ARMmbed
/
mbed-os
mirror of https://github.com/ARMmbed/mbed-os.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Implement PSA protected storage & restructure PSA storage implementation 

- Move all PSA storage code under psa/storage directory
- Create a global PSA error codes header, eliminating ITS specific ones
- Create a common header file for PSA storage type definitions,
  eliminating ITS specific ones
- Create a common implementation for PS & ITS
- Implement protected storage feature
- Change ITS test to be common to PS as well
pull/9708/head
David Saada 2019-02-07 19:44:05 +02:00
parent fdc57f88cf
commit 41eb5cbfd9
28 changed files with 1149 additions and 563 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
TESTS/psa/entropy_inject/main.cpp
View File

@ -70,7 +70,6 @@ void validate_entropy_seed_injection(int seed_length_a,
void run_entropy_inject_with_crypto_init()
{
psa_its_status_t its_status;
psa_status_t status;
status = psa_crypto_init();
TEST_ASSERT_EQUAL_INT(PSA_ERROR_INSUFFICIENT_ENTROPY, status);
@ -158,7 +157,7 @@ utest::v1::status_t case_teardown_handler(const Case *const source, const size_t
{
psa_status_t status;
status = mbed_psa_reboot_and_request_new_security_state(PSA_LIFECYCLE_ASSEMBLY_AND_TEST);
TEST_ASSERT_EQUAL(PSA_ITS_SUCCESS, status);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
mbedtls_psa_crypto_free();
return greentea_case_teardown_handler(source, passed, failed, reason);
}
@ -167,7 +166,7 @@ utest::v1::status_t case_setup_handler(const Case *const source, const size_t in
{
psa_status_t status;
status = mbed_psa_reboot_and_request_new_security_state(PSA_LIFECYCLE_ASSEMBLY_AND_TEST);
TEST_ASSERT_EQUAL(PSA_ITS_SUCCESS, status);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
return greentea_case_setup_handler(source, index_of_case);
}

146
TESTS/psa/its/main.cpp
View File

@ -1,146 +0,0 @@
/*
* Copyright (c) 2018 ARM Limited. All rights reserved.
*
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an AS IS BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef TARGET_PSA
#error [NOT_SUPPORTED] ITS tests can run only on PSA-enabled targets.
#endif // TARGET_PSA
#include "greentea-client/test_env.h"
#include "unity/unity.h"
#include "utest/utest.h"
#include "psa/internal_trusted_storage.h"
#include "psa/lifecycle.h"
using namespace utest::v1;
#define TEST_BUFF_SIZE 16
static void pits_test()
{
psa_its_status_t status = PSA_ITS_SUCCESS;
uint8_t write_buff[TEST_BUFF_SIZE] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F};
uint8_t read_buff[TEST_BUFF_SIZE] = {0};
struct psa_its_info_t info = {0, PSA_ITS_FLAG_WRITE_ONCE};
memset(read_buff, 0, TEST_BUFF_SIZE);
status = psa_its_get_info(5, &info);
TEST_ASSERT_EQUAL(PSA_ITS_ERROR_UID_NOT_FOUND, status);
status = psa_its_set(5, TEST_BUFF_SIZE, write_buff, 0);
TEST_ASSERT_EQUAL(PSA_ITS_SUCCESS, status);
status = psa_its_get_info(5, &info);
TEST_ASSERT_EQUAL(PSA_ITS_SUCCESS, status);
TEST_ASSERT_EQUAL(TEST_BUFF_SIZE, info.size);
TEST_ASSERT_EQUAL(0, info.flags);
status = psa_its_get(5, 0, TEST_BUFF_SIZE, read_buff);
TEST_ASSERT_EQUAL(PSA_ITS_SUCCESS, status);
TEST_ASSERT_EQUAL_MEMORY(write_buff, read_buff, TEST_BUFF_SIZE);
memset(read_buff, 0, TEST_BUFF_SIZE);
status = psa_its_get(5, 1, TEST_BUFF_SIZE, read_buff);
TEST_ASSERT_NOT_EQUAL(PSA_ITS_SUCCESS, status);
status = psa_its_get(5, 1, TEST_BUFF_SIZE - 1, read_buff);
TEST_ASSERT_EQUAL(PSA_ITS_SUCCESS, status);
TEST_ASSERT_EQUAL_MEMORY(write_buff + 1, read_buff, TEST_BUFF_SIZE - 1);
status = psa_its_remove(5);
TEST_ASSERT_EQUAL(PSA_ITS_SUCCESS, status);
status = psa_its_get_info(5, &info);
TEST_ASSERT_EQUAL(PSA_ITS_ERROR_UID_NOT_FOUND, status);
}
static void pits_write_once_test()
{
psa_its_status_t status = PSA_ITS_SUCCESS;
uint8_t write_buff[TEST_BUFF_SIZE] = {0x0F, 0x0E, 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00};
uint8_t read_buff[TEST_BUFF_SIZE] = {0};
struct psa_its_info_t info = {0, 0};
status = psa_its_get_info(5, &info);
TEST_ASSERT_EQUAL(PSA_ITS_ERROR_UID_NOT_FOUND, status);
status = psa_its_set(5, TEST_BUFF_SIZE, write_buff, PSA_ITS_FLAG_WRITE_ONCE);
TEST_ASSERT_EQUAL(PSA_ITS_SUCCESS, status);
info.size = 0;
info.flags = PSA_ITS_FLAG_NONE;
status = psa_its_get_info(5, &info);
TEST_ASSERT_EQUAL(PSA_ITS_SUCCESS, status);
TEST_ASSERT_EQUAL(TEST_BUFF_SIZE, info.size);
TEST_ASSERT_EQUAL(PSA_ITS_FLAG_WRITE_ONCE, info.flags);
status = psa_its_get(5, 0, TEST_BUFF_SIZE, read_buff);
TEST_ASSERT_EQUAL(PSA_ITS_SUCCESS, status);
TEST_ASSERT_EQUAL_MEMORY(write_buff, read_buff, TEST_BUFF_SIZE);
status = psa_its_set(5, TEST_BUFF_SIZE, write_buff, PSA_ITS_FLAG_WRITE_ONCE);
TEST_ASSERT_NOT_EQUAL(PSA_ITS_SUCCESS, status);
status = psa_its_set(5, TEST_BUFF_SIZE, write_buff, 0);
TEST_ASSERT_NOT_EQUAL(PSA_ITS_SUCCESS, status);
status = psa_its_remove(5);
TEST_ASSERT_NOT_EQUAL(PSA_ITS_SUCCESS, status);
info.size = 0;
info.flags = PSA_ITS_FLAG_NONE;
status = psa_its_get_info(5, &info);
TEST_ASSERT_EQUAL(PSA_ITS_SUCCESS, status);
TEST_ASSERT_EQUAL(TEST_BUFF_SIZE, info.size);
TEST_ASSERT_EQUAL(PSA_ITS_FLAG_WRITE_ONCE, info.flags);
}
utest::v1::status_t case_teardown_handler(const Case *const source, const size_t passed, const size_t failed, const failure_t reason)
{
psa_status_t status;
status = mbed_psa_reboot_and_request_new_security_state(PSA_LIFECYCLE_ASSEMBLY_AND_TEST);
TEST_ASSERT_EQUAL(PSA_LIFECYCLE_SUCCESS, status);
return greentea_case_teardown_handler(source, passed, failed, reason);
}
utest::v1::status_t case_setup_handler(const Case *const source, const size_t index_of_case)
{
psa_status_t status;
status = mbed_psa_reboot_and_request_new_security_state(PSA_LIFECYCLE_ASSEMBLY_AND_TEST);
TEST_ASSERT_EQUAL(PSA_LIFECYCLE_SUCCESS, status);
return greentea_case_setup_handler(source, index_of_case);
}
Case cases[] = {
Case("PSA prot internal storage - Basic", case_setup_handler, pits_test, case_teardown_handler),
Case("PSA prot internal storage - Write-once", case_setup_handler, pits_write_once_test, case_teardown_handler)
};
utest::v1::status_t greentea_test_setup(const size_t number_of_cases)
{
#ifndef NO_GREENTEA
GREENTEA_SETUP(60, "default_auto");
#endif
return greentea_test_setup_handler(number_of_cases);
}
Specification specification(greentea_test_setup, cases, greentea_test_teardown_handler);
int main()
{
return !Harness::run(specification);
}

