32_t op_handle,
-+ psa_key_derivation_step_t step,
-+ psa_key_id_t private_key,
-+ const uint8_t *peer_key,
-+ size_t peer_key_length)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT_SID,
-+ .key_id = private_key,
-+ .step = step,
-+ .op_handle = op_handle,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ { .base = psa_ptr_const_to_u32(peer_key),
-+ .len = peer_key_length},
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), NULL, 0);
-+
-+ return status;
-+}
-+
-+static inline psa_status_t crypto_caller_raw_key_agreement(
-+ struct service_client *context,
-+ psa_algorithm_t alg,
-+ psa_key_id_t private_key,
-+ const uint8_t *peer_key,
-+ size_t peer_key_length,
-+ uint8_t *output,
-+ size_t output_size,
-+ size_t *output_length)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_RAW_KEY_AGREEMENT_SID,
-+ .alg = alg,
-+ .key_id = private_key,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ { .base = psa_ptr_const_to_u32(peer_key),
-+ .len = peer_key_length},
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(output), .len = output_size },
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ *output_length = out_vec[0].len;
-+
-+ return status;
-+}
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif /* PSA_IPC_CRYPTO_CALLER_KEY_DERIVATION_H */
-diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_mac.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_mac.h
-new file mode 100644
-index 000000000000..3a820192495a
---- /dev/null
-+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_mac.h
-@@ -0,0 +1,207 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#ifndef PSA_IPC_CRYPTO_CALLER_MAC_H
-+#define PSA_IPC_CRYPTO_CALLER_MAC_H
-+
-+#include <string.h>
-+#include <stdlib.h>
-+#include <psa/crypto.h>
-+#include <psa/client.h>
-+#include <psa/sid.h>
-+#include <service/common/client/service_client.h>
-+#include <service/crypto/backend/psa_ipc/crypto_ipc_backend.h>
-+#include <protocols/rpc/common/packed-c/status.h>
-+#include <protocols/service/crypto/packed-c/opcodes.h>
-+#include <protocols/service/crypto/packed-c/key_attributes.h>
-+#include <protocols/service/crypto/packed-c/import_key.h>
-+#include "crypto_caller_key_attributes.h"
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+static inline psa_status_t crypto_caller_mac_sign_setup(
-+ struct service_client *context,
-+ uint32_t *op_handle,
-+ psa_key_id_t key,
-+ psa_algorithm_t alg)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_MAC_SIGN_SETUP_SID,
-+ .key_id = key,
-+ .alg = alg,
-+ .op_handle = *op_handle,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(op_handle), .len = sizeof(uint32_t) },
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ return status;
-+}
-+
-+static inline psa_status_t crypto_caller_mac_verify_setup(
-+ struct service_client *context,
-+ uint32_t *op_handle,
-+ psa_key_id_t key,
-+ psa_algorithm_t alg)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_MAC_VERIFY_SETUP_SID,
-+ .key_id = key,
-+ .alg = alg,
-+ .op_handle = *op_handle,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(op_handle), .len = sizeof(uint32_t) },
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ return status;
-+}
-+
-+static inline psa_status_t crypto_caller_mac_update(
-+ struct service_client *context,
-+ uint32_t op_handle,
-+ const uint8_t *input,
-+ size_t input_length)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_MAC_UPDATE_SID,
-+ .op_handle = op_handle,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ { .base = psa_ptr_const_to_u32(input), .len = input_length },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t) },
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ return status;
-+}
-+
-+static inline psa_status_t crypto_caller_mac_sign_finish(
-+ struct service_client *context,
-+ uint32_t op_handle,
-+ uint8_t *mac,
-+ size_t mac_size,
-+ size_t *mac_length)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_MAC_SIGN_FINISH_SID,
-+ .op_handle = op_handle,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t) },
-+ { .base = psa_ptr_to_u32(mac), .len = mac_size },
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ *mac_length = out_vec[1].len;
-+
-+ return status;
-+}
-+
-+static inline psa_status_t crypto_caller_mac_verify_finish(
-+ struct service_client *context,
-+ uint32_t op_handle,
-+ const uint8_t *mac,
-+ size_t mac_length)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_MAC_VERIFY_FINISH_SID,
-+ .op_handle = op_handle,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ { .base = psa_ptr_const_to_u32(mac), .len = mac_length },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t) },
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ return status;
-+}
-+
-+static inline psa_status_t crypto_caller_mac_abort(
-+ struct service_client *context,
-+ uint32_t op_handle)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_MAC_ABORT_SID,
-+ .op_handle = op_handle,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t) },
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ return status;
-+}
-+
-+static inline size_t crypto_caller_mac_max_update_size(const struct service_client *context)
-+{
-+ /* Returns the maximum number of bytes that may be
-+ * carried as a parameter of the mac_update operation
-+ * using the packed-c encoding.
