diff --git a/TESTS/mbed_hal/spm/fault_functions.h b/TESTS/mbed_hal/spm/fault_functions.h deleted file mode 100644 index 79029b5..0000000 --- a/TESTS/mbed_hal/spm/fault_functions.h +++ /dev/null @@ -1,49 +0,0 @@ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef __MBED_HAL_SPM_FAULT_FUNCTIONS__ -#define __MBED_HAL_SPM_FAULT_FUNCTIONS__ - -#include "cmsis_compiler.h" - -#ifdef __cplusplus -extern "C" { -#endif - -// Retruns the value of the LR register -// Used to determine which stack the exception happend in -__STATIC_FORCEINLINE uint32_t __get_LR(void); - -// This function is required as we need a symbol/address -// to jump to from fault handler. -void do_nothing(void); - -// Test exception handler -static void hard_fault_handler_test(); - -// Using naked function as it will not be executed from beginning to the end. -// The execution flow expected to be interrupted by exception and we will -// return to other function. -// compiler will not produce prolog and epilog code for naked function -// and thus will preserve stack in un-corrupted state -__attribute__((naked)) void call_mem(uint32_t addr); - -#ifdef __cplusplus -} -#endif - -#endif // __MBED_HAL_SPM_FAULT_FUNCTIONS__ diff --git a/TESTS/mbed_hal/spm/main.cpp b/TESTS/mbed_hal/spm/main.cpp deleted file mode 100644 index 2e8e235..0000000 --- a/TESTS/mbed_hal/spm/main.cpp +++ /dev/null @@ -1,162 +0,0 @@ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#if !defined(COMPONENT_PSA_SRV_IPC) -#error [NOT_SUPPORTED] Test supported only on PSA targets -#else - -#if (defined(__ARMCC_VERSION) || defined( __ICCARM__ )) -#error [NOT_SUPPORTED] this test is supported on GCC only -#else - -#if DOMAIN_NS == 1 -#error [NOT_SUPPORTED] Cannot run on M23/M33 core as SecureFault is implemented in secure-side and cant be remapped -#else - -#include "utest/utest.h" -#include "unity/unity.h" -#include "greentea-client/test_env.h" -#include "cmsis.h" -#include "spm_api.h" -#include -#include "fault_functions.h" - -using namespace utest::v1; - - -#define HARDFAULT_IRQn ((IRQn_Type)-13) -#define EXC_RETURN_RETURN_STACK_MSK ((uint32_t)(0x00000004)) -#define PC_INDEX_IN_STACK_FRAME 6 - -volatile uint32_t fault_occurred; -uint32_t real_hard_fault_handler; - -__STATIC_FORCEINLINE uint32_t __get_LR(void) -{ - uint32_t result; - - __ASM volatile("MOV %0, lr" : "=r"(result)); - return (result); -} - -void do_nothing(void) -{ - __NOP(); -} - -static void hard_fault_handler_test() -{ - fault_occurred++; - // LR is set EXC_RETURN - // lowest bits identify PSP vs MSP stack used for stacking - uint32_t lr = __get_LR(); - uint32_t sp; - - if (lr & EXC_RETURN_RETURN_STACK_MSK) { - sp = __get_PSP(); - } else { - sp = __get_MSP(); - } - - // Overwrite return address. - // Fake return to a our special function since current - // instruction under test will always fail due to memory protection - ((uint32_t *)sp)[PC_INDEX_IN_STACK_FRAME] = (uint32_t)do_nothing; -} - -__attribute__((naked)) void call_mem(uint32_t addr) -{ - // Only first instruction will be executed in positive flow, - // since exception will be generated for invalid memory access. - // Other instructions are for calling do_nothing function according to AAPCS. - __ASM( - "LDR r3, [r0]\n" - "BX lr\n" - ); -} - -static void test_memory(uint32_t addr, uint32_t expected_fatal_count) -{ - call_mem(addr); - // Although call_mem is a "naked" function, it is called using AAPCS. - // Thus we can assume LR will point to next instruction, and caller save registers are backed up - TEST_ASSERT_EQUAL(expected_fatal_count, fault_occurred); -} - -static void secure_ram_fault_test(void) -{ - test_memory(PSA_SECURE_RAM_START, 1); -} - -static void secure_flash_fault_test(void) -{ - test_memory(PSA_SECURE_ROM_START, 1); -} - -static void non_secure_ram_fault_test(void) -{ - test_memory(PSA_NON_SECURE_RAM_START, 0); -} - -static void non_secure_flash_fault_test(void) -{ - test_memory(PSA_NON_SECURE_ROM_START, 0); -} - -utest::v1::status_t fault_override_setup(const Case *const source, const size_t index_of_case) -{ - // Save old hard fault handler and replace it with a new one - // NOTE: only works when VTOR is set to RAM - real_hard_fault_handler = NVIC_GetVector(HARDFAULT_IRQn); - NVIC_SetVector(HARDFAULT_IRQn, (uint32_t)&hard_fault_handler_test); - fault_occurred = 0; - - return greentea_case_setup_handler(source, index_of_case); -} - -utest::v1::status_t fault_override_teardown(const Case *const source, const size_t passed, const size_t failed, - const failure_t reason) -{ - // Restore real hard fault handler - NVIC_SetVector(HARDFAULT_IRQn, real_hard_fault_handler); - - return greentea_case_teardown_handler(source, passed, failed, reason); -} - -Case cases[] = { - Case("SPM - Access non-secure RAM", fault_override_setup, non_secure_ram_fault_test, fault_override_teardown), - Case("SPM - Access non-secure Flash", fault_override_setup, non_secure_flash_fault_test, fault_override_teardown), - Case("SPM - Access secure RAM", fault_override_setup, secure_ram_fault_test, fault_override_teardown), - Case("SPM - Access secure Flash", fault_override_setup, secure_flash_fault_test, fault_override_teardown) -}; - -utest::v1::status_t greentea_test_setup(const size_t number_of_cases) -{ - GREENTEA_SETUP(20, "default_auto"); - return greentea_test_setup_handler(number_of_cases); -} - -Specification specification(greentea_test_setup, cases, greentea_test_teardown_handler); - -int main() -{ - Harness::run(specification); -} - -#endif // DOMAIN_NS == 1 -#endif // (defined(__ARMCC_VERSION) || defined( __ICCARM__ )) -#endif // !defined(COMPONENT_PSA_SRV_IPC) diff --git a/TESTS/psa/crypto_access_control/COMPONENT_NSPE/main.cpp b/TESTS/psa/crypto_access_control/COMPONENT_NSPE/main.cpp deleted file mode 100644 index a0f8852..0000000 --- a/TESTS/psa/crypto_access_control/COMPONENT_NSPE/main.cpp +++ /dev/null @@ -1,556 +0,0 @@ -/* - * Copyright (c) 2019, Arm Limited and affiliates - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "psa/crypto.h" - -#if ((!defined(TARGET_PSA)) || (!defined(MBEDTLS_PSA_CRYPTO_C)) || (!defined(COMPONENT_PSA_SRV_IPC))) -#error [NOT_SUPPORTED] These tests can run only on SPM-enabled targets and where Mbed Crypto is ON - skipping. -#else - -#include -#include "mbed.h" -#include "greentea-client/test_env.h" -#include "unity.h" -#include "utest.h" -#include "entropy.h" -#include "entropy_poll.h" -#include "test_partition_proxy.h" -#include "psa/lifecycle.h" - -using namespace utest::v1; - -#if defined(MBEDTLS_ENTROPY_NV_SEED) || defined(COMPONENT_PSA_SRV_IPC) - -#if !defined(MAX) -#define MAX(a,b) (((a)>(b))?(a):(b)) -#endif - -#define MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE \ - MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE) - -void inject_entropy() -{ - uint8_t seed[MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE] = { 0 }; - for (int i = 0; i < MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE; ++i) { - seed[i] = i; - } - mbedtls_psa_inject_entropy(seed, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE); -} -#endif // defined(MBEDTLS_ENTROPY_NV_SEED) || defined(COMPONENT_PSA_SRV_IPC) - -static psa_status_t create_and_generate_key_via_test_partition( - const psa_key_attributes_t *attributes, - psa_key_handle_t *key_handle, - uint8_t close_key) -{ - TEST_ASSERT_EQUAL(PSA_SUCCESS, - test_partition_crypto_generate_key(attributes, - key_handle)); - TEST_ASSERT_NOT_EQUAL(0, *key_handle); - if (close_key) { - TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_close_key(*key_handle)); - } - return (PSA_SUCCESS); -} - -void test_open_other_partition_key(void) -{ - static const psa_key_id_t key_id = 999; - static const psa_key_type_t key_type = PSA_KEY_TYPE_AES; - static const psa_key_usage_t key_usage = PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT; - static const psa_algorithm_t key_alg = PSA_ALG_CBC_NO_PADDING; - static const size_t key_bits = 128; - psa_key_handle_t key_handle = 0; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - - /* via test partition - create a key, generate key material and close */ - psa_set_key_usage_flags(&attributes, key_usage); - psa_set_key_algorithm(&attributes, key_alg); - psa_set_key_bits(&attributes, key_bits); - psa_set_key_type(&attributes, key_type); - psa_set_key_id(&attributes, key_id); - TEST_ASSERT_EQUAL(PSA_SUCCESS, - create_and_generate_key_via_test_partition(&attributes, &key_handle, 1)); - - /* via test partition - reopen the key created by the test partition */ - key_handle = 0; - TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_open_key(key_id, &key_handle)); - TEST_ASSERT_NOT_EQUAL(0, key_handle); - - /* via test partition - close the key created by the test partition */ - TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_close_key(key_handle)); - - /* try to open the key created by the test partition */ - TEST_ASSERT_EQUAL(PSA_ERROR_DOES_NOT_EXIST, psa_open_key(key_id, &key_handle)); - - /* via test partition - reopen the key created by the test partition and keep it open */ - key_handle = 0; - TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_open_key(key_id, &key_handle)); - TEST_ASSERT_NOT_EQUAL(0, key_handle); - - /* via test partition - destroy the key created by the test partition */ - TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_destroy_key(key_handle)); -} - -void test_create_key_same_id_different_partitions(void) -{ - static const psa_key_id_t key_id = 999; - static const psa_key_type_t key_type = PSA_KEY_TYPE_AES; - static const psa_key_usage_t key_usage_remote = PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, - key_usage_local = PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY; - static const psa_algorithm_t key_alg = PSA_ALG_CBC_NO_PADDING; - static const size_t key_bits_remote = 128, - key_bits_local = 256; - psa_key_handle_t key_handle_remote = 0, - key_handle_local = 0; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - - /* via test partition - create a key, generate key material and close */ - psa_set_key_usage_flags(&attributes, key_usage_remote); - psa_set_key_algorithm(&attributes, key_alg); - psa_set_key_bits(&attributes, key_bits_remote); - psa_set_key_type(&attributes, key_type); - psa_set_key_id(&attributes, key_id); - TEST_ASSERT_EQUAL(PSA_SUCCESS, - create_and_generate_key_via_test_partition(&attributes, &key_handle_remote, 1)); - psa_reset_key_attributes(&attributes); - - /* create a key, generate key material and close from current partition (i.e. NSPE) */ - psa_set_key_usage_flags(&attributes, key_usage_local); - psa_set_key_algorithm(&attributes, key_alg); - psa_set_key_bits(&attributes, key_bits_local); - psa_set_key_type(&attributes, key_type); - psa_set_key_id(&attributes, key_id); - TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_generate_key(&attributes, &key_handle_local)); - TEST_ASSERT_NOT_EQUAL(0, key_handle_local); - TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_close_key(key_handle_local)); - - /* via test partition - reopen the key created by the test partition */ - key_handle_remote = 0; - TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_open_key(key_id, &key_handle_remote)); - TEST_ASSERT_NOT_EQUAL(0, key_handle_remote); - - /* reopen the key created from the current partition (NSPE) */ - key_handle_local = 0; - TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_open_key(key_id, &key_handle_local)); - TEST_ASSERT_NOT_EQUAL(0, key_handle_local); - - /* via test partition - get key info for the key created by the test partition */ - TEST_ASSERT_EQUAL(PSA_SUCCESS, - test_partition_crypto_get_key_attributes(key_handle_remote, - &attributes)); - TEST_ASSERT_EQUAL(key_type, psa_get_key_type(&attributes)); - TEST_ASSERT_EQUAL(key_bits_remote, psa_get_key_bits(&attributes)); - TEST_ASSERT_EQUAL(key_usage_remote, psa_get_key_usage_flags(&attributes)); - TEST_ASSERT_EQUAL(key_alg, psa_get_key_algorithm(&attributes)); - - /* get key attributes for key created by the current partition (NSPE) */ - attributes = psa_key_attributes_init(); - TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_get_key_attributes(key_handle_local, &attributes)); - TEST_ASSERT_EQUAL(key_type, psa_get_key_type(&attributes)); - TEST_ASSERT_EQUAL(key_bits_local, psa_get_key_bits(&attributes)); - TEST_ASSERT_EQUAL(key_usage_local, psa_get_key_usage_flags(&attributes)); - TEST_ASSERT_EQUAL(key_alg, psa_get_key_algorithm(&attributes)); - - /* via test partition - destroy the key created by the test partition */ - TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_destroy_key(key_handle_remote)); - - /* destroy the key created by the current partition (NSPE) */ - TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_destroy_key(key_handle_local)); -} - -void test_use_other_partition_key_manage_key(void) -{ - static const psa_key_id_t key_id = 999; - static const psa_key_type_t key_type = PSA_KEY_TYPE_AES; - static const psa_algorithm_t key_alg = PSA_ALG_CBC_NO_PADDING; - static const psa_key_usage_t key_usage = PSA_KEY_USAGE_EXPORT; - static const size_t key_bits = 128; - static const uint8_t key_data[] = { - 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, - 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c - }; - psa_key_handle_t key_handle = 0; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - uint8_t output[sizeof(key_data)] = { 0 }; - size_t len; - - /* via test partition - generate a persistent key and close the key */ - psa_set_key_usage_flags(&attributes, key_usage); - psa_set_key_algorithm(&attributes, key_alg); - psa_set_key_bits(&attributes, key_bits); - psa_set_key_type(&attributes, key_type); - psa_set_key_id(&attributes, key_id); - TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_generate_key(&attributes, &key_handle)); - TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_close_key(key_handle)); - - /* via test partition - reopen the key created by the test partition and keep it open */ - key_handle = 0; - TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_open_key(key_id, &key_handle)); - TEST_ASSERT_NOT_EQUAL(0, key_handle); - - /* try to work with the handle created for a key created by the test partition */ - attributes = psa_key_attributes_init(); - TEST_ASSERT_EQUAL(PSA_ERROR_INVALID_HANDLE, psa_get_key_attributes(key_handle, &attributes)); - TEST_ASSERT_EQUAL(PSA_ERROR_INVALID_HANDLE, psa_close_key(key_handle)); - TEST_ASSERT_EQUAL(PSA_ERROR_INVALID_HANDLE, psa_destroy_key(key_handle)); - TEST_ASSERT_EQUAL(PSA_ERROR_INVALID_HANDLE, psa_export_key(key_handle, output, sizeof(output), &len)); - TEST_ASSERT_EQUAL(PSA_ERROR_INVALID_HANDLE, psa_export_public_key(key_handle, output, sizeof(output), &len)); - - /* via test partition - destroy the key created by the test partition */ - TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_destroy_key(key_handle)); - - /* via test partition - import key data for the key created by the test partition */ - psa_set_key_usage_flags(&attributes, key_usage); - psa_set_key_algorithm(&attributes, key_alg); - psa_set_key_bits(&attributes, key_bits); - psa_set_key_type(&attributes, key_type); - psa_set_key_id(&attributes, key_id); - TEST_ASSERT_EQUAL(PSA_SUCCESS, - test_partition_crypto_import_key( - &attributes, key_data, sizeof(key_data), &key_handle)); - TEST_ASSERT_NOT_EQUAL(0, key_handle); - - /* via test partition - destroy the key created by the test partition */ - TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_destroy_key(key_handle)); -} - -void test_use_other_partition_key_mac(void) -{ - static const psa_key_id_t key_id = 999; - static const psa_key_type_t key_type = PSA_KEY_TYPE_AES; - static const psa_algorithm_t key_alg = PSA_ALG_CBC_NO_PADDING; - static const psa_key_usage_t key_usage = PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY; - static const size_t key_bits = 128; - psa_key_handle_t key_handle = 0; - psa_mac_operation_t operation; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - - /* via test partition - create a key, generate key material and close */ - psa_set_key_usage_flags(&attributes, key_usage); - psa_set_key_algorithm(&attributes, key_alg); - psa_set_key_bits(&attributes, key_bits); - psa_set_key_type(&attributes, key_type); - psa_set_key_id(&attributes, key_id); - TEST_ASSERT_EQUAL(PSA_SUCCESS, - create_and_generate_key_via_test_partition(&attributes, &key_handle, 1)); - - /* via test partition - reopen the key created by the test partition */ - key_handle = 0; - TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_open_key(key_id, &key_handle)); - TEST_ASSERT_NOT_EQUAL(0, key_handle); - - /* try to setup mac sign operation using the key that was created by the test partition */ - operation = psa_mac_operation_init(); - TEST_ASSERT_EQUAL(PSA_ERROR_INVALID_HANDLE, psa_mac_sign_setup(&operation, key_handle, key_alg)); - - /* try to setup mac verify operation using the key that was created by the test partition */ - operation = psa_mac_operation_init(); - TEST_ASSERT_EQUAL(PSA_ERROR_INVALID_HANDLE, psa_mac_verify_setup(&operation, key_handle, key_alg)); - - /* via test partition - destroy the key created by the test partition */ - TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_destroy_key(key_handle)); -} - -void test_use_other_partition_key_cipher(void) -{ - static const psa_key_id_t key_id = 999; - static const psa_key_type_t key_type = PSA_KEY_TYPE_AES; - static const psa_algorithm_t key_alg = PSA_ALG_CBC_NO_PADDING; - static const psa_key_usage_t key_usage = PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY; - static const size_t key_bits = 128; - psa_key_handle_t key_handle = 0; - psa_cipher_operation_t operation; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - - /* via test partition - create a key, generate key material and close */ - psa_set_key_usage_flags(&attributes, key_usage); - psa_set_key_algorithm(&attributes, key_alg); - psa_set_key_bits(&attributes, key_bits); - psa_set_key_type(&attributes, key_type); - psa_set_key_id(&attributes, key_id); - TEST_ASSERT_EQUAL(PSA_SUCCESS, - create_and_generate_key_via_test_partition(&attributes, &key_handle, 1)); - - /* via test partition - reopen the key created by the test partition */ - key_handle = 0; - TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_open_key(key_id, &key_handle)); - TEST_ASSERT_NOT_EQUAL(0, key_handle); - - /* try to setup cipher encrypt operation using the key that was created by the test partition */ - operation = psa_cipher_operation_init(); - TEST_ASSERT_EQUAL(PSA_ERROR_INVALID_HANDLE, psa_cipher_encrypt_setup(&operation, key_handle, key_alg)); - - /* try to setup cipher decrypt operation using the key that was created by the test partition */ - operation = psa_cipher_operation_init(); - TEST_ASSERT_EQUAL(PSA_ERROR_INVALID_HANDLE, psa_cipher_decrypt_setup(&operation, key_handle, key_alg)); - - /* via test partition - destroy the key created by the test partition */ - TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_destroy_key(key_handle)); -} - -void test_use_other_partition_key_aead(void) -{ - static const psa_key_id_t key_id = 999; - static const psa_key_type_t key_type = PSA_KEY_TYPE_AES; - static const psa_algorithm_t key_alg = PSA_ALG_GCM; - static const psa_key_usage_t key_usage = PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT; - static const size_t key_bits = 128; - static const uint8_t nonce[16] = { 0 }; - uint8_t plain_text[] = "encrypt me!"; - uint8_t cipher_text[PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_alg, sizeof(plain_text))] = { 0 }; - psa_key_handle_t key_handle = 0; - size_t len; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - - /* via test partition - create a key, generate key material and close */ - psa_set_key_usage_flags(&attributes, key_usage); - psa_set_key_algorithm(&attributes, key_alg); - psa_set_key_bits(&attributes, key_bits); - psa_set_key_type(&attributes, key_type); - psa_set_key_id(&attributes, key_id); - TEST_ASSERT_EQUAL(PSA_SUCCESS, - create_and_generate_key_via_test_partition(&attributes, &key_handle, 1)); - - /* via test partition - reopen the key created by the test partition */ - key_handle = 0; - TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_open_key(key_id, &key_handle)); - TEST_ASSERT_NOT_EQUAL(0, key_handle); - - /* try to aead encrypt using the key that was created by the test partition */ - TEST_ASSERT_EQUAL(PSA_ERROR_INVALID_HANDLE, psa_aead_encrypt(key_handle, key_alg, nonce, sizeof(nonce), NULL, 0, - plain_text, sizeof(plain_text), - cipher_text, sizeof(cipher_text), &len)); - - /* try to aead decrypt using the key that was created by the test partition */ - TEST_ASSERT_EQUAL(PSA_ERROR_INVALID_HANDLE, psa_aead_decrypt(key_handle, key_alg, nonce, sizeof(nonce), NULL, 0, - cipher_text, sizeof(cipher_text), - plain_text, sizeof(plain_text), &len)); - - /* via test partition - destroy the key created by the test partition */ - TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_destroy_key(key_handle)); -} - -void test_use_other_partition_key_asymmetric_sign_verify(void) -{ - static const psa_key_id_t key_id = 999; - static const psa_key_type_t key_type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1); - static const psa_algorithm_t key_alg = PSA_ALG_ECDSA(PSA_ALG_SHA_256); - static const psa_key_usage_t key_usage = PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY; - static const size_t key_bits = 256; - static const uint8_t input[] = "hello world!"; - uint8_t signature[PSA_ECDSA_SIGNATURE_SIZE(key_bits)] = { 0 }; - psa_key_handle_t key_handle = 0; - size_t len; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - - /* via test partition - create a key, generate key material and close */ - psa_set_key_usage_flags(&attributes, key_usage); - psa_set_key_algorithm(&attributes, key_alg); - psa_set_key_bits(&attributes, key_bits); - psa_set_key_type(&attributes, key_type); - psa_set_key_id(&attributes, key_id); - TEST_ASSERT_EQUAL(PSA_SUCCESS, - create_and_generate_key_via_test_partition(&attributes, &key_handle, 1)); - - /* via test partition - reopen the key created by the test partition */ - key_handle = 0; - TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_open_key(key_id, &key_handle)); - TEST_ASSERT_NOT_EQUAL(0, key_handle); - - /* try to asymmetric sign using the key that was created by the test partition */ - TEST_ASSERT_EQUAL(PSA_ERROR_INVALID_HANDLE, psa_sign_hash(key_handle, key_alg, input, sizeof(input), - signature, sizeof(signature), &len)); - - /* try to asymmetric verify using the key that was created by the test partition */ - TEST_ASSERT_EQUAL(PSA_ERROR_INVALID_HANDLE, psa_verify_hash(key_handle, key_alg, input, sizeof(input), - signature, sizeof(signature))); - - /* via test partition - destroy the key created by the test partition */ - TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_destroy_key(key_handle)); -} - -void test_use_other_partition_key_asymmetric_encrypt_decrypt(void) -{ - static const psa_key_id_t key_id = 999; - static const psa_key_type_t key_type = PSA_KEY_TYPE_RSA_KEY_PAIR; - static const psa_algorithm_t key_alg = PSA_ALG_RSA_PKCS1V15_CRYPT; - static const psa_key_usage_t key_usage = PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT; - static const uint8_t input[] = "encrypt me!"; - static const uint8_t key_data[] = { - 0x30, 0x82, 0x01, 0x3b, 0x02, 0x01, 0x00, 0x02, 0x41, 0x00, 0xee, 0x2b, - 0x13, 0x1d, 0x6b, 0x18, 0x18, 0xa9, 0x4c, 0xa8, 0xe9, 0x1c, 0x42, 0x38, - 0x7e, 0xb1, 0x5a, 0x7c, 0x27, 0x1f, 0x57, 0xb8, 0x9e, 0x73, 0x36, 0xb1, - 0x44, 0xd4, 0x53, 0x5b, 0x16, 0xc8, 0x30, 0x97, 0xec, 0xde, 0xfb, 0xbb, - 0x92, 0xd1, 0xb5, 0x31, 0x3b, 0x5a, 0x37, 0x21, 0x4d, 0x0e, 0x8f, 0x25, - 0x92, 0x2d, 0xca, 0x77, 0x8b, 0x42, 0x4b, 0x25, 0x29, 0x5f, 0xc8, 0xa1, - 0xa7, 0x07, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x41, 0x00, 0x97, 0x8a, - 0xc8, 0xea, 0xdb, 0x0d, 0xc6, 0x03, 0x53, 0x47, 0xd6, 0xab, 0xa8, 0x67, - 0x12, 0x15, 0xff, 0x21, 0x28, 0x33, 0x85, 0x39, 0x6f, 0x78, 0x97, 0xc0, - 0x4b, 0xaf, 0x5e, 0x2a, 0x83, 0x5f, 0x3b, 0x53, 0xef, 0x80, 0xa8, 0x2e, - 0xd3, 0x6a, 0xe6, 0x87, 0xa9, 0x25, 0x38, 0x0b, 0x55, 0xa0, 0xc7, 0x3e, - 0xb8, 0x56, 0x56, 0xe9, 0x89, 0xdc, 0xf0, 0xed, 0x7f, 0xb4, 0x88, 0x70, - 0x24, 0xe1, 0x02, 0x21, 0x00, 0xfd, 0xad, 0x8e, 0x1c, 0x68, 0x53, 0x56, - 0x3f, 0x8b, 0x92, 0x1d, 0x2d, 0x11, 0x24, 0x62, 0xae, 0x7d, 0x6b, 0x17, - 0x60, 0x82, 0xd2, 0xba, 0x43, 0xe8, 0x7e, 0x1a, 0x37, 0xfc, 0x1a, 0x8b, - 0x33, 0x02, 0x21, 0x00, 0xf0, 0x59, 0x2c, 0xf4, 0xc5, 0x5b, 0xa4, 0x43, - 0x07, 0xb1, 0x89, 0x81, 0xbc, 0xdb, 0xda, 0x37, 0x6c, 0x51, 0xe5, 0x90, - 0xff, 0xa5, 0x34, 0x5b, 0xa8, 0x66, 0xf6, 0x96, 0x2d, 0xca, 0x94, 0xdd, - 0x02, 0x20, 0x19, 0x95, 0xf1, 0xa9, 0x67, 0xd4, 0x4f, 0xf4, 0xa4, 0xcd, - 0x1d, 0xe8, 0x37, 0xbc, 0x65, 0xbf, 0x97, 0xa2, 0xbf, 0x7e, 0xda, 0x73, - 0x0a, 0x9a, 0x62, 0xce, 0xa5, 0x32, 0x54, 0x59, 0x11, 0x05, 0x02, 0x20, - 0x27, 0xf9, 0x6c, 0xf4, 0xb8, 0xee, 0x68, 0xff, 0x8d, 0x04, 0x06, 0x2e, - 0xc1, 0xce, 0x7f, 0x18, 0xc0, 0xb7, 0x4e, 0x4b, 0x33, 0x79, 0xb2, 0x9f, - 0x9b, 0xfe, 0xa3, 0xfc, 0x8e, 0x59, 0x27, 0x31, 0x02, 0x21, 0x00, 0xce, - 0xfa, 0x6d, 0x22, 0x04, 0x96, 0xb4, 0x3f, 0xeb, 0x83, 0x19, 0x42, 0x55, - 0xd8, 0xfb, 0x93, 0x0a, 0xfc, 0xf4, 0x6f, 0x36, 0x60, 0x6e, 0x3a, 0xa0, - 0xeb, 0x7a, 0x93, 0xad, 0x88, 0xc1, 0x0c - }; - uint8_t encrypted[64] = { 0 }; - uint8_t decrypted[sizeof(input)] = { 0 }; - psa_key_handle_t key_handle = 0; - size_t len; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - - /* via test partition - import key data for the key created by the test partition */ - psa_set_key_usage_flags(&attributes, key_usage); - psa_set_key_algorithm(&attributes, key_alg); - psa_set_key_bits(&attributes, 512); - psa_set_key_type(&attributes, key_type); - psa_set_key_id(&attributes, key_id); - TEST_ASSERT_EQUAL(PSA_SUCCESS, - test_partition_crypto_import_key( - &attributes, key_data, sizeof(key_data), &key_handle)); - TEST_ASSERT_NOT_EQUAL(0, key_handle); - - /* via test partition - close the key created by the test partition */ - TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_close_key(key_handle)); - - /* via test partition - reopen the key created by the test partition and keep it open */ - key_handle = 0; - TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_open_key(key_id, &key_handle)); - TEST_ASSERT_NOT_EQUAL(0, key_handle); - - /* try to asymmetric encrypt using the key that was created by the test partition */ - TEST_ASSERT_EQUAL(PSA_ERROR_INVALID_HANDLE, psa_asymmetric_encrypt(key_handle, key_alg, input, sizeof(input), - NULL, 0, encrypted, sizeof(encrypted), &len)); - - /* try to asymmetric decrypt using the key that was created by the test partition */ - TEST_ASSERT_EQUAL(PSA_ERROR_INVALID_HANDLE, psa_asymmetric_decrypt(key_handle, key_alg, - encrypted, sizeof(encrypted), NULL, 0, - decrypted, sizeof(decrypted), &len)); - - /* via test partition - destroy the key created by the test partition */ - TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_destroy_key(key_handle)); -} - -void test_use_other_partition_key_derivation_setup(void) -{ - static const psa_key_id_t key_id = 999; - static const psa_algorithm_t key_alg = PSA_ALG_HKDF(PSA_ALG_SHA_256); - static const psa_key_usage_t key_usage = PSA_KEY_USAGE_DERIVE; - static const psa_key_type_t key_type = PSA_KEY_TYPE_DERIVE; - static const uint8_t key_data[] = { - 0x30, 0x82, 0x01, 0x3b, 0x02, 0x01, 0x00, 0x02, 0x41, 0x00, 0xee, 0x2b, - 0x13, 0x1d, 0x6b, 0x18, 0x18, 0xa9, 0x4c, 0xa8, 0xe9, 0x1c, 0x42, 0x38 - }; - - psa_key_handle_t key_handle = 0; - psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; - size_t bits = 192; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - - /* via test partition - import key data for the key created by the test partition */ - psa_set_key_usage_flags(&attributes, key_usage); - psa_set_key_algorithm(&attributes, key_alg); - psa_set_key_bits(&attributes, bits); - psa_set_key_type(&attributes, key_type); - psa_set_key_id(&attributes, key_id); - TEST_ASSERT_EQUAL(PSA_SUCCESS, - test_partition_crypto_import_key( - &attributes, key_data, sizeof(key_data), &key_handle)); - TEST_ASSERT_NOT_EQUAL(0, key_handle); - - /* try to setup key derivation using the key that was created by the test partition */ - TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_key_derivation_setup(&operation, key_alg)); - TEST_ASSERT_EQUAL(PSA_ERROR_INVALID_HANDLE, - psa_key_derivation_input_key( - &operation, PSA_KEY_DERIVATION_INPUT_SECRET, key_handle)); - - /* via test partition - destroy the key created by the test partition */ - TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_destroy_key(key_handle)); -} - -utest::v1::status_t case_setup_handler(const Case *const source, const size_t index_of_case) -{ - psa_status_t status = mbed_psa_reboot_and_request_new_security_state(PSA_LIFECYCLE_ASSEMBLY_AND_TEST); - TEST_ASSERT_EQUAL(PSA_SUCCESS, status); - status = psa_crypto_init(); -#if defined(MBEDTLS_ENTROPY_NV_SEED) || defined(COMPONENT_PSA_SRV_IPC) - if (status == PSA_ERROR_INSUFFICIENT_ENTROPY) { - inject_entropy(); - status = psa_crypto_init(); - } -#endif - TEST_ASSERT_EQUAL(PSA_SUCCESS, status); - return greentea_case_setup_handler(source, index_of_case); -} - -utest::v1::status_t case_teardown_handler(const Case *const source, const size_t passed, - const size_t failed, const failure_t failure) -{ - psa_status_t status = mbed_psa_reboot_and_request_new_security_state(PSA_LIFECYCLE_ASSEMBLY_AND_TEST); - TEST_ASSERT_EQUAL(PSA_SUCCESS, status); - mbedtls_psa_crypto_free(); - return greentea_case_teardown_handler(source, passed, failed, failure); -} - -utest::v1::status_t test_setup(const size_t number_of_cases) -{ - GREENTEA_SETUP(120, "default_auto"); - return verbose_test_setup_handler(number_of_cases); -} - -Case cases[] = { - Case("open other partition's key", - case_setup_handler, test_open_other_partition_key, case_teardown_handler), - Case("create key with same id different partitions", - case_setup_handler, test_create_key_same_id_different_partitions, case_teardown_handler), - Case("use other partition's key - key manage", - case_setup_handler, test_use_other_partition_key_manage_key, case_teardown_handler), - Case("use other partition's key - mac", - case_setup_handler, test_use_other_partition_key_mac, case_teardown_handler), - Case("use other partition's key - cipher", - case_setup_handler, test_use_other_partition_key_cipher, case_teardown_handler), - Case("use other partition's key - aead", - case_setup_handler, test_use_other_partition_key_aead, case_teardown_handler), - Case("use other partition's key - asymmetric sign verify", - case_setup_handler, test_use_other_partition_key_asymmetric_sign_verify, case_teardown_handler), - Case("use other partition's key - asymmetric encrypt decrypt", - case_setup_handler, test_use_other_partition_key_asymmetric_encrypt_decrypt, case_teardown_handler), - Case("use other partition's key - key derivation setup", - case_setup_handler, test_use_other_partition_key_derivation_setup, case_teardown_handler), -}; - -Specification specification(test_setup, cases); - -int main(void) -{ - return !Harness::run(specification); -} - -#endif // ((!defined(TARGET_PSA)) || (!defined(MBEDTLS_PSA_CRYPTO_C)) || (!defined(COMPONENT_PSA_SRV_IPC))) diff --git a/TESTS/psa/crypto_access_control/COMPONENT_PSA_SRV_IPC/test_partition_proxy.c b/TESTS/psa/crypto_access_control/COMPONENT_PSA_SRV_IPC/test_partition_proxy.c deleted file mode 100644 index 88b10d1..0000000 --- a/TESTS/psa/crypto_access_control/COMPONENT_PSA_SRV_IPC/test_partition_proxy.c +++ /dev/null @@ -1,101 +0,0 @@ -/* - * Copyright (c) 2019, Arm Limited and affiliates - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "psa/client.h" -#include "psa_manifest/sid.h" -#include "test_partition_proxy.h" - -#define MINOR_VER 1 - -static psa_status_t invoke_ipc_call(uint32_t sid, psa_invec *in_vec, size_t in_vec_size, - psa_outvec *out_vec, size_t out_vec_size) -{ - psa_status_t status; - - psa_handle_t handle = psa_connect(sid, MINOR_VER); - if (handle <= 0) { - return (PSA_ERROR_COMMUNICATION_FAILURE); - } - - status = psa_call(handle, in_vec, in_vec_size, out_vec, out_vec_size); - psa_close(handle); - - return (status); -} - -psa_status_t test_partition_crypto_get_key_attributes( - psa_key_handle_t key_handle, psa_key_attributes_t *attributes) -{ - psa_invec in_vec = { &key_handle, sizeof(key_handle) }; - psa_outvec out_vec[1] = { - { attributes, sizeof(*attributes) } - }; - psa_status_t status = invoke_ipc_call(CRYPTO_GET_KEY_ATTRIBUTES, &in_vec, 1, out_vec, 1); - return (status); -} - -psa_status_t test_partition_crypto_generate_key( - const psa_key_attributes_t *attributes, psa_key_handle_t *key_handle) -{ - psa_invec in_vec[] = { - { attributes, sizeof(*attributes) }, - }; - psa_outvec out_vec[] = { - { key_handle, sizeof(*key_handle) }, - }; - psa_status_t status = invoke_ipc_call(CRYPTO_GENERATE_KEY, in_vec, 1, out_vec, 1); - return (status); -} - -psa_status_t test_partition_crypto_open_key(psa_key_id_t key_id, psa_key_handle_t *key_handle) -{ - psa_invec in_vec = { &key_id, sizeof(key_id) }; - psa_outvec out_vec = { key_handle, sizeof(*key_handle) }; - psa_status_t status = invoke_ipc_call(CRYPTO_OPEN_KEY, &in_vec, 1, &out_vec, 1); - return (status); -} - -psa_status_t test_partition_crypto_close_key(psa_key_handle_t key_handle) -{ - psa_invec in_vec = { &key_handle, sizeof(key_handle) }; - psa_status_t status = invoke_ipc_call(CRYPTO_CLOSE_KEY, &in_vec, 1, NULL, 0); - return (status); -} - -psa_status_t test_partition_crypto_destroy_key(psa_key_handle_t key_handle) -{ - psa_invec in_vec = { &key_handle, sizeof(key_handle) }; - psa_status_t status = invoke_ipc_call(CRYPTO_DESTROY_KEY, &in_vec, 1, NULL, 0); - return (status); -} - -psa_status_t test_partition_crypto_import_key( - const psa_key_attributes_t *attributes, - const uint8_t *key_data, - size_t key_data_size, - psa_key_handle_t *key_handle) -{ - psa_invec in_vec[] = { - { attributes, sizeof(*attributes) }, - { key_data, key_data_size }, - }; - psa_outvec out_vec[] = { - { key_handle, sizeof(*key_handle) }, - }; - psa_status_t status = invoke_ipc_call(CRYPTO_IMPORT_KEY, in_vec, 2, out_vec, 1); - return (status); -} diff --git a/TESTS/psa/crypto_access_control/COMPONENT_PSA_SRV_IPC/test_partition_proxy.h b/TESTS/psa/crypto_access_control/COMPONENT_PSA_SRV_IPC/test_partition_proxy.h deleted file mode 100644 index eaf7fb3..0000000 --- a/TESTS/psa/crypto_access_control/COMPONENT_PSA_SRV_IPC/test_partition_proxy.h +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Copyright (c) 2019, Arm Limited and affiliates - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef TEST_PARTITION_PROXY_H -#define TEST_PARTITION_PROXY_H - -#include "psa/crypto.h" - -#ifdef __cplusplus -extern "C" { -#endif - -psa_status_t test_partition_crypto_get_key_attributes( - psa_key_handle_t key_handle, psa_key_attributes_t *attributes); - -psa_status_t test_partition_crypto_generate_key( - const psa_key_attributes_t *attributes, psa_key_handle_t *key_handle); - -psa_status_t test_partition_crypto_open_key( - psa_key_id_t key_id, psa_key_handle_t *key_handle); - -psa_status_t test_partition_crypto_close_key(psa_key_handle_t key_handle); - -psa_status_t test_partition_crypto_destroy_key(psa_key_handle_t key_handle); - -psa_status_t test_partition_crypto_import_key( - const psa_key_attributes_t *attributes, - const uint8_t *key_data, - size_t key_data_size, - psa_key_handle_t *key_handle); - -#ifdef __cplusplus -} -#endif - -#endif /* TEST_PARTITION_PROXY_H */ diff --git a/TESTS/psa/crypto_access_control/COMPONENT_SPE/test_partition.c b/TESTS/psa/crypto_access_control/COMPONENT_SPE/test_partition.c deleted file mode 100644 index f845c82..0000000 --- a/TESTS/psa/crypto_access_control/COMPONENT_SPE/test_partition.c +++ /dev/null @@ -1,193 +0,0 @@ -/* - * Copyright (c) 2019, Arm Limited and affiliates - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include -#include "mbed_spm_partitions.h" -#include "psa/client.h" -#include "psa/service.h" -#include "psa/crypto.h" - -typedef psa_status_t (*SignalHandler)(psa_msg_t *); - -static void read_input_param_from_message(psa_msg_t *msg, uint8_t param_index, void *param_ptr) -{ - size_t bytes_read = psa_read(msg->handle, param_index, param_ptr, msg->in_size[param_index]); - if (bytes_read != msg->in_size[param_index]) { - SPM_PANIC("SPM read length mismatch"); - } -} - -static psa_status_t crypto_generate_key(psa_msg_t *msg) -{ - psa_status_t status; - psa_key_handle_t key_handle = 0; - psa_key_type_t key_type = 0; - size_t key_bits = 0; - psa_key_attributes_t attributes; - - read_input_param_from_message(msg, 0, &attributes); - - status = psa_generate_key(&attributes, &key_handle); - if (status == PSA_SUCCESS) { - psa_write(msg->handle, 0, &key_handle, sizeof(key_handle)); - } - return (status); -} - -static psa_status_t crypto_open_key(psa_msg_t *msg) -{ - psa_status_t status; - psa_key_id_t key_id; - psa_key_handle_t key_handle; - - read_input_param_from_message(msg, 0, &key_id); - - status = psa_open_key(key_id, &key_handle); - if (status == PSA_SUCCESS) { - psa_write(msg->handle, 0, &key_handle, sizeof(key_handle)); - } - return (status); -} - -static psa_status_t crypto_close_key(psa_msg_t *msg) -{ - psa_status_t status; - psa_key_handle_t key_handle; - - read_input_param_from_message(msg, 0, &key_handle); - - status = psa_close_key(key_handle); - return (status); -} - -static psa_status_t crypto_destroy_key(psa_msg_t *msg) -{ - psa_status_t status; - psa_key_handle_t key_handle; - - read_input_param_from_message(msg, 0, &key_handle); - - status = psa_destroy_key(key_handle); - return (status); -} - -static psa_status_t crypto_get_key_attributes(psa_msg_t *msg) -{ - psa_status_t status; - psa_key_handle_t key_handle; - psa_key_attributes_t attributes; - - read_input_param_from_message(msg, 0, &key_handle); - - status = psa_get_key_attributes(key_handle, &attributes); - if (status == PSA_SUCCESS) { - psa_write(msg->handle, 0, &attributes, sizeof(attributes)); - } - return (status); -} - -static psa_status_t crypto_import_key(psa_msg_t *msg) -{ - psa_status_t status; - psa_key_handle_t key_handle; - psa_key_attributes_t attributes; - uint8_t *key_data; - size_t key_data_size = msg->in_size[1]; - - read_input_param_from_message(msg, 0, &attributes); - - key_data = calloc(1, key_data_size); - if (key_data == NULL) { - return (PSA_ERROR_INSUFFICIENT_MEMORY); - } - read_input_param_from_message(msg, 1, key_data); - - status = psa_import_key(&attributes, key_data, key_data_size, &key_handle); - if (status == PSA_SUCCESS) { - psa_write(msg->handle, 0, &key_handle, sizeof(key_handle)); - } - free(key_data); - - return (status); -} - -static void message_handler(psa_msg_t *msg, SignalHandler handler) -{ - psa_status_t status = 0; - - switch (msg->type) { - case PSA_IPC_CONNECT: - case PSA_IPC_DISCONNECT: { - break; - } - case PSA_IPC_CALL: { - status = handler(msg); - break; - } - default: { - SPM_PANIC("Unexpected message type %d!", (int)(msg->type)); - break; - } - } - - psa_reply(msg->handle, status); -} - -void test_partition_main(void) -{ - psa_signal_t signal; - psa_msg_t msg = {0}; - while (1) { - signal = psa_wait(CRYPTO_ACL_TEST_WAIT_ANY_SID_MSK, PSA_BLOCK); - if (signal & CRYPTO_GENERATE_KEY_MSK) { - if (PSA_SUCCESS != psa_get(CRYPTO_GENERATE_KEY_MSK, &msg)) { - continue; - } - message_handler(&msg, crypto_generate_key); - } - if (signal & CRYPTO_OPEN_KEY_MSK) { - if (PSA_SUCCESS != psa_get(CRYPTO_OPEN_KEY_MSK, &msg)) { - continue; - } - message_handler(&msg, crypto_open_key); - } - if (signal & CRYPTO_CLOSE_KEY_MSK) { - if (PSA_SUCCESS != psa_get(CRYPTO_CLOSE_KEY_MSK, &msg)) { - continue; - } - message_handler(&msg, crypto_close_key); - } - if (signal & CRYPTO_DESTROY_KEY_MSK) { - if (PSA_SUCCESS != psa_get(CRYPTO_DESTROY_KEY_MSK, &msg)) { - continue; - } - message_handler(&msg, crypto_destroy_key); - } - if (signal & CRYPTO_GET_KEY_ATTRIBUTES_MSK) { - if (PSA_SUCCESS != psa_get(CRYPTO_GET_KEY_ATTRIBUTES_MSK, &msg)) { - continue; - } - message_handler(&msg, crypto_get_key_attributes); - } - if (signal & CRYPTO_IMPORT_KEY_MSK) { - if (PSA_SUCCESS != psa_get(CRYPTO_IMPORT_KEY_MSK, &msg)) { - continue; - } - message_handler(&msg, crypto_import_key); - } - } -} diff --git a/TESTS/psa/crypto_access_control/crypto_acl_tests_partition_psa.json b/TESTS/psa/crypto_access_control/crypto_acl_tests_partition_psa.json deleted file mode 100644 index 103d38c..0000000 --- a/TESTS/psa/crypto_access_control/crypto_acl_tests_partition_psa.json +++ /dev/null @@ -1,65 +0,0 @@ -{ - "name": "CRYPTO_ACL_TEST", - "type": "APPLICATION-ROT", - "priority": "NORMAL", - "id": "0x00000080", - "entry_point": "test_partition_main", - "stack_size": "0x200", - "heap_size": "0x400", - "services": [ - { - "name": "CRYPTO_GENERATE_KEY", - "identifier": "0x00000201", - "signal": "CRYPTO_GENERATE_KEY_MSK", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "RELAXED" - }, - { - "name": "CRYPTO_OPEN_KEY", - "identifier": "0x00000202", - "signal": "CRYPTO_OPEN_KEY_MSK", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "RELAXED" - }, - { - "name": "CRYPTO_CLOSE_KEY", - "identifier": "0x00000203", - "signal": "CRYPTO_CLOSE_KEY_MSK", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "RELAXED" - }, - { - "name": "CRYPTO_DESTROY_KEY", - "identifier": "0x00000205", - "signal": "CRYPTO_DESTROY_KEY_MSK", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "RELAXED" - }, - { - "name": "CRYPTO_GET_KEY_ATTRIBUTES", - "identifier": "0x00000206", - "signal": "CRYPTO_GET_KEY_ATTRIBUTES_MSK", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "RELAXED" - }, - { - "name": "CRYPTO_IMPORT_KEY", - "identifier": "0x00000208", - "signal": "CRYPTO_IMPORT_KEY_MSK", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "RELAXED" - } - ], - "extern_sids": [ - "PSA_KEY_MNG_ID" - ], - "source_files": [ - "COMPONENT_SPE/test_partition.c" - ] -} diff --git a/TESTS/psa/spm_client/COMPONENT_NSPE/main.cpp b/TESTS/psa/spm_client/COMPONENT_NSPE/main.cpp deleted file mode 100644 index 8713779..0000000 --- a/TESTS/psa/spm_client/COMPONENT_NSPE/main.cpp +++ /dev/null @@ -1,487 +0,0 @@ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef COMPONENT_PSA_SRV_IPC -#error [NOT_SUPPORTED] SPM tests can run only on SPM-enabled targets -#else - -#include "mbed.h" -#include "greentea-client/test_env.h" -#include "unity.h" -#include "utest.h" -#include "psa/client.h" -#include "psa_manifest/sid.h" - -#if defined(TARGET_TFM) -#define MBED_CONF_SPM_IPC_MAX_NUM_OF_CHANNELS TFM_CONN_HANDLE_MAX_NUM -#define PSA_MAX_IOVEC 4 -#endif - -using namespace utest::v1; - -#define MINOR_VER 0 -#define DROP_CONN_MINOR_VER 5 -#define CLIENT_RSP_BUF_SIZE 128 -#define OFFSET_POS 1 -#define INVALID_SID 0x00001A020 - - -typedef struct th_struct { - psa_handle_t handle; - psa_invec *iovec_temp; - uint8_t *expected; - uint8_t expected_size; -} th_struct_t; - -/* ------------------------------------- Functions ----------------------------------- */ - -static psa_handle_t client_ipc_tests_connect(uint32_t sid, uint32_t minor_version) -{ - psa_handle_t handle = psa_connect(sid, minor_version); - - TEST_ASSERT_TRUE(handle > 0); - - return handle; -} - -static void client_ipc_tests_call( - psa_handle_t handle, - psa_invec *iovec_temp, - size_t tx_len, - size_t rx_len, - uint8_t *expected, - uint8_t expected_size -) -{ - psa_status_t status = PSA_SUCCESS; - uint8_t *response_buf = (uint8_t *)malloc(CLIENT_RSP_BUF_SIZE * sizeof(uint8_t)); - memset(response_buf, 0, CLIENT_RSP_BUF_SIZE); - psa_outvec resp = {NULL, rx_len}; - - if (rx_len > 0) { - resp.base = response_buf; - } - - status = psa_call(handle, - (tx_len ? iovec_temp : NULL), - tx_len, - (rx_len ? &resp : NULL), - (rx_len ? 1 : 0) - ); - - if (expected) { - TEST_ASSERT_EQUAL_UINT8_ARRAY(expected, response_buf, expected_size); - } - free(response_buf); - TEST_ASSERT_EQUAL_INT(PSA_SUCCESS, status); -} - -static void client_ipc_tests_close(psa_handle_t handle) -{ - psa_close(handle); -} - -//Testing iovec 0 sent as NULL -void iovec_0_NULL() -{ - psa_handle_t handle = client_ipc_tests_connect(CLIENT_TESTS_PART1_ROT_SRV1, MINOR_VER); - - uint8_t expect_size = 5; - uint8_t off = 2; - - uint8_t meta_iovec[2] = {expect_size, off}; - uint8_t buff1[] = {1, 2, 3, 4, 5}; - uint8_t expected_buff[] = {1, 2, 3, 4, 5}; - - psa_invec iovec_temp[PSA_MAX_IOVEC - 1] = { - {NULL, 0}, - {meta_iovec, sizeof(meta_iovec)}, - {buff1, sizeof(buff1)} - }; - - client_ipc_tests_call(handle, iovec_temp, PSA_MAX_IOVEC - 1, CLIENT_RSP_BUF_SIZE, expected_buff, sizeof(expected_buff)); - - client_ipc_tests_close(handle); -} - -//Testing iovec 1 sent as NULL -void iovec_1_NULL() -{ - psa_handle_t handle = client_ipc_tests_connect(CLIENT_TESTS_PART1_ROT_SRV1, MINOR_VER); - - uint8_t expect_size = 2; - uint8_t off = 3; - - uint8_t meta_iovec[2] = {expect_size, off}; - uint8_t buff1[] = {1, 2, 3, 4, 5}; - uint8_t expected_buff[] = {2, 3}; - - psa_invec iovec_temp[PSA_MAX_IOVEC - 1] = {{meta_iovec, sizeof(meta_iovec)}, - {NULL, 0}, - {buff1, sizeof(buff1)} - }; - - client_ipc_tests_call(handle, iovec_temp, PSA_MAX_IOVEC - 1, CLIENT_RSP_BUF_SIZE, expected_buff, sizeof(expected_buff)); - - client_ipc_tests_close(handle); -} - -//Testing iovec 2 sent as NULL -void iovec_2_NULL() -{ - psa_handle_t handle = client_ipc_tests_connect(CLIENT_TESTS_PART1_ROT_SRV1, MINOR_VER); - - uint8_t expect_size = 2; - uint8_t off = 3; - - uint8_t meta_iovec[2] = {expect_size, off}; - uint8_t buff1[] = {1, 2, 3, 4, 5}; - uint8_t expected_buff[] = {2, 3}; - - psa_invec iovec_temp[PSA_MAX_IOVEC - 1] = {{meta_iovec, sizeof(meta_iovec)}, - {buff1, sizeof(buff1)}, - {NULL, 0} - }; - - client_ipc_tests_call(handle, iovec_temp, PSA_MAX_IOVEC - 1, CLIENT_RSP_BUF_SIZE, expected_buff, sizeof(expected_buff)); - - client_ipc_tests_close(handle); -} - -// Testing in_vec[i] sent with size 0 and base not NULL -void in_vec_base_not_NULL_size_0() -{ - uint8_t dummy_buff[] = {1, 2, 3, 4, 5}; - psa_invec iovec_temp[1] = { {dummy_buff, 0} }; - - psa_handle_t handle = client_ipc_tests_connect(CLIENT_TESTS_PART1_ROT_SRV1, MINOR_VER); - - client_ipc_tests_call(handle, iovec_temp, 1, 0, NULL, 0); - - client_ipc_tests_close(handle); -} - -// Testing in_len is 0 but in_vec is not NULL -void in_len_0_in_vec_not_NULL() -{ - uint8_t dummy_buff[] = {1, 2, 3, 4, 5}; - psa_invec iovec_temp[1] = { {dummy_buff, sizeof(dummy_buff)} }; - - psa_handle_t handle = client_ipc_tests_connect(CLIENT_TESTS_PART1_ROT_SRV1, MINOR_VER); - - client_ipc_tests_call(handle, iovec_temp, 0, 0, NULL, 0); - - client_ipc_tests_close(handle); -} - -// Testing out_len is 0 but out_vec is not NULL -void out_len_0_outvec_not_NULL() -{ - psa_status_t status = PSA_SUCCESS; - - uint8_t dummy_res[10] = {0}; - psa_outvec outvec_temp[1] = {{dummy_res, sizeof(dummy_res)}}; - - uint8_t dummy_buff[] = {1, 2, 3, 4, 5}; - - psa_handle_t handle = client_ipc_tests_connect(CLIENT_TESTS_PART1_ROT_SRV1, MINOR_VER); - - psa_invec in_vec_temp[2] = { {dummy_buff, sizeof(dummy_buff)}, - {dummy_buff, sizeof(dummy_buff)} - }; - - status = psa_call(handle, in_vec_temp, 2, outvec_temp, 0); - - TEST_ASSERT_EQUAL_INT32(PSA_SUCCESS, status); - - client_ipc_tests_close(handle); -} - -//Testing rx_buff sent as NULL and rx_len as 0 -void rx_buff_null() -{ - psa_handle_t handle = client_ipc_tests_connect(CLIENT_TESTS_PART1_ROT_SRV1, MINOR_VER); - - uint8_t expect_size = 0, off = 2; - - uint8_t meta_iovec[2] = {expect_size, off}; - uint8_t buff1[] = {1, 2, 3, 4, 5}, buff2[] = {6}; - - psa_invec iovec_temp[PSA_MAX_IOVEC - 1] = {{meta_iovec, sizeof(meta_iovec)}, - {buff1, sizeof(buff1)}, - {buff2, sizeof(buff2)} - }; - - client_ipc_tests_call(handle, iovec_temp, PSA_MAX_IOVEC - 1, 0, NULL, 0); - - client_ipc_tests_close(handle); -} - -//Testing tx_buff sent as NULL and tx_len as 0 -void tx_buff_null() -{ - psa_handle_t handle = client_ipc_tests_connect(CLIENT_TESTS_PART1_ROT_SRV1, MINOR_VER); - - client_ipc_tests_call(handle, NULL, 0, CLIENT_RSP_BUF_SIZE, NULL, 0); - - client_ipc_tests_close(handle); -} - -//Testing rx_buff and tx_null sent as NULL and rx_len and tx_len as 0 -void rx_tx_null() -{ - psa_handle_t handle = client_ipc_tests_connect(CLIENT_TESTS_PART1_ROT_SRV1, MINOR_VER); - - client_ipc_tests_call(handle, NULL, 0, 0, NULL, 0); - - client_ipc_tests_close(handle); -} - -//Testing multiple subsequent calls to the same SID -void multiple_call() -{ - psa_handle_t handle = client_ipc_tests_connect(CLIENT_TESTS_PART1_ROT_SRV1, MINOR_VER); - - uint8_t expect_size = 2, off = 2; - - uint8_t meta_iovec[2] = {expect_size, off}; - uint8_t buff1[] = {1, 2, 3}; - uint8_t buff2[] = {4, 5, 6}; - uint8_t expected_buff[] = {1, 2}; - - psa_invec iovec_temp[PSA_MAX_IOVEC - 1] = {{meta_iovec, sizeof(meta_iovec)}, - {buff1, sizeof(buff1)}, - {buff2, sizeof(buff2)} - }; - - client_ipc_tests_call(handle, iovec_temp, PSA_MAX_IOVEC - 1, CLIENT_RSP_BUF_SIZE, expected_buff, sizeof(expected_buff)); - - meta_iovec[1] = 3; //off - iovec_temp[0].base = meta_iovec; - expected_buff[0] = 2; - expected_buff[1] = 3; - - client_ipc_tests_call(handle, iovec_temp, PSA_MAX_IOVEC - 1, CLIENT_RSP_BUF_SIZE, expected_buff, sizeof(expected_buff)); - - meta_iovec[1] = 4; //off - iovec_temp[0].base = meta_iovec; - expected_buff[0] = 3; - expected_buff[1] = 4; - - client_ipc_tests_call(handle, iovec_temp, PSA_MAX_IOVEC - 1, CLIENT_RSP_BUF_SIZE, expected_buff, sizeof(expected_buff)); - - client_ipc_tests_close(handle); -} - -static void set_struct(th_struct_t *thr_attr, psa_handle_t handle, psa_invec *iovec_temp, uint8_t *expect, uint8_t expected_size) -{ - thr_attr->handle = handle; - thr_attr->iovec_temp = iovec_temp; - thr_attr->expected = expect; - thr_attr->expected_size = expected_size; -} - -static void call_diff_handle(th_struct_t *thr_attr) -{ - psa_handle_t handle = client_ipc_tests_connect(CLIENT_TESTS_PART1_ROT_SRV1, MINOR_VER); - - client_ipc_tests_call(handle, - thr_attr->iovec_temp, - PSA_MAX_IOVEC - 1, - CLIENT_RSP_BUF_SIZE, - thr_attr->expected, - thr_attr->expected_size); - - osDelay(10); - - client_ipc_tests_close(handle); -} - -//Testing multiple parallel calls to the same SID with different handles -void multi_thread_diff_handles() -{ - Thread T1(osPriorityNormal, 512); - Thread T2(osPriorityNormal, 512); - Thread T3(osPriorityNormal, 512); - - th_struct_t thr_attr[] = {{0}, {0}, {0}}; - - uint8_t meta_iovec_1[] = { 2, //expect_size - 2 //off - }; - uint8_t buff1[] = {1, 2, 3}; - uint8_t buff2[] = {4, 5, 6}; - uint8_t expected_buff_1[] = {1, 2}; - - psa_invec iovec_temp_1[PSA_MAX_IOVEC - 1] = {{meta_iovec_1, sizeof(meta_iovec_1)}, - {buff1, sizeof(buff1)}, - {buff2, sizeof(buff2)} - }; - - set_struct(&thr_attr[0], 0, iovec_temp_1, expected_buff_1, sizeof(expected_buff_1)); - osStatus err = T1.start(callback(call_diff_handle, (th_struct_t *)&thr_attr[0])); - if (err) { - TEST_FAIL_MESSAGE("creating thread failed!"); - } - - uint8_t meta_iovec_2[] = { 2, //expect_size - 3 //off - }; - uint8_t expected_buff_2[] = {2, 3}; - - psa_invec iovec_temp_2[PSA_MAX_IOVEC - 1] = {{meta_iovec_2, sizeof(meta_iovec_2)}, - {buff1, sizeof(buff1)}, - {buff2, sizeof(buff2)} - }; - set_struct(&thr_attr[1], 0, iovec_temp_2, expected_buff_2, sizeof(expected_buff_2)); - err = T2.start(callback(call_diff_handle, (th_struct_t *)&thr_attr[1])); - if (err) { - TEST_FAIL_MESSAGE("creating thread failed!"); - } - - uint8_t meta_iovec_3[] = { 2, //expect_size - 4 //off - }; - uint8_t expected_buff_3[] = {3, 4}; - - psa_invec iovec_temp_3[PSA_MAX_IOVEC - 1] = {{meta_iovec_3, sizeof(meta_iovec_3)}, - {buff1, sizeof(buff1)}, - {buff2, sizeof(buff2)} - }; - - set_struct(&thr_attr[2], 0, iovec_temp_3, expected_buff_3, sizeof(expected_buff_3)); - err = T3.start(callback(call_diff_handle, (th_struct_t *)&thr_attr[2])); - if (err) { - TEST_FAIL_MESSAGE("creating thread failed!"); - } - - err = T1.join(); - if (err) { - TEST_FAIL_MESSAGE("joining thread failed!"); - } - err = T2.join(); - if (err) { - TEST_FAIL_MESSAGE("joining thread failed!"); - } - err = T3.join(); - if (err) { - TEST_FAIL_MESSAGE("joining thread failed!"); - } - -} - - -//Testing exceeding num of max channels allowed by psa_connect -void exceed_num_of_max_channels() -{ - int i = 0; - psa_handle_t handle[MBED_CONF_SPM_IPC_MAX_NUM_OF_CHANNELS + 1] = {0}; - - for (i = 0; i < MBED_CONF_SPM_IPC_MAX_NUM_OF_CHANNELS + 1; i++) { - if (i != MBED_CONF_SPM_IPC_MAX_NUM_OF_CHANNELS) { - handle[i] = client_ipc_tests_connect(CLIENT_TESTS_PART1_ROT_SRV1, MINOR_VER); - } else { - handle[i] = psa_connect(CLIENT_TESTS_PART1_ROT_SRV1, MINOR_VER); - TEST_ASSERT_EQUAL_INT32(PSA_CONNECTION_REFUSED, handle[i]); - } - } - - for (i = 0; i < MBED_CONF_SPM_IPC_MAX_NUM_OF_CHANNELS; i++) { - client_ipc_tests_close(handle[i]); - } -} - -void client_close_null_handle() -{ - client_ipc_tests_close(PSA_NULL_HANDLE); -} - -void drop_connection() -{ - psa_handle_t handle = client_ipc_tests_connect(CLIENT_TESTS_PART1_DROP_CONN, DROP_CONN_MINOR_VER); - psa_status_t status = psa_call(handle, NULL, 0, NULL, 0); - TEST_ASSERT_EQUAL_INT(PSA_DROP_CONNECTION, status); - - status = PSA_SUCCESS; - status = psa_call(handle, NULL, 0, NULL, 0); - TEST_ASSERT_EQUAL_INT(PSA_DROP_CONNECTION, status); - - client_ipc_tests_close(handle); -} - -void verify_psa_framework_version() -{ - uint32_t ff_version = psa_framework_version(); - TEST_ASSERT_EQUAL_INT(PSA_FRAMEWORK_VERSION, ff_version); -} - -void psa_version_existing() -{ - uint32_t rot_version = psa_version(CLIENT_TESTS_PART1_DROP_CONN); - TEST_ASSERT_EQUAL_INT(DROP_CONN_MINOR_VER, rot_version); -} - -void psa_version_non_existing() -{ - uint32_t rot_version = psa_version(INVALID_SID); - TEST_ASSERT_EQUAL_INT(PSA_VERSION_NONE, rot_version); -} - -void psa_version_secure_access_only() -{ - uint32_t rot_version = psa_version(CLIENT_TESTS_PART1_SECURE_CLIENTS_ONLY); - TEST_ASSERT_EQUAL_INT(PSA_VERSION_NONE, rot_version); -} - - -// Test cases -Case cases[] = { - Case("Testing client iovec_0_NULL", iovec_0_NULL), - Case("Testing client iovec_1_NULL", iovec_1_NULL), - Case("Testing client iovec_2_NULL", iovec_2_NULL), - Case("Testing client in_vec 0 base not NULL size 0", in_vec_base_not_NULL_size_0), - Case("Testing client in_len 0 in_vec not NULL", in_len_0_in_vec_not_NULL), - Case("Testing client out_len is 0 but out_vec is not NULL", out_len_0_outvec_not_NULL), - Case("Testing