198
TESTS/psa/its_ps/main.cpp Normal file
View File

@ -0,0 +1,198 @@
/*
* Copyright (c) 2019 ARM Limited. All rights reserved.
*
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an AS IS BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef TARGET_PSA
#error [NOT_SUPPORTED] ITS/PS tests can run only on PSA-enabled targets.
#endif // TARGET_PSA
#include "greentea-client/test_env.h"
#include "unity/unity.h"
#include "utest/utest.h"
#include "psa/error.h"
#include "psa/storage_common.h"
#include "psa/internal_trusted_storage.h"
#include "psa/protected_storage.h"
#include "psa/lifecycle.h"
using namespace utest::v1;
#define TEST_BUFF_SIZE 16
typedef enum {
its,
ps
} storage_type_t;
extern "C" psa_status_t psa_ps_reset();
static psa_status_t set_func(storage_type_t stype, psa_storage_uid_t uid, uint32_t data_length,
const void *p_data, psa_storage_create_flags_t create_flags)
{
return (stype == its) ?
psa_its_set(uid, data_length, p_data, create_flags) :
psa_ps_set(uid, data_length, p_data, create_flags);
}
static psa_status_t get_func(storage_type_t stype, psa_storage_uid_t uid, uint32_t data_offset,
uint32_t data_length, void *p_data)
{
return (stype == its) ?
psa_its_get(uid, data_offset, data_length, p_data) :
psa_ps_get(uid, data_offset, data_length, p_data);
}
static psa_status_t get_info_func(storage_type_t stype, psa_storage_uid_t uid,
struct psa_storage_info_t *p_info)
{
return (stype == its) ?
psa_its_get_info(uid, p_info) :
psa_ps_get_info(uid, p_info);
}
static psa_status_t remove_func(storage_type_t stype, psa_storage_uid_t uid)
{
return (stype == its) ?
psa_its_remove(uid) :
psa_ps_remove(uid);
}
template <storage_type_t stype>
void pits_ps_test()
{
psa_status_t status = PSA_SUCCESS;
uint8_t write_buff[TEST_BUFF_SIZE] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F};
uint8_t read_buff[TEST_BUFF_SIZE] = {0};
struct psa_storage_info_t info = {0, PSA_STORAGE_FLAG_WRITE_ONCE};
memset(read_buff, 0, TEST_BUFF_SIZE);
status = get_info_func(stype, 5, &info);
TEST_ASSERT_EQUAL(PSA_ERROR_DOES_NOT_EXIST, status);
status = set_func(stype, 5, TEST_BUFF_SIZE, write_buff, 0);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
status = get_info_func(stype, 5, &info);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
TEST_ASSERT_EQUAL(TEST_BUFF_SIZE, info.size);
TEST_ASSERT_EQUAL(0, info.flags);
status = get_func(stype, 5, 0, TEST_BUFF_SIZE, read_buff);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
TEST_ASSERT_EQUAL_MEMORY(write_buff, read_buff, TEST_BUFF_SIZE);
memset(read_buff, 0, TEST_BUFF_SIZE);
status = get_func(stype, 5, 1, TEST_BUFF_SIZE, read_buff);
TEST_ASSERT_NOT_EQUAL(PSA_SUCCESS, status);
status = get_func(stype, 5, 1, TEST_BUFF_SIZE - 1, read_buff);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
TEST_ASSERT_EQUAL_MEMORY(write_buff + 1, read_buff, TEST_BUFF_SIZE - 1);
status = remove_func(stype, 5);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
status = get_info_func(stype, 5, &info);
TEST_ASSERT_EQUAL(PSA_ERROR_DOES_NOT_EXIST, status);
}
template <storage_type_t stype>
void pits_ps_write_once_test()
{
psa_status_t status = PSA_SUCCESS;
uint8_t write_buff[TEST_BUFF_SIZE] = {0x0F, 0x0E, 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00};
uint8_t read_buff[TEST_BUFF_SIZE] = {0};
struct psa_storage_info_t info = {0, 0};
status = get_info_func(stype, 5, &info);
TEST_ASSERT_EQUAL(PSA_ERROR_DOES_NOT_EXIST, status);
status = set_func(stype, 5, TEST_BUFF_SIZE, write_buff, PSA_STORAGE_FLAG_WRITE_ONCE);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
info.size = 0;
info.flags = PSA_STORAGE_FLAG_WRITE_ONCE;
status = get_info_func(stype, 5, &info);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
TEST_ASSERT_EQUAL(TEST_BUFF_SIZE, info.size);
TEST_ASSERT_EQUAL(PSA_STORAGE_FLAG_WRITE_ONCE, info.flags);
status = get_func(stype, 5, 0, TEST_BUFF_SIZE, read_buff);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
TEST_ASSERT_EQUAL_MEMORY(write_buff, read_buff, TEST_BUFF_SIZE);
status = set_func(stype, 5, TEST_BUFF_SIZE, write_buff, PSA_STORAGE_FLAG_WRITE_ONCE);
TEST_ASSERT_EQUAL(PSA_ERROR_NOT_PERMITTED, status);
status = set_func(stype, 5, TEST_BUFF_SIZE, write_buff, 0);
TEST_ASSERT_EQUAL(PSA_ERROR_NOT_PERMITTED, status);
status = remove_func(stype, 5);
TEST_ASSERT_EQUAL(PSA_ERROR_NOT_PERMITTED, status);
info.size = 0;
info.flags = PSA_STORAGE_FLAG_WRITE_ONCE;
status = get_info_func(stype, 5, &info);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
TEST_ASSERT_EQUAL(TEST_BUFF_SIZE, info.size);
TEST_ASSERT_EQUAL(PSA_STORAGE_FLAG_WRITE_ONCE, info.flags);
}
utest::v1::status_t case_its_teardown_handler(const Case *const source, const size_t passed, const size_t failed, const failure_t reason)
{
psa_status_t status;
status = mbed_psa_reboot_and_request_new_security_state(PSA_LIFECYCLE_ASSEMBLY_AND_TEST);
TEST_ASSERT_EQUAL(PSA_LIFECYCLE_SUCCESS, status);
return greentea_case_teardown_handler(source, passed, failed, reason);
}
template <storage_type_t stype>
utest::v1::status_t case_its_setup_handler(const Case *const source, const size_t index_of_case)
{
psa_status_t status;
if (stype == its) {
status = mbed_psa_reboot_and_request_new_security_state(PSA_LIFECYCLE_ASSEMBLY_AND_TEST);
TEST_ASSERT_EQUAL(PSA_LIFECYCLE_SUCCESS, status);
} else {
status = psa_ps_reset();
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
}
return greentea_case_setup_handler(source, index_of_case);
}
Case cases[] = {
Case("PSA prot internal storage - Basic", case_its_setup_handler<its>, pits_ps_test<its>, case_its_teardown_handler),
Case("PSA prot internal storage - Write-once", case_its_setup_handler<its>, pits_ps_write_once_test<its>, case_its_teardown_handler),
Case("PSA protected storage - Basic", case_its_setup_handler<ps>, pits_ps_test<ps>),
Case("PSA protected storage - Write-once", case_its_setup_handler<ps>, pits_ps_write_once_test<ps>)
};
utest::v1::status_t greentea_test_setup(const size_t number_of_cases)
{
#ifndef NO_GREENTEA
GREENTEA_SETUP(60, "default_auto");
#endif
return greentea_test_setup_handler(number_of_cases);
}
Specification specification(greentea_test_setup, cases, greentea_test_teardown_handler);
int main()
{
return !Harness::run(specification);
}

3
components/TARGET_PSA/TARGET_MBED_SPM/psa_defs.h
View File

@ -26,6 +26,7 @@
#include <stdint.h>
#include <stdlib.h>
#include "psa/error.h"
/* --------------------------------- extern "C" wrapper ------------------------------ */
@ -60,7 +61,6 @@ extern "C" {
#define PSA_DOORBELL (0x00000008UL) /**< Mask for PSA_DOORBELL signal.*/
#define PSA_SUCCESS (0L) /**< A general result code for calls to psa_call() indicating success.*/
#define PSA_IPC_CONNECT (1) /**< The IPC message type that indicates a new connection.*/
#define PSA_IPC_CALL (2) /**< The IPC message type that indicates a client request.*/
#define PSA_IPC_DISCONNECT (3) /**< The IPC message type that indicates the end of a connection.*/
@ -75,7 +75,6 @@ extern "C" {
/* -------------------------------------- Typedefs ----------------------------------- */
typedef uint32_t psa_signal_t;
typedef int32_t psa_status_t;
typedef int32_t psa_handle_t;
typedef psa_status_t error_t;