-+ */
-+ size_t payload_space = context->service_info.max_payload;
-+ size_t overhead = iov_size;
-+
-+ return (payload_space > overhead) ? payload_space - overhead : 0;
-+}
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif /* PSA_IPC_CRYPTO_CALLER_MAC_H */
-diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_purge_key.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_purge_key.h
-new file mode 100644
-index 000000000000..a3a796e2166c
---- /dev/null
-+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_purge_key.h
-@@ -0,0 +1,51 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#ifndef PACKEDC_CRYPTO_CALLER_PURGE_KEY_H
-+#define PACKEDC_CRYPTO_CALLER_PURGE_KEY_H
-+
-+#include <string.h>
-+#include <stdlib.h>
-+#include <psa/crypto.h>
-+#include <psa/client.h>
-+#include <psa/sid.h>
-+#include <service/common/client/service_client.h>
-+#include <service/crypto/backend/psa_ipc/crypto_ipc_backend.h>
-+#include <protocols/rpc/common/packed-c/status.h>
-+#include <protocols/service/crypto/packed-c/opcodes.h>
-+#include <protocols/service/crypto/packed-c/key_attributes.h>
-+#include <protocols/service/crypto/packed-c/import_key.h>
-+#include "crypto_caller_key_attributes.h"
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+static inline psa_status_t crypto_caller_purge_key(struct service_client *context,
-+ psa_key_id_t id)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_PURGE_KEY_SID,
-+ .key_id = id,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec) },
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), NULL, 0);
-+
-+ return status;
-+}
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif /* PACKEDC_CRYPTO_CALLER_PURGE_KEY_H */
-diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h
-new file mode 100644
-index 000000000000..71d88cededf5
---- /dev/null
-+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h
-@@ -0,0 +1,64 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#ifndef PSA_IPC_CRYPTO_CALLER_SIGN_HASH_H
-+#define PSA_IPC_CRYPTO_CALLER_SIGN_HASH_H
-+
-+#include <string.h>
-+#include <stdlib.h>
-+#include <psa/crypto.h>
-+#include <psa/client.h>
-+#include <psa/sid.h>
-+#include <service/common/client/service_client.h>
-+#include <service/crypto/backend/psa_ipc/crypto_ipc_backend.h>
-+#include <protocols/rpc/common/packed-c/status.h>
-+#include <protocols/service/crypto/packed-c/opcodes.h>
-+#include <protocols/service/crypto/packed-c/key_attributes.h>
-+#include <protocols/service/crypto/packed-c/import_key.h>
-+#include "crypto_caller_key_attributes.h"
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+static inline psa_status_t crypto_caller_sign_hash(struct service_client *context,
-+ psa_key_id_t id,
-+ psa_algorithm_t alg,
-+ const uint8_t *hash,
-+ size_t hash_length,
-+ uint8_t *signature,
-+ size_t signature_size,
-+ size_t *signature_length)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_SIGN_HASH_SID,
-+ .key_id = id,
-+ .alg = alg,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ { .base = psa_ptr_const_to_u32(hash), .len = hash_length },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(signature), .len = signature_size },
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ *signature_length = out_vec[0].len;
-+
-+ return status;
-+}
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif /* PSA_IPC_CRYPTO_CALLER_SIGN_HASH_H */
-diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h
-new file mode 100644
-index 000000000000..e16f6e5450af
---- /dev/null
-+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h
-@@ -0,0 +1,59 @@
-+/*
-+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ */
-+
-+#ifndef PSA_IPC_CRYPTO_CALLER_VERIFY_HASH_H
-+#define PSA_IPC_CRYPTO_CALLER_VERIFY_HASH_H
-+
-+#include <string.h>
-+#include <stdlib.h>
-+#include <psa/crypto.h>
-+#include <psa/client.h>
-+#include <psa/sid.h>
-+#include <service/common/client/service_client.h>
-+#include <service/crypto/backend/psa_ipc/crypto_ipc_backend.h>
-+#include <protocols/rpc/common/packed-c/status.h>
-+#include <protocols/service/crypto/packed-c/opcodes.h>
-+#include <protocols/service/crypto/packed-c/key_attributes.h>
-+#include <protocols/service/crypto/packed-c/import_key.h>
-+#include "crypto_caller_key_attributes.h"
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+static inline psa_status_t crypto_caller_verify_hash(struct service_client *context,
-+ psa_key_id_t id,
-+ psa_algorithm_t alg,
-+ const uint8_t *hash,
-+ size_t hash_length,
-+ const uint8_t *signature,
-+ size_t signature_length)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_VERIFY_HASH_SID,
-+ .key_id = id,
-+ .alg = alg,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec) },
-+ { .base = psa_ptr_const_to_u32(hash), .len = hash_length },
-+ { .base = psa_ptr_const_to_u32(signature), .len = signature_length},
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), NULL, 0);
-+
-+ return status;
-+}
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif /* PSA_IPC_CRYPTO_CALLER_VERIFY_HASH_H */
-diff --git a/components/service/crypto/include/psa/crypto_client_struct.h b/components/service/crypto/include/psa/crypto_client_struct.h
-index abd420c82607..bf95c9821e55 100644
---- a/components/service/crypto/include/psa/crypto_client_struct.h
-+++ b/components/service/crypto/include/psa/crypto_client_struct.h
-@@ -31,12 +31,12 @@ extern "C" {
- * data structure internally. */
- struct psa_client_key_attributes_s
- {
-+ uint16_t type;
-+ uint16_t bits;
- uint32_t lifetime;
-- uint32_t id;
-- uint32_t alg;
-+ psa_key_id_t id;
- uint32_t usage;
-- size_t bits;
-- uint16_t type;
-+ uint32_t alg;
- };
-
- #define PSA_CLIENT_KEY_ATTRIBUTES_INIT {0, 0, 0, 0, 0, 0}
-diff --git a/components/service/crypto/include/psa/crypto_sizes.h b/components/service/crypto/include/psa/crypto_sizes.h