client rx_buff_null", rx_buff_null), - Case("Testing client tx_buff_null", tx_buff_null), - Case("Testing client rx_tx_null", rx_tx_null), - Case("Testing client multiple_call from a single thread", multiple_call), - Case("Testing client close on NULL handle", client_close_null_handle), - Case("Testing DROP_CONNECTION State", drop_connection), - Case("Testing client psa_framework_version() API", verify_psa_framework_version), - Case("Testing client psa_version() API on existing SID", psa_version_existing), - Case("Testing client psa_version() API on non-existing SID", psa_version_non_existing), - Case("Testing client psa_version() API to a service that is not NSPE callable", psa_version_secure_access_only), - Case("Testing client multiple calls on different channels to the same SID", multi_thread_diff_handles), -}; - -utest::v1::status_t test_setup(const size_t number_of_cases) -{ - // Setup Greentea using a reasonable timeout in seconds - GREENTEA_SETUP(60, "default_auto"); - return verbose_test_setup_handler(number_of_cases); -} - -Specification specification(test_setup, cases); - -int main() -{ - Harness::run(specification); - return 0; -} - -#endif // COMPONENT_PSA_SRV_IPC diff --git a/TESTS/psa/spm_client/COMPONENT_SPE/client_tests_partition.c b/TESTS/psa/spm_client/COMPONENT_SPE/client_tests_partition.c deleted file mode 100644 index afe5767..0000000 --- a/TESTS/psa/spm_client/COMPONENT_SPE/client_tests_partition.c +++ /dev/null @@ -1,97 +0,0 @@ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#include -#include "psa/client.h" -#include "psa/service.h" -#include "mbed_spm_partitions.h" - -#define MSG_BUF_SIZE 128 -uint8_t data[MSG_BUF_SIZE] = {0}; - -void client_part_main(void *ptr) -{ - psa_signal_t signals = 0; - psa_msg_t msg = {0}; - while (1) { - signals = psa_wait(CLIENT_TESTS_PART1_WAIT_ANY_SID_MSK, PSA_BLOCK); - if (signals & PART1_ROT_SRV1_MSK) { - if (PSA_SUCCESS != psa_get(PART1_ROT_SRV1_MSK, &msg)) { - continue; - } - - switch (msg.type) { - case PSA_IPC_CONNECT: - case PSA_IPC_DISCONNECT: - break; - case PSA_IPC_CALL: { - memset(data, 0, sizeof(data)); - if (msg.in_size[0] + msg.in_size[1] + msg.in_size[2] > 1) { - size_t offset = psa_read(msg.handle, 0, (void *)data, msg.in_size[0]); - offset += psa_read(msg.handle, 1, (void *)(data + offset), msg.in_size[1]); - psa_read(msg.handle, 2, (void *)(data + offset), msg.in_size[2]); - } - - if (msg.out_size[0] > 0) { - uint8_t resp_size = data[0]; - uint8_t resp_offset = data[1]; - psa_write(msg.handle, 0, (const void *)(data + resp_offset), resp_size); - } - break; - } - - default: { - SPM_PANIC("Invalid msg type"); - } - } - - psa_reply(msg.handle, PSA_SUCCESS); - } else if (signals & DROP_CONN_MSK) { - if (PSA_SUCCESS != psa_get(DROP_CONN_MSK, &msg)) { - continue; - } - - switch (msg.type) { - case PSA_IPC_CONNECT: - case PSA_IPC_DISCONNECT: - psa_reply(msg.handle, PSA_SUCCESS); - break; - case PSA_IPC_CALL: - psa_reply(msg.handle, PSA_DROP_CONNECTION); - break; - default: - SPM_PANIC("Invalid msg type"); - } - } else if (signals & SECURE_CLIENTS_ONLY_MSK) { - if (PSA_SUCCESS != psa_get(SECURE_CLIENTS_ONLY_MSK, &msg)) { - continue; - } - - switch (msg.type) { - case PSA_IPC_CONNECT: - case PSA_IPC_DISCONNECT: - case PSA_IPC_CALL: - psa_reply(msg.handle, PSA_SUCCESS); - break; - default: - SPM_PANIC("Invalid msg type"); - } - } else { - SPM_PANIC("Received invalid signal %lu", signals); - } - } -} - diff --git a/TESTS/psa/spm_client/client_tests_part1_psa.json b/TESTS/psa/spm_client/client_tests_part1_psa.json deleted file mode 100644 index 42e3f39..0000000 --- a/TESTS/psa/spm_client/client_tests_part1_psa.json +++ /dev/null @@ -1,37 +0,0 @@ -{ - "name": "CLIENT_TESTS_PART1", - "type": "APPLICATION-ROT", - "priority": "NORMAL", - "id": "0x00000001", - "entry_point": "client_part_main", - "stack_size": "0x400", - "heap_size": "0x400", - "services": [{ - "name": "CLIENT_TESTS_PART1_ROT_SRV1", - "identifier": "0x00001A05", - "signal": "PART1_ROT_SRV1_MSK", - "non_secure_clients": true, - "minor_version": 5, - "minor_policy": "RELAXED" - }, - { - "name": "CLIENT_TESTS_PART1_DROP_CONN", - "identifier": "0x00001A06", - "signal": "DROP_CONN_MSK", - "non_secure_clients": true, - "minor_version": 5, - "minor_policy": "RELAXED" - }, - { - "name": "CLIENT_TESTS_PART1_SECURE_CLIENTS_ONLY", - "identifier": "0x00001A07", - "signal": "SECURE_CLIENTS_ONLY_MSK", - "non_secure_clients": false, - "minor_version": 5, - "minor_policy": "RELAXED" - } - ], - "source_files": [ - "COMPONENT_SPE/client_tests_partition.c" - ] -} diff --git a/TESTS/psa/spm_server/COMPONENT_NSPE/main.cpp b/TESTS/psa/spm_server/COMPONENT_NSPE/main.cpp deleted file mode 100644 index 9ad69d4..0000000 --- a/TESTS/psa/spm_server/COMPONENT_NSPE/main.cpp +++ /dev/null @@ -1,276 +0,0 @@ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef COMPONENT_PSA_SRV_IPC -#error [NOT_SUPPORTED] SPM tests can run only on SPM-enabled targets -#else - -#include "mbed.h" -#include "greentea-client/test_env.h" -#include "unity.h" -#include "utest.h" -#include "psa/client.h" -#include "server_tests.h" -#include "psa_manifest/sid.h" - -#if defined(TARGET_TFM) -#define PSA_MAX_IOVEC 4 -#endif - -using namespace utest::v1; - -#define TEST_ROT_SRV_MINOR 12 -#define OUT_BUFFER_SIZE 60 - -psa_handle_t control_handle = 0; -char test_str[] = "abcdefghijklmnopqrstuvwxyz"; -char cross_part_buf[] = "Hello and welcome SPM"; - - -PSA_TEST_CLIENT(identity_during_connect) -{ - psa_handle_t test_handle = psa_connect(SERVER_TESTS_PART1_TEST, TEST_ROT_SRV_MINOR); - TEST_ASSERT(test_handle > 0); - - psa_close(test_handle); -} - - -PSA_TEST_CLIENT(identity_during_call) -{ - psa_status_t status = PSA_SUCCESS; - psa_handle_t test_handle = psa_connect(SERVER_TESTS_PART1_TEST, TEST_ROT_SRV_MINOR); - TEST_ASSERT(test_handle > 0); - - status = psa_call(test_handle, NULL, 0, NULL, 0); - TEST_ASSERT_EQUAL(PSA_SUCCESS, status); - - psa_close(test_handle); -} - -PSA_TEST_CLIENT(msg_size_assertion) -{ - psa_status_t status = PSA_SUCCESS; - psa_invec data[PSA_MAX_IOVEC] = { - {test_str, 4}, - {test_str + 5, 6}, - {test_str + 13, 1}, - {NULL, 0} - }; - psa_handle_t test_handle = psa_connect(SERVER_TESTS_PART1_TEST, TEST_ROT_SRV_MINOR); - TEST_ASSERT(test_handle > 0); - - status = psa_call(test_handle, data, PSA_MAX_IOVEC, NULL, 0); - TEST_ASSERT_EQUAL(PSA_SUCCESS, status); - - psa_close(test_handle); -} - -PSA_TEST_CLIENT(reject_connection) -{ - psa_handle_t test_handle = psa_connect(SERVER_TESTS_PART1_TEST, TEST_ROT_SRV_MINOR); - TEST_ASSERT_EQUAL(PSA_CONNECTION_REFUSED, test_handle); -} - -PSA_TEST_CLIENT(read_at_outofboud_offset) -{ - psa_status_t status = PSA_SUCCESS; - psa_invec data = { test_str, sizeof(test_str) }; - psa_handle_t test_handle = psa_connect(SERVER_TESTS_PART1_TEST, TEST_ROT_SRV_MINOR); - TEST_ASSERT(test_handle > 0); - - status = psa_call(test_handle, &data, 1, NULL, 0); - TEST_ASSERT_EQUAL(PSA_SUCCESS, status); - - psa_close(test_handle); -} - -PSA_TEST_CLIENT(msg_read_truncation) -{ - psa_status_t status = PSA_SUCCESS; - psa_invec data[3] = { - {test_str, 4}, - {test_str + 5, 6}, - {test_str + 13, 1} - }; - psa_handle_t test_handle = psa_connect(SERVER_TESTS_PART1_TEST, TEST_ROT_SRV_MINOR); - TEST_ASSERT(test_handle > 0); - - status = psa_call(test_handle, data, 3, NULL, 0); - TEST_ASSERT_EQUAL(PSA_SUCCESS, status); - - psa_close(test_handle); -} - -PSA_TEST_CLIENT(skip_zero) -{ - psa_status_t status = PSA_SUCCESS; - psa_invec data = { test_str, sizeof(test_str) }; - psa_handle_t test_handle = psa_connect(SERVER_TESTS_PART1_TEST, TEST_ROT_SRV_MINOR); - TEST_ASSERT(test_handle > 0); - - status = psa_call(test_handle, &data, 1, NULL, 0); - TEST_ASSERT_EQUAL(PSA_SUCCESS, status); - - psa_close(test_handle); -} - -PSA_TEST_CLIENT(skip_some) -{ - psa_status_t status = PSA_SUCCESS; - psa_invec data = { test_str, sizeof(test_str) }; - psa_handle_t test_handle = psa_connect(SERVER_TESTS_PART1_TEST, TEST_ROT_SRV_MINOR); - TEST_ASSERT(test_handle > 0); - - status = psa_call(test_handle, &data, 1, NULL, 0); - TEST_ASSERT_EQUAL(PSA_SUCCESS, status); - - psa_close(test_handle); -} - -PSA_TEST_CLIENT(skip_more_than_left) -{ - psa_status_t status = PSA_SUCCESS; - psa_invec data = { test_str, 8 }; - psa_handle_t test_handle = psa_connect(SERVER_TESTS_PART1_TEST, TEST_ROT_SRV_MINOR); - TEST_ASSERT(test_handle > 0); - - status = psa_call(test_handle, &data, 1, NULL, 0); - TEST_ASSERT_EQUAL(PSA_SUCCESS, status); - - psa_close(test_handle); -} - -PSA_TEST_CLIENT(rhandle_factorial) -{ - uint32_t secure_value = 0; - uint32_t value = 1; - psa_status_t status = PSA_SUCCESS; - psa_outvec resp = { &secure_value, sizeof(secure_value) }; - psa_handle_t test_handle = psa_connect(SERVER_TESTS_PART1_TEST, TEST_ROT_SRV_MINOR); - TEST_ASSERT(test_handle > 0); - - for (uint32_t i = 1; i <= 5; i++) { - value *= i; - status = psa_call(test_handle, NULL, 0, &resp, 1); - TEST_ASSERT_EQUAL(PSA_SUCCESS, status); - TEST_ASSERT_EQUAL(value, secure_value); - } - - psa_close(test_handle); -} - -PSA_TEST_CLIENT(cross_partition_call) -{ - psa_handle_t test_handle = psa_connect(SERVER_TESTS_PART1_TEST, TEST_ROT_SRV_MINOR); - size_t in_len = strlen(cross_part_buf); - TEST_ASSERT_MESSAGE(test_handle > 0, "psa_connect() failed"); - - psa_invec iovec = { cross_part_buf, in_len }; - uint8_t *response_buf = (uint8_t *)malloc(sizeof(uint8_t) * OUT_BUFFER_SIZE); - memset(response_buf, 0, OUT_BUFFER_SIZE); - psa_outvec resp = { response_buf, OUT_BUFFER_SIZE }; - - psa_status_t status = psa_call(test_handle, &iovec, 1, &resp, 1); - TEST_ASSERT_EQUAL(PSA_SUCCESS, status); - TEST_ASSERT_EQUAL_STRING_LEN("MPS emoclew dna olleHMPS emoclew dna olleH", response_buf, in_len * 2); - free(response_buf); - - psa_close(test_handle); -} - -// Test a common DOORBELL scenario -PSA_TEST_CLIENT(doorbell_test) -{ - psa_handle_t test_handle = psa_connect(SERVER_TESTS_PART1_TEST, TEST_ROT_SRV_MINOR); - TEST_ASSERT_MESSAGE(test_handle > 0, "psa_connect() failed"); - - psa_status_t status = psa_call(test_handle, NULL, 0, NULL, 0); - TEST_ASSERT_EQUAL(PSA_SUCCESS, status); - - psa_close(test_handle); -} - - -utest::v1::status_t spm_setup(const size_t number_of_cases) -{ - control_handle = psa_connect(SERVER_TESTS_PART1_CONTROL, 0); - if (control_handle < 0) { - error("Could not open a connection with SERVER_TESTS_PART1_CONTROL ROT_SRV"); - } - - GREENTEA_SETUP(60, "default_auto"); - return greentea_test_setup_handler(number_of_cases); -} - -void spm_teardown(const size_t passed, const size_t failed, const failure_t failure) -{ - psa_close(control_handle); - greentea_test_teardown_handler(passed, failed, failure); -} - -utest::v1::status_t spm_case_setup(const Case *const source, const size_t index_of_case) -{ - psa_status_t status = PSA_SUCCESS; - test_action_t action = START_TEST; - psa_invec data = {&action, sizeof(action)}; - - status = psa_call(control_handle, &data, 1, NULL, 0); - TEST_ASSERT_EQUAL(PSA_SUCCESS, status); - return greentea_case_setup_handler(source, index_of_case); -} - -utest::v1::status_t spm_case_teardown(const Case *const source, const size_t passed, const size_t failed, const failure_t reason) -{ - psa_status_t status = PSA_SUCCESS; - psa_status_t test_status = PSA_SUCCESS; - test_action_t action = GET_TEST_RESULT; - psa_invec data = {&action, sizeof(action)}; - psa_outvec resp = {&test_status, sizeof(test_status)}; - - status = psa_call(control_handle, &data, 1, &resp, 1); - TEST_ASSERT_EQUAL(PSA_SUCCESS, status); - TEST_ASSERT_EQUAL(PSA_SUCCESS, test_status); - return greentea_case_teardown_handler(source, passed, failed, reason); -} - -#define SPM_UTEST_CASE(desc, test) Case(desc, spm_case_setup, PSA_TEST_CLIENT_NAME(test), spm_case_teardown) - -Case cases[] = { - SPM_UTEST_CASE("Get identity during connect", identity_during_connect), - SPM_UTEST_CASE("Get identity during call", identity_during_call), - SPM_UTEST_CASE("Assert msg size", msg_size_assertion), - SPM_UTEST_CASE("Reject on connect", reject_connection), - SPM_UTEST_CASE("Read at an out of bound offset", read_at_outofboud_offset), - SPM_UTEST_CASE("Read msg with size bigger than message", msg_read_truncation), - SPM_UTEST_CASE("Make sure skip with 0 byte number skips nothing", skip_zero), - SPM_UTEST_CASE("Skip a few bytes while reading a message", skip_some), - SPM_UTEST_CASE("Try to skip more bytes than left while reading", skip_more_than_left), - SPM_UTEST_CASE("Test rhandle implementation by calculating the factorial function", rhandle_factorial), - SPM_UTEST_CASE("Test a call flow between 2 secure partitions", cross_partition_call), -}; - -//Declare your test specification with a custom setup handler -Specification specification(spm_setup, cases, spm_teardown); - -int main(int, char **) -{ - Harness::run(specification); - return 0; -} - -#endif // COMPONENT_PSA_SRV_IPC diff --git a/TESTS/psa/spm_server/COMPONENT_SPE/server_tests.h b/TESTS/psa/spm_server/COMPONENT_SPE/server_tests.h deleted file mode 100644 index 919dda5..0000000 --- a/TESTS/psa/spm_server/COMPONENT_SPE/server_tests.h +++ /dev/null @@ -1,57 +0,0 @@ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef __SERVER_TESTS_H__ -#define __SERVER_TESTS_H__ - -typedef enum { - START_TEST = 1, - GET_TEST_RESULT = 2 -} test_action_t; - -typedef struct factorial_data { - uint32_t count; - uint32_t val; -} factorial_data_t; - -typedef psa_status_t (*psa_test_server_side_func)(psa_status_t *); -#define PSA_TEST_ERROR (-1L) -#define PSA_TEST_CLIENT_NAME(name) psa_test_client_side_ ## name -#define PSA_TEST_SERVER_NAME(name) psa_test_server_side_ ## name - -#define PSA_TEST_CLIENT(name) void PSA_TEST_CLIENT_NAME(name) (void) -#define PSA_TEST_SERVER(name) psa_status_t PSA_TEST_SERVER_NAME(name) (psa_status_t *status_ptr) - -#define PSA_TEST(name) \ - PSA_TEST_CLIENT(name); \ - PSA_TEST_SERVER(name); \ - - -PSA_TEST(identity_during_connect) -PSA_TEST(identity_during_call) -PSA_TEST(get_msg_twice) -PSA_TEST(msg_size_assertion) -PSA_TEST(reject_connection) -PSA_TEST(read_at_outofboud_offset) -PSA_TEST(msg_read_truncation) -PSA_TEST(skip_zero) -PSA_TEST(skip_some) -PSA_TEST(skip_more_than_left) -PSA_TEST(rhandle_factorial) -PSA_TEST(cross_partition_call) -PSA_TEST(doorbell_test) -#endif /* __SERVER_TESTS_H__ */ diff --git a/TESTS/psa/spm_server/COMPONENT_SPE/server_tests_partition1.c b/TESTS/psa/spm_server/COMPONENT_SPE/server_tests_partition1.c deleted file mode 100644 index 4fca965..0000000 --- a/TESTS/psa/spm_server/COMPONENT_SPE/server_tests_partition1.c +++ /dev/null @@ -1,93 +0,0 @@ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "string.h" -#include "psa/client.h" -#include "psa/service.h" -#include "mbed_spm_partitions.h" -#include "server_tests.h" - -extern psa_test_server_side_func test_list[]; -static size_t num_of_tests = 0; -static void init_num_of_tests() -{ - size_t i = 0; - while (test_list[i] != NULL) { - i++; - } - - num_of_tests = i; -} - -void server_part1_main(void *ptr) -{ - psa_signal_t signals = 0; - psa_msg_t msg = {0}; - psa_status_t test_status = PSA_SUCCESS; // status of the api calls during the test - psa_status_t test_result = PSA_SUCCESS; // result of the critical section of the test - test_action_t action; - uint32_t test_idx = 0; - - - init_num_of_tests(); - while (1) { - signals = psa_wait(CONTROL_MSK, PSA_BLOCK); - if (0 == (signals & CONTROL_MSK)) { - SPM_PANIC("returned from psa_wait without CONTROL_ROT_SRV bit on signals=(0x%08x)\n", signals); - } - - if (PSA_SUCCESS != psa_get(CONTROL_MSK, &msg)) { - SPM_PANIC("psa_get() failed\n"); - } - switch (msg.type) { - case PSA_IPC_CALL: - if (msg.in_size[0] == 0) { - SPM_PANIC("got a zero message size to SERVER_TESTS_PART1_CONTROL ROT_SRV\n"); - } - - if (psa_read(msg.handle, 0, &action, sizeof(action)) != sizeof(action)) { - SPM_PANIC("could not read the entire test payload structure\n"); - } - - switch (action) { - case START_TEST: - if ((test_idx >= num_of_tests) || (test_list[test_idx] == NULL)) { - SPM_PANIC("Invalid test ID was sent!\n"); - } - - psa_reply(msg.handle, PSA_SUCCESS); - test_status = test_list[test_idx](&test_result); - break; - case GET_TEST_RESULT: - test_idx++; - psa_write(msg.handle, 0, &test_result, sizeof(test_result)); - psa_reply(msg.handle, test_status); - break; - default: - SPM_PANIC("Got illegal Value in test action"); - } - - break; - case PSA_IPC_CONNECT: - case PSA_IPC_DISCONNECT: - psa_reply(msg.handle, PSA_SUCCESS); - break; - default: - SPM_PANIC("Unexpected message type %lu!", msg.type); - } - } -} diff --git a/TESTS/psa/spm_server/COMPONENT_SPE/server_tests_partition2.c b/TESTS/psa/spm_server/COMPONENT_SPE/server_tests_partition2.c deleted file mode 100644 index a20a62d..0000000 --- a/TESTS/psa/spm_server/COMPONENT_SPE/server_tests_partition2.c +++ /dev/null @@ -1,101 +0,0 @@ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include -#include -#include "psa/client.h" -#include "psa/service.h" -#include "mbed_spm_partitions.h" - -void server_part2_main(void *ptr) -{ - psa_signal_t signals = 0; - size_t len = 0; - char *str = NULL; - psa_msg_t msg = {0}; - - while (1) { - signals = psa_wait(SERVER_TESTS_PART2_WAIT_ANY_SID_MSK, PSA_BLOCK); - if (0 == (signals & SERVER_TESTS_PART2_WAIT_ANY_SID_MSK)) { - SPM_PANIC("returned from psa_wait without ROT_SRV_REVERSE_MSK or ROT_SRV_DB_TST_MSK bit on\n"); - } - - if (signals & ROT_SRV_REVERSE_MSK) { - if (PSA_SUCCESS != psa_get(ROT_SRV_REVERSE_MSK, &msg)) { - SPM_PANIC("psa_get() failed\n"); - } - switch (msg.type) { - case PSA_IPC_CALL: { - if ((msg.in_size[0] + msg.in_size[1] + msg.in_size[2]) == 0) { - SPM_PANIC("got a zero message size to REVERSE ROT_SRV\n"); - } - - len = msg.in_size[0]; - str = (char *)malloc(sizeof(char) * len); - if (NULL == str) { - SPM_PANIC("memory allocation failure\n"); - } - psa_read(msg.handle, 0, str, len); - for (size_t i = 0; i < len / 2; i ++) { - char a = str[i]; - str[i] = str[len - i - 1]; - str[len - i - 1] = a; - } - - psa_write(msg.handle, 0, str, len); - free(str); - str = NULL; - break; - } - - case PSA_IPC_CONNECT: - case PSA_IPC_DISCONNECT: - break; - default: - SPM_PANIC("Unexpected message type %lu!", msg.type); - break; - } - - psa_reply(msg.handle, PSA_SUCCESS); - } else { // -- Doorbell test - if (PSA_SUCCESS != psa_get(ROT_SRV_DB_TST_MSK, &msg)) { - SPM_PANIC("psa_get() failed\n"); - } - switch (msg.type) { - case PSA_IPC_CALL: { - int32_t caller_part_id = msg.client_id; - // Doorbell contract is valid only between secure partitions - if (caller_part_id < 0) { - SPM_PANIC("Caller partition is non secure\n"); - } - // In doorbell scenario the server first calls psa_reply() - psa_reply(msg.handle, PSA_SUCCESS); - // After work is done, ring the doorbell - psa_notify(caller_part_id); - break; - } - case PSA_IPC_CONNECT: - case PSA_IPC_DISCONNECT: - psa_reply(msg.handle, PSA_SUCCESS); - break; - default: - SPM_PANIC("Unexpected message type %lu!", msg.type); - break; - } - } - } -} diff --git a/TESTS/psa/spm_server/COMPONENT_SPE/tests.c b/TESTS/psa/spm_server/COMPONENT_SPE/tests.c deleted file mode 100644 index 15aef13..0000000 --- a/TESTS/psa/spm_server/COMPONENT_SPE/tests.c +++ /dev/null @@ -1,702 +0,0 @@ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "string.h" -#include "psa/client.h" -#include "psa/service.h" -#include "mbed_spm_partitions.h" -#include "server_tests.h" -#include "psa_manifest/sid.h" - -/** - * Process a generic connect message to SERVER_TESTS_PART1_TEST ROT_SRV. - * @return PSA_SUCCESS or negative error code if failed. - */ -static psa_status_t process_connect_request(void) -{ - psa_status_t res = PSA_SUCCESS; - psa_msg_t msg = {0}; - psa_signal_t signals = psa_wait(TEST_MSK, PSA_BLOCK); - if ((signals & TEST_MSK) == 0) { - res = PSA_TEST_ERROR; - } - - if (PSA_SUCCESS != psa_get(TEST_MSK, &msg)) { - SPM_PANIC("psa_get() failed\n"); - } - - if (msg.type != PSA_IPC_CONNECT) { - res = ((res != PSA_SUCCESS) ? res : PSA_TEST_ERROR); - } - - psa_reply(msg.handle, res); - - return res; -} - -/** - * Process a generic disconnect message to SERVER_TESTS_PART1_TEST ROT_SRV. - * @return PSA_SUCCESS or negative error code if failed. - */ -static psa_status_t process_disconnect_request(void) -{ - psa_status_t res = PSA_SUCCESS; - psa_msg_t msg = {0}; - psa_signal_t signals = psa_wait(TEST_MSK, PSA_BLOCK); - if ((signals & TEST_MSK) == 0) { - res = PSA_TEST_ERROR; - } - - if (PSA_SUCCESS != psa_get(TEST_MSK, &msg)) { - SPM_PANIC("psa_get() failed\n"); - } - - if (msg.type != PSA_IPC_DISCONNECT) { - res = ((res != PSA_SUCCESS) ? res : PSA_TEST_ERROR); - } - - psa_reply(msg.handle, PSA_SUCCESS); - - return res; -} - -PSA_TEST_SERVER(identity_during_connect) -{ - psa_status_t test_status = PSA_SUCCESS; - psa_status_t disconnect_status = PSA_SUCCESS; - psa_msg_t msg = {0}; - int32_t identity = 0; - - psa_signal_t signals = psa_wait(TEST_MSK, PSA_BLOCK); - if ((signals & TEST_MSK) == 0) { - test_status = PSA_TEST_ERROR; - } - - if (PSA_SUCCESS != psa_get(TEST_MSK, &msg)) { - SPM_PANIC("psa_get() failed\n"); - } - - if (msg.type != PSA_IPC_CONNECT) { - test_status = ((test_status != PSA_SUCCESS) ? test_status : PSA_TEST_ERROR); - } - - identity = msg.client_id; - *status_ptr = (identity == -1) ? PSA_SUCCESS : PSA_TEST_ERROR; - - psa_reply(msg.handle, PSA_SUCCESS); - - disconnect_status = process_disconnect_request(); - test_status = (test_status != PSA_SUCCESS) ? test_status : disconnect_status; - - return test_status; -} - -PSA_TEST_SERVER(identity_during_call) -{ - psa_status_t test_status = PSA_SUCCESS; - psa_status_t disconnect_status = PSA_SUCCESS; - psa_msg_t msg = {0}; - int32_t identity = 0; - psa_signal_t signals = 0; - - test_status = process_connect_request(); - if (test_status != PSA_SUCCESS) { - return test_status; - } - - signals = psa_wait(TEST_MSK, PSA_BLOCK); - if ((signals & TEST_MSK) == 0) { - test_status = PSA_TEST_ERROR; - } - - if (PSA_SUCCESS != psa_get(TEST_MSK, &msg)) { - SPM_PANIC("psa_get() failed\n"); - } - - if (msg.type != PSA_IPC_CALL) { - test_status = ((test_status != PSA_SUCCESS) ? test_status : PSA_TEST_ERROR); - } - - identity = msg.client_id; - *status_ptr = (identity == -1) ? PSA_SUCCESS : PSA_TEST_ERROR; - - psa_reply(msg.handle, PSA_SUCCESS); - - disconnect_status = process_disconnect_request(); - test_status = (test_status != PSA_SUCCESS) ? test_status : disconnect_status; - - return test_status; -} - -PSA_TEST_SERVER(msg_size_assertion) -{ - psa_status_t test_status = PSA_SUCCESS; - psa_status_t disconnect_status = PSA_SUCCESS; - psa_msg_t msg = {0}; - psa_signal_t signals = 0; - size_t read_size = 0; - - char *buff = malloc(sizeof(char) * 11); - if (NULL == buff) { - SPM_PANIC("memory allocation failure\n"); - } - memset(buff, 0, 11); - - test_status = process_connect_request(); - if (test_status != PSA_SUCCESS) { - free(buff); - return test_status; - } - - signals = psa_wait(TEST_MSK, PSA_BLOCK); - if ((signals & TEST_MSK) == 0) { - test_status = PSA_TEST_ERROR; - } - - if (PSA_SUCCESS != psa_get(TEST_MSK, &msg)) { - SPM_PANIC("psa_get() failed\n"); - } - - if (msg.type != PSA_IPC_CALL) { - test_status = ((test_status != PSA_SUCCESS) ? test_status : PSA_TEST_ERROR); - } - for (size_t i = 0; i < PSA_MAX_IOVEC; i++) { - read_size += psa_read(msg.handle, i, buff + read_size, msg.in_size[i]); - } - - if (((msg.in_size[0] + msg.in_size[1] + msg.in_size[2] + msg.in_size[3]) != 11) || - (read_size != 11) || - (strncmp(buff, "abcdfghijkn", 11) != 0)) { - *status_ptr = PSA_TEST_ERROR; - } else { - *status_ptr = PSA_SUCCESS; - } - - psa_reply(msg.handle, test_status); - free(buff); - disconnect_status = process_disconnect_request(); - test_status = (test_status != PSA_SUCCESS) ? test_status : disconnect_status; - return test_status; -} - -PSA_TEST_SERVER(reject_connection) -{ - psa_status_t res = PSA_SUCCESS; - psa_msg_t msg = {0}; - psa_signal_t signals = psa_wait(TEST_MSK, PSA_BLOCK); - if ((signals & TEST_MSK) == 0) { - res = PSA_TEST_ERROR; - } - - if (PSA_SUCCESS != psa_get(TEST_MSK, &msg)) { - SPM_PANIC("psa_get() failed\n"); - } - - if (msg.type != PSA_IPC_CONNECT) { - res = ((res != PSA_SUCCESS) ? res : PSA_TEST_ERROR); - } - - psa_reply(msg.handle, PSA_CONNECTION_REFUSED); - *status_ptr = res; - return res; -} - -PSA_TEST_SERVER(read_at_outofboud_offset) -{ - psa_signal_t signals = 0; - psa_msg_t msg = {0}; - psa_status_t test_status = PSA_SUCCESS; - psa_status_t disconnect_status = PSA_SUCCESS; - uint32_t buff = 52; - - test_status = process_connect_request(); - if (test_status != PSA_SUCCESS) { - return test_status; - } - - signals = psa_wait(TEST_MSK, PSA_BLOCK); - if ((signals & TEST_MSK) == 0) { - test_status = PSA_TEST_ERROR; - } - - if (PSA_SUCCESS != psa_get(TEST_MSK, &msg)) { - SPM_PANIC("psa_get() failed\n"); - } - - if (msg.type != PSA_IPC_CALL) { - test_status = ((test_status != PSA_SUCCESS) ? test_status : PSA_TEST_ERROR); - } - - size_t read_size = psa_read(msg.handle, 1, &buff, sizeof(buff)); - if ((0 != read_size) || (52 != buff)) { - *status_ptr = PSA_TEST_ERROR; - } else { - *status_ptr = PSA_SUCCESS; - } - - psa_reply(msg.handle, test_status); - disconnect_status = process_disconnect_request(); - test_status = (test_status != PSA_SUCCESS) ? test_status : disconnect_status; - return test_status; -} - - -PSA_TEST_SERVER(msg_read_truncation) -{ - psa_status_t test_status = PSA_SUCCESS; - psa_status_t disconnect_status = PSA_SUCCESS; - psa_msg_t msg = {0}; - psa_signal_t signals = 0; - size_t read_size = 0; - char *buff = malloc(sizeof(char) * 11); - if (NULL == buff) { - SPM_PANIC("memory allocation failure\n"); - } - memset(buff, 0, 11); - - test_status = process_connect_request(); - if (test_status != PSA_SUCCESS) { - free(buff); - return test_status; - } - - signals = psa_wait(TEST_MSK, PSA_BLOCK); - if ((signals & TEST_MSK) == 0) { - test_status = PSA_TEST_ERROR; - } - - if (PSA_SUCCESS != psa_get(TEST_MSK, &msg)) { - SPM_PANIC("psa_get() failed\n"); - } - - if (msg.type != PSA_IPC_CALL) { - test_status = ((test_status != PSA_SUCCESS) ? test_status : PSA_TEST_ERROR); - } - - read_size = psa_read(msg.handle, 1, buff, 11); - if ((msg.in_size[1] != read_size) || - ((msg.in_size[0] + msg.in_size[1] + msg.in_size[2]) != 11) || - (buff[6] != 0) || - (strncmp(buff, "fghijk", 6) != 0)) { - *status_ptr = PSA_TEST_ERROR; - } else { - *status_ptr = PSA_SUCCESS; - } - - psa_reply(msg.handle, test_status); - disconnect_status = process_disconnect_request(); - free(buff); - test_status = (test_status != PSA_SUCCESS) ? test_status : disconnect_status; - return test_status; -} - -PSA_TEST_SERVER(skip_zero) -{ - psa_status_t test_status = PSA_SUCCESS; - psa_status_t disconnect_status = PSA_SUCCESS; - psa_msg_t msg = {0}; - psa_signal_t signals = 0; - size_t read_size = 0; - size_t skip_size = 0; - char *buff = malloc(sizeof(char) * 11); - if (NULL == buff) { - SPM_PANIC("memory allocation failure\n"); - } - - test_status = process_connect_request(); - if (test_status != PSA_SUCCESS) { - free(buff); - return test_status; - } - - signals = psa_wait(TEST_MSK, PSA_BLOCK); - if ((signals & TEST_MSK) == 0) { - test_status = PSA_TEST_ERROR; - } - - if (PSA_SUCCESS != psa_get(TEST_MSK, &msg)) { - SPM_PANIC("psa_get() failed\n"); - } - - if (msg.type != PSA_IPC_CALL) { - test_status = ((test_status != PSA_SUCCESS) ? test_status : PSA_TEST_ERROR); - } - - skip_size = psa_skip(msg.handle, 0, 0); - read_size = psa_read(msg.handle, 0, buff, 11); - if ((skip_size != 0) || - (read_size != 11) || - (strncmp(buff, "abcdefghijk", 11)) != 0) { - *status_ptr = PSA_TEST_ERROR; - } else { - *status_ptr = PSA_SUCCESS; - } - - psa_reply(msg.handle, test_status); - disconnect_status = process_disconnect_request(); - free(buff); - test_status = (test_status != PSA_SUCCESS) ? test_status : disconnect_status; - return test_status; -} - -PSA_TEST_SERVER(skip_some) -{ - psa_status_t test_status = PSA_SUCCESS; - psa_status_t disconnect_status = PSA_SUCCESS; - psa_msg_t msg = {0}; - psa_signal_t signals = 0; - size_t read_size1 = 0; - size_t read_size2 = 0; - size_t skip_size = 0; - char *buff = malloc(sizeof(char) * 11); - if (NULL == buff) { - SPM_PANIC("memory allocation failure\n"); - } - - test_status = process_connect_request(); - if (test_status != PSA_SUCCESS) { - free(buff); - return test_status; - } - - signals = psa_wait(TEST_MSK, PSA_BLOCK); - if ((signals & TEST_MSK) == 0) { - test_status = PSA_TEST_ERROR; - } - - if (PSA_SUCCESS != psa_get(TEST_MSK, &msg)) { - SPM_PANIC("psa_get() failed\n"); - } - - if (msg.type != PSA_IPC_CALL) { - test_status = ((test_status != PSA_SUCCESS) ? test_status : PSA_TEST_ERROR); - } - - read_size1 = psa_read(msg.handle, 0, buff, 3); - skip_size = psa_skip(msg.handle, 0, 5); - read_size2 = psa_read(msg.handle, 0, buff + 3, 8); - if ((read_size1 != 3) || - (skip_size != 5) || - (read_size2 != 8) || - (strncmp(buff, "abcijklmnop", 11) != 0)) { - *status_ptr = PSA_TEST_ERROR; - } else { - *status_ptr = PSA_SUCCESS; - } - - psa_reply(msg.handle, test_status); - disconnect_status = process_disconnect_request(); - free(buff); - test_status = (test_status != PSA_SUCCESS) ? test_status : disconnect_status; - return test_status; -} - -PSA_TEST_SERVER(skip_more_than_left) -{ - psa_status_t test_status = PSA_SUCCESS; - psa_status_t disconnect_status = PSA_SUCCESS; - psa_msg_t msg = {0}; - psa_signal_t signals = 0; - size_t read_size1 = 0; - size_t read_size2 = 0; - size_t skip_size = 0; - char *buff = malloc(sizeof(char) * 8); - if (NULL == buff) { - SPM_PANIC("memory allocation failure\n"); - } - - test_status = process_connect_request(); - if (test_status != PSA_SUCCESS) { - free(buff); - return test_status; - } - - signals = psa_wait(TEST_MSK, PSA_BLOCK); - if ((signals & TEST_MSK) == 0) { - test_status = PSA_TEST_ERROR; - } - - if (PSA_SUCCESS != psa_get(TEST_MSK, &msg)) { - SPM_PANIC("psa_get() failed\n"); - } - - if (msg.type != PSA_IPC_CALL) { - test_status = ((test_status != PSA_SUCCESS) ? test_status : PSA_TEST_ERROR); - } - - read_size1 = psa_read(msg.handle, 0, buff, 5); - skip_size = psa_skip(msg.handle, 0, 4); - read_size2 = psa_read(msg.handle, 0, buff + 5, 2); - if ((read_size1 != 5) || - (skip_size != 3) || - (read_size2 != 0) || - (strncmp(buff, "abcde", 5) != 0)) { - *status_ptr = PSA_TEST_ERROR; - } else { - *status_ptr = PSA_SUCCESS; - } - - psa_reply(msg.handle, test_status); - disconnect_status = process_disconnect_request(); - free(buff); - test_status = (test_status != PSA_SUCCESS) ? test_status : disconnect_status; - return test_status; -} - -PSA_TEST_SERVER(rhandle_factorial) -{ - psa_signal_t signals = 0; - psa_msg_t msg = {0}; - factorial_data_t *num = NULL; - factorial_data_t *asserted_ptr = NULL; - uint32_t connect_count = 0; - uint32_t call_count = 0; - uint32_t disconnect_count = 0; - - while (1) { - signals = psa_wait(TEST_MSK, PSA_BLOCK); - if (0 == (signals & TEST_MSK)) { - SPM_PANIC("returned from psa_wait without TEST_MSK bit on\n"); - } - - if (PSA_SUCCESS != psa_get(TEST_MSK, &msg)) { - SPM_PANIC("psa_get() failed\n"); - } - - switch (msg.type) { - case PSA_IPC_CONNECT: - if (NULL != msg.rhandle) { - SPM_PANIC("got rhandle on connect message\n"); - } - - num = (factorial_data_t *)malloc(sizeof(factorial_data_t)); - if (NULL == num) { - SPM_PANIC("memory allocation failure\n"); - } - num->count = 0; - num->val = 1; - psa_set_rhandle(msg.handle, num); - asserted_ptr = num; - connect_count++; - break; - case PSA_IPC_CALL: - if (msg.in_size[0] + msg.in_size[1] + msg.in_size[2] > 0) { - SPM_PANIC("ROT_SRV_FACTORIAL ROT_SRV should not get any params\n"); - } - - if (NULL == msg.rhandle) { - SPM_PANIC("got NULL rhandle on call message\n"); - } - - if (asserted_ptr != msg.rhandle) { - SPM_PANIC("rhandle value changed between calls\n"); - } - - num = (factorial_data_t *)msg.rhandle; - num->count++; - num->val *= num->count; - psa_write(msg.handle, 0, &(num->val), sizeof(num->val)); - call_count++; - break; - case PSA_IPC_DISCONNECT: - if (NULL == msg.rhandle) { - SPM_PANIC("got NULL rhandle on disconnect message\n"); - } - - if (asserted_ptr != msg.rhandle) { - SPM_PANIC("rhandle value changed between calls\n"); - } - - // Setting rhandle during disconnection should have no effect - uint8_t my_rhandle = 10; - psa_set_rhandle(msg.handle, &my_rhandle); - - free(msg.rhandle); - disconnect_count++; - break; - default: - SPM_PANIC("Unexpected message type %lu!", msg.type); - } - - num = NULL; - psa_reply(msg.handle, PSA_SUCCESS); - if (disconnect_count > 0) { - break; - } - } - - if ((connect_count != 1) || - (call_count != 5) || - (disconnect_count != 1)) { - *status_ptr = PSA_TEST_ERROR; - } else { - *status_ptr = PSA_SUCCESS; - } - - return *status_ptr; -} - -PSA_TEST_SERVER(cross_partition_call) -{ - psa_signal_t signals = 0; - psa_msg_t msg = {0}; - psa_status_t test_status = PSA_SUCCESS; - psa_status_t disconnect_status = PSA_SUCCESS; - psa_status_t partition_call_status = PSA_SUCCESS; - uint32_t data_read = 0; - uint32_t str_len = 0; - char *buff = malloc(sizeof(char) * 60); - - if (NULL == buff) { - SPM_PANIC("memory allocation failure\n"); - } - - memset(buff, 0, 60); - - test_status = process_connect_request(); - if (test_status != PSA_SUCCESS) { - free(buff); - return test_status; - } - - signals = psa_wait(TEST_MSK, PSA_BLOCK); - if ((signals & TEST_MSK) == 0) { - test_status = PSA_TEST_ERROR; - } - - if (PSA_SUCCESS != psa_get(TEST_MSK, &msg)) { - SPM_PANIC("psa_get() failed\n"); - } - - if ((msg.in_size[0] + msg.in_size[1] + msg.in_size[2]) == 0) { - test_status = ((test_status != PSA_SUCCESS) ? test_status : PSA_TEST_ERROR); - } - - str_len = msg.in_size[0]; - data_read = psa_read(msg.handle, 0, buff, str_len); - if (data_read != 21) { - test_status = ((test_status != PSA_SUCCESS) ? test_status : PSA_TEST_ERROR); - } - - memcpy(buff + str_len, buff, str_len); - data_read *= 2; - - psa_invec data = { buff, data_read }; - - psa_outvec resp = { buff, data_read }; - psa_handle_t conn_handle = psa_connect(SERVER_TESTS_PART2_ROT_SRV_REVERSE, 5); - if (conn_handle <= 0) { - partition_call_status = PSA_TEST_ERROR; - } - - if (partition_call_status == PSA_SUCCESS) { - partition_call_status = psa_call(conn_handle, &data, 1, &resp, 1); - } - - *status_ptr = partition_call_status; - if (partition_call_status == PSA_SUCCESS) { - psa_close(conn_handle); - } - - if (PSA_SUCCESS == partition_call_status) { - psa_write(msg.handle, 0, buff, data_read); - } - - psa_reply(msg.handle, partition_call_status); - free(buff); - disconnect_status = process_disconnect_request(); - test_status = (test_status != PSA_SUCCESS) ? test_status : disconnect_status; - return test_status; -} - -// Test a common DOORBELL scenario -PSA_TEST_SERVER(doorbell_test) -{ - psa_signal_t signals = 0; - psa_msg_t msg = {0}; - psa_status_t test_status = PSA_SUCCESS; - psa_status_t disconnect_status = PSA_SUCCESS; - psa_status_t partition_call_status = PSA_SUCCESS; - - - test_status = process_connect_request(); - if (test_status != PSA_SUCCESS) { - return test_status; - } - - signals = psa_wait(TEST_MSK, PSA_BLOCK); - if ((signals & TEST_MSK) == 0) { - test_status = PSA_TEST_ERROR; - } - - if (PSA_SUCCESS != psa_get(TEST_MSK, &msg)) { - SPM_PANIC("psa_get() failed\n"); - } - - if (((msg.in_size[0] + msg.in_size[1] + msg.in_size[2]) != 0) || (msg.out_size[0] != 0)) { - test_status = ((test_status != PSA_SUCCESS) ? test_status : PSA_TEST_ERROR); - } - - // -- Connection with partition2 - START - psa_handle_t conn_handle = psa_connect(SERVER_TESTS_PART2_ROT_SRV_DB_TST, 5); - if (conn_handle <= 0) { - partition_call_status = PSA_TEST_ERROR; - } - - if (partition_call_status == PSA_SUCCESS) { - partition_call_status = psa_call(conn_handle, NULL, 0, NULL, 0); - } - - if (partition_call_status == PSA_SUCCESS) { - // Wait for doorball notification - Only after that call psa_reply() for the client called you - signals = psa_wait(PSA_DOORBELL, PSA_BLOCK); - if ((signals & PSA_DOORBELL) == 0) { - partition_call_status = PSA_TEST_ERROR; - } - } - - if (partition_call_status == PSA_SUCCESS) { - psa_clear(); - psa_close(conn_handle); - } - // -- Connection with partition2 - END - - *status_ptr = partition_call_status; - - psa_reply(msg.handle, partition_call_status); - disconnect_status = process_disconnect_request(); - - test_status = (test_status != PSA_SUCCESS) ? test_status : disconnect_status; - - return test_status; -} - - -psa_test_server_side_func test_list[] = { - PSA_TEST_SERVER_NAME(identity_during_connect), - PSA_TEST_SERVER_NAME(identity_during_call), - PSA_TEST_SERVER_NAME(msg_size_assertion), - PSA_TEST_SERVER_NAME(reject_connection), - PSA_TEST_SERVER_NAME(read_at_outofboud_offset), - PSA_TEST_SERVER_NAME(msg_read_truncation), - PSA_TEST_SERVER_NAME(skip_zero), - PSA_TEST_SERVER_NAME(skip_some), - PSA_TEST_SERVER_NAME(skip_more_than_left), - PSA_TEST_SERVER_NAME(rhandle_factorial), - PSA_TEST_SERVER_NAME(cross_partition_call), - NULL -}; diff --git a/TESTS/psa/spm_server/server_tests.h b/TESTS/psa/spm_server/server_tests.h deleted file mode 100644 index 89cb2f5..0000000 --- a/TESTS/psa/spm_server/server_tests.h +++ /dev/null @@ -1,57 +0,0 @@ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef __UVISOR_MBED_SPM_SERVER_TESTS_H__ -#define __UVISOR_MBED_SPM_SERVER_TESTS_H__ - -typedef enum { - START_TEST = 1, - GET_TEST_RESULT = 2 -} test_action_t; - -typedef struct factorial_data { - uint32_t count; - uint32_t val; -} factorial_data_t; - -typedef psa_status_t (*psa_test_server_side_func)(psa_status_t *); -#define PSA_TEST_ERROR (-1L) -#define PSA_TEST_CLIENT_NAME(name) psa_test_client_side_ ## name -#define PSA_TEST_SERVER_NAME(name) psa_test_server_side_ ## name - -#define PSA_TEST_CLIENT(name) void PSA_TEST_CLIENT_NAME(name) (void) -#define PSA_TEST_SERVER(name) psa_status_t PSA_TEST_SERVER_NAME(name) (psa_status_t *status_ptr) - -#define PSA_TEST(name) \ - PSA_TEST_CLIENT(name); \ - PSA_TEST_SERVER(name); \ - - -PSA_TEST(identity_during_connect) -PSA_TEST(identity_during_call) -PSA_TEST(get_msg_twice) -PSA_TEST(msg_size_assertion) -PSA_TEST(reject_connection) -PSA_TEST(read_at_outofboud_offset) -PSA_TEST(msg_read_truncation) -PSA_TEST(skip_zero) -PSA_TEST(skip_some) -PSA_TEST(skip_more_than_left) -PSA_TEST(rhandle_factorial) -PSA_TEST(cross_partition_call) -PSA_TEST(doorbell_test) -#endif /* __UVISOR_MBED_SPM_SERVER_TESTS_H__ */ diff --git a/TESTS/psa/spm_server/server_tests_part1_psa.json b/TESTS/psa/spm_server/server_tests_part1_psa.json deleted file mode 100644 index 0407796..0000000 --- a/TESTS/psa/spm_server/server_tests_part1_psa.json +++ /dev/null @@ -1,34 +0,0 @@ -{ - "name": "SERVER_TESTS_PART1", - "type": "APPLICATION-ROT", - "priority": "NORMAL", - "id": "0x00000002", - "entry_point": "server_part1_main", - "stack_size": "0x400", - "heap_size": "0x400", - "services": [{ - "name": "SERVER_TESTS_PART1_CONTROL", - "identifier": "0x00001A01", - "signal": "CONTROL_MSK", - "non_secure_clients": true, - "minor_version": 5, - "minor_policy": "RELAXED" - }, - { - "name": "SERVER_TESTS_PART1_TEST", - "identifier": "0x00001A02", - "signal": "TEST_MSK", - "non_secure_clients": true, - "minor_version": 12, - "minor_policy": "STRICT" - } - ], - "extern_sids": [ - "SERVER_TESTS_PART2_ROT_SRV_REVERSE", - "SERVER_TESTS_PART2_ROT_SRV_DB_TST" - ], - "source_files": [ - "COMPONENT_SPE/server_tests_partition1.c", - "COMPONENT_SPE/tests.c" - ] -} diff --git a/TESTS/psa/spm_server/server_tests_part2_psa.json b/TESTS/psa/spm_server/server_tests_part2_psa.json deleted file mode 100644 index caee244..0000000 --- a/TESTS/psa/spm_server/server_tests_part2_psa.json +++ /dev/null @@ -1,30 +0,0 @@ -{ - "name": "SERVER_TESTS_PART2", - "type": "APPLICATION-ROT", - "priority": "NORMAL", - "id": "0x00000003", - "entry_point": "server_part2_main", - "stack_size": "0x400", - "heap_size": "0x400", - "services": [{ - "name": "SERVER_TESTS_PART2_ROT_SRV_REVERSE", - "identifier": "0x00001A03", - "signal": "ROT_SRV_REVERSE_MSK", - "non_secure_clients": false, - "minor_version": 5, - "minor_policy": "STRICT" - }, - { - "name": "SERVER_TESTS_PART2_ROT_SRV_DB_TST", - "identifier": "0x00001A04", - "signal": "ROT_SRV_DB_TST_MSK", - "non_secure_clients": false, - "minor_version": 5, - "minor_policy": "STRICT" - } - ], - "source_files": [ - "COMPONENT_SPE/server_tests_partition2.c", - "COMPONENT_SPE/tests.c" - ] -} diff --git a/TESTS/psa/spm_smoke/COMPONENT_NSPE/main.cpp b/TESTS/psa/spm_smoke/COMPONENT_NSPE/main.cpp deleted file mode 100644 index 775ec2c..0000000 --- a/TESTS/psa/spm_smoke/COMPONENT_NSPE/main.cpp +++ /dev/null @@ -1,96 +0,0 @@ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - - -#ifndef COMPONENT_PSA_SRV_IPC -#error [NOT_SUPPORTED] SPM tests can run only on SPM-enabled targets -#else - -/* -------------------------------------- Includes ----------------------------------- */ - -#include "greentea-client/test_env.h" -#include "unity.h" -#include "utest.h" -#include "psa/client.h" -#include "psa_manifest/sid.h" -#include - -#if defined(TARGET_TFM) -#define PSA_MAX_IOVEC 4 -#endif - -using namespace utest::v1; - -/* ------------------------------------ Definitions ---------------------------------- */ - -#define CLIENT_MINOR_VERSION 0 -#define CLIENT_RSP_BUF_SIZE 20 - -#define CLIENT_TX_MSG "Hello and welcome SPM" -#define CLIENT_EXPECTED_RESPONSE "Response1" - -/* ------------------------------------ Client Code ---------------------------------- */ - -char msg_buf[] = CLIENT_TX_MSG; - -void example_main(void) -{ - psa_handle_t conn_handle = psa_connect(SMOKE_TESTS_PART1_ROT_SRV1, CLIENT_MINOR_VERSION); - TEST_ASSERT_MESSAGE(conn_handle > 0, "psa_connect() failed"); - - - psa_invec iovec[PSA_MAX_IOVEC - 1] = { - { msg_buf, 6 }, - { msg_buf + 6, 12 }, - { msg_buf + 18, 4 } - }; - - uint8_t *response_buf = (uint8_t *)malloc(sizeof(uint8_t) * CLIENT_RSP_BUF_SIZE); - memset(response_buf, 0, CLIENT_RSP_BUF_SIZE); - psa_outvec outvec = {response_buf, CLIENT_RSP_BUF_SIZE}; - - psa_status_t status = psa_call(conn_handle, iovec, PSA_MAX_IOVEC - 1, &outvec, 1); - TEST_ASSERT_MESSAGE(PSA_SUCCESS == status, "psa_call() failed"); - TEST_ASSERT_EQUAL_STRING(CLIENT_EXPECTED_RESPONSE, response_buf); - - free(response_buf); - psa_close(conn_handle); -} - -// --------------------------------- Test Framework ---------------------------------- */ - -utest::v1::status_t greentea_setup(const size_t number_of_cases) -{ - GREENTEA_SETUP(20, "default_auto"); - return greentea_test_setup_handler(number_of_cases); -} - -Case cases[] = { - Case("example", example_main) -}; - -// Declare your test specification with a custom setup handler -Specification specification(greentea_setup, cases); - -int main(int, char **) -{ - // Run the test specification - Harness::run(specification); - return 0; -} - -#endif // COMPONENT_PSA_SRV_IPC diff --git a/TESTS/psa/spm_smoke/COMPONENT_SPE/smoke_tests_partition.c b/TESTS/psa/spm_smoke/COMPONENT_SPE/smoke_tests_partition.c deleted file mode 100644 index f794598..0000000 --- a/TESTS/psa/spm_smoke/COMPONENT_SPE/smoke_tests_partition.c +++ /dev/null @@ -1,122 +0,0 @@ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -// -------------------------------------- Includes ----------------------------------- - -#include -#include -#include "psa/client.h" -#include "psa/service.h" -#include "mbed_spm_partitions.h" - -// ------------------------------------ Definitions ---------------------------------- - -#define SERVER_READ_MSG_BUF_SIZE 30 -#define SERVER_RSP_BUF_SIZE 20 -#define ACTUAL_MSG_SIZE 22 - -// ---------------------------------- Global Variables ------------------------------- - -const char SERVER_EXPECTED_READ_MSG[] = "Hello and welcome SPM"; -const char WRITE_MSG_BUF[] = "Response1"; - -// ------------------------------ Partition's Main Thread ---------------------------- - -void smoke_part_main(void *ptr) -{ - uint32_t signals = 0; - int32_t client_id = 0; - psa_msg_t msg = {0}; - - while (1) { - - signals = psa_wait(ROT_SRV1_MSK, PSA_BLOCK); - if ((signals & ROT_SRV1_MSK) != ROT_SRV1_MSK) { - SPM_PANIC("Received unknown signal (0x%08lx)\n", signals); - } - - if (PSA_SUCCESS != psa_get(ROT_SRV1_MSK, &msg)) { - continue; - } - - if (msg.handle != PSA_NULL_HANDLE) { - client_id = msg.client_id; - if (client_id != -1) { - SPM_PANIC("Received message from unexpected source (0x%08lx)\n", client_id); - } - } - - switch (msg.type) { - case PSA_IPC_CALL: { - if ( - ((msg.in_size[0] + msg.in_size[1] + msg.in_size[2] + msg.in_size[3]) != ACTUAL_MSG_SIZE) || - (msg.out_size[0] != SERVER_RSP_BUF_SIZE) - ) { - SPM_PANIC("Received message does not comply with message convention"); - } - - - char *read_msg_buf = malloc(sizeof(char) * SERVER_READ_MSG_BUF_SIZE); - if (NULL == read_msg_buf) { - SPM_PANIC("Failed to allocate Memory"); - } - memset(read_msg_buf, 0, SERVER_READ_MSG_BUF_SIZE); - char *read_ptr = read_msg_buf; - - for (size_t i = 0; i < PSA_MAX_IOVEC - 1; i++) { - uint32_t bytes_read = psa_read(msg.handle, i, read_ptr, msg.in_size[i]); - if (bytes_read != msg.in_size[i]) { - SPM_PANIC("Expected to read %zu, got %lu", msg.in_size[i], bytes_read); - } - - read_ptr += bytes_read; - } - - int cmp_res = strcmp(SERVER_EXPECTED_READ_MSG, read_msg_buf); - if (cmp_res != 0) { - SPM_PANIC("psa_read() - Bad reading!!"); - } - - psa_write(msg.handle, 0, WRITE_MSG_BUF, strlen(WRITE_MSG_BUF) + 1); - free(read_msg_buf); - read_msg_buf = NULL; - read_ptr = NULL; - break; - } - case PSA_IPC_DISCONNECT: - // Fallthrough - case PSA_IPC_CONNECT: { - if ( - (msg.out_size[0] != 0) || (msg.out_size[1] != 0) || - (msg.out_size[2] != 0) || (msg.out_size[3] != 0) || - (msg.in_size[0] != 0) || (msg.in_size[1] != 0) || - (msg.in_size[2] != 0) || (msg.in_size[3] != 0) - ) { - SPM_PANIC("Should not receive iovecs in PSA_IPC_CONNECT or PSA_IPC_DISCONNECT"); - } - - break; - } - default: - SPM_PANIC("Unexpected message type %lu!", msg.type); - break; - } - - psa_reply(msg.handle, PSA_SUCCESS); - } -} - diff --git a/TESTS/psa/spm_smoke/smoke_tests_part1_psa.json b/TESTS/psa/spm_smoke/smoke_tests_part1_psa.json deleted file mode 100644 index 20d216e..0000000 --- a/TESTS/psa/spm_smoke/smoke_tests_part1_psa.json +++ /dev/null @@ -1,21 +0,0 @@ -{ - "name": "SMOKE_TESTS_PART1", - "type": "APPLICATION-ROT", - "priority": "NORMAL", - "id": "0x00000004", - "entry_point": "smoke_part_main", - "stack_size": "0x200", - "heap_size": "0x400", - "services": [{ - "name": "SMOKE_TESTS_PART1_ROT_SRV1", - "identifier": "0x00001A00", - "signal": "ROT_SRV1_MSK", - "non_secure_clients": true, - "minor_version": 5, - "minor_policy": "RELAXED" - } - ], - "source_files": [ - "COMPONENT_SPE/smoke_tests_partition.c" - ] -} diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/bl2/include/tfm_boot_status.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/bl2/include/tfm_boot_status.h deleted file mode 100644 index f31743b..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/bl2/include/tfm_boot_status.h +++ /dev/null @@ -1,217 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#ifndef __TFM_BOOT_STATUS_H__ -#define __TFM_BOOT_STATUS_H__ - -#include -#include - - -#ifdef __cplusplus -extern "C" { -#endif - -/* Major numbers (4 bit) to identify - * the consumer of shared data in runtime SW - */ -#define TLV_MAJOR_CORE 0x0 -#define TLV_MAJOR_IAS 0x1 - -/** - * The shared data between boot loader and runtime SW is TLV encoded. The - * shared data is stored in a well known location in secure memory and this is - * a contract between boot loader and runtime SW. - * - * The structure of shared data must be the following: - * - At the beginning there must be a header: struct shared_data_tlv_header - * This contains a magic number and a size field which covers the entire - * size of the shared data area including this header. - * - After the header there come the entries which are composed from an entry - * header structure: struct shared_data_tlv_entry and the data. In the entry - * header is a type field (tly_type) which identify the consumer of the - * entry in the runtime SW and specify the subtype of that data item. There - * is a size field (tlv_len) which covers the size of the entry header and - * the data. After this structure comes the actual data. - * - Arbitrary number and size of data entry can be in the shared memory area. - * - * This table gives of overview about the tlv_type field in the entry header. - * The tlv_type always composed from a major and minor number. Major number - * identifies the addressee in runtime SW, who should process the data entry. - * Minor number used to encode more info about the data entry. The actual - * definition of minor number could change per major number. In case of boot - * status data, which is going to be processed by initial attestation service - * the minor number is split further to two part: sw_module and claim. The - * sw_module identifies the SW component in the system which the data item - * belongs to and the claim part identifies the exact type of the data. - * - * |---------------------------------------| - * | tlv_type (16) | - * |---------------------------------------| - * | tlv_major(4)| tlv_minor(12) | - * |---------------------------------------| - * | MAJOR_IAS | sw_module(6) | claim(6) | - * |---------------------------------------| - * | MAJOR_CORE | TBD | - * |---------------------------------------| - */ - -/* Initial attestation: SW components / SW modules - * This list is intended to be adjusted per device. It contains more SW - * components than currently available in TF-M project. It serves as an example, - * what kind of SW components might be available. - */ -#define SW_GENERAL 0x00 -#define SW_BL2 0x01 -#define SW_PROT 0x02 -#define SW_AROT 0x03 -#define SW_SPE 0x04 -#define SW_NSPE 0x05 -#define SW_S_NS 0x06 -#define SW_MAX 0x07 - -/* Initial attestation: Claim per SW components / SW modules */ -/* Bits: 0-2 */ -#define SW_VERSION 0x00 -#define SW_SIGNER_ID 0x01 -#define SW_EPOCH 0x02 -#define SW_TYPE 0x03 -/* Bits: 3-5 */ -#define SW_MEASURE_VALUE 0x08 -#define SW_MEASURE_TYPE 0x09 - -/* Initial attestation: General claim does not belong any particular SW - * component. But they might be part of the boot status. - */ -#define BOOT_SEED 0x00 -#define HW_VERSION 0x01 -#define SECURITY_LIFECYCLE 0x02 - -/* Minor numbers (12 bit) to identify attestation service related data */ -#define TLV_MINOR_IAS_BOOT_SEED ((SW_GENERAL << 6) | BOOT_SEED) -#define TLV_MINOR_IAS_HW_VERSION ((SW_GENERAL << 6) | HW_VERSION) -#define TLV_MINOR_IAS_SLC ((SW_GENERAL << 6) | SECURITY_LIFECYCLE) - -/* Bootloader - It can be more stage */ -#define TLV_MINOR_IAS_BL2_MEASURE_VALUE ((SW_BL2 << 6) | SW_MEASURE_VALUE) -#define TLV_MINOR_IAS_BL2_MEASURE_TYPE ((SW_BL2 << 6) | SW_MEASURE_TYPE) -#define TLV_MINOR_IAS_BL2_VERSION ((SW_BL2 << 6) | SW_VERSION) -#define TLV_MINOR_IAS_BL2_SIGNER_ID ((SW_BL2 << 6) | SW_SIGNER_ID) -#define TLV_MINOR_IAS_BL2_EPOCH ((SW_BL2 << 6) | SW_EPOCH) -#define TLV_MINOR_IAS_BL2_TYPE ((SW_BL2 << 6) | SW_TYPE) - -/* PROT: PSA Root of Trust */ -#define TLV_MINOR_IAS_PROT_MEASURE_VALUE ((SW_PROT << 6) | SW_MEASURE_VALUE) -#define TLV_MINOR_IAS_PROT_MEASURE_TYPE ((SW_PROT << 6) | SW_MEASURE_TYPE) -#define TLV_MINOR_IAS_PROT_VERSION ((SW_PROT << 6) | SW_VERSION) -#define TLV_MINOR_IAS_PROT_SIGNER_ID ((SW_PROT << 6) | SW_SIGNER_ID) -#define TLV_MINOR_IAS_PROT_EPOCH ((SW_PROT << 6) | SW_EPOCH) -#define TLV_MINOR_IAS_PROT_TYPE ((SW_PROT << 6) | SW_TYPE) - -/* AROT: Application Root of Trust */ -#define TLV_MINOR_IAS_AROT_MEASURE_VALUE ((SW_AROT << 6) | SW_MEASURE_VALUE) -#define TLV_MINOR_IAS_AROT_MEASURE_TYPE ((SW_AROT << 6) | SW_MEASURE_TYPE) -#define TLV_MINOR_IAS_AROT_VERSION ((SW_AROT << 6) | SW_VERSION) -#define TLV_MINOR_IAS_AROT_SIGNER_ID ((SW_AROT << 6) | SW_SIGNER_ID) -#define TLV_MINOR_IAS_AROT_EPOCH ((SW_AROT << 6) | SW_EPOCH) -#define TLV_MINOR_IAS_AROT_TYPE ((SW_AROT << 6) | SW_TYPE) - -/* Non-secure processing environment - single non-secure image */ -#define TLV_MINOR_IAS_NSPE_MEASURE_VALUE ((SW_NSPE << 6) | SW_MEASURE_VALUE) -#define TLV_MINOR_IAS_NSPE_MEASURE_TYPE ((SW_NSPE << 6) | SW_MEASURE_TYPE) -#define TLV_MINOR_IAS_NSPE_VERSION ((SW_NSPE << 6) | SW_VERSION) -#define TLV_MINOR_IAS_NSPE_SIGNER_ID ((SW_NSPE << 6) | SW_SIGNER_ID) -#define TLV_MINOR_IAS_NSPE_EPOCH ((SW_NSPE << 6) | SW_EPOCH) -#define TLV_MINOR_IAS_NSPE_TYPE ((SW_NSPE << 6) | SW_TYPE) - -/* Secure processing environment (ARoT + PRoT) - single secure image */ -#define TLV_MINOR_IAS_SPE_MEASURE_VALUE ((SW_SPE << 6) | SW_MEASURE_VALUE) -#define TLV_MINOR_IAS_SPE_MEASURE_TYPE ((SW_SPE << 6) | SW_MEASURE_TYPE) -#define TLV_MINOR_IAS_SPE_VERSION ((SW_SPE << 6) | SW_VERSION) -#define TLV_MINOR_IAS_SPE_SIGNER_ID ((SW_SPE << 6) | SW_SIGNER_ID) -#define TLV_MINOR_IAS_SPE_EPOCH ((SW_SPE << 6) | SW_EPOCH) -#define TLV_MINOR_IAS_SPE_TYPE ((SW_SPE << 6) | SW_TYPE) - -/* SPE + NSPE - combined secure and non-secure image */ -#define TLV_MINOR_IAS_S_NS_MEASURE_VALUE ((SW_S_NS << 6) | SW_MEASURE_VALUE) -#define TLV_MINOR_IAS_S_NS_MEASURE_TYPE ((SW_S_NS << 6) | SW_MEASURE_TYPE) -#define TLV_MINOR_IAS_S_NS_VERSION ((SW_S_NS << 6) | SW_VERSION) -#define TLV_MINOR_IAS_S_NS_SIGNER_ID ((SW_S_NS << 6) | SW_SIGNER_ID) -#define TLV_MINOR_IAS_S_NS_EPOCH ((SW_S_NS << 6) | SW_EPOCH) -#define TLV_MINOR_IAS_S_NS_TYPE ((SW_S_NS << 6) | SW_TYPE) - -/* General macros to handle TLV type */ -#define MAJOR_MASK 0xF /* 4 bit */ -#define MAJOR_POS 12 /* 12 bit */ -#define MINOR_MASK 0xFFF /* 12 bit */ - -#define SET_TLV_TYPE(major, minor) \ - ((((major) & MAJOR_MASK) << MAJOR_POS) | ((minor) & MINOR_MASK)) -#define GET_MAJOR(tlv_type) ((tlv_type) >> MAJOR_POS) -#define GET_MINOR(tlv_type) ((tlv_type) & MINOR_MASK) - -/* Initial attestation specific macros */ -#define MODULE_POS 6 /* 6 bit */ -#define CLAIM_MASK 0x3F /* 6 bit */ -#define MEASUREMENT_CLAIM_POS 3 /* 3 bit */ - -#define GET_IAS_MODULE(tlv_type) (GET_MINOR(tlv_type) >> MODULE_POS) -#define GET_IAS_CLAIM(tlv_type) (GET_MINOR(tlv_type) & CLAIM_MASK) -#define SET_IAS_MINOR(sw_module, claim) (((sw_module) << 6) | (claim)) - -#define GET_IAS_MEASUREMENT_CLAIM(ias_claim) ((ias_claim) >> \ - MEASUREMENT_CLAIM_POS) - -/* Magic value which marks the beginning of shared data area in memory */ -#define SHARED_DATA_TLV_INFO_MAGIC 0x2016 - -/** - * Shared data TLV header. All fields in little endian. - * - * ----------------------------------- - * | tlv_magic(16) | tlv_tot_len(16) | - * ----------------------------------- - */ -struct shared_data_tlv_header { - uint16_t tlv_magic; - uint16_t tlv_tot_len; /* size of whole TLV area (including this header) */ -}; - -#define SHARED_DATA_HEADER_SIZE sizeof(struct shared_data_tlv_header) - -/** - * Shared data TLV entry header format. All fields in little endian. - * - * ------------------------------- - * | tlv_type(16) | tlv_len(16) | - * ------------------------------- - * | Raw data | - * ------------------------------- - */ -struct shared_data_tlv_entry { - uint16_t tlv_type; - uint16_t tlv_len; /* size of single TLV entry (including this header). */ -}; - -/** - * \struct tfm_boot_data - * - * \brief Store the data for the runtime SW - */ -struct tfm_boot_data { - struct shared_data_tlv_header header; - uint8_t data[]; -}; - -#define SHARED_DATA_ENTRY_HEADER_SIZE sizeof(struct shared_data_tlv_entry) -#define SHARED_DATA_ENTRY_SIZE(size) (size + SHARED_DATA_ENTRY_HEADER_SIZE) - -#ifdef __cplusplus -} -#endif - -#endif /* __TFM_BOOT_STATUS_H__ */ diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/inc/tfm_partition_defs.inc b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/inc/tfm_partition_defs.inc deleted file mode 100644 index 042c2a9..