56
components/TARGET_PSA/inc/psa/error.h Normal file
View File

@ -0,0 +1,56 @@
/*
* Copyright (c) 2019 ARM Limited. All rights reserved.
*
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an AS IS BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/* psa/error.h
Standard error codes for the SPM and RoT Services
As defined in PSA Firmware Framework v1.0
*/
#ifndef __PSA_ERROR__
#define __PSA_ERROR__
#include <stddef.h>
#include <stdint.h>
typedef int32_t psa_status_t;
#define PSA_SUCCESS ((psa_status_t)0)
#define PSA_ERROR_PROGRAMMER_ERROR ((psa_status_t)-129)
#define PSA_ERROR_CONNECTION_REFUSED ((psa_status_t)-130)
#define PSA_ERROR_CONNECTION_BUSY ((psa_status_t)-131)
#define PSA_ERROR_GENERIC_ERROR ((psa_status_t)-132)
#define PSA_ERROR_NOT_PERMITTED ((psa_status_t)-133)
#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)-134)
#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)-135)
#define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136)
#define PSA_ERROR_BAD_STATE ((psa_status_t)-137)
#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)-138)
#define PSA_ERROR_ALREADY_EXISTS ((psa_status_t)-139)
#define PSA_ERROR_DOES_NOT_EXIST ((psa_status_t)-140)
#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)-141)
#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)-142)
#define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143)
#define PSA_ERROR_SERVICE_FAILURE ((psa_status_t)-144)
#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)-145)
#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)-146)
#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)-147)
#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149)
#define PSA_ERROR_DATA_CORRUPT ((psa_status_t)-152)
#endif // __PSA_ERROR__

200
components/TARGET_PSA/inc/psa/protected_storage.h Normal file
View File

@ -0,0 +1,200 @@
/* Copyright (C) 2019, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/** @file
@brief This file describes the PSA Protected Storage API
*/
#ifndef __PSA_PROTECTED_STORAGE_H__
#define __PSA_PROTECTED_STORAGE_H__
#include <stddef.h>
#include <stdint.h>
#include "psa/error.h"
#include "psa/storage_common.h"
#ifdef __cplusplus
extern "C" {
#endif
#define PSA_PS_API_VERSION_MAJOR 1 /**< The major version number of the PSA PS API. It will be incremented on significant updates that may include breaking changes */
#define PSA_PS_API_VERSION_MINOR 1 /**< The minor version number of the PSA PS API. It will be incremented in small updates that are unlikely to include breaking changes */
/**
* \brief create a new or modify an existing key/value pair
*
* \param[in] uid the identifier for the data
* \param[in] data_length The size in bytes of the data in `p_data`
* \param[in] p_data A buffer containing the data
* \param[in] create_flags The flags indicating the properties of the data
*
* \return A status indicating the success/failure of the operation
* \retval PSA_SUCCESS The operation completed successfully
* \retval PSA_ERROR_NOT_PERMITTED The operation failed because the provided uid value was already created with PSA_STORAGE_WRITE_ONCE_FLAG
* \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one or more of the given arguments were invalid.
* \retval PSA_ERROR_NOT_SUPPORTED The operation failed because one or more of the flags provided in `create_flags` is not supported or is not valid
* \retval PSA_ERROR_INSUFFICIENT_STORAGE The operation failed because there was insufficient space on the storage medium
* \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
* \retval PSA_ERROR_GENERIC_ERROR The operation failed because of an unspecified internal failure
*/
psa_status_t psa_ps_set(psa_storage_uid_t uid,
uint32_t data_length,
const void *p_data,
psa_storage_create_flags_t create_flags);
/**
* \brief Retrieve the value for a provided uid
*
* \param[in] uid The identifier for the data
* \param[in] data_offset The offset within the data associated with the `uid` to start retrieving data
* \param[in] data_length The amount of data to read (and the minimum allocated size of the `p_data` buffer)
* \param[out] p_data The buffer where the data will be placed upon successful completion
*
* \return A status indicating the success/failure of the operation
*
* \retval PSA_SUCCESS The operation completed successfully
* \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one or more of the given arguments were invalid (null pointer, wrong flags etc.)
* \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided uid value was not found in the storage
* \retval PSA_ERROR_BUFFER_TOO_SMALL The operation failed because the data associated with provided uid is not the same size as `data_size`
* \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
* \retval PSA_ERROR_GENERIC_ERROR The operation failed because of an unspecified internal failure
* \retval PSA_ERROR_DATA_CORRUPT The operation failed because of an authentication failure when attempting to get the key
* \retval PSA_ERROR_INVALID_SIGNATURE The operation failed because the data associated with the UID failed authentication
*/
psa_status_t psa_ps_get(psa_storage_uid_t uid,
uint32_t data_offset,
uint32_t data_length,
void *p_data);
/**
* \brief Retrieve the metadata about the provided uid
*
* \param[in] uid The identifier for the data
* \param[out] p_info A pointer to the `psa_storage_info_t` struct that will be populated with the metadata
*
* \return A status indicating the success/failure of the operation
*
* \retval PSA_SUCCESS The operation completed successfully
* \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one or more of the given arguments were invalid (null pointer, wrong flags etc.)
* \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided uid value was not found in the storage
* \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
* \retval PSA_ERROR_GENERIC_ERROR The operation failed because of an unspecified internal failure
* \retval PSA_ERROR_DATA_CORRUPT The operation failed because of an authentication failure when attempting to get the key
* \retval PSA_ERROR_INVALID_SIGNATURE The operation failed because the data associated with the UID failed authentication
*/
psa_status_t psa_ps_get_info(psa_storage_uid_t uid, struct psa_storage_info_t *p_info);
/**
* \brief Remove the provided uid and its associated data from the storage
*
* \param[in] uid The identifier for the data to be removed
*
* \return A status indicating the success/failure of the operation
*
* \retval PSA_SUCCESS The operation completed successfully
* \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one or more of the given arguments were invalid (null pointer, wrong flags etc.)
* \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided uid value was not found in the storage
* \retval PSA_ERROR_NOT_PERMITTED The operation failed because the provided uid value was created with psa_eps_WRITE_ONCE_FLAG
* \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
* \retval PSA_ERROR_GENERIC_ERROR The operation failed because of an unspecified internal failure
*/
psa_status_t psa_ps_remove(psa_storage_uid_t uid);
/**
* Creates an asset based on the given identifier, the maximum size and
* creation flags. This create allocates the space in the secure storage
* area without setting any data in the asset.
*
* It is only necessary to call this function for items that will be written
* with the \ref psa_ps_set_extended function. If only the \ref psa_ps_set function
* is needed, calls to this function are redundant.
*
* If the \ref PSA_STORAGE_FLAG_WRITE_ONCE flag is passed, implementations should
* return \ref PSA_ERROR_NOT_SUPPORTED.
*
* This function is optional. Not all PSA Protected Storage Implementations
* will implement this function. Consult the documentation of your chosen
* platform to determine if it is present.
*
* \param[in] uid A unique identifier for the asset.
* \param[in] size The maximum size in bytes of the asset.
* \param[in] create_flags Create flags \ref psa_storage_create_flags_t.
*
* \retval PSA_SUCCESS The assest does not exist and the input parameters are correct or
* the asset already exists, the input parameters are the same that
* have been used to create the asset and the owner is the same and the current asset content is kept
* TDB: "Owner is the same" doesn't really make sense from a PSA perspective, as each partition
* has its own UID space, making other partitions' data unadressable
* \retval PSA_ERROR_STORAGE_FAILURE The create action has a physical storage error
* \retval PSA_ERROR_INSUFFICIENT_STORAGE The maximum size is bigger of the current available space
* \retval PSA_ERROR_NOT_SUPPORTED One or more create_flags are not valid or supported
* \retval PSA_ERROR_INVALID_ARGUMENT The asset exists and the input paramters are not the same as the existing asset
* \retval PSA_ERROR_NOT_SUPPORTED The implementation of the API does not support this function
* \retval PSA_ERROR_GENERIC_ERROR The operation has failed due to an unspecified error
*/
psa_status_t psa_ps_create(psa_storage_uid_t uid,
uint32_t size,
psa_storage_create_flags_t create_flags);
/**
* Sets partial data into an asset based on the given identifier, data_offset,
* data length and p_data.
*
* Before calling this function, the asset must have been created with a call
* to \ref psa_ps_create.
*
* This function is optional. Not all PSA Protected Storage Implementations
* will implement this function. Consult the documentation of your chosen
* platform to determine if it is present.
*
* \param[in] uid The unique identifier for the asset.
* \param[in] data_offset Offset within the asset to start the write.
* \param[in] data_length The size in bytes of the data in p_data to write.
* \param[in] p_data Pointer to a buffer which contains the data to write.
*
* \retval PSA_SUCCESS If the asset exists, the input parameters are correct and the data
* is correctly written in the physical storage
* \retval PSA_ERROR_STORAGE_FAILURE If the data is not written correctly in the physical storage
* \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one or more of the given arguments were invalid (null pointer, wrong flags, etc)
* \retval PSA_ERROR_DOES_NOT_EXIST The specified UID was not found
* \retval PSA_ERROR_NOT_SUPPORTED The implementation of the API does not support this function
* \retval PSA_ERROR_GENERIC_ERROR The operation failed due to an unspecified error
* \retval PSA_ERROR_DATA_CORRUPT The operation failed because the existing data has been corrupted
* \retval PSA_ERROR_INVALID_SIGNATURE The operation failed because the existing data failed authentication (MAC check failed)
*/
psa_status_t psa_ps_set_extended(psa_storage_uid_t uid,
uint32_t data_offset,
uint32_t data_length,
const void *p_data);
/**
* Returns a bitmask with flags set for all of the optional features supported
* by the implementation.
*
* Currently defined flags are limited to:
* - \ref PSA_STORAGE_SUPPORT_SET_EXTENDED
*/
uint32_t psa_ps_get_support(void);
#ifdef __cplusplus
}
#endif
#endif // __PSA_PROTECTED_STORAGE_H__