-index 7a0149bbca62..4d7bf6e959b0 100644
---- a/components/service/crypto/include/psa/crypto_sizes.h
-+++ b/components/service/crypto/include/psa/crypto_sizes.h
-@@ -81,7 +81,7 @@
- #define PSA_HASH_MAX_SIZE 64
- #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128
- #else
--#define PSA_HASH_MAX_SIZE 32
-+#define PSA_HASH_MAX_SIZE 64
- #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64
- #endif
-
-diff --git a/deployments/se-proxy/common/service_proxy_factory.c b/deployments/se-proxy/common/service_proxy_factory.c
-index 1110ac46bf8b..7edeef8b434a 100644
---- a/deployments/se-proxy/common/service_proxy_factory.c
-+++ b/deployments/se-proxy/common/service_proxy_factory.c
-@@ -15,7 +15,7 @@
- #include <trace.h>
-
- /* Stub backends */
--#include <service/crypto/backend/stub/stub_crypto_backend.h>
-+#include <service/crypto/backend/psa_ipc/crypto_ipc_backend.h>
- #include <service/secure_storage/backend/secure_storage_ipc/secure_storage_ipc.h>
- #include <service/secure_storage/backend/mock_store/mock_store.h>
-
-@@ -47,12 +47,17 @@ struct rpc_interface *crypto_proxy_create(void)
- {
- struct rpc_interface *crypto_iface = NULL;
- struct crypto_provider *crypto_provider;
-+ struct rpc_caller *crypto_caller;
-
-- if (stub_crypto_backend_init() == PSA_SUCCESS) {
-+ crypto_caller = openamp_caller_init(&openamp);
-+ if (!crypto_caller)
-+ return NULL;
-+
-+ if (crypto_ipc_backend_init(&openamp.rpc_caller) != PSA_SUCCESS)
-+ return NULL;
-
-- crypto_provider = crypto_provider_factory_create();
-- crypto_iface = service_provider_get_rpc_interface(&crypto_provider->base_provider);
-- }
-+ crypto_provider = crypto_provider_factory_create();
-+ crypto_iface = service_provider_get_rpc_interface(&crypto_provider->base_provider);
-
- return crypto_iface;
- }
-diff --git a/platform/providers/arm/corstone1000/platform.cmake b/platform/providers/arm/corstone1000/platform.cmake
-index bb778bb9719b..51e5faa3e4d8 100644
---- a/platform/providers/arm/corstone1000/platform.cmake
-+++ b/platform/providers/arm/corstone1000/platform.cmake
-@@ -8,3 +8,5 @@
-
- # include MHU driver
- include(${TS_ROOT}/platform/drivers/arm/mhu_driver/component.cmake)
-+
-+add_compile_definitions(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
-2.38.1
-
deleted file mode 100644
@@ -1,42 +0,0 @@
-From 229ec29154a4404426ad3083af68ca111a214e13 Mon Sep 17 00:00:00 2001
-From: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
-Date: Thu, 16 Dec 2021 21:31:40 +0000
-Subject: [PATCH 14/20] Configure storage size
-
-Upstream-Status: Pending
-Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
----
- .../service/smm_variable/backend/uefi_variable_store.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/components/service/smm_variable/backend/uefi_variable_store.c b/components/service/smm_variable/backend/uefi_variable_store.c
-index 611e2e225c6b..6c3b9ed81c25 100644
---- a/components/service/smm_variable/backend/uefi_variable_store.c
-+++ b/components/service/smm_variable/backend/uefi_variable_store.c
-@@ -88,6 +88,7 @@ static efi_status_t check_name_terminator(
- * may be overridden using uefi_variable_store_set_storage_limits()
- */
- #define DEFAULT_MAX_VARIABLE_SIZE (2048)
-+#define CONFIGURE_STORAGE_SIZE (50)
-
- efi_status_t uefi_variable_store_init(
- struct uefi_variable_store *context,
-@@ -101,13 +102,13 @@ efi_status_t uefi_variable_store_init(
- /* Initialise persistent store defaults */
- context->persistent_store.is_nv = true;
- context->persistent_store.max_variable_size = DEFAULT_MAX_VARIABLE_SIZE;
-- context->persistent_store.total_capacity = DEFAULT_MAX_VARIABLE_SIZE * max_variables;
-+ context->persistent_store.total_capacity = CONFIGURE_STORAGE_SIZE * max_variables;
- context->persistent_store.storage_backend = persistent_store;
-
- /* Initialise volatile store defaults */
- context->volatile_store.is_nv = false;
- context->volatile_store.max_variable_size = DEFAULT_MAX_VARIABLE_SIZE;
-- context->volatile_store.total_capacity = DEFAULT_MAX_VARIABLE_SIZE * max_variables;
-+ context->volatile_store.total_capacity = CONFIGURE_STORAGE_SIZE * max_variables;
- context->volatile_store.storage_backend = volatile_store;
-
- context->owner_id = owner_id;
-2.38.1
-
deleted file mode 100644
@@ -1,31 +0,0 @@
-From cf83184500703f9b4f2ac04be59cc7d624d8fd66 Mon Sep 17 00:00:00 2001
-From: Satish Kumar <satish.kumar01@arm.com>
-Date: Sun, 13 Feb 2022 09:01:10 +0000
-Subject: [PATCH 15/20] Fix: Crypto interface structure aligned with tf-m
- change.
-
-NO NEED TO RAISE PR: The PR for this FIX is raied by Emek.
-
-Upstream-Status: Pending
-Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
----
- components/service/crypto/backend/psa_ipc/crypto_ipc_backend.h | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/components/service/crypto/backend/psa_ipc/crypto_ipc_backend.h b/components/service/crypto/backend/psa_ipc/crypto_ipc_backend.h
-index c13c20e84131..ec25eaf868c7 100644
---- a/components/service/crypto/backend/psa_ipc/crypto_ipc_backend.h
-+++ b/components/service/crypto/backend/psa_ipc/crypto_ipc_backend.h
-@@ -38,7 +38,8 @@ struct psa_ipc_crypto_pack_iovec {
- * multipart operation
- */
- uint32_t capacity; /*!< Key derivation capacity */
--
-+ uint32_t ad_length; /*!< Additional Data length for multipart AEAD */
-+ uint32_t plaintext_length; /*!< Plaintext length for multipart AEAD */
- struct psa_ipc_crypto_aead_pack_input aead_in; /*!< FixMe: Temporarily used for
- * AEAD until the API is
- * restructured
-2.38.1
-
deleted file mode 100644
@@ -1,494 +0,0 @@
-From 551d8722769fa2f2d2ac74adcb289333a9b03598 Mon Sep 17 00:00:00 2001
-From: Satish Kumar <satish.kumar01@arm.com>
-Date: Sun, 13 Feb 2022 09:49:51 +0000
-Subject: [PATCH 16/20] Integrate remaining psa-ipc client APIs.