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/inc/tfm_partition_defs.inc +++ /dev/null @@ -1,68 +0,0 @@ -/* Copyright (c) 2017-2019 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/******************************************************************************* - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - * THIS FILE IS AN AUTO-GENERATED FILE - DO NOT MODIFY IT. - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - * Template Version 1.0 - * Generated by tools/psa/generate_partition_code.py Version 1.1 - ******************************************************************************/ - -#ifndef __TFM_PARTITION_DEFS_INC__ -#define __TFM_PARTITION_DEFS_INC__ - -/*************************** Service Partitions *******************************/ - -#define ATTEST_SRV_ID (TFM_SP_BASE + 0) -#define CRYPTO_SRV_ID (TFM_SP_BASE + 1) -#define PLATFORM_ID (TFM_SP_BASE + 2) -#define ITS_ID (TFM_SP_BASE + 3) - -/*************************** Test Partitions **********************************/ - -#ifdef USE_PSA_TEST_PARTITIONS - -#ifdef USE_CRYPTO_ACL_TEST -#define CRYPTO_ACL_TEST_ID (TFM_SP_BASE + 4 + 0) -#endif - -#ifdef USE_CLIENT_TESTS_PART1 -#define CLIENT_TESTS_PART1_ID (TFM_SP_BASE + 4 + 1) -#endif - -#ifdef USE_SERVER_TESTS_PART1 -#define SERVER_TESTS_PART1_ID (TFM_SP_BASE + 4 + 2) -#endif - -#ifdef USE_SERVER_TESTS_PART2 -#define SERVER_TESTS_PART2_ID (TFM_SP_BASE + 4 + 3) -#endif - -#ifdef USE_SMOKE_TESTS_PART1 -#define SMOKE_TESTS_PART1_ID (TFM_SP_BASE + 4 + 4) -#endif - -#endif // USE_PSA_TEST_PARTITIONS - -#ifdef USE_PSA_TEST_PARTITIONS -#define TFM_MAX_USER_PARTITIONS (4 + 5) -#else -#define TFM_MAX_USER_PARTITIONS (4) -#endif - -#endif // __TFM_PARTITION_DEFS_INC__ diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/inc/tfm_partition_list.inc b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/inc/tfm_partition_list.inc deleted file mode 100644 index 2a66f26..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/inc/tfm_partition_list.inc +++ /dev/null @@ -1,107 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -/******************************************************************************* - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - * THIS FILE IS AN AUTO-GENERATED FILE - DO NOT MODIFY IT. - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - * Template Version 1.0 - * Generated by tools/psa/generate_partition_code.py Version 1.1 - ******************************************************************************/ - -#ifndef __TFM_PARTITION_LIST_INC__ -#define __TFM_PARTITION_LIST_INC__ - -/*************************** Service Partitions *******************************/ -/* ----------------------------------------------------------------------------- - * ATTEST_SRV - * -------------------------------------------------------------------------- */ -PARTITION_DECLARE(ATTEST_SRV, 0 - | SPM_PART_FLAG_IPC - , "APPLICATION-ROT", 37, NORMAL, 8192); -PARTITION_ADD_INIT_FUNC(ATTEST_SRV, attest_main); - -/* ----------------------------------------------------------------------------- - * CRYPTO_SRV - * -------------------------------------------------------------------------- */ -PARTITION_DECLARE(CRYPTO_SRV, 0 - | SPM_PART_FLAG_IPC - , "APPLICATION-ROT", 35, NORMAL, 16384); -PARTITION_ADD_INIT_FUNC(CRYPTO_SRV, crypto_main); - -/* ----------------------------------------------------------------------------- - * PLATFORM - * -------------------------------------------------------------------------- */ -PARTITION_DECLARE(PLATFORM, 0 - | SPM_PART_FLAG_IPC - , "APPLICATION-ROT", 8, NORMAL, 1024); -PARTITION_ADD_INIT_FUNC(PLATFORM, platform_partition_entry); - -/* ----------------------------------------------------------------------------- - * ITS - * -------------------------------------------------------------------------- */ -PARTITION_DECLARE(ITS, 0 - | SPM_PART_FLAG_IPC - , "APPLICATION-ROT", 10, NORMAL, 2048); -PARTITION_ADD_INIT_FUNC(ITS, its_entry); - -/*************************** Test Partitions **********************************/ -#ifdef USE_PSA_TEST_PARTITIONS - -#ifdef USE_CRYPTO_ACL_TEST -/* ----------------------------------------------------------------------------- - * CRYPTO_ACL_TEST - * -------------------------------------------------------------------------- */ -PARTITION_DECLARE(CRYPTO_ACL_TEST, 0 - | SPM_PART_FLAG_IPC - , "APPLICATION-ROT", 128, NORMAL, 512); -PARTITION_ADD_INIT_FUNC(CRYPTO_ACL_TEST, test_partition_main); -#endif // USE_CRYPTO_ACL_TEST - -#ifdef USE_CLIENT_TESTS_PART1 -/* ----------------------------------------------------------------------------- - * CLIENT_TESTS_PART1 - * -------------------------------------------------------------------------- */ -PARTITION_DECLARE(CLIENT_TESTS_PART1, 0 - | SPM_PART_FLAG_IPC - , "APPLICATION-ROT", 1, NORMAL, 1024); -PARTITION_ADD_INIT_FUNC(CLIENT_TESTS_PART1, client_part_main); -#endif // USE_CLIENT_TESTS_PART1 - -#ifdef USE_SERVER_TESTS_PART1 -/* ----------------------------------------------------------------------------- - * SERVER_TESTS_PART1 - * -------------------------------------------------------------------------- */ -PARTITION_DECLARE(SERVER_TESTS_PART1, 0 - | SPM_PART_FLAG_IPC - , "APPLICATION-ROT", 2, NORMAL, 1024); -PARTITION_ADD_INIT_FUNC(SERVER_TESTS_PART1, server_part1_main); -#endif // USE_SERVER_TESTS_PART1 - -#ifdef USE_SERVER_TESTS_PART2 -/* ----------------------------------------------------------------------------- - * SERVER_TESTS_PART2 - * -------------------------------------------------------------------------- */ -PARTITION_DECLARE(SERVER_TESTS_PART2, 0 - | SPM_PART_FLAG_IPC - , "APPLICATION-ROT", 3, NORMAL, 1024); -PARTITION_ADD_INIT_FUNC(SERVER_TESTS_PART2, server_part2_main); -#endif // USE_SERVER_TESTS_PART2 - -#ifdef USE_SMOKE_TESTS_PART1 -/* ----------------------------------------------------------------------------- - * SMOKE_TESTS_PART1 - * -------------------------------------------------------------------------- */ -PARTITION_DECLARE(SMOKE_TESTS_PART1, 0 - | SPM_PART_FLAG_IPC - , "APPLICATION-ROT", 4, NORMAL, 512); -PARTITION_ADD_INIT_FUNC(SMOKE_TESTS_PART1, smoke_part_main); -#endif // USE_SMOKE_TESTS_PART1 - -#endif // USE_PSA_TEST_PARTITIONS - -#endif // __TFM_PARTITION_LIST_INC__ diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/inc/tfm_service_list.inc b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/inc/tfm_service_list.inc deleted file mode 100644 index 1248107..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/inc/tfm_service_list.inc +++ /dev/null @@ -1,108 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -/******************************************************************************* - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - * THIS FILE IS AN AUTO-GENERATED FILE - DO NOT MODIFY IT. - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - * Template Version 1.0 - * Generated by tools/psa/generate_partition_code.py Version 1.1 - ******************************************************************************/ - -#ifndef __TFM_SERVICE_LIST_INC__ -#define __TFM_SERVICE_LIST_INC__ - -/*************************** Service Partitions *******************************/ -/* ----------------------------------------------------------------------------- - * ATTEST_SRV Services - * -------------------------------------------------------------------------- */ -{"PSA_ATTEST_GET_TOKEN_ID", ATTEST_SRV_ID, PSA_ATTEST_GET_TOKEN, 0x00000F10, true, 1, TFM_VERSION_POLICY_STRICT}, -{"PSA_ATTEST_GET_TOKEN_SIZE_ID", ATTEST_SRV_ID, PSA_ATTEST_GET_TOKEN_SIZE, 0x00000F11, true, 1, TFM_VERSION_POLICY_STRICT}, -{"PSA_ATTEST_INJECT_KEY_ID", ATTEST_SRV_ID, PSA_ATTEST_INJECT_KEY, 0x00000F12, true, 1, TFM_VERSION_POLICY_STRICT}, - -/* ----------------------------------------------------------------------------- - * CRYPTO_SRV Services - * -------------------------------------------------------------------------- */ -{"PSA_CRYPTO_INIT_ID", CRYPTO_SRV_ID, PSA_CRYPTO_INIT, 0x00000F00, true, 1, TFM_VERSION_POLICY_STRICT}, -{"PSA_MAC_ID", CRYPTO_SRV_ID, PSA_MAC, 0x00000F01, true, 1, TFM_VERSION_POLICY_STRICT}, -{"PSA_HASH_ID", CRYPTO_SRV_ID, PSA_HASH, 0x00000F02, true, 1, TFM_VERSION_POLICY_STRICT}, -{"PSA_ASYMMETRIC_ID", CRYPTO_SRV_ID, PSA_ASYMMETRIC, 0x00000F03, true, 1, TFM_VERSION_POLICY_STRICT}, -{"PSA_SYMMETRIC_ID", CRYPTO_SRV_ID, PSA_SYMMETRIC, 0x00000F04, true, 1, TFM_VERSION_POLICY_STRICT}, -{"PSA_AEAD_ID", CRYPTO_SRV_ID, PSA_AEAD, 0x00000F05, true, 1, TFM_VERSION_POLICY_STRICT}, -{"PSA_KEY_MNG_ID", CRYPTO_SRV_ID, PSA_KEY_MNG, 0x00000F06, true, 1, TFM_VERSION_POLICY_STRICT}, -{"PSA_RNG_ID", CRYPTO_SRV_ID, PSA_RNG, 0x00000F07, true, 1, TFM_VERSION_POLICY_STRICT}, -{"PSA_CRYPTO_FREE_ID", CRYPTO_SRV_ID, PSA_CRYPTO_FREE, 0x00000F08, true, 1, TFM_VERSION_POLICY_STRICT}, -{"PSA_KEY_DERIVATION_ID", CRYPTO_SRV_ID, PSA_KEY_DERIVATION, 0x00000F09, true, 1, TFM_VERSION_POLICY_STRICT}, -{"PSA_ENTROPY_ID", CRYPTO_SRV_ID, PSA_ENTROPY_INJECT, 0x00000F0A, true, 1, TFM_VERSION_POLICY_STRICT}, - -/* ----------------------------------------------------------------------------- - * PLATFORM Services - * -------------------------------------------------------------------------- */ -{"PSA_PLATFORM_LC_GET", PLATFORM_ID, PSA_PLATFORM_LC_GET_MSK, 0x00011000, true, 1, TFM_VERSION_POLICY_RELAXED}, -{"PSA_PLATFORM_LC_SET", PLATFORM_ID, PSA_PLATFORM_LC_SET_MSK, 0x00011001, true, 1, TFM_VERSION_POLICY_RELAXED}, -{"PSA_PLATFORM_SYSTEM_RESET", PLATFORM_ID, PSA_PLATFORM_SYSTEM_RESET_MSK, 0x00011002, true, 1, TFM_VERSION_POLICY_RELAXED}, -{"PSA_PLATFORM_IOCTL", PLATFORM_ID, PSA_PLATFORM_IOCTL_MSK, 0x00011003, true, 1, TFM_VERSION_POLICY_RELAXED}, - -/* ----------------------------------------------------------------------------- - * ITS Services - * -------------------------------------------------------------------------- */ -{"PSA_ITS_GET", ITS_ID, PSA_ITS_GET_MSK, 0x00011A00, true, 1, TFM_VERSION_POLICY_RELAXED}, -{"PSA_ITS_SET", ITS_ID, PSA_ITS_SET_MSK, 0x00011A01, true, 1, TFM_VERSION_POLICY_RELAXED}, -{"PSA_ITS_INFO", ITS_ID, PSA_ITS_INFO_MSK, 0x00011A02, true, 1, TFM_VERSION_POLICY_RELAXED}, -{"PSA_ITS_REMOVE", ITS_ID, PSA_ITS_REMOVE_MSK, 0x00011A03, true, 1, TFM_VERSION_POLICY_RELAXED}, -{"PSA_ITS_RESET", ITS_ID, PSA_ITS_RESET_MSK, 0x00011A04, false, 1, TFM_VERSION_POLICY_RELAXED}, - -/*************************** Test Partitions **********************************/ -#ifdef USE_PSA_TEST_PARTITIONS - -#ifdef USE_CRYPTO_ACL_TEST -/* ----------------------------------------------------------------------------- - * CRYPTO_ACL_TEST Services - * -------------------------------------------------------------------------- */ -{"CRYPTO_GENERATE_KEY", CRYPTO_ACL_TEST_ID, CRYPTO_GENERATE_KEY_MSK, 0x00000201, true, 1, TFM_VERSION_POLICY_RELAXED}, -{"CRYPTO_OPEN_KEY", CRYPTO_ACL_TEST_ID, CRYPTO_OPEN_KEY_MSK, 0x00000202, true, 1, TFM_VERSION_POLICY_RELAXED}, -{"CRYPTO_CLOSE_KEY", CRYPTO_ACL_TEST_ID, CRYPTO_CLOSE_KEY_MSK, 0x00000203, true, 1, TFM_VERSION_POLICY_RELAXED}, -{"CRYPTO_DESTROY_KEY", CRYPTO_ACL_TEST_ID, CRYPTO_DESTROY_KEY_MSK, 0x00000205, true, 1, TFM_VERSION_POLICY_RELAXED}, -{"CRYPTO_GET_KEY_ATTRIBUTES", CRYPTO_ACL_TEST_ID, CRYPTO_GET_KEY_ATTRIBUTES_MSK, 0x00000206, true, 1, TFM_VERSION_POLICY_RELAXED}, -{"CRYPTO_IMPORT_KEY", CRYPTO_ACL_TEST_ID, CRYPTO_IMPORT_KEY_MSK, 0x00000208, true, 1, TFM_VERSION_POLICY_RELAXED}, -#endif // USE_CRYPTO_ACL_TEST - -#ifdef USE_CLIENT_TESTS_PART1 -/* ----------------------------------------------------------------------------- - * CLIENT_TESTS_PART1 Services - * -------------------------------------------------------------------------- */ -{"CLIENT_TESTS_PART1_ROT_SRV1", CLIENT_TESTS_PART1_ID, PART1_ROT_SRV1_MSK, 0x00001A05, true, 5, TFM_VERSION_POLICY_RELAXED}, -{"CLIENT_TESTS_PART1_DROP_CONN", CLIENT_TESTS_PART1_ID, DROP_CONN_MSK, 0x00001A06, true, 5, TFM_VERSION_POLICY_RELAXED}, -{"CLIENT_TESTS_PART1_SECURE_CLIENTS_ONLY", CLIENT_TESTS_PART1_ID, SECURE_CLIENTS_ONLY_MSK, 0x00001A07, false, 5, TFM_VERSION_POLICY_RELAXED}, -#endif // USE_CLIENT_TESTS_PART1 - -#ifdef USE_SERVER_TESTS_PART1 -/* ----------------------------------------------------------------------------- - * SERVER_TESTS_PART1 Services - * -------------------------------------------------------------------------- */ -{"SERVER_TESTS_PART1_CONTROL", SERVER_TESTS_PART1_ID, CONTROL_MSK, 0x00001A01, true, 5, TFM_VERSION_POLICY_RELAXED}, -{"SERVER_TESTS_PART1_TEST", SERVER_TESTS_PART1_ID, TEST_MSK, 0x00001A02, true, 12, TFM_VERSION_POLICY_STRICT}, -#endif // USE_SERVER_TESTS_PART1 - -#ifdef USE_SERVER_TESTS_PART2 -/* ----------------------------------------------------------------------------- - * SERVER_TESTS_PART2 Services - * -------------------------------------------------------------------------- */ -{"SERVER_TESTS_PART2_ROT_SRV_REVERSE", SERVER_TESTS_PART2_ID, ROT_SRV_REVERSE_MSK, 0x00001A03, false, 5, TFM_VERSION_POLICY_STRICT}, -{"SERVER_TESTS_PART2_ROT_SRV_DB_TST", SERVER_TESTS_PART2_ID, ROT_SRV_DB_TST_MSK, 0x00001A04, false, 5, TFM_VERSION_POLICY_STRICT}, -#endif // USE_SERVER_TESTS_PART2 - -#ifdef USE_SMOKE_TESTS_PART1 -/* ----------------------------------------------------------------------------- - * SMOKE_TESTS_PART1 Services - * -------------------------------------------------------------------------- */ -{"SMOKE_TESTS_PART1_ROT_SRV1", SMOKE_TESTS_PART1_ID, ROT_SRV1_MSK, 0x00001A00, true, 5, TFM_VERSION_POLICY_RELAXED}, -#endif // USE_SMOKE_TESTS_PART1 - -#endif // USE_PSA_TEST_PARTITIONS - -#endif // __TFM_SERVICE_LIST_INC__ diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/inc/tfm_spm_signal_defs.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/inc/tfm_spm_signal_defs.h deleted file mode 100644 index be52471..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/inc/tfm_spm_signal_defs.h +++ /dev/null @@ -1,145 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -/******************************************************************************* - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - * THIS FILE IS AN AUTO-GENERATED FILE - DO NOT MODIFY IT. - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - * Template Version 1.0 - * Generated by tools/psa/generate_partition_code.py Version 1.1 - ******************************************************************************/ - -#ifndef __TFM_SPM_SIGNAL_DEFS_H__ -#define __TFM_SPM_SIGNAL_DEFS_H__ - -/*************************** Service Partitions *******************************/ -/* ----------------------------------------------------------------------------- - * ATTEST_SRV Signals - * -------------------------------------------------------------------------- */ -#define PSA_ATTEST_GET_TOKEN_POS (4UL) -#define PSA_ATTEST_GET_TOKEN (1UL << PSA_ATTEST_GET_TOKEN_POS) -#define PSA_ATTEST_GET_TOKEN_SIZE_POS (5UL) -#define PSA_ATTEST_GET_TOKEN_SIZE (1UL << PSA_ATTEST_GET_TOKEN_SIZE_POS) -#define PSA_ATTEST_INJECT_KEY_POS (6UL) -#define PSA_ATTEST_INJECT_KEY (1UL << PSA_ATTEST_INJECT_KEY_POS) - -/* ----------------------------------------------------------------------------- - * CRYPTO_SRV Signals - * -------------------------------------------------------------------------- */ -#define PSA_CRYPTO_INIT_POS (4UL) -#define PSA_CRYPTO_INIT (1UL << PSA_CRYPTO_INIT_POS) -#define PSA_MAC_POS (5UL) -#define PSA_MAC (1UL << PSA_MAC_POS) -#define PSA_HASH_POS (6UL) -#define PSA_HASH (1UL << PSA_HASH_POS) -#define PSA_ASYMMETRIC_POS (7UL) -#define PSA_ASYMMETRIC (1UL << PSA_ASYMMETRIC_POS) -#define PSA_SYMMETRIC_POS (8UL) -#define PSA_SYMMETRIC (1UL << PSA_SYMMETRIC_POS) -#define PSA_AEAD_POS (9UL) -#define PSA_AEAD (1UL << PSA_AEAD_POS) -#define PSA_KEY_MNG_POS (10UL) -#define PSA_KEY_MNG (1UL << PSA_KEY_MNG_POS) -#define PSA_RNG_POS (11UL) -#define PSA_RNG (1UL << PSA_RNG_POS) -#define PSA_CRYPTO_FREE_POS (12UL) -#define PSA_CRYPTO_FREE (1UL << PSA_CRYPTO_FREE_POS) -#define PSA_KEY_DERIVATION_POS (13UL) -#define PSA_KEY_DERIVATION (1UL << PSA_KEY_DERIVATION_POS) -#define PSA_ENTROPY_INJECT_POS (14UL) -#define PSA_ENTROPY_INJECT (1UL << PSA_ENTROPY_INJECT_POS) - -/* ----------------------------------------------------------------------------- - * PLATFORM Signals - * -------------------------------------------------------------------------- */ -#define PSA_PLATFORM_LC_GET_MSK_POS (4UL) -#define PSA_PLATFORM_LC_GET_MSK (1UL << PSA_PLATFORM_LC_GET_MSK_POS) -#define PSA_PLATFORM_LC_SET_MSK_POS (5UL) -#define PSA_PLATFORM_LC_SET_MSK (1UL << PSA_PLATFORM_LC_SET_MSK_POS) -#define PSA_PLATFORM_SYSTEM_RESET_MSK_POS (6UL) -#define PSA_PLATFORM_SYSTEM_RESET_MSK (1UL << PSA_PLATFORM_SYSTEM_RESET_MSK_POS) -#define PSA_PLATFORM_IOCTL_MSK_POS (7UL) -#define PSA_PLATFORM_IOCTL_MSK (1UL << PSA_PLATFORM_IOCTL_MSK_POS) - -/* ----------------------------------------------------------------------------- - * ITS Signals - * -------------------------------------------------------------------------- */ -#define PSA_ITS_GET_MSK_POS (4UL) -#define PSA_ITS_GET_MSK (1UL << PSA_ITS_GET_MSK_POS) -#define PSA_ITS_SET_MSK_POS (5UL) -#define PSA_ITS_SET_MSK (1UL << PSA_ITS_SET_MSK_POS) -#define PSA_ITS_INFO_MSK_POS (6UL) -#define PSA_ITS_INFO_MSK (1UL << PSA_ITS_INFO_MSK_POS) -#define PSA_ITS_REMOVE_MSK_POS (7UL) -#define PSA_ITS_REMOVE_MSK (1UL << PSA_ITS_REMOVE_MSK_POS) -#define PSA_ITS_RESET_MSK_POS (8UL) -#define PSA_ITS_RESET_MSK (1UL << PSA_ITS_RESET_MSK_POS) - -/*************************** Test Partitions **********************************/ -#ifdef USE_PSA_TEST_PARTITIONS - -#ifdef USE_CRYPTO_ACL_TEST -/* ----------------------------------------------------------------------------- - * CRYPTO_ACL_TEST Signals - * -------------------------------------------------------------------------- */ -#define CRYPTO_GENERATE_KEY_MSK_POS (4UL) -#define CRYPTO_GENERATE_KEY_MSK (1UL << CRYPTO_GENERATE_KEY_MSK_POS) -#define CRYPTO_OPEN_KEY_MSK_POS (5UL) -#define CRYPTO_OPEN_KEY_MSK (1UL << CRYPTO_OPEN_KEY_MSK_POS) -#define CRYPTO_CLOSE_KEY_MSK_POS (6UL) -#define CRYPTO_CLOSE_KEY_MSK (1UL << CRYPTO_CLOSE_KEY_MSK_POS) -#define CRYPTO_DESTROY_KEY_MSK_POS (7UL) -#define CRYPTO_DESTROY_KEY_MSK (1UL << CRYPTO_DESTROY_KEY_MSK_POS) -#define CRYPTO_GET_KEY_ATTRIBUTES_MSK_POS (8UL) -#define CRYPTO_GET_KEY_ATTRIBUTES_MSK (1UL << CRYPTO_GET_KEY_ATTRIBUTES_MSK_POS) -#define CRYPTO_IMPORT_KEY_MSK_POS (9UL) -#define CRYPTO_IMPORT_KEY_MSK (1UL << CRYPTO_IMPORT_KEY_MSK_POS) -#endif // USE_CRYPTO_ACL_TEST - -#ifdef USE_CLIENT_TESTS_PART1 -/* ----------------------------------------------------------------------------- - * CLIENT_TESTS_PART1 Signals - * -------------------------------------------------------------------------- */ -#define PART1_ROT_SRV1_MSK_POS (4UL) -#define PART1_ROT_SRV1_MSK (1UL << PART1_ROT_SRV1_MSK_POS) -#define DROP_CONN_MSK_POS (5UL) -#define DROP_CONN_MSK (1UL << DROP_CONN_MSK_POS) -#define SECURE_CLIENTS_ONLY_MSK_POS (6UL) -#define SECURE_CLIENTS_ONLY_MSK (1UL << SECURE_CLIENTS_ONLY_MSK_POS) -#endif // USE_CLIENT_TESTS_PART1 - -#ifdef USE_SERVER_TESTS_PART1 -/* ----------------------------------------------------------------------------- - * SERVER_TESTS_PART1 Signals - * -------------------------------------------------------------------------- */ -#define CONTROL_MSK_POS (4UL) -#define CONTROL_MSK (1UL << CONTROL_MSK_POS) -#define TEST_MSK_POS (5UL) -#define TEST_MSK (1UL << TEST_MSK_POS) -#endif // USE_SERVER_TESTS_PART1 - -#ifdef USE_SERVER_TESTS_PART2 -/* ----------------------------------------------------------------------------- - * SERVER_TESTS_PART2 Signals - * -------------------------------------------------------------------------- */ -#define ROT_SRV_REVERSE_MSK_POS (4UL) -#define ROT_SRV_REVERSE_MSK (1UL << ROT_SRV_REVERSE_MSK_POS) -#define ROT_SRV_DB_TST_MSK_POS (5UL) -#define ROT_SRV_DB_TST_MSK (1UL << ROT_SRV_DB_TST_MSK_POS) -#endif // USE_SERVER_TESTS_PART2 - -#ifdef USE_SMOKE_TESTS_PART1 -/* ----------------------------------------------------------------------------- - * SMOKE_TESTS_PART1 Signals - * -------------------------------------------------------------------------- */ -#define ROT_SRV1_MSK_POS (4UL) -#define ROT_SRV1_MSK (1UL << ROT_SRV1_MSK_POS) -#endif // USE_SMOKE_TESTS_PART1 - -#endif // USE_PSA_TEST_PARTITIONS - -#endif // __TFM_SPM_SIGNAL_DEFS_H__ diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/mbed_lib.json b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/mbed_lib.json deleted file mode 100644 index 90222c7..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/mbed_lib.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "name": "tfm-s", - "macros": ["MBED_FAULT_HANDLER_DISABLED"], - "config": { - "max_ns_thread_count": { - "help": "maximum allowed number of non-secure threads", - "macro_name": "TFM_MAX_NS_THREAD_COUNT", - "value": 10 - } - } -} diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/platform/include/tfm_spm_hal.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/platform/include/tfm_spm_hal.h deleted file mode 100644 index 3ce0b29..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/platform/include/tfm_spm_hal.h +++ /dev/null @@ -1,190 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#ifndef __TFM_SPM_HAL_H__ -#define __TFM_SPM_HAL_H__ - -#include -#include "tfm_secure_api.h" -#include "spm_api.h" - -/** - * \brief Holds peripheral specific data fields required to manage the - * peripherals isolation - * - * This structure has to be defined in the platform directory, and may have - * different definition for each platform. The structure should contain fields - * that describe the peripheral for the functions that are prototyped in this - * file and are responsible for configuring the isolation of the peripherals. - * - * Pointers to structures of this type are managed by the SPM, and passed to the - * necessary function on isolation request. The pointers are also defined by the - * platform in the header file tfm_peripherals_def.h. For details on this, see - * the documentation of that file. - */ -struct tfm_spm_partition_platform_data_t; - -#if defined (TFM_PSA_API) || (TFM_LVL != 1) -/** - * \brief Holds SPM db fields that define the memory regions used by a - * partition. - */ -struct tfm_spm_partition_memory_data_t -{ - uint32_t code_start; /*!< Start of the code memory of this partition. */ - uint32_t code_limit; /*!< Address of the byte beyond the end of the code - * memory of this partition. - */ - uint32_t ro_start; /*!< Start of the read only memory of this - * partition. - */ - uint32_t ro_limit; /*!< Address of the byte beyond the end of the read - * only memory of this partition. - */ - uint32_t rw_start; /*!< Start of the data region of this partition. */ - uint32_t rw_limit; /*!< Address of the byte beyond the end of the data - * region of this partition. - */ - uint32_t zi_start; /*!< Start of the zero initialised data region of - * this partition. - */ - uint32_t zi_limit; /*!< Address of the byte beyond the end of the zero - * initialised region of this partition. - */ - uint32_t stack_bottom; /*!< The bottom of the stack for the partition. */ - uint32_t stack_top; /*!< The top of the stack for the partition. */ -}; -#endif - -/** - * \brief This function initialises the HW used for isolation, and sets the - * default configuration for them. - * - * This function is called during TF-M core early startup, before DB init - */ -void tfm_spm_hal_init_isolation_hw(void); - -/** - * \brief This function initialises the HW used for isolation, and sets the - * default configuration for them. - * This function is called during TF-M core early startup, after DB init - */ -void tfm_spm_hal_setup_isolation_hw(void); - -/** - * \brief Configure peripherals for a partition based on the platfotm data from - * the DB - * - * This function is called during partition initialisation (before calling the - * init function for the partition) - * - * \param[in] platform_data The platform fields of the partition DB record to - * be used for configuration. Can be NULL. - */ -void tfm_spm_hal_configure_default_isolation( - const struct tfm_spm_partition_platform_data_t *platform_data); -/** - * \brief Configures the system debug properties. - * The default configuration of this function should disable secure debug - * when either DAUTH_NONE or DAUTH_NS_ONLY define is set. It is up to the - * platform owner to decide if secure debug can be turned on in their - * system, if DAUTH_FULL define is present. - * The DAUTH_CHIP_DEFAULT define should not be considered a safe default - * option unless explicitly noted by the chip vendor. - * The implementation has to expect that one of those defines is going to - * be set. Otherwise, a compile error needs to be triggered. - */ -void tfm_spm_hal_init_debug(void); - -/** - * \brief Enables the fault handlers - */ -void enable_fault_handlers(void); - -/** - * \brief Configures the system reset request properties - */ -void system_reset_cfg(void); - -/** - * \brief Configures all external interrupts to target the - * NS state, apart for the ones associated to secure - * peripherals (plus MPC and PPC) - */ -void nvic_interrupt_target_state_cfg(void); - -/** - * \brief This function enable the interrupts associated - * to the secure peripherals (plus the isolation boundary violation - * interrupts) - */ -void nvic_interrupt_enable(void); - -/** - * \brief Get the VTOR value of non-secure image - * - * \return Returns the address where the vector table of the non-secure image - * is located - */ -uint32_t tfm_spm_hal_get_ns_VTOR(void); - -/** - * \brief Get the initial address of non-secure image main stack - * - * \return Returns the initial non-secure MSP - */ -uint32_t tfm_spm_hal_get_ns_MSP(void); - -/** - * \brief Get the entry point of the non-secure image - * - * \return Returns the address of the non-secure image entry point - */ -uint32_t tfm_spm_hal_get_ns_entry_point(void); - - -#if (TFM_LVL != 1) && !defined(TFM_PSA_API) -/** - * \brief Configure the sandbox for a partition. - * - * \param[in] memory_data The memory ranges from the partition DB for this - * partition - * \param[in] platform_data The platform fields of the partition DB record - * for this partition. Can be NULL. - * - * \return Returns the result operation as per \ref spm_err_t - */ -enum spm_err_t tfm_spm_hal_partition_sandbox_config( - const struct tfm_spm_partition_memory_data_t *memory_data, - const struct tfm_spm_partition_platform_data_t *platform_data); - -/** - * \brief Deconfigure the sandbox for a partition. - * - * \param[in] memory_data The memory ranges from the partition DB for this - * partition - * \param[in] platform_data The platform fields of the partition DB record - * for this partition. Can be NULL. - * - * \return Returns the result operation as per \ref spm_err_t - */ -enum spm_err_t tfm_spm_hal_partition_sandbox_deconfig( - const struct tfm_spm_partition_memory_data_t *memory_data, - const struct tfm_spm_partition_platform_data_t *platform_data); - -/** - * \brief Set the share region mode - * - * \param[in] share The mode to set - * - * \return Returns the result operation as per \ref spm_err_t - */ -enum spm_err_t tfm_spm_hal_set_share_region( - enum tfm_buffer_share_region_e share); -#endif - -#endif /* __TFM_SPM_HAL_H__ */ diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/dir_core.dox b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/dir_core.dox deleted file mode 100644 index a8da848..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/dir_core.dox +++ /dev/null @@ -1,16 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -//This file holds description for the current directory. This documentation -//will be included in the Doxygen output. - -/*! -\dir -\brief Source code for the TF-M core. -\details This directory holds the source code of the "TF-M core" module. - -*/ \ No newline at end of file diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_arch_v8m.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_arch_v8m.h deleted file mode 100644 index 96914c0..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_arch_v8m.h +++ /dev/null @@ -1,66 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -#ifndef __TFM_ARCH_V8M_H__ -#define __TFM_ARCH_V8M_H__ - -#include "cmsis.h" - -#define XPSR_T32 0x01000000 -#define LR_UNPRIVILEGED 0xfffffffd - -/* This header file collects the ARCH related operations. */ -struct tfm_state_context_base { - uint32_t r0; - uint32_t r1; - uint32_t r2; - uint32_t r3; - uint32_t r12; - uint32_t ra_lr; - uint32_t ra; - uint32_t xpsr; -}; - -struct tfm_state_context_ext { - uint32_t r4; - uint32_t r5; - uint32_t r6; - uint32_t r7; - uint32_t r8; - uint32_t r9; - uint32_t r10; - uint32_t r11; - uint32_t sp; - uint32_t sp_limit; - uint32_t dummy; - uint32_t lr; -}; - -struct tfm_state_context { - struct tfm_state_context_ext ctxb; -}; - -#define TFM_STATE_1ST_ARG(ctx) \ - (((struct tfm_state_context_base *)(ctx)->ctxb.sp)->r0) -#define TFM_STATE_2ND_ARG(ctx) \ - (((struct tfm_state_context_base *)(ctx)->ctxb.sp)->r1) -#define TFM_STATE_3RD_ARG(ctx) \ - (((struct tfm_state_context_base *)(ctx)->ctxb.sp)->r2) -#define TFM_STATE_4TH_ARG(ctx) \ - (((struct tfm_state_context_base *)(ctx)->ctxb.sp)->r3) -#define TFM_STATE_RET_VAL(ctx) \ - (((struct tfm_state_context_base *)(ctx)->ctxb.sp)->r0) - -__STATIC_INLINE void tfm_trigger_pendsv(void) -{ - SCB->ICSR = SCB_ICSR_PENDSVSET_Msk; -} - -void tfm_initialize_context(struct tfm_state_context *ctx, - uint32_t r0, uint32_t ra, - uint32_t sp, uint32_t sp_limit); - -#endif diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_internal_defines.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_internal_defines.h deleted file mode 100644 index a5382c5..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_internal_defines.h +++ /dev/null @@ -1,18 +0,0 @@ -/* - * Copyright (c) 2018, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -#ifndef __TFM_INTERNAL_DEFINES_H__ -#define __TFM_INTERNAL_DEFINES_H__ - -/* IPC internal return status */ -#define IPC_SUCCESS 0 -#define IPC_ERROR_BAD_PARAMETERS (INT32_MIN) -#define IPC_ERROR_SHORT_BUFFER (INT32_MIN + 1) -#define IPC_ERROR_VERSION (INT32_MIN + 2) -#define IPC_ERROR_MEMORY_CHECK (INT32_MIN + 3) -#define IPC_ERROR_GENERIC (INT32_MIN + 0x1F) - -#endif diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_list.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_list.h deleted file mode 100644 index 9764503..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_list.h +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Copyright (c) 2018, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -#ifndef __TFM_LIST_H__ -#define __TFM_LIST_H__ - -/* List structure */ -struct tfm_list_node_t { - struct tfm_list_node_t *prev; - struct tfm_list_node_t *next; -}; - -/** - * \brief Initialize list head. - * - * \param[in] head List head need to be initialized. - */ -__STATIC_INLINE void tfm_list_init(struct tfm_list_node_t *head) -{ - head->next = head; - head->prev = head; -} - -/** - * \brief Add one node to list tail. - * - * \param[in] head List head initialized by \ref tfm_list_init. - * \param[in] node List node want to be added. - */ -__STATIC_INLINE void -tfm_list_add_tail(struct tfm_list_node_t *head, struct tfm_list_node_t *node) -{ - head->prev->next = node; - node->prev = head->prev; - head->prev = node; - node->next = head; -} - -/** - * \brief Check if a list is empty. - * - * \param[in] head List head initialized by \ref tfm_list_init. - * - * \returns returns 1 for empty, or 0 for not. - */ -__STATIC_INLINE int32_t tfm_list_is_empty(struct tfm_list_node_t *head) -{ - return (head->next == head); -} - -/** - * \brief Insert one node to list head. - * - * \param[in] head List head initialized by \ref tfm_list_init. - * \param[in] node List node want to be inserted. - */ -__STATIC_INLINE void -tfm_list_insert_first(struct tfm_list_node_t *head, - struct tfm_list_node_t *node) -{ - node->next = head->next; - node->prev = head; - head->next->prev = node; - head->next = node; -} - -/** - * \brief Retrieve the fist node from list. - * - * \param[in] head List head initialized by \ref tfm_list_init. - * - * \returns Returns the pointer to first list node. - */ -__STATIC_INLINE -struct tfm_list_node_t *tfm_list_first_node(struct tfm_list_node_t *head) -{ - return head->next; -} - -/** - * \brief Delete one node from list. - * - * \param[in] node List node want to be deleted. - */ -__STATIC_INLINE void tfm_list_del_node(struct tfm_list_node_t *node) -{ - node->prev->next = node->next; - node->next->prev = node->prev; -} - -/* Go through each node of a list */ -#define TFM_LIST_FOR_EACH(node, head) \ - for (node = (head)->next; node != head; node = node->next) - -#endif diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_message_queue.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_message_queue.h deleted file mode 100644 index 44f5af4..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_message_queue.h +++ /dev/null @@ -1,68 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -#ifndef __TFM_MESSAGE_QUEUE_H__ -#define __TFM_MESSAGE_QUEUE_H__ - -#ifndef TFM_MSG_QUEUE_MAX_MSG_NUM -#define TFM_MSG_QUEUE_MAX_MSG_NUM 128 -#endif -#define TFM_MSG_MAGIC 0x15154343 -/* Message struct to collect parameter from client */ -struct tfm_msg_body_t { - int32_t magic; - struct tfm_spm_service_t *service; /* RoT service pointer */ - psa_handle_t handle; /* Connected Service handle */ - struct tfm_event_t ack_evnt; /* Event for ack reponse */ - psa_msg_t msg; /* PSA message body */ - psa_invec invec[PSA_MAX_IOVEC]; /* Put in/out vectors in msg body */ - psa_outvec outvec[PSA_MAX_IOVEC]; - psa_outvec *caller_outvec; /* - * Save caller outvec pointer for - * write length update - */ - struct tfm_msg_body_t *next; /* List operators */ -}; - -struct tfm_msg_queue_t { - struct tfm_msg_body_t *head; /* Queue head */ - struct tfm_msg_body_t *tail; /* Queue tail */ - uint32_t size; /* Number of the queue member */ -}; - -/** - * \brief Enqueue a message into message queue. - * - * \param[in] queue Message queue, it will be initialized - * if has not been initialized. - * \param[in] node Message queue node want to be enqueue. - * - * \retval IPC_SUCCESS Success. - * \retval IPC_ERROR_BAD_PARAMETERS Parameters error. - */ -int32_t tfm_msg_enqueue(struct tfm_msg_queue_t *queue, - struct tfm_msg_body_t *node); - -/** - * \brief Dequeue a message from message queue. - * - * \param[in] queue Message queue. - * - * \retval node pointer Success. - * \retval NULL Queue is NULL or size is zero. - */ -struct tfm_msg_body_t *tfm_msg_dequeue(struct tfm_msg_queue_t *queue); - -/** - * \brief Check if a message queue is empty. - * - * \param[in] queue Message queue. - * - * \returns Returns 1 for empty, or 0 for not. - */ -int32_t tfm_msg_queue_is_empty(struct tfm_msg_queue_t *queue); - -#endif diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_pools.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_pools.h deleted file mode 100644 index 1072f78..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_pools.h +++ /dev/null @@ -1,85 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -#ifndef __TFM_POOLS_H__ -#define __TFM_POOLS_H__ - -/* - * Resource pool - few known size resources allocation/free is required, - * so pool is more applicable than heap. - */ - -/* - * Pool Instance: - * [ Pool Instance ] + N * [ Pool Chunks ] - */ -struct tfm_pool_chunk_t { - struct tfm_list_node_t list; /* Chunk list */ - void *pool; /* Point to the parent pool */ - uint8_t data[0]; /* Data indicator */ -}; - -struct tfm_pool_instance_t { - size_t chunksz; /* Chunks size of pool member */ - struct tfm_list_node_t chunks_list; /* Chunk list head in pool */ - struct tfm_pool_chunk_t chunks[0]; /* Data indicator */ -}; - -/* - * This will declares a static memory pool variable with chunk memory. - * Parameters: - * name - Variable name, will be used when register - * chunksz - chunk size in bytes - * num - Number of chunks - */ -#define TFM_POOL_DECLARE(name, chunksz, num) \ - static uint8_t name##_pool_buf[((chunksz) + \ - sizeof(struct tfm_pool_chunk_t)) * (num) \ - + sizeof(struct tfm_pool_instance_t)] \ - __attribute__((aligned(4))); \ - static struct tfm_pool_instance_t *name = \ - (struct tfm_pool_instance_t *)name##_pool_buf - -/* Get the head size of memory pool */ -#define POOL_HEAD_SIZE (sizeof(struct tfm_pool_instance_t) + \ - sizeof(struct tfm_pool_chunk_t)) - -/* Get the whole size of memory pool */ -#define POOL_BUFFER_SIZE(name) sizeof(name##_pool_buf) - -/** - * \brief Register a memory pool. - * - * \param[in] pool Pointer to memory pool declared by - * \ref TFM_POOL_DECLARE - * \param[in] poolsz Size of the pool buffer. - * \param[in] chunksz Size of chunks. - * \param[in] num Number of chunks. - * - * \retval IPC_SUCCESS Success. - * \retval IPC_ERROR_BAD_PARAMETERS Parameters error. - */ -int32_t tfm_pool_init(struct tfm_pool_instance_t *pool, size_t poolsz, - size_t chunksz, size_t num); - -/** - * \brief Allocate a memory from pool. - * - * \param[in] pool pool pointer decleared by \ref TFM_POOL_DECLARE - * - * \retval buffer pointer Success. - * \retval NULL Failed. - */ -void *tfm_pool_alloc(struct tfm_pool_instance_t *pool); - -/** - * \brief Free the allocated memory. - * - * \param[in] ptr Buffer pointer want to free. - */ -void tfm_pool_free(void *ptr); - -#endif diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_spm.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_spm.h deleted file mode 100644 index 82c25eb..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_spm.h +++ /dev/null @@ -1,326 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -#ifndef __TFM_SPM_H__ -#define __TFM_SPM_H__ - -#include -#include "tfm_list.h" -#include "tfm_secure_api.h" - -#ifndef TFM_SPM_MAX_ROT_SERV_NUM -#define TFM_SPM_MAX_ROT_SERV_NUM 28 -#endif -#define TFM_VERSION_POLICY_RELAXED 0 -#define TFM_VERSION_POLICY_STRICT 1 - -#ifndef TFM_CONN_HANDLE_MAX_NUM -#define TFM_CONN_HANDLE_MAX_NUM 32 -#endif - -/* RoT connection handle list */ -struct tfm_conn_handle_t { - psa_handle_t handle; /* Handle value */ - void *rhandle; /* Reverse handle value */ - struct tfm_list_node_t list; /* list node */ -}; - -/* Service database defined by manifest */ -struct tfm_spm_service_db_t { - char *name; /* Service name */ - uint32_t partition_id; /* Partition ID which service belong to */ - psa_signal_t signal; /* Service signal */ - uint32_t sid; /* Service identifier */ - bool non_secure_client; /* If can be called by non secure client */ - uint32_t minor_version; /* Minor version */ - uint32_t minor_policy; /* Minor version policy */ -}; - -/* RoT Service data */ -struct tfm_spm_service_t { - struct tfm_spm_service_db_t *service_db; /* Service database pointer */ - struct tfm_spm_ipc_partition_t *partition; /* - * Point to secure partition - * data - */ - struct tfm_list_node_t handle_list; /* Service handle list */ - struct tfm_msg_queue_t msg_queue; /* Message queue */ - struct tfm_list_node_t list; /* For list operation */ -}; - -/* - * FixMe: This structure is for IPC partition which is different with library - * mode partition. There needs to be an alignment for IPC partition database - * and library mode database. - */ -/* Secure Partition data */ -struct tfm_spm_ipc_partition_t { - int32_t index; /* Partition index */ - int32_t id; /* Secure partition ID */ - struct tfm_event_t signal_evnt; /* Event signal */ - uint32_t signals; /* Service signals had been triggered*/ - uint32_t signal_mask; /* Service signal mask passed by psa_wait() */ - struct tfm_list_node_t service_list;/* Service list */ -}; - -/*************************** Extended SPM functions **************************/ - -/** - * \brief Get the running partition ID. - * - * \return Returns the partition ID - */ -uint32_t tfm_spm_partition_get_running_partition_id_ext(void); - -/** - * \brief Get the current partition mode. - * - * \param[in] partition_idx Index of current partition - * - * \retval TFM_PARTITION_PRIVILEGED_MODE Privileged mode - * \retval TFM_PARTITION_UNPRIVILEGED_MODE Unprivileged mode - */ -uint32_t tfm_spm_partition_get_privileged_mode(uint32_t partition_idx); - -/******************** Service handle management functions ********************/ - -/** - * \brief Create connection handle for client connect - * - * \param[in] service Target service context pointer - * - * \retval PSA_NULL_HANDLE Create failed \ref PSA_NULL_HANDLE - * \retval >0 Service handle created, \ref psa_handle_t - */ -psa_handle_t tfm_spm_create_conn_handle(struct tfm_spm_service_t *service); - -/** - * \brief Free connection handle which not used anymore. - * - * \param[in] service Target service context pointer - * \param[in] conn_handle Connection handle created by - * tfm_spm_create_conn_handle(), \ref psa_handle_t - * - * \retval IPC_SUCCESS Success - * \retval IPC_ERROR_BAD_PARAMETERS Bad parameters input - * \retval "Does not return" Panic for not find service by handle - */ -int32_t tfm_spm_free_conn_handle(struct tfm_spm_service_t *service, - psa_handle_t conn_handle); - -/** - * \brief Set reverse handle value for connection. - * - * \param[in] service Target service context pointer - * \param[in] conn_handle Connection handle created by - * tfm_spm_create_conn_handle(), \ref psa_handle_t - * \param[in] rhandle rhandle need to save - * - * \retval IPC_SUCCESS Success - * \retval IPC_ERROR_BAD_PARAMETERS Bad parameters input - * \retval "Does not return" Panic for not find handle node - */ -int32_t tfm_spm_set_rhandle(struct tfm_spm_service_t *service, - psa_handle_t conn_handle, - void *rhandle); - -/** - * \brief Get reverse handle value from connection hanlde. - * - * \param[in] service Target service context pointer - * \param[in] conn_handle Connection handle created by - * tfm_spm_create_conn_handle(), \ref psa_handle_t - * - * \retval void * Success - * \retval "Does not return" Panic for those: - * service pointer are NULL - * hanlde is \ref PSA_NULL_HANDLE - * handle node does not be found - */ -void *tfm_spm_get_rhandle(struct tfm_spm_service_t *service, - psa_handle_t conn_handle); - -/******************** Partition management functions *************************/ - -/** - * \brief Get current running partition context. - * - * \retval NULL Failed - * \retval "Not NULL" Return the parttion context pointer - * \ref spm_partition_t structures - */ -struct tfm_spm_ipc_partition_t *tfm_spm_get_running_partition(void); - -/** - * \brief Get the service context by signal. - * - * \param[in] partition Partition context pointer - * \ref spm_partition_t structures - * \param[in] signal Signal associated with inputs to the Secure - * Partition, \ref psa_signal_t - * - * \retval NULL Failed - * \retval "Not NULL" Target service context pointer, - * \ref spm_service_t structures - */ -struct tfm_spm_service_t * -tfm_spm_get_service_by_signal(struct tfm_spm_ipc_partition_t *partition, - psa_signal_t signal); - -/** - * \brief Get the service context by service ID. - * - * \param[in] sid RoT Service identity - * - * \retval NULL Failed - * \retval "Not NULL" Target service context pointer, - * \ref spm_service_t structures - */ -struct tfm_spm_service_t *tfm_spm_get_service_by_sid(uint32_t sid); - -/** - * \brief Get the service context by connection handle. - * - * \param[in] conn_handle Connection handle created by - * tfm_spm_create_conn_handle() - * - * \retval NULL Failed - * \retval "Not NULL" Target service context pointer, - * \ref spm_service_t structures - */ -struct tfm_spm_service_t * - tfm_spm_get_service_by_handle(psa_handle_t conn_handle); - -/** - * \brief Get the partition context by partition ID. - * - * \param[in] partition_id Partition identity - * - * \retval NULL Failed - * \retval "Not NULL" Target partition context pointer, - * \ref spm_partition_t structures - */ -struct tfm_spm_ipc_partition_t * - tfm_spm_get_partition_by_id(int32_t partition_id); - -/************************ Message functions **********************************/ - -/** - * \brief Get message context by message handle. - * - * \param[in] msg_handle Message handle which is a reference generated - * by the SPM to a specific message. - * - * \return The message body context pointer - * \ref msg_body_t structures - */ -struct tfm_msg_body_t *tfm_spm_get_msg_from_handle(psa_handle_t msg_handle); - -/** - * \brief Create a message for PSA client call. - * - * \param[in] service Target service context pointer, which can be - * obtained by partition management functions - * \prarm[in] handle Connect handle return by psa_connect(). Should - * be \ref PSA_NULL_HANDLE in psa_connect(). - * \param[in] type Message type, PSA_IPC_CONNECT, PSA_IPC_CALL or - * PSA_IPC_DISCONNECT - * \param[in] ns_caller Whether from NS caller - * \param[in] invec Array of input \ref psa_invec structures - * \param[in] in_len Number of input \ref psa_invec structures - * \param[in] outvec Array of output \ref psa_outvec structures - * \param[in] out_len Number of output \ref psa_outvec structures - * \param[in] caller_outvec Array of caller output \ref psa_outvec structures - * - * \retval NULL Failed - * \retval "Not NULL" New message body pointer \ref msg_body_t structures - */ -struct tfm_msg_body_t *tfm_spm_create_msg(struct tfm_spm_service_t *service, - psa_handle_t handle, - uint32_t type, int32_t ns_caller, - psa_invec *invec, size_t in_len, - psa_outvec *outvec, size_t out_len, - psa_outvec *caller_outvec); - -/** - * \brief Free message which unused anymore - * - * \param[in] msg Message pointer which want to free - * \ref msg_body_t structures - * - * \retval void Success - * \retval "Does not return" Failed - */ -void tfm_spm_free_msg(struct tfm_msg_body_t *msg); - -/** - * \brief Send message and wake up the SP who is waiting on - * message queue, block the current thread and - * scheduler triggered - * - * \param[in] service Target service context pointer, which can be - * obtained by partition management functions - * \param[in] msg message created by spm_create_msg() - * \ref msg_body_t structures - * - * \retval IPC_SUCCESS Success - * \retval IPC_ERROR_BAD_PARAMETERS Bad parameters input - * \retval IPC_ERROR_GENERIC Failed to enqueue message to service message queue - */ -int32_t tfm_spm_send_event(struct tfm_spm_service_t *service, - struct tfm_msg_body_t *msg); - -/** - * \brief Check the client minor version according to - * version policy - * - * \param[in] service Target service context pointer, which can be get - * by partition management functions - * \param[in] minor_version Client support minor version - * - * \retval IPC_SUCCESS Success - * \retval IPC_ERROR_BAD_PARAMETERS Bad parameters input - * \retval IPC_ERROR_VERSION Check failed - */ -int32_t tfm_spm_check_client_version(struct tfm_spm_service_t *service, - uint32_t minor_version); - -/** - * \brief Check the memory reference is valid. - * - * \param[in] buffer Pointer of memory reference - * \param[in] len Length of memory reference in bytes - * \param[in] ns_caller From non-secure caller - * \param[in] access Type of access specified by the - * \ref tfm_memory_access_e - * \param[in] privileged Privileged mode or unprivileged mode: - * \ref TFM_PARTITION_UNPRIVILEGED_MODE - * \ref TFM_PARTITION_PRIVILEGED_MODE - * - * \retval IPC_SUCCESS Success - * \retval IPC_ERROR_BAD_PARAMETERS Bad parameters input - * \retval IPC_ERROR_MEMORY_CHECK Check failed - */ -int32_t tfm_memory_check(void *buffer, size_t len, int32_t ns_caller, - enum tfm_memory_access_e access, - uint32_t privileged); - -/* This function should be called before schedule function */ -void tfm_spm_init(void); - -/* - * PendSV specified function. - * - * Parameters : - * ctxb - State context storage pointer - * - * Notes: - * This is a staging API. Scheduler should be called in SPM finally and - * this function will be obsoleted later. - */ -void tfm_pendsv_do_schedule(struct tfm_state_context_ext *ctxb); - -#endif diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_svcalls.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_svcalls.h deleted file mode 100644 index 97c506b..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_svcalls.h +++ /dev/null @@ -1,108 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -#ifndef __TFM_SVCALLS_H__ -#define __TFM_SVCALLS_H__ - -/* Svcall for PSA Client APIs */ - -/** - * \brief SVC handler for \ref psa_framework_version. - * - * \return version The version of the PSA Framework implementation - * that is providing the runtime services to the - * caller. - */ -uint32_t tfm_svcall_psa_framework_version(void); - -/** - * \brief SVC handler for \ref psa_version. - * - * \param[in] args Include all input arguments: sid. - * \param[in] ns_caller If 'non-zero', call from non-secure client. - * Or from secure client. - * - * \retval PSA_VERSION_NONE The RoT Service is not implemented, or the - * caller is not permitted to access the service. - * \retval > 0 The minor version of the implemented RoT - * Service. - */ -uint32_t tfm_svcall_psa_version(uint32_t *args, int32_t ns_caller); - -/** - * \brief SVC handler for \ref psa_connect. - * - * \param[in] args Include all input arguments: - * sid, minor_version. - * \param[in] ns_caller If 'non-zero', call from non-secure client. - * Or from secure client. - * - * \retval > 0 A handle for the connection. - * \retval PSA_CONNECTION_REFUSED The SPM or RoT Service has refused the - * connection. - * \retval PSA_CONNECTION_BUSY The SPM or RoT Service cannot make the - * connection at the moment. - * \retval "Does not return" The RoT Service ID and version are not - * supported, or the caller is not permitted to - * access the service. - */ -psa_handle_t tfm_svcall_psa_connect(uint32_t *args, int32_t ns_caller); - -/** - * \brief SVC handler for \ref psa_call. - * - * \param[in] args Include all input arguments: - * handle, in_vec, in_len, out_vec, out_len. - * \param[in] ns_caller If 'non-zero', call from non-secure client. - * Or from secure client. - * \param[in] lr EXC_RETURN value of the SVC. - * - * \retval >=0 RoT Service-specific status value. - * \retval <0 RoT Service-specific error code. - * \retval PSA_DROP_CONNECTION The connection has been dropped by the RoT - * Service. This indicates that either this or - * a previous message was invalid. - * \retval "Does not return" The call is invalid, one or more of the - * following are true: - * \arg An invalid handle was passed. - * \arg The connection is already handling a request. - * \arg An invalid memory reference was provided. - * \arg in_len + out_len > PSA_MAX_IOVEC. - * \arg The message is unrecognized by the RoT - * Service or incorrectly formatted. - */ -psa_status_t tfm_svcall_psa_call(uint32_t *args, int32_t ns_caller, - uint32_t lr); - -/** - * \brief SVC handler for \ref psa_close. - * - * \param[in] args Include all input arguments: handle. - * \param[in] ns_caller If 'non-zero', call from non-secure client. - * Or from secure client. - * - * \retval void Success. - * \retval "Does not return" The call is invalid, one or more of the - * following are true: - * \arg An invalid handle was provided that is not - * the null handle. - * \arg The connection is handling a request. - */ -void tfm_svcall_psa_close(uint32_t *args, int32_t ns_caller); - -/** - * \brief SVC handler for IPC functions - * - * \param[in] svc_num SVC number - * \param[in] ctx Argument context - * \param[in] lr EXC_RETURN value of the SVC. - * - * \returns Return values from those who has, - * or PSA_SUCCESS. - */ -int32_t SVC_Handler_IPC(tfm_svc_number_t svc_num, uint32_t *ctx, uint32_t lr); - -#endif diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_thread.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_thread.h deleted file mode 100644 index 68aa5a2..