61
components/TARGET_PSA/inc/psa/storage_common.h Normal file
View File

@ -0,0 +1,61 @@
/* Copyright (C) 2019, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/** @file
@brief This file includes common definitions for PSA storage
*/
#ifndef __PSA_STORAGE_COMMON_H__
#define __PSA_STORAGE_COMMON_H__
#include <stddef.h>
#include <stdint.h>
#include "psa/error.h"
#ifdef __cplusplus
extern "C" {
#endif
/** \brief Flags used when creating a data entry
*/
typedef uint32_t psa_storage_create_flags_t;
#define PSA_STORAGE_FLAG_NONE 0 /**< No flags to pass */
#define PSA_STORAGE_FLAG_WRITE_ONCE (1 << 0) /**< The data associated with the uid will not be able to be modified or deleted. Intended to be used to set bits in `psa_storage_create_flags_t`*/
/** \brief A type for UIDs used for identifying data
*/
typedef uint64_t psa_storage_uid_t;
/**
* \brief A container for metadata associated with a specific uid
*/
struct psa_storage_info_t {
uint32_t size; /**< The size of the data associated with a uid **/
psa_storage_create_flags_t flags; /**< The flags set when the uid was created **/
};
/** \brief Flag indicating that \ref psa_storage_create and \ref psa_storage_set_extended are supported */
#define PSA_STORAGE_SUPPORT_SET_EXTENDED (1 << 0)
/** \brief PSA storage specific error codes */
#define PSA_ERROR_DATA_CORRUPT ((psa_status_t)-152)
#ifdef __cplusplus
}
#endif
#endif // __PSA_STORAGE_COMMON_H__

26
components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c
View File

@ -140,7 +140,7 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation,
};
if (operation->handle <= 0) {
return (PSA_ERROR_BAD_STATE);
return (PSA_ERROR_INVALID_ARGUMENT);
}
err = psa_call(operation->handle, in_vec, 2, NULL, 0);
@ -167,7 +167,7 @@ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
psa_outvec out_vec[2] = { { mac, mac_size }, { mac_length, sizeof(*mac_length) } };
if (operation->handle <= 0) {
return (PSA_ERROR_BAD_STATE);
return (PSA_ERROR_INVALID_ARGUMENT);
}
err_call = psa_call(operation->handle, in_vec, 2, out_vec, 2);
@ -196,7 +196,7 @@ psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation,
};
if (operation->handle <= 0) {
return (PSA_ERROR_BAD_STATE);
return (PSA_ERROR_INVALID_ARGUMENT);
}
err_call = psa_call(operation->handle, in_vec, 3, NULL, 0);
@ -277,7 +277,7 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation,
};
if (operation->handle <= 0) {
return (PSA_ERROR_BAD_STATE);
return (PSA_ERROR_INVALID_ARGUMENT);
}
err = psa_call(operation->handle, in_vec, 2, NULL, 0);
@ -306,7 +306,7 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
};
if (operation->handle <= 0) {
return (PSA_ERROR_BAD_STATE);
return (PSA_ERROR_INVALID_ARGUMENT);
}
err_call = psa_call(operation->handle, in_vec, 2, out_vec, 2);
@ -335,7 +335,7 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
};
if (operation->handle <= 0) {
return (PSA_ERROR_BAD_STATE);
return (PSA_ERROR_INVALID_ARGUMENT);
}
err_call = psa_call(operation->handle, in_vec, 3, NULL, 0);
@ -1206,7 +1206,7 @@ psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator,
psa_outvec out_vec = { capacity, sizeof(*capacity) };
if (generator->handle <= 0) {
return (PSA_ERROR_BAD_STATE);
return (PSA_ERROR_INVALID_ARGUMENT);
}
err_call = psa_call(generator->handle, &in_vec, 1, &out_vec, 1);
@ -1228,7 +1228,7 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator,
psa_outvec out_vec = { output, output_length };
if (generator->handle <= 0) {
return (PSA_ERROR_BAD_STATE);
return (PSA_ERROR_INVALID_ARGUMENT);
}
err_call = psa_call(generator->handle, &in_vec, 1, &out_vec, 1);
@ -1254,7 +1254,7 @@ psa_status_t psa_generator_import_key(psa_key_handle_t key_handle,
};
if (generator->handle <= 0) {
return (PSA_ERROR_BAD_STATE);
return (PSA_ERROR_INVALID_ARGUMENT);
}
err_call = psa_call(generator->handle, in_vec, 3, NULL, 0);
@ -1432,7 +1432,7 @@ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation,
};
if (operation->handle <= 0) {
return (PSA_ERROR_BAD_STATE);
return (PSA_ERROR_INVALID_ARGUMENT);
}
err = psa_call(operation->handle, &in_vec, 1, out_vec, 2);
@ -1460,7 +1460,7 @@ psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation,
};
if (operation->handle <= 0) {
return (PSA_ERROR_BAD_STATE);
return (PSA_ERROR_INVALID_ARGUMENT);
}
err = psa_call(operation->handle, in_vec, 2, NULL, 0);
@ -1500,7 +1500,7 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
};
if (operation->handle <= 0) {
return (PSA_ERROR_BAD_STATE);
return (PSA_ERROR_INVALID_ARGUMENT);
}
err = psa_call(operation->handle, in_vec, 2, out_vec, 2);
@ -1535,7 +1535,7 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
};
if (operation->handle <= 0) {
return (PSA_ERROR_BAD_STATE);
return (PSA_ERROR_INVALID_ARGUMENT);
}
err_call = psa_call(operation->handle, &in_vec, 1, out_vec, 2);

2
components/TARGET_PSA/services/platform/COMPONENT_PSA_SRV_IMPL/platform_srv_impl.c
View File

@ -31,7 +31,7 @@ psa_status_t psa_platfrom_lifecycle_get_impl(uint32_t *lc_state)
return PSA_LIFECYCLE_SUCCESS;
}
psa_its_status_t psa_its_reset();
psa_status_t psa_its_reset();
psa_status_t psa_platfrom_lifecycle_change_request_impl(uint32_t state)
{

2
components/TARGET_PSA/services/platform/COMPONENT_SPE/platform_partition.c
View File

@ -37,7 +37,7 @@ static psa_status_t lifecycle_get(psa_msg_t *msg)
return PSA_DROP_CONNECTION;
}
psa_its_status_t status = psa_platfrom_lifecycle_get_impl(&lc_state);
psa_status_t status = psa_platfrom_lifecycle_get_impl(&lc_state);
if (status == PSA_SUCCESS) {
psa_write(msg->handle, 0, &lc_state, sizeof(lc_state));
}

41
components/TARGET_PSA/services/psa_prot_internal_storage/COMPONENT_PSA_SRV_IMPL/pits_version_impl.h
View File

@ -1,41 +0,0 @@
/* Copyright (c) 2019 ARM Limited
*
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef __PITS_VER_IMPL_H__
#define __PITS_VER_IMPL_H__
#include "psa/internal_trusted_storage.h"
#ifdef __cplusplus
extern "C"
{
#endif
#define ITS_VERSION_KEY "PSA_ITS_VERSION" // ITS version entry identifier in TDBStore
typedef struct its_version {
uint32_t major;
uint32_t minor;
} its_version_t;
psa_its_status_t its_version_migrate(void *storage, const its_version_t *version);
#ifdef __cplusplus
}
#endif
#endif // __PITS_VER_IMPL_H__