-
-Upstream-Status: Pending
-Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
-Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
----
- .../caller/psa_ipc/crypto_caller_aead.h | 297 +++++++++++++++++-
- .../caller/psa_ipc/crypto_caller_sign_hash.h | 35 +++
- .../psa_ipc/crypto_caller_verify_hash.h | 33 +-
- 3 files changed, 352 insertions(+), 13 deletions(-)
-
-diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h
-index 78517fe32ca9..f6aadd8b9098 100644
---- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h
-+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h
-@@ -152,7 +152,27 @@ static inline psa_status_t crypto_caller_aead_encrypt_setup(
- psa_key_id_t key,
- psa_algorithm_t alg)
- {
-- return PSA_ERROR_NOT_SUPPORTED;
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_AEAD_ENCRYPT_SETUP_SID,
-+ .key_id = key,
-+ .alg = alg,
-+ .op_handle = (*op_handle),
-+ };
-+
-+ struct psa_invec in_vec[] = {
-+ {.base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec)}
-+ };
-+ struct psa_outvec out_vec[] = {
-+ {.base = psa_ptr_to_u32(op_handle), .len = sizeof(uint32_t)}
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ return status;
- }
-
- static inline psa_status_t crypto_caller_aead_decrypt_setup(
-@@ -161,7 +181,26 @@ static inline psa_status_t crypto_caller_aead_decrypt_setup(
- psa_key_id_t key,
- psa_algorithm_t alg)
- {
-- return PSA_ERROR_NOT_SUPPORTED;
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_AEAD_DECRYPT_SETUP_SID,
-+ .key_id = key,
-+ .alg = alg,
-+ .op_handle = (*op_handle),
-+ };
-+
-+ struct psa_invec in_vec[] = {
-+ {.base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec)}
-+ };
-+ struct psa_outvec out_vec[] = {
-+ {.base = psa_ptr_to_u32(op_handle), .len = sizeof(uint32_t)}
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+ return status;
- }
-
- static inline psa_status_t crypto_caller_aead_generate_nonce(
-@@ -171,7 +210,27 @@ static inline psa_status_t crypto_caller_aead_generate_nonce(
- size_t nonce_size,
- size_t *nonce_length)
- {
-- return PSA_ERROR_NOT_SUPPORTED;
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_AEAD_GENERATE_NONCE_SID,
-+ .op_handle = op_handle,
-+ };
-+
-+ struct psa_invec in_vec[] = {
-+ {.base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec)},
-+ };
-+ struct psa_outvec out_vec[] = {
-+ {.base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t)},
-+ {.base = psa_ptr_to_u32(nonce), .len = nonce_size}
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ *nonce_length = out_vec[1].len;
-+ return status;
- }
-
- static inline psa_status_t crypto_caller_aead_set_nonce(
-@@ -180,7 +239,25 @@ static inline psa_status_t crypto_caller_aead_set_nonce(
- const uint8_t *nonce,
- size_t nonce_length)
- {
-- return PSA_ERROR_NOT_SUPPORTED;
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_AEAD_SET_NONCE_SID,
-+ .op_handle = op_handle,
-+ };
-+
-+ struct psa_invec in_vec[] = {
-+ {.base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec)},
-+ {.base = psa_ptr_to_u32(nonce), .len = nonce_length}
-+ };
-+ struct psa_outvec out_vec[] = {
-+ {.base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t)}
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+ return status;
- }
-
- static inline psa_status_t crypto_caller_aead_set_lengths(
-@@ -189,7 +266,27 @@ static inline psa_status_t crypto_caller_aead_set_lengths(
- size_t ad_length,
- size_t plaintext_length)
- {
-- return PSA_ERROR_NOT_SUPPORTED;
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_AEAD_SET_LENGTHS_SID,
-+ .ad_length = ad_length,
-+ .plaintext_length = plaintext_length,
-+ .op_handle = op_handle,
-+ };
-+
-+ struct psa_invec in_vec[] = {
-+ {.base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec)},
-+ };
-+ struct psa_outvec out_vec[] = {
-+ {.base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t)}
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ return status;
- }
-
- static inline psa_status_t crypto_caller_aead_update_ad(
-@@ -198,7 +295,35 @@ static inline psa_status_t crypto_caller_aead_update_ad(
- const uint8_t *input,
- size_t input_length)
- {
-- return PSA_ERROR_NOT_SUPPORTED;
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_AEAD_UPDATE_AD_SID,
-+ .op_handle = op_handle,
-+ };
-+
-+ /* Sanitize the optional input */
-+ if ((input == NULL) && (input_length != 0)) {
-+ return PSA_ERROR_INVALID_ARGUMENT;
-+ }
-+
-+ struct psa_invec in_vec[] = {
-+ {.base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec)},
-+ {.base = psa_ptr_const_to_u32(input), .len = input_length}
-+ };
-+ struct psa_outvec out_vec[] = {
-+ {.base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t)}
-+ };
-+
-+ size_t in_len = IOVEC_LEN(in_vec);
-+
-+ if (input == NULL) {
-+ in_len--;
-+ }
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ in_len, out_vec, IOVEC_LEN(out_vec));
-+ return status;
- }
-
- static inline psa_status_t crypto_caller_aead_update(
-@@ -210,7 +335,38 @@ static inline psa_status_t crypto_caller_aead_update(
- size_t output_size,
- size_t *output_length)
- {
-- return PSA_ERROR_NOT_SUPPORTED;
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_AEAD_UPDATE_SID,
-+ .op_handle = op_handle,
-+ };
-+
-+ /* Sanitize the optional input */
-+ if ((input == NULL) && (input_length != 0)) {
-+ return PSA_ERROR_INVALID_ARGUMENT;
-+ }
-+
-+ struct psa_invec in_vec[] = {
-+ {.base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec)},
-+ {.base = psa_ptr_const_to_u32(input), .len = input_length}
-+ };
-+ struct psa_outvec out_vec[] = {
-+ {.base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t)},
-+ {.base = psa_ptr_const_to_u32(output), .len = output_size},
-+ };
-+
-+ size_t in_len = IOVEC_LEN(in_vec);
-+
-+ if (input == NULL) {
-+ in_len--;
-+ }
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ in_len, out_vec, IOVEC_LEN(out_vec));
-+
-+ *output_length = out_vec[1].len;
-+ return status;
- }
-