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_thread.h +++ /dev/null @@ -1,232 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -#ifndef __TFM_THREAD_H__ -#define __TFM_THREAD_H__ - -#include "tfm_arch_v8m.h" -#include "cmsis_compiler.h" - -/* Status code */ -#define THRD_STAT_CREATING 0 -#define THRD_STAT_RUNNING 1 -#define THRD_STAT_BLOCK 2 -#define THRD_STAT_DETACH 3 -#define THRD_STAT_INVALID 4 - -/* Security attribute - default as security */ -#define THRD_ATTR_SECURE_OFFSET 16 -#define THRD_ATTR_SECURE (0) -#define THRD_ATTR_NON_SECURE (1 << THRD_ATTR_SECURE_OFFSET) - -/* Lower value has higher priority */ -#define THRD_PRIOR_MASK 0xFF -#define THRD_PRIOR_HIGHEST 0x0 -#define THRD_PRIOR_MEDIUM 0x7F -#define THRD_PRIOR_LOWEST 0xFF - -/* Error code */ -#define THRD_SUCCESS 0 -#define THRD_ERR_INVALID_PARAM 1 - -/* Thread entry function type */ -typedef void *(*tfm_thrd_func_t)(void *); - -/* Thread context */ -struct tfm_thrd_ctx { - tfm_thrd_func_t pfn; /* entry function */ - void *param; /* entry parameter */ - uint8_t *sp_base; /* stack bottom */ - uint8_t *sp_top; /* stack top */ - uint32_t prior; /* priority */ - uint32_t status; /* status */ - - struct tfm_state_context state_ctx; /* State context */ - struct tfm_thrd_ctx *next; /* next thread in list */ -}; - -/* - * Initialize a thread context with the necessary info. - * - * Parameters : - * pth - pointer of caller provided thread context - * pfn - thread entry function - * param - thread entry function parameter - * sp_base - stack pointer base (higher address) - * sp_top - stack pointer top (lower address) - * - * Notes : - * Thread contex rely on caller allocated memory; initialize members in - * context. This function does not insert thread into schedulable list. - */ -void tfm_thrd_init(struct tfm_thrd_ctx *pth, - tfm_thrd_func_t pfn, void *param, - uint8_t *sp_base, uint8_t *sp_top); - -/* Set thread priority. - * - * Parameters : - * pth - pointer of thread context - * prior - priority value (0~255) - * - * Notes : - * Set thread priority. Priority is set to THRD_PRIOR_MEDIUM in - * tfm_thrd_init(). - */ -void __STATIC_INLINE tfm_thrd_priority(struct tfm_thrd_ctx *pth, - uint32_t prior) -{ - pth->prior &= ~THRD_PRIOR_MASK; - pth->prior |= prior & THRD_PRIOR_MASK; -} - -/* - * Set thread security attribute. - * - * Parameters : - * pth - pointer of thread context - * attr_secure - THRD_ATTR_SECURE or THRD_ATTR_NON_SECURE - * - * Notes - * Reuse prior of thread context to shift down non-secure thread priority. - */ -void __STATIC_INLINE tfm_thrd_secure(struct tfm_thrd_ctx *pth, - uint32_t attr_secure) -{ - pth->prior &= ~THRD_ATTR_NON_SECURE; - pth->prior |= attr_secure; -} - -/* - * Set thread status. - * - * Parameters : - * pth - pointer of thread context - * new_status - new status of thread - * - * Return : - * None - * - * Notes : - * Thread status is not changed if invalid status value inputed. - */ -void tfm_thrd_set_status(struct tfm_thrd_ctx *pth, uint32_t new_status); - -/* - * Get thread status. - * - * Parameters : - * pth - pointer of thread context - * - * Return : - * Status of thread - */ -uint32_t __STATIC_INLINE tfm_thrd_get_status(struct tfm_thrd_ctx *pth) -{ - return pth->status; -} - -/* - * Set thread state return value. - * - * Parameters : - * pth - pointer of thread context - * retval - return value to be set for thread state - * - * Notes : - * This API is useful for blocked syscall blocking thread. Syscall - * could set its return value to the caller before caller goes. - */ -void __STATIC_INLINE tfm_thrd_set_retval(struct tfm_thrd_ctx *pth, - uint32_t retval) -{ - TFM_STATE_RET_VAL(&pth->state_ctx) = retval; -} - -/* - * Validate thread context and insert it into schedulable list. - * - * Parameters : - * pth - pointer of thread context - * - * Return : - * THRD_SUCCESS for success. Or an error is returned. - * - * Notes : - * This function validates thread info. It returns error if thread info - * is not correct. Thread is avaliable after successful tfm_thrd_start(). - */ -uint32_t tfm_thrd_start(struct tfm_thrd_ctx *pth); - -/* - * Get current running thread. - * - * Return : - * Current running thread context pointer. - */ -struct tfm_thrd_ctx *tfm_thrd_curr_thread(void); - -/* - * Get next running thread in list. - * - * Return : - * Pointer of next thread to be run. - */ -struct tfm_thrd_ctx *tfm_thrd_next_thread(void); - -/* - * Start scheduler for existing threads - * - * Parameters: - * pth - pointer of the caller context collecting thread - * - * Notes : - * This function should be called only ONCE to start the scheduler. - * Caller needs to provide a thread object to collect current context. - * The usage of the collected context is caller defined. - */ -void tfm_thrd_start_scheduler(struct tfm_thrd_ctx *pth); - -/* - * Activate a scheduling action after exception. - * - * Notes : - * This function could be called multiple times before scheduling. - */ -void tfm_thrd_activate_schedule(void); - -/* - * Save current context into 'prev' thread and switch to 'next'. - * - * Parameters : - * ctxb - latest caller context - * prev - previous thread to be switched out - * next - thread to be run - * - * Notes : - * This function could be called multiple times before scheduling. - */ -void tfm_thrd_context_switch(struct tfm_state_context_ext *ctxb, - struct tfm_thrd_ctx *prev, - struct tfm_thrd_ctx *next); - -/* - * Svcall to exit current running thread. - * - * Notes : - * Remove current thread out of schedulable list. - */ -void tfm_svcall_thrd_exit(void); - -/* - * Exit current running thread for client. - * - * Notes: - * Must be called in thread mode. - */ -void tfm_thrd_exit(void); - -#endif diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_utils.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_utils.h deleted file mode 100644 index 17f94c0..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_utils.h +++ /dev/null @@ -1,29 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -#ifndef __TFM_UTILS_H__ -#define __TFM_UTILS_H__ - -/* CPU spin here */ -void tfm_panic(void); - -/* Assert and spin */ -#define TFM_ASSERT(cond) \ - do { \ - if (!(cond)) { \ - printf("Assert:%s:%d", __FUNCTION__, __LINE__); \ - while (1) \ - ; \ - } \ - } while (0) - -/* Get container structure start address from member */ -#define TFM_GET_CONTAINER_PTR(ptr, type, member) \ - (type *)((unsigned long)(ptr) - offsetof(type, member)) - -int32_t tfm_bitcount(uint32_t n); - -#endif diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_wait.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_wait.h deleted file mode 100644 index 0bb6ea3..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/include/tfm_wait.h +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -#ifndef __TFM_WAIT_H__ -#define __TFM_WAIT_H__ - -#include "cmsis_compiler.h" - -/* The magic number has two purposes: corruption detection and debug */ -#define TFM_EVENT_MAGIC 0x65766e74 - -struct tfm_event_t { - uint32_t magic; /* 'evnt' */ - struct tfm_thrd_ctx *owner; /* Event blocked thread */ -}; - -/* - * Initialize an event object. - * - * Parameters: - * pevnt - The pointer of event object allocated by the caller - */ -void __STATIC_INLINE tfm_event_init(struct tfm_event_t *pevnt) -{ - pevnt->magic = TFM_EVENT_MAGIC; - pevnt->owner = NULL; -} - -/* - * Wait on an event object. - * - * Parameters: - * pevnt - The pointer of event object allocated by the caller - * - * Notes: - * Block caller thread by calling this function. - */ -void tfm_event_wait(struct tfm_event_t *pevnt); - -/* - * Wake up an event object. - * - * Parameters : - * pevnt - The pointer of event object allocated by the caller - * retval - Value to be returned to owner - * - * Notes: - * Wake up the blocked thread and set parameter 'retval' as the return value. - */ -void tfm_event_wake(struct tfm_event_t *pevnt, uint32_t retval); - -#endif diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/psa_client.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/psa_client.c deleted file mode 100644 index 6abc966..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/psa_client.c +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#include -#include -#include "tfm_svc.h" -#include "psa_client.h" - -__attribute__((naked, section("SFN"))) -uint32_t psa_framework_version(void) -{ - __ASM volatile("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_FRAMEWORK_VERSION)); -} - -__attribute__((naked, section("SFN"))) -uint32_t psa_version(uint32_t sid) -{ - __ASM volatile("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_VERSION)); -} - -__attribute__((naked, section("SFN"))) -psa_handle_t psa_connect(uint32_t sid, uint32_t minor_version) -{ - __ASM volatile("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_CONNECT)); -} - -__attribute__((naked, section("SFN"))) -psa_status_t psa_call(psa_handle_t handle, - const psa_invec *in_vec, - size_t in_len, - psa_outvec *out_vec, - size_t out_len) -{ - __ASM volatile("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_CALL)); -} - -__attribute__((naked, section("SFN"))) -void psa_close(psa_handle_t handle) -{ - __ASM volatile("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_CLOSE)); -} diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/psa_service.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/psa_service.c deleted file mode 100644 index 0c86954..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/psa_service.c +++ /dev/null @@ -1,96 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#include -#include -#include "tfm_svc.h" -#include "psa_client.h" -#include "psa_service.h" - -__attribute__((naked, section("SFN"))) -psa_signal_t psa_wait(psa_signal_t signal_mask, uint32_t timeout) - -{ - __ASM volatile("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_WAIT)); -} - -__attribute__((naked, section("SFN"))) -psa_status_t psa_get(psa_signal_t signal, psa_msg_t *msg) -{ - __ASM volatile("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_GET)); -} - -__attribute__((naked, section("SFN"))) -void psa_set_rhandle(psa_handle_t msg_handle, void *rhandle) -{ - __ASM volatile("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_SET_RHANDLE)); -} - -__attribute__((naked, section("SFN"))) -size_t psa_read(psa_handle_t msg_handle, uint32_t invec_idx, - void *buffer, size_t num_bytes) - -{ - __ASM volatile("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_READ)); -} - -__attribute__((naked, section("SFN"))) -size_t psa_skip(psa_handle_t msg_handle, uint32_t invec_idx, size_t num_bytes) -{ - __ASM volatile("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_SKIP)); -} - -__attribute__((naked, section("SFN"))) -void psa_write(psa_handle_t msg_handle, uint32_t outvec_idx, - const void *buffer, size_t num_bytes) -{ - __ASM volatile("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_WRITE)); -} - -__attribute__((naked, section("SFN"))) -void psa_reply(psa_handle_t msg_handle, psa_status_t retval) -{ - __ASM volatile("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_REPLY)); -} - -__attribute__((naked, section("SFN"))) -void psa_notify(int32_t partition_id) -{ - __ASM volatile("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_NOTIFY)); -} - -__attribute__((naked, section("SFN"))) -void psa_clear(void) -{ - __ASM volatile("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_CLEAR)); -} - -__attribute__((naked, section("SFN"))) -void psa_eoi(psa_signal_t irq_signal) -{ - __ASM volatile("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_PSA_EOI)); -} diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_arch_v8m.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_arch_v8m.c deleted file mode 100644 index ebe1c45..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_arch_v8m.c +++ /dev/null @@ -1,147 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -#include -#include - -#include "tfm_arch_v8m.h" -#include "cmsis.h" -#include "psa_client.h" -#include "psa_service.h" -#include "tfm_utils.h" -#include "tfm_thread.h" -#include "tfm_memory_utils.h" - -/* This file contains the ARCH code for ARM V8M */ - -__attribute__((section("SFN"))) -static void exit_zone(void) -{ - tfm_thrd_exit(); -} - -void tfm_initialize_context(struct tfm_state_context *ctx, - uint32_t r0, uint32_t ra, - uint32_t sp, uint32_t sp_limit) -{ - /* - * For security consideration, set unused registers into ZERO; - * and only necessary registers are set here. - */ - struct tfm_state_context_base *p_ctxa = - (struct tfm_state_context_base *)sp; - - /* - * Shift back SP to leave space for holding base context - * since thread is kicked off through exception return. - */ - p_ctxa--; - - /* Basic context is considerate at thread start.*/ - tfm_memset(p_ctxa, 0, sizeof(*p_ctxa)); - p_ctxa->r0 = r0; - p_ctxa->ra = ra; - p_ctxa->ra_lr = (uint32_t)exit_zone; - p_ctxa->xpsr = XPSR_T32; - - tfm_memset(ctx, 0, sizeof(*ctx)); - ctx->ctxb.sp = (uint32_t)p_ctxa; - ctx->ctxb.sp_limit = sp_limit; - ctx->ctxb.lr = LR_UNPRIVILEGED; -} - -/* - * Stack status at PendSV entry: - * - * [ R0 - R3 ]<- PSP - * [ R12 ] - * [ LR_of_RA ] - * MSP->[ ........ ] [ RA ] - * [ ........ ] [ XPSR ] - * [ ........ ] - * [ ........ ] - * - * Stack status before calling pendsv_do_schedule(): - * - * MSP->[ R4 - R11 ] - * [ PSP ]--->[ R0 - R3 ] - * [ PSP Limit] [ R12 ] - * [ R2(dummy)] [ LR_of_RA ] - * [ LR ] [ RA ] - * [ ........ ] [ XPSR ] - * [ ........ ] [ ........ ] - * [ ........ ] - * - * pendsv_do_schedule() updates stacked context into current thread and - * replace stacked context with context of next thread. - * - * Scheduler does not support handler mode thread so take PSP/PSP_LIMIT as - * thread SP/SP_LIMIT. R2 holds dummy data due to stack operation is 8 bytes - * aligned. - */ -#if defined(__ARM_ARCH_8M_MAIN__) -__attribute__((naked)) void PendSV_Handler(void) -{ - __ASM volatile( - "mrs r0, psp \n" - "mrs r1, psplim \n" - "push {r0, r1, r2, lr} \n" - "push {r4-r11} \n" - "mov r0, sp \n" - "bl tfm_pendsv_do_schedule \n" - "pop {r4-r11} \n" - "pop {r0, r1, r2, lr} \n" - "msr psp, r0 \n" - "msr psplim, r1 \n" - "bx lr \n" - ); -} -#elif defined(__ARM_ARCH_8M_BASE__) -__attribute__((naked)) void PendSV_Handler(void) -{ - __ASM volatile( - "mrs r0, psp \n" - "mrs r1, psplim \n" - "push {r0, r1, r2, lr} \n" - "push {r4-r7} \n" - "mov r4, r8 \n" - "mov r5, r9 \n" - "mov r6, r10 \n" - "mov r7, r11 \n" - "push {r4-r7} \n" - "mov r0, sp \n" - "bl tfm_pendsv_do_schedule \n" - "pop {r4-r7} \n" - "mov r8, r4 \n" - "mov r9, r5 \n" - "mov r10, r6 \n" - "mov r11, r7 \n" - "pop {r4-r7} \n" - "pop {r0-r3} \n" - "mov lr, r3 \n" - "msr psp, r0 \n" - "msr psplim, r1 \n" - "bx lr \n" - ); -} -#else -#error "Unsupported ARM Architecture." -#endif - -/* Reserved for future usage */ -__attribute__((naked)) void MemManage_Handler(void) -{ - __ASM volatile("b ."); -} - -__attribute__((naked)) void BusFault_Handler(void) -{ - __ASM volatile("b ."); -} -__attribute__((naked)) void UsageFault_Handler(void) -{ - __ASM volatile("b ."); -} diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_message_queue.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_message_queue.c deleted file mode 100644 index 83ebf50..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_message_queue.c +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright (c) 2018, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -#include -#include -#include "tfm_thread.h" -#include "tfm_wait.h" -#include "psa_client.h" -#include "psa_service.h" -#include "tfm_internal_defines.h" -#include "tfm_message_queue.h" - -/* Message queue process */ -int32_t tfm_msg_enqueue(struct tfm_msg_queue_t *queue, - struct tfm_msg_body_t *node) -{ - if (!queue || !node) { - return IPC_ERROR_BAD_PARAMETERS; - } - - if (queue->size == 0) { - queue->head = node; - queue->tail = node; - } else { - queue->tail->next = node; - queue->tail = node; - } - queue->size++; - return IPC_SUCCESS; -} - -struct tfm_msg_body_t *tfm_msg_dequeue(struct tfm_msg_queue_t *queue) -{ - struct tfm_msg_body_t *pop_node; - - if (!queue) { - return NULL; - } - - if (queue->size == 0) { - return NULL; - } - - pop_node = queue->head; - queue->head = queue->head->next; - queue->size--; - return pop_node; -} - -int32_t tfm_msg_queue_is_empty(struct tfm_msg_queue_t *queue) -{ - return queue->size == 0 ? 1 : 0; -} diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_pools.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_pools.c deleted file mode 100644 index 83342b8..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_pools.c +++ /dev/null @@ -1,87 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -#include -#include -#include -#include -#include "tfm_thread.h" -#include "tfm_wait.h" -#include "psa_client.h" -#include "psa_service.h" -#include "tfm_internal_defines.h" -#include "cmsis_compiler.h" -#include "tfm_utils.h" -#include "tfm_list.h" -#include "tfm_pools.h" -#include "tfm_memory_utils.h" - -int32_t tfm_pool_init(struct tfm_pool_instance_t *pool, size_t poolsz, - size_t chunksz, size_t num) -{ - struct tfm_pool_chunk_t *pchunk; - size_t i; - - if (!pool || num == 0) { - return IPC_ERROR_BAD_PARAMETERS; - } - - /* Ensure buffer is large enough */ - if (poolsz != ((chunksz + sizeof(struct tfm_pool_chunk_t)) * num + - sizeof(struct tfm_pool_instance_t))) { - return IPC_ERROR_BAD_PARAMETERS; - } - - /* Buffer should be BSS cleared but clear it again */ - tfm_memset(pool, 0, poolsz); - - /* Chain pool chunks */ - tfm_list_init(&pool->chunks_list); - - pchunk = (struct tfm_pool_chunk_t *)pool->chunks; - for (i = 0; i < num; i++) { - pchunk->pool = pool; - tfm_list_add_tail(&pool->chunks_list, &pchunk->list); - pchunk = (struct tfm_pool_chunk_t *)&pchunk->data[chunksz]; - } - - /* Prepare instance and insert to pool list */ - pool->chunksz = chunksz; - - return IPC_SUCCESS; -} - -void *tfm_pool_alloc(struct tfm_pool_instance_t *pool) -{ - struct tfm_list_node_t *node; - struct tfm_pool_chunk_t *pchunk; - - if (!pool) { - return NULL; - } - - if (tfm_list_is_empty(&pool->chunks_list)) { - return NULL; - } - - node = tfm_list_first_node(&pool->chunks_list); - pchunk = TFM_GET_CONTAINER_PTR(node, struct tfm_pool_chunk_t, list); - - /* Remove node from list node, it will be added when pool free */ - tfm_list_del_node(node); - - return &pchunk->data; -} - -void tfm_pool_free(void *ptr) -{ - struct tfm_pool_chunk_t *pchunk; - struct tfm_pool_instance_t *pool; - - pchunk = TFM_GET_CONTAINER_PTR(ptr, struct tfm_pool_chunk_t, data); - pool = (struct tfm_pool_instance_t *)pchunk->pool; - tfm_list_add_tail(&pool->chunks_list, &pchunk->list); -} diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_spm.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_spm.c deleted file mode 100644 index 5ee30a6..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_spm.c +++ /dev/null @@ -1,619 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -#include -#include -#include -#include -#include -#include "psa_client.h" -#include "psa_service.h" -#include "tfm_utils.h" -#include "platform/include/tfm_spm_hal.h" -#include "spm_api.h" -#include "spm_db.h" -#include "spm_db_setup.h" -#include "tfm_internal_defines.h" -#include "tfm_wait.h" -#include "tfm_message_queue.h" -#include "tfm_list.h" -#include "tfm_pools.h" -#include "tfm_spm.h" -#include "tfm_spm_signal_defs.h" -#include "tfm_thread.h" -#include "region_defs.h" -#include "tfm_nspm.h" -#include "tfm_memory_utils.h" -#include "platform/mbed_toolchain.h" - -/* - * IPC partitions. - * FixMe: Need to get align with spm_partition_db_t. - */ -static struct tfm_spm_ipc_partition_t - g_spm_ipc_partition[SPM_MAX_PARTITIONS] = {}; - -/* Extern SPM variable */ -extern struct spm_partition_db_t g_spm_partition_db; - -/* Extern secure lock variable */ -extern int32_t tfm_secure_lock; -/* Pools */ -TFM_POOL_DECLARE(conn_handle_pool, sizeof(struct tfm_conn_handle_t), - TFM_CONN_HANDLE_MAX_NUM); -TFM_POOL_DECLARE(spm_service_pool, sizeof(struct tfm_spm_service_t), - TFM_SPM_MAX_ROT_SERV_NUM); -TFM_POOL_DECLARE(msg_db_pool, sizeof(struct tfm_msg_body_t), - TFM_MSG_QUEUE_MAX_MSG_NUM); - -static struct tfm_spm_service_db_t g_spm_service_db[] = { - #include "tfm_service_list.inc" -}; - -/********************** SPM functions for handler mode ***********************/ - -/* Service handle management functions */ -psa_handle_t tfm_spm_create_conn_handle(struct tfm_spm_service_t *service) -{ - struct tfm_conn_handle_t *node; - - TFM_ASSERT(service); - - /* Get buffer for handle list structure from handle pool */ - node = (struct tfm_conn_handle_t *)tfm_pool_alloc(conn_handle_pool); - if (!node) { - return PSA_NULL_HANDLE; - } - - /* Global unique handle, use handle buffer address directly */ - node->handle = (psa_handle_t)node; - - /* Add handle node to list for next psa functions */ - tfm_list_add_tail(&service->handle_list, &node->list); - - return node->handle; -} - -static struct tfm_conn_handle_t * -tfm_spm_find_conn_handle_node(struct tfm_spm_service_t *service, - psa_handle_t conn_handle) -{ - struct tfm_conn_handle_t *handle_node; - struct tfm_list_node_t *node, *head; - - TFM_ASSERT(service); - - head = &service->handle_list; - TFM_LIST_FOR_EACH(node, head) { - handle_node = TFM_GET_CONTAINER_PTR(node, struct tfm_conn_handle_t, - list); - if (handle_node->handle == conn_handle) { - return handle_node; - } - } - return NULL; -} - -int32_t tfm_spm_free_conn_handle(struct tfm_spm_service_t *service, - psa_handle_t conn_handle) -{ - struct tfm_conn_handle_t *node; - - TFM_ASSERT(service); - - /* There are many handles for each RoT Service */ - node = tfm_spm_find_conn_handle_node(service, conn_handle); - if (!node) { - tfm_panic(); - } - - /* Remove node from handle list */ - tfm_list_del_node(&node->list); - - node->rhandle = NULL; - - /* Back handle buffer to pool */ - tfm_pool_free(node); - return IPC_SUCCESS; -} - -int32_t tfm_spm_set_rhandle(struct tfm_spm_service_t *service, - psa_handle_t conn_handle, - void *rhandle) -{ - struct tfm_conn_handle_t *node; - - TFM_ASSERT(service); - /* Set reverse handle value only be allowed for a connected handle */ - TFM_ASSERT(conn_handle != PSA_NULL_HANDLE); - - /* There are many handles for each RoT Service */ - node = tfm_spm_find_conn_handle_node(service, conn_handle); - if (!node) { - tfm_panic(); - } - - node->rhandle = rhandle; - return IPC_SUCCESS; -} - -void *tfm_spm_get_rhandle(struct tfm_spm_service_t *service, - psa_handle_t conn_handle) -{ - struct tfm_conn_handle_t *node; - - TFM_ASSERT(service); - /* Get reverse handle value only be allowed for a connected handle */ - TFM_ASSERT(conn_handle != PSA_NULL_HANDLE); - - /* There are many handles for each RoT Service */ - node = tfm_spm_find_conn_handle_node(service, conn_handle); - if (!node) { - tfm_panic(); - } - - return node->rhandle; -} - -/* Partition management functions */ -struct tfm_spm_service_t * -tfm_spm_get_service_by_signal(struct tfm_spm_ipc_partition_t *partition, - psa_signal_t signal) -{ - struct tfm_list_node_t *node, *head; - struct tfm_spm_service_t *service; - - TFM_ASSERT(partition); - - if (tfm_list_is_empty(&partition->service_list)) { - tfm_panic(); - } - - head = &partition->service_list; - TFM_LIST_FOR_EACH(node, head) { - service = TFM_GET_CONTAINER_PTR(node, struct tfm_spm_service_t, list); - if (service->service_db->signal == signal) { - return service; - } - } - return NULL; -} - -struct tfm_spm_service_t *tfm_spm_get_service_by_sid(uint32_t sid) -{ - uint32_t i; - struct tfm_list_node_t *node, *head; - struct tfm_spm_service_t *service; - - for (i = 0; i < SPM_MAX_PARTITIONS; i++) { - /* Skip partition without IPC flag */ - if ((tfm_spm_partition_get_flags(g_spm_ipc_partition[i].index) & - SPM_PART_FLAG_IPC) == 0) { - continue; - } - - if (tfm_list_is_empty(&g_spm_ipc_partition[i].service_list)) { - continue; - } - - head = &g_spm_ipc_partition[i].service_list; - TFM_LIST_FOR_EACH(node, head) { - service = TFM_GET_CONTAINER_PTR(node, struct tfm_spm_service_t, - list); - if (service->service_db->sid == sid) { - return service; - } - } - } - return NULL; -} - -struct tfm_spm_service_t * - tfm_spm_get_service_by_handle(psa_handle_t conn_handle) -{ - uint32_t i; - struct tfm_conn_handle_t *handle; - struct tfm_list_node_t *service_node, *service_head; - struct tfm_list_node_t *handle_node, *handle_head; - struct tfm_spm_service_t *service; - - for (i = 0; i < SPM_MAX_PARTITIONS; i++) { - /* Skip partition without IPC flag */ - if ((tfm_spm_partition_get_flags(g_spm_ipc_partition[i].index) & - SPM_PART_FLAG_IPC) == 0) { - continue; - } - - if (tfm_list_is_empty(&g_spm_ipc_partition[i].service_list)) { - continue; - } - - service_head = &g_spm_ipc_partition[i].service_list; - TFM_LIST_FOR_EACH(service_node, service_head) { - service = TFM_GET_CONTAINER_PTR(service_node, - struct tfm_spm_service_t, list); - handle_head = &service->handle_list; - TFM_LIST_FOR_EACH(handle_node, handle_head) { - handle = TFM_GET_CONTAINER_PTR(handle_node, - struct tfm_conn_handle_t, list); - if (handle->handle == conn_handle) { - return service; - } - } - } - } - return NULL; -} - -struct tfm_spm_ipc_partition_t * - tfm_spm_get_partition_by_id(int32_t partition_id) -{ - uint32_t i; - - for (i = 0; i < SPM_MAX_PARTITIONS; i++) { - if (g_spm_ipc_partition[i].id == partition_id) { - return &g_spm_ipc_partition[i]; - } - } - return NULL; -} - -struct tfm_spm_ipc_partition_t *tfm_spm_get_running_partition(void) -{ - uint32_t spid; - - spid = tfm_spm_partition_get_running_partition_id_ext(); - - return tfm_spm_get_partition_by_id(spid); -} - -int32_t tfm_spm_check_client_version(struct tfm_spm_service_t *service, - uint32_t minor_version) -{ - TFM_ASSERT(service); - - switch (service->service_db->minor_policy) { - case TFM_VERSION_POLICY_RELAXED: - if (minor_version > service->service_db->minor_version) { - return IPC_ERROR_VERSION; - } - break; - case TFM_VERSION_POLICY_STRICT: - if (minor_version != service->service_db->minor_version) { - return IPC_ERROR_VERSION; - } - break; - default: - return IPC_ERROR_VERSION; - } - return IPC_SUCCESS; -} - -/* Message functions */ -struct tfm_msg_body_t *tfm_spm_get_msg_from_handle(psa_handle_t msg_handle) -{ - /* - * There may be one error handle passed by the caller in two conditions: - * 1. Not a valid message handle. - * 2. Handle between different Partitions. Partition A passes one handle - * belong to other Partitions and tries to access other's data. - * So, need do necessary checking to prevent those conditions. - */ - struct tfm_msg_body_t *msg; - uint32_t partition_id; - - msg = (struct tfm_msg_body_t *)msg_handle; - if (!msg) { - return NULL; - } - - /* - * FixMe: For condition 1: using a magic number to define it's a message. - * It needs to be an enhancement to check the handle belong to service. - */ - if (msg->magic != TFM_MSG_MAGIC) { - return NULL; - } - - /* For condition 2: check if the partition ID is same */ - partition_id = tfm_spm_partition_get_running_partition_id_ext(); - if (partition_id != msg->service->partition->id) { - return NULL; - } - - return msg; -} - -struct tfm_msg_body_t *tfm_spm_create_msg(struct tfm_spm_service_t *service, - psa_handle_t handle, - uint32_t type, int32_t ns_caller, - psa_invec *invec, size_t in_len, - psa_outvec *outvec, size_t out_len, - psa_outvec *caller_outvec) -{ - struct tfm_msg_body_t *msg = NULL; - uint32_t i; - - TFM_ASSERT(service); - TFM_ASSERT(!(invec == NULL && in_len != 0)); - TFM_ASSERT(!(outvec == NULL && out_len != 0)); - TFM_ASSERT(in_len <= PSA_MAX_IOVEC); - TFM_ASSERT(out_len <= PSA_MAX_IOVEC); - TFM_ASSERT(in_len + out_len <= PSA_MAX_IOVEC); - - /* Get message buffer from message pool */ - msg = (struct tfm_msg_body_t *)tfm_pool_alloc(msg_db_pool); - if (!msg) { - return NULL; - } - - /* Clear message buffer before using it */ - tfm_memset(msg, 0, sizeof(struct tfm_msg_body_t)); - - tfm_event_init(&msg->ack_evnt); - msg->magic = TFM_MSG_MAGIC; - msg->service = service; - msg->handle = handle; - msg->caller_outvec = caller_outvec; - /* Get current partition id */ - if (ns_caller) { - msg->msg.client_id = tfm_nspm_get_current_client_id(); - } else { - msg->msg.client_id = tfm_spm_partition_get_running_partition_id_ext(); - } - - /* Copy contents */ - msg->msg.type = type; - - for (i = 0; i < in_len; i++) { - msg->msg.in_size[i] = invec[i].len; - msg->invec[i].base = invec[i].base; - } - - for (i = 0; i < out_len; i++) { - msg->msg.out_size[i] = outvec[i].len; - msg->outvec[i].base = outvec[i].base; - /* Out len is used to record the writed number, set 0 here again */ - msg->outvec[i].len = 0; - } - - /* Use message address as handle */ - msg->msg.handle = (psa_handle_t)msg; - - /* For connected handle, set rhandle to every message */ - if (handle != PSA_NULL_HANDLE) { - msg->msg.rhandle = tfm_spm_get_rhandle(service, handle); - } - - return msg; -} - -void tfm_spm_free_msg(struct tfm_msg_body_t *msg) -{ - tfm_pool_free(msg); -} - -int32_t tfm_spm_send_event(struct tfm_spm_service_t *service, - struct tfm_msg_body_t *msg) -{ - TFM_ASSERT(service); - TFM_ASSERT(msg); - - /* Enqueue message to service message queue */ - if (tfm_msg_enqueue(&service->msg_queue, msg) != IPC_SUCCESS) { - return IPC_ERROR_GENERIC; - } - - /* Messages put. Update signals */ - service->partition->signals |= service->service_db->signal; - - tfm_event_wake(&service->partition->signal_evnt, - (service->partition->signals & - service->partition->signal_mask)); - - tfm_event_wait(&msg->ack_evnt); - - return IPC_SUCCESS; -} - -/* SPM extend functions */ -uint32_t tfm_spm_partition_get_running_partition_id_ext(void) -{ - struct tfm_thrd_ctx *pth = tfm_thrd_curr_thread(); - struct spm_partition_desc_t *partition; - - partition = TFM_GET_CONTAINER_PTR(pth, struct spm_partition_desc_t, - sp_thrd); - return partition->static_data.partition_id; -} - -static struct tfm_thrd_ctx * -tfm_spm_partition_get_thread_info_ext(uint32_t partition_idx) -{ - return &g_spm_partition_db.partitions[partition_idx].sp_thrd; -} - -static tfm_thrd_func_t - tfm_spm_partition_get_init_func_ext(uint32_t partition_idx) -{ - return (tfm_thrd_func_t)(g_spm_partition_db.partitions[partition_idx]. - static_data.partition_init); -} - -static uint32_t tfm_spm_partition_get_priority_ext(uint32_t partition_idx) -{ - return g_spm_partition_db.partitions[partition_idx].static_data. - partition_priority; -} - -int32_t tfm_memory_check(void *buffer, size_t len, int32_t ns_caller, - enum tfm_memory_access_e access, - uint32_t privileged) -{ - int32_t err; - - /* If len is zero, this indicates an empty buffer and base is ignored */ - if (len == 0) { - return IPC_SUCCESS; - } - - if (!buffer) { - return IPC_ERROR_BAD_PARAMETERS; - } - - if ((uintptr_t)buffer > (UINTPTR_MAX - len)) { - return IPC_ERROR_MEMORY_CHECK; - } - - if (access == TFM_MEMORY_ACCESS_RW) { - err = tfm_core_has_write_access_to_region(buffer, len, ns_caller, - privileged); - } else { - err = tfm_core_has_read_access_to_region(buffer, len, ns_caller, - privileged); - } - if (err == TFM_SUCCESS) { - return IPC_SUCCESS; - } - - return IPC_ERROR_MEMORY_CHECK; -} - -uint32_t tfm_spm_partition_get_privileged_mode(uint32_t partition_idx) -{ - if (tfm_spm_partition_get_flags(partition_idx) & SPM_PART_FLAG_PSA_ROT) { - return TFM_PARTITION_PRIVILEGED_MODE; - } else { - return TFM_PARTITION_UNPRIVILEGED_MODE; - } -} - -/********************** SPM functions for thread mode ************************/ - -void tfm_spm_init(void) -{ - uint32_t i, num; - struct tfm_spm_ipc_partition_t *partition; - struct tfm_spm_service_t *service; - struct tfm_thrd_ctx *pth, this_thrd; - struct spm_partition_desc_t *part; - - tfm_pool_init(conn_handle_pool, - POOL_BUFFER_SIZE(conn_handle_pool), - sizeof(struct tfm_conn_handle_t), - TFM_CONN_HANDLE_MAX_NUM); - tfm_pool_init(spm_service_pool, POOL_BUFFER_SIZE(spm_service_pool), - sizeof(struct tfm_spm_service_t), - TFM_SPM_MAX_ROT_SERV_NUM); - tfm_pool_init(msg_db_pool, POOL_BUFFER_SIZE(msg_db_pool), - sizeof(struct tfm_msg_body_t), - TFM_MSG_QUEUE_MAX_MSG_NUM); - - /* Init partition first for it will be used when init service */ - for (i = 0; i < SPM_MAX_PARTITIONS; i++) { - part = &g_spm_partition_db.partitions[i]; - tfm_spm_hal_configure_default_isolation(part->platform_data); - g_spm_ipc_partition[i].index = i; - if ((tfm_spm_partition_get_flags(i) & SPM_PART_FLAG_IPC) == 0) { - continue; - } - g_spm_ipc_partition[i].id = tfm_spm_partition_get_partition_id(i); - - tfm_event_init(&g_spm_ipc_partition[i].signal_evnt); - tfm_list_init(&g_spm_ipc_partition[i].service_list); - - pth = tfm_spm_partition_get_thread_info_ext(i); - if (!pth) { - tfm_panic(); - } - - tfm_thrd_init(pth, - tfm_spm_partition_get_init_func_ext(i), - NULL, - (uint8_t *)tfm_spm_partition_get_stack_top(i), - (uint8_t *)tfm_spm_partition_get_stack_bottom(i)); - - pth->prior = tfm_spm_partition_get_priority_ext(i); - - /* Kick off */ - if (tfm_thrd_start(pth) != THRD_SUCCESS) { - tfm_panic(); - } - } - - /* Init Service */ - num = sizeof(g_spm_service_db) / sizeof(struct tfm_spm_service_db_t); - for (i = 0; i < num; i++) { - partition = - tfm_spm_get_partition_by_id(g_spm_service_db[i].partition_id); - if (!partition) { - tfm_panic(); - } - service = (struct tfm_spm_service_t *)tfm_pool_alloc(spm_service_pool); - if (!service) { - tfm_panic(); - } - service->service_db = &g_spm_service_db[i]; - service->partition = partition; - tfm_list_init(&service->handle_list); - tfm_list_add_tail(&partition->service_list, &service->list); - } - - /* - * All threads initialized, start the scheduler. - * - * NOTE: - * Here is the booting privileged thread mode, and will never - * return to this place after scheduler is started. The start - * function has to save current runtime context to act as a - * 'current thread' to avoid repeating NULL 'current thread' - * checking while context switching. This saved context is worthy - * of being saved somewhere if there are potential usage purpose. - * Let's save this context in a local variable 'this_thrd' at - * current since there is no usage for it. - * Also set tfm_nspm_thread_entry as pfn for this thread to - * use in detecting NS/S thread scheduling changes. - */ - this_thrd.pfn = (tfm_thrd_func_t)tfm_nspm_thread_entry; - tfm_thrd_start_scheduler(&this_thrd); -} - -MBED_USED void tfm_pendsv_do_schedule(struct tfm_state_context_ext *ctxb) -{ -#if TFM_LVL == 2 - struct spm_partition_desc_t *p_next_partition; - uint32_t is_privileged; -#endif - struct tfm_thrd_ctx *pth_next = tfm_thrd_next_thread(); - struct tfm_thrd_ctx *pth_curr = tfm_thrd_curr_thread(); - - if (pth_curr != pth_next) { -#if TFM_LVL == 2 - p_next_partition = TFM_GET_CONTAINER_PTR(pth_next, - struct spm_partition_desc_t, - sp_thrd); - - if (p_next_partition->static_data.partition_flags & - SPM_PART_FLAG_PSA_ROT) { - is_privileged = TFM_PARTITION_PRIVILEGED_MODE; - } else { - is_privileged = TFM_PARTITION_UNPRIVILEGED_MODE; - } - - tfm_spm_partition_change_privilege(is_privileged); -#endif - /* Increase the secure lock, if we enter secure from non-secure */ - if ((void *)pth_curr->pfn == (void *)tfm_nspm_thread_entry) { - ++tfm_secure_lock; - } - /* Decrease the secure lock, if we return from secure to non-secure */ - if ((void *)pth_next->pfn == (void *)tfm_nspm_thread_entry) { - --tfm_secure_lock; - } - - tfm_thrd_context_switch(ctxb, pth_curr, pth_next); - } -} diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_svcalls.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_svcalls.c deleted file mode 100644 index eefc031..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_svcalls.c +++ /dev/null @@ -1,1026 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -#include -#include -#include -#include -#include "psa_client.h" -#include "psa_service.h" -#include "tfm_svc.h" -#include "tfm_svcalls.h" -#include "tfm_thread.h" -#include "tfm_wait.h" -#include "tfm_utils.h" -#include "tfm_internal_defines.h" -#include "tfm_message_queue.h" -#include "tfm_spm.h" -#include "tfm_api.h" -#include "tfm_secure_api.h" -#include "tfm_memory_utils.h" -#include "spm_api.h" - -#define PSA_TIMEOUT_MASK PSA_BLOCK - -/************************* SVC handler for PSA Client APIs *******************/ - -uint32_t tfm_svcall_psa_framework_version(void) -{ - return PSA_FRAMEWORK_VERSION; -} - -uint32_t tfm_svcall_psa_version(uint32_t *args, int32_t ns_caller) -{ - uint32_t sid; - struct tfm_spm_service_t *service; - - TFM_ASSERT(args != NULL); - sid = (uint32_t)args[0]; - /* - * It should return PSA_VERSION_NONE if the RoT Service is not - * implemented. - */ - service = tfm_spm_get_service_by_sid(sid); - if (!service) { - return PSA_VERSION_NONE; - } - - /* - * It should return PSA_VERSION_NONE if the caller is not authorized - * to access the RoT Service. - */ - if (ns_caller && !service->service_db->non_secure_client) { - return PSA_VERSION_NONE; - } - - return service->service_db->minor_version; -} - -psa_handle_t tfm_svcall_psa_connect(uint32_t *args, int32_t ns_caller) -{ - uint32_t sid; - uint32_t minor_version; - struct tfm_spm_service_t *service; - struct tfm_msg_body_t *msg; - - TFM_ASSERT(args != NULL); - sid = (uint32_t)args[0]; - minor_version = (uint32_t)args[1]; - - /* It is a fatal error if the RoT Service does not exist on the platform */ - service = tfm_spm_get_service_by_sid(sid); - if (!service) { - tfm_panic(); - } - - /* - * It is a fatal error if the caller is not authorized to access the RoT - * Service. - */ - if (ns_caller && !service->service_db->non_secure_client) { - tfm_panic(); - } - - /* - * It is a fatal error if the version of the RoT Service requested is not - * supported on the platform. - */ - if (tfm_spm_check_client_version(service, minor_version) != IPC_SUCCESS) { - tfm_panic(); - } - - /* No input or output needed for connect message */ - msg = tfm_spm_create_msg(service, PSA_NULL_HANDLE, PSA_IPC_CONNECT, - ns_caller, NULL, 0, NULL, 0, NULL); - if (!msg) { - return PSA_NULL_HANDLE; - } - - /* - * Send message and wake up the SP who is waiting on message queue, - * and scheduler triggered - */ - tfm_spm_send_event(service, msg); - - return PSA_NULL_HANDLE; -} - -psa_status_t tfm_svcall_psa_call(uint32_t *args, int32_t ns_caller, uint32_t lr) -{ - psa_handle_t handle; - psa_invec *inptr, invecs[PSA_MAX_IOVEC]; - psa_outvec *outptr, outvecs[PSA_MAX_IOVEC]; - size_t in_num, out_num; - struct tfm_spm_service_t *service; - struct tfm_msg_body_t *msg; - int i; - struct tfm_spm_ipc_partition_t *partition = NULL; - uint32_t privileged; - - TFM_ASSERT(args != NULL); - handle = (psa_handle_t)args[0]; - - partition = tfm_spm_get_running_partition(); - if (!partition) { - tfm_panic(); - } - privileged = tfm_spm_partition_get_privileged_mode(partition->index); - - if (!ns_caller) { - inptr = (psa_invec *)args[1]; - in_num = (size_t)args[2]; - outptr = (psa_outvec *)args[3]; - /* - * 5th parameter is pushed at stack top before SVC, then PE hardware - * stacks the execution context. The size of the context depends on - * various settings: - * - if FP is not used, 5th parameter is at 8th position counting - * from SP; - * - if FP is used and FPCCR_S.TS is 0, 5th parameter is at 26th - * position counting from SP; - * - if FP is used and FPCCR_S.TS is 1, 5th parameter is at 42th - * position counting from SP. - */ - if (lr & EXC_RETURN_FPU_FRAME_BASIC) { - out_num = (size_t)args[8]; -#if defined (__FPU_USED) && (__FPU_USED == 1U) - } else if (FPU->FPCCR & FPU_FPCCR_TS_Msk) { - out_num = (size_t)args[42]; -#endif - } else { - out_num = (size_t)args[26]; - } - } else { - /* - * FixMe: From non-secure caller, vec and len are composed into a new - * struct parameter. Need to extract them. - */ - /* - * Read parameters from the arguments. It is a fatal error if the - * memory reference for buffer is invalid or not readable. - */ - if (tfm_memory_check((void *)args[1], sizeof(uint32_t), - ns_caller, TFM_MEMORY_ACCESS_RO, privileged) != IPC_SUCCESS) { - tfm_panic(); - } - if (tfm_memory_check((void *)args[2], sizeof(uint32_t), - ns_caller, TFM_MEMORY_ACCESS_RO, privileged) != IPC_SUCCESS) { - tfm_panic(); - } - - inptr = (psa_invec *)((psa_invec *)args[1])->base; - in_num = ((psa_invec *)args[1])->len; - outptr = (psa_outvec *)((psa_invec *)args[2])->base; - out_num = ((psa_invec *)args[2])->len; - } - - /* It is a fatal error if in_len + out_len > PSA_MAX_IOVEC. */ - if (in_num + out_num > PSA_MAX_IOVEC) { - tfm_panic(); - } - - /* It is a fatal error if an invalid handle was passed. */ - service = tfm_spm_get_service_by_handle(handle); - if (!service) { - /* FixMe: Need to implement one mechanism to resolve this failure. */ - tfm_panic(); - } - - /* - * Read client invecs from the wrap input vector. It is a fatal error - * if the memory reference for the wrap input vector is invalid or not - * readable. - */ - if (tfm_memory_check((void *)inptr, in_num * sizeof(psa_invec), - ns_caller, TFM_MEMORY_ACCESS_RO, privileged) != IPC_SUCCESS) { - tfm_panic(); - } - /* - * Read client outvecs from the wrap output vector and will update the - * actual length later. It is a fatal error if the memory reference for - * the wrap output vector is invalid or not read-write. - */ - if (tfm_memory_check((void *)outptr, out_num * sizeof(psa_outvec), - ns_caller, TFM_MEMORY_ACCESS_RW, privileged) != IPC_SUCCESS) { - tfm_panic(); - } - - tfm_memset(invecs, 0, sizeof(invecs)); - tfm_memset(outvecs, 0, sizeof(outvecs)); - - /* Copy the address out to avoid TOCTOU attacks. */ - tfm_memcpy(invecs, inptr, in_num * sizeof(psa_invec)); - tfm_memcpy(outvecs, outptr, out_num * sizeof(psa_outvec)); - - /* - * For client input vector, it is a fatal error if the provided payload - * memory reference was invalid or not readable. - */ - for (i = 0; i < in_num; i++) { - if (tfm_memory_check((void *)invecs[i].base, invecs[i].len, - ns_caller, TFM_MEMORY_ACCESS_RO, privileged) != IPC_SUCCESS) { - tfm_panic(); - } - } - /* - * For client output vector, it is a fatal error if the provided payload - * memory reference was invalid or not read-write. - */ - for (i = 0; i < out_num; i++) { - if (tfm_memory_check(outvecs[i].base, outvecs[i].len, - ns_caller, TFM_MEMORY_ACCESS_RW, privileged) != IPC_SUCCESS) { - tfm_panic(); - } - } - - /* - * FixMe: Need to check if the message is unrecognized by the RoT - * Service or incorrectly formatted. - */ - msg = tfm_spm_create_msg(service, handle, PSA_IPC_CALL, ns_caller, invecs, - in_num, outvecs, out_num, outptr); - if (!msg) { - /* FixMe: Need to implement one mechanism to resolve this failure. */ - tfm_panic(); - } - - /* - * Send message and wake up the SP who is waiting on message queue, - * and scheduler triggered - */ - if (tfm_spm_send_event(service, msg) != IPC_SUCCESS) { - /* FixMe: Need to refine failure process here. */ - tfm_panic(); - } - return PSA_SUCCESS; -} - -void tfm_svcall_psa_close(uint32_t *args, int32_t ns_caller) -{ - psa_handle_t handle; - struct tfm_spm_service_t *service; - struct tfm_msg_body_t *msg; - - TFM_ASSERT(args != NULL); - handle = args[0]; - /* It will have no effect if called with the NULL handle */ - if (handle == PSA_NULL_HANDLE) { - return; - } - - /* - * It is a fatal error if an invalid handle was provided that is not the - * null handle.. - */ - service = tfm_spm_get_service_by_handle(handle); - if (!service) { - /* FixMe: Need to implement one mechanism to resolve this failure. */ - tfm_panic(); - } - - /* No input or output needed for close message */ - msg = tfm_spm_create_msg(service, handle, PSA_IPC_DISCONNECT, ns_caller, - NULL, 0, NULL, 0, NULL); - if (!msg) { - /* FixMe: Need to implement one mechanism to resolve this failure. */ - return; - } - - /* - * Send message and wake up the SP who is waiting on message queue, - * and scheduler triggered - */ - tfm_spm_send_event(service, msg); -} - -/*********************** SVC handler for PSA Service APIs ********************/ - -/** - * \brief SVC handler for \ref psa_wait. - * - * \param[in] args Include all input arguments: - * signal_mask, timeout. - * - * \retval >0 At least one signal is asserted. - * \retval 0 No signals are asserted. This is only seen when - * a polling timeout is used. - */ -static psa_signal_t tfm_svcall_psa_wait(uint32_t *args) -{ - psa_signal_t signal_mask; - uint32_t timeout; - struct tfm_spm_ipc_partition_t *partition = NULL; - - TFM_ASSERT(args != NULL); - signal_mask = (psa_signal_t)args[0]; - timeout = args[1]; - - /* - * Timeout[30:0] are reserved for future use. - * SPM must ignore the value of RES. - */ - timeout &= PSA_TIMEOUT_MASK; - - partition = tfm_spm_get_running_partition(); - if (!partition) { - tfm_panic(); - } - - /* - * Expected signals are included in signal wait mask, ignored signals - * should not be set and affect caller thread status. Save this mask for - * further checking while signals are ready to be set. - */ - partition->signal_mask = signal_mask; - - /* - * tfm_event_wait() blocks the caller thread if no signals are available. - * In this case, the return value of this function is temporary set into - * runtime context. After new signal(s) are available, the return value - * is updated with the available signal(s) and blocked thread gets to run. - */ - if (timeout == PSA_BLOCK && (partition->signals & signal_mask) == 0) { - tfm_event_wait(&partition->signal_evnt); - } - - return partition->signals & signal_mask; -} - -/** - * \brief SVC handler for \ref psa_get. - * - * \param[in] args Include all input arguments: signal, msg. - * - * \retval PSA_SUCCESS Success, *msg will contain the delivered - * message. - * \retval PSA_ERR_NOMSG Message could not be delivered. - * \retval "Does not return" The call is invalid because one or more of the - * following are true: - * \arg signal has more than a single bit set. - * \arg signal does not correspond to a RoT Service. - * \arg The RoT Service signal is not currently - * asserted. - * \arg The msg pointer provided is not a valid memory - * reference. - */ -static psa_status_t tfm_svcall_psa_get(uint32_t *args) -{ - psa_signal_t signal; - psa_msg_t *msg = NULL; - struct tfm_spm_service_t *service = NULL; - struct tfm_msg_body_t *tmp_msg = NULL; - struct tfm_spm_ipc_partition_t *partition = NULL; - uint32_t privileged; - - TFM_ASSERT(args != NULL); - signal = (psa_signal_t)args[0]; - msg = (psa_msg_t *)args[1]; - - /* - * Only one message could be retrieved every time for psa_get(). It is a - * fatal error if the input signal has more than a signal bit set. - */ - if (tfm_bitcount(signal) != 1) { - tfm_panic(); - } - - partition = tfm_spm_get_running_partition(); - if (!partition) { - tfm_panic(); - } - privileged = tfm_spm_partition_get_privileged_mode(partition->index); - - /* - * Write the message to the service buffer. It is a fatal error if the - * input msg pointer is not a valid memory reference or not read-write. - */ - if (tfm_memory_check((void *)msg, sizeof(psa_msg_t), - false, TFM_MEMORY_ACCESS_RW, privileged) != IPC_SUCCESS) { - tfm_panic(); - } - - /* - * It is a fatal error if the caller call psa_get() when no message has - * been set. The caller must call this function after a RoT Service signal - * is returned by psa_wait(). - */ - if (partition->signals == 0) { - tfm_panic(); - } - - /* - * It is a fatal error if the RoT Service signal is not currently asserted. - */ - if ((partition->signals & signal) == 0) { - tfm_panic(); - } - - /* - * Get Rot service by signal from partition. It is a fatal error if geting - * failed which mean the input signal is not correspond to a RoT service. - */ - service = tfm_spm_get_service_by_signal(partition, signal); - if (!service) { - tfm_panic(); - } - - tmp_msg = tfm_msg_dequeue(&service->msg_queue); - if (!tmp_msg) { - return PSA_ERR_NOMSG; - } - - tfm_memcpy(msg, &tmp_msg->msg, sizeof(psa_msg_t)); - - /* - * There may be mutiple messages for this RoT Service signal, do not clear - * its mask until no remaining message. - */ - if (tfm_msg_queue_is_empty(&service->msg_queue)) { - partition->signals &= ~signal; - } - - return PSA_SUCCESS; -} - -/** - * \brief SVC handler for \ref psa_set_rhandle. - * - * \param[in] args Include all input arguments: - * msg_handle, rhandle. - * - * \retval void Success, rhandle will be provided with all - * subsequent messages delivered on this - * connection. - * \retval "Does not return" msg_handle is invalid. - */ -static void tfm_svcall_psa_set_rhandle(uint32_t *args) -{ - psa_handle_t msg_handle; - void *rhandle = NULL; - struct tfm_msg_body_t *msg = NULL; - - TFM_ASSERT(args != NULL); - msg_handle = (psa_handle_t)args[0]; - rhandle = (void *)args[1]; - - /* It is a fatal error if message handle is invalid */ - msg = tfm_spm_get_msg_from_handle(msg_handle); - if (!msg) { - tfm_panic(); - } - - /* - * Connection handle is not created while SP is processing PSA_IPC_CONNECT - * message. Store reverse handle temporarily and re-set it after the - * connection created. - */ - if (msg->handle != PSA_NULL_HANDLE) { - tfm_spm_set_rhandle(msg->service, msg->handle, rhandle); - } else { - msg->msg.rhandle = rhandle; - } -} - -/** - * \brief SVC handler for \ref psa_read. - * - * \param[in] args Include all input arguments: - * msg_handle, invec_idx, buffer, num_bytes. - * - * \retval >0 Number of bytes copied. - * \retval 0 There was no remaining data in this input - * vector. - * \retval "Does not return" The call is invalid, one or more of the - * following are true: - * \arg msg_handle is invalid. - * \arg msg_handle does not refer to a - * \ref PSA_IPC_CALL message. - * \arg invec_idx is equal to or greater than - * \ref PSA_MAX_IOVEC. - * \arg the memory reference for buffer is invalid or - * not writable. - */ -static size_t tfm_svcall_psa_read(uint32_t *args) -{ - psa_handle_t msg_handle; - uint32_t invec_idx; - void *buffer = NULL; - size_t num_bytes; - size_t bytes; - struct tfm_msg_body_t *msg = NULL; - uint32_t privileged; - struct tfm_spm_ipc_partition_t *partition = NULL; - - TFM_ASSERT(args != NULL); - msg_handle = (psa_handle_t)args[0]; - invec_idx = args[1]; - buffer = (void *)args[2]; - num_bytes = (size_t)args[3]; - - /* It is a fatal error if message handle is invalid */ - msg = tfm_spm_get_msg_from_handle(msg_handle); - if (!msg) { - tfm_panic(); - } - - partition = msg->service->partition; - privileged = tfm_spm_partition_get_privileged_mode(partition->index); - - /* - * It is a fatal error if message handle does not refer to a PSA_IPC_CALL - * message - */ - if (msg->msg.type != PSA_IPC_CALL) { - tfm_panic(); - } - - /* - * It is a fatal error if invec_idx is equal to or greater than - * PSA_MAX_IOVEC - */ - if (invec_idx >= PSA_MAX_IOVEC) { - tfm_panic(); - } - - /* There was no remaining data in this input vector */ - if (msg->msg.in_size[invec_idx] == 0) { - return 0; - } - - /* - * Copy the client data to the service buffer. It is a fatal error - * if the memory reference for buffer is invalid or not read-write. - */ - if (tfm_memory_check(buffer, num_bytes, false, - TFM_MEMORY_ACCESS_RW, privileged) != IPC_SUCCESS) { - tfm_panic(); - } - - bytes = num_bytes > msg->msg.in_size[invec_idx] ? - msg->msg.in_size[invec_idx] : num_bytes; - - tfm_memcpy(buffer, msg->invec[invec_idx].base, bytes); - - /* There maybe some remaining data */ - msg->invec[invec_idx].base += bytes; - msg->msg.in_size[invec_idx] -= bytes; - - return bytes; -} - -/** - * \brief SVC handler for \ref psa_skip. - * - * \param[in] args Include all input arguments: - * msg_handle, invec_idx, num_bytes. - * - * \retval >0 Number of bytes skipped. - * \retval 0 There was no remaining data in this input - * vector. - * \retval "Does not return" The call is invalid, one or more of the - * following are true: - * \arg msg_handle is invalid. - * \arg msg_handle does not refer to a - * \ref PSA_IPC_CALL message. - * \arg invec_idx is equal to or greater than - * \ref PSA_MAX_IOVEC. - */ -static size_t tfm_svcall_psa_skip(uint32_t *args) -{ - psa_handle_t msg_handle; - uint32_t invec_idx; - size_t num_bytes; - struct tfm_msg_body_t *msg = NULL; - - TFM_ASSERT(args != NULL); - msg_handle = (psa_handle_t)args[0]; - invec_idx = args[1]; - num_bytes = (size_t)args[2]; - - /* It is a fatal error if message handle is invalid */ - msg = tfm_spm_get_msg_from_handle(msg_handle); - if (!msg) { - tfm_panic(); - } - - /* - * It is a fatal error if message handle does not refer to a PSA_IPC_CALL - * message - */ - if (msg->msg.type != PSA_IPC_CALL) { - tfm_panic(); - } - - /* - * It is a fatal error if invec_idx is equal to or greater than - * PSA_MAX_IOVEC - */ - if (invec_idx >= PSA_MAX_IOVEC) { - tfm_panic(); - } - - /* There was no remaining data in this input vector */ - if (msg->msg.in_size[invec_idx] == 0) { - return 0; - } - - /* - * If num_bytes is greater than the remaining size of the input vector then - * the remaining size of the input vector is used. - */ - if (num_bytes > msg->msg.in_size[invec_idx]) { - num_bytes = msg->msg.in_size[invec_idx]; - } - - /* There maybe some remaining data */ - msg->invec[invec_idx].base += num_bytes; - msg->msg.in_size[invec_idx] -= num_bytes; - - return num_bytes; -} - -/** - * \brief SVC handler for \ref psa_write. - * - * \param[in] args Include all input arguments: - * msg_handle, outvec_idx, buffer, num_bytes. - * - * \retval void Success - * \retval "Does not return" The call is invalid, one or more of the - * following are true: - * \arg msg_handle is invalid. - * \arg msg_handle does not refer to a - * \ref PSA_IPC_CALL message. - * \arg outvec_idx is equal to or greater than - * \ref PSA_MAX_IOVEC. - * \arg The memory reference for buffer is invalid. - * \arg The call attempts to write data past the end - * of the client output vector. - */ -static void tfm_svcall_psa_write(uint32_t *args) -{ - psa_handle_t msg_handle; - uint32_t outvec_idx; - void *buffer = NULL; - size_t num_bytes; - struct tfm_msg_body_t *msg = NULL; - uint32_t privileged; - struct tfm_spm_ipc_partition_t *partition = NULL; - - TFM_ASSERT(args != NULL); - msg_handle = (psa_handle_t)args[0]; - outvec_idx = args[1]; - buffer = (void *)args[2]; - num_bytes = (size_t)args[3]; - - /* It is a fatal error if message handle is invalid */ - msg = tfm_spm_get_msg_from_handle(msg_handle); - if (!msg) { - tfm_panic(); - } - - partition = msg->service->partition; - privileged = tfm_spm_partition_get_privileged_mode(partition->index); - - /* - * It is a fatal error if message handle does not refer to a PSA_IPC_CALL - * message - */ - if (msg->msg.type != PSA_IPC_CALL) { - tfm_panic(); - } - - /* - * It is a fatal error if outvec_idx is equal to or greater than - * PSA_MAX_IOVEC - */ - if (outvec_idx >= PSA_MAX_IOVEC) { - tfm_panic(); - } - - /* - * It is a fatal error if the call attempts to write data past the end of - * the client output vector - */ - if (num_bytes > msg->msg.out_size[outvec_idx] - - msg->outvec[outvec_idx].len) { - tfm_panic(); - } - - /* - * Copy the service buffer to client outvecs. It is a fatal error - * if the memory reference for buffer is invalid or not readable. - */ - if (tfm_memory_check(buffer, num_bytes, false, - TFM_MEMORY_ACCESS_RO, privileged) != IPC_SUCCESS) { - tfm_panic(); - } - - tfm_memcpy(msg->outvec[outvec_idx].base + msg->outvec[outvec_idx].len, - buffer, num_bytes); - - /* Update the write number */ - msg->outvec[outvec_idx].len += num_bytes; -} - -static void update_caller_outvec_len(struct tfm_msg_body_t *msg) -{ - int32_t i = 0; - - /* - * FixeMe: abstract these part into dedicated functions to avoid - * accessing thread context in psa layer - */ - TFM_ASSERT(msg->ack_evnt.owner->status == THRD_STAT_BLOCK); - - while (msg->msg.out_size[i] != 0) { - TFM_ASSERT(msg->caller_outvec[i].base == msg->outvec[i].base); - msg->caller_outvec[i].len = msg->outvec[i].len; - i++; - } -} -/** - * \brief SVC handler for \ref psa_reply. - * - * \param[in] args Include all input arguments: - * msg_handle, status. - * - * \retval void Success. - * \retval "Does not return" The call is invalid, one or more of the - * following are true: - * \arg msg_handle is invalid. - * \arg An invalid status code is specified for the - * type of message. - */ -static void tfm_svcall_psa_reply(uint32_t *args) -{ - psa_handle_t msg_handle; - psa_status_t status; - struct tfm_spm_service_t *service = NULL; - struct tfm_msg_body_t *msg = NULL; - psa_handle_t connect_handle; - int32_t ret = PSA_SUCCESS; - - TFM_ASSERT(args != NULL); - msg_handle = (psa_handle_t)args[0]; - status = (psa_status_t)args[1]; - - /* It is a fatal error if message handle is invalid */ - msg = tfm_spm_get_msg_from_handle(msg_handle); - if (!msg) { - tfm_panic(); - } - - /* - * RoT Service information is needed in this function, stored it in message - * body structure. Only two parameters are passed in this function: handle - * and status, so it is useful and simply to do like this. - */ - service = msg->service; - if (!service) { - tfm_panic(); - } - - /* - * Three type of message are passed in this function: CONNECT, CALL, - * DISCONNECT. It needs to process differently for each type. - */ - switch (msg->msg.type) { - case PSA_IPC_CONNECT: - /* - * Reply to PSA_IPC_CONNECT message. Connect handle is created if the - * input status is PSA_SUCCESS. Others return values are based on the - * input status. - */ - if (status == PSA_SUCCESS) { - connect_handle = tfm_spm_create_conn_handle(service); - if (connect_handle == PSA_NULL_HANDLE) { - tfm_panic(); - } - ret = connect_handle; - - /* Set reverse handle after connection created if needed. */ - if (msg->msg.rhandle) { - tfm_spm_set_rhandle(service, connect_handle, msg->msg.rhandle); - } - } else if (status == PSA_CONNECTION_REFUSED) { - ret = PSA_CONNECTION_REFUSED; - } else if (status == PSA_CONNECTION_BUSY) { - ret = PSA_CONNECTION_BUSY; - } else { - tfm_panic(); - } - break; - case PSA_IPC_CALL: - /* Reply to PSA_IPC_CALL message. Return values are based on status */ - if (status == PSA_SUCCESS) { - ret = PSA_SUCCESS; - } else if (status == PSA_DROP_CONNECTION) { - ret = PSA_DROP_CONNECTION; - } else if ((status >= (INT32_MIN + 1)) && - (status <= (INT32_MIN + 127))) { - tfm_panic(); - } else if ((status >= (INT32_MIN + 128)) && (status <= -1)) { - ret = status; - } else if ((status >= 1) && (status <= INT32_MAX)) { - ret = status; - } else { - tfm_panic(); - } - - /* - * The total number of bytes written to a single parameter must be - * reported to the client by updating the len member of the psa_outvec - * structure for the parameter before returning from psa_call(). - */ - update_caller_outvec_len(msg); - break; - case PSA_IPC_DISCONNECT: - /* Service handle is not used anymore */ - tfm_spm_free_conn_handle(service, msg->handle); - - /* - * If the message type is PSA_IPC_DISCONNECT, then the status code is - * ignored - */ - break; - default: - tfm_panic(); - } - - tfm_event_wake(&msg->ack_evnt, ret); - - /* Message should not be unsed anymore */ - tfm_spm_free_msg(msg); -} - -/** - * \brief SVC handler for \ref psa_notify. - * - * \param[in] args Include all input arguments: partition_id. - * - * \retval void Success. - * \retval "Does not return" partition_id does not correspond to a Secure - * Partition. - */ -static void tfm_svcall_psa_notify(uint32_t *args) -{ - int32_t partition_id; - struct tfm_spm_ipc_partition_t *partition = NULL; - - TFM_ASSERT(args != NULL); - partition_id = (int32_t)args[0]; - - /* - * The value of partition_id must be greater than zero as the target of - * notification must be a Secure Partition, providing a Non-secure - * Partition ID is a fatal error. - */ - if (!TFM_CLIENT_ID_IS_S(partition_id)) { - tfm_panic(); - } - - /* - * It is a fatal error if partition_id does not correspond to a Secure - * Partition. - */ - partition = tfm_spm_get_partition_by_id(partition_id); - if (!partition) { - tfm_panic(); - } - - partition->signals |= PSA_DOORBELL; - - /* - * The target partition may be blocked with waiting for signals after - * called psa_wait(). Set the return value with the available signals - * before wake it up with tfm_event_signal(). - */ - tfm_event_wake(&partition->signal_evnt, - partition->signals & partition->signal_mask); -} - -/** - * \brief SVC handler for \ref psa_clear. - * - * \retval void Success. - * \retval "Does not return" The Secure Partition's doorbell signal is not - * currently asserted. - */ -static void tfm_svcall_psa_clear(uint32_t *args) -{ - struct tfm_spm_ipc_partition_t *partition = NULL; - - partition = tfm_spm_get_running_partition(); - if (!partition) { - tfm_panic(); - } - - /* - * It is a fatal error if the Secure Partition's doorbell signal is not - * currently asserted. - */ - if ((partition->signals & PSA_DOORBELL) == 0) { - tfm_panic(); - } - partition->signals &= ~PSA_DOORBELL; -} - -/** - * \brief SVC handler for \ref psa_eoi. - * - * \param[in] args Include all input arguments: irq_signal. - * - * \retval void Success. - * \retval "Does not return" The call is invalid, one or more of the - * following are true: - * \arg irq_signal is not an interrupt signal. - * \arg irq_signal indicates more than one signal. - * \arg irq_signal is not currently asserted. - */ -static void tfm_svcall_psa_eoi(uint32_t *args) -{ - psa_signal_t irq_signal; - struct tfm_spm_ipc_partition_t *partition = NULL; - - TFM_ASSERT(args != NULL); - irq_signal = (psa_signal_t)args[0]; - - partition = tfm_spm_get_running_partition(); - if (!partition) { - tfm_panic(); - } - - /* - * FixMe: It is a fatal error if passed signal is not an interrupt signal. - */ - - /* It is a fatal error if passed signal indicates more than one signals. */ - if (tfm_bitcount(partition->signals) != 1) { - tfm_panic(); - } - - /* It is a fatal error if passed signal is not currently asserted */ - if ((partition->signals & irq_signal) == 0) { - tfm_panic(); - } - - partition->signals &= ~irq_signal; - - /* FixMe: re-enable interrupt */ -} - -int32_t SVC_Handler_IPC(tfm_svc_number_t svc_num, uint32_t *ctx, uint32_t lr) -{ - switch (svc_num) { - case TFM_SVC_SCHEDULE: - tfm_thrd_activate_schedule(); - break; - case TFM_SVC_EXIT_THRD: - tfm_svcall_thrd_exit(); - break; - case TFM_SVC_PSA_FRAMEWORK_VERSION: - return tfm_svcall_psa_framework_version(); - case TFM_SVC_PSA_VERSION: - return tfm_svcall_psa_version(ctx, 0); - case TFM_SVC_PSA_CONNECT: - return tfm_svcall_psa_connect(ctx, 0); - case TFM_SVC_PSA_CALL: - return tfm_svcall_psa_call(ctx, 0, lr); - case TFM_SVC_PSA_CLOSE: - tfm_svcall_psa_close(ctx, 0); - break; - case TFM_SVC_PSA_WAIT: - return tfm_svcall_psa_wait(ctx); - case TFM_SVC_PSA_GET: - return tfm_svcall_psa_get(ctx); - case TFM_SVC_PSA_SET_RHANDLE: - tfm_svcall_psa_set_rhandle(ctx); - break; - case TFM_SVC_PSA_READ: - return tfm_svcall_psa_read(ctx); - case TFM_SVC_PSA_SKIP: - return tfm_svcall_psa_skip(ctx); - case TFM_SVC_PSA_WRITE: - tfm_svcall_psa_write(ctx); - break; - case TFM_SVC_PSA_REPLY: - tfm_svcall_psa_reply(ctx); - break; - case TFM_SVC_PSA_NOTIFY: - tfm_svcall_psa_notify(ctx); - break; - case TFM_SVC_PSA_CLEAR: - tfm_svcall_psa_clear(ctx); - break; - case TFM_SVC_PSA_EOI: - tfm_svcall_psa_eoi(ctx); - break; - default: - break; - } - return PSA_SUCCESS; -} diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_thread.