154
components/TARGET_PSA/services/psa_prot_internal_storage/psa_prot_internal_storage.h
View File

@ -1,154 +0,0 @@
/* Copyright (C) 2019, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/** @file
@brief This file describes the PSA Internal Trusted Storage API
*/
#ifndef __INTERNAL_TRUSTED_STORAGE_H__
#define __INTERNAL_TRUSTED_STORAGE_H__
#include <stddef.h>
#include <stdint.h>
#ifdef __cplusplus
extern "C" {
#endif
#define PSA_ITS_API_VERSION_MAJOR 1 /**< The major version number of the PSA ITS API. It will be incremented on significant updates that may include breaking changes */
#define PSA_ITS_API_VERSION_MINOR 0 /**< The minor version number of the PSA ITS API. It will be incremented in small updates that are unlikely to include breaking changes */
/** \brief Flags used when creating a key
*/
typedef uint32_t psa_its_create_flags_t;
/** \brief A type for UIDs used for identifying data
*/
typedef uint64_t psa_its_uid_t;
#define PSA_ITS_FLAG_NONE 0 /**< No flags to pass */
#define PSA_ITS_FLAG_WRITE_ONCE ( 1 << 0 ) /**< The data associated with the key will not be able to be modified or deleted. Intended to be used to set bits in `psa_its_create_flags_t` */
/** Mask for all of the ITS Flags
*/
#define PSA_ITS_FLAGS_MSK ( \
PSA_ITS_FLAG_NONE | \
PSA_ITS_FLAG_WRITE_ONCE \
)
/**
* \brief A container for metadata associated with a specific key
*/
struct psa_its_info_t {
uint32_t size; /**< The size of the data associated with a key **/
psa_its_create_flags_t flags; /**< The flags set when the key was created **/
};
/**
* \brief The return status type for the PSA Trusted Storage functions
*/
typedef uint32_t psa_its_status_t;
#define PSA_ITS_SUCCESS 0 /**< The operation completed successfully */
#define PSA_ITS_ERROR_WRITE_ONCE 1 /**< The operation failed because the provided key value was already created with PSA_ITS_WRITE_ONCE_FLAG */
#define PSA_ITS_ERROR_FLAGS_NOT_SUPPORTED 2 /**< The operation failed because one or more of the flags provided in `create_flags` is not supported or is not valid */
#define PSA_ITS_ERROR_INSUFFICIENT_SPACE 3 /**< The operation failed because there was insufficient space on the storage medium */
#define PSA_ITS_ERROR_STORAGE_FAILURE 4 /**< The operation failed because the physical storage has failed (Fatal error) */
#define PSA_ITS_ERROR_INVALID_ARGUMENTS 5 /**< The operation failed because one of the provided pointers is invalid, for example is `NULL` or references memory the caller cannot access */
#define PSA_ITS_ERROR_UID_NOT_FOUND 6 /**< The operation failed because the provided key value was not found in the storage */
#define PSA_ITS_ERROR_INCORRECT_SIZE 7 /**< The operation failed because the data associated with provided key is not the same size as `data_size`, or `offset+data_size` is too large for the data, but `offset` is less than the size */
#define PSA_ITS_ERROR_OFFSET_INVALID 8 /**< The operation failed because an offset was supplied that is invalid for the existing data associated with the uid. For example, offset is greater that the size of the data */
/**
* \brief create a new or modify an existing uid/value pair
*
* \param[in] uid the identifier for the data
* \param[in] data_length The size in bytes of the data in `p_data`
* \param[in] p_data A buffer containing the data
* \param[in] create_flags The flags that the data will be stored with
*
* \return A status indicating the success/failure of the operation
* \retval PSA_ITS_SUCCESS The operation completed successfully
* \retval PSA_ITS_ERROR_WRITE_ONCE The operation failed because the provided `uid` value was already created with PSA_ITS_WRITE_ONCE_FLAG
* \retval PSA_ITS_ERROR_FLAGS_NOT_SUPPORTED The operation failed because one or more of the flags provided in `create_flags` is not supported or is not valid
* \retval PSA_ITS_ERROR_INSUFFICIENT_SPACE The operation failed because there was insufficient space on the storage medium
* \retval PSA_ITS_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
* \retval PSA_ITS_ERROR_INVALID_ARGUMENTS The operation failed because one of the provided pointers(`p_data`)
* is invalid, for example is `NULL` or references memory the caller cannot access
*/
psa_its_status_t psa_its_set(psa_its_uid_t uid,
uint32_t data_length,
const void *p_data,
psa_its_create_flags_t create_flags);
/**
* \brief Retrieve the value associated with a provided uid
*
* \param[in] uid The uid value
* \param[in] data_offset The starting offset of the data requested
* \param[in] data_length the amount of data requested (and the minimum allocated size of the `p_data` buffer)
* \param[out] p_data The buffer where the data will be placed upon successful completion
*
* \return A status indicating the success/failure of the operation
*
* \retval PSA_ITS_SUCCESS The operation completed successfully
* \retval PSA_ITS_ERROR_UID_NOT_FOUND The operation failed because the provided `uid` value was not found in the storage
* \retval PSA_ITS_ERROR_INCORRECT_SIZE The operation failed because the data associated with provided `uid` is not the same size as `data_size`
* \retval PSA_ITS_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
* \retval PSA_ITS_ERROR_INVALID_ARGUMENTS The operation failed because one of the provided pointers(`p_data`, `p_data_length`)
* is invalid. For example is `NULL` or references memory the caller cannot access
* \retval PSA_ITS_ERROR_OFFSET_INVALID The operation failed because an offset was supplied that is invalid for the existing data associated with the
* uid. For example, offset + size is invalid
*/
psa_its_status_t psa_its_get(psa_its_uid_t uid,
uint32_t data_offset,
uint32_t data_length,
void *p_data);
/**
* \brief Retrieve the metadata about the provided uid
*
* \param[in] uid The uid value
* \param[out] p_info A pointer to the `psa_its_info_t` struct that will be populated with the metadata
*
* \return A status indicating the success/failure of the operation
*
* \retval PSA_ITS_SUCCESS The operation completed successfully
* \retval PSA_ITS_ERROR_UID_NOT_FOUND The operation failed because the provided uid value was not found in the storage
* \retval PSA_ITS_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
* \retval PSA_ITS_ERROR_INVALID_ARGUMENTS The operation failed because one of the provided pointers(`p_info`)
* is invalid, for example is `NULL` or references memory the caller cannot access
*/
psa_its_status_t psa_its_get_info(psa_its_uid_t uid,
struct psa_its_info_t *p_info);
/**
* \brief Remove the provided key and its associated data from the storage
*
* \param[in] uid The uid value
*
* \return A status indicating the success/failure of the operation
*
* \retval PSA_ITS_SUCCESS The operation completed successfully
* \retval PSA_ITS_ERROR_UID_NOT_FOUND The operation failed because the provided key value was not found in the storage
* \retval PSA_ITS_ERROR_WRITE_ONCE The operation failed because the provided key value was created with psa_its_WRITE_ONCE_FLAG
* \retval PSA_ITS_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
*/
psa_its_status_t psa_its_remove(psa_its_uid_t uid);
#ifdef __cplusplus
}
#endif
#endif // __INTERNAL_TRUSTED_STORAGE_H__

200
components/TARGET_PSA/services/psa_prot_internal_storage/COMPONENT_PSA_SRV_IMPL/pits_impl.cpp → components/TARGET_PSA/services/storage/common/psa_storage_common_impl.cpp
View File