- static inline psa_status_t crypto_caller_aead_finish(
-@@ -223,7 +379,48 @@ static inline psa_status_t crypto_caller_aead_finish(
- size_t tag_size,
- size_t *tag_length)
- {
-- return PSA_ERROR_NOT_SUPPORTED;
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_AEAD_FINISH_SID,
-+ .op_handle = op_handle,
-+ };
-+
-+ /* Sanitize the optional output */
-+ if ((aeadtext == NULL) && (aeadtext_size != 0)) {
-+ return PSA_ERROR_INVALID_ARGUMENT;
-+ }
-+
-+ struct psa_invec in_vec[] = {
-+ {.base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec)},
-+ };
-+ struct psa_outvec out_vec[] = {
-+ {.base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t)},
-+ {.base = psa_ptr_const_to_u32(tag), .len = tag_size},
-+ {.base = psa_ptr_const_to_u32(aeadtext), .len = aeadtext_size}
-+ };
-+
-+ size_t out_len = IOVEC_LEN(out_vec);
-+
-+ if (aeadtext == NULL || aeadtext_size == 0) {
-+ out_len--;
-+ }
-+ if ((out_len == 3) && (aeadtext_length == NULL)) {
-+ return PSA_ERROR_INVALID_ARGUMENT;
-+ }
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, out_len);
-+
-+ *tag_length = out_vec[1].len;
-+
-+ if (out_len == 3) {
-+ *aeadtext_length = out_vec[2].len;
-+ } else {
-+ *aeadtext_length = 0;
-+ }
-+ return status;
- }
-
- static inline psa_status_t crypto_caller_aead_verify(
-@@ -235,14 +432,94 @@ static inline psa_status_t crypto_caller_aead_verify(
- const uint8_t *tag,
- size_t tag_length)
- {
-- return PSA_ERROR_NOT_SUPPORTED;
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_AEAD_VERIFY_SID,
-+ .op_handle = op_handle,
-+ };
-+
-+ /* Sanitize the optional output */
-+ if ((plaintext == NULL) && (plaintext_size != 0)) {
-+ return PSA_ERROR_INVALID_ARGUMENT;
-+ }
-+
-+ struct psa_invec in_vec[] = {
-+ {.base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec)},
-+ {.base = psa_ptr_const_to_u32(tag), .len = tag_length}
-+ };
-+ struct psa_outvec out_vec[] = {
-+ {.base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t)},
-+ {.base = psa_ptr_const_to_u32(plaintext), .len = plaintext_size},
-+ };
-+
-+ size_t out_len = IOVEC_LEN(out_vec);
-+
-+ if (plaintext == NULL || plaintext_size == 0) {
-+ out_len--;
-+ }
-+ if ((out_len == 2) && (plaintext_length == NULL)) {
-+ return PSA_ERROR_INVALID_ARGUMENT;
-+ }
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, out_len);
-+
-+ if (out_len == 2) {
-+ *plaintext_length = out_vec[1].len;
-+ } else {
-+ *plaintext_length = 0;
-+ }
-+ return status;
- }
-
- static inline psa_status_t crypto_caller_aead_abort(
- struct service_client *context,
- uint32_t op_handle)
- {
-- return PSA_ERROR_NOT_SUPPORTED;
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_AEAD_ABORT_SID,
-+ .op_handle = op_handle,
-+ };
-+
-+ struct psa_invec in_vec[] = {
-+ {.base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec)},
-+ };
-+ struct psa_outvec out_vec[] = {
-+ {.base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t)},
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+ return status;
-+}
-+
-+static inline size_t crypto_caller_aead_max_update_size(const struct service_client *context)
-+{
-+ /* Returns the maximum number of bytes that may be
-+ * carried as a parameter of the mac_update operation
-+ * using the packed-c encoding.
-+ */
-+ size_t payload_space = context->service_info.max_payload;
-+ size_t overhead = iov_size;
-+
-+ return (payload_space > overhead) ? payload_space - overhead : 0;
-+}
-+
-+static inline size_t crypto_caller_aead_max_update_ad_size(const struct service_client *context)
-+{
-+ /* Returns the maximum number of bytes that may be
-+ * carried as a parameter of the mac_update operation
-+ * using the packed-c encoding.
-+ */
-+ size_t payload_space = context->service_info.max_payload;
-+ size_t overhead = iov_size;
-+
-+ return (payload_space > overhead) ? payload_space - overhead : 0;
- }
-
- #ifdef __cplusplus
-diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h
-index 71d88cededf5..e4a2b167defb 100644
---- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h
-+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h
-@@ -57,6 +57,41 @@ static inline psa_status_t crypto_caller_sign_hash(struct service_client *contex
- return status;
- }
-
-+static inline psa_status_t crypto_caller_sign_message(struct service_client *context,
-+ psa_key_id_t id,
-+ psa_algorithm_t alg,
-+ const uint8_t *hash,
-+ size_t hash_length,
-+ uint8_t *signature,
-+ size_t signature_size,
-+ size_t *signature_length)
-+{
-+ struct service_client *ipc = context;
-+ struct rpc_caller *caller = ipc->caller;
-+ psa_status_t status;
-+ struct psa_ipc_crypto_pack_iovec iov = {
-+ .sfn_id = TFM_CRYPTO_SIGN_MESSAGE_SID,
-+ .key_id = id,
-+ .alg = alg,
-+ };
-+ struct psa_invec in_vec[] = {
-+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
-+ { .base = psa_ptr_const_to_u32(hash), .len = hash_length },
-+ };
-+ struct psa_outvec out_vec[] = {
-+ { .base = psa_ptr_to_u32(signature), .len = signature_size },
-+ };
-+
-+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
-+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-+
-+ *signature_length = out_vec[0].len;
-+
-+ return status;
-+}
-+
-+
-+
- #ifdef __cplusplus
- }
- #endif
-diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h
-index e16f6e5450af..cc9279ee79f2 100644
---- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h
-+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h
-@@ -24,19 +24,20 @@
- extern "C" {
- #endif
-
--static inline psa_status_t crypto_caller_verify_hash(struct service_client *context,
-+static inline psa_status_t crypto_caller_common(struct service_client *context,
- psa_key_id_t id,
- psa_algorithm_t alg,
- const uint8_t *hash,
- size_t hash_length,
- const uint8_t *signature,
-- size_t signature_length)
-+ size_t signature_length,
-+ uint32_t sfn_id)
- {
- struct service_client *ipc = context;
- struct rpc_caller *caller = ipc->caller;
- psa_status_t status;
- struct psa_ipc_crypto_pack_iovec iov = {