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_thread.c deleted file mode 100644 index 21f2209..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_thread.c +++ /dev/null @@ -1,181 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -#include -#include -#include "tfm_arch_v8m.h" -#include "tfm_thread.h" -#include "tfm_utils.h" -#include "tfm_memory_utils.h" -#include "tfm_svc.h" -#include "spm_api.h" - -/* Force ZERO in case ZI(bss) clear is missing */ -static struct tfm_thrd_ctx *p_thrd_head = NULL; -static struct tfm_thrd_ctx *p_runn_head = NULL; -static struct tfm_thrd_ctx *p_curr_thrd = NULL; - -/* Define Macro to fetch global to support future expansion (PERCPU e.g.) */ -#define LIST_HEAD p_thrd_head -#define RUNN_HEAD p_runn_head -#define CURR_THRD p_curr_thrd - -static struct tfm_thrd_ctx *find_next_running_thread(struct tfm_thrd_ctx *pth) -{ - while (pth && pth->status != THRD_STAT_RUNNING) { - pth = pth->next; - } - - return pth; -} - -/* To get next running thread for scheduler */ -struct tfm_thrd_ctx *tfm_thrd_next_thread(void) -{ - /* - * First RUNNING thread has highest priority since threads are sorted with - * priority. - */ - return find_next_running_thread(RUNN_HEAD); -} - -/* To get current thread for caller */ -struct tfm_thrd_ctx *tfm_thrd_curr_thread() -{ - return CURR_THRD; -} - -/* Insert a new thread into list by descending priority (Highest at head) */ -static void insert_by_prior(struct tfm_thrd_ctx **head, - struct tfm_thrd_ctx *node) -{ - if (*head == NULL || (node->prior <= (*head)->prior)) { - node->next = *head; - *head = node; - } else { - struct tfm_thrd_ctx *iter = *head; - - while (iter->next && (node->prior > iter->next->prior)) { - iter = iter->next; - } - node->next = iter->next; - iter->next = node; - } -} - -/* - * Set first running thread as head to reduce enumerate - * depth while searching for a first running thread. - */ -static void update_running_head(struct tfm_thrd_ctx **runn, - struct tfm_thrd_ctx *node) -{ - if ((node->status == THRD_STAT_RUNNING) && - (*runn == NULL || (node->prior < (*runn)->prior))) { - *runn = node; - } else { - *runn = find_next_running_thread(LIST_HEAD); - } -} - -/* Set context members only. No validation here */ -void tfm_thrd_init(struct tfm_thrd_ctx *pth, - tfm_thrd_func_t pfn, void *param, - uint8_t *sp_base, uint8_t *sp_top) -{ - pth->prior = THRD_PRIOR_MEDIUM; - pth->status = THRD_STAT_CREATING; - pth->pfn = pfn; - pth->param = param; - pth->sp_base = sp_base; - pth->sp_top = sp_top; -} - -uint32_t tfm_thrd_start(struct tfm_thrd_ctx *pth) -{ - /* Validate parameters before really start */ - if ((pth->status != THRD_STAT_CREATING) || - (pth->pfn == NULL) || - (pth->sp_base == NULL) || - (pth->sp_top == NULL)) { - return THRD_ERR_INVALID_PARAM; - } - - /* Thread management runs in handler mode; set context for thread mode. */ - tfm_initialize_context(&pth->state_ctx, - (uint32_t)pth->param, (uint32_t)pth->pfn, - (uint32_t)pth->sp_base, (uint32_t)pth->sp_top); - - /* Insert a new thread with priority */ - insert_by_prior(&LIST_HEAD, pth); - - /* Mark it as RUNNING after insertion */ - tfm_thrd_set_status(pth, THRD_STAT_RUNNING); - - return THRD_SUCCESS; -} - -void tfm_thrd_set_status(struct tfm_thrd_ctx *pth, uint32_t new_status) -{ - TFM_ASSERT(pth != NULL && new_status < THRD_STAT_INVALID); - - pth->status = new_status; - update_running_head(&RUNN_HEAD, pth); -} - -/* Scheduling won't happen immediately but after the exception returns */ -void tfm_thrd_activate_schedule(void) -{ - tfm_trigger_pendsv(); -} - -void tfm_thrd_start_scheduler(struct tfm_thrd_ctx *pth) -{ - /* - * There is no selected thread before scheduler start, assign - * a caller provided thread as current thread. This function - * should get called only ONCE; further calling triggers assert. - */ - TFM_ASSERT(CURR_THRD == NULL); - TFM_ASSERT(pth != NULL); - - CURR_THRD = pth; - tfm_thrd_activate_schedule(); -} - -/* Remove current thread out of the schedulable list */ -void tfm_svcall_thrd_exit(void) -{ - CURR_THRD->status = THRD_STAT_DETACH; - tfm_trigger_pendsv(); -} - -__attribute__((section("SFN"))) -void tfm_thrd_exit(void) -{ - SVC(TFM_SVC_EXIT_THRD); - while (1) { - ; - } -} - -void tfm_thrd_context_switch(struct tfm_state_context_ext *ctxb, - struct tfm_thrd_ctx *prev, - struct tfm_thrd_ctx *next) -{ - TFM_ASSERT(prev != NULL); - TFM_ASSERT(next != NULL); - - /* - * First, update latest context into the current thread context. - * Then, update background context with next thread's context. - */ - tfm_memcpy(&prev->state_ctx.ctxb, ctxb, sizeof(*ctxb)); - tfm_memcpy(ctxb, &next->state_ctx.ctxb, sizeof(next->state_ctx.ctxb)); - - /* Update current thread indicator */ - CURR_THRD = next; -} diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_utils.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_utils.c deleted file mode 100644 index 1586633..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_utils.c +++ /dev/null @@ -1,32 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -#include -#include -#include "tfm_utils.h" - -void tfm_panic(void) -{ - while (1) - ; -} - -int32_t tfm_bitcount(uint32_t n) -{ - int32_t count = 0; - uint8_t tmp; - - while (n) { - tmp = n & 0xFF; - while (tmp) { - count += tmp & 0x1; - tmp >>= 1; - } - n >>= 8; - } - - return count; -} diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_wait.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_wait.c deleted file mode 100644 index 44c801c..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/ipc/tfm_wait.c +++ /dev/null @@ -1,30 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -#include -#include "tfm_thread.h" -#include "tfm_utils.h" -#include "tfm_wait.h" - -void tfm_event_wait(struct tfm_event_t *pevnt) -{ - TFM_ASSERT(pevnt && pevnt->magic == TFM_EVENT_MAGIC); - - pevnt->owner = tfm_thrd_curr_thread(); - tfm_thrd_set_status(pevnt->owner, THRD_STAT_BLOCK); - tfm_thrd_activate_schedule(); -} - -void tfm_event_wake(struct tfm_event_t *pevnt, uint32_t retval) -{ - TFM_ASSERT(pevnt && pevnt->magic == TFM_EVENT_MAGIC); - - if (pevnt->owner && pevnt->owner->status == THRD_STAT_BLOCK) { - tfm_thrd_set_status(pevnt->owner, THRD_STAT_RUNNING); - tfm_thrd_set_retval(pevnt->owner, retval); - tfm_thrd_activate_schedule(); - } -} diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/secure_utilities.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/secure_utilities.h deleted file mode 100644 index 82a4f5a..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/secure_utilities.h +++ /dev/null @@ -1,109 +0,0 @@ -/* - * Copyright (c) 2017-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#ifndef __SECURE_UTILITIES_H__ -#define __SECURE_UTILITIES_H__ - -#include -#include "cmsis_compiler.h" -#include "tfm_svc.h" - -#define EXC_RETURN_INDICATOR (0xF << 28) -#define EXC_RETURN_SECURITY_STACK_STATUS_MASK (0x3 << 5) -#define EXC_RETURN_SECURE_STACK (1 << 6) -#define EXC_RETURN_FPU_FRAME_BASIC (1 << 4) -#define EXC_RETURN_MODE_THREAD (1 << 3) -#define EXC_RETURN_STACK_PROCESS (1 << 2) -#define EXC_RETURN_EXC_SECURE (1) - -#define EXC_NUM_THREAD_MODE (0) -#define EXC_NUM_SVCALL (11) -#define EXC_NUM_PENDSV (14) -#define EXC_NUM_SYSTICK (15) - -#define printf(...) - -/* Disable NS exceptions by setting NS PRIMASK to 1 */ -#define TFM_NS_EXC_DISABLE() __TZ_set_PRIMASK_NS(1) -/* Enable NS exceptions by setting NS PRIMASK to 0 */ -#define TFM_NS_EXC_ENABLE() __TZ_set_PRIMASK_NS(0) - -struct tfm_exc_stack_t { - uint32_t R0; - uint32_t R1; - uint32_t R2; - uint32_t R3; - uint32_t R12; - uint32_t LR; - uint32_t RetAddr; - uint32_t XPSR; -}; - -#ifdef TFM_CORE_DEBUG -#define LOG_MSG_HDLR(MSG) printf("[Sec Handler] %s\r\n", MSG) -#else -/* FixMe: redirect to secure log area */ -#define LOG_MSG_HDLR(MSG) printf("[Sec Handler] %s\r\n", MSG) -#endif - -#define LOG_MSG_THR(MSG) \ - __ASM volatile("MOV r0, %0\n" \ - "SVC %1\n" \ - : : "r" (MSG), "I" (TFM_SVC_PRINT)) - -#define LOG_MSG(MSG) \ - do { \ - if (__get_active_exc_num()) { \ - LOG_MSG_HDLR(MSG); \ - } else { \ - LOG_MSG_THR(MSG); \ - } \ - } while (0) - -#ifdef TFM_CORE_DEBUG -#define ERROR_MSG(MSG) printf("[Sec Error] %s\r\n", MSG) -#else -/* FixMe: redirect to secure log area */ -#define ERROR_MSG(MSG) printf("[Sec Error] %s\r\n", MSG) -#endif - -/** - * \brief Get Link Register - * \details Returns the value of the Link Register (LR) - * \return LR value - */ - -__attribute__ ((always_inline)) __STATIC_INLINE uint32_t __get_LR(void) -{ - register uint32_t result; - - __ASM volatile ("MOV %0, LR\n" : "=r" (result)); - return result; -} - -__attribute__ ((always_inline)) -__STATIC_INLINE uint32_t __get_active_exc_num(void) -{ - IPSR_Type IPSR; - - /* if non-zero, exception is active. NOT banked S/NS */ - IPSR.w = __get_IPSR(); - return IPSR.b.ISR; -} - -__attribute__ ((always_inline)) -__STATIC_INLINE void __set_CONTROL_SPSEL(uint32_t SPSEL) -{ - CONTROL_Type ctrl; - - ctrl.w = __get_CONTROL(); - ctrl.b.SPSEL = SPSEL; - __set_CONTROL(ctrl.w); - __ISB(); -} - -#endif /* __SECURE_UTILITIES_H__ */ diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_boot_data.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_boot_data.c deleted file mode 100644 index 44c38a3..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_boot_data.c +++ /dev/null @@ -1,158 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#include -#include "bl2/include/tfm_boot_status.h" -#include "tfm_memory_utils.h" -#include "tfm_internal.h" -#include "tfm_api.h" -#include "flash_layout.h" -#include "secure_fw/spm/spm_api.h" -#ifdef TFM_PSA_API -#include "tfm_internal_defines.h" -#include "tfm_utils.h" -#include "psa_service.h" -#include "tfm_thread.h" -#include "tfm_wait.h" -#include "tfm_message_queue.h" -#include "tfm_spm.h" -#endif - -/*! - * \def BOOT_DATA_VALID - * - * \brief Indicates that shared data between bootloader and runtime firmware was - * passed the sanity check with success. - */ -#define BOOT_DATA_VALID (1u) - -/*! - * \def BOOT_DATA_INVALID - * - * \brief Indicates that shared data between bootloader and runtime firmware was - * failed on sanity check. - */ -#define BOOT_DATA_INVALID (0u) - -/*! - * \var is_boot_data_valid - * - * \brief Indicates the status of shared data between bootloader and runtime - * firmware - */ -static uint32_t is_boot_data_valid = BOOT_DATA_INVALID; - -void tfm_core_validate_boot_data(void) -{ - struct tfm_boot_data *boot_data; - - boot_data = (struct tfm_boot_data *)BOOT_TFM_SHARED_DATA_BASE; - - /* FixMe: Enhance sanity check of shared memory area, it might be invalid: - * - temporal exposure of RAM to non-secure actors - * - mismatched addresses - * - version mismatch between bootloader and runtime binary - * - etc. - */ - if (boot_data->header.tlv_magic == SHARED_DATA_TLV_INFO_MAGIC) { - is_boot_data_valid = BOOT_DATA_VALID; - } -} - -void tfm_core_get_boot_data_handler(uint32_t args[]) -{ - uint8_t tlv_major = (uint8_t)args[0]; - uint8_t *buf_start = (uint8_t *)args[1]; - uint16_t buf_size = (uint16_t)args[2]; - uint8_t *ptr; - struct tfm_boot_data *boot_data; - struct shared_data_tlv_entry tlv_entry; - uintptr_t tlv_end, offset; -#ifndef TFM_PSA_API - uint32_t running_partition_idx = - tfm_spm_partition_get_running_partition_idx(); - uint32_t res; -#else - struct tfm_spm_ipc_partition_t *partition = NULL; - uint32_t privileged; -#endif - -#ifndef TFM_PSA_API - /* Make sure that the output pointer points to a memory area that is owned - * by the partition - */ - res = tfm_core_check_buffer_access(running_partition_idx, - (void *)buf_start, - buf_size, - 2); /* Check 4 bytes alignment */ - if (!res) { - /* Not in accessible range, return error */ - args[0] = TFM_ERROR_INVALID_PARAMETER; - return; - } -#else - partition = tfm_spm_get_running_partition(); - if (!partition) { - tfm_panic(); - } - privileged = tfm_spm_partition_get_privileged_mode(partition->index); - - if (tfm_memory_check(buf_start, buf_size, false, TFM_MEMORY_ACCESS_RW, - privileged) != IPC_SUCCESS) { - /* Not in accessible range, return error */ - args[0] = TFM_ERROR_INVALID_PARAMETER; - return; - } -#endif - - /* FixMe: Check whether caller has access right to given tlv_major_type */ - - if (is_boot_data_valid != BOOT_DATA_VALID) { - args[0] = TFM_ERROR_INVALID_PARAMETER; - return; - } - - /* Get the boundaries of TLV section */ - boot_data = (struct tfm_boot_data *)BOOT_TFM_SHARED_DATA_BASE; - tlv_end = BOOT_TFM_SHARED_DATA_BASE + boot_data->header.tlv_tot_len; - offset = BOOT_TFM_SHARED_DATA_BASE + SHARED_DATA_HEADER_SIZE; - - /* Add header to output buffer as well */ - if (buf_size < SHARED_DATA_HEADER_SIZE) { - args[0] = TFM_ERROR_INVALID_PARAMETER; - return; - } else { - boot_data = (struct tfm_boot_data *)buf_start; - boot_data->header.tlv_magic = SHARED_DATA_TLV_INFO_MAGIC; - boot_data->header.tlv_tot_len = SHARED_DATA_HEADER_SIZE; - ptr = boot_data->data; - } - - /* Iterates over the TLV section and copy TLVs with requested major - * type to the provided buffer. - */ - for (; offset < tlv_end; offset += tlv_entry.tlv_len) { - /* Create local copy to avoid unaligned access */ - tfm_memcpy(&tlv_entry, - (const void *)offset, - SHARED_DATA_ENTRY_HEADER_SIZE); - if (GET_MAJOR(tlv_entry.tlv_type) == tlv_major) { - /* Check buffer overflow */ - if (((ptr - buf_start) + tlv_entry.tlv_len) > buf_size) { - args[0] = TFM_ERROR_INVALID_PARAMETER; - return; - } - - tfm_memcpy(ptr, (const void *)offset, tlv_entry.tlv_len); - - ptr += tlv_entry.tlv_len; - boot_data->header.tlv_tot_len += tlv_entry.tlv_len; - } - } - args[0] = TFM_SUCCESS; - return; -} diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_core.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_core.c deleted file mode 100644 index 5a83091..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_core.c +++ /dev/null @@ -1,234 +0,0 @@ -/* - * Copyright (c) 2017-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#include -#include "region_defs.h" -#include "tfm_core.h" -#include "tfm_internal.h" -#include "tfm_api.h" -#include "platform/include/tfm_spm_hal.h" -#include "secure_utilities.h" -#include "secure_fw/spm/spm_api.h" -#include "secure_fw/include/tfm_spm_services_api.h" -#ifdef TFM_PSA_API -#include "psa_client.h" -#include "psa_service.h" -#include "tfm_thread.h" -#include "tfm_wait.h" -#include "tfm_message_queue.h" -#include "tfm_spm.h" -#endif - -/* - * Avoids the semihosting issue - * FixMe: describe 'semihosting issue' - */ -#if defined(__ARMCC_VERSION) -__asm(" .global __ARM_use_no_argv\n"); -#endif - -#if defined ( __GNUC__ ) -/* The macro cmse_nsfptr_create defined in the gcc library uses the non-standard - * gcc C lanuage extension 'typeof'. TF-M is built with '-std=c99' so typeof - * cannot be used in the code. As a workaround cmse_nsfptr_create is redefined - * here to use only standard language elements. */ -#undef cmse_nsfptr_create -#define cmse_nsfptr_create(p) ((intptr_t) (p) & ~1) -#endif - -#ifndef TFM_LVL -#error TFM_LVL is not defined! -#endif -#if (TFM_LVL != 1) && (TFM_LVL != 2) && (TFM_LVL != 3) -#error Only TFM_LVL 1, 2 and 3 are supported! -#endif - -#ifndef TFM_PSA_API -/* Macros to pick linker symbols and allow to form the partition data base */ -#define REGION(a, b, c) a##b##c -#define REGION_NAME(a, b, c) REGION(a, b, c) -#define REGION_DECLARE(a, b, c) extern uint32_t REGION_NAME(a, b, c) - -REGION_DECLARE(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Base); -REGION_DECLARE(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Limit); -#endif - -void configure_ns_code(void) -{ - /* SCB_NS.VTOR points to the Non-secure vector table base address */ - SCB_NS->VTOR = tfm_spm_hal_get_ns_VTOR(); - - /* Setups Main stack pointer of the non-secure code */ - uint32_t ns_msp = tfm_spm_hal_get_ns_MSP(); - - __TZ_set_MSP_NS(ns_msp); - - /* Get the address of non-secure code entry point to jump there */ - uint32_t entry_ptr = tfm_spm_hal_get_ns_entry_point(); - - /* Clears LSB of the function address to indicate the function-call - * will perform the switch from secure to non-secure - */ - ns_entry = (nsfptr_t) cmse_nsfptr_create(entry_ptr); -} - -int32_t tfm_core_init(void) -{ - /* Enables fault handlers */ - enable_fault_handlers(); - - /* Configures the system reset request properties */ - system_reset_cfg(); - - /* Configures debug authentication */ - tfm_spm_hal_init_debug(); - - __enable_irq(); - - LOG_MSG("Secure image initializing!"); - -#ifdef TFM_CORE_DEBUG - printf("TFM level is: %d\r\n", TFM_LVL); -#endif - - tfm_core_validate_boot_data(); - - tfm_spm_hal_init_isolation_hw(); - - configure_ns_code(); - - /* Configures all interrupts to retarget NS state, except for - * secure peripherals - */ - nvic_interrupt_target_state_cfg(); - /* Enable secure peripherals interrupts */ - nvic_interrupt_enable(); - -#ifdef TFM_PSA_API - /* FixMe: In case of IPC messaging, scratch area must not be referenced - * These variables should be removed when all obsolete references are - * removed from the codebase - */ - tfm_scratch_area = NULL; - tfm_scratch_area_size = 0; -#else - tfm_scratch_area = - (uint8_t *)®ION_NAME(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Base); - tfm_scratch_area_size = - (uint32_t)®ION_NAME(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Limit) - - (uint32_t)®ION_NAME(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Base); -#endif - return 0; -} - -static int32_t tfm_core_set_secure_exception_priorities(void) -{ - uint32_t VECTKEY; - SCB_Type *scb = SCB; - uint32_t AIRCR; - - /* Set PRIS flag is AIRCR */ - AIRCR = scb->AIRCR; - VECTKEY = (~AIRCR & SCB_AIRCR_VECTKEYSTAT_Msk); - scb->AIRCR = SCB_AIRCR_PRIS_Msk | - VECTKEY | - (AIRCR & ~SCB_AIRCR_VECTKEY_Msk); - - /* FixMe: Explicitly set secure fault and Secure SVC priority to highest */ - - /* - * Set secure PendSV priority to the lowest in SECURE state. - * - * IMPORTANT NOTE: - * - * Although the priority of the secure PendSV must be the lowest possible - * among other interrupts in the Secure state, it must be ensured that - * PendSV is not preempted nor masked by Non-Secure interrupts to ensure - * the integrity of the Secure operation. - * When AIRCR.PRIS is set, the Non-Secure execution can act on - * FAULTMASK_NS, PRIMASK_NS or BASEPRI_NS register to boost its priority - * number up to the value 0x80. - * For this reason, set the priority of the PendSV interrupt to the next - * priority level configurable on the platform, just below 0x80. - */ - NVIC_SetPriority(PendSV_IRQn, (1 << (__NVIC_PRIO_BITS - 1)) - 1); - - return TFM_SUCCESS; -} - -void tfm_core_spm_request_handler(const struct tfm_exc_stack_t *svc_ctx) -{ - uint32_t *res_ptr = (uint32_t *)&svc_ctx->R0; - - /* FixMe: check if caller partition is permitted to make an SPM request */ - - switch (svc_ctx->R0) { - case TFM_SPM_REQUEST_RESET_VOTE: - /* FixMe: this is a placeholder for checks to be performed before - * allowing execution of reset - */ - *res_ptr = TFM_SUCCESS; - break; - default: - *res_ptr = TFM_ERROR_INVALID_PARAMETER; - } -} - -int main(void) -{ - if (tfm_core_init() != 0) { - /* Placeholder for error handling, currently ignored. */ - } - - if (tfm_spm_db_init() != SPM_ERR_OK) { - /* Placeholder for error handling, currently ignored. */ - } - - tfm_spm_hal_setup_isolation_hw(); - -#ifndef TFM_PSA_API - tfm_spm_partition_set_state(TFM_SP_CORE_ID, SPM_PARTITION_STATE_RUNNING); - - extern uint32_t Image$$ARM_LIB_STACK$$ZI$$Base[]; - uint32_t psp_stack_bottom = (uint32_t)Image$$ARM_LIB_STACK$$ZI$$Base; - - __set_PSPLIM(psp_stack_bottom); - - if (tfm_spm_partition_init() != SPM_ERR_OK) { - /* Certain systems might refuse to boot altogether if partitions fail - * to initialize. This is a placeholder for such an error handler - */ - } - - /* - * Prioritise secure exceptions to avoid NS being able to pre-empt - * secure SVC or SecureFault. Do it before PSA API initialization. - */ - tfm_core_set_secure_exception_priorities(); - - /* We close the TFM_SP_CORE_ID partition, because its only purpose is - * to be able to pass the state checks for the tests started from secure. - */ - tfm_spm_partition_set_state(TFM_SP_CORE_ID, SPM_PARTITION_STATE_CLOSED); - tfm_spm_partition_set_state(TFM_SP_NON_SECURE_ID, - SPM_PARTITION_STATE_RUNNING); - -#ifdef TFM_CORE_DEBUG - /* Jumps to non-secure code */ - LOG_MSG("Jumping to non-secure code..."); -#endif - - jump_to_ns_code(); -#else - /* - * Prioritise secure exceptions to avoid NS being able to pre-empt - * secure SVC or SecureFault. Do it before PSA API initialization. - */ - tfm_core_set_secure_exception_priorities(); - tfm_spm_init(); -#endif -} diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_core.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_core.h deleted file mode 100644 index 94470d0..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_core.h +++ /dev/null @@ -1,18 +0,0 @@ -/* - * Copyright (c) 2017-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#ifndef __TFM_CORE_H__ -#define __TFM_CORE_H__ - -#include -#include "tfm_svc.h" -#include "secure_utilities.h" - -extern uint32_t tfm_scratch_area_size; -extern uint8_t *tfm_scratch_area; - -#endif /* __TFM_CORE_H__ */ diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_handler.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_handler.c deleted file mode 100644 index 79caca2..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_handler.c +++ /dev/null @@ -1,225 +0,0 @@ -/* - * Copyright (c) 2017-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#include -#include - -#include "secure_utilities.h" -#include "tfm_svc.h" -#include "tfm_secure_api.h" -#include "region_defs.h" -#include "tfm_api.h" -#include "tfm_internal.h" -#include "tfm_memory_utils.h" -#ifdef TFM_PSA_API -#include -#include "tfm_svcalls.h" -#endif -#include "platform/mbed_toolchain.h" - -/* This SVC handler is called when a secure partition requests access to a - * buffer area - */ -extern int32_t tfm_core_set_buffer_area_handler(const uint32_t args[]); -#ifdef TFM_PSA_API -extern void tfm_psa_ipc_request_handler(const uint32_t svc_args[]); -#endif - -struct tfm_fault_context_s { - uint32_t R0; - uint32_t R1; - uint32_t R2; - uint32_t R3; - uint32_t R12; - uint32_t LR; - uint32_t ReturnAddress; - uint32_t RETPSR; -} tfm_fault_context; - -#if defined(__ARM_ARCH_8M_MAIN__) -/** - * \brief Overwrites default Secure fault handler. - */ -void SecureFault_Handler(void) -{ - /* figure out context from which we landed in fault handler */ - uint32_t lr = __get_LR(); - uint32_t sp; - - if (lr & EXC_RETURN_SECURE_STACK) { - if (lr & EXC_RETURN_STACK_PROCESS) { - sp = __get_PSP(); - } else { - sp = __get_MSP(); - } - } else { - if (lr & EXC_RETURN_STACK_PROCESS) { - sp = __TZ_get_PSP_NS(); - } else { - sp = __TZ_get_MSP_NS(); - } - } - - /* Only save the context if sp is valid */ - if ((sp >= S_DATA_START && - sp <= (S_DATA_LIMIT - sizeof(tfm_fault_context)) + 1) || - (sp >= NS_DATA_START && - sp <= (NS_DATA_LIMIT - sizeof(tfm_fault_context)) + 1)) { - tfm_memcpy(&tfm_fault_context, - (const void *)sp, - sizeof(tfm_fault_context)); - } - - LOG_MSG("Oops... Secure fault!!! You're not going anywhere!"); - while (1) { - ; - } -} -#elif defined(__ARM_ARCH_8M_BASE__) -/** - * \brief Overwrites default Hard fault handler. - * - * In case of a baseline implementation fault conditions that would generate a - * SecureFault in a mainline implementation instead generate a Secure HardFault. - */ -void HardFault_Handler(void) -{ - /* In a baseline implementation there is no way, to find out whether this is - * a hard fault triggered directly, or another fault that has been - * escalated. - */ - while (1) { - ; - } -} -#else -#error "Unsupported ARM Architecture." -#endif - -#if defined(__ARM_ARCH_8M_MAIN__) -__attribute__((naked)) void SVC_Handler(void) -{ - __ASM volatile( - "TST lr, #4\n" /* Check store SP in thread mode to r0 */ - "IT EQ\n" - "BXEQ lr\n" - "MRS r0, PSP\n" - "MOV r1, lr\n" - "BL SVCHandler_main\n" - "BX r0\n" - ); -} -#elif defined(__ARM_ARCH_8M_BASE__) -__attribute__((naked)) void SVC_Handler(void) -{ - __ASM volatile( - ".syntax unified\n" - "MOVS r0, #4\n" /* Check store SP in thread mode to r0 */ - "MOV r1, lr\n" - "TST r0, r1\n" - "BEQ handler\n" - "MRS r0, PSP\n" /* Coming from thread mode */ - "B sp_stored\n" - "handler:\n" - "BX lr\n" /* Coming from handler mode */ - "sp_stored:\n" - "MOV r1, lr\n" - "BL SVCHandler_main\n" - "BX r0\n" - ); -} -#else -#error "Unsupported ARM Architecture." -#endif - -MBED_USED uint32_t SVCHandler_main(uint32_t *svc_args, uint32_t lr) -{ - uint8_t svc_number; - /* - * Stack contains: - * r0, r1, r2, r3, r12, r14 (lr), the return address and xPSR - * First argument (r0) is svc_args[0] - */ - if (lr & EXC_RETURN_SECURE_STACK) { - /* SV called directly from secure context. Check instruction for - * svc_number - */ - svc_number = ((uint8_t *)svc_args[6])[-2]; - } else { - /* Secure SV executing with NS return. - * NS cannot directly trigger S SVC so this should not happen - * FixMe: check for security implications - */ - return lr; - } - switch (svc_number) { -#ifdef TFM_PSA_API - case TFM_SVC_IPC_REQUEST: - tfm_psa_ipc_request_handler(svc_args); - break; - case TFM_SVC_SCHEDULE: - case TFM_SVC_EXIT_THRD: - case TFM_SVC_PSA_FRAMEWORK_VERSION: - case TFM_SVC_PSA_VERSION: - case TFM_SVC_PSA_CONNECT: - case TFM_SVC_PSA_CALL: - case TFM_SVC_PSA_CLOSE: - case TFM_SVC_PSA_WAIT: - case TFM_SVC_PSA_GET: - case TFM_SVC_PSA_SET_RHANDLE: - case TFM_SVC_PSA_READ: - case TFM_SVC_PSA_SKIP: - case TFM_SVC_PSA_WRITE: - case TFM_SVC_PSA_REPLY: - case TFM_SVC_PSA_NOTIFY: - case TFM_SVC_PSA_CLEAR: - case TFM_SVC_PSA_EOI: - svc_args[0] = SVC_Handler_IPC(svc_number, svc_args, lr); - break; -#else - case TFM_SVC_SFN_REQUEST: - lr = tfm_core_partition_request_svc_handler(svc_args, lr); - break; - case TFM_SVC_SFN_RETURN: - lr = tfm_core_partition_return_handler(lr); - break; - case TFM_SVC_VALIDATE_SECURE_CALLER: - tfm_core_validate_secure_caller_handler(svc_args); - break; - case TFM_SVC_GET_CALLER_CLIENT_ID: - tfm_core_get_caller_client_id_handler(svc_args); - break; - case TFM_SVC_SPM_REQUEST: - tfm_core_spm_request_handler((struct tfm_exc_stack_t *)svc_args); - break; - case TFM_SVC_MEMORY_CHECK: - tfm_core_memory_permission_check_handler(svc_args); - break; - case TFM_SVC_SET_SHARE_AREA: - tfm_core_set_buffer_area_handler(svc_args); - break; -#endif - case TFM_SVC_PRINT: - printf("\e[1;34m[Sec Thread] %s\e[0m\r\n", (char *)svc_args[0]); - break; - case TFM_SVC_GET_BOOT_DATA: - tfm_core_get_boot_data_handler(svc_args); - break; - default: - LOG_MSG("Unknown SVC number requested!"); - break; - } - - return lr; -} - -void tfm_access_violation_handler(void) -{ - while (1) { - ; - } -} diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_internal.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_internal.h deleted file mode 100644 index 6273478..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_internal.h +++ /dev/null @@ -1,100 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#include "secure_utilities.h" - -#ifndef __TFM_INTERNAL_H__ -#define __TFM_INTERNAL_H__ - -/* - * This function pointer is meant to only hold non secure function pointers. - * It will be turned into a non-secure one (LSB cleared) before being called - * whatever happens anyway (unless cast to another function pointer type). - * Registers will be cleared before branching so that no information leaks - * from secure to non-secure world. - */ -typedef void __attribute__((cmse_nonsecure_call)) (*nsfptr_t) (void); - -extern nsfptr_t ns_entry; - -/** - * \brief Signal that secure partition initialisation is finished - */ -void tfm_secure_api_init_done(void); - -/** - * \brief Jumps to non-secure code. - */ -void jump_to_ns_code(void); - -/** - * \brief Called if veneer is running in thread mode - */ -uint32_t tfm_core_partition_request_svc_handler( - const uint32_t *svc_args, uint32_t lr); - -/** - * \brief Called when secure service returns - */ -uint32_t tfm_core_partition_return_handler(uint32_t lr); - -/** - * \brief Called by secure service to check if client is secure - */ -void tfm_core_validate_secure_caller_handler(const uint32_t svc_args[]); - -/** - * \brief Stores caller's client id in state context - */ -void tfm_core_get_caller_client_id_handler(const uint32_t svc_args[]); - -/** - * \brief Checks if a secure service's access to a memory location is permitted - */ -void tfm_core_memory_permission_check_handler(const uint32_t svc_args[]); - -/** - * \brief Handle an SPM request by a secure service - */ -void tfm_core_spm_request_handler(const struct tfm_exc_stack_t *svc_ctx); - -/** - * \brief Check whether a buffer is ok for writing to by the privileged API - * function. - * - * This function checks whether the caller partition owns the buffer, can write - * to it, and the buffer has proper alignment. - * - * \param[in] partition_idx Partition index - * \param[in] start_addr The start address of the buffer - * \param[in] len The length of the buffer - * \param[in] alignment The expected alignment (in bits) - * - * \return 1 if the check passes, 0 otherwise. - * - * \note For a 0 long buffer the check fails. - */ -int32_t tfm_core_check_buffer_access(uint32_t partition_idx, - void *start_addr, - size_t len, - uint32_t alignment); - -/** - * \brief Retrieve secure partition related data from shared memory area, which - * stores shared data between bootloader and runtime firmware. - * - * \param[in] args Pointer to stack frame, which carries input parameters. - */ -void tfm_core_get_boot_data_handler(uint32_t args[]); - -/** - * \brief Validate the content of shared memory area, which stores the shared - * data between bootloader and runtime firmware. - */ -void tfm_core_validate_boot_data(void); - -#endif /* __TFM_INTERNAL_H__ */ diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_memory_utils.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_memory_utils.h deleted file mode 100644 index 150e3cc..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_memory_utils.h +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright (c) 2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#ifndef __TFM_MEMORY_UTILS_H__ -#define __TFM_MEMORY_UTILS_H__ - -#include -#include "cmsis_compiler.h" - -#ifdef __cplusplus -extern "C" { -#endif - -/* FIXME: The following functions are wrappers around standard C library - * functions: memcpy, memcmp, memset - * In long term standard C library might be removed from TF-M project or - * replaced with a secure implementation due to security concerns. - */ -__attribute__ ((always_inline)) __STATIC_INLINE -void *tfm_memcpy(void *dest, const void *src, size_t num) -{ - return (memcpy(dest, src, num)); -} - -__attribute__ ((always_inline)) __STATIC_INLINE -int tfm_memcmp(const void *ptr1, const void *ptr2, size_t num) -{ - return (memcmp(ptr1, ptr2, num)); -} - -__attribute__ ((always_inline)) __STATIC_INLINE -void *tfm_memset(void *ptr, int value, size_t num) -{ - return (memset(ptr, value, num)); -} - -#ifdef __cplusplus -} -#endif - -#endif /* __TFM_MEMORY_UTILS_H__ */ diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_nspm.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_nspm.c deleted file mode 100644 index 0277265..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_nspm.c +++ /dev/null @@ -1,324 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#include -#include -#include "secure_utilities.h" -#include "tfm_api.h" -#ifdef TFM_PSA_API -#include "tfm_utils.h" -#include "tfm_internal.h" -#endif - -#ifndef TFM_MAX_NS_THREAD_COUNT -#define TFM_MAX_NS_THREAD_COUNT 8 -#endif -#define INVALID_CLIENT_ID 0 - -#define DEFAULT_NS_CLIENT_ID ((int32_t)-1) - -#define INVALID_NS_CLIENT_IDX (-1) -#define DEFAULT_NS_CLIENT_IDX 0 - -typedef uint32_t TZ_ModuleId_t; -typedef uint32_t TZ_MemoryId_t; - -static struct ns_client_list_t { - int32_t ns_client_id; - int32_t next_free_index; -} NsClientIdList[TFM_MAX_NS_THREAD_COUNT]; - -static int32_t free_index = 0U; -static int32_t active_ns_client_idx = INVALID_NS_CLIENT_IDX; - -static int get_next_ns_client_id() -{ -#ifdef TFM_NS_CLIENT_IDENTIFICATION - static int32_t next_ns_client_id = DEFAULT_NS_CLIENT_ID; - - if (next_ns_client_id > 0) - { - next_ns_client_id = DEFAULT_NS_CLIENT_ID; - } - return next_ns_client_id--; -#else - return DEFAULT_NS_CLIENT_ID; -#endif -} - -void tfm_nspm_configure_clients(void) -{ - int32_t i; - - /* Default to one NS client */ - free_index = 1; - NsClientIdList[0].ns_client_id = get_next_ns_client_id(); - for (i = 1; i < TFM_MAX_NS_THREAD_COUNT; ++i) { - NsClientIdList[i].ns_client_id = INVALID_CLIENT_ID; - } - active_ns_client_idx = DEFAULT_NS_CLIENT_IDX; -} - -int32_t tfm_nspm_get_current_client_id() -{ - if (active_ns_client_idx == INVALID_NS_CLIENT_IDX) - { - return 0; - } else { - return NsClientIdList[active_ns_client_idx].ns_client_id; - } -} - -/* TF-M implementation of the CMSIS TZ RTOS thread context management API */ - -/// Initialize secure context memory system -/// \return execution status (1: success, 0: error) -/* This veneer is TF-M internal, not a secure service */ -__attribute__((cmse_nonsecure_entry)) -uint32_t TZ_InitContextSystem_S(void) -{ - int32_t i; - - if (__get_active_exc_num() == EXC_NUM_THREAD_MODE) { - /* This veneer should only be called by NS RTOS in handler mode */ - return 0U; - } - - /* NS RTOS supports TZ context management, override defaults */ -#ifdef PRINT_NSPM_DEBUG - LOG_MSG("NS RTOS initialized TZ RTOS context management"); -#endif /* PRINT_NSPM_DEBUG */ - for (i = 1; i < TFM_MAX_NS_THREAD_COUNT; ++i) { - NsClientIdList[i].ns_client_id = INVALID_CLIENT_ID; - NsClientIdList[i].next_free_index = i + 1; - } - - /* Terminate list */ - NsClientIdList[i - 1].next_free_index = INVALID_NS_CLIENT_IDX; - /* Success */ - return 1U; -} - - -/// Allocate context memory for calling secure software modules in TrustZone -/// \param[in] module identifies software modules called from non-secure mode -/// \return value != 0 id TrustZone memory slot identifier -/// \return value 0 no memory available or internal error -/* This veneer is TF-M internal, not a secure service */ -__attribute__((cmse_nonsecure_entry)) -TZ_MemoryId_t TZ_AllocModuleContext_S (TZ_ModuleId_t module) -{ - TZ_MemoryId_t tz_id; - (void) module; /* Currently unused */ - - if (__get_active_exc_num() == EXC_NUM_THREAD_MODE) { - /* This veneer should only be called by NS RTOS in handler mode */ - return 0U; - } - - if (free_index < 0) { - /* No more free slots */ - return 0U; - } - - /* TZ_MemoryId_t must be a positive integer */ - tz_id = (TZ_MemoryId_t)free_index + 1; - NsClientIdList[free_index].ns_client_id = get_next_ns_client_id(); -#ifdef PRINT_NSPM_DEBUG - printf("TZ_AllocModuleContext_S called, returning id %d\r\n", - NsClientIdList[free_index].ns_client_id); -#endif /* PRINT_NSPM_DEBUG */ - free_index = NsClientIdList[free_index].next_free_index; - - return tz_id; -} - - -/// Free context memory that was previously allocated with \ref TZ_AllocModuleContext_S -/// \param[in] id TrustZone memory slot identifier -/// \return execution status (1: success, 0: error) -/* This veneer is TF-M internal, not a secure service */ -__attribute__((cmse_nonsecure_entry)) -uint32_t TZ_FreeModuleContext_S (TZ_MemoryId_t id) -{ - uint32_t index; - - if (__get_active_exc_num() == EXC_NUM_THREAD_MODE) { - /* This veneer should only be called by NS RTOS in handler mode */ - return 0U; - } - - if ((id == 0U) || (id > TFM_MAX_NS_THREAD_COUNT)) { - /* Invalid TZ_MemoryId_t */ - return 0U; - } - - index = id - 1; - - if (NsClientIdList[index].ns_client_id == INVALID_CLIENT_ID) { - /* Non-existent client */ - return 0U; - } - -#ifdef PRINT_NSPM_DEBUG - printf("TZ_FreeModuleContext_S called for id %d\r\n", - NsClientIdList[index].ns_client_id); -#endif /* PRINT_NSPM_DEBUG */ - if (active_ns_client_idx == index) { -#ifdef PRINT_NSPM_DEBUG - printf("Freeing active NS client, NS inactive\r\n"); -#endif /* PRINT_NSPM_DEBUG */ - active_ns_client_idx = DEFAULT_NS_CLIENT_IDX; - } - NsClientIdList[index].ns_client_id = INVALID_CLIENT_ID; - NsClientIdList[index].next_free_index = free_index; - - free_index = index; - - return 1U; // Success -} - - -/// Load secure context (called on RTOS thread context switch) -/// \param[in] id TrustZone memory slot identifier -/// \return execution status (1: success, 0: error) -/* This veneer is TF-M internal, not a secure service */ -__attribute__((cmse_nonsecure_entry)) -uint32_t TZ_LoadContext_S (TZ_MemoryId_t id) -{ - uint32_t index; - - if (__get_active_exc_num() == EXC_NUM_THREAD_MODE) { - /* This veneer should only be called by NS RTOS in handler mode */ - return 0U; - } - -#ifdef PRINT_NSPM_DEBUG - LOG_MSG("TZ_LoadContext_S called"); -#endif /* PRINT_NSPM_DEBUG */ - if ((id == 0U) || (id > TFM_MAX_NS_THREAD_COUNT)) { - /* Invalid TZ_MemoryId_t */ - return 0U; - } - - index = id - 1; - - if (NsClientIdList[index].ns_client_id == INVALID_CLIENT_ID) { - /* Non-existent client */ - return 0U; - } - - active_ns_client_idx = index; -#ifdef PRINT_NSPM_DEBUG - printf("TZ_LoadContext_S called for id %d\r\n", - NsClientIdList[index].ns_client_id); -#endif /* PRINT_NSPM_DEBUG */ - - return 1U; // Success -} - - -/// Store secure context (called on RTOS thread context switch) -/// \param[in] id TrustZone memory slot identifier -/// \return execution status (1: success, 0: error) -/* This veneer is TF-M internal, not a secure service */ -__attribute__((cmse_nonsecure_entry)) -uint32_t TZ_StoreContext_S (TZ_MemoryId_t id) -{ - uint32_t index; - - if (__get_active_exc_num() == EXC_NUM_THREAD_MODE) { - /* This veneer should only be called by NS RTOS in handler mode */ - return 0U; - } - -#ifdef PRINT_NSPM_DEBUG - LOG_MSG("TZ_StoreContext_S called"); -#endif /* PRINT_NSPM_DEBUG */ - /* id corresponds to context being swapped out on NS side */ - if ((id == 0U) || (id > TFM_MAX_NS_THREAD_COUNT)) { - /* Invalid TZ_MemoryId_t */ - return 0U; - } - - index = id - 1; - - if (NsClientIdList[index].ns_client_id == INVALID_CLIENT_ID) { - /* Non-existent client */ - return 0U; - } - - if (active_ns_client_idx != index) { -#ifdef PRINT_NSPM_DEBUG - printf("TZ_StoreContext_S called for id %d, active id: %d\r\n", - NsClientIdList[index].ns_client_id, - NsClientIdList[active_ns_client_idx].ns_client_id); -#endif /* PRINT_NSPM_DEBUG */ - return 0U; - } - -#ifdef PRINT_NSPM_DEBUG - printf("TZ_StoreContext_S called for id %d\r\n", - NsClientIdList[index].ns_client_id); -#endif /* PRINT_NSPM_DEBUG */ - active_ns_client_idx = DEFAULT_NS_CLIENT_IDX; - - return 1U; // Success -} - -#ifdef TFM_NS_CLIENT_IDENTIFICATION -__attribute__((cmse_nonsecure_entry)) -enum tfm_status_e tfm_register_client_id (int32_t ns_client_id) -{ - int current_client_id; - - if (__get_active_exc_num() == EXC_NUM_THREAD_MODE) { - /* This veneer should only be called by NS RTOS in handler mode */ - return TFM_ERROR_NS_THREAD_MODE_CALL; - } - - if (ns_client_id >= 0) { - /* The client ID is invalid */ - return TFM_ERROR_INVALID_PARAMETER; - } - - if (active_ns_client_idx < 0) { - /* No client is active */ - return TFM_ERROR_GENERIC; - } - - current_client_id = NsClientIdList[active_ns_client_idx].ns_client_id; - if (current_client_id >= 0 ) { - /* The client ID is invalid */ - return TFM_ERROR_INVALID_PARAMETER; - } - - NsClientIdList[active_ns_client_idx].ns_client_id = ns_client_id; -#ifdef PRINT_NSPM_DEBUG - printf("tfm_register_client_id called with id %d\r\n", ns_client_id); -#endif /* PRINT_NSPM_DEBUG */ - - return TFM_SUCCESS; -} -#endif - -#ifdef TFM_PSA_API -__attribute__((section("SFN"))) -psa_status_t tfm_nspm_thread_entry(void) -{ -#ifdef TFM_CORE_DEBUG - /* Jumps to non-secure code */ - LOG_MSG("Jumping to non-secure code..."); -#endif - - jump_to_ns_code(); - - /* Should not run here */ - TFM_ASSERT(false); - return PSA_SUCCESS; -} -#endif diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_nspm.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_nspm.h deleted file mode 100644 index 572c734..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_nspm.h +++ /dev/null @@ -1,37 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#ifndef __TFM_NSPM_H__ -#define __TFM_NSPM_H__ - -#include - -/** - * \brief initialise the NS context database - */ -void tfm_nspm_configure_clients(void); - -/** - * \brief Get the client ID of the current NS client - * - * \return The client id of the current NS client. 0 (invalid client id) is - * returned in case of error. - */ -int32_t tfm_nspm_get_current_client_id(void); - -#ifdef TFM_PSA_API -/** - * \brief NSPM thread main entry function - * - * \return PSA_SUCCESS indicates failed. - * - * Note: This function should not return back. - */ -psa_status_t tfm_nspm_thread_entry(void); -#endif - -#endif /* __TFM_NSPM_H__ */ diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_platform_core_api.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_platform_core_api.h deleted file mode 100644 index 7092e0c..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_platform_core_api.h +++ /dev/null @@ -1,24 +0,0 @@ -/* - * Copyright (c) 2018, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#ifndef __TFM_PLATFORM_CORE_API_H__ -#define __TFM_PLATFORM_CORE_API_H__ - -/** - * \brief Should be called in case of access violation. - * - * There might be platform specific means, by which it is possible on a - * subsystem to detect access violation. For example a platform can have a - * Peripheral Protection Controller, to detect unauthorised accesses to - * peripheral registers. Setting up the protection, and handling the violation - * is implemented in platform specific code. However TF-M should be able to - * decide how to proceed if a violation happens. So to notify TF-M, platform - * code have to call this function, if a violation happens. - */ -void tfm_access_violation_handler(void); - -#endif /* __TFM_PLATFORM_CORE_API_H__ */ diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_secure_api.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_secure_api.c deleted file mode 100644 index 951765a..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_secure_api.c +++ /dev/null @@ -1,176 +0,0 @@ -/* - * Copyright (c) 2017-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#include -#include -#include -#include -#include "tfm_secure_api.h" -#include "tfm_nspm.h" -#include "secure_utilities.h" -#include "secure_fw/spm/spm_api.h" -#include "region_defs.h" -#include "tfm_api.h" - -#define EXC_RETURN_SECURE_FUNCTION 0xFFFFFFFD - -#ifndef TFM_LVL -#error TFM_LVL is not defined! -#endif - -/* Macros to pick linker symbols and allow references to sections */ -#define REGION(a, b, c) a##b##c -#define REGION_NAME(a, b, c) REGION(a, b, c) -#define REGION_DECLARE(a, b, c) extern uint32_t REGION_NAME(a, b, c) - -#ifndef TFM_PSA_API /* Only use scratch if using veneer functions, not IPC */ -REGION_DECLARE(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Base); -REGION_DECLARE(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Limit); -#endif /* !defined(TFM_PSA_API) */ - -/* This is the "Big Lock" on the secure side, to guarantee single entry - * to SPE - */ -int32_t tfm_secure_lock; - -/** - * \brief Check whether a memory range is inside a memory region. - * - * \param[in] p The start address of the range to check - * \param[in] s The size of the range to check - * \param[in] region_start The start address of the region, which should - * contain the range - * \param[in] region_len The size of the region, which should contain the - * range - * - * \return TFM_SUCCESS if the region contains the range, - * TFM_ERROR_GENERIC otherwise. - */ -static int32_t check_address_range(const void *p, size_t s, - uintptr_t region_start, uint32_t region_len) -{ - int32_t range_in_region; - - /* Check for overflow in the range parameters */ - if ((uintptr_t)p > UINTPTR_MAX-s) { - return TFM_ERROR_GENERIC; - } - - /* We trust the region parameters, and don't check for overflow */ - - /* Calculate the result */ - range_in_region = ((uintptr_t)p >= region_start) && - ((uintptr_t)p+s <= region_start+region_len); - if (range_in_region) { - return TFM_SUCCESS; - } else { - return TFM_ERROR_GENERIC; - } -} - -/** - * \brief Check whether the current partition has access to a memory range - * - * This function assumes, that the current MPU configuration is set for the - * partition to be checked. The flags should contain information of the - * execution mode of the partition code (priv/unpriv), and access type - * (read/write) as specified in "ARMv8-M Security Extensions: Requirements on - * Development Tools" chapter "Address range check intrinsic" - * - * \param[in] p The start address of the range to check - * \param[in] s The size of the range to check - * \param[in] flags The flags to pass to the cmse_check_address_range func - * - * \return TFM_SUCCESS if the partition has access to the memory range, - * TFM_ERROR_GENERIC otherwise. - */ -static int32_t has_access_to_region(const void *p, size_t s, int flags) -{ - int32_t range_access_allowed_by_mpu; - -#ifndef TFM_PSA_API /* Only use scratch if using veneer functions, not IPC */ - uint32_t scratch_base = - (uint32_t)®ION_NAME(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Base); - uint32_t scratch_limit = - (uint32_t)®ION_NAME(Image$$, TFM_UNPRIV_SCRATCH, $$ZI$$Limit); -#endif /* !defined(TFM_PSA_API) */ - - /* Use the TT instruction to check access to the partition's regions*/ - range_access_allowed_by_mpu = - cmse_check_address_range((void *)p, s, flags) != NULL; - - if (range_access_allowed_by_mpu) { - return TFM_SUCCESS; - } - -#ifndef TFM_PSA_API /* Only use scratch if using veneer functions, not IPC */ - /* If the check for the current MPU settings fails, check for the share - * region, only if the partition is secure - */ - if ((flags & CMSE_NONSECURE) == 0) { - if (check_address_range(p, s, scratch_base, - scratch_limit+1-scratch_base) == TFM_SUCCESS) { - return TFM_SUCCESS; - } - } -#endif /* !defined(TFM_PSA_API) */ - - /* If all else fails, check whether the region is in the non-secure - * memory - */ - if (check_address_range(p, s, NS_CODE_START, - NS_CODE_LIMIT+1-NS_CODE_START) == TFM_SUCCESS || - check_address_range(p, s, NS_DATA_START, - NS_DATA_LIMIT+1-NS_DATA_START) == TFM_SUCCESS) { - return TFM_SUCCESS; - } else { - return TFM_ERROR_GENERIC; - } -} - -int32_t tfm_core_has_read_access_to_region(const void *p, size_t s, - uint32_t ns_caller, - uint32_t privileged) -{ - int flags = CMSE_MPU_READ; - - if (privileged == TFM_PARTITION_UNPRIVILEGED_MODE) { - flags |= CMSE_MPU_UNPRIV; - } - - if (ns_caller) { - flags |= CMSE_NONSECURE; - } - - return has_access_to_region(p, s, flags); -} - -int32_t tfm_core_has_write_access_to_region(void *p, size_t s, - uint32_t ns_caller, - uint32_t privileged) -{ - int flags = CMSE_MPU_READWRITE; - - if (privileged == TFM_PARTITION_UNPRIVILEGED_MODE) { - flags |= CMSE_MPU_UNPRIV; - } - - if (ns_caller) { - flags |= CMSE_NONSECURE; - } - - return has_access_to_region(p, s, flags); -} - -void tfm_secure_api_error_handler(void) -{ - ERROR_MSG("Security violation when calling secure API"); - while (1) { - ; - } -} - diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_secure_api.