@ -16,43 +16,26 @@
*/
#include <cstring>
#include "KVStore.h"
#include "TDBStore.h"
#include "psa/internal_trusted_storage.h"
#include "pits_impl.h"
#include "pits_version_impl.h"
#include "psa_storage_common_impl.h"
#include "mbed_error.h"
#include "mbed_assert.h"
#include "mbed_toolchain.h"
#if defined(TARGET_TFM)
using namespace mbed;
KVStore *get_its_kvstore_instance(void);
#else
#include "KVMap.h"
using namespace mbed;
/*
* \brief Get default KVStore instance for internal flesh storage
*
* \return valid pointer to KVStore
*/
KVStore *get_its_kvstore_instance(void)
#ifdef __cplusplus
extern "C"
{
KVMap &kv_map = KVMap::get_instance();
return kv_map.get_internal_kv_instance(STR_EXPAND(MBED_CONF_STORAGE_DEFAULT_KV));
}
#endif // defined(TARGET_TFM)
#endif
// Maximum length of filename we use for kvstore API.
// pid: 6; delimiter: 1; uid: 11; str terminator: 1
#define PSA_ITS_FILENAME_MAX_LEN 19
#define PSA_STORAGE_FILE_NAME_MAX 19
#define FLAGS_MSK PSA_STORAGE_FLAG_WRITE_ONCE
#define STR_EXPAND(tok) #tok
const uint8_t base64_coding_table[] = {
'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H',
@ -65,65 +48,41 @@ const uint8_t base64_coding_table[] = {
'4', '5', '6', '7', '8', '9', '+', '-'
};
static KVStore *kvstore = NULL;
MBED_WEAK psa_its_status_t its_version_migrate(void *storage, const its_version_t *version)
void psa_storage_handle_version(KVStore *kvstore, const char *version_key, const psa_storage_version_t *curr_version,
migrate_func_t migrate_func)
{
(void)storage;
(void)version;
return PSA_ITS_SUCCESS;
}
static void its_init(void)
{
kvstore = get_its_kvstore_instance();
if (!kvstore) {
// Can only happen due to system misconfiguration.
// Thus considered as unrecoverable error for runtime.
error("Failed getting kvstore instance\n");
}
its_version_t version = { 0, 0 };
psa_storage_version_t read_version = {0, 0};
size_t actual_size = 0;
KVStore::info_t kv_info;
bool write_version = false;
int status = kvstore->get_info(ITS_VERSION_KEY, &kv_info);
if (status != MBED_SUCCESS) {
version.major = PSA_ITS_API_VERSION_MAJOR;
version.minor = PSA_ITS_API_VERSION_MINOR;
int status = kvstore->get(version_key, &read_version, sizeof(read_version), &actual_size, 0);
if (status == MBED_SUCCESS) {
if (actual_size != sizeof(read_version)) {
error("PSA storage version data is corrupt");
}
} else if (status == MBED_ERROR_ITEM_NOT_FOUND) {
write_version = true;
} else {
if (kv_info.size != sizeof(version)) {
error("ITS version data is corrupt");
}
status = kvstore->get(ITS_VERSION_KEY, &version, sizeof(version), &actual_size, 0);
if ((status != MBED_SUCCESS) ||
((status == MBED_SUCCESS) && (actual_size != sizeof(version)))) {
error("Could not read ITS version data");
}
error("Could not read PSA storage version data");
}
if ((version.major > PSA_ITS_API_VERSION_MAJOR) ||
((version.major == PSA_ITS_API_VERSION_MAJOR) && (version.minor > PSA_ITS_API_VERSION_MINOR))) {
error("Downgrading ITS version is not allowed");
if ((read_version.major > curr_version->major) ||
((read_version.major == curr_version->major) && (read_version.minor > curr_version->minor))) {
error("Downgrading PSA storage version is not allowed");
}
if ((version.major < PSA_ITS_API_VERSION_MAJOR) ||
((version.major == PSA_ITS_API_VERSION_MAJOR) && (version.minor < PSA_ITS_API_VERSION_MINOR))) {
psa_its_status_t migration_status = its_version_migrate(kvstore, &version);
if (migration_status != PSA_ITS_SUCCESS) {
error("ITS migration failed");
if ((read_version.major < curr_version->major) ||
((read_version.major == curr_version->major) && (read_version.minor < curr_version->minor))) {
psa_status_t migration_status = migrate_func(kvstore, &read_version, curr_version);
if (migration_status != PSA_SUCCESS) {
error("PSA storage migration failed");
}
version.major = PSA_ITS_API_VERSION_MAJOR;
version.minor = PSA_ITS_API_VERSION_MINOR;
write_version = true;
}
if (write_version) {
if (kvstore->set(ITS_VERSION_KEY, &version, sizeof(version), 0) != MBED_SUCCESS) {
error("Could not write PSA ITS version");
if (kvstore->set(version_key, curr_version, sizeof(psa_storage_version_t), 0) != MBED_SUCCESS) {
error("Could not write PSA storage version");
}
}
}
@ -134,19 +93,29 @@ static void its_init(void)
* \param[in] status - KVStore status code
* \return PSA internal storage status code
*/
static psa_its_status_t convert_status(int status)
static psa_status_t convert_status(int status)
{
switch (status) {
case MBED_SUCCESS:
return PSA_ITS_SUCCESS;
return PSA_SUCCESS;
case MBED_ERROR_WRITE_PROTECTED:
return PSA_ITS_ERROR_WRITE_ONCE;
return PSA_ERROR_NOT_PERMITTED;
case MBED_ERROR_MEDIA_FULL:
return PSA_ITS_ERROR_INSUFFICIENT_SPACE;
return PSA_ERROR_INSUFFICIENT_STORAGE;
case MBED_ERROR_ITEM_NOT_FOUND:
return PSA_ITS_ERROR_UID_NOT_FOUND;
return PSA_ERROR_DOES_NOT_EXIST;
case MBED_ERROR_INVALID_DATA_DETECTED:
return PSA_ERROR_DATA_CORRUPT;
case MBED_ERROR_INVALID_ARGUMENT:
return PSA_ERROR_INVALID_ARGUMENT;
case MBED_ERROR_READ_FAILED: // fallthrough
case MBED_ERROR_WRITE_FAILED:
return PSA_ERROR_STORAGE_FAILURE;
case MBED_ERROR_AUTHENTICATION_FAILED: // fallthrough
case MBED_ERROR_RBP_AUTHENTICATION_FAILED:
return PSA_ERROR_INVALID_SIGNATURE;
default:
return PSA_ITS_ERROR_STORAGE_FAILURE;
return PSA_ERROR_GENERIC_ERROR;
}
}
@ -187,10 +156,10 @@ MBED_FORCEINLINE uint64_t lsr64(uint64_t x, uint32_t n)
* \param[in] uid - PSA internal storage unique ID
* \param[in] pid - owner PSA partition ID
*/
static void generate_fn(char *tdb_filename, uint32_t tdb_filename_size, psa_its_uid_t uid, int32_t pid)
static void generate_fn(char *tdb_filename, uint32_t tdb_filename_size, psa_storage_uid_t uid, int32_t pid)
{
MBED_ASSERT(tdb_filename != NULL);
MBED_ASSERT(tdb_filename_size == PSA_ITS_FILENAME_MAX_LEN);
MBED_ASSERT(tdb_filename_size == PSA_STORAGE_FILE_NAME_MAX);
uint8_t filename_idx = 0;
uint32_t unsigned_pid = (uint32_t)pid; // binary only representation for bitwise operations
@ -211,25 +180,23 @@ static void generate_fn(char *tdb_filename, uint32_t tdb_filename_size, psa_its_
} while (uid != 0);
tdb_filename[filename_idx++] = '\0';
MBED_ASSERT(filename_idx <= PSA_ITS_FILENAME_MAX_LEN);
MBED_ASSERT(filename_idx <= PSA_STORAGE_FILE_NAME_MAX);
}
psa_its_status_t psa_its_set_impl(int32_t pid, psa_its_uid_t uid, uint32_t data_length, const void *p_data, psa_its_create_flags_t create_flags)
psa_status_t psa_storage_set_impl(KVStore *kvstore, int32_t pid, psa_storage_uid_t uid,
uint32_t data_length, const void *p_data,
psa_storage_create_flags_t create_flags)
{
if (!kvstore) {
its_init();
}
if ((create_flags & (~PSA_ITS_FLAGS_MSK)) != 0) {
return PSA_ITS_ERROR_FLAGS_NOT_SUPPORTED;
if ((create_flags & (~FLAGS_MSK)) != 0) {
return PSA_ERROR_NOT_SUPPORTED;
}
// Generate KVStore key
char kv_key[PSA_ITS_FILENAME_MAX_LEN] = {'\0'};
generate_fn(kv_key, PSA_ITS_FILENAME_MAX_LEN, uid, pid);
char kv_key[PSA_STORAGE_FILE_NAME_MAX] = {'\0'};
generate_fn(kv_key, PSA_STORAGE_FILE_NAME_MAX, uid, pid);
uint32_t kv_create_flags = 0;
if (create_flags & PSA_ITS_FLAG_WRITE_ONCE) {
if (create_flags & PSA_STORAGE_FLAG_WRITE_ONCE) {
kv_create_flags = KVStore::WRITE_ONCE_FLAG;
}
@ -238,55 +205,46 @@ psa_its_status_t psa_its_set_impl(int32_t pid, psa_its_uid_t uid, uint32_t data_
return convert_status(status);
}
psa_its_status_t psa_its_get_impl(int32_t pid, psa_its_uid_t uid, uint32_t data_offset, uint32_t data_length, void *p_data)
psa_status_t psa_storage_get_impl(KVStore *kvstore, int32_t pid, psa_storage_uid_t uid,
uint32_t data_offset, uint32_t data_length, void *p_data)
{
if (!kvstore) {
its_init();
}
// Generate KVStore key
char kv_key[PSA_ITS_FILENAME_MAX_LEN] = {'\0'};
generate_fn(kv_key, PSA_ITS_FILENAME_MAX_LEN, uid, pid);
char kv_key[PSA_STORAGE_FILE_NAME_MAX] = {'\0'};
generate_fn(kv_key, PSA_STORAGE_FILE_NAME_MAX, uid, pid);
KVStore::info_t kv_info;
int status = kvstore->get_info(kv_key, &kv_info);
if (status == MBED_SUCCESS) {
if (data_offset > kv_info.size) {
return PSA_ITS_ERROR_OFFSET_INVALID;
return PSA_ERROR_INVALID_ARGUMENT;
}
// Verify (size + offset) does not wrap around
if (data_length + data_offset < data_length) {
return PSA_ITS_ERROR_INCORRECT_SIZE;
return PSA_ERROR_INVALID_ARGUMENT;
}
if (data_offset + data_length > kv_info.size) {
return PSA_ITS_ERROR_INCORRECT_SIZE;
return PSA_ERROR_BUFFER_TOO_SMALL;
}
size_t actual_size = 0;
status = kvstore->get(kv_key, p_data, data_length, &actual_size, data_offset);
if (status == MBED_SUCCESS) {
if (actual_size < data_length) {
status = PSA_ITS_ERROR_INCORRECT_SIZE;
}
if ((status == MBED_SUCCESS) && (actual_size < data_length)) {
return PSA_ERROR_BUFFER_TOO_SMALL;
}
}
return convert_status(status);
}
psa_its_status_t psa_its_get_info_impl(int32_t pid, psa_its_uid_t uid, struct psa_its_info_t *p_info)
psa_status_t psa_storage_get_info_impl(KVStore *kvstore, int32_t pid, psa_storage_uid_t uid,
struct psa_storage_info_t *p_info)
{
if (!kvstore) {
its_init();
}
// Generate KVStore key
char kv_key[PSA_ITS_FILENAME_MAX_LEN] = {'\0'};
generate_fn(kv_key, PSA_ITS_FILENAME_MAX_LEN, uid, pid);
char kv_key[PSA_STORAGE_FILE_NAME_MAX] = {'\0'};
generate_fn(kv_key, PSA_STORAGE_FILE_NAME_MAX, uid, pid);
KVStore::info_t kv_info;
int status = kvstore->get_info(kv_key, &kv_info);
@ -294,7 +252,7 @@ psa_its_status_t psa_its_get_info_impl(int32_t pid, psa_its_uid_t uid, struct ps
if (status == MBED_SUCCESS) {
p_info->flags = 0;
if (kv_info.flags & KVStore::WRITE_ONCE_FLAG) {
p_info->flags |= PSA_ITS_FLAG_WRITE_ONCE;
p_info->flags |= PSA_STORAGE_FLAG_WRITE_ONCE;
}
p_info->size = (uint32_t)(kv_info.size); // kv_info.size is of type size_t
}
@ -302,27 +260,23 @@ psa_its_status_t psa_its_get_info_impl(int32_t pid, psa_its_uid_t uid, struct ps
return convert_status(status);
}
psa_its_status_t psa_its_remove_impl(int32_t pid, psa_its_uid_t uid)
psa_status_t psa_storage_remove_impl(KVStore *kvstore, int32_t pid, psa_storage_uid_t uid)
{
if (!kvstore) {
its_init();
}
// Generate KVStore key
char kv_key[PSA_ITS_FILENAME_MAX_LEN] = {'\0'};
generate_fn(kv_key, PSA_ITS_FILENAME_MAX_LEN, uid, pid);
char kv_key[PSA_STORAGE_FILE_NAME_MAX] = {'\0'};
generate_fn(kv_key, PSA_STORAGE_FILE_NAME_MAX, uid, pid);
int status = kvstore->remove(kv_key);
return convert_status(status);
}
psa_its_status_t psa_its_reset_impl()
psa_status_t psa_storage_reset_impl(KVStore *kvstore)
{
if (!kvstore) {
its_init();
}
int status = kvstore->reset();
return convert_status(status);
}
#ifdef __cplusplus
}
#endif

