modules: tf-m: Add zephyr native NS interface and logging function

To allow using TFM NS interface without enabling
CMSIS_RTOS V2 support. And to allow using TFM NS
code that uses logging.

Signed-off-by: Øyvind Rønningstad <[email protected]>
Signed-off-by: Ioannis Glaropoulos <[email protected]>

modules/trusted-firmware-m/CMakeLists.txt

@@ -181,7 +181,7 @@ function(trusted_firmware_build)
     )
 
   add_library(tfm_api
-    ${ZEPHYR_TRUSTED_FIRMWARE_M_MODULE_DIR}/tf-m-tests/app/os_wrapper_cmsis_rtos_v2.c
+    ${ZEPHYR_BASE}/modules/trusted-firmware-m/src/zephyr_tfm_log.c
   )
 
   target_include_directories(tfm_api

modules/trusted-firmware-m/interface/interface.c

@@ -1,4 +1,5 @@
 /*
+ * Copyright (c) 2019,2020 Linaro Limited
  * Copyright (c) 2021 Nordic Semiconductor ASA
  *
  * SPDX-License-Identifier: Apache-2.0
@@ -10,6 +11,46 @@
 
 #include <tfm_ns_interface.h>
 
+/**
+ * @file @brief Zephyr's TF-M NS interface implementation
+ *
+ */
+
+
+/* Global mutex to be used by the TF-M NS dispatcher, preventing
+ * the Non-Secure application from initiating multiple parallel
+ * TF-M secure calls.
+ */
+K_MUTEX_DEFINE(tfm_mutex);
+
+int32_t tfm_ns_interface_dispatch(veneer_fn fn,
+				  uint32_t arg0, uint32_t arg1,
+				  uint32_t arg2, uint32_t arg3)
+{
+	int32_t result;
+
+	/* TF-M request protected by NS lock */
+	if (k_mutex_lock(&tfm_mutex, K_FOREVER) != 0) {
+		return (int32_t)TFM_ERROR_GENERIC;
+	}
+
+	result = fn(arg0, arg1, arg2, arg3);
+
+	k_mutex_unlock(&tfm_mutex);
+
+	return result;
+}
+
+enum tfm_status_e tfm_ns_interface_init(void)
+{
+	/*
+	 * The static K_MUTEX_DEFINE handles mutex initialization,
+	 * so this function may be implemented as no-op.
+	 */
+	return TFM_SUCCESS;
+}
+
+
 #if defined(TFM_PSA_API)
 #include "psa_manifest/sid.h"
 #endif /* TFM_PSA_API */
@@ -18,7 +59,8 @@ static int ns_interface_init(const struct device *arg)
 {
 	ARG_UNUSED(arg);
 
-	(void)tfm_ns_interface_init();
+	__ASSERT(tfm_ns_interface_init() == TFM_SUCCESS,
+		"TF-M NS interface init failed");
 
 	return 0;
 }

modules/trusted-firmware-m/src/zephyr_tfm_log.c

@@ -0,0 +1,18 @@
+/*
+ * Copyright (c) 2021 Nordic Semiconductor ASA
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+#include <sys/printk.h>
+
+int tfm_log_printf(const char *fmt, ...)
+{
+	va_list ap;
+
+	va_start(ap, fmt);
+	vprintk(fmt, ap);
+	va_end(ap);
+
+	return 0;
+}

samples/tfm_integration/psa_level_1/CMakeLists.txt

@@ -14,7 +14,6 @@ target_sources(app PRIVATE src/main.c)
 target_sources(app PRIVATE src/psa_attestation.c)
 target_sources(app PRIVATE src/psa_crypto.c)
 target_sources(app PRIVATE src/shell.c)
-target_sources(app PRIVATE src/tfm_ipc.c)
 target_sources(app PRIVATE src/util_app_cfg.c)
 target_sources(app PRIVATE src/util_app_log.c)
 target_sources(app PRIVATE src/util_sformat.c)

samples/tfm_integration/tfm_ipc/src/main.c

@@ -13,33 +13,6 @@
 #include "psa_manifest/sid.h"
 #endif
 
-K_MUTEX_DEFINE(tfm_mutex);
-
-int32_t tfm_ns_interface_dispatch(veneer_fn fn,
-				  uint32_t arg0, uint32_t arg1,
-				  uint32_t arg2, uint32_t arg3)
-{
-	int32_t result;
-
-	/* TFM request protected by NS lock */
-	if (k_mutex_lock(&tfm_mutex, K_FOREVER) != 0) {
-		return (int32_t)TFM_ERROR_GENERIC;
-	}
-
-	result = fn(arg0, arg1, arg2, arg3);
-
-	k_mutex_unlock(&tfm_mutex);
-
-	return result;
-}
-
-enum tfm_status_e tfm_ns_interface_init(void)
-{
-	/* The static K_MUTEX_DEFINE handles mutex init, so just return. */
-
-	return TFM_SUCCESS;
-}
-
 /**
  * \brief Retrieve the version of the PSA Framework API.
  *