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_secure_api.h deleted file mode 100644 index 02f766a..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_secure_api.h +++ /dev/null @@ -1,214 +0,0 @@ -/* - * Copyright (c) 2017-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#ifndef __TFM_SECURE_API_H__ -#define __TFM_SECURE_API_H__ - -#include -#include "tfm_svc.h" -#include "secure_utilities.h" -#include "tfm_core.h" -#include "tfm_api.h" -#include "bl2/include/tfm_boot_status.h" - -/*! - * \def __tfm_secure_gateway_attributes__ - * - * \brief Attributes for secure gateway functions - */ -#define __tfm_secure_gateway_attributes__ \ - __attribute__((cmse_nonsecure_entry, noinline, section("SFN"))) - -/* Hide specific errors if not debugging */ -#ifdef TFM_CORE_DEBUG -#define TFM_ERROR_STATUS(status) (status) -#else -#define TFM_ERROR_STATUS(status) (TFM_PARTITION_BUSY) -#endif - -#define TFM_SFN_API_LEGACY 0 -#define TFM_SFN_API_IOVEC 1 - -#ifndef TFM_LVL -#error TFM_LVL is not defined! -#endif - -extern void tfm_secure_api_error_handler(void); - -typedef int32_t(*sfn_t)(int32_t, int32_t, int32_t, int32_t); - -struct tfm_sfn_req_s { - uint32_t sp_id; - sfn_t sfn; - int32_t *args; - uint32_t caller_part_idx; - int32_t iovec_api; - uint32_t ns_caller; -}; - -enum tfm_buffer_share_region_e { - TFM_BUFFER_SHARE_DISABLE, - TFM_BUFFER_SHARE_NS_CODE, - TFM_BUFFER_SHARE_SCRATCH, - TFM_BUFFER_SHARE_PRIV, /* only for TCB in level 2, all in level 1 */ - TFM_BUFFER_SHARE_DEFAULT, -}; - -enum tfm_ns_region_e { - TFM_NS_REGION_CODE = 0, - TFM_NS_REGION_DATA, - TFM_NS_REGION_VENEER, - TFM_NS_REGION_PERIPH_1, - TFM_NS_REGION_PERIPH_2, - TFM_NS_SECONDARY_IMAGE_REGION, -}; - -enum tfm_memory_access_e { - TFM_MEMORY_ACCESS_RO = 1, - TFM_MEMORY_ACCESS_RW = 2, -}; - -extern int32_t tfm_core_set_buffer_area(enum tfm_buffer_share_region_e share); - -extern int32_t tfm_core_validate_secure_caller(void); - -extern int32_t tfm_core_get_caller_client_id(int32_t *caller_client_id); - -extern int32_t tfm_core_memory_permission_check(const void *ptr, - uint32_t size, - int32_t access); - -extern int32_t tfm_core_get_boot_data(uint8_t major_type, - struct tfm_boot_data *boot_data, - uint32_t len); - -int32_t tfm_core_sfn_request(const struct tfm_sfn_req_s *desc_ptr); - -int32_t tfm_core_sfn_request_thread_mode(struct tfm_sfn_req_s *desc_ptr); - -/** - * \brief Check whether the current partition has read access to a memory range - * - * This function assumes, that the current MPU configuration is set for the - * partition to be checked. - * - * \param[in] p The start address of the range to check - * \param[in] s The size of the range to check - * \param[in] ns_caller Whether the current partition is a non-secure one - * \param[in] privileged Privileged mode or unprivileged mode: - * \ref TFM_PARTITION_UNPRIVILEGED_MODE - * \ref TFM_PARTITION_PRIVILEGED_MODE - * - * \return TFM_SUCCESS if the partition has access to the memory range, - * TFM_ERROR_GENERIC otherwise. - */ -int32_t tfm_core_has_read_access_to_region(const void *p, size_t s, - uint32_t ns_caller, - uint32_t privileged); - -/** - * \brief Check whether the current partition has write access to a memory range - * - * This function assumes, that the current MPU configuration is set for the - * partition to be checked. - * - * \param[in] p The start address of the range to check - * \param[in] s The size of the range to check - * \param[in] ns_caller Whether the current partition is a non-secure one - * \param[in] privileged Privileged mode or unprivileged mode: - * \ref TFM_PARTITION_UNPRIVILEGED_MODE - * \ref TFM_PARTITION_PRIVILEGED_MODE - * - * \return TFM_SUCCESS if the partition has access to the memory range, - * TFM_ERROR_GENERIC otherwise. - */ -int32_t tfm_core_has_write_access_to_region(void *p, size_t s, - uint32_t ns_caller, - uint32_t privileged); - -#ifdef TFM_PSA_API -/* The following macros are only valid if secure services can be called - * using veneer functions. This is not the case if IPC messaging is enabled - */ -#define TFM_CORE_IOVEC_SFN_REQUEST(id, fn, a, b, c, d) \ - do { \ - ERROR_MSG("Invalid TF-M configuration detected"); \ - tfm_secure_api_error_handler(); \ - /* This point never reached */ \ - return (int32_t)TFM_ERROR_GENERIC; \ - } while (0) -#define TFM_CORE_SFN_REQUEST(id, fn, a, b, c, d) \ - do { \ - ERROR_MSG("Invalid TF-M configuration detected"); \ - tfm_secure_api_error_handler(); \ - /* This point never reached */ \ - return (int32_t)TFM_ERROR_GENERIC; \ - } while (0) -#else -#define TFM_CORE_IOVEC_SFN_REQUEST(id, fn, a, b, c, d) \ - return tfm_core_partition_request(id, fn, TFM_SFN_API_IOVEC, \ - (int32_t)a, (int32_t)b, (int32_t)c, (int32_t)d) - -#define TFM_CORE_SFN_REQUEST(id, fn, a, b, c, d) \ - return tfm_core_partition_request(id, fn, TFM_SFN_API_LEGACY, \ - (int32_t)a, (int32_t)b, (int32_t)c, (int32_t)d) - -__attribute__ ((always_inline)) __STATIC_INLINE -int32_t tfm_core_partition_request(uint32_t id, void *fn, int32_t iovec_api, - int32_t arg1, int32_t arg2, int32_t arg3, int32_t arg4) -{ - int32_t args[4] = {arg1, arg2, arg3, arg4}; - struct tfm_sfn_req_s desc, *desc_ptr = &desc; - - desc.sp_id = id; - desc.sfn = (sfn_t) fn; - desc.args = args; - /* - * This preprocessor condition checks if a version of GCC smaller than - * 7.3.1 is being used to compile the code. - * These versions are affected by a bug on the cmse_nonsecure_caller - * intrinsic which returns incorrect results. - * Please check Bug 85203 on GCC Bugzilla for more information. - */ -#if defined(__GNUC__) && !defined(__ARMCC_VERSION) && \ - (__GNUC__ < 7 || \ - (__GNUC__ == 7 && (__GNUC_MINOR__ < 3 || \ - (__GNUC_MINOR__ == 3 && __GNUC_PATCHLEVEL__ < 1)))) - /* - * Use the fact that, if called from Non-Secure, the LSB of the return - * address is set to 0. - */ - desc.ns_caller = (uint32_t)!( - (intptr_t)__builtin_extract_return_addr(__builtin_return_address(0U)) - & 1); -#else - /* - * Convert the result of cmse_nonsecure_caller from an int to a uint32_t - * to prevent using an int in the tfm_sfn_req_s structure. - */ - desc.ns_caller = (cmse_nonsecure_caller() != 0) ? 1U : 0U; -#endif /* Check for GCC compiler version smaller than 7.3.1 */ - desc.iovec_api = iovec_api; - if (__get_active_exc_num() != EXC_NUM_THREAD_MODE) { - /* FixMe: Error severity TBD */ - return TFM_ERROR_GENERIC; - } else { -#if TFM_LVL == 1 - if (desc.ns_caller) { - return tfm_core_sfn_request(desc_ptr); - } else { - return tfm_core_sfn_request_thread_mode(desc_ptr); - } -#else - return tfm_core_sfn_request(desc_ptr); -#endif - - } -} -#endif - -#endif /* __TFM_SECURE_API_H__ */ diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_spm_services.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_spm_services.c deleted file mode 100644 index 83ff41b..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_spm_services.c +++ /dev/null @@ -1,166 +0,0 @@ -/* - * Copyright (c) 2017-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#include - -#include "tfm_svc.h" -#include "tfm_secure_api.h" -#include "tfm_internal.h" -#include "secure_fw/include/tfm_spm_services_api.h" -#include "spm_api.h" - -uint8_t *tfm_scratch_area; -uint32_t tfm_scratch_area_size; -nsfptr_t ns_entry; - -void jump_to_ns_code(void) -{ -#if TFM_LVL == 3 || ((!defined(TFM_PSA_API)) && (TFM_LVL != 1)) - /* Initialization is done, set thread mode to unprivileged. */ - tfm_spm_partition_change_privilege(TFM_PARTITION_UNPRIVILEGED_MODE); -#endif - /* All changes made to memory will be effective after this point */ - __DSB(); - __ISB(); - - /* Calls the non-secure Reset_Handler to jump to the non-secure binary */ - ns_entry(); -} - -#ifndef TFM_PSA_API -#if defined(__ARM_ARCH_8M_MAIN__) -__attribute__((naked)) int32_t tfm_core_sfn_request( - const struct tfm_sfn_req_s *desc_ptr) -{ - __ASM volatile( - "PUSH {r4-r12, lr}\n" - "SVC %[SVC_REQ]\n" - "MOV r4, #0\n" - "MOV r5, #0\n" - "MOV r6, #0\n" - "MOV r7, #0\n" - "MOV r8, #0\n" - "MOV r9, #0\n" - "MOV r10, #0\n" - "MOV r11, #0\n" - "BLX lr\n" - "SVC %[SVC_RET]\n" - "POP {r4-r12, pc}\n" - : : [SVC_REQ] "I" (TFM_SVC_SFN_REQUEST) - , [SVC_RET] "I" (TFM_SVC_SFN_RETURN) - : "r0"); -} -#elif defined(__ARM_ARCH_8M_BASE__) -__attribute__((naked)) int32_t tfm_core_sfn_request( - const struct tfm_sfn_req_s *desc_ptr) -{ - __ASM volatile( - ".syntax unified\n" - "PUSH {lr}\n" - "PUSH {r4-r7}\n" - "MOV r4, r8\n" - "MOV r5, r9\n" - "MOV r6, r10\n" - "MOV r7, r11\n" - "PUSH {r4-r7}\n" - "MOV r4, r12\n" - "PUSH {r4}\n" - "SVC %[SVC_REQ]\n" - "MOVS r4, #0\n" - "MOV r5, r4\n" - "MOV r6, r4\n" - "MOV r7, r4\n" - "MOV r8, r4\n" - "MOV r9, r4\n" - "MOV r10, r4\n" - "MOV r11, r4\n" - "BLX lr\n" - "SVC %[SVC_RET]\n" - "POP {r4}\n" - "MOV r12, r4\n" - "POP {r4-r7}\n" - "MOV r8, r4\n" - "MOV r9, r5\n" - "MOV r10, r6\n" - "MOV r11, r7\n" - "POP {r4-r7}\n" - "POP {pc}\n" - : : [SVC_REQ] "I" (TFM_SVC_SFN_REQUEST) - , [SVC_RET] "I" (TFM_SVC_SFN_RETURN) - : "r0"); -} -#else -#error "Unsupported ARM Architecture." -#endif - -__attribute__((naked)) -int32_t tfm_core_memory_permission_check(const void *ptr, - uint32_t len, - int32_t access) -{ - __ASM volatile( - "SVC %0\n" - "BX lr\n" - : : "I" (TFM_SVC_MEMORY_CHECK)); -} - -__attribute__((naked)) -int32_t tfm_core_get_caller_client_id(int32_t *caller_client_id) -{ - __ASM volatile( - "SVC %0\n" - "BX LR\n" - : : "I" (TFM_SVC_GET_CALLER_CLIENT_ID)); -} - -__attribute__((naked)) -int32_t tfm_spm_request_reset_vote(void) -{ - __ASM volatile( - "MOVS R0, %0\n" - "B tfm_spm_request\n" - : : "I" (TFM_SPM_REQUEST_RESET_VOTE)); -} - -__attribute__((naked)) -int32_t tfm_spm_request(void) -{ - __ASM volatile( - "SVC %0\n" - "BX lr\n" - : : "I" (TFM_SVC_SPM_REQUEST)); -} - -__attribute__((naked)) -int32_t tfm_core_validate_secure_caller(void) -{ - __ASM volatile( - "SVC %0\n" - "BX lr\n" - : : "I" (TFM_SVC_VALIDATE_SECURE_CALLER)); -} - -__attribute__((naked)) -int32_t tfm_core_set_buffer_area(enum tfm_buffer_share_region_e share) -{ - __ASM volatile( - "SVC %0\n" - "BX lr\n" - : : "I" (TFM_SVC_SET_SHARE_AREA)); -} -#endif - -__attribute__((naked)) -int32_t tfm_core_get_boot_data(uint8_t major_type, - struct tfm_boot_data *boot_status, - uint32_t len) -{ - __ASM volatile( - "SVC %0\n" - "BX lr\n" - : : "I" (TFM_SVC_GET_BOOT_DATA)); -} diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_svc.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_svc.h deleted file mode 100644 index e0c1102..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/tfm_svc.h +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright (c) 2017-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#ifndef __TFM_SVC_H__ -#define __TFM_SVC_H__ - -#include "cmsis.h" - -typedef enum { - TFM_SVC_SFN_REQUEST = 0, - TFM_SVC_SFN_RETURN, - TFM_SVC_VALIDATE_SECURE_CALLER, - TFM_SVC_GET_CALLER_CLIENT_ID, - TFM_SVC_MEMORY_CHECK, - TFM_SVC_SET_SHARE_AREA, - TFM_SVC_SPM_REQUEST, - TFM_SVC_PRINT, - TFM_SVC_GET_BOOT_DATA, -#ifdef TFM_PSA_API - TFM_SVC_IPC_REQUEST, - TFM_SVC_SCHEDULE, - TFM_SVC_EXIT_THRD, - /* PSA Client SVC */ - TFM_SVC_PSA_FRAMEWORK_VERSION, - TFM_SVC_PSA_VERSION, - TFM_SVC_PSA_CONNECT, - TFM_SVC_PSA_CALL, - TFM_SVC_PSA_CLOSE, - /* PSA Service SVC */ - TFM_SVC_PSA_WAIT, - TFM_SVC_PSA_GET, - TFM_SVC_PSA_SET_RHANDLE, - TFM_SVC_PSA_READ, - TFM_SVC_PSA_SKIP, - TFM_SVC_PSA_WRITE, - TFM_SVC_PSA_REPLY, - TFM_SVC_PSA_NOTIFY, - TFM_SVC_PSA_CLEAR, - TFM_SVC_PSA_EOI, -#endif -} tfm_svc_number_t; - -#define SVC(code) __ASM volatile("svc %0" : : "I" (code)) - -#endif /* __TFM_SVC_H__ */ diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/include/dir_include.dox b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/include/dir_include.dox deleted file mode 100644 index 10d074f..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/include/dir_include.dox +++ /dev/null @@ -1,17 +0,0 @@ -/* - * Copyright (c) 2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -//This file holds description for the current directory. This documentation -//will be included in the Doxygen output. - -/*! -\dir -\brief Include files for the TF-M. -\details This directory currently only holds the include file for the SPM -module. - -*/ diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/include/tfm_spm_services_api.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/include/tfm_spm_services_api.h deleted file mode 100644 index be08ed2..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/include/tfm_spm_services_api.h +++ /dev/null @@ -1,22 +0,0 @@ -/* - * Copyright (c) 2018, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#ifndef __TFM_SPM_SERVICES_API_H__ -#define __TFM_SPM_SERVICES_API_H__ - -enum tfm_spm_request_type_t { - TFM_SPM_REQUEST_RESET_VOTE, -}; - -/** - * \brief Request a vote from SPM on a system reset - * - * \return Returns 0 if request is accepted, any other value means reject - */ -int32_t tfm_spm_request_reset_vote(void); - -#endif /* __TFM_SPM_SERVICES_API_H__ */ diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/ns_callable/tfm_psa_api_veneers.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/ns_callable/tfm_psa_api_veneers.c deleted file mode 100644 index 7d8ff20..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/ns_callable/tfm_psa_api_veneers.c +++ /dev/null @@ -1,134 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#include -#include -#include "psa_client.h" -#include "psa_service.h" -#include "secure_utilities.h" -#include "tfm_secure_api.h" -#include "tfm_api.h" -#include "tfm_svcalls.h" - -/* FixMe: check if this is really needed */ -extern int32_t tfm_secure_lock; - -__attribute__ ((always_inline)) __STATIC_INLINE -int32_t tfm_psa_veneer_sanity_check(struct tfm_sfn_req_s *desc_ptr) -{ - if (desc_ptr->ns_caller) { - if (tfm_secure_lock != 0) { - /* Secure domain is already locked! - * FixMe: Decide if this is a fault or permitted in case of PSA - * API usage - */ - return TFM_ERROR_SECURE_DOMAIN_LOCKED; - } - } else { - /* Secure partition should not call a different secure partition - * using TFM PSA veneers - */ - return TFM_ERROR_INVALID_EXC_MODE; - } - return TFM_SUCCESS; -} - -/* Veneer implementation */ - -#define TFM_CORE_NS_IPC_REQUEST_VENEER(fn, a, b, c, d) \ - return tfm_core_ns_ipc_request(fn, (int32_t)a, (int32_t)b, \ - (int32_t)c, (int32_t)d) - -__attribute__ ((naked, section("SFN"))) -static int32_t tfm_core_ipc_request(const struct tfm_sfn_req_s *desc_ptr) -{ - __ASM volatile("SVC %0 \n" - "BX LR \n" - : : "I" (TFM_SVC_IPC_REQUEST)); -} - -__attribute__ ((always_inline)) __STATIC_INLINE -int32_t tfm_core_ns_ipc_request(void *fn, int32_t arg1, int32_t arg2, - int32_t arg3, int32_t arg4) -{ - int32_t args[4] = {arg1, arg2, arg3, arg4}; - struct tfm_sfn_req_s desc = {0}; - - desc.sfn = fn; - desc.args = args; - desc.ns_caller = cmse_nonsecure_caller(); - - if (__get_active_exc_num() != EXC_NUM_THREAD_MODE) - { - /* FIXME: Proper error handling to be implemented */ - return TFM_ERROR_INVALID_EXC_MODE; - } else { - return tfm_core_ipc_request(&desc); - } -} - -/* FixMe: these functions need to have different attributes compared to those - * legacy veneers which may be called by secure partitions. - * They won't call legacy SFN but instead will be handlers for TF-M - */ - -__tfm_secure_gateway_attributes__ -uint32_t tfm_psa_framework_version_veneer(void) -{ - TFM_CORE_NS_IPC_REQUEST_VENEER(tfm_svcall_psa_framework_version, 0, 0, - 0, 0); -} - -__tfm_secure_gateway_attributes__ -uint32_t tfm_psa_version_veneer(uint32_t sid) -{ - TFM_CORE_NS_IPC_REQUEST_VENEER(tfm_svcall_psa_version, sid, 0, 0, 0); -} - -__tfm_secure_gateway_attributes__ -psa_handle_t tfm_psa_connect_veneer(uint32_t sid, uint32_t minor_version) -{ - TFM_CORE_NS_IPC_REQUEST_VENEER(tfm_svcall_psa_connect, sid, - minor_version, 0, 0); -} - -__tfm_secure_gateway_attributes__ -psa_status_t tfm_psa_call_veneer(psa_handle_t handle, - const psa_invec *in_vecs, - psa_outvec *out_vecs) -{ - TFM_CORE_NS_IPC_REQUEST_VENEER(tfm_svcall_psa_call, handle, in_vecs, - out_vecs, 0); -} - -__tfm_secure_gateway_attributes__ -psa_status_t tfm_psa_close_veneer(psa_handle_t handle) -{ - TFM_CORE_NS_IPC_REQUEST_VENEER(tfm_svcall_psa_close, handle, 0, 0, 0); -} - -void tfm_psa_ipc_request_handler(uint32_t svc_ctx[]) -{ - uint32_t *r0_ptr = svc_ctx; - - /* The only argument to the SVC call is stored in the stacked r0 */ - struct tfm_sfn_req_s *desc_ptr = (struct tfm_sfn_req_s *) *r0_ptr; - - if(tfm_psa_veneer_sanity_check(desc_ptr) != TFM_SUCCESS) { - /* FixMe: consider error handling - this may be critical error */ - *r0_ptr = TFM_ERROR_INVALID_PARAMETER; - return; - } - - /* Store SVC return value in stacked r0 */ - *r0_ptr = desc_ptr->sfn((int32_t)desc_ptr->args, - desc_ptr->ns_caller, - 0, - 0); - - return; -} diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/dir_spm.dox b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/dir_spm.dox deleted file mode 100644 index 92c8a27..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/dir_spm.dox +++ /dev/null @@ -1,16 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -//This file holds description for the current directory. This documentation -//will be included in the Doxygen output. - -/*! -\dir -\brief Source code for the Secure Partition Manager. -\details This directory holds the source code of the "TF-M SPM" module. - -*/ \ No newline at end of file diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_api.c b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_api.c deleted file mode 100644 index f589cd9..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_api.c +++ /dev/null @@ -1,416 +0,0 @@ -/* - * Copyright (c) 2017-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -/* This file contains the APIs exported by the SPM to tfm core */ - -#include -#include -#include "spm_api.h" -#include "platform/include/tfm_spm_hal.h" -#include "tfm_memory_utils.h" -#include "spm_db_setup.h" -#include "tfm_internal.h" -#include "tfm_api.h" -#include "tfm_nspm.h" -#include "secure_fw/core/tfm_core.h" -#include "tfm_peripherals_def.h" -#include "spm_partition_defs.h" - - -struct spm_partition_db_t g_spm_partition_db = {0,}; - -typedef enum { - TFM_INIT_FAILURE, -} sp_error_type_t; - -/* - * This function is called when a secure partition causes an error. - * In case of an error in the error handling, a non-zero value have to be - * returned. - */ -#ifndef TFM_PSA_API -static void tfm_spm_partition_err_handler( - const struct spm_partition_desc_t *partition, - sp_error_type_t err_type, - int32_t err_code) -{ -#ifdef TFM_CORE_DEBUG - if (err_type == TFM_INIT_FAILURE) { - printf("Partition init failed for partition id 0x%08X\r\n", - partition->static_data.partition_id); - } else { - printf( - "Unknown partition error %d (code: %d) for partition id 0x%08X\r\n", - err_type, err_code, partition->static_data.partition_id); - } -#else - (void)err_type; - (void)err_code; -#endif - tfm_spm_partition_set_state(partition->static_data.partition_id, - SPM_PARTITION_STATE_CLOSED); -} -#endif /* !defined(TFM_PSA_API) */ - -/* - * This function prevents name clashes between the variable names accessibles in - * the scope of where tfm_partition_list.inc is included and the varaible names - * defined inside tfm_partition_list.inc file. - */ -static inline enum spm_err_t add_user_defined_partitions(void) { - #include "tfm_partition_list.inc" - - return SPM_ERR_OK; -} - -uint32_t get_partition_idx(uint32_t partition_id) -{ - uint32_t i; - - if (partition_id == INVALID_PARTITION_ID) { - return SPM_INVALID_PARTITION_IDX; - } - - for (i = 0; i < g_spm_partition_db.partition_count; ++i) { - if (g_spm_partition_db.partitions[i].static_data.partition_id == - partition_id) { - return i; - } - } - return SPM_INVALID_PARTITION_IDX; -} - -enum spm_err_t tfm_spm_db_init(void) -{ - struct spm_partition_desc_t *part_ptr; - enum spm_err_t err; - - (void)tfm_memset (&g_spm_partition_db, 0, sizeof(g_spm_partition_db)); - - /* This function initialises partition db */ - g_spm_partition_db.running_partition_idx = SPM_INVALID_PARTITION_IDX; - g_spm_partition_db.partition_count = 0; - - /* There are a few partitions that are used by TF-M internally. - * These are explicitly added to the partition db here. - */ - - /* For the non secure Execution environment */ -#if (TFM_LVL != 1) || defined(TFM_PSA_API) - extern uint32_t Image$$ARM_LIB_STACK$$ZI$$Base[]; - extern uint32_t Image$$ARM_LIB_STACK$$ZI$$Limit[]; - uint32_t psp_stack_bottom = (uint32_t)Image$$ARM_LIB_STACK$$ZI$$Base; - uint32_t psp_stack_top = (uint32_t)Image$$ARM_LIB_STACK$$ZI$$Limit; -#endif - if (g_spm_partition_db.partition_count >= SPM_MAX_PARTITIONS) { - return SPM_ERR_INVALID_CONFIG; - } - part_ptr = &(g_spm_partition_db.partitions[ - g_spm_partition_db.partition_count]); - part_ptr->static_data.partition_id = TFM_SP_NON_SECURE_ID; -#ifdef TFM_PSA_API - part_ptr->static_data.partition_flags = SPM_PART_FLAG_APP_ROT | - SPM_PART_FLAG_IPC; - part_ptr->static_data.partition_priority = TFM_PRIORITY_LOW; - part_ptr->static_data.partition_init = tfm_nspm_thread_entry; -#else - part_ptr->static_data.partition_flags = 0; -#endif - -#if (TFM_LVL != 1) || defined(TFM_PSA_API) - part_ptr->memory_data.stack_bottom = psp_stack_bottom; - part_ptr->memory_data.stack_top = psp_stack_top; - /* Since RW, ZI and stack are configured as one MPU region, configure - * RW start address to psp_stack_bottom to get RW access to stack - */ - part_ptr->memory_data.rw_start = psp_stack_bottom; -#endif - - part_ptr->runtime_data.partition_state = SPM_PARTITION_STATE_UNINIT; - tfm_nspm_configure_clients(); - ++g_spm_partition_db.partition_count; - - /* For the TF-M core environment itself */ - if (g_spm_partition_db.partition_count >= SPM_MAX_PARTITIONS) { - return SPM_ERR_INVALID_CONFIG; - } - part_ptr = &(g_spm_partition_db.partitions[ - g_spm_partition_db.partition_count]); - part_ptr->static_data.partition_id = TFM_SP_CORE_ID; - part_ptr->static_data.partition_flags = - SPM_PART_FLAG_APP_ROT | SPM_PART_FLAG_PSA_ROT; - part_ptr->runtime_data.partition_state = SPM_PARTITION_STATE_UNINIT; - ++g_spm_partition_db.partition_count; - - err = add_user_defined_partitions(); - if (err != SPM_ERR_OK) { - return err; - } - - g_spm_partition_db.is_init = 1; - - return SPM_ERR_OK; -} - -#ifndef TFM_PSA_API -enum spm_err_t tfm_spm_partition_init(void) -{ - struct spm_partition_desc_t *part; - struct tfm_sfn_req_s desc; - int32_t args[4] = {0}; - int32_t fail_cnt = 0; - uint32_t idx; - - /* Call the init function for each partition */ - for (idx = 0; idx < g_spm_partition_db.partition_count; ++idx) { - part = &g_spm_partition_db.partitions[idx]; - tfm_spm_hal_configure_default_isolation(part->platform_data); - if (part->static_data.partition_init == NULL) { - tfm_spm_partition_set_state(idx, SPM_PARTITION_STATE_IDLE); - tfm_spm_partition_set_caller_partition_idx(idx, - SPM_INVALID_PARTITION_IDX); - } else { - int32_t res; - - desc.args = args; - desc.ns_caller = 0U; - desc.iovec_api = TFM_SFN_API_IOVEC; - desc.sfn = (sfn_t)part->static_data.partition_init; - desc.sp_id = part->static_data.partition_id; - res = tfm_core_sfn_request(&desc); - if (res == TFM_SUCCESS) { - tfm_spm_partition_set_state(idx, SPM_PARTITION_STATE_IDLE); - } else { - tfm_spm_partition_err_handler(part, TFM_INIT_FAILURE, res); - fail_cnt++; - } - } - } - - tfm_secure_api_init_done(); - - if (fail_cnt == 0) { - return SPM_ERR_OK; - } else { - return SPM_ERR_PARTITION_NOT_AVAILABLE; - } -} -#endif /* !defined(TFM_PSA_API) */ - -#if (TFM_LVL != 1) || defined(TFM_PSA_API) -uint32_t tfm_spm_partition_get_stack_bottom(uint32_t partition_idx) -{ - return g_spm_partition_db.partitions[partition_idx]. - memory_data.stack_bottom; -} - -uint32_t tfm_spm_partition_get_stack_top(uint32_t partition_idx) -{ - return g_spm_partition_db.partitions[partition_idx].memory_data.stack_top; -} -#endif - -#if (TFM_LVL != 1) && !defined(TFM_PSA_API) -enum spm_err_t tfm_spm_partition_sandbox_config(uint32_t partition_idx) -{ - struct spm_partition_desc_t *part; - if (!g_spm_partition_db.is_init) { - return SPM_ERR_PARTITION_DB_NOT_INIT; - } - - part = &g_spm_partition_db.partitions[partition_idx]; - - return tfm_spm_hal_partition_sandbox_config(&(part->memory_data), - part->platform_data); - -} - -enum spm_err_t tfm_spm_partition_sandbox_deconfig(uint32_t partition_idx) -{ - /* This function takes a partition id and disables the - * SPM partition for that partition - */ - - struct spm_partition_desc_t *part; - - part = &g_spm_partition_db.partitions[partition_idx]; - - return tfm_spm_hal_partition_sandbox_deconfig(&(part->memory_data), - part->platform_data); -} - -uint32_t tfm_spm_partition_get_zi_start(uint32_t partition_idx) -{ - return g_spm_partition_db.partitions[partition_idx]. - memory_data.zi_start; -} - -uint32_t tfm_spm_partition_get_zi_limit(uint32_t partition_idx) -{ - return g_spm_partition_db.partitions[partition_idx]. - memory_data.zi_limit; -} - -uint32_t tfm_spm_partition_get_rw_start(uint32_t partition_idx) -{ - return g_spm_partition_db.partitions[partition_idx]. - memory_data.rw_start; -} - -uint32_t tfm_spm_partition_get_rw_limit(uint32_t partition_idx) -{ - return g_spm_partition_db.partitions[partition_idx]. - memory_data.rw_limit; -} - -void tfm_spm_partition_set_stack(uint32_t partition_idx, uint32_t stack_ptr) -{ - g_spm_partition_db.partitions[partition_idx]. - runtime_data.stack_ptr = stack_ptr; -} -#endif - -uint32_t tfm_spm_partition_get_partition_id(uint32_t partition_idx) -{ - return g_spm_partition_db.partitions[partition_idx].static_data. - partition_id; -} - -uint32_t tfm_spm_partition_get_flags(uint32_t partition_idx) -{ - return g_spm_partition_db.partitions[partition_idx].static_data. - partition_flags; -} - -#ifndef TFM_PSA_API -void tfm_spm_partition_store_context(uint32_t partition_idx, - uint32_t stack_ptr, uint32_t lr) -{ - g_spm_partition_db.partitions[partition_idx]. - runtime_data.stack_ptr = stack_ptr; - g_spm_partition_db.partitions[partition_idx]. - runtime_data.lr = lr; -} - -const struct spm_partition_runtime_data_t * - tfm_spm_partition_get_runtime_data(uint32_t partition_idx) -{ - return &(g_spm_partition_db.partitions[partition_idx].runtime_data); -} - -void tfm_spm_partition_set_state(uint32_t partition_idx, uint32_t state) -{ - g_spm_partition_db.partitions[partition_idx].runtime_data.partition_state = - state; - if (state == SPM_PARTITION_STATE_RUNNING) { - g_spm_partition_db.running_partition_idx = partition_idx; - } -} - -void tfm_spm_partition_set_caller_partition_idx(uint32_t partition_idx, - uint32_t caller_partition_idx) -{ - g_spm_partition_db.partitions[partition_idx].runtime_data. - caller_partition_idx = caller_partition_idx; -} - -void tfm_spm_partition_set_caller_client_id(uint32_t partition_idx, - int32_t caller_client_id) -{ - g_spm_partition_db.partitions[partition_idx].runtime_data. - caller_client_id = caller_client_id; -} - -enum spm_err_t tfm_spm_partition_set_share(uint32_t partition_idx, - uint32_t share) -{ - enum spm_err_t ret = SPM_ERR_OK; - -#if TFM_LVL != 1 - /* Only need to set configuration on levels higher than 1 */ - ret = tfm_spm_hal_set_share_region(share); -#endif - - if (ret == SPM_ERR_OK) { - g_spm_partition_db.partitions[partition_idx].runtime_data.share = share; - } - return ret; -} - -enum spm_err_t tfm_spm_partition_set_iovec(uint32_t partition_idx, - const int32_t *args) -{ - struct spm_partition_runtime_data_t *runtime_data = - &g_spm_partition_db.partitions[partition_idx].runtime_data; - size_t i; - - if ((args[1] < 0) || (args[3] < 0)) { - return SPM_ERR_INVALID_PARAMETER; - } - - runtime_data->iovec_args.in_len = (size_t)args[1]; - for (i = 0U; i < runtime_data->iovec_args.in_len; ++i) { - runtime_data->iovec_args.in_vec[i].base = - ((psa_invec *)args[0])[i].base; - runtime_data->iovec_args.in_vec[i].len = ((psa_invec *)args[0])[i].len; - } - runtime_data->iovec_args.out_len = (size_t)args[3]; - for (i = 0U; i < runtime_data->iovec_args.out_len; ++i) { - runtime_data->iovec_args.out_vec[i].base = - ((psa_outvec *)args[2])[i].base; - runtime_data->iovec_args.out_vec[i].len = - ((psa_outvec *)args[2])[i].len; - } - runtime_data->orig_outvec = (psa_outvec *)args[2]; - runtime_data->iovec_api = 1; - - return SPM_ERR_OK; -} - -uint32_t tfm_spm_partition_get_running_partition_idx(void) -{ - return g_spm_partition_db.running_partition_idx; -} - -void tfm_spm_partition_cleanup_context(uint32_t partition_idx) -{ - struct spm_partition_desc_t *partition = - &(g_spm_partition_db.partitions[partition_idx]); - int32_t i; - - partition->runtime_data.caller_partition_idx = SPM_INVALID_PARTITION_IDX; - partition->runtime_data.share = 0; - partition->runtime_data.iovec_args.in_len = 0; - for (i = 0; i < PSA_MAX_IOVEC; ++i) { - partition->runtime_data.iovec_args.in_vec[i].base = 0; - partition->runtime_data.iovec_args.in_vec[i].len = 0; - } - partition->runtime_data.iovec_args.out_len = 0; - for (i = 0; i < PSA_MAX_IOVEC; ++i) { - partition->runtime_data.iovec_args.out_vec[i].base = 0; - partition->runtime_data.iovec_args.out_vec[i].len = 0; - } - partition->runtime_data.orig_outvec = 0; - partition->runtime_data.iovec_api = 0; -} -#endif /* !defined(TFM_PSA_API) */ - -__attribute__((section("SFN"))) -void tfm_spm_partition_change_privilege(uint32_t privileged) -{ - CONTROL_Type ctrl; - - ctrl.w = __get_CONTROL(); - - if (privileged == TFM_PARTITION_PRIVILEGED_MODE) { - ctrl.b.nPRIV = 0; - } else { - ctrl.b.nPRIV = 1; - } - - __set_CONTROL(ctrl.w); -} diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_api.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_api.h deleted file mode 100644 index a15434d..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_api.h +++ /dev/null @@ -1,355 +0,0 @@ -/* - * Copyright (c) 2017-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#ifndef __SPM_API_H__ -#define __SPM_API_H__ - -/* This file contains the apis exported by the SPM to tfm core */ -#include "tfm_api.h" -#include "spm_partition_defs.h" -#include "secure_fw/core/tfm_secure_api.h" - -#define SPM_INVALID_PARTITION_IDX (~0U) - -/* Privileged definitions for partition thread mode */ -#define TFM_PARTITION_PRIVILEGED_MODE 1 -#define TFM_PARTITION_UNPRIVILEGED_MODE 0 - -enum spm_err_t { - SPM_ERR_OK = 0, - SPM_ERR_PARTITION_DB_NOT_INIT, - SPM_ERR_PARTITION_ALREADY_ACTIVE, - SPM_ERR_PARTITION_NOT_AVAILABLE, - SPM_ERR_INVALID_PARAMETER, - SPM_ERR_INVALID_CONFIG, -}; - -enum spm_part_state_t { - SPM_PARTITION_STATE_UNINIT = 0, - SPM_PARTITION_STATE_IDLE, - SPM_PARTITION_STATE_RUNNING, - SPM_PARTITION_STATE_SUSPENDED, - SPM_PARTITION_STATE_BLOCKED, - SPM_PARTITION_STATE_CLOSED -}; - -enum spm_part_flag_mask_t { - SPM_PART_FLAG_APP_ROT = 0x01, - SPM_PART_FLAG_PSA_ROT = 0x02, - SPM_PART_FLAG_IPC = 0x04 -}; - -/** - * \brief Holds the iovec parameters that are passed to a service - * - * \note The size of the structure is (and have to be) multiple of 8 bytes - */ -struct iovec_args_t { - psa_invec in_vec[PSA_MAX_IOVEC]; /*!< Array of psa_invec objects */ - size_t in_len; /*!< Number psa_invec objects in in_vec - */ - psa_outvec out_vec[PSA_MAX_IOVEC]; /*!< Array of psa_outvec objects */ - size_t out_len; /*!< Number psa_outvec objects in out_vec - */ -}; - -/** - * \brief Runtime context information of a partition - */ -struct spm_partition_runtime_data_t { - uint32_t partition_state; - uint32_t caller_partition_idx; - int32_t caller_client_id; - uint32_t share; - uint32_t stack_ptr; - uint32_t lr; - int32_t iovec_api; /*!< Whether the function in the partition - * had been called using the iovec API. - * FIXME: Remove the field once this is the - * only option - */ - struct iovec_args_t iovec_args; - psa_outvec *orig_outvec; -}; - - -/** - * \brief Returns the index of the partition with the given partition ID. - * - * \param[in] partition_id Partition id - * - * \return the partition idx if partition_id is valid, - * \ref SPM_INVALID_PARTITION_IDX othervise - */ -uint32_t get_partition_idx(uint32_t partition_id); - -#if (TFM_LVL != 1) || defined(TFM_PSA_API) -/** - * \brief Get bottom of stack region for a partition - * - * \param[in] partition_idx Partition index - * - * \return Stack region bottom value - * - * \note This function doesn't check if partition_idx is valid. - */ -uint32_t tfm_spm_partition_get_stack_bottom(uint32_t partition_idx); - -/** - * \brief Get top of stack region for a partition - * - * \param[in] partition_idx Partition index - * - * \return Stack region top value - * - * \note This function doesn't check if partition_idx is valid. - */ -uint32_t tfm_spm_partition_get_stack_top(uint32_t partition_idx); -#endif - -#if (TFM_LVL != 1) && !defined(TFM_PSA_API) -/** - * \brief Configure isolated sandbox for a partition - * - * \param[in] partition_idx Partition index - * - * \return Error code \ref spm_err_t - * - * \note This function doesn't check if partition_idx is valid. - */ -enum spm_err_t tfm_spm_partition_sandbox_config(uint32_t partition_idx); - -/** - * \brief Deconfigure sandbox for a partition - * - * \param[in] partition_idx Partition index - * - * \return Error code \ref spm_err_t - * - * \note This function doesn't check if partition_idx is valid. - */ -enum spm_err_t tfm_spm_partition_sandbox_deconfig(uint32_t partition_idx); - -/** - * \brief Get the start of the zero-initialised region for a partition - * - * \param[in] partition_idx Partition idx - * - * \return Start of the zero-initialised region - * - * \note This function doesn't check if partition_idx is valid. - */ -uint32_t tfm_spm_partition_get_zi_start(uint32_t partition_idx); - -/** - * \brief Get the limit of the zero-initialised region for a partition - * - * \param[in] partition_idx Partition idx - * - * \return Limit of the zero-initialised region - * - * \note This function doesn't check if partition_idx is valid. - * \note The address returned is not part of the region. - */ -uint32_t tfm_spm_partition_get_zi_limit(uint32_t partition_idx); - -/** - * \brief Get the start of the read-write region for a partition - * - * \param[in] partition_idx Partition idx - * - * \return Start of the read-write region - * - * \note This function doesn't check if partition_idx is valid. - */ -uint32_t tfm_spm_partition_get_rw_start(uint32_t partition_idx); - -/** - * \brief Get the limit of the read-write region for a partition - * - * \param[in] partition_idx Partition idx - * - * \return Limit of the read-write region - * - * \note This function doesn't check if partition_idx is valid. - * \note The address returned is not part of the region. - */ -uint32_t tfm_spm_partition_get_rw_limit(uint32_t partition_idx); - -/** - * \brief Save stack pointer for partition in database - * - * \param[in] partition_idx Partition index - * \param[in] stack_ptr Stack pointer to be stored - * - * \note This function doesn't check if partition_idx is valid. - */ -void tfm_spm_partition_set_stack(uint32_t partition_idx, uint32_t stack_ptr); -#endif - -/** - * \brief Get the id of the partition for its index from the db - * - * \param[in] partition_idx Partition index - * - * \return Partition ID for that partition - * - * \note This function doesn't check if partition_idx is valid. - */ -uint32_t tfm_spm_partition_get_partition_id(uint32_t partition_idx); - -/** - * \brief Get the flags associated with a partition - * - * \param[in] partition_idx Partition index - * - * \return Flags associated with the partition - * - * \note This function doesn't check if partition_idx is valid. - */ -uint32_t tfm_spm_partition_get_flags(uint32_t partition_idx); - -#ifndef TFM_PSA_API -/** - * \brief Get the current runtime data of a partition - * - * \param[in] partition_idx Partition index - * - * \return The runtime data of the specified partition - * - * \note This function doesn't check if partition_idx is valid. - */ -const struct spm_partition_runtime_data_t * - tfm_spm_partition_get_runtime_data(uint32_t partition_idx); - -/** - * \brief Returns the index of the partition that has running state - * - * \return The index of the partition with the running state, if there is any - * set. 0 otherwise. - */ -uint32_t tfm_spm_partition_get_running_partition_idx(void); - -/** - * \brief Save stack pointer and link register for partition in database - * - * \param[in] partition_idx Partition index - * \param[in] stack_ptr Stack pointer to be stored - * \param[in] lr Link register to be stored - * - * \note This function doesn't check if partition_idx is valid. - */ -void tfm_spm_partition_store_context(uint32_t partition_idx, - uint32_t stack_ptr, uint32_t lr); - -/** - * \brief Set the current state of a partition - * - * \param[in] partition_idx Partition index - * \param[in] state The state to be set - * - * \note This function doesn't check if partition_idx is valid. - * \note The state has to have the value set of \ref spm_part_state_t. - */ -void tfm_spm_partition_set_state(uint32_t partition_idx, uint32_t state); - -/** - * \brief Set the caller partition index for a given partition - * - * \param[in] partition_idx Partition index - * \param[in] caller_partition_idx The index of the caller partition - * - * \note This function doesn't check if any of the partition_idxs are valid. - */ -void tfm_spm_partition_set_caller_partition_idx(uint32_t partition_idx, - uint32_t caller_partition_idx); - -/** -* \brief Set the caller client ID for a given partition -* -* \param[in] partition_idx Partition index -* \param[in] caller_client_id The ID of the calling client -* -* \note This function doesn't check if any of the partition_idxs are valid. -*/ -void tfm_spm_partition_set_caller_client_id(uint32_t partition_idx, - int32_t caller_client_id); - -/** - * \brief Set the buffer share region of the partition - * - * \param[in] partition_idx Partition index - * \param[in] share The buffer share region to be set - * - * \return Error code \ref spm_err_t - * - * \note This function doesn't check if partition_idx is valid. - * \note share has to have the value set of \ref tfm_buffer_share_region_e - */ -enum spm_err_t tfm_spm_partition_set_share(uint32_t partition_idx, - uint32_t share); - -/** - * \brief Set the iovec parameters for the partition - * - * \param[in] partition_idx Partition index - * \param[in] args The arguments of the secure function - * - * args is expected to be of type int32_t[4] where: - * args[0] is in_vec - * args[1] is in_len - * args[2] is out_vec - * args[3] is out_len - * - * \return Error code \ref spm_err_t - * - * \note This function doesn't check if partition_idx is valid. - * \note This function assumes that the iovecs that are passed in args are - * valid, and does no sanity check on them at all. - */ -enum spm_err_t tfm_spm_partition_set_iovec(uint32_t partition_idx, - const int32_t *args); - -/** - * \brief Execute partition init function - * - * \return Error code \ref spm_err_t - */ -enum spm_err_t tfm_spm_partition_init(void); - -/** - * \brief Clears the context info from the database for a partition. - * - * \param[in] partition_idx Partition index - * - * \note This function doesn't check if partition_idx is valid. - */ -void tfm_spm_partition_cleanup_context(uint32_t partition_idx); -#endif /* !defined(TFM_PSA_API) */ - -/** - * \brief Initialize partition database - * - * \return Error code \ref spm_err_t - */ -enum spm_err_t tfm_spm_db_init(void); - -/** - * \brief Change the privilege mode for partition thread mode. - * - * \param[in] privileged Privileged mode, - * \ref TFM_PARTITION_PRIVILEGED_MODE - * and \ref TFM_PARTITION_UNPRIVILEGED_MODE - * - * \note Barrier instructions are not called by this function, and if - * it is called in thread mode, it might be necessary to call - * them after this function returns (just like it is done in - * jump_to_ns_code()). - */ -void tfm_spm_partition_change_privilege(uint32_t privileged); - -#endif /*__SPM_API_H__ */ diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_db.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_db.h deleted file mode 100644 index dfdaf32..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_db.h +++ /dev/null @@ -1,83 +0,0 @@ -/* - * Copyright (c) 2017-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#ifndef __SPM_DB_H__ -#define __SPM_DB_H__ - - -#ifdef TFM_PSA_API -#include "tfm_thread.h" -#endif - -struct spm_partition_desc_t; -struct spm_partition_db_t; - -typedef psa_status_t(*sp_init_function)(void); - -#define TFM_PARTITION_TYPE_APP "APPLICATION-ROT" -#define TFM_PARTITION_TYPE_PSA "PSA-ROT" - -#ifdef TFM_PSA_API -enum tfm_partition_priority { - TFM_PRIORITY_LOW = THRD_PRIOR_LOWEST, - TFM_PRIORITY_NORMAL = THRD_PRIOR_MEDIUM, - TFM_PRIORITY_HIGH = THRD_PRIOR_HIGHEST, -}; -#else -enum tfm_partition_priority { - TFM_PRIORITY_LOW = 0xFF, - TFM_PRIORITY_NORMAL = 0x7F, - TFM_PRIORITY_HIGH = 0, -}; -#endif - -#define TFM_PRIORITY(LEVEL) TFM_PRIORITY_##LEVEL - -/** - * Holds the fields of the partition DB used by the SPM code. The values of - * these fields are calculated at compile time, and set during initialisation - * phase. - */ -struct spm_partition_static_data_t { - uint32_t partition_id; - uint32_t partition_flags; - uint32_t partition_priority; - sp_init_function partition_init; -}; - -/** - * Holds the fields that define a partition for SPM. The fields are further - * divided to structures, to keep the related fields close to each other. - */ -struct spm_partition_desc_t { - struct spm_partition_static_data_t static_data; - struct spm_partition_runtime_data_t runtime_data; - struct tfm_spm_partition_platform_data_t *platform_data; -#if (TFM_LVL != 1) || defined(TFM_PSA_API) - struct tfm_spm_partition_memory_data_t memory_data; -#endif -#ifdef TFM_PSA_API - struct tfm_thrd_ctx sp_thrd; -#endif -}; - -/* Macros to pick linker symbols and allow to form the partition data base */ -#define REGION(a, b, c) a##b##c -#define REGION_NAME(a, b, c) REGION(a, b, c) -/* Changed from #if (TFM_LVL == 1) && !defined(TFM_PSA_API) to #if (TFM_LVL == 1) to avoid linker error. - TF-M build autogenerates region details (code, ro, rw, zi and stack ) using linker scripts. We do not - hve that in mbed-os build yet. -*/ -#if (TFM_LVL == 1) -#define REGION_DECLARE(a, b, c) -#else -#define REGION_DECLARE(a, b, c) extern uint32_t REGION_NAME(a, b, c) -#define PART_REGION_ADDR(partition, region) \ - (uint32_t)®ION_NAME(Image$$, partition, region) -#endif - -#endif /* __SPM_DB_H__ */ diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_db_setup.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_db_setup.h deleted file mode 100644 index 2cecfb7..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_db_setup.h +++ /dev/null @@ -1,138 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#ifndef __SPM_DB_SETUP_H__ -#define __SPM_DB_SETUP_H__ - -#include -#include "spm_db.h" - -/** - * \brief Get the index of a partition. - * - * Gets the index of a partition in the partition db based on the partition ID - * provided as a parameter. - * - * \param[in] partition_idx The index of the partition - * - * \return \ref INVALID_PARTITION_IDX if the provided index is invalid. The - * index of the partition otherwise. - */ -uint32_t get_partition_idx(uint32_t partition_id); - -struct spm_partition_db_t { - uint32_t is_init; - uint32_t partition_count; - uint32_t running_partition_idx; - struct spm_partition_desc_t partitions[SPM_MAX_PARTITIONS]; -}; - -#define PARTITION_INIT_STATIC_DATA(data, partition, flags, id, priority) \ - do { \ - data.partition_id = partition##_ID; \ - data.partition_flags = flags; \ - data.partition_priority = TFM_PRIORITY(priority); \ - } while (0) - -/* Changed from #if (TFM_LVL == 1) && !defined(TFM_PSA_API) to #if (TFM_LVL == 1) to avoid linker error. - TF-M build autogenerates region details (code, ro, rw, zi and stack ) using linker scripts. We do not - hve that in mbed-os build yet. -*/ -#if (TFM_LVL == 1) -#define PARTITION_INIT_MEMORY_DATA(data, partition) -#else -#define PARTITION_INIT_MEMORY_DATA(data, partition) \ - do { \ - data.code_start = PART_REGION_ADDR(partition, $$Base); \ - data.code_limit = PART_REGION_ADDR(partition, $$Limit); \ - data.ro_start = PART_REGION_ADDR(partition, $$RO$$Base); \ - data.ro_limit = PART_REGION_ADDR(partition, $$RO$$Limit); \ - data.rw_start = PART_REGION_ADDR(partition, _DATA$$RW$$Base); \ - data.rw_limit = PART_REGION_ADDR(partition, _DATA$$RW$$Limit); \ - data.zi_start = PART_REGION_ADDR(partition, _DATA$$ZI$$Base); \ - data.zi_limit = PART_REGION_ADDR(partition, _DATA$$ZI$$Limit); \ - data.stack_bottom = PART_REGION_ADDR(partition, _STACK$$ZI$$Base); \ - data.stack_top = PART_REGION_ADDR(partition, _STACK$$ZI$$Limit); \ - } while (0) -#endif - -#if TFM_LVL == 1 -#define PARTITION_INIT_RUNTIME_DATA(data, partition) \ - do { \ - data.partition_state = SPM_PARTITION_STATE_UNINIT; \ - } while (0) -#else -#define PARTITION_INIT_RUNTIME_DATA(data, partition) \ - do { \ - data.partition_state = SPM_PARTITION_STATE_UNINIT; \ - /* The top of the stack is reserved for the iovec */ \ - /* parameters of the service called. That's why in */ \ - /* data.stack_ptr we extract sizeof(struct iovec_args_t) */ \ - /* from the limit. */ \ - data.stack_ptr = \ - PART_REGION_ADDR(partition, _STACK$$ZI$$Limit - \ - sizeof(struct iovec_args_t)); \ - } while (0) -#endif - -#define PARTITION_DECLARE(partition, flag, type, id, priority, part_stack_size) \ - do { \ - REGION_DECLARE(Image$$, partition, $$Base); \ - REGION_DECLARE(Image$$, partition, $$Limit); \ - REGION_DECLARE(Image$$, partition, $$RO$$Base); \ - REGION_DECLARE(Image$$, partition, $$RO$$Limit); \ - REGION_DECLARE(Image$$, partition, _DATA$$RW$$Base); \ - REGION_DECLARE(Image$$, partition, _DATA$$RW$$Limit); \ - REGION_DECLARE(Image$$, partition, _DATA$$ZI$$Base); \ - REGION_DECLARE(Image$$, partition, _DATA$$ZI$$Limit); \ - REGION_DECLARE(Image$$, partition, _STACK$$ZI$$Base); \ - REGION_DECLARE(Image$$, partition, _STACK$$ZI$$Limit); \ - int32_t flags = flag; \ - if (tfm_memcmp(type, TFM_PARTITION_TYPE_APP, \ - strlen(TFM_PARTITION_TYPE_APP)) == 0) { \ - flags |= SPM_PART_FLAG_APP_ROT; \ - } else if (tfm_memcmp(type, TFM_PARTITION_TYPE_PSA, \ - strlen(TFM_PARTITION_TYPE_PSA)) == 0) { \ - flags |= SPM_PART_FLAG_PSA_ROT | SPM_PART_FLAG_APP_ROT; \ - } else { \ - return SPM_ERR_INVALID_CONFIG; \ - } \ - struct spm_partition_desc_t *part_ptr; \ - if (g_spm_partition_db.partition_count >= SPM_MAX_PARTITIONS) { \ - return SPM_ERR_INVALID_CONFIG; \ - } \ - __attribute__((section(".data.partitions_stacks"))) \ - static uint8_t partition##_stack[part_stack_size] __attribute__((aligned(8))); \ - part_ptr = &(g_spm_partition_db.partitions[ \ - g_spm_partition_db.partition_count]); \ - part_ptr->memory_data.stack_bottom = (uint32_t)partition##_stack; \ - part_ptr->memory_data.stack_top = part_ptr->memory_data.stack_bottom + part_stack_size; \ - PARTITION_INIT_STATIC_DATA(part_ptr->static_data, partition, flags, \ - id, priority); \ - PARTITION_INIT_RUNTIME_DATA(part_ptr->runtime_data, partition); \ - PARTITION_INIT_MEMORY_DATA(part_ptr->memory_data, partition); \ - ++g_spm_partition_db.partition_count; \ - } while (0) - -#define PARTITION_ADD_INIT_FUNC(partition, init_func) \ - do { \ - extern int32_t init_func(void); \ - uint32_t partition_idx = get_partition_idx(partition##_ID); \ - struct spm_partition_desc_t *part_ptr = \ - &(g_spm_partition_db.partitions[partition_idx]); \ - part_ptr->static_data.partition_init = init_func; \ - } while (0) - -#define PARTITION_ADD_PERIPHERAL(partition, peripheral) \ - do { \ - uint32_t partition_idx = get_partition_idx(partition##_ID); \ - struct spm_partition_desc_t *part_ptr = \ - &(g_spm_partition_db.partitions[partition_idx]); \ - part_ptr->platform_data = peripheral; \ - } while (0) - -#endif /* __SPM_DB_SETUP_H__ */ diff --git a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_partition_defs.h b/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_partition_defs.h deleted file mode 100644 index 0533881..0000000 --- a/components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/spm/spm_partition_defs.h +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Copyright (c) 2017-2018, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#ifndef __SPM_PARTITION_DEFS_H__ -#define __SPM_PARTITION_DEFS_H__ - -/* FixMe: allocations to be settled. - * 8 bits reserved by TFM for secure partition Id in this prototype - */ -#define TFM_SP_BASE 256 - -/* A reserved partition ID that is used for uninitialised data */ -#define INVALID_PARTITION_ID (~0U) - -/* ***** partition ID-s internal to the TFM ***** */ -#define TFM_INTERNAL_PARTITIONS (2) - -/* From the SPM point of view the non secure processing environment is handled - * as a special secure partition. This simplifies the context switch - * operations. - */ -#define TFM_SP_NON_SECURE_ID (0) -/* A dummy partition for TFM_SP_CORE is created to handle secure partition - * calls done directly from the core, before NS execution started. - */ -#define TFM_SP_CORE_ID (1) - -#include "tfm_partition_defs.inc" - -/* This limit is only used to define the size of the database reserved for - * partitions. There's no requirement that it match the number of partitions - * that get registered in a specific build - */ -#define SPM_MAX_PARTITIONS (TFM_MAX_USER_PARTITIONS + TFM_INTERNAL_PARTITIONS) - -#endif /* __SPM_PARTITION_DEFS_H__ */ diff --git a/components/TARGET_PSA/TARGET_TFM/tf-m-integration.md b/components/TARGET_PSA/TARGET_TFM/tf-m-integration.md deleted file mode 100644 index f3b4f54..0000000 --- a/components/TARGET_PSA/TARGET_TFM/tf-m-integration.md +++ /dev/null @@ -1,111 +0,0 @@ -# TF-M integration to Mbed-OS -This document is an initial draft for TF-M for Mbed-OS porting guide . - -## Audience -This guide is intended for developers wishing to port Mbed-OS with TF-M used as a secure kernel for ARMv8-M targets. - -Prior knowledge with both TF-M & Mbed-OS concepts is assumed. - -## Build system concepts: - -Mbed-OS build system is based on [Mbed-CLI](https://github.com/ARMmbed/mbed-cli). -Mbed-CLI build system performs lookup for source and header files within project directory and adds them all to a build. All folders will be scanned for sources except for: -- folders starting with `TARGET_*` -- folders starting with `COMPONENT_*` -- folders starting with `FEATURE_*` -- folders starting with `TESTS_*` (not true for `mbed test` builds) -- files and folders listed in `.mbedignore` - -The ignored folders listed above can be explicitly added to a compilation by adding following keys to a target description in `targets.json`: -- adding `extra_labels_add`, `inherits` and `sub_target` for adding `TARGET_*` -- adding `components_add` for adding `COMPONENT_*` -- `features_add` for adding `FEATURE_*` - -TF-M is built as bare-metal in a secure target, in order to build a secure target with TF-M as its' kernel need to add `--app-config /tools/psa/tfm/mbed_app.json` to the build command of the secure target. - -## Build hooks - -Mbed-OS testing tools are designed to work with a single image (`.bin` or `.hex`). -When building mbed-os for TF-M targets two images are created. One for normal world(NW) and one for TrustZone(TZ). -Mbed-OS build system provides `post_binary_hook` that allows executing arbitrary Python script for merging NW and TZ images. Typically `post_binary_hook` is added to NW target and assumes TZ target images as a prerequisite. - -## Porting TF-M targets - -Typically firmware for TF-M targets consist of 2 or more images: normal world and TrustZone image. More images can be present in case boot loaders are used. -Two images must be built and linked separately. TrustZone image must be built first. - -There may be code and/or header files sharing between the two targets. -Nested folder layout typically provides more easy code reuse between two targets: -Example: - -```txt -└── tragets - └── TARGET_ - └── TARGET_ - ├── common_files <-- files shared between NW and TZ images - ├── TARGET__NS - │   └── normal_world_files <-- files only to be included for NW build - └── TARGET__S - └── trustzone_files <-- files only to be included for TZ build -``` - -The target should be represented in a following way in `target.json` (`MUSCA_A1` is taken for example and should be substituted): -```json -... -"ARM_MUSCA_A1": { - "public": false, - "inherits": ["Target"], - "supported_toolchains": ["ARMC6", "GCC_ARM"], - "default_toolchain": "ARMC6", - "extra_labels": ["ARM_SSG", "MUSCA_A1"], - }, - "ARM_MUSCA_A1_NS": { - "inherits": ["NSPE_Target", "ARM_MUSCA_A1"], - "core": "Cortex-M33-NS", - "device_has_add": ["INTERRUPTIN", "LPTICKER", "SERIAL", "SLEEP", "USTICKER"], - "macros": [ - "MBED_FAULT_HANDLER_DISABLED", - "MBEDTLS_PSA_CRYPTO_C" - ], - "extra_labels_add": ["MUSCA_A1_NS", "PSA", "TFM"], - "post_binary_hook": {"function": "ArmMuscaA1Code.binary_hook"} - }, - "ARM_MUSCA_A1_S": { - "inherits": ["SPE_Target", "ARM_MUSCA_A1"], - "core": "Cortex-M33", - "device_has_add": ["FLASH"], - "macros": [ - "MBED_MPU_CUSTOM", - "MBEDTLS_PSA_CRYPTO_SPM", - "MBEDTLS_PSA_CRYPTO_C", - "MBEDTLS_ENTROPY_NV_SEED" - ], - "components_add": ["FLASHIAP"], - "extra_labels_add": ["MUSCA_A1_S", "PSA", "TFM"] - }, -``` - -Example details: -- Secure target: - - `"device_has_add": ["FLASH"]` and `"components_add": ["FLASHIAP"]` for enabling storage stack. Required by PSA Internal storage service. - - `"extra_labels_add": ["PSA", "TFM"]` are required to add PSA services and TF-M SPM implementation sources to a compilation - - all the macros from the example above are required - - must inherit from `SPE_Target` -- Nonsecure target: - - must inherit from `NSPE_Target` - - `"extra_labels_add": ["PSA", "TFM"]` are required to add PSA services and TF-M SPM implementation sources to a compilation - - all the macros from the example above are required - - `post_binary_hook` is used to combine secure and non-secure images - -### HAL -For porting Mbed-OS & TF-M both Mbed-OS and TF-M HAL layers should be created. - -#### Mbed-OS HAL: -Follow instructions for [Mbed-OS HAL