-- .sfn_id = TFM_CRYPTO_VERIFY_HASH_SID,
-+ .sfn_id = sfn_id,
- .key_id = id,
- .alg = alg,
- };
-@@ -52,6 +53,32 @@ static inline psa_status_t crypto_caller_verify_hash(struct service_client *cont
- return status;
- }
-
-+static inline psa_status_t crypto_caller_verify_hash(struct service_client *context,
-+ psa_key_id_t id,
-+ psa_algorithm_t alg,
-+ const uint8_t *hash,
-+ size_t hash_length,
-+ const uint8_t *signature,
-+ size_t signature_length)
-+{
-+
-+ return crypto_caller_common(context,id,alg,hash,hash_length,
-+ signature,signature_length, TFM_CRYPTO_VERIFY_HASH_SID);
-+}
-+
-+static inline psa_status_t crypto_caller_verify_message(struct service_client *context,
-+ psa_key_id_t id,
-+ psa_algorithm_t alg,
-+ const uint8_t *hash,
-+ size_t hash_length,
-+ const uint8_t *signature,
-+ size_t signature_length)
-+{
-+
-+ return crypto_caller_common(context,id,alg,hash,hash_length,
-+ signature,signature_length, TFM_CRYPTO_VERIFY_MESSAGE_SID);
-+}
-+
- #ifdef __cplusplus
- }
- #endif
-2.38.1
-
deleted file mode 100644
@@ -1,40 +0,0 @@
-From 5a5e162e17c9decb04b3b2905a0fb604e8f06e91 Mon Sep 17 00:00:00 2001
-From: Satish Kumar <satish.kumar01@arm.com>
-Date: Mon, 14 Feb 2022 17:52:00 +0000
-Subject: [PATCH 17/20] Fix : update psa_set_key_usage_flags definition to the
- latest from the tf-m
-
-Upstream-Status: Pending
-Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
-Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
----
- components/service/crypto/include/psa/crypto_struct.h | 10 ++++++++++
- 1 file changed, 10 insertions(+)
-
-diff --git a/components/service/crypto/include/psa/crypto_struct.h b/components/service/crypto/include/psa/crypto_struct.h
-index 1bc55e375eea..b4a7ed4b39d3 100644
---- a/components/service/crypto/include/psa/crypto_struct.h
-+++ b/components/service/crypto/include/psa/crypto_struct.h
-@@ -155,9 +155,19 @@ static inline psa_key_lifetime_t psa_get_key_lifetime(
- return( attributes->lifetime );
- }
-
-+static inline void psa_extend_key_usage_flags( psa_key_usage_t *usage_flags )
-+{
-+ if( *usage_flags & PSA_KEY_USAGE_SIGN_HASH )
-+ *usage_flags |= PSA_KEY_USAGE_SIGN_MESSAGE;
-+
-+ if( *usage_flags & PSA_KEY_USAGE_VERIFY_HASH )
-+ *usage_flags |= PSA_KEY_USAGE_VERIFY_MESSAGE;
-+}
-+
- static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes,
- psa_key_usage_t usage_flags)
- {
-+ psa_extend_key_usage_flags( &usage_flags );
- attributes->usage = usage_flags;
- }
-
-2.38.1
-
deleted file mode 100644
@@ -1,37 +0,0 @@
-From c519bae79629bfe551d79cfeb4e7d8a059545145 Mon Sep 17 00:00:00 2001
-From: Rui Miguel Silva <rui.silva@linaro.org>
-Date: Tue, 11 Oct 2022 10:46:10 +0100
-Subject: [PATCH 19/20] plat: corstone1000: change default smm values
-
-Smm gateway uses SE proxy to route the calls for any NV
-storage so set the NV_STORE_SN.
-Change the storage index uid because TF-M in the secure
-enclave reserves the default value (0x1) to some internal
-operation.
-Increase the maximum number of uefi variables to cope with all
-the needs for testing and certification
-
-Upstream-Status: Pending
-Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
-Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
----
- platform/providers/arm/corstone1000/platform.cmake | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/platform/providers/arm/corstone1000/platform.cmake b/platform/providers/arm/corstone1000/platform.cmake
-index 51e5faa3e4d8..04b629a81906 100644
---- a/platform/providers/arm/corstone1000/platform.cmake
-+++ b/platform/providers/arm/corstone1000/platform.cmake
-@@ -10,3 +10,9 @@
- include(${TS_ROOT}/platform/drivers/arm/mhu_driver/component.cmake)
-
- add_compile_definitions(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
-+
-+target_compile_definitions(${TGT} PRIVATE
-+ SMM_GATEWAY_NV_STORE_SN="sn:ffa:46bb39d1-b4d9-45b5-88ff-040027dab249:1"
-+ SMM_VARIABLE_INDEX_STORAGE_UID=0x787
-+ SMM_GATEWAY_MAX_UEFI_VARIABLES=100
-+)
-2.38.1
-
deleted file mode 100644
@@ -1,35 +0,0 @@
-From 6d3cac6f3a6e977e9330c9c06514a372ade170a2 Mon Sep 17 00:00:00 2001
-From: Emekcan <emekcan.aras@arm.com>
-Date: Wed, 2 Nov 2022 09:58:27 +0000
-Subject: [PATCH] smm_gateway: add checks for null attributes
-
-As par EDK-2 and EDK-2 test code, setVariable() with 0
-attributes means a delete variable request. Currently,
-smm gatway doesn't handle this scenario. This commit adds
-that support.
-
-Upstream-Status: Pending
-Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
----
- components/service/smm_variable/backend/uefi_variable_store.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/components/service/smm_variable/backend/uefi_variable_store.c b/components/service/smm_variable/backend/uefi_variable_store.c
-index 6c3b9ed8..a691dc5d 100644
---- a/components/service/smm_variable/backend/uefi_variable_store.c
-+++ b/components/service/smm_variable/backend/uefi_variable_store.c
-@@ -202,9 +202,9 @@ efi_status_t uefi_variable_store_set_variable(
- if (info->is_variable_set) {
-
- /* It's a request to update to an existing variable */
-- if (!(var->Attributes &
-+ if (!(var->Attributes) || (!(var->Attributes &
- (EFI_VARIABLE_APPEND_WRITE | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS_MASK)) &&
-- !var->DataSize) {
-+ !var->DataSize)) {
-
- /* It's a remove operation - for a remove, the variable
- * data must be removed from the storage backend before
-2.17.1
-
deleted file mode 100644
@@ -1,33 +0,0 @@
-From 2aa665ad2cb13bc79b645db41686449a47593aab Mon Sep 17 00:00:00 2001
-From: Emekcan <emekcan.aras@arm.com>
-Date: Thu, 3 Nov 2022 17:43:40 +0000
-Subject: [PATCH] smm_gateway: GetNextVariableName Fix
-
-GetNextVariableName() should return EFI_BUFFER_TOO_SMALL
-when NameSize is smaller than the actual NameSize. It
-currently returns EFI_BUFFER_OUT_OF_RESOURCES due to setting
-max_name_len incorrectly. This fixes max_name_len error by
-replacing it with actual NameSize request by u-boot.