50
components/TARGET_PSA/services/storage/common/psa_storage_common_impl.h Normal file
View File

@ -0,0 +1,50 @@
/* Copyright (c) 2019 ARM Limited
*
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef __PSA_STORAGE_COMMON_IMPL_H__
#define __PSA_STORAGE_COMMON_IMPL_H__
#include "psa/error.h"
#include "psa/storage_common.h"
#include "KVStore.h"
#ifdef __cplusplus
extern "C"
{
#endif
typedef struct {
uint32_t major;
uint32_t minor;
} psa_storage_version_t;
typedef psa_status_t (*migrate_func_t)(mbed::KVStore *kvstore, const psa_storage_version_t *old_version, const psa_storage_version_t *new_version);
void psa_storage_handle_version(mbed::KVStore *kvstore, const char *version_key, const psa_storage_version_t *version,
migrate_func_t migrate_func);
psa_status_t psa_storage_set_impl(mbed::KVStore *kvstore, int32_t pid, psa_storage_uid_t uid, uint32_t data_length, const void *p_data, psa_storage_create_flags_t create_flags);
psa_status_t psa_storage_get_impl(mbed::KVStore *kvstore, int32_t pid, psa_storage_uid_t uid, uint32_t data_offset, uint32_t data_length, void *p_data);
psa_status_t psa_storage_get_info_impl(mbed::KVStore *kvstore, int32_t pid, psa_storage_uid_t uid, struct psa_storage_info_t *p_info);
psa_status_t psa_storage_remove_impl(mbed::KVStore *kvstore, int32_t pid, psa_storage_uid_t uid);
psa_status_t psa_storage_reset_impl(mbed::KVStore *kvstore);
#ifdef __cplusplus
}
#endif
#endif // __PSA_STORAGE_COMMON_IMPL_H__

29
components/TARGET_PSA/services/psa_prot_internal_storage/COMPONENT_PSA_SRV_EMUL/psa_prot_internal_storage.cpp → components/TARGET_PSA/services/storage/its/COMPONENT_PSA_SRV_EMUL/psa_prot_internal_storage.cpp
View File

@ -19,6 +19,7 @@
#include <string.h>
#include "psa/internal_trusted_storage.h"
#include "psa/storage_common.h"
#include "pits_impl.h"
#include "kv_config.h"
#include "mbed_error.h"
@ -27,10 +28,10 @@
// So here we set a global pid value to be used for when calling IMPL functions
#define PSA_ITS_EMUL_PID 1
psa_its_status_t psa_its_set(psa_its_uid_t uid, uint32_t data_length, const void *p_data, psa_its_create_flags_t create_flags)
psa_status_t psa_its_set(psa_storage_uid_t uid, uint32_t data_length, const void *p_data, psa_storage_create_flags_t create_flags)
{
if (!p_data && data_length) {
return PSA_ITS_ERROR_INVALID_ARGUMENTS;
return PSA_ERROR_INVALID_ARGUMENT;
}
// KVStore initiation:
@ -38,18 +39,18 @@ psa_its_status_t psa_its_set(psa_its_uid_t uid, uint32_t data_length, const void
// - Repeating calls has no effect
int kv_status = kv_init_storage_config();
if (kv_status != MBED_SUCCESS) {
return PSA_ITS_ERROR_STORAGE_FAILURE;
return PSA_ERROR_STORAGE_FAILURE;
}
psa_its_status_t res = psa_its_set_impl(PSA_ITS_EMUL_PID, uid, data_length, p_data, create_flags);
psa_status_t res = psa_its_set_impl(PSA_ITS_EMUL_PID, uid, data_length, p_data, create_flags);
return res;
}
psa_its_status_t psa_its_get(psa_its_uid_t uid, uint32_t data_offset, uint32_t data_length, void *p_data)
psa_status_t psa_its_get(psa_storage_uid_t uid, uint32_t data_offset, uint32_t data_length, void *p_data)
{
if (!p_data && data_length) {
return PSA_ITS_ERROR_INVALID_ARGUMENTS;
return PSA_ERROR_INVALID_ARGUMENT;
}
// KVStore initiation:
@ -57,16 +58,16 @@ psa_its_status_t psa_its_get(psa_its_uid_t uid, uint32_t data_offset, uint32_t d
// - Repeating calls has no effect
int kv_status = kv_init_storage_config();
if (kv_status != MBED_SUCCESS) {
return PSA_ITS_ERROR_STORAGE_FAILURE;
return PSA_ERROR_STORAGE_FAILURE;
}
return psa_its_get_impl(PSA_ITS_EMUL_PID, uid, data_offset, data_length, p_data);
}
psa_its_status_t psa_its_get_info(psa_its_uid_t uid, struct psa_its_info_t *p_info)
psa_status_t psa_its_get_info(psa_storage_uid_t uid, struct psa_storage_info_t *p_info)
{
if (!p_info) {
return PSA_ITS_ERROR_INVALID_ARGUMENTS;
return PSA_ERROR_INVALID_ARGUMENT;
}
// KVStore initiation:
@ -74,33 +75,33 @@ psa_its_status_t psa_its_get_info(psa_its_uid_t uid, struct psa_its_info_t *p_in
// - Repeating calls has no effect
int kv_status = kv_init_storage_config();
if (kv_status != MBED_SUCCESS) {
return PSA_ITS_ERROR_STORAGE_FAILURE;
return PSA_ERROR_STORAGE_FAILURE;
}
return psa_its_get_info_impl(PSA_ITS_EMUL_PID, uid, p_info);
}
psa_its_status_t psa_its_remove(psa_its_uid_t uid)
psa_status_t psa_its_remove(psa_storage_uid_t uid)
{
// KVStore initiation:
// - In EMUL (non-secure single core) we do it here since we don't have another context to do it inside.
// - Repeating calls has no effect
int kv_status = kv_init_storage_config();
if (kv_status != MBED_SUCCESS) {
return PSA_ITS_ERROR_STORAGE_FAILURE;
return PSA_ERROR_STORAGE_FAILURE;
}
return psa_its_remove_impl(PSA_ITS_EMUL_PID, uid);
}
extern "C" psa_its_status_t psa_its_reset()
extern "C" psa_status_t psa_its_reset()
{
// KVStore initiation:
// - In EMUL (non-secure single core) we do it here since we don't have another context to do it inside.
// - Repeating calls has no effect
int kv_status = kv_init_storage_config();
if (kv_status != MBED_SUCCESS) {
return PSA_ITS_ERROR_STORAGE_FAILURE;
return PSA_ERROR_STORAGE_FAILURE;
}
return psa_its_reset_impl();