porting](https://os.mbed.com/docs/mbed-os/v5.11/porting/porting-hal-modules.html) - -#### TF-M: -Mbed-OS contains customized TF-M version. TF-M services reference implementation was replaced by Mbed-OS version. Thus TF-M has different HAL layer comparing to vanilla [TF-M reference implementation](https://git.trustedfirmware.org/trusted-firmware-m.git/about/). - -The porting layer consists of: -- All functions listed in: `components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/platform/include/tfm_spm_hal.h` -- Flash API `mbed-os/hal/flash_api.h` implementation is required for TZ image. It is used by PSA Internal trusted storage implementation. diff --git a/components/TARGET_PSA/services/attestation/COMPONENT_SPE/psa_attestation_partition.c b/components/TARGET_PSA/services/attestation/COMPONENT_SPE/psa_attestation_partition.c deleted file mode 100755 index 3459a7d..0000000 --- a/components/TARGET_PSA/services/attestation/COMPONENT_SPE/psa_attestation_partition.c +++ /dev/null @@ -1,253 +0,0 @@ -/* -* Copyright (c) 2018-2019 ARM Limited. All rights reserved. -* -* SPDX-License-Identifier: Apache-2.0 -* -* Licensed under the Apache License, Version 2.0 (the License); you may -* not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an AS IS BASIS, WITHOUT -* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ - -// ---------------------------------- Includes --------------------------------- -#include "psa/client.h" -#include "psa/service.h" - -#include "mbed_spm_partitions.h" -#include "psa_initial_attestation_api.h" -#include "psa_attest_inject_key.h" -#include "psa_inject_attestation_key_impl.h" -#include "attestation.h" -#include -#include -#include "psa/crypto.h" - -int32_t g_caller_id = 0; - -static void set_caller_id(psa_msg_t *msg) -{ - g_caller_id = msg->client_id; -} - -// ------------------------- Partition's Main Thread --------------------------- - -static void psa_attest_get_token(void) -{ - psa_msg_t msg = { 0 }; - enum psa_attest_err_t status = PSA_ATTEST_ERR_SUCCESS; - - if (PSA_SUCCESS != psa_get(PSA_ATTEST_GET_TOKEN, &msg)) { - return; - } - switch (msg.type) { - case PSA_IPC_CONNECT: - case PSA_IPC_DISCONNECT: { - break; - } - case PSA_IPC_CALL: { - uint8_t *challenge_buff = NULL; - uint8_t *token_buff = NULL; - uint32_t bytes_read = 0; - - challenge_buff = calloc(1, msg.in_size[0]); - if (challenge_buff == NULL) { - status = PSA_ATTEST_ERR_GENERAL; - break; - } - bytes_read = psa_read(msg.handle, 0, - challenge_buff, msg.in_size[0]); - if (bytes_read != msg.in_size[0]) { - free(challenge_buff); - SPM_PANIC("SPM read length mismatch"); - } - - token_buff = calloc(1, msg.out_size[0]); - if (token_buff == NULL) { - status = PSA_ATTEST_ERR_GENERAL; - free(challenge_buff); - break; - } - - psa_invec in_vec[1] = { { challenge_buff, msg.in_size[0] } }; - psa_outvec out_vec[1] = { { token_buff, msg.out_size[0] } }; - - status = attest_init(); - if (status != PSA_ATTEST_ERR_SUCCESS) { - free(challenge_buff); - free(token_buff); - break; - } - - set_caller_id(&msg); - status = initial_attest_get_token(in_vec, 1, out_vec, 1); - if (status == PSA_ATTEST_ERR_SUCCESS) { - psa_write(msg.handle, 0, out_vec[0].base, out_vec[0].len); - } - - free(challenge_buff); - free(token_buff); - break; - } - - default: { - SPM_PANIC("Unexpected message type %d!", (int)(msg.type)); - break; - } - } - - psa_reply(msg.handle, status); -} - -static void psa_attest_get_token_size(void) -{ - psa_msg_t msg = { 0 }; - enum psa_attest_err_t status = PSA_ATTEST_ERR_SUCCESS; - - if (PSA_SUCCESS != psa_get(PSA_ATTEST_GET_TOKEN_SIZE, &msg)) { - return; - } - switch (msg.type) { - case PSA_IPC_CONNECT: - case PSA_IPC_DISCONNECT: { - break; - } - case PSA_IPC_CALL: { - uint32_t challenge_size; - uint32_t token_size; - uint32_t bytes_read = 0; - - bytes_read = psa_read(msg.handle, 0, - &challenge_size, msg.in_size[0]); - if (bytes_read != msg.in_size[0]) { - SPM_PANIC("SPM read length mismatch"); - } - - psa_invec in_vec[1] = { { &challenge_size, msg.in_size[0] } }; - psa_outvec out_vec[1] = { { &token_size, msg.out_size[0] } }; - - status = attest_init(); - if (status != PSA_ATTEST_ERR_SUCCESS) { - break; - } - - set_caller_id(&msg); - status = initial_attest_get_token_size(in_vec, 1, out_vec, 1); - if (status == PSA_ATTEST_ERR_SUCCESS) { - psa_write(msg.handle, 0, out_vec[0].base, out_vec[0].len); - } - - break; - } - - default: { - SPM_PANIC("Unexpected message type %d!", (int)(msg.type)); - break; - } - } - - psa_reply(msg.handle, status); -} - -static void psa_attest_inject_key(void) -{ - psa_msg_t msg = { 0 }; - psa_status_t status = PSA_SUCCESS; - - if (PSA_SUCCESS != psa_get(PSA_ATTEST_INJECT_KEY, &msg)) { - return; - } - switch (msg.type) { - case PSA_IPC_CONNECT: - case PSA_IPC_DISCONNECT: { - break; - } - case PSA_IPC_CALL: { - uint8_t *public_key_data = NULL; - size_t public_key_data_length = 0; - uint8_t *key_data = NULL; - psa_key_type_t type; - uint32_t bytes_read = 0; - - if (msg.in_size[0] != sizeof(psa_key_type_t)) { - status = PSA_ERROR_INVALID_ARGUMENT; - break; - } - - bytes_read = psa_read(msg.handle, 0, &type, msg.in_size[0]); - if (bytes_read != msg.in_size[0]) { - SPM_PANIC("SPM read length mismatch"); - } - - public_key_data = calloc(1, msg.out_size[0]); - if (public_key_data == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - if (msg.in_size[1] != 0) { - key_data = calloc(1, msg.in_size[1]); - if (key_data == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - free(public_key_data); - break; - } - - bytes_read = psa_read(msg.handle, 1, - key_data, msg.in_size[1]); - if (bytes_read != msg.in_size[1]) { - free(public_key_data); - free(key_data); - SPM_PANIC("SPM read length mismatch"); - } - } - status = psa_attestation_inject_key_impl(key_data, - msg.in_size[1], - type, - public_key_data, - msg.out_size[0], - &public_key_data_length); - - if (status == PSA_SUCCESS) { - psa_write(msg.handle, 0, public_key_data, public_key_data_length); - } - - psa_write(msg.handle, 1, - &public_key_data_length, sizeof(public_key_data_length)); - free(public_key_data); - if (key_data != NULL) { - free(key_data); - } - break; - - } - - default: { - SPM_PANIC("Unexpected message type %d!", (int)(msg.type)); - break; - } - } - - psa_reply(msg.handle, status); -} - -void attest_main(void *ptr) -{ - while (1) { - uint32_t signals = psa_wait(ATTEST_SRV_WAIT_ANY_SID_MSK, PSA_BLOCK); - if (signals & PSA_ATTEST_GET_TOKEN) { - psa_attest_get_token(); - } - if (signals & PSA_ATTEST_GET_TOKEN_SIZE) { - psa_attest_get_token_size(); - } - if (signals & PSA_ATTEST_INJECT_KEY) { - psa_attest_inject_key(); - } - } -} diff --git a/components/TARGET_PSA/services/attestation/attestation_partition_psa.json b/components/TARGET_PSA/services/attestation/attestation_partition_psa.json deleted file mode 100755 index f021d49..0000000 --- a/components/TARGET_PSA/services/attestation/attestation_partition_psa.json +++ /dev/null @@ -1,47 +0,0 @@ -{ - "name": "ATTEST_SRV", - "type": "APPLICATION-ROT", - "priority": "NORMAL", - "id": "0x00000025", - "entry_point": "attest_main", - "stack_size": "0x2000", - "heap_size": "0x2000", - "services": [ - { - "name": "PSA_ATTEST_GET_TOKEN_ID", - "identifier": "0x00000F10", - "signal": "PSA_ATTEST_GET_TOKEN", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "STRICT" - }, - { - "name": "PSA_ATTEST_GET_TOKEN_SIZE_ID", - "identifier": "0x00000F11", - "signal": "PSA_ATTEST_GET_TOKEN_SIZE", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "STRICT" - }, - { - "name": "PSA_ATTEST_INJECT_KEY_ID", - "identifier": "0x00000F12", - "signal": "PSA_ATTEST_INJECT_KEY", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "STRICT" - } - ], - "extern_sids": [ - "PSA_CRYPTO_INIT_ID", - "PSA_HASH_ID", - "PSA_ASYMMETRIC_ID", - "PSA_KEY_MNG_ID", - "PSA_CRYPTO_FREE_ID", - "PSA_KEY_DERIVATION_ID", - "PSA_PLATFORM_LC_GET" - ], - "source_files": [ - "COMPONENT_SPE/psa_attestation_partition.c" - ] -} diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/crypto_struct.h b/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/crypto_struct.h index 9ffa1f7..465ccbb 100644 --- a/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/crypto_struct.h +++ b/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/crypto_struct.h @@ -14,9 +14,4 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -#ifdef PSA_CRYPTO_SECURE -#include "crypto_struct_spe.h" -#else #include "crypto_struct_ipc.h" -#endif - diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/crypto_spe.h b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/crypto_spe.h deleted file mode 100644 index 46efdf8..0000000 --- a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/crypto_spe.h +++ /dev/null @@ -1,112 +0,0 @@ -/* - * Copyright (c) 2020, Arm Limited and affiliates. - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * \file psa/crypto_spe.h - * \brief Platform Security Architecture cryptography module - */ - -#ifndef PSA_CRYPTO_SPE_H -#define PSA_CRYPTO_SPE_H - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#define psa_crypto_init psa_sec_crypto_init -#define psa_get_key_attributes psa_sec_get_key_attributes -#define psa_reset_key_attributes psa_sec_reset_key_attributes -#define psa_open_key psa_sec_open_key -#define psa_close_key psa_sec_close_key -#define psa_import_key psa_sec_import_key -#define psa_destroy_key psa_sec_destroy_key -#define psa_export_key psa_sec_export_key -#define psa_export_public_key psa_sec_export_public_key -#define psa_copy_key psa_sec_copy_key -#define psa_hash_compute psa_sec_hash_compute -#define psa_hash_compare psa_sec_hash_compare -#define psa_hash_setup psa_sec_hash_setup -#define psa_hash_update psa_sec_hash_update -#define psa_hash_finish psa_sec_hash_finish -#define psa_hash_verify psa_sec_hash_verify -#define psa_hash_abort psa_sec_hash_abort -#define psa_hash_clone psa_sec_hash_clone -#define psa_mac_compute psa_sec_mac_compute -#define psa_mac_verify psa_sec_mac_verify -#define psa_mac_sign_setup psa_sec_mac_sign_setup -#define psa_mac_verify_setup psa_sec_mac_verify_setup -#define psa_mac_update psa_sec_mac_update -#define psa_mac_sign_finish psa_sec_mac_sign_finish -#define psa_mac_verify_finish psa_sec_mac_verify_finish -#define psa_mac_abort psa_sec_mac_abort -#define psa_cipher_encrypt psa_sec_cipher_encrypt -#define psa_cipher_decrypt psa_sec_cipher_decrypt -#define psa_cipher_encrypt_setup psa_sec_cipher_encrypt_setup -#define psa_cipher_decrypt_setup psa_sec_cipher_decrypt_setup -#define psa_cipher_generate_iv psa_sec_cipher_generate_iv -#define psa_cipher_set_iv psa_sec_cipher_set_iv -#define psa_cipher_update psa_sec_cipher_update -#define psa_cipher_finish psa_sec_cipher_finish -#define psa_cipher_abort psa_sec_cipher_abort -#define psa_aead_encrypt psa_sec_aead_encrypt -#define psa_aead_decrypt psa_sec_aead_decrypt -#define psa_aead_encrypt_setup psa_sec_aead_encrypt_setup -#define psa_aead_decrypt_setup psa_sec_aead_decrypt_setup -#define psa_aead_generate_nonce psa_sec_aead_generate_nonce -#define psa_aead_set_nonce psa_sec_aead_set_nonce -#define psa_aead_set_lengths psa_sec_aead_set_lengths -#define psa_aead_update_ad psa_sec_aead_update_ad -#define psa_aead_update psa_sec_aead_update -#define psa_aead_finish psa_sec_aead_finish -#define psa_aead_verify psa_sec_aead_verify -#define psa_aead_abort psa_sec_aead_abort -#define psa_sign_hash psa_sec_sign_hash -#define psa_verify_hash psa_sec_verify_hash -#define psa_asymmetric_encrypt psa_sec_asymmetric_encrypt -#define psa_asymmetric_decrypt psa_sec_asymmetric_decrypt -#define psa_key_derivation_setup psa_sec_key_derivation_setup -#define psa_key_derivation_get_capacity psa_sec_key_derivation_get_capacity -#define psa_key_derivation_set_capacity psa_sec_key_derivation_set_capacity -#define psa_key_derivation_input_bytes psa_sec_key_derivation_input_bytes -#define psa_key_derivation_input_key psa_sec_key_derivation_input_key -#define psa_key_derivation_key_agreement psa_sec_key_derivation_key_agreement -#define psa_key_derivation_output_bytes psa_sec_key_derivation_output_bytes -#define psa_key_derivation_output_key psa_sec_key_derivation_output_key -#define psa_key_derivation_abort psa_sec_key_derivation_abort -#define psa_raw_key_agreement psa_sec_raw_key_agreement -#define psa_generate_random psa_sec_generate_random -#define psa_generate_key psa_sec_generate_key - -#define mbedtls_psa_crypto_free mbedtls_psa_sec_crypto_free -#define mbedtls_psa_inject_entropy mbedtls_psa_sec_inject_entropy -#define psa_set_key_domain_parameters psa_sec_set_key_domain_parameters -#define psa_get_key_domain_parameters psa_sec_get_key_domain_parameters - -#define MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER 1 - -#include "crypto.h" - -#ifdef __cplusplus -} -#endif - -/* The file "crypto_extra.h" contains vendor-specific definitions. This - * can include vendor-defined algorithms, extra functions, etc. */ -#include "crypto_extra.h" - -#endif /* PSA_CRYPTO_SPE_H */ diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_access_control.c b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_access_control.c deleted file mode 100644 index 9a6baa5..0000000 --- a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_access_control.c +++ /dev/null @@ -1,85 +0,0 @@ -/* - * Copyright (c) 2019, Arm Limited and affiliates - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "psa/client.h" -#include "psa/service.h" -#include "psa_crypto_access_control.h" -#include "psa_crypto_core.h" -#include "psa_crypto_slot_management.h" - -typedef struct psa_crypto_access_control_s { - psa_key_handle_t key_handle; - int32_t partition_id; -} psa_crypto_access_control_t; - -static psa_crypto_access_control_t crypto_access_control_arr[PSA_KEY_SLOT_COUNT]; - -static inline void psa_crypto_access_control_reset() -{ - memset(crypto_access_control_arr, 0, sizeof(crypto_access_control_arr)); -} - -void psa_crypto_access_control_init(void) -{ - psa_crypto_access_control_reset(); -} - -void psa_crypto_access_control_destroy(void) -{ - psa_crypto_access_control_reset(); -} - -void psa_crypto_access_control_register_handle(psa_key_handle_t key_handle, int32_t partition_id) -{ - for (size_t i = 0; i < PSA_KEY_SLOT_COUNT; i++) { - if (crypto_access_control_arr[i].key_handle == 0 && - crypto_access_control_arr[i].partition_id == 0) { - crypto_access_control_arr[i].key_handle = key_handle; - crypto_access_control_arr[i].partition_id = partition_id; - return; - } - } - - SPM_PANIC("psa_crypto_access_control_register_handle failed"); -} - -void psa_crypto_access_control_unregister_handle(psa_key_handle_t key_handle) -{ - for (size_t i = 0; i < PSA_KEY_SLOT_COUNT; i++) { - if (crypto_access_control_arr[i].key_handle == key_handle) { - crypto_access_control_arr[i].key_handle = 0; - crypto_access_control_arr[i].partition_id = 0; - return; - } - } - - SPM_PANIC("psa_crypto_access_control_unregister_handle failed"); -} - -uint8_t psa_crypto_access_control_is_handle_permitted(psa_key_handle_t key_handle, int32_t partition_id) -{ - for (size_t i = 0; i < PSA_KEY_SLOT_COUNT; i++) { - if (crypto_access_control_arr[i].key_handle == key_handle && - crypto_access_control_arr[i].partition_id == partition_id) { - return 1; - } - } - - return 0; -} diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_access_control.h b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_access_control.h deleted file mode 100644 index c588e14..0000000 --- a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_access_control.h +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Copyright (c) 2019, Arm Limited and affiliates - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef PSA_CRYPTO_ACCESS_CONTROL_H -#define PSA_CRYPTO_ACCESS_CONTROL_H - -#include - -#include "crypto_platform.h" - -/* initialize the module, resets all tracked information */ -void psa_crypto_access_control_init(void); - -/* deinitialize the module, resets all tracked information */ -void psa_crypto_access_control_destroy(void); - -/* tracks and associates the key_handle with partition_id */ -void psa_crypto_access_control_register_handle(psa_key_handle_t key_handle, int32_t partition_id); - -/* removes tracking of the key_handle */ -void psa_crypto_access_control_unregister_handle(psa_key_handle_t key_handle); - -/* checks if the key_handle is associated with the partition_id, returns 0 is false otherwise 1 */ -uint8_t psa_crypto_access_control_is_handle_permitted(psa_key_handle_t key_handle, int32_t partition_id); - -#endif /* PSA_CRYPTO_ACCESS_CONTROL_H */ diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c deleted file mode 100644 index 11516a1..0000000 --- a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c +++ /dev/null @@ -1,2483 +0,0 @@ -/* - * Copyright (c) 2020, Arm Limited and affiliates. - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -// ---------------------------------- Includes --------------------------------- -#include -#include -#include "psa/client.h" -#include "psa/service.h" - - -#define PSA_CRYPTO_SECURE 1 -#include "crypto_spe.h" -#include "crypto_platform_spe.h" -#include "mbed_spm_partitions.h" -#include "mbedtls/entropy.h" -#include "psa_crypto_access_control.h" - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif - -#include "mbed_assert.h" - -// ---------------------------------- Macros ----------------------------------- -#if !defined(MIN) -#define MIN( a, b ) ( ( ( a ) < ( b ) ) ? ( a ) : ( b ) ) -#endif - -// -------------------------------- Structures --------------------------------- -typedef struct psa_spm_hash_clone_s { - int32_t partition_id; - void *source_operation; - uint8_t ref_count; -} psa_spm_hash_clone_t; - -// ---------------------------------- Globals ---------------------------------- -static int psa_spm_init_count = 0; - -/* maximal memory allocation for reading large hash or mac input buffers. -the data will be read in chunks of size */ -#if !defined (MAX_DATA_CHUNK_SIZE_IN_BYTES) -#define MAX_DATA_CHUNK_SIZE_IN_BYTES 400 -#endif - -#ifndef MAX_CONCURRENT_HASH_CLONES -#define MAX_CONCURRENT_HASH_CLONES 2 -#endif -static psa_spm_hash_clone_t psa_spm_hash_clones[MAX_CONCURRENT_HASH_CLONES]; - -#define CLIENT_PSA_KEY_ID_SIZE_IN_BYTES 4 -MBED_STATIC_ASSERT(sizeof(psa_key_id_t) != CLIENT_PSA_KEY_ID_SIZE_IN_BYTES, "Unexpected psa_key_id_t size"); - -// ------------------------- Internal Helper Functions ------------------------- -static inline psa_status_t reserve_hash_clone(int32_t partition_id, void *source_operation, size_t *index) -{ - /* check if the the clone request source operation is already part of another active clone operation, - * for the same source, if so then reuse it and increment its ref_count by 1. A scenario as such may happen - * in case there was a context switch between calls of PSA_HASH_CLONE_BEGIN and PSA_HASH_CLONE_END (on the - * client side) leading to PSA_HASH_CLONE_BEGIN being executed more than one time without a call to - * PSA_HASH_CLONE_END */ - for (*index = 0; *index < MAX_CONCURRENT_HASH_CLONES; (*index)++) { - if (psa_spm_hash_clones[*index].partition_id == partition_id && - psa_spm_hash_clones[*index].source_operation == source_operation) { - psa_spm_hash_clones[*index].ref_count++; - return PSA_SUCCESS; - } - } - - /* find an available empty entry in the array */ - for (*index = 0; *index < MAX_CONCURRENT_HASH_CLONES; (*index)++) { - if (psa_spm_hash_clones[*index].partition_id == 0 && - psa_spm_hash_clones[*index].source_operation == NULL) { - psa_spm_hash_clones[*index].partition_id = partition_id; - psa_spm_hash_clones[*index].source_operation = source_operation; - psa_spm_hash_clones[*index].ref_count++; - return PSA_SUCCESS; - } - } - - return PSA_ERROR_BAD_STATE; -} - -static inline void release_hash_clone(psa_spm_hash_clone_t *hash_clone) -{ - hash_clone->ref_count--; - if (hash_clone->ref_count == 0) { - hash_clone->partition_id = 0; - hash_clone->source_operation = NULL; - } -} - -static void clear_hash_clone(void *source_operation) -{ - for (size_t i = 0; i < MAX_CONCURRENT_HASH_CLONES; i++) { - if (psa_spm_hash_clones[i].source_operation == source_operation) { - psa_spm_hash_clones[i].partition_id = 0; - psa_spm_hash_clones[i].source_operation = NULL; - psa_spm_hash_clones[i].ref_count = 0; - break; - } - } -} - -static inline psa_status_t get_hash_clone(size_t index, int32_t partition_id, - psa_spm_hash_clone_t **hash_clone) -{ - if (index >= MAX_CONCURRENT_HASH_CLONES || - psa_spm_hash_clones[index].partition_id != partition_id || - psa_spm_hash_clones[index].source_operation == NULL) { - return PSA_ERROR_BAD_STATE; - } - - *hash_clone = &psa_spm_hash_clones[index]; - return PSA_SUCCESS; -} - -static void free_message_context(psa_msg_t *msg) -{ - mbedtls_free(msg->rhandle); - psa_set_rhandle(msg->handle, NULL); -} - -static void read_attributes(psa_handle_t handle, - psa_key_owner_id_t owner, - psa_key_attributes_t *attributes) -{ - uint32_t bytes_read; - psa_client_key_attributes_t client; - - bytes_read = psa_read(handle, 1, &client, sizeof(client)); - if (bytes_read != sizeof(client)) { - SPM_PANIC("SPM read length mismatch"); - } - /* We currently don't support domain parameters */ - attributes->domain_parameters = NULL; - attributes->domain_parameters_size = 0; - psa_core_attributes_to_server(&client.core, owner, &attributes->core); -} - -// -------------------- Unimplemented PSA Crypto functions -------------------- -psa_status_t psa_cipher_encrypt(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length) -{ - return PSA_ERROR_NOT_SUPPORTED; -} - -psa_status_t psa_cipher_decrypt(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length) -{ - return PSA_ERROR_NOT_SUPPORTED; -} - -psa_status_t psa_hash_compute(psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *hash, - size_t hash_size, - size_t *hash_length) -{ - return PSA_ERROR_NOT_SUPPORTED; -} - -psa_status_t psa_hash_compare(psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - const uint8_t *hash, - const size_t hash_length) -{ - return PSA_ERROR_NOT_SUPPORTED; -} - -psa_status_t psa_mac_compute(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *mac, - size_t mac_size, - size_t *mac_length) -{ - return PSA_ERROR_NOT_SUPPORTED; -} - -psa_status_t psa_mac_verify(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - const uint8_t *mac, - const size_t mac_length) -{ - return PSA_ERROR_NOT_SUPPORTED; -} - -psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, - psa_key_handle_t handle, - psa_algorithm_t alg) -{ - return PSA_ERROR_NOT_SUPPORTED; -} - -psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation, - psa_key_handle_t handle, - psa_algorithm_t alg) -{ - return PSA_ERROR_NOT_SUPPORTED; -} - -psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation, - uint8_t *nonce, - size_t nonce_size, - size_t *nonce_length) -{ - return PSA_ERROR_NOT_SUPPORTED; -} - -psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation, - const uint8_t *nonce, - size_t nonce_length) -{ - return PSA_ERROR_NOT_SUPPORTED; -} - -psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation, - size_t ad_length, - size_t plaintext_length) -{ - return PSA_ERROR_NOT_SUPPORTED; -} - -psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, - const uint8_t *input, - size_t input_length) -{ - return PSA_ERROR_NOT_SUPPORTED; -} - -psa_status_t psa_aead_update(psa_aead_operation_t *operation, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length) -{ - return PSA_ERROR_NOT_SUPPORTED; -} - -psa_status_t psa_aead_finish(psa_aead_operation_t *operation, - uint8_t *ciphertext, - size_t ciphertext_size, - size_t *ciphertext_length, - uint8_t *tag, - size_t tag_size, - size_t *tag_length) -{ - return PSA_ERROR_NOT_SUPPORTED; -} - -psa_status_t psa_aead_verify(psa_aead_operation_t *operation, - uint8_t *plaintext, - size_t plaintext_size, - size_t *plaintext_length, - const uint8_t *tag, - size_t tag_length) -{ - return PSA_ERROR_NOT_SUPPORTED; -} - -psa_status_t psa_aead_abort(psa_aead_operation_t *operation) -{ - return PSA_ERROR_NOT_SUPPORTED; -} - - -// ------------------------- Partition's Main Thread --------------------------- -static void psa_crypto_init_operation(void) -{ - psa_msg_t msg = { 0 }; - psa_status_t status = PSA_SUCCESS; - - if (PSA_SUCCESS != psa_get(PSA_CRYPTO_INIT, &msg)) { - return; - } - switch (msg.type) { - case PSA_IPC_CONNECT: - case PSA_IPC_DISCONNECT: { - break; - } - - case PSA_IPC_CALL: { - status = psa_crypto_init(); - if (status == PSA_SUCCESS) { - ++psa_spm_init_count; - if (psa_spm_init_count == 1) { - memset(psa_spm_hash_clones, 0, sizeof(psa_spm_hash_clones)); - psa_crypto_access_control_init(); - } - } - - break; - } - - default: { - SPM_PANIC("Unexpected message type %d!", (int)(msg.type)); - break; - } - } - - psa_reply(msg.handle, status); -} - -static void psa_crypto_free_operation(void) -{ - psa_msg_t msg = { 0 }; - psa_status_t status = PSA_SUCCESS; - - if (PSA_SUCCESS != psa_get(PSA_CRYPTO_FREE, &msg)) { - return; - } - switch (msg.type) { - case PSA_IPC_CONNECT: - case PSA_IPC_DISCONNECT: { - break; - } - - case PSA_IPC_CALL: { - /** perform crypto_free iff the number of init-s - * is equal to the number of free-s - */ - if (psa_spm_init_count > 0) { - --psa_spm_init_count; - } - - if (psa_spm_init_count == 0) { - memset(psa_spm_hash_clones, 0, sizeof(psa_spm_hash_clones)); - psa_crypto_access_control_destroy(); - mbedtls_psa_crypto_free(); - } - - break; - } - - default: { - SPM_PANIC("Unexpected message type %d!", (int)(msg.type)); - break; - } - } - - psa_reply(msg.handle, status); -} - -static void psa_mac_operation(void) -{ - psa_msg_t msg = { 0 }; - psa_status_t status = PSA_SUCCESS; - - if (PSA_SUCCESS != psa_get(PSA_MAC, &msg)) { - return; - } - switch (msg.type) { - case PSA_IPC_CONNECT: { - psa_mac_operation_t *psa_operation = mbedtls_calloc(1, sizeof(psa_mac_operation_t)); - if (psa_operation == NULL) { - status = PSA_CONNECTION_REFUSED; - break; - } - - psa_set_rhandle(msg.handle, psa_operation); - break; - } - - case PSA_IPC_CALL: { - uint32_t bytes_read; - psa_crypto_ipc_t psa_crypto = { 0 }; - - if (msg.in_size[0] != sizeof(psa_crypto_ipc_t)) { - status = PSA_ERROR_COMMUNICATION_FAILURE; - break; - } - - bytes_read = psa_read(msg.handle, 0, &psa_crypto, msg.in_size[0]); - if (bytes_read != msg.in_size[0]) { - SPM_PANIC("SPM read length mismatch"); - } - - switch (psa_crypto.func) { - case PSA_MAC_COMPUTE: { - uint8_t *input = NULL; - size_t input_length = msg.in_size[1]; - uint8_t *mac = NULL; - size_t mac_size = msg.out_size[0]; - size_t mac_length; - - if (!psa_crypto_access_control_is_handle_permitted(psa_crypto.handle, msg.client_id)) { - status = PSA_ERROR_INVALID_HANDLE; - break; - } - - /* Read in input. */ - if (input_length > 0) { - input = mbedtls_calloc(1, input_length); - if (input == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - } - bytes_read = psa_read(msg.handle, 1, input, input_length); - if (bytes_read != input_length) { - SPM_PANIC("SPM read length mismatch"); - } - - /* Allocate the mac output buffer. */ - if (mac_size > 0) { - mac = mbedtls_calloc(1, mac_size); - if (mac == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - free(input); - break; - } - } - - status = psa_mac_compute(psa_crypto.handle, - psa_crypto.alg, - input, input_length, - mac, mac_size, &mac_length); - if (status == PSA_SUCCESS) { - /* Write out the mac. */ - psa_write(msg.handle, 0, mac, mac_length); - psa_write(msg.handle, 1, - &mac_length, sizeof(mac_length)); - } - - free(mac); - free(input); - break; - } - - case PSA_MAC_VERIFY: { - uint8_t *input = NULL; - size_t input_length = msg.in_size[1]; - uint8_t *mac = NULL; - size_t mac_length = msg.in_size[2]; - - if (!psa_crypto_access_control_is_handle_permitted(psa_crypto.handle, msg.client_id)) { - status = PSA_ERROR_INVALID_HANDLE; - break; - } - - /* Read in input. */ - if (input_length > 0) { - input = mbedtls_calloc(1, input_length); - if (input == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - } - bytes_read = psa_read(msg.handle, 1, input, input_length); - if (bytes_read != input_length) { - SPM_PANIC("SPM read length mismatch"); - } - - /* Read in mac. */ - if (mac_length > 0) { - mac = mbedtls_calloc(1, mac_length); - if (mac == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - free(input); - break; - } - } - bytes_read = psa_read(msg.handle, 2, mac, mac_length); - if (bytes_read != mac_length) { - SPM_PANIC("SPM read length mismatch"); - } - - status = psa_mac_verify(psa_crypto.handle, - psa_crypto.alg, - input, input_length, - mac, mac_length); - free(mac); - free(input); - break; - } - - case PSA_MAC_SIGN_SETUP: { - if (psa_crypto_access_control_is_handle_permitted(psa_crypto.handle, msg.client_id)) { - status = psa_mac_sign_setup(msg.rhandle, psa_crypto.handle, psa_crypto.alg); - } else { - status = PSA_ERROR_INVALID_HANDLE; - } - - if (status != PSA_SUCCESS) { - free_message_context(&msg); - } - break; - } - - case PSA_MAC_VERIFY_SETUP: { - if (psa_crypto_access_control_is_handle_permitted(psa_crypto.handle, msg.client_id)) { - status = psa_mac_verify_setup(msg.rhandle, psa_crypto.handle, psa_crypto.alg); - } else { - status = PSA_ERROR_INVALID_HANDLE; - } - - if (status != PSA_SUCCESS) { - free_message_context(&msg); - } - break; - } - - case PSA_MAC_UPDATE: { - uint8_t *input_buffer = NULL; - size_t data_remaining = msg.in_size[1]; - size_t allocation_size = MIN(data_remaining, MAX_DATA_CHUNK_SIZE_IN_BYTES); - size_t size_to_read = 0; - - if (allocation_size > 0) { - input_buffer = mbedtls_calloc(1, allocation_size); - if (input_buffer == NULL) { - psa_mac_abort(msg.rhandle); - status = PSA_ERROR_INSUFFICIENT_MEMORY; - } else { - while (data_remaining > 0) { - size_to_read = MIN(data_remaining, MAX_DATA_CHUNK_SIZE_IN_BYTES); - - bytes_read = psa_read(msg.handle, 1, input_buffer, size_to_read); - if (bytes_read != size_to_read) { - SPM_PANIC("SPM read length mismatch"); - } - - status = psa_mac_update(msg.rhandle, input_buffer, bytes_read); - // stop on error - if (status != PSA_SUCCESS) { - break; - } - data_remaining = data_remaining - bytes_read; - } - - mbedtls_free(input_buffer); - } - } else { - status = psa_mac_update(msg.rhandle, input_buffer, allocation_size); - } - - if (status != PSA_SUCCESS) { - free_message_context(&msg); - } - break; - } - - case PSA_MAC_SIGN_FINISH: { - uint8_t *mac = NULL; - size_t mac_size = 0, mac_length = 0; - - bytes_read = psa_read(msg.handle, 1, &mac_size, msg.in_size[1]); - if (bytes_read != msg.in_size[1]) { - SPM_PANIC("SPM read length mismatch"); - } - - if (mac_size > 0) { - mac = mbedtls_calloc(1, mac_size); - if (mac == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - } - } - - if (status == PSA_SUCCESS) { - status = psa_mac_sign_finish(msg.rhandle, mac, mac_size, &mac_length); - if (status == PSA_SUCCESS) { - psa_write(msg.handle, 0, mac, mac_length); - psa_write(msg.handle, 1, &mac_length, sizeof(mac_length)); - } - mbedtls_free(mac); - } else { - psa_mac_abort(msg.rhandle); - } - - free_message_context(&msg); - break; - } - - case PSA_MAC_VERIFY_FINISH: { - uint8_t *mac = NULL; - size_t mac_length = 0; - - bytes_read = psa_read(msg.handle, 1, &mac_length, msg.in_size[1]); - if (bytes_read != msg.in_size[1] || mac_length != msg.in_size[2]) { - SPM_PANIC("SPM read length mismatch"); - } - - if (mac_length > 0) { - mac = mbedtls_calloc(1, mac_length); - if (mac == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - } else { - bytes_read = psa_read(msg.handle, 2, mac, mac_length); - if (bytes_read != mac_length) { - SPM_PANIC("SPM read length mismatch"); - } - } - } - - if (status == PSA_SUCCESS) { - status = psa_mac_verify_finish(msg.rhandle, mac, mac_length); - mbedtls_free(mac); - } else { - psa_mac_abort(msg.rhandle); - } - - free_message_context(&msg); - break; - } - - case PSA_MAC_ABORT: { - status = psa_mac_abort(msg.rhandle); - free_message_context(&msg); - break; - } - - default: { - status = PSA_ERROR_NOT_SUPPORTED; - break; - } - - break; - } - - break; - } - - case PSA_IPC_DISCONNECT: { - if (msg.rhandle != NULL) { - psa_mac_abort(msg.rhandle); - free_message_context(&msg); - } - - break; - } - - default: { - SPM_PANIC("Unexpected message type %d!", (int)(msg.type)); - break; - } - } - - psa_reply(msg.handle, status); -} - -static void psa_hash_operation(void) -{ - psa_msg_t msg = { 0 }; - psa_status_t status = PSA_SUCCESS; - - if (PSA_SUCCESS != psa_get(PSA_HASH, &msg)) { - return; - } - switch (msg.type) { - case PSA_IPC_CONNECT: { - psa_hash_operation_t *psa_operation = mbedtls_calloc(1, sizeof(psa_hash_operation_t)); - if (psa_operation == NULL) { - status = PSA_CONNECTION_REFUSED; - break; - } - - psa_set_rhandle(msg.handle, psa_operation); - break; - } - - case PSA_IPC_CALL: { - uint32_t bytes_read = 0; - psa_crypto_ipc_t psa_crypto = {0}; - - if (msg.in_size[0] != sizeof(psa_crypto_ipc_t)) { - status = PSA_ERROR_COMMUNICATION_FAILURE; - break; - } - - bytes_read = psa_read(msg.handle, 0, &psa_crypto, msg.in_size[0]); - if (bytes_read != msg.in_size[0]) { - SPM_PANIC("SPM read length mismatch"); - } - - switch (psa_crypto.func) { - case PSA_HASH_COMPUTE: { - uint8_t *input = NULL; - size_t input_length = msg.in_size[1]; - uint8_t *hash = NULL; - size_t hash_size = msg.out_size[0]; - size_t hash_length; - - /* Read in input. */ - if (input_length > 0) { - input = mbedtls_calloc(1, input_length); - if (input == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - } - bytes_read = psa_read(msg.handle, 1, input, input_length); - if (bytes_read != input_length) { - SPM_PANIC("SPM read length mismatch"); - } - - /* Allocate the hash output buffer. */ - if (hash_size > 0) { - hash = mbedtls_calloc(1, hash_size); - if (hash == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - free(input); - break; - } - } - - status = psa_hash_compute(psa_crypto.alg, - input, input_length, - hash, hash_size, &hash_length); - if (status == PSA_SUCCESS) { - /* Write out the hash. */ - psa_write(msg.handle, 0, hash, hash_length); - psa_write(msg.handle, 1, - &hash_length, sizeof(hash_length)); - } - - free(hash); - free(input); - break; - } - - case PSA_HASH_COMPARE: { - uint8_t *input = NULL; - size_t input_length = msg.in_size[1]; - uint8_t *hash = NULL; - size_t hash_length = msg.in_size[2]; - - /* Read in input. */ - if (input_length > 0) { - input = mbedtls_calloc(1, input_length); - if (input == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - } - bytes_read = psa_read(msg.handle, 1, input, input_length); - if (bytes_read != input_length) { - SPM_PANIC("SPM read length mismatch"); - } - - /* Read in hash. */ - if (hash_length > 0) { - hash = mbedtls_calloc(1, hash_length); - if (hash == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - free(input); - break; - } - } - bytes_read = psa_read(msg.handle, 2, hash, hash_length); - if (bytes_read != hash_length) { - SPM_PANIC("SPM read length mismatch"); - } - - status = psa_hash_compare(psa_crypto.alg, - input, input_length, - hash, hash_length); - free(hash); - free(input); - break; - } - - case PSA_HASH_SETUP: { - status = psa_hash_setup(msg.rhandle, - psa_crypto.alg); - if (status != PSA_SUCCESS) { - free_message_context(&msg); - } - break; - } - - case PSA_HASH_UPDATE: { - uint8_t *input_buffer = NULL; - size_t data_remaining = msg.in_size[1]; - size_t size_to_read = 0; - size_t allocation_size = MIN(data_remaining, MAX_DATA_CHUNK_SIZE_IN_BYTES); - - if (allocation_size > 0) { - input_buffer = mbedtls_calloc(1, allocation_size); - if (input_buffer == NULL) { - psa_hash_abort(msg.rhandle); - status = PSA_ERROR_INSUFFICIENT_MEMORY; - } else { - while (data_remaining > 0) { - size_to_read = MIN(data_remaining, MAX_DATA_CHUNK_SIZE_IN_BYTES); - - bytes_read = psa_read(msg.handle, 1, input_buffer, size_to_read); - if (bytes_read != size_to_read) { - SPM_PANIC("SPM read length mismatch"); - } - - status = psa_hash_update(msg.rhandle, input_buffer, bytes_read); - // stop on error - if (status != PSA_SUCCESS) { - break; - } - data_remaining = data_remaining - bytes_read; - } - - mbedtls_free(input_buffer); - } - } else { - status = psa_hash_update(msg.rhandle, input_buffer, allocation_size); - } - - if (status != PSA_SUCCESS) { - clear_hash_clone(msg.rhandle); - free_message_context(&msg); - } - break; - } - - case PSA_HASH_FINISH: { - uint8_t *hash = NULL; - size_t hash_size = 0, hash_length = 0; - - bytes_read = psa_read(msg.handle, 1, &hash_size, msg.in_size[1]); - if (bytes_read != msg.in_size[1]) { - SPM_PANIC("SPM read length mismatch"); - } - - if (hash_size > 0) { - hash = mbedtls_calloc(1, hash_size); - if (hash == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - } - } - - if (status == PSA_SUCCESS) { - status = psa_hash_finish(msg.rhandle, hash, hash_size, &hash_length); - if (status == PSA_SUCCESS) { - psa_write(msg.handle, 0, hash, hash_length); - psa_write(msg.handle, 1, &hash_length, sizeof(hash_length)); - } - mbedtls_free(hash); - } else { - psa_hash_abort(msg.rhandle); - } - - clear_hash_clone(msg.rhandle); - free_message_context(&msg); - break; - } - - case PSA_HASH_VERIFY: { - uint8_t *hash = NULL; - size_t hash_length = 0; - - bytes_read = psa_read(msg.handle, 1, &hash_length, msg.in_size[1]); - if (bytes_read != msg.in_size[1] || hash_length != msg.in_size[2]) { - SPM_PANIC("SPM read length mismatch"); - } - - if (hash_length > 0) { - hash = mbedtls_calloc(1, hash_length); - if (hash == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - } else { - bytes_read = psa_read(msg.handle, 2, hash, hash_length); - if (bytes_read != hash_length) { - SPM_PANIC("SPM read length mismatch"); - } - } - } - - if (status == PSA_SUCCESS) { - status = psa_hash_verify(msg.rhandle, hash, hash_length); - mbedtls_free(hash); - } else { - psa_hash_abort(msg.rhandle); - } - - clear_hash_clone(msg.rhandle); - free_message_context(&msg); - break; - } - - case PSA_HASH_ABORT: { - status = psa_hash_abort(msg.rhandle); - clear_hash_clone(msg.rhandle); - free_message_context(&msg); - break; - } - - case PSA_HASH_CLONE_BEGIN: { - size_t index = 0; - status = reserve_hash_clone(msg.client_id, msg.rhandle, &index); - if (status == PSA_SUCCESS) { - psa_write(msg.handle, 0, &index, sizeof(index)); - } - break; - } - - case PSA_HASH_CLONE_END: { - psa_spm_hash_clone_t *hash_clone = NULL; - size_t index; - - bytes_read = psa_read(msg.handle, 1, &index, msg.in_size[1]); - if (bytes_read != msg.in_size[1]) { - SPM_PANIC("SPM read length mismatch"); - } - - status = get_hash_clone(index, msg.client_id, &hash_clone); - if (status == PSA_SUCCESS) { - status = psa_hash_clone(hash_clone->source_operation, msg.rhandle); - release_hash_clone(hash_clone); - } - if (status != PSA_SUCCESS) { - free_message_context(&msg); - } - break; - } - - default: { - status = PSA_ERROR_NOT_SUPPORTED; - break; - } - } - - break; - } - - case PSA_IPC_DISCONNECT: { - if (msg.rhandle != NULL) { - psa_hash_abort(msg.rhandle); - clear_hash_clone(msg.rhandle); - free_message_context(&msg); - } - - break; - } - - default: { - SPM_PANIC("Unexpected message type %d!", (int)(msg.type)); - break; - } - } - - psa_reply(msg.handle, status); -} - -static void psa_asymmetric_operation(void) -{ - psa_msg_t msg = { 0 }; - psa_status_t status = PSA_SUCCESS; - - if (PSA_SUCCESS != psa_get(PSA_ASYMMETRIC, &msg)) { - return; - } - switch (msg.type) { - case PSA_IPC_CONNECT: - case PSA_IPC_DISCONNECT: { - break; - } - - case PSA_IPC_CALL: { - if (msg.in_size[0] != sizeof(psa_crypto_ipc_asymmetric_t)) { - status = PSA_ERROR_COMMUNICATION_FAILURE; - break; - } - - uint32_t bytes_read = 0; - psa_crypto_ipc_asymmetric_t psa_crypto = {0}; - - bytes_read = psa_read(msg.handle, 0, &psa_crypto, msg.in_size[0]); - if (bytes_read != msg.in_size[0]) { - SPM_PANIC("SPM read length mismatch"); - } - - if (!psa_crypto_access_control_is_handle_permitted(psa_crypto.handle, - msg.client_id)) { - status = PSA_ERROR_INVALID_HANDLE; - break; - } - - switch (psa_crypto.func) { - case PSA_SIGN_HASH: { - uint8_t *signature = NULL; - uint8_t *hash = NULL; - size_t signature_length = 0, - signature_size = msg.out_size[0], - hash_size = msg.in_size[1]; - - if (signature_size > 0) { - signature = mbedtls_calloc(1, signature_size); - if (signature == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - } - } - if (status == PSA_SUCCESS && hash_size > 0) { - hash = mbedtls_calloc(1, hash_size); - if (hash == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - } else { - bytes_read = psa_read(msg.handle, 1, hash, hash_size); - if (bytes_read != hash_size) { - SPM_PANIC("SPM read length mismatch"); - } - } - } - - if (status == PSA_SUCCESS) { - status = psa_sign_hash(psa_crypto.handle, psa_crypto.alg, - hash, hash_size, - signature, signature_size, &signature_length); - - if (status == PSA_SUCCESS) { - psa_write(msg.handle, 0, signature, signature_length); - } - psa_write(msg.handle, 1, &signature_length, sizeof(signature_length)); - } - - mbedtls_free(hash); - mbedtls_free(signature); - break; - } - - case PSA_VERIFY_HASH: { - uint8_t *signature = NULL; - uint8_t *hash = NULL; - size_t signature_size = msg.in_size[1], - hash_size = msg.in_size[2]; - - if (signature_size > 0) { - signature = mbedtls_calloc(1, signature_size); - if (signature == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - } else { - bytes_read = psa_read(msg.handle, 1, signature, signature_size); - if (bytes_read != signature_size) { - SPM_PANIC("SPM read length mismatch"); - } - } - } - if (status == PSA_SUCCESS && hash_size > 0) { - hash = mbedtls_calloc(1, hash_size); - if (hash == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - } else { - bytes_read = psa_read(msg.handle, 2, hash, hash_size); - if (bytes_read != hash_size) { - SPM_PANIC("SPM read length mismatch"); - } - } - } - - if (status == PSA_SUCCESS) { - status = psa_verify_hash(psa_crypto.handle, psa_crypto.alg, - hash, hash_size, - signature, signature_size); - } - - mbedtls_free(signature); - mbedtls_free(hash); - break; - } - - case PSA_ASYMMETRIC_ENCRYPT: - case PSA_ASYMMETRIC_DECRYPT: { - uint8_t *input = NULL, *salt = NULL, *output = NULL, *buffer = NULL; - size_t output_length = 0, - buffer_size = msg.in_size[1], - output_size = msg.out_size[0]; - - if (buffer_size > 0) { - buffer = mbedtls_calloc(1, buffer_size); - if (buffer == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - } else { - bytes_read = psa_read(msg.handle, 1, buffer, buffer_size); - if (bytes_read != buffer_size) { - SPM_PANIC("SPM read length mismatch"); - } - - input = buffer; - salt = buffer + psa_crypto.input_length; - } - } - if (status == PSA_SUCCESS && output_size > 0) { - output = mbedtls_calloc(1, output_size); - if (output == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - } - } - - if (status == PSA_SUCCESS) { - if (psa_crypto.func == PSA_ASYMMETRIC_ENCRYPT) { - status = psa_asymmetric_encrypt(psa_crypto.handle, psa_crypto.alg, - input, psa_crypto.input_length, - salt, psa_crypto.salt_length, - output, output_size, &output_length); - } else { - status = psa_asymmetric_decrypt(psa_crypto.handle, psa_crypto.alg, - input, psa_crypto.input_length, - salt, psa_crypto.salt_length, - output, output_size, &output_length); - } - - if (status == PSA_SUCCESS) { - psa_write(msg.handle, 0, output, output_length); - } - psa_write(msg.handle, 1, &output_length, sizeof(output_length)); - } - - mbedtls_free(output); - mbedtls_free(buffer); - break; - } - - default: { - status = PSA_ERROR_NOT_SUPPORTED; - break; - } - } - - break; - } - - default: { - SPM_PANIC("Unexpected message type %d!", (int)(msg.type)); - break; - } - } - - psa_reply(msg.handle, status); -} - -static void psa_aead_operation() -{ - psa_msg_t msg = { 0 }; - psa_status_t status = PSA_SUCCESS; - - if (PSA_SUCCESS != psa_get(PSA_AEAD, &msg)) { - return; - } - switch (msg.type) { - case PSA_IPC_CONNECT: { - psa_aead_operation_t *psa_operation = - mbedtls_calloc(1, sizeof(*psa_operation)); - if (psa_operation == NULL) { - status = PSA_CONNECTION_REFUSED; - break; - } - - psa_set_rhandle(msg.handle, psa_operation); - break; - } - - case PSA_IPC_CALL: { - if (msg.in_size[0] != sizeof(psa_crypto_ipc_aead_t)) { - status = PSA_ERROR_COMMUNICATION_FAILURE; - break; - } - - uint32_t bytes_read = 0; - psa_crypto_ipc_aead_t psa_crypto = {0}; - - bytes_read = psa_read(msg.handle, 0, &psa_crypto, msg.in_size[0]); - if (bytes_read != msg.in_size[0]) { - SPM_PANIC("SPM read length mismatch"); - } - - switch (psa_crypto.func) { - case PSA_AEAD_ENCRYPT: - case PSA_AEAD_DECRYPT: { - uint8_t *input = NULL, *additional_data = NULL, *output = NULL, *buffer = NULL; - size_t output_length = 0, - buffer_size = msg.in_size[1], - output_size = msg.out_size[0]; - - if (!psa_crypto_access_control_is_handle_permitted(psa_crypto.handle, - msg.client_id)) { - status = PSA_ERROR_INVALID_HANDLE; - break; - } - - if (buffer_size > 0) { - buffer = mbedtls_calloc(1, buffer_size); - if (buffer == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - } else { - bytes_read = psa_read(msg.handle, 1, buffer, buffer_size); - if (bytes_read != buffer_size) { - SPM_PANIC("SPM read length mismatch"); - } - - additional_data = buffer; - input = buffer + psa_crypto.additional_data_length; - } - } - if (status == PSA_SUCCESS && output_size > 0) { - output = mbedtls_calloc(1, output_size); - if (output == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - } - } - - if (status == PSA_SUCCESS) { - if (psa_crypto.func == PSA_AEAD_ENCRYPT) { - status = psa_aead_encrypt(psa_crypto.handle, psa_crypto.alg, - psa_crypto.nonce, (size_t)psa_crypto.nonce_size, - additional_data, psa_crypto.additional_data_length, - input, psa_crypto.input_length, - output, output_size, &output_length); - } else { - status = psa_aead_decrypt(psa_crypto.handle, psa_crypto.alg, - psa_crypto.nonce, (size_t)psa_crypto.nonce_size, - additional_data, psa_crypto.additional_data_length, - input, psa_crypto.input_length, - output, output_size, &output_length); - } - - if (status == PSA_SUCCESS) { - psa_write(msg.handle, 0, output, output_length); - psa_write(msg.handle, 1, &output_length, sizeof(output_length)); - } - } - - mbedtls_free(buffer); - mbedtls_free(output); - break; - } - - case PSA_AEAD_ENCRYPT_SETUP: { - if (!psa_crypto_access_control_is_handle_permitted(psa_crypto.handle, - msg.client_id)) { - status = PSA_ERROR_INVALID_HANDLE; - break; - } - - status = psa_aead_encrypt_setup(msg.rhandle, - psa_crypto.handle, - psa_crypto.alg); - break; - } - - case PSA_AEAD_DECRYPT_SETUP: { - if (!psa_crypto_access_control_is_handle_permitted(psa_crypto.handle, - msg.client_id)) { - status = PSA_ERROR_INVALID_HANDLE; - break; - } - status = psa_aead_decrypt_setup(msg.rhandle, - psa_crypto.handle, - psa_crypto.alg); - - status = PSA_ERROR_NOT_SUPPORTED; - break; - } - - case PSA_AEAD_GENERATE_NONCE: { - uint8_t *nonce; - size_t nonce_size = msg.out_size[0]; - size_t nonce_length; - - /* Allocate the nonce buffer. */ - if (nonce_size > 0) { - nonce = mbedtls_calloc(1, nonce_size); - if (nonce == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - } - - status = psa_aead_generate_nonce( - msg.rhandle, - nonce, nonce_size, &nonce_length); - if (status == PSA_SUCCESS) { - /* Write out the nonce. */ - psa_write(msg.handle, 0, nonce, nonce_length); - psa_write(msg.handle, 1, &nonce_length, sizeof(nonce_length)); - } - free(nonce); - break; - } - - case PSA_AEAD_SET_NONCE: { - uint8_t *nonce = NULL; - size_t nonce_length = msg.in_size[1]; - - /* Read in the nonce. */ - if (nonce_length > 0) { - nonce = mbedtls_calloc(1, nonce_length); - if (nonce == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - } - bytes_read = psa_read(msg.handle, 1, nonce, nonce_length); - if (bytes_read != nonce_length) { - SPM_PANIC("SPM read length mismatch"); - } - - status = psa_aead_set_nonce( - msg.rhandle, nonce, nonce_length); - free(nonce); - break; - } - - case PSA_AEAD_SET_LENGTHS: { - status = psa_aead_set_lengths( - msg.rhandle, - psa_crypto.additional_data_length, - psa_crypto.input_length); - break; - } - - case PSA_AEAD_UPDATE_AD: { - uint8_t *input = NULL; - size_t input_length = msg.in_size[1]; - - /* Read in input. */ - if (input_length > 0) { - input = mbedtls_calloc(1, input_length); - if (input == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - } - bytes_read = psa_read(msg.handle, 1, input, input_length); - if (bytes_read != input_length) { - SPM_PANIC("SPM read length mismatch"); - } - - status = psa_aead_update_ad( - msg.rhandle, input, input_length); - - free(input); - break; - } - - case PSA_AEAD_UPDATE: { - uint8_t *input; - size_t input_length = msg.in_size[1]; - uint8_t *output; - size_t output_size = msg.out_size[0]; - size_t output_length; - - /* Read in input. */ - if (input_length > 0) { - input = mbedtls_calloc(1, input_length); - if (input == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - } - bytes_read = psa_read(msg.handle, 1, input, input_length); - if (bytes_read != input_length) { - SPM_PANIC("SPM read length mismatch"); - } - - /* Allocate the output buffer. */ - if (output_size > 0) { - output = mbedtls_calloc(1, output_size); - if (output == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - free(input); - break; - } - } - - status = psa_aead_update( - msg.rhandle, input, input_length, - output, output_size, &output_length); - if (status == PSA_SUCCESS) { - /* Write out the output. */ - psa_write(msg.handle, 0, output, output_length); - psa_write(msg.handle, 1, &output_length, sizeof(output_length)); - } - free(output); - free(input); - break; - } - - case PSA_AEAD_FINISH: { - uint8_t *ciphertext = NULL; - size_t ciphertext_size = msg.out_size[0]; - size_t ciphertext_length; - uint8_t *tag = NULL; - size_t tag_size = msg.out_size[2]; - size_t tag_length; - - /* Allocate ciphertext. */ - if (ciphertext_size > 0) { - ciphertext = mbedtls_calloc(1, ciphertext_size); - if (ciphertext == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - } - - /* Allocate tag. */ - if (tag_size > 0) { - tag = mbedtls_calloc(1, tag_size); - if (tag == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - free(ciphertext); - break; - } - } - - status = psa_aead_finish(msg.rhandle, - ciphertext, - ciphertext_size, - &ciphertext_length, - tag, - tag_size, - &tag_length); - if (status == PSA_SUCCESS) { - /* Write out ciphertext. */ - if (ciphertext_size > 0) { - psa_write(msg.handle, 0, ciphertext, - ciphertext_length); - psa_write(msg.handle, 1, &ciphertext_length, - sizeof(ciphertext_length)); - } - - /* Write out tag. */ - if (tag_size > 0) { - psa_write(msg.handle, 2, tag, tag_length); - psa_write(msg.handle, 3, &tag_length, - sizeof(tag_length)); - } - } - free(tag); - free(ciphertext); - break; - } - - case PSA_AEAD_VERIFY: { - uint8_t *plaintext = NULL; - size_t plaintext_size = msg.out_size[0]; - size_t plaintext_length; - uint8_t *tag = NULL; - size_t tag_length = msg.in_size[1]; - - /* Allocate plaintext. */ - if (plaintext_size > 0) { - plaintext = mbedtls_calloc(1, plaintext_size); - if (plaintext == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - } - - /* Read in tag. */ - if (tag_length > 0) { - tag = mbedtls_calloc(1, tag_length); - if (tag == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - free(plaintext); - break; - } - } - bytes_read = psa_read(msg.handle, 1, tag, tag_length); - if (bytes_read != tag_length) { - SPM_PANIC("SPM read length mismatch"); - } - - status = psa_aead_verify(msg.rhandle, - plaintext, - plaintext_size, - &plaintext_length, - tag, - tag_length); - if (status == PSA_SUCCESS) { - /* Write out the plaintext. */ - psa_write(msg.handle, 0, plaintext, plaintext_length); - psa_write(msg.handle, 1, &plaintext_length, - sizeof(plaintext_length)); - } - - free(tag); - free(plaintext); - break; - } - - case PSA_AEAD_ABORT: { - status = psa_aead_abort(msg.rhandle); - free_message_context(&msg); - break; - } - - default: { - status = PSA_ERROR_NOT_SUPPORTED; - break; - } - } - - break; - } - - case PSA_IPC_DISCONNECT: { - if (msg.rhandle != NULL) { - psa_aead_abort(msg.rhandle); - free_message_context(&msg); - } - break; - } - - default: { - SPM_PANIC("Unexpected message type %d!", (int)(msg.type)); - break; - } - } - - psa_reply(msg.handle, status); -} - -static void psa_symmetric_operation(void) -{ - psa_status_t status = PSA_SUCCESS; - psa_msg_t msg = { 0 }; - - if (PSA_SUCCESS != psa_get(PSA_SYMMETRIC, &msg)) { - return; - } - switch (msg.type) { - case PSA_IPC_CONNECT: { - psa_cipher_operation_t *psa_operation = - mbedtls_calloc(1, sizeof(psa_cipher_operation_t)); - if (psa_operation == NULL) { - status = PSA_CONNECTION_REFUSED; - break; - } - - psa_set_rhandle(msg.handle, psa_operation); - break; - } - - case PSA_IPC_CALL: { - uint32_t bytes_read; - psa_crypto_ipc_t psa_crypto_ipc = { 0 }; - - if (msg.in_size[0] != sizeof(psa_crypto_ipc_t)) { - status = PSA_ERROR_COMMUNICATION_FAILURE; - break; - } - - bytes_read = psa_read(msg.handle, 0, &psa_crypto_ipc, - msg.in_size[0]); - if (bytes_read != msg.in_size[0]) { - SPM_PANIC("SPM read length mismatch"); - } - - switch (psa_crypto_ipc.func) { - case PSA_CIPHER_ENCRYPT: - case PSA_CIPHER_DECRYPT: { - uint8_t *input = NULL; - size_t input_length = msg.in_size[1]; - uint8_t *output = NULL; - size_t output_size = msg.out_size[0]; - size_t output_length; - - if (!psa_crypto_access_control_is_handle_permitted(psa_crypto_ipc.handle, msg.client_id)) { - status = PSA_ERROR_INVALID_HANDLE; - } - - /* Read in input. */ - if (input_length > 0) { - input = mbedtls_calloc(1, input_length); - if (input == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - } - bytes_read = psa_read(msg.handle, 1, input, input_length); - if (bytes_read != input_length) { - SPM_PANIC("SPM read length mismatch"); - } - - /* Allocate the output buffer. */ - if (output_size > 0) { - output = mbedtls_calloc(1, output_size); - if (output == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - free(input); - break; - } - } - - /* Perform encrypt or decrypt. */ - switch (psa_crypto_ipc.func) { - case PSA_CIPHER_ENCRYPT: - status = psa_cipher_encrypt( - psa_crypto_ipc.handle, - psa_crypto_ipc.alg, - input, input_length, - output, output_size, &output_length); - break; - case PSA_CIPHER_DECRYPT: - status = psa_cipher_decrypt( - psa_crypto_ipc.handle, - psa_crypto_ipc.alg, - input, input_length, - output, output_size, &output_length); - break; - default: - SPM_PANIC("Unexpected func"); - } - - if (status == PSA_SUCCESS) { - /* Write out