espressif
diff --git a/‎components/esp_tee/CMakeLists.txt‎
Lines changed: 18 additions & 18 deletions b/‎components/esp_tee/CMakeLists.txt‎
Lines changed: 18 additions & 18 deletions
diff --git a/‎components/esp_tee/scripts/esp32c6/sec_srv_tbl_default.yml‎
Lines changed: 212 additions & 0 deletions b/‎components/esp_tee/scripts/esp32c6/sec_srv_tbl_default.yml‎
Lines changed: 212 additions & 0 deletions
diff --git a/‎components/esp_tee/scripts/esp32c6/secure_service.tbl‎
Lines changed: 0 additions & 57 deletions b/‎components/esp_tee/scripts/esp32c6/secure_service.tbl‎
Lines changed: 0 additions & 57 deletions
@@ -1,5 +1,5 @@
 idf_build_get_property(esp_tee_build ESP_TEE_BUILD)
-idf_build_get_property(custom_secure_service_tbl CUSTOM_SECURE_SERVICE_TBL)
+idf_build_get_property(custom_secure_service_yaml CUSTOM_SECURE_SERVICE_YAML)
 idf_build_get_property(custom_secure_service_dir CUSTOM_SECURE_SERVICE_COMPONENT_DIR)
 idf_build_get_property(custom_secure_service_component CUSTOM_SECURE_SERVICE_COMPONENT)
 idf_build_get_property(target IDF_TARGET)
@@ -82,33 +82,33 @@ else()
     endif()
 endif()
 
-set(secure_service_tbl_parser_py
-    ${COMPONENT_DIR}/scripts/secure_service_tbl_parser.py ${CMAKE_CURRENT_BINARY_DIR}/secure_service.tbl
+set(secure_service_yml
+    ${COMPONENT_DIR}/scripts/${IDF_TARGET}/sec_srv_tbl_default.yml ${custom_secure_service_yaml}
 )
 
-set(secure_service_gen_headers
-    ${CONFIG_DIR}/secure_service_num.h ${CONFIG_DIR}/secure_service_dec.h
-    ${CONFIG_DIR}/secure_service_int.h ${CONFIG_DIR}/secure_service_ext.h
+set(secure_service_yml_parser_py
+    ${COMPONENT_DIR}/scripts/secure_service_yml_parser.py
 )
 
 if(CONFIG_SECURE_ENABLE_TEE AND NOT esp_tee_build)
-    execute_process(
-        COMMAND cat ${COMPONENT_DIR}/scripts/${target}/secure_service.tbl ${custom_secure_service_tbl}
-        OUTPUT_FILE secure_service.tbl
-        WORKING_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}
-    )
+    # Default secure service API families: flash_protection_spi0, flash_protection_spi1,
+    # interrupt_handling, hal, crypto, efuse, secure_storage, ota, attestation
+    set(exclude_srv)
+    if(NOT CONFIG_SECURE_TEE_ATTESTATION)
+        list(APPEND exclude_srv "attestation")
+    endif()
 
     execute_process(
-        COMMAND python ${secure_service_tbl_parser_py} ${secure_service_gen_headers}
-        WORKING_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}
-    )
-
-    set_property(DIRECTORY ${COMPONENT_DIR} APPEND PROPERTY
-        ADDITIONAL_MAKE_CLEAN_FILES ${secure_service_gen_headers}
+        COMMAND python ${secure_service_yml_parser_py}
+        "--sec_srv" ${secure_service_yml}
+        "--exclude" ${exclude_srv}
+        WORKING_DIRECTORY ${CONFIG_DIR}
     )
 
     execute_process(
-        COMMAND python ${secure_service_tbl_parser_py} "--wrap"
+        COMMAND python ${secure_service_yml_parser_py}
+        "--sec_srv" ${secure_service_yml}
+        "--exclude" ${exclude_srv} "--wrap"
         OUTPUT_VARIABLE wrap_list
         WORKING_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}
         OUTPUT_STRIP_TRAILING_WHITESPACE
 