-
-Upstream-Status: Pending
-Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
----
- .../service/smm_variable/provider/smm_variable_provider.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/components/service/smm_variable/provider/smm_variable_provider.c b/components/service/smm_variable/provider/smm_variable_provider.c
-index a9679b7e..6a4b6fa7 100644
---- a/components/service/smm_variable/provider/smm_variable_provider.c
-+++ b/components/service/smm_variable/provider/smm_variable_provider.c
-@@ -197,7 +197,7 @@ static rpc_status_t get_next_variable_name_handler(void *context, struct call_re
- efi_status = uefi_variable_store_get_next_variable_name(
- &this_instance->variable_store,
- (SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME*)resp_buf->data,
-- max_name_len,
-+ ((SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME*)resp_buf->data)->NameSize,
- &resp_buf->data_len);
- }
- else {
-2.17.1
-
deleted file mode 100644
@@ -1,140 +0,0 @@
-From 956b8a8e1dd5702b9c1657f4ec27a7aeddb0758e Mon Sep 17 00:00:00 2001
-From: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
-Date: Mon, 21 Nov 2022 00:08:20 +0000
-Subject: [PATCH] Use the stateless platform service calls
-
-Calls to psa_connect is not needed and psa_call can be called
-directly with a pre defined handle.
-
-Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
-Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
-Upstream-Status: Inappropriate [Design is to revisted]
-
----
- .../provider/capsule_update_provider.c | 24 ++++---------------
- .../provider/corstone1000_fmp_service.c | 10 ++++----
- .../provider/corstone1000_fmp_service.h | 3 +--
- components/service/common/include/psa/sid.h | 6 +++++
- 4 files changed, 16 insertions(+), 27 deletions(-)
-
-diff --git a/components/service/capsule_update/provider/capsule_update_provider.c b/components/service/capsule_update/provider/capsule_update_provider.c
-index 991a2235..6809249f 100644
---- a/components/service/capsule_update/provider/capsule_update_provider.c
-+++ b/components/service/capsule_update/provider/capsule_update_provider.c
-@@ -61,7 +61,6 @@ void capsule_update_provider_deinit(struct capsule_update_provider *context)
- static rpc_status_t event_handler(uint32_t opcode, struct rpc_caller *caller)
- {
- uint32_t ioctl_id;
-- psa_handle_t handle;
- rpc_status_t rpc_status = TS_RPC_CALL_ACCEPTED;
-
- struct psa_invec in_vec[] = {
-@@ -79,31 +78,18 @@ static rpc_status_t event_handler(uint32_t opcode, struct rpc_caller *caller)
- case CAPSULE_UPDATE_REQUEST:
- /* Openamp call with IOCTL for firmware update*/
- ioctl_id = IOCTL_CORSTONE1000_FWU_FLASH_IMAGES;
-- handle = psa_connect(caller, TFM_SP_PLATFORM_IOCTL_SID,
-- TFM_SP_PLATFORM_IOCTL_VERSION);
-- if (handle <= 0) {
-- EMSG("%s Invalid handle", __func__);
-- rpc_status = TS_RPC_ERROR_INVALID_PARAMETER;
-- return rpc_status;
-- }
-- psa_call(caller,handle, PSA_IPC_CALL,
-+ psa_call(caller,TFM_PLATFORM_SERVICE_HANDLE, TFM_PLATFORM_API_ID_IOCTL,
- in_vec,IOVEC_LEN(in_vec), NULL, 0);
-- set_fmp_image_info(caller, handle);
-+ set_fmp_image_info(caller);
- break;
-
- case KERNEL_STARTED_EVENT:
- ioctl_id = IOCTL_CORSTONE1000_FWU_HOST_ACK;
- /*openamp call with IOCTL for kernel start*/
-- handle = psa_connect(caller, TFM_SP_PLATFORM_IOCTL_SID,
-- TFM_SP_PLATFORM_IOCTL_VERSION);
-- if (handle <= 0) {
-- EMSG("%s Invalid handle", __func__);
-- rpc_status = TS_RPC_ERROR_INVALID_PARAMETER;
-- return rpc_status;
-- }
-- psa_call(caller,handle, PSA_IPC_CALL,
-+
-+ psa_call(caller,TFM_PLATFORM_SERVICE_HANDLE, TFM_PLATFORM_API_ID_IOCTL,
- in_vec,IOVEC_LEN(in_vec), NULL, 0);
-- set_fmp_image_info(caller, handle);
-+ set_fmp_image_info(caller);
- break;
- default:
- EMSG("%s unsupported opcode", __func__);
-diff --git a/components/service/capsule_update/provider/corstone1000_fmp_service.c b/components/service/capsule_update/provider/corstone1000_fmp_service.c
-index 6a7a47a7..d811af9f 100644
---- a/components/service/capsule_update/provider/corstone1000_fmp_service.c
-+++ b/components/service/capsule_update/provider/corstone1000_fmp_service.c
-@@ -238,8 +238,7 @@ static psa_status_t unpack_image_info(void *buffer, uint32_t size)
- return PSA_SUCCESS;
- }
-
--static psa_status_t get_image_info(struct rpc_caller *caller,
-- psa_handle_t platform_service_handle)
-+static psa_status_t get_image_info(struct rpc_caller *caller)
- {
- psa_status_t status;
- psa_handle_t handle;
-@@ -255,7 +254,7 @@ static psa_status_t get_image_info(struct rpc_caller *caller,
-
- memset(image_info_buffer, 0, IMAGE_INFO_BUFFER_SIZE);
-
-- psa_call(caller, platform_service_handle, PSA_IPC_CALL,
-+ psa_call(caller, TFM_PLATFORM_SERVICE_HANDLE, TFM_PLATFORM_API_ID_IOCTL,
- in_vec, IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-
- status = unpack_image_info(image_info_buffer, IMAGE_INFO_BUFFER_SIZE);
