TF-M input/output control (IOCTL)

The TF-M IOTCL library provides an API for platform-specific TF-M services. These services are added by the platform partition. The APIs are available for applications that implement Non-Secure Processing Environment (NSPE) alongside Secure Processing Environment (SPE).

For more information on implementing TF-M in your application, see Running applications with Trusted Firmware-M. For more information about NSPE and SPE, see Processing environments.

Functionality

Platform-specific services are internally accessed through the tfm_platform_hal_ioctl() function. Wrapper functions for these accesses are defined in tfm_ioctl_ns_api.c and tfm_ioctl_s_api.c.

The supported platform services are defined by tfm_platform_ioctl_core_reqest_types_t in tfm_ioctl_core_api.h.

/** @brief Supported request types.
 */
enum tfm_platform_ioctl_core_reqest_types_t {
	TFM_PLATFORM_IOCTL_READ_SERVICE,
	TFM_PLATFORM_IOCTL_GPIO_SERVICE,

	/* Last core service, start platform specific from this value. */
	TFM_PLATFORM_IOCTL_CORE_LAST
};

Set the CONFIG_TFM_PARTITION_PLATFORM Kconfig option to enable the services.

See the TF-M Hello World sample for example usage.

Prerequisites

This library requires that TF-M is installed on the device.

API documentation

Header file: include/tfm/tfm_ioctl_api.h
Source files: modules/tfm/tfm/boards/src/
group tfm_ioctl_api

Typedefs

typedef void (*tfm_ns_fault_service_handler_callback)(void)

Non-secure fault service callback type.

Enums

enum tfm_platform_ioctl_reqest_types_t

Values:

enumerator TFM_PLATFORM_IOCTL_FW_INFO
enumerator TFM_PLATFORM_IOCTL_NS_FAULT
enum tfm_spu_events

Bitmask of SPU events.

Values:

enumerator TFM_SPU_EVENT_RAMACCERR
enumerator TFM_SPU_EVENT_FLASHACCERR
enumerator TFM_SPU_EVENT_PERIPHACCERR

Functions

int tfm_platform_ns_fault_set_handler(struct tfm_ns_fault_service_handler_context *context, tfm_ns_fault_service_handler_callback callback)

Search for the fw_info structure in firmware image located at address.

Parameters:

  • context[in] Pointer to callback context information, stored in non-secure memory.

  • callback[in] Callback to non-secure function to be called from secure fault handler.

Return values:

  • 0 – If successful.

  • -EINVAL – If input arguments are invalid.

struct tfm_ns_fault_service_handler_context_frame
#include <tfm_ioctl_api.h>

Copy of exception frame on stack.

struct tfm_ns_fault_service_handler_context_registers
#include <tfm_ioctl_api.h>

Copy of callee saved registers.

struct tfm_ns_fault_service_handler_context_status
#include <tfm_ioctl_api.h>

Additional fault status information.

struct tfm_ns_fault_service_handler_context
#include <tfm_ioctl_api.h>

Non-secure fault service callback context argument.

struct tfm_ns_fault_service_args
#include <tfm_ioctl_api.h>

Non-secure fault service arguments.

struct tfm_ns_fault_service_out
#include <tfm_ioctl_api.h>

Output list for each nonsecure_fault platform service.