@@ -0,0 +1,212 @@
+secure_services:
+  - family: misc
+    entries:
+      - id: 0
+        type: custom
+        function: invalid_secure_service
+        args: 0
+  # ID: 1-4 (4) - External memory (Flash) protection [SPI0]
+  - family: flash_protection_spi0
+    entries:
+      - id: 1
+        type: IDF
+        function: mmu_hal_map_region
+        args: 6
+      - id: 2
+        type: IDF
+        function: mmu_hal_unmap_region
+        args: 3
+      - id: 3
+        type: IDF
+        function: mmu_hal_vaddr_to_paddr
+        args: 4
+      - id: 4
+        type: IDF
+        function: mmu_hal_paddr_to_vaddr
+        args: 5
+  # ID: 30-53 (24) - Interrupt Handling
+  - family: interrupt_handling
+    entries:
+      - id: 30
+        type: IDF
+        function: esp_rom_route_intr_matrix
+        args: 3
+      - id: 31
+        type: IDF
+        function: rv_utils_intr_enable
+        args: 1
+      - id: 32
+        type: IDF
+        function: rv_utils_intr_disable
+        args: 1
+      - id: 33
+        type: IDF
+        function: rv_utils_intr_set_priority
+        args: 2
+      - id: 34
+        type: IDF
+        function: rv_utils_intr_set_type
+        args: 2
+      - id: 35
+        type: IDF
+        function: rv_utils_intr_set_threshold
+        args: 1
+      - id: 36
+        type: IDF
+        function: rv_utils_intr_edge_ack
+        args: 1
+      - id: 37
+        type: IDF
+        function: rv_utils_intr_global_enable
+        args: 0
+  # ID: 54-85 (32) - HAL
+  - family: hal
+    entries:
+      - id: 54
+        type: IDF
+        function: efuse_hal_chip_revision
+        args: 0
+      - id: 55
+        type: IDF
+        function: efuse_hal_get_chip_ver_pkg
+        args: 1
+      - id: 56
+        type: IDF
+        function: efuse_hal_get_disable_wafer_version_major
+        args: 0
+      - id: 57
+        type: IDF
+        function: efuse_hal_get_mac
+        args: 1
+      - id: 58
+        type: IDF
+        function: wdt_hal_init
+        args: 4
+      - id: 59
+        type: IDF
+        function: wdt_hal_deinit
+        args: 1
+  # ID: 86-133 (48) - Crypto
+  - family: crypto
+    entries:
+      - id: 86
+        type: IDF
+        function: esp_aes_intr_alloc
+        args: 0
+      - id: 87
+        type: IDF
+        function: esp_aes_crypt_cbc
+        args: 6
+      - id: 88
+        type: IDF
+        function: esp_aes_crypt_cfb8
+        args: 6
+      - id: 89
+        type: IDF
+        function: esp_aes_crypt_cfb128
+        args: 7
+      - id: 90
+        type: IDF
+        function: esp_aes_crypt_ctr
+        args: 7
+      - id: 91
+        type: IDF
+        function: esp_aes_crypt_ecb
+        args: 4
+      - id: 92
+        type: IDF
+        function: esp_aes_crypt_ofb
+        args: 6
+      - id: 93
+        type: IDF
+        function: esp_sha
+        args: 4
+      - id: 94
+        type: IDF
+        function: esp_sha_block
+        args: 3
+      - id: 95
+        type: IDF
+        function: esp_sha_dma
+        args: 6
+      - id: 96
+        type: IDF
+        function: esp_sha_read_digest_state
+        args: 2
+      - id: 97
+        type: IDF
+        function: esp_sha_write_digest_state
+        args: 2
+  # ID: 134-149 (16) - eFuse
+  - family: efuse
+    entries:
+      - id: 134
+        type: IDF
+        function: esp_efuse_check_secure_version
+        args: 1
+      - id: 135
+        type: IDF
+        function: esp_efuse_read_field_blob
+        args: 3
+      - id: 136
+        type: IDF
+        function: esp_flash_encryption_enabled
+        args: 0
+  # ID: 150-169 (20) - Reserved for future use
+  - family: attestation
+    entries:
+      - id: 170
+        type: custom
+        function: esp_tee_att_generate_token
+        args: 6
+  # ID: 175-194 (20) - Secure Storage
+  - family: secure_storage
+    entries:
+      - id: 175
+        type: custom
+        function: esp_tee_sec_storage_init
+        args: 0
+      - id: 176
+        type: custom
+        function: esp_tee_sec_storage_gen_key
+        args: 2
+      - id: 177
+        type: custom
+        function: esp_tee_sec_storage_get_signature
+        args: 4
+      - id: 178
+        type: custom
+        function: esp_tee_sec_storage_get_pubkey
+        args: 2
+      - id: 179
+        type: custom
+        function: esp_tee_sec_storage_encrypt
+        args: 8
+      - id: 180
+        type: custom
+        function: esp_tee_sec_storage_decrypt
+        args: 8
+      - id: 181
+        type: custom
+        function: esp_tee_sec_storage_is_slot_empty
+        args: 1
+      - id: 182
+        type: custom
+        function: esp_tee_sec_storage_clear_slot
+        args: 1
+  # ID: 195-199 (5) - OTA
+  - family: ota
+    entries:
+      - id: 195
+        type: custom
+        function: esp_tee_ota_begin
+        args: 0
+      - id: 196
+        type: custom
+        function: esp_tee_ota_write
+        args: 3
+      - id: 197
+        type: custom
+        function: esp_tee_ota_end
+        args: 0
+  # ID: 200+ - User-defined