-@@ -288,12 +287,11 @@ static psa_status_t set_image_info(struct rpc_caller *caller)
- return PSA_SUCCESS;
- }
-
--void set_fmp_image_info(struct rpc_caller *caller,
-- psa_handle_t platform_service_handle)
-+void set_fmp_image_info(struct rpc_caller *caller)
- {
- psa_status_t status;
-
-- status = get_image_info(caller, platform_service_handle);
-+ status = get_image_info(caller);
- if (status != PSA_SUCCESS) {
- return;
- }
-diff --git a/components/service/capsule_update/provider/corstone1000_fmp_service.h b/components/service/capsule_update/provider/corstone1000_fmp_service.h
-index 95fba2a0..963223e8 100644
---- a/components/service/capsule_update/provider/corstone1000_fmp_service.h
-+++ b/components/service/capsule_update/provider/corstone1000_fmp_service.h
-@@ -16,8 +16,7 @@ extern "C" {
-
- void provision_fmp_variables_metadata(struct rpc_caller *caller);
-
--void set_fmp_image_info(struct rpc_caller *caller,
-- psa_handle_t platform_service_handle);
-+void set_fmp_image_info(struct rpc_caller *caller);
-
- #ifdef __cplusplus
- } /* extern "C" */
-diff --git a/components/service/common/include/psa/sid.h b/components/service/common/include/psa/sid.h
-index 7a29cc25..8103a9af 100644
---- a/components/service/common/include/psa/sid.h
-+++ b/components/service/common/include/psa/sid.h
-@@ -37,6 +37,12 @@ extern "C" {
- #define TFM_CRYPTO_VERSION (1U)
- #define TFM_CRYPTO_HANDLE (0x40000100U)
-
-+
-+/******** TFM_PLATFORM_SERVICE *******/
-+#define TFM_PLATFORM_API_ID_IOCTL (1013)
-+#define TFM_PLATFORM_SERVICE_HANDLE (0x40000105U)
-+
-+
- /**
- * \brief Define a progressive numerical value for each SID which can be used
- * when dispatching the requests to the service
-2.25.1
-
@@ -2,32 +2,12 @@ FILESEXTRAPATHS:prepend:corstone1000 := "${THISDIR}/corstone1000:"
COMPATIBLE_MACHINE:corstone1000 = "corstone1000"
SRC_URI:append:corstone1000 = " \
- file://0001-Add-openamp-to-SE-proxy-deployment.patch;patchdir=../trusted-services \
- file://0002-Implement-mhu-driver-and-the-OpenAmp-conversion-laye.patch;patchdir=../trusted-services \
- file://0003-Add-openamp-rpc-caller.patch;patchdir=../trusted-services \
- file://0004-add-psa-client-definitions-for-ff-m.patch;patchdir=../trusted-services \
- file://0005-Add-common-service-component-to-ipc-support.patch;patchdir=../trusted-services \
- file://0006-Add-secure-storage-ipc-backend.patch;patchdir=../trusted-services \
- file://0007-Use-secure-storage-ipc-and-openamp-for-se_proxy.patch;patchdir=../trusted-services \
- file://0008-Run-psa-arch-test.patch;patchdir=../trusted-services \
- file://0009-Use-address-instead-of-pointers.patch;patchdir=../trusted-services \
- file://0010-Add-psa-ipc-attestation-to-se-proxy.patch;patchdir=../trusted-services \
- file://0011-Setup-its-backend-as-openamp-rpc-using-secure-storag.patch;patchdir=../trusted-services;patchdir=../trusted-services \
- file://0012-add-psa-ipc-crypto-backend.patch;patchdir=../trusted-services \
- file://0013-Add-stub-capsule-update-service-components.patch;patchdir=../trusted-services \
- file://0014-Configure-storage-size.patch;patchdir=../trusted-services \
- file://0015-Fix-Crypto-interface-structure-aligned-with-tf-m-cha.patch;patchdir=../trusted-services;patchdir=../trusted-services \
- file://0016-Integrate-remaining-psa-ipc-client-APIs.patch;patchdir=../trusted-services \
- file://0017-Fix-update-psa_set_key_usage_flags-definition-to-the.patch;patchdir=../trusted-services;patchdir=../trusted-services \
- file://0018-Fixes-in-AEAD-for-psa-arch-test-54-and-58.patch;patchdir=../trusted-services \
- file://0019-plat-corstone1000-change-default-smm-values.patch;patchdir=../trusted-services \
- file://0020-FMP-Support-in-Corstone1000.patch;patchdir=../trusted-services \
- file://0021-smm_gateway-add-checks-for-null-attributes.patch;patchdir=../trusted-services \
- file://0022-GetNextVariableName-Fix.patch;patchdir=../trusted-services \
- file://0023-Use-the-stateless-platform-service.patch;patchdir=../trusted-services \
- file://0024-TF-Mv1.7-alignment-Align-PSA-Crypto-SIDs.patch;patchdir=../trusted-services \
- file://0025-TF-Mv1.7-alignment-Align-crypto-iovec-definition.patch;patchdir=../trusted-services \
- file://0026-TF-Mv1.7-alignment-PSA-crypto-client-in-out_vec.patch;patchdir=../trusted-services \
+ file://0001-Add-stub-capsule-update-service-components.patch;patchdir=../trusted-services \
+ file://0002-Fixes-in-AEAD-for-psa-arch-test-54-and-58.patch;patchdir=../trusted-services \
+ file://0003-FMP-Support-in-Corstone1000.patch;patchdir=../trusted-services \
+ file://0004-TF-Mv1.7-alignment-Align-PSA-Crypto-SIDs.patch;patchdir=../trusted-services \
+ file://0005-TF-Mv1.7-alignment-Align-crypto-iovec-definition.patch;patchdir=../trusted-services \
+ file://0006-TF-Mv1.7-alignment-PSA-crypto-client-in-out_vec.patch;patchdir=../trusted-services \
"