the output. */ - psa_write(msg.handle, 0, output, output_length); - psa_write(msg.handle, 1, &output_length, sizeof(output_length)); - } - free(input); - free(output); - break; - } - - case PSA_CIPHER_ENCRYPT_SETUP: { - if (psa_crypto_access_control_is_handle_permitted(psa_crypto_ipc.handle, msg.client_id)) { - status = psa_cipher_encrypt_setup(msg.rhandle, psa_crypto_ipc.handle, psa_crypto_ipc.alg); - } else { - status = PSA_ERROR_INVALID_HANDLE; - } - - if (status != PSA_SUCCESS) { - free_message_context(&msg); - } - break; - } - - case PSA_CIPHER_DECRYPT_SETUP: { - if (psa_crypto_access_control_is_handle_permitted(psa_crypto_ipc.handle, msg.client_id)) { - status = psa_cipher_decrypt_setup(msg.rhandle, psa_crypto_ipc.handle, psa_crypto_ipc.alg); - } else { - status = PSA_ERROR_INVALID_HANDLE; - } - - if (status != PSA_SUCCESS) { - free_message_context(&msg); - } - break; - } - - case PSA_CIPHER_GENERATE_IV: { - size_t iv_length = 0; - size_t iv_size = msg.out_size[0]; - unsigned char iv[PSA_AEAD_MAX_NONCE_SIZE] = { 0 }; - - status = psa_cipher_generate_iv(msg.rhandle, iv, - iv_size, &iv_length); - if (status == PSA_SUCCESS) { - psa_write(msg.handle, 0, iv, iv_length); - psa_write(msg.handle, 1, &iv_length, - sizeof(iv_length)); - } else { - free_message_context(&msg); - } - break; - } - - case PSA_CIPHER_SET_IV: { - size_t iv_length = msg.in_size[1]; - unsigned char iv[PSA_AEAD_MAX_NONCE_SIZE] = { 0 }; - - bytes_read = psa_read(msg.handle, 1, iv, iv_length); - if (bytes_read != iv_length) { - SPM_PANIC("SPM read length mismatch"); - } - status = psa_cipher_set_iv(msg.rhandle, iv, iv_length); - if (status != PSA_SUCCESS) { - free_message_context(&msg); - } - break; - } - - case PSA_CIPHER_UPDATE: { - size_t input_length = msg.in_size[1], - output_size = msg.out_size[0], - output_length = 0; - uint8_t *input = NULL; - unsigned char *output = NULL; - - if (input_length > 0) { - input = mbedtls_calloc(1, input_length); - if (input == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - } else { - bytes_read = psa_read(msg.handle, 1, input, input_length); - if (bytes_read != input_length) { - SPM_PANIC("SPM read length mismatch"); - } - } - } - if (status == PSA_SUCCESS && output_size > 0) { - output = mbedtls_calloc(1, output_size); - if (output == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - } - } - - if (status == PSA_SUCCESS) { - status = psa_cipher_update(msg.rhandle, input, input_length, output, output_size, - &output_length); - if (status == PSA_SUCCESS) { - psa_write(msg.handle, 0, output, output_length); - psa_write(msg.handle, 1, &output_length, sizeof(output_length)); - } - } else { - psa_cipher_abort(msg.rhandle); - } - - mbedtls_free(input); - mbedtls_free(output); - if (status != PSA_SUCCESS) { - free_message_context(&msg); - } - break; - } - - case PSA_CIPHER_FINISH: { - uint8_t *output = NULL; - size_t output_size = msg.out_size[0], - output_length = 0; - - if (output_size > 0) { - output = mbedtls_calloc(1, output_size); - if (output == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - } - } - - if (status == PSA_SUCCESS) { - status = psa_cipher_finish(msg.rhandle, output, output_size, &output_length); - if (status == PSA_SUCCESS) { - psa_write(msg.handle, 0, output, output_length); - psa_write(msg.handle, 1, &output_length, sizeof(output_length)); - } - mbedtls_free(output); - } else { - psa_cipher_abort(msg.rhandle); - } - - free_message_context(&msg); - break; - } - - case PSA_CIPHER_ABORT: { - status = psa_cipher_abort(msg.rhandle); - free_message_context(&msg); - break; - } - - default: { - status = PSA_ERROR_NOT_SUPPORTED; - break; - } - } - - break; - } - - case PSA_IPC_DISCONNECT: { - if (msg.rhandle != NULL) { - psa_cipher_abort(msg.rhandle); - free_message_context(&msg); - } - - break; - } - - default: { - SPM_PANIC("Unexpected message type %d!", (int)(msg.type)); - break; - } - } - - psa_reply(msg.handle, status); -} - - -static void psa_key_management_operation(void) -{ - psa_msg_t msg = { 0 }; - psa_status_t status = PSA_SUCCESS; - int32_t partition_id = 0; - - if (PSA_SUCCESS != psa_get(PSA_KEY_MNG, &msg)) { - return; - } - switch (msg.type) { - case PSA_IPC_CONNECT: - case PSA_IPC_DISCONNECT: { - break; - } - - case PSA_IPC_CALL: { - if (msg.in_size[0] != sizeof(psa_key_mng_ipc_t)) { - status = PSA_ERROR_COMMUNICATION_FAILURE; - break; - } - - uint32_t bytes_read = 0; - psa_key_mng_ipc_t psa_key_mng = {0}; - - bytes_read = psa_read(msg.handle, 0, - &psa_key_mng, msg.in_size[0]); - - if (bytes_read != msg.in_size[0]) { - SPM_PANIC("SPM read length mismatch"); - } - - partition_id = msg.client_id; - - switch (psa_key_mng.func) { - case PSA_GET_KEY_ATTRIBUTES: { - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_client_key_attributes_t client; - - if (!psa_crypto_access_control_is_handle_permitted(psa_key_mng.handle, - partition_id)) { - status = PSA_ERROR_INVALID_HANDLE; - break; - } - - status = psa_get_key_attributes(psa_key_mng.handle, &attributes); - if (status == PSA_SUCCESS) { - /* We currently don't support domain parameters */ - attributes.domain_parameters = NULL; - attributes.domain_parameters_size = 0; - - psa_core_attributes_to_client(&attributes.core, &client.core); - psa_write(msg.handle, 0, &client, sizeof(client)); - } - - break; - } - - case PSA_OPEN_KEY: { - psa_key_id_t id; - id.owner = msg.client_id; - - bytes_read = psa_read(msg.handle, 1, &(id.key_id), msg.in_size[1]); - if (bytes_read != msg.in_size[1]) { - SPM_PANIC("SPM read length mismatch"); - } - - if (msg.in_size[1] != CLIENT_PSA_KEY_ID_SIZE_IN_BYTES) { - SPM_PANIC("Unexpected psa_key_id_t size received from client"); - } - - status = psa_open_key(id, &psa_key_mng.handle); - if (status == PSA_SUCCESS) { - psa_crypto_access_control_register_handle(psa_key_mng.handle, partition_id); - psa_write(msg.handle, 0, &psa_key_mng.handle, sizeof(psa_key_mng.handle)); - } - break; - } - - case PSA_CLOSE_KEY: { - if (!psa_crypto_access_control_is_handle_permitted(psa_key_mng.handle, - partition_id)) { - status = PSA_ERROR_INVALID_HANDLE; - break; - } - - status = psa_close_key(psa_key_mng.handle); - if (status == PSA_SUCCESS) { - psa_crypto_access_control_unregister_handle(psa_key_mng.handle); - } - - break; - } - - case PSA_IMPORT_KEY: { - size_t attributes_length = msg.in_size[1]; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - size_t data_length = msg.in_size[2]; - uint8_t *data = NULL; - psa_key_handle_t handle; - - /* Read in attributes. */ - read_attributes(msg.handle, msg.client_id, &attributes); - - /* Read in data. */ - if (data_length > 0) { - data = mbedtls_calloc(1, data_length); - if (data == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - } - bytes_read = psa_read(msg.handle, 2, data, data_length); - if (bytes_read != data_length) { - SPM_PANIC("SPM read length mismatch"); - } - - /* Import the data as a key. */ - status = psa_import_key(&attributes, data, data_length, &handle); - - if (status == PSA_SUCCESS) { - /* Write out the allocated handle. */ - psa_crypto_access_control_register_handle(handle, partition_id); - psa_write(msg.handle, 0, &handle, sizeof(handle)); - } - mbedtls_free(data); - break; - } - - case PSA_DESTROY_KEY: { - if (!psa_crypto_access_control_is_handle_permitted(psa_key_mng.handle, - partition_id)) { - status = PSA_ERROR_INVALID_HANDLE; - break; - } - - status = psa_destroy_key(psa_key_mng.handle); - if (status == PSA_SUCCESS) { - psa_crypto_access_control_unregister_handle(psa_key_mng.handle); - } - - break; - } - - case PSA_EXPORT_KEY: { - uint8_t *data = NULL; - size_t data_size = msg.out_size[0]; - size_t data_length; - - if (!psa_crypto_access_control_is_handle_permitted(psa_key_mng.handle, partition_id)) { - status = PSA_ERROR_INVALID_HANDLE; - break; - } - - if (data_size > 0) { - data = mbedtls_calloc(1, data_size); - if (data == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - } - - status = psa_export_key(psa_key_mng.handle, data, data_size, &data_length); - if (status == PSA_SUCCESS) { - psa_write(msg.handle, 0, data, data_length); - } - psa_write(msg.handle, 1, &data_length, sizeof(data_length)); - - mbedtls_free(data); - break; - } - - case PSA_EXPORT_PUBLIC_KEY: { - size_t data_size = msg.out_size[0]; - size_t data_length; - uint8_t *data = NULL; - - if (!psa_crypto_access_control_is_handle_permitted(psa_key_mng.handle, partition_id)) { - status = PSA_ERROR_INVALID_HANDLE; - break; - } - - if (data_size > 0) { - data = mbedtls_calloc(1, data_size); - if (data == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - } - - status = psa_export_public_key(psa_key_mng.handle, data, data_size, &data_length); - if (status == PSA_SUCCESS) { - psa_write(msg.handle, 0, data, data_length); - } - psa_write(msg.handle, 1, &data_length, sizeof(data_length)); - - mbedtls_free(data); - break; - } - - case PSA_COPY_KEY: { - psa_key_handle_t target_handle; - psa_key_attributes_t attributes; - - if (!psa_crypto_access_control_is_handle_permitted(psa_key_mng.handle, partition_id)) { - status = PSA_ERROR_INVALID_HANDLE; - break; - } - - /* Read in attributes. */ - read_attributes(msg.handle, msg.client_id, &attributes); - - status = psa_copy_key(psa_key_mng.handle, &attributes, &target_handle); - if (status == PSA_SUCCESS) { - psa_crypto_access_control_register_handle(target_handle, partition_id); - psa_write(msg.handle, 0, &target_handle, sizeof(target_handle)); - } - break; - } - - case PSA_GENERATE_KEY: { - psa_key_attributes_t attributes; - psa_key_handle_t handle; - - /* Read in attributes. */ - read_attributes(msg.handle, msg.client_id, &attributes); - - status = psa_generate_key(&attributes, &handle); - if (status == PSA_SUCCESS) { - /* Write out the allocated handle. */ - psa_crypto_access_control_register_handle(handle, partition_id); - psa_write(msg.handle, 0, &handle, sizeof(handle)); - } - break; - } - - default: { - status = PSA_ERROR_NOT_SUPPORTED; - break; - } - } - - break; - } - - default: { - SPM_PANIC("Unexpected message type %d!", (int)(msg.type)); - break; - } - } - - psa_reply(msg.handle, status); -} - -static void psa_entropy_operation(void) -{ - psa_msg_t msg = { 0 }; - psa_status_t status = PSA_SUCCESS; - - if (PSA_SUCCESS != psa_get(PSA_ENTROPY_INJECT, &msg)) { - return; - } - switch (msg.type) { - case PSA_IPC_CONNECT: - case PSA_IPC_DISCONNECT: { - status = PSA_SUCCESS; - break; - } - - case PSA_IPC_CALL: { -#if defined(MBEDTLS_PSA_INJECT_ENTROPY) - unsigned char *seed = NULL; - uint32_t bytes_read; - size_t seed_size = msg.in_size[0]; - if (MBEDTLS_ENTROPY_MAX_SEED_SIZE < seed_size) { - status = PSA_ERROR_INVALID_ARGUMENT; - break; - } - - if (seed_size > 0) { - seed = mbedtls_calloc(1, seed_size); - if (seed == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - } - - bytes_read = psa_read(msg.handle, 0, seed, seed_size); - if (bytes_read != seed_size) { - SPM_PANIC("SPM read length mismatch"); - } - - status = mbedtls_psa_inject_entropy(seed, seed_size); - mbedtls_free(seed); -#else - status = PSA_ERROR_NOT_SUPPORTED; -#endif /* MBEDTLS_PSA_INJECT_ENTROPY */ - break; - } - - default: { - SPM_PANIC("Unexpected message type %d!", (int)(msg.type)); - break; - } - } - - psa_reply(msg.handle, status); -} - - -static void psa_rng_operation(void) -{ - psa_msg_t msg = { 0 }; - psa_status_t status = PSA_SUCCESS; - - if (PSA_SUCCESS != psa_get(PSA_RNG, &msg)) { - return; - } - switch (msg.type) { - case PSA_IPC_CONNECT: - case PSA_IPC_DISCONNECT: { - break; - } - - case PSA_IPC_CALL: { - size_t random_size = msg.out_size[0]; - unsigned char *random = NULL; - - if (random_size > 0) { - random = mbedtls_calloc(1, random_size); - if (random == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - } - - status = psa_generate_random(random, random_size); - if (status == PSA_SUCCESS) { - psa_write(msg.handle, 0, random, random_size); - } - - mbedtls_free(random); - break; - } - - default: { - SPM_PANIC("Unexpected message type %d!", (int)(msg.type)); - break; - } - } - - psa_reply(msg.handle, status); -} - - -void psa_crypto_key_derivation_operations(void) -{ - psa_status_t status = PSA_SUCCESS; - psa_msg_t msg = { 0 }; - - if (PSA_SUCCESS != psa_get(PSA_KEY_DERIVATION, &msg)) { - return; - } - switch (msg.type) { - case PSA_IPC_CONNECT: { - psa_key_derivation_operation_t *psa_operation = - mbedtls_calloc(1, sizeof(*psa_operation)); - if (psa_operation == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - - psa_set_rhandle(msg.handle, psa_operation); - break; - } - - case PSA_IPC_CALL: { - uint32_t bytes_read; - psa_crypto_derivation_ipc_t psa_crypto_ipc = { 0 }; - if (msg.in_size[0] != sizeof(psa_crypto_derivation_ipc_t)) { - status = PSA_ERROR_COMMUNICATION_FAILURE; - break; - } - - bytes_read = psa_read(msg.handle, 0, &psa_crypto_ipc, - msg.in_size[0]); - if (bytes_read != msg.in_size[0]) { - SPM_PANIC("SPM read length mismatch"); - } - - switch (psa_crypto_ipc.func) { - case PSA_KEY_DERIVATION_SETUP: { - status = psa_key_derivation_setup(msg.rhandle, - psa_crypto_ipc.alg); - if (status != PSA_SUCCESS) { - free_message_context(&msg); - } - break; - } - - case PSA_KEY_DERIVATION_GET_CAPACITY: { - size_t capacity = 0; - - status = psa_key_derivation_get_capacity(msg.rhandle, - &capacity); - if (status == PSA_SUCCESS) { - psa_write(msg.handle, 0, &capacity, sizeof(capacity)); - } - break; - } - - case PSA_KEY_DERIVATION_SET_CAPACITY: { - size_t capacity = 0; - - /* Read capacity */ - bytes_read = psa_read(msg.handle, 1, &capacity, - msg.in_size[1]); - if (bytes_read != sizeof(capacity)) { - SPM_PANIC("SPM read length mismatch"); - } - - status = psa_key_derivation_set_capacity(msg.rhandle, - capacity); - break; - } - - case PSA_KEY_DERIVATION_INPUT_BYTES: { - psa_key_derivation_step_t step; - uint8_t *data; - size_t data_length = msg.in_size[2]; - - /* Read step. */ - bytes_read = psa_read(msg.handle, 1, &step, - msg.in_size[1]); - if (bytes_read != sizeof(step)) { - SPM_PANIC("SPM read length mismatch"); - } - - /* Read data. */ - data = mbedtls_calloc(1, data_length); - if (data == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - bytes_read = psa_read(msg.handle, 2, data, data_length); - if (bytes_read != data_length) { - SPM_PANIC("SPM read length mismatch"); - } - - status = psa_key_derivation_input_bytes(msg.rhandle, step, - data, data_length); - - free(data); - break; - } - - case PSA_KEY_DERIVATION_INPUT_KEY: { - psa_key_derivation_step_t step; - - if (!psa_crypto_access_control_is_handle_permitted(psa_crypto_ipc.handle, msg.client_id)) { - status = PSA_ERROR_INVALID_HANDLE; - break; - } - - /* Read step. */ - bytes_read = psa_read(msg.handle, 1, &step, - msg.in_size[1]); - if (bytes_read != sizeof(step)) { - SPM_PANIC("SPM read length mismatch"); - } - - status = psa_key_derivation_input_key( - msg.rhandle, step, psa_crypto_ipc.handle); - break; - } - - case PSA_KEY_DERIVATION_KEY_AGREEMENT: { - psa_key_derivation_step_t step; - uint8_t *peer_key; - size_t peer_key_length = msg.in_size[2]; - - if (!psa_crypto_access_control_is_handle_permitted(psa_crypto_ipc.handle, msg.client_id)) { - status = PSA_ERROR_INVALID_HANDLE; - break; - } - - /* Read step. */ - bytes_read = psa_read(msg.handle, 1, &step, - msg.in_size[1]); - if (bytes_read != sizeof(step)) { - SPM_PANIC("SPM read length mismatch"); - } - - /* Read peer_key. */ - peer_key = mbedtls_calloc(1, peer_key_length); - if (peer_key == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - bytes_read = psa_read(msg.handle, 2, - peer_key, peer_key_length); - if (bytes_read != peer_key_length) { - SPM_PANIC("SPM read length mismatch"); - } - - status = psa_key_derivation_key_agreement( - msg.rhandle, step, psa_crypto_ipc.handle, - peer_key, peer_key_length); - - free(peer_key); - break; - } - - case PSA_KEY_DERIVATION_OUTPUT_BYTES: { - uint8_t *output = NULL; - size_t output_length = msg.out_size[0]; - - /* Allocate the output buffer. */ - if (output_length > 0) { - output = mbedtls_calloc(1, output_length); - if (output == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - } - - status = psa_key_derivation_output_bytes( - msg.rhandle, output, output_length); - if (status == PSA_SUCCESS) { - /* Write the output. */ - psa_write(msg.handle, 0, output, output_length); - } - free(output); - break; - } - - case PSA_KEY_DERIVATION_OUTPUT_KEY: { - psa_key_attributes_t attributes; - psa_key_handle_t handle; - - /* Read in attributes. */ - read_attributes(msg.handle, msg.client_id, &attributes); - - status = psa_key_derivation_output_key( - &attributes, msg.rhandle, &handle); - if (status == PSA_SUCCESS) { - /* Write out the allocated handle. */ - psa_crypto_access_control_register_handle(handle, msg.client_id); - psa_write(msg.handle, 0, &handle, sizeof(handle)); - } - break; - } - - case PSA_KEY_DERIVATION_ABORT: { - status = psa_key_derivation_abort(msg.rhandle); - free_message_context(&msg); - break; - } - - case PSA_RAW_KEY_AGREEMENT: { - uint8_t *peer_key; - size_t peer_key_length = msg.in_size[1]; - uint8_t *output; - size_t output_size = msg.out_size[0]; - size_t output_length; - - if (!psa_crypto_access_control_is_handle_permitted(psa_crypto_ipc.handle, msg.client_id)) { - status = PSA_ERROR_INVALID_HANDLE; - break; - } - - /* Read peer_key. */ - peer_key = mbedtls_calloc(1, peer_key_length); - if (peer_key == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - bytes_read = psa_read(msg.handle, 1, - peer_key, peer_key_length); - if (bytes_read != peer_key_length) { - SPM_PANIC("SPM read length mismatch"); - } - - /* Allocate the output buffer. */ - if (output_size > 0) { - output = mbedtls_calloc(1, output_size); - if (output == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - free(peer_key); - break; - } - } - - status = psa_raw_key_agreement(psa_crypto_ipc.alg, - psa_crypto_ipc.handle, - peer_key, - peer_key_length, - output, - output_size, - &output_length); - if (status == PSA_SUCCESS) { - /* Write the output. */ - psa_write(msg.handle, 0, output, output_length); - psa_write(msg.handle, 1, - &output_length, sizeof(output_length)); - } - - free(output); - free(peer_key); - break; - } - - default: { - status = PSA_ERROR_NOT_SUPPORTED; - break; - } - } - - break; - } - case PSA_IPC_DISCONNECT: { - if (msg.rhandle != NULL) { - psa_key_derivation_abort(msg.rhandle); - free_message_context(&msg); - } - - break; - } - - default: { - SPM_PANIC("Unexpected message type %d!", (int)(msg.type)); - break; - } - } - - psa_reply(msg.handle, status); -} - - -void crypto_main(void *ptr) -{ - while (1) { - psa_signal_t signals = 0; - signals = psa_wait(CRYPTO_SRV_WAIT_ANY_SID_MSK, PSA_BLOCK); - if (signals & PSA_CRYPTO_INIT) { - psa_crypto_init_operation(); - } - if (signals & PSA_MAC) { - psa_mac_operation(); - } - if (signals & PSA_HASH) { - psa_hash_operation(); - } - if (signals & PSA_SYMMETRIC) { - psa_symmetric_operation(); - } - if (signals & PSA_ASYMMETRIC) { - psa_asymmetric_operation(); - } - if (signals & PSA_AEAD) { - psa_aead_operation(); - } - if (signals & PSA_KEY_MNG) { - psa_key_management_operation(); - } - if (signals & PSA_RNG) { - psa_rng_operation(); - } - if (signals & PSA_CRYPTO_FREE) { - psa_crypto_free_operation(); - } - if (signals & PSA_KEY_DERIVATION) { - psa_crypto_key_derivation_operations(); - } - if (signals & PSA_ENTROPY_INJECT) { - psa_entropy_operation(); - } - } -} diff --git a/components/TARGET_PSA/services/crypto/crypto_partition_psa.json b/components/TARGET_PSA/services/crypto/crypto_partition_psa.json deleted file mode 100755 index a9330c5..0000000 --- a/components/TARGET_PSA/services/crypto/crypto_partition_psa.json +++ /dev/null @@ -1,108 +0,0 @@ -{ - "name": "CRYPTO_SRV", - "type": "APPLICATION-ROT", - "priority": "NORMAL", - "id": "0x00000023", - "entry_point": "crypto_main", - "stack_size": "0x4000", - "heap_size": "0x400", - "services": [ - { - "name": "PSA_CRYPTO_INIT_ID", - "identifier": "0x00000F00", - "signal": "PSA_CRYPTO_INIT", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "STRICT" - }, - { - "name": "PSA_MAC_ID", - "identifier": "0x00000F01", - "signal": "PSA_MAC", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "STRICT" - }, - { - "name": "PSA_HASH_ID", - "identifier": "0x00000F02", - "signal": "PSA_HASH", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "STRICT" - }, - { - "name": "PSA_ASYMMETRIC_ID", - "identifier": "0x00000F03", - "signal": "PSA_ASYMMETRIC", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "STRICT" - }, - { - "name": "PSA_SYMMETRIC_ID", - "identifier": "0x00000F04", - "signal": "PSA_SYMMETRIC", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "STRICT" - }, - { - "name": "PSA_AEAD_ID", - "identifier": "0x00000F05", - "signal": "PSA_AEAD", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "STRICT" - }, - { - "name": "PSA_KEY_MNG_ID", - "identifier": "0x00000F06", - "signal": "PSA_KEY_MNG", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "STRICT" - }, - { - "name": "PSA_RNG_ID", - "identifier": "0x00000F07", - "signal": "PSA_RNG", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "STRICT" - }, - { - "name": "PSA_CRYPTO_FREE_ID", - "identifier": "0x00000F08", - "signal": "PSA_CRYPTO_FREE", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "STRICT" - }, - { - "name": "PSA_KEY_DERIVATION_ID", - "identifier": "0x00000F09", - "signal": "PSA_KEY_DERIVATION", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "STRICT" - }, - { - "name": "PSA_ENTROPY_ID", - "identifier": "0x00000F0A", - "signal": "PSA_ENTROPY_INJECT", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "STRICT" - } - ], - "extern_sids": [ - "PSA_ITS_GET", - "PSA_ITS_SET", - "PSA_ITS_INFO", - "PSA_ITS_REMOVE" - ], - "source_files": [ - "COMPONENT_SPE/psa_crypto_partition.c" - ] -} diff --git a/components/TARGET_PSA/services/platform/COMPONENT_SPE/platform_partition.c b/components/TARGET_PSA/services/platform/COMPONENT_SPE/platform_partition.c deleted file mode 100644 index 308b3a7..0000000 --- a/components/TARGET_PSA/services/platform/COMPONENT_SPE/platform_partition.c +++ /dev/null @@ -1,202 +0,0 @@ -/* Copyright (c) 2019-2020 Arm Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "mbed_spm_partitions.h" -#include "platform_srv_impl.h" -#include "psa/lifecycle.h" -#include "psa/internal_trusted_storage.h" -#include "psa/service.h" - -#define INPUT_BUFFER_SIZE 64 -#define OUTPUT_BUFFER_SIZE 64 - -typedef psa_status_t (*SignalHandler)(psa_msg_t *); - -static psa_status_t lifecycle_get(psa_msg_t *msg) -{ - uint32_t lc_state; - - if (msg->out_size[0] != sizeof(lc_state)) { - return PSA_DROP_CONNECTION; - } - - psa_status_t status = psa_platfrom_lifecycle_get_impl(&lc_state); - if (status == PSA_SUCCESS) { - psa_write(msg->handle, 0, &lc_state, sizeof(lc_state)); - } - - return status; -} - -static psa_status_t lifecycle_change_request(psa_msg_t *msg) -{ - uint32_t lc_state; - - if (msg->in_size[0] != sizeof(lc_state)) { - return PSA_DROP_CONNECTION; - } - if (psa_read(msg->handle, 0, &lc_state, sizeof(lc_state)) != sizeof(lc_state)) { - return PSA_DROP_CONNECTION; - } - return psa_platfrom_lifecycle_change_request_impl(lc_state); - -} - -static MBED_NORETURN psa_status_t system_reset_request(psa_msg_t *msg) -{ - (void)msg; - mbed_psa_system_reset_impl(); -} - -static enum tfm_platform_err_t -platform_sp_ioctl_ipc(const psa_msg_t *msg) { - void *input = NULL; - void *output = NULL; - psa_invec invec = {0}; - psa_outvec outvec = {0}; - uint8_t input_buffer[INPUT_BUFFER_SIZE] = {0}; - uint8_t output_buffer[OUTPUT_BUFFER_SIZE] = {0}; - tfm_platform_ioctl_req_t request = 0; - enum tfm_platform_err_t ret = TFM_PLATFORM_ERR_SYSTEM_ERROR; - size_t num = 0; - uint32_t in_len = PSA_MAX_IOVEC; - uint32_t out_len = PSA_MAX_IOVEC; - - while ((in_len > 0) && (msg->in_size[in_len - 1] == 0)) - { - in_len--; - } - - while ((out_len > 0) && (msg->out_size[out_len - 1] == 0)) - { - out_len--; - } - - if ((in_len < 1) || (in_len > 2) || - (out_len > 1)) - { - return TFM_PLATFORM_ERR_SYSTEM_ERROR; - } - - num = psa_read(msg->handle, 0, &request, sizeof(request)); - if (num != sizeof(request)) - { - return PSA_ERROR_PROGRAMMER_ERROR; - } - - if (in_len > 1) - { - if (msg->in_size[1] > INPUT_BUFFER_SIZE) { - return PSA_ERROR_PROGRAMMER_ERROR; - } - num = psa_read(msg->handle, 1, &input_buffer, msg->in_size[1]); - if (num != msg->in_size[1]) { - return PSA_ERROR_PROGRAMMER_ERROR; - } - invec.base = input_buffer; - invec.len = msg->in_size[1]; - input = &invec; - } - - if (out_len > 0) - { - if (msg->out_size[0] > OUTPUT_BUFFER_SIZE) { - return PSA_ERROR_PROGRAMMER_ERROR; - } - outvec.base = output_buffer; - outvec.len = msg->out_size[0]; - output = &outvec; - } - - ret = tfm_platform_hal_ioctl(request, input, output); - - if (output != NULL) - { - psa_write(msg->handle, 0, outvec.base, outvec.len); - } - - return ret; -} - -static psa_status_t platform_ioctl(psa_msg_t *msg) -{ - /* platform_sp_ioctl_ipc returns either psa_status_t or one of the - * following errorcodes: - * enum tfm_platform_err_t { - * TFM_PLATFORM_ERR_SUCCESS = 0, - * TFM_PLATFORM_ERR_SYSTEM_ERROR, - * TFM_PLATFORM_ERR_INVALID_PARAM, - * TFM_PLATFORM_ERR_NOT_SUPPORTED, - * - * TFM_PLATFORM_ERR_FORCE_INT_SIZE = INT_MAX - * }; - */ - return platform_sp_ioctl_ipc(msg); -} - -static void message_handler(psa_msg_t *msg, SignalHandler handler) -{ - psa_status_t status = PSA_SUCCESS; - switch (msg->type) { - case PSA_IPC_CONNECT: //fallthrough - case PSA_IPC_DISCONNECT: { - break; - } - case PSA_IPC_CALL: { - status = handler(msg); - break; - } - default: { - SPM_PANIC("Unexpected message type %lu!", msg->type); - break; - } - } - psa_reply(msg->handle, status); -} - -void platform_partition_entry(void *ptr) -{ - psa_signal_t signals = 0; - psa_msg_t msg = {0}; - while (1) { - signals = psa_wait(PLATFORM_WAIT_ANY_SID_MSK, PSA_BLOCK); - if ((signals & PSA_PLATFORM_LC_GET_MSK) != 0) { - if (PSA_SUCCESS != psa_get(PSA_PLATFORM_LC_GET_MSK, &msg)) { - continue; - } - message_handler(&msg, lifecycle_get); - } - if ((signals & PSA_PLATFORM_LC_SET_MSK) != 0) { - if (PSA_SUCCESS != psa_get(PSA_PLATFORM_LC_SET_MSK, &msg)) { - continue; - } - message_handler(&msg, lifecycle_change_request); - } - if ((signals & PSA_PLATFORM_SYSTEM_RESET_MSK) != 0) { - if (PSA_SUCCESS != psa_get(PSA_PLATFORM_SYSTEM_RESET_MSK, &msg)) { - continue; - } - message_handler(&msg, system_reset_request); - } - if ((signals & PSA_PLATFORM_IOCTL_MSK) != 0) { - if (PSA_SUCCESS != psa_get(PSA_PLATFORM_IOCTL_MSK, &msg)) { - continue; - } - message_handler(&msg, platform_ioctl); - } - } -} diff --git a/components/TARGET_PSA/services/platform/platform_psa.json b/components/TARGET_PSA/services/platform/platform_psa.json deleted file mode 100644 index 13a4e6f..0000000 --- a/components/TARGET_PSA/services/platform/platform_psa.json +++ /dev/null @@ -1,48 +0,0 @@ -{ - "name": "PLATFORM", - "type": "APPLICATION-ROT", - "priority": "NORMAL", - "id": "0x00000008", - "entry_point": "platform_partition_entry", - "stack_size": "0x400", - "heap_size": "0x400", - "services": [{ - "name": "PSA_PLATFORM_LC_GET", - "identifier": "0x00011000", - "signal": "PSA_PLATFORM_LC_GET_MSK", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "RELAXED" - }, - { - "name": "PSA_PLATFORM_LC_SET", - "identifier": "0x00011001", - "signal": "PSA_PLATFORM_LC_SET_MSK", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "RELAXED" - }, - { - "name": "PSA_PLATFORM_SYSTEM_RESET", - "identifier": "0x00011002", - "signal": "PSA_PLATFORM_SYSTEM_RESET_MSK", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "RELAXED" - }, - { - "name": "PSA_PLATFORM_IOCTL", - "identifier": "0x00011003", - "signal": "PSA_PLATFORM_IOCTL_MSK", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "RELAXED" - } - ], - "extern_sids": [ - "PSA_ITS_RESET" - ], - "source_files": [ - "COMPONENT_SPE/platform_partition.c" - ] - } diff --git a/components/TARGET_PSA/services/storage/its/COMPONENT_SPE/its_partition.c b/components/TARGET_PSA/services/storage/its/COMPONENT_SPE/its_partition.c deleted file mode 100644 index b73a88d..0000000 --- a/components/TARGET_PSA/services/storage/its/COMPONENT_SPE/its_partition.c +++ /dev/null @@ -1,221 +0,0 @@ -/* Copyright (c) 2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include -#include -#include "psa/client.h" -#include "psa/service.h" -#include "mbed_spm_partitions.h" -#include "psa/internal_trusted_storage.h" -#include "pits_impl.h" -#include "mbed_error.h" - -int kv_init_storage_config(); - -#ifdef __cplusplus -extern "C" -{ -#endif - -typedef psa_status_t (*SignalHandler)(psa_msg_t *); - -static psa_status_t storage_set(psa_msg_t *msg) -{ - psa_storage_uid_t key = 0; - void *data = NULL; - uint32_t alloc_size = msg->in_size[1]; - psa_storage_create_flags_t flags = 0; - - if ((msg->in_size[0] != sizeof(key)) || (msg->in_size[2] != sizeof(flags))) { - return PSA_DROP_CONNECTION; - } - - if (psa_read(msg->handle, 0, &key, sizeof(key)) != sizeof(key)) { - return PSA_DROP_CONNECTION; - } - - if (psa_read(msg->handle, 2, &flags, sizeof(flags)) != sizeof(flags)) { - return PSA_DROP_CONNECTION; - } - - data = malloc(alloc_size); - if (data == NULL) { - return PSA_ERROR_STORAGE_FAILURE; - } - - if (psa_read(msg->handle, 1, data, msg->in_size[1]) != msg->in_size[1]) { - free(data); - return PSA_ERROR_STORAGE_FAILURE; - } - - psa_status_t status = psa_its_set_impl(msg->client_id, key, alloc_size, data, flags); - memset(data, 0, alloc_size); - free(data); - return status; -} - -static psa_status_t storage_get(psa_msg_t *msg) -{ - psa_storage_uid_t key = 0; - uint32_t offset = 0; - size_t actual_size; - - if ((msg->in_size[0] != sizeof(key)) || - (msg->in_size[1] != sizeof(offset)) || - (msg->out_size[1] != sizeof(actual_size))) { - return PSA_DROP_CONNECTION; - } - - if (psa_read(msg->handle, 0, &key, sizeof(key)) != sizeof(key)) { - return PSA_DROP_CONNECTION; - } - - if (psa_read(msg->handle, 1, &offset, sizeof(offset)) != sizeof(offset)) { - return PSA_DROP_CONNECTION; - } - - uint8_t *data = (uint8_t *)malloc(msg->out_size[0]); - if (data == NULL) { - return PSA_ERROR_STORAGE_FAILURE; - } - - psa_status_t status = psa_its_get_impl(msg->client_id, key, offset, msg->out_size[0], data, &actual_size); - if (status == PSA_SUCCESS) { - psa_write(msg->handle, 0, data, actual_size); - psa_write(msg->handle, 1, &actual_size, sizeof(actual_size)); - } - - memset(data, 0, msg->out_size[0]); - free(data); - return status; -} - -static psa_status_t storage_info(psa_msg_t *msg) -{ - struct psa_storage_info_t info = { 0 }; - psa_storage_uid_t key = 0; - - if ((msg->in_size[0] != sizeof(key)) || (msg->out_size[0] != sizeof(info))) { - return PSA_DROP_CONNECTION; - } - - if (psa_read(msg->handle, 0, &key, sizeof(key)) != sizeof(key)) { - return PSA_DROP_CONNECTION; - } - - psa_status_t status = psa_its_get_info_impl(msg->client_id, key, &info); - if (status == PSA_SUCCESS) { - psa_write(msg->handle, 0, &info, msg->out_size[0]); - } - - return status; -} - -static psa_status_t storage_remove(psa_msg_t *msg) -{ - psa_storage_uid_t key = 0; - - if (msg->in_size[0] != sizeof(key)) { - return PSA_DROP_CONNECTION; - } - - if (psa_read(msg->handle, 0, &key, sizeof(key)) != sizeof(key)) { - return PSA_DROP_CONNECTION; - } - - return psa_its_remove_impl(msg->client_id, key); -} -static psa_status_t storage_reset(psa_msg_t *msg) -{ - (void)msg; - return psa_its_reset_impl(); -} - - - -static void message_handler(psa_msg_t *msg, SignalHandler handler) -{ - psa_status_t status = PSA_SUCCESS; - switch (msg->type) { - case PSA_IPC_CONNECT: //fallthrough - case PSA_IPC_DISCONNECT: { - break; - } - case PSA_IPC_CALL: { - status = handler(msg); - break; - } - default: { - SPM_PANIC("Unexpected message type %lu!", msg->type); - break; - } - } - psa_reply(msg->handle, status); -} - -void its_entry(void *ptr) -{ - psa_signal_t signals = 0; - psa_msg_t msg = {0}; - - while (1) { - signals = psa_wait(ITS_WAIT_ANY_SID_MSK, PSA_BLOCK); - // KVStore initiation: - // - Must be done after the psa_wait() call since only now we know OS initialization is done - // - Repeating calls has no effect - int kv_status = kv_init_storage_config(); - if (kv_status != MBED_SUCCESS) { - SPM_PANIC("KVStore initiation failed with status %d!", kv_status); - } - - if ((signals & PSA_ITS_SET_MSK) != 0) { - if (PSA_SUCCESS != psa_get(PSA_ITS_SET_MSK, &msg)) { - continue; - } - message_handler(&msg, storage_set); - } - if ((signals & PSA_ITS_GET_MSK) != 0) { - if (PSA_SUCCESS != psa_get(PSA_ITS_GET_MSK, &msg)) { - continue; - } - message_handler(&msg, storage_get); - } - if ((signals & PSA_ITS_INFO_MSK) != 0) { - if (PSA_SUCCESS != psa_get(PSA_ITS_INFO_MSK, &msg)) { - continue; - } - message_handler(&msg, storage_info); - } - if ((signals & PSA_ITS_REMOVE_MSK) != 0) { - if (PSA_SUCCESS != psa_get(PSA_ITS_REMOVE_MSK, &msg)) { - continue; - } - message_handler(&msg, storage_remove); - } - if ((signals & PSA_ITS_RESET_MSK) != 0) { - if (PSA_SUCCESS != psa_get(PSA_ITS_RESET_MSK, &msg)) { - continue; - } - message_handler(&msg, storage_reset); - } - - } -} - -#ifdef __cplusplus -} -#endif diff --git a/components/TARGET_PSA/services/storage/its/pits_psa.json b/components/TARGET_PSA/services/storage/its/pits_psa.json deleted file mode 100644 index 2296e0d..0000000 --- a/components/TARGET_PSA/services/storage/its/pits_psa.json +++ /dev/null @@ -1,53 +0,0 @@ -{ - "name": "ITS", - "type": "APPLICATION-ROT", - "priority": "NORMAL", - "id": "0x0000000A", - "entry_point": "its_entry", - "stack_size": "0x800", - "heap_size": "0x400", - "services": [{ - "name": "PSA_ITS_GET", - "identifier": "0x00011A00", - "signal": "PSA_ITS_GET_MSK", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "RELAXED" - }, - { - "name": "PSA_ITS_SET", - "identifier": "0x00011A01", - "signal": "PSA_ITS_SET_MSK", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "RELAXED" - }, - { - "name": "PSA_ITS_INFO", - "identifier": "0x00011A02", - "signal": "PSA_ITS_INFO_MSK", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "RELAXED" - }, - { - "name": "PSA_ITS_REMOVE", - "identifier": "0x00011A03", - "signal": "PSA_ITS_REMOVE_MSK", - "non_secure_clients": true, - "minor_version": 1, - "minor_policy": "RELAXED" - }, - { - "name": "PSA_ITS_RESET", - "identifier": "0x00011A04", - "signal": "PSA_ITS_RESET_MSK", - "non_secure_clients": false, - "minor_version": 1, - "minor_policy": "RELAXED" - } - ], - "source_files": [ - "COMPONENT_SPE/its_partition.c" - ] - } diff --git a/doxyfile_options b/doxyfile_options index bfe3239..6066385 100644 --- a/doxyfile_options +++ b/doxyfile_options @@ -2102,7 +2102,6 @@ DEVICE_QSPI \ DEVICE_STORAGE \ DEVICE_WATCHDOG \ - COMPONENT_SPE \ "TFM_LVL=1" \ "MBED_DEPRECATED_SINCE(d, m)=" \ "MBED_ENABLE_IF_CALLBACK_COMPATIBLE(F, M)=" \ diff --git a/doxygen_options.json b/doxygen_options.json index 2579019..0c7d39c 100644 --- a/doxygen_options.json +++ b/doxygen_options.json @@ -6,7 +6,7 @@ "SEARCH_INCLUDES": "YES", "INCLUDE_PATH": "", "INCLUDE_FILE_PATTERNS": "", - "PREDEFINED": "DOXYGEN_ONLY DEVICE_ANALOGIN DEVICE_ANALOGOUT DEVICE_CAN DEVICE_CRC DEVICE_ETHERNET DEVICE_EMAC DEVICE_FLASH DEVICE_I2C DEVICE_I2CSLAVE DEVICE_I2C_ASYNCH DEVICE_INTERRUPTIN DEVICE_ITM DEVICE_LPTICKER DEVICE_MPU DEVICE_PORTIN DEVICE_PORTINOUT DEVICE_PORTOUT DEVICE_PWMOUT DEVICE_RTC DEVICE_TRNG DEVICE_SERIAL DEVICE_SERIAL_ASYNCH DEVICE_SERIAL_FC DEVICE_SLEEP DEVICE_SPI DEVICE_SPI_ASYNCH DEVICE_SPISLAVE DEVICE_QSPI DEVICE_STORAGE DEVICE_WATCHDOG DEVICE_RESET_REASON COMPONENT_SPE \"TFM_LVL=1\" \"MBED_DEPRECATED_SINCE(f, g)=\" \"MBED_ENABLE_IF_CALLBACK_COMPATIBLE(F, M)=\" \"MBED_DEPRECATED(s)=\" \"BLE_ROLE_OBSERVER=1\" \"BLE_ROLE_BROADCASTER=1\" \"BLE_ROLE_PERIPHERAL=1\" \"BLE_ROLE_CENTRAL=1\" \"BLE_FEATURE_GATT_CLIENT=1\" \"BLE_FEATURE_GATT_SERVER=1\" \"BLE_FEATURE_SECURITY=1\" \"BLE_FEATURE_SECURE_CONNECTIONS=1\" \"BLE_FEATURE_SIGNING=1\" \"BLE_FEATURE_PHY_MANAGEMENT=1\" \"BLE_FEATURE_WHITELIST=1\" \"BLE_FEATURE_PRIVACY=1\" \"BLE_FEATURE_PERIODIC_ADVERTISING=1\" \"BLE_FEATURE_EXTENDED_ADVERTISING=1\"", + "PREDEFINED": "DOXYGEN_ONLY DEVICE_ANALOGIN DEVICE_ANALOGOUT DEVICE_CAN DEVICE_CRC DEVICE_ETHERNET DEVICE_EMAC DEVICE_FLASH DEVICE_I2C DEVICE_I2CSLAVE DEVICE_I2C_ASYNCH DEVICE_INTERRUPTIN DEVICE_ITM DEVICE_LPTICKER DEVICE_MPU DEVICE_PORTIN DEVICE_PORTINOUT DEVICE_PORTOUT DEVICE_PWMOUT DEVICE_RTC DEVICE_TRNG DEVICE_SERIAL DEVICE_SERIAL_ASYNCH DEVICE_SERIAL_FC DEVICE_SLEEP DEVICE_SPI DEVICE_SPI_ASYNCH DEVICE_SPISLAVE DEVICE_QSPI DEVICE_STORAGE DEVICE_WATCHDOG DEVICE_RESET_REASON \"TFM_LVL=1\" \"MBED_DEPRECATED_SINCE(f, g)=\" \"MBED_ENABLE_IF_CALLBACK_COMPATIBLE(F, M)=\" \"MBED_DEPRECATED(s)=\" \"BLE_ROLE_OBSERVER=1\" \"BLE_ROLE_BROADCASTER=1\" \"BLE_ROLE_PERIPHERAL=1\" \"BLE_ROLE_CENTRAL=1\" \"BLE_FEATURE_GATT_CLIENT=1\" \"BLE_FEATURE_GATT_SERVER=1\" \"BLE_FEATURE_SECURITY=1\" \"BLE_FEATURE_SECURE_CONNECTIONS=1\" \"BLE_FEATURE_SIGNING=1\" \"BLE_FEATURE_PHY_MANAGEMENT=1\" \"BLE_FEATURE_WHITELIST=1\" \"BLE_FEATURE_PRIVACY=1\" \"BLE_FEATURE_PERIODIC_ADVERTISING=1\" \"BLE_FEATURE_EXTENDED_ADVERTISING=1\"", "EXPAND_AS_DEFINED": "", "SKIP_FUNCTION_MACROS": "NO", "STRIP_CODE_COMMENTS": "NO", diff --git a/features/frameworks/TARGET_PSA/pal/pal_mbed_os_intf.cpp b/features/frameworks/TARGET_PSA/pal/pal_mbed_os_intf.cpp index ab1803d..435f882 100644 --- a/features/frameworks/TARGET_PSA/pal/pal_mbed_os_intf.cpp +++ b/features/frameworks/TARGET_PSA/pal/pal_mbed_os_intf.cpp @@ -89,13 +89,13 @@ static void inject_entropy() { -#if defined(MBEDTLS_ENTROPY_NV_SEED) || defined(COMPONENT_PSA_SRV_IPC) +#if defined(MBEDTLS_ENTROPY_NV_SEED) uint8_t seed[MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE] = { 0 }; for (int i = 0; i < MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE; ++i) { seed[i] = i; } mbedtls_psa_inject_entropy(seed, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE); -#endif // defined(MBEDTLS_ENTROPY_NV_SEED) || defined(COMPONENT_PSA_SRV_IPC) +#endif // defined(MBEDTLS_ENTROPY_NV_SEED) } diff --git a/features/mbedtls/mbed-crypto/platform/COMPONENT_SPE/crypto_struct_spe.h b/features/mbedtls/mbed-crypto/platform/COMPONENT_SPE/crypto_struct_spe.h deleted file mode 100644 index 1228032..0000000 --- a/features/mbedtls/mbed-crypto/platform/COMPONENT_SPE/crypto_struct_spe.h +++ /dev/null @@ -1,522 +0,0 @@ -/** - * \file psa/crypto_struct.h - * - * \brief PSA cryptography module: Mbed TLS structured type implementations - * - * \note This file may not be included directly. Applications must - * include psa/crypto.h. - * - * This file contains the definitions of some data structures with - * implementation-specific definitions. - * - * In implementations with isolation between the application and the - * cryptography module, it is expected that the front-end and the back-end - * would have different versions of this file. - * - *

Design notes about multipart operation structures

- * - * Each multipart operation structure contains a `psa_algorithm_t alg` - * field which indicates which specific algorithm the structure is for. - * When the structure is not in use, `alg` is 0. Most of the structure - * consists of a union which is discriminated by `alg`. - * - * Note that when `alg` is 0, the content of other fields is undefined. - * In particular, it is not guaranteed that a freshly-initialized structure - * is all-zero: we initialize structures to something like `{0, 0}`, which - * is only guaranteed to initializes the first member of the union; - * GCC and Clang initialize the whole structure to 0 (at the time of writing), - * but MSVC and CompCert don't. - * - * In Mbed Crypto, multipart operation structures live independently from - * the key. This allows Mbed Crypto to free the key objects when destroying - * a key slot. If a multipart operation needs to remember the key after - * the setup function returns, the operation structure needs to contain a - * copy of the key. - */ -/* - * Copyright (C) 2018, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#ifndef PSA_CRYPTO_STRUCT_H -#define PSA_CRYPTO_STRUCT_H - -#ifdef __cplusplus -extern "C" { -#endif - -/* Include the Mbed TLS configuration file, the way Mbed TLS does it - * in each of its header files. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#include "mbedtls/cipher.h" -#include "mbedtls/cmac.h" -#include "mbedtls/gcm.h" -#include "mbedtls/md.h" -#include "mbedtls/md2.h" -#include "mbedtls/md4.h" -#include "mbedtls/md5.h" -#include "mbedtls/ripemd160.h" -#include "mbedtls/sha1.h" -#include "mbedtls/sha256.h" -#include "mbedtls/sha512.h" - -struct psa_hash_operation_s -{ - psa_algorithm_t alg; - union - { - unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ -#if defined(MBEDTLS_MD2_C) - mbedtls_md2_context md2; -#endif -#if defined(MBEDTLS_MD4_C) - mbedtls_md4_context md4; -#endif -#if defined(MBEDTLS_MD5_C) - mbedtls_md5_context md5; -#endif -#if defined(MBEDTLS_RIPEMD160_C) - mbedtls_ripemd160_context ripemd160; -#endif -#if defined(MBEDTLS_SHA1_C) - mbedtls_sha1_context sha1; -#endif -#if defined(MBEDTLS_SHA256_C) - mbedtls_sha256_context sha256; -#endif -#if defined(MBEDTLS_SHA512_C) - mbedtls_sha512_context sha512; -#endif - } ctx; -}; - -#define PSA_HASH_OPERATION_INIT {0, {0}} -static inline struct psa_hash_operation_s psa_hash_operation_init( void ) -{ - const struct psa_hash_operation_s v = PSA_HASH_OPERATION_INIT; - return( v ); -} - -#if defined(MBEDTLS_MD_C) -typedef struct -{ - /** The hash context. */ - struct psa_hash_operation_s hash_ctx; - /** The HMAC part of the context. */ - uint8_t opad[PSA_HMAC_MAX_HASH_BLOCK_SIZE]; -} psa_hmac_internal_data; -#endif /* MBEDTLS_MD_C */ - -struct psa_mac_operation_s -{ - psa_algorithm_t alg; - unsigned int key_set : 1; - unsigned int iv_required : 1; - unsigned int iv_set : 1; - unsigned int has_input : 1; - unsigned int is_sign : 1; - uint8_t mac_size; - union - { - unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ -#if defined(MBEDTLS_MD_C) - psa_hmac_internal_data hmac; -#endif -#if defined(MBEDTLS_CMAC_C) - mbedtls_cipher_context_t cmac; -#endif - } ctx; -}; - -#define PSA_MAC_OPERATION_INIT {0, 0, 0, 0, 0, 0, 0, {0}} -static inline struct psa_mac_operation_s psa_mac_operation_init( void ) -{ - const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT; - return( v ); -} - -struct psa_cipher_operation_s -{ - psa_algorithm_t alg; - unsigned int key_set : 1; - unsigned int iv_required : 1; - unsigned int iv_set : 1; - uint8_t iv_size; - uint8_t block_size; - union - { - unsigned dummy; /* Enable easier initializing of the union. */ - mbedtls_cipher_context_t cipher; - } ctx; -}; - -#define PSA_CIPHER_OPERATION_INIT {0, 0, 0, 0, 0, 0, {0}} -static inline struct psa_cipher_operation_s psa_cipher_operation_init( void ) -{ - const struct psa_cipher_operation_s v = PSA_CIPHER_OPERATION_INIT; - return( v ); -} - -struct psa_aead_operation_s -{ - psa_algorithm_t alg; - unsigned int key_set : 1; - unsigned int iv_set : 1; - uint8_t iv_size; - uint8_t block_size; - union - { - unsigned dummy; /* Enable easier initializing of the union. */ - mbedtls_cipher_context_t cipher; - } ctx; -}; - -#define PSA_AEAD_OPERATION_INIT {0, 0, 0, 0, 0, {0}} -static inline struct psa_aead_operation_s psa_aead_operation_init( void ) -{ - const struct psa_aead_operation_s v = PSA_AEAD_OPERATION_INIT; - return( v ); -} - -#if defined(MBEDTLS_MD_C) -typedef struct -{ - uint8_t *info; - size_t info_length; - psa_hmac_internal_data hmac; - uint8_t prk[PSA_HASH_MAX_SIZE]; - uint8_t output_block[PSA_HASH_MAX_SIZE]; -#if PSA_HASH_MAX_SIZE > 0xff -#error "PSA_HASH_MAX_SIZE does not fit in uint8_t" -#endif - uint8_t offset_in_block; - uint8_t block_number; - unsigned int state : 2; - unsigned int info_set : 1; -} psa_hkdf_key_derivation_t; -#endif /* MBEDTLS_MD_C */ - -#if defined(MBEDTLS_MD_C) -typedef enum -{ - TLS12_PRF_STATE_INIT, /* no input provided */ - TLS12_PRF_STATE_SEED_SET, /* seed has been set */ - TLS12_PRF_STATE_KEY_SET, /* key has been set */ - TLS12_PRF_STATE_LABEL_SET, /* label has been set */ - TLS12_PRF_STATE_OUTPUT /* output has been started */ -} psa_tls12_prf_key_derivation_state_t; - -typedef struct psa_tls12_prf_key_derivation_s -{ -#if PSA_HASH_MAX_SIZE > 0xff -#error "PSA_HASH_MAX_SIZE does not fit in uint8_t" -#endif - - /* Indicates how many bytes in the current HMAC block have - * not yet been read by the user. */ - uint8_t left_in_block; - - /* The 1-based number of the block. */ - uint8_t block_number; - - psa_tls12_prf_key_derivation_state_t state; - - uint8_t *seed; - size_t seed_length; - uint8_t *label; - size_t label_length; - psa_hmac_internal_data hmac; - uint8_t Ai[PSA_HASH_MAX_SIZE]; - - /* `HMAC_hash( prk, A(i) + seed )` in the notation of RFC 5246, Sect. 5. */ - uint8_t output_block[PSA_HASH_MAX_SIZE]; -} psa_tls12_prf_key_derivation_t; -#endif /* MBEDTLS_MD_C */ - -struct psa_key_derivation_s -{ - psa_algorithm_t alg; - unsigned int can_output_key : 1; - size_t capacity; - union - { - /* Make the union non-empty even with no supported algorithms. */ - uint8_t dummy; -#if defined(MBEDTLS_MD_C) - psa_hkdf_key_derivation_t hkdf; - psa_tls12_prf_key_derivation_t tls12_prf; -#endif - } ctx; -}; - -/* This only zeroes out the first byte in the union, the rest is unspecified. */ -#define PSA_KEY_DERIVATION_OPERATION_INIT {0, 0, 0, {0}} -static inline struct psa_key_derivation_s psa_key_derivation_operation_init( void ) -{ - const struct psa_key_derivation_s v = PSA_KEY_DERIVATION_OPERATION_INIT; - return( v ); -} - -struct psa_key_policy_s -{ - psa_key_usage_t usage; - psa_algorithm_t alg; - psa_algorithm_t alg2; -}; -typedef struct psa_key_policy_s psa_key_policy_t; - -#define PSA_KEY_POLICY_INIT {0, 0, 0} -static inline struct psa_key_policy_s psa_key_policy_init( void ) -{ - const struct psa_key_policy_s v = PSA_KEY_POLICY_INIT; - return( v ); -} - -/* The type used internally for key sizes. - * Public interfaces use size_t, but internally we use a smaller type. */ -typedef uint16_t psa_key_bits_t; -/* The maximum value of the type used to represent bit-sizes. - * This is used to mark an invalid key size. */ -#define PSA_KEY_BITS_TOO_LARGE ( (psa_key_bits_t) ( -1 ) ) -/* The maximum size of a key in bits. - * Currently defined as the maximum that can be represented, rounded down - * to a whole number of bytes. - * This is an uncast value so that it can be used in preprocessor - * conditionals. */ -#define PSA_MAX_KEY_BITS 0xfff8 - -/** A mask of flags that can be stored in key attributes. - * - * This type is also used internally to store flags in slots. Internal - * flags are defined in library/psa_crypto_core.h. Internal flags may have - * the same value as external flags if they are properly handled during - * key creation and in psa_get_key_attributes. - */ -typedef uint16_t psa_key_attributes_flag_t; - -#define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER \ - ( (psa_key_attributes_flag_t) 0x0001 ) - -/* A mask of key attribute flags used externally only. - * Only meant for internal checks inside the library. */ -#define MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY ( \ - MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER | \ - 0 ) - -/* A mask of key attribute flags used both internally and externally. - * Currently there aren't any. */ -#define MBEDTLS_PSA_KA_MASK_DUAL_USE ( \ - 0 ) - -typedef struct -{ - psa_key_type_t type; - psa_key_lifetime_t lifetime; - psa_key_id_t id; - psa_key_policy_t policy; - psa_key_bits_t bits; - psa_key_attributes_flag_t flags; -} psa_core_key_attributes_t; - -/* The server must be able to interpret the attributes as specified by the - * client. The server works with the psa_key_id_t encoding the key owner, but - * the client works with the psa_key_id_t not containing the key owner (pure - * psa_app_key_id_t. */ -typedef struct -{ - psa_key_type_t type; - psa_key_lifetime_t lifetime; - psa_app_key_id_t id; - psa_key_policy_t policy; - psa_key_bits_t bits; - psa_key_attributes_flag_t flags; -} psa_client_core_key_attributes_t; - -#define PSA_CORE_KEY_ATTRIBUTES_INIT {0, 0, PSA_KEY_ID_INIT, PSA_KEY_POLICY_INIT, 0, 0} - -struct psa_key_attributes_s -{ - psa_core_key_attributes_t core; -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) - psa_key_slot_number_t slot_number; -#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - void *domain_parameters; - size_t domain_parameters_size; -}; - -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) -#define PSA_KEY_ATTRIBUTES_INIT {PSA_CORE_KEY_ATTRIBUTES_INIT, 0, NULL, 0} -#else -#define PSA_KEY_ATTRIBUTES_INIT {PSA_CORE_KEY_ATTRIBUTES_INIT, NULL, 0} -#endif -typedef struct psa_client_key_attributes_s -{ - psa_client_core_key_attributes_t core; -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) - psa_key_slot_number_t slot_number; -#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - void *domain_parameters; - size_t domain_parameters_size; -} psa_client_key_attributes_t; - -static inline struct psa_key_attributes_s psa_key_attributes_init( void ) -{ - const struct psa_key_attributes_s v = PSA_KEY_ATTRIBUTES_INIT; - return( v ); -} - -static void psa_core_attributes_to_client( - const psa_core_key_attributes_t *server, - psa_client_core_key_attributes_t *client) -{ - client->type = server->type; - client->lifetime = server->lifetime; - client->id = server->id.key_id; - client->policy = server->policy; - client->bits = server->bits; - client->flags = server->flags; -} - -static void psa_core_attributes_to_server( - const psa_client_core_key_attributes_t *client, - psa_key_owner_id_t owner, - psa_core_key_attributes_t *server) -{ - server->type = client->type; - server->lifetime = client->lifetime; - server->id.key_id = client->id; - server->id.owner = owner; - server->policy = client->policy; - server->bits = client->bits; - server->flags = client->flags; -} - -static inline void psa_set_key_id(psa_key_attributes_t *attributes, - psa_key_id_t id) -{ - attributes->core.id = id; - if( attributes->core.lifetime == PSA_KEY_LIFETIME_VOLATILE ) - attributes->core.lifetime = PSA_KEY_LIFETIME_PERSISTENT; -} - -static inline psa_key_id_t psa_get_key_id( - const psa_key_attributes_t *attributes) -{ - return( attributes->core.id ); -} - -static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes, - psa_key_lifetime_t lifetime) -{ - attributes->core.lifetime = lifetime; - if( lifetime == PSA_KEY_LIFETIME_VOLATILE ) - { -#ifdef MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER - attributes->core.id.key_id = 0; - attributes->core.id.owner = 0; -#else - attributes->core.id = 0; -#endif - } -} - -static inline psa_key_lifetime_t psa_get_key_lifetime( - const psa_key_attributes_t *attributes) -{ - return( attributes->core.lifetime ); -} - -static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes, - psa_key_usage_t usage_flags) -{ - attributes->core.policy.usage = usage_flags; -} - -static inline psa_key_usage_t psa_get_key_usage_flags( - const psa_key_attributes_t *attributes) -{ - return( attributes->core.policy.usage ); -} - -static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes, - psa_algorithm_t alg) -{ - attributes->core.policy.alg = alg; -} - -static inline psa_algorithm_t psa_get_key_algorithm( - const psa_key_attributes_t *attributes) -{ - return( attributes->core.policy.alg ); -} - -/* This function is declared in crypto_extra.h, which comes after this - * header file, but we need the function here, so repeat the declaration. */ -psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, - psa_key_type_t type, - const uint8_t *data, - size_t data_length); - -static inline void psa_set_key_type(psa_key_attributes_t *attributes, - psa_key_type_t type) -{ - if( attributes->domain_parameters == NULL ) - { - /* Common case: quick path */ - attributes->core.type = type; - } - else - { - /* Call the bigger function to free the old domain paramteres. - * Ignore any errors which may arise due to type requiring - * non-default domain parameters, since this function can't - * report errors. */ - (void) psa_set_key_domain_parameters( attributes, type, NULL, 0 ); - } -} - -static inline psa_key_type_t psa_get_key_type( - const psa_key_attributes_t *attributes) -{ - return( attributes->core.type ); -} - -static inline void psa_set_key_bits(psa_key_attributes_t *attributes, - size_t bits) -{ - if( bits > PSA_MAX_KEY_BITS ) - attributes->core.bits = PSA_KEY_BITS_TOO_LARGE; - else - attributes->core.bits = (psa_key_bits_t) bits; -} - -static inline size_t psa_get_key_bits( - const psa_key_attributes_t *attributes) -{ - return( attributes->core.bits ); -} - -#ifdef __cplusplus -} -#endif - -#endif /* PSA_CRYPTO_STRUCT_H */ diff --git a/hal/spm_api.h b/hal/spm_api.h deleted file mode 100644 index cc00974..0000000 --- a/hal/spm_api.h +++ /dev/null @@ -1,73 +0,0 @@ - -/** \addtogroup hal */ -/** @{*/ -/* Copyright (c) 2017-2018 ARM Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef __SPM_API_H__ -#define __SPM_API_H__ - -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - - -/** @defgroup SPM-HAL SPM HAL API - * The HAL functions for PSA SPM - * @{ - */ - - -/* ------------------------------------ HAL-SPE API ------------------------- */ - - -#if defined(COMPONENT_SPE) -/** - * Start running the NSPE. - * - * Secure Processing Environment (SPE) expected to boot first. Once all - * the initializations are done, Nonsecure Processing Environment (NSPE) - * should be booted. - * - * @note The function must be implemented by target specific code. - */ -void spm_hal_start_nspe(void); - - -/** - * Configure memory protection mechanism. - * - * Apply memory protection schemes to ensure secure memory can only be accessed - * from secure-state. - * - * @note The function must be implemented by target specific code. - * - */ -void spm_hal_memory_protection_init(void); - -#endif // defined(COMPONENT_SPE) - -#ifdef __cplusplus -} -#endif - -#endif // __SPM_API_H__ - -/** @}*/ diff --git a/platform/source/mbed_retarget.cpp b/platform/source/mbed_retarget.cpp index 9efc155..5938cbe 100644 --- a/platform/source/mbed_retarget.cpp +++ b/platform/source/mbed_retarget.cpp @@ -1077,7 +1077,7 @@ } // Do not compile this code for TFM secure target -#if !defined(COMPONENT_SPE) || !defined(TARGET_TFM) +#if !defined(TARGET_TFM) #if !defined(__MICROLIB) __asm(".global __use_two_region_memory\n\t"); @@ -1138,7 +1138,7 @@ return _mbed_user_setup_stackheap(R0, R1, R2, R3); } -#endif // !defined(COMPONENT_SPE) || !defined(TARGET_TFM) +#endif // !defined(TARGET_TFM) #endif