Hi all,

 

I am proposing some patches to move away from using fixed NS region numbers defined by TF-M core, to having platform-defined SAU region numbering. The motivation for the change is to give platforms more flexibility when configuring the isolation hardware, and in particular, to make it possible to use tools like CMSIS-Zone to generate the isolation hardware configuration.

 

There are a couple of patches:

 

https://review.trustedfirmware.org/c/trusted-firmware-m/+/3484 -- Removes the memory permission check API from TF-M, which was the only user of the fixed region numbers. This API is no longer required because the SPM does all necessary memory permission checks before control reaches the secure partition. The patch removes uses of this API from the Attestation service, the platform service and the tests.

 

https://review.trustedfirmware.org/c/trusted-firmware-m/+/3485 -- Removes the fixed region numbers and refactors all platforms to no longer use them.

 

Reviews appreciated.

 

Kind regards,

Jamie