3
components/TARGET_PSA/services/psa_prot_internal_storage/COMPONENT_PSA_SRV_IMPL/TARGET_TFM/its_tfm_impl.cpp → components/TARGET_PSA/services/storage/its/COMPONENT_PSA_SRV_IMPL/TARGET_TFM/its_tfm_impl.cpp
View File

@ -142,8 +142,7 @@ KVStore *get_its_kvstore_instance(void)
{
return internal_store;
}
int kv_init_storage_config()
extern "C" int kv_init_storage_config()
{
int ret = MBED_SUCCESS;

140
components/TARGET_PSA/services/storage/its/COMPONENT_PSA_SRV_IMPL/pits_impl.cpp Normal file
View File

@ -0,0 +1,140 @@
/* Copyright (c) 2019 ARM Limited
*
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include <cstring>
#include "KVStore.h"
#include "TDBStore.h"
#include "psa/internal_trusted_storage.h"
#include "psa_storage_common_impl.h"
#include "pits_impl.h"
#include "mbed_error.h"
#include "mbed_toolchain.h"
using namespace mbed;
#if defined(TARGET_TFM)
KVStore *get_its_kvstore_instance(void);
#else
#include "KVMap.h"
#endif
#ifdef __cplusplus
extern "C"
{
#endif
#define STR_EXPAND(tok) #tok
#define ITS_VERSION_KEY "PSA_ITS_VERSION" // ITS version entry identifier in TDBStore
static KVStore *kvstore = NULL;
MBED_WEAK psa_status_t its_version_migrate(KVStore *kvstore,
const psa_storage_version_t *old_version, const psa_storage_version_t *new_version)
{
(void)kvstore;
(void)old_version;
(void)new_version;
return PSA_SUCCESS;
}
static void its_init(void)
{
#if defined(TARGET_TFM)
kvstore = get_its_kvstore_instance();
#else
KVMap &kv_map = KVMap::get_instance();
kvstore = kv_map.get_internal_kv_instance(STR_EXPAND(MBED_CONF_STORAGE_DEFAULT_KV));
#endif
psa_storage_version_t version = {PSA_ITS_API_VERSION_MAJOR, PSA_ITS_API_VERSION_MINOR};
if (!kvstore) {
// Can only happen due to system misconfiguration.
// Thus considered as unrecoverable error for runtime.
error("Failed getting kvstore instance\n");
}
psa_storage_handle_version(kvstore, ITS_VERSION_KEY, &version, its_version_migrate);
}
// used from test only
void its_deinit(void)
{
kvstore = NULL;
}
psa_status_t psa_its_set_impl(int32_t pid, psa_storage_uid_t uid, uint32_t data_length, const void *p_data, psa_storage_create_flags_t create_flags)
{
if (!kvstore) {
its_init();
}
return psa_storage_set_impl(kvstore, pid, uid, data_length, p_data, create_flags);
}
psa_status_t psa_its_get_impl(int32_t pid, psa_storage_uid_t uid, uint32_t data_offset, uint32_t data_length, void *p_data)
{
if (!kvstore) {
its_init();
}
return psa_storage_get_impl(kvstore, pid, uid, data_offset, data_length, p_data);
}
psa_status_t psa_its_get_info_impl(int32_t pid, psa_storage_uid_t uid, struct psa_storage_info_t *p_info)
{
if (!kvstore) {
its_init();
}
return psa_storage_get_info_impl(kvstore, pid, uid, p_info);
}
psa_status_t psa_its_remove_impl(int32_t pid, psa_storage_uid_t uid)
{
if (!kvstore) {
its_init();
}
return psa_storage_remove_impl(kvstore, pid, uid);
}
psa_status_t psa_its_reset_impl()
{
// Do not call its_init here to avoid version check before reset
#if defined(TARGET_TFM)
kvstore = get_its_kvstore_instance();
#else
KVMap &kv_map = KVMap::get_instance();
kvstore = kv_map.get_internal_kv_instance(STR_EXPAND(MBED_CONF_STORAGE_DEFAULT_KV));
#endif
if (!kvstore) {
// Can only happen due to system misconfiguration.
// Thus considered as unrecoverable error for runtime.
error("Failed getting kvstore instance\n");
}
return psa_storage_reset_impl(kvstore);
}
#ifdef __cplusplus
}
#endif

21
components/TARGET_PSA/services/psa_prot_internal_storage/COMPONENT_PSA_SRV_IMPL/pits_impl.h → components/TARGET_PSA/services/storage/its/COMPONENT_PSA_SRV_IMPL/pits_impl.h
View File

@ -18,26 +18,19 @@
#ifndef __PITS_IMPL_H__
#define __PITS_IMPL_H__
#include "psa/internal_trusted_storage.h"
#include "psa/error.h"
#include "psa/storage_common.h"
#ifdef __cplusplus
extern "C"
{
#endif
#if defined(TARGET_TFM) && defined(COMPONENT_SPE)
extern int kv_init_storage_config();
#endif
#define PITS_DATA_PTR_AT_OFFSET(ptr, offset) ((void *)(((uintptr_t)ptr) + ((uintptr_t)offset)))
#define STR_EXPAND(tok) #tok
psa_its_status_t psa_its_set_impl(int32_t pid, psa_its_uid_t uid, uint32_t data_length, const void *p_data, psa_its_create_flags_t create_flags);
psa_its_status_t psa_its_get_impl(int32_t pid, psa_its_uid_t uid, uint32_t data_offset, uint32_t data_length, void *p_data);
psa_its_status_t psa_its_get_info_impl(int32_t pid, psa_its_uid_t uid, struct psa_its_info_t *p_info);
psa_its_status_t psa_its_remove_impl(int32_t pid, psa_its_uid_t uid);
psa_its_status_t psa_its_reset_impl();
psa_its_status_t psa_its_reset_impl(void);
psa_status_t psa_its_set_impl(int32_t pid, psa_storage_uid_t uid, uint32_t data_length, const void *p_data, psa_storage_create_flags_t create_flags);
psa_status_t psa_its_get_impl(int32_t pid, psa_storage_uid_t uid, uint32_t data_offset, uint32_t data_length, void *p_data);
psa_status_t psa_its_get_info_impl(int32_t pid, psa_storage_uid_t uid, struct psa_storage_info_t *p_info);
psa_status_t psa_its_remove_impl(int32_t pid, psa_storage_uid_t uid);
psa_status_t psa_its_reset_impl();
#ifdef __cplusplus
}

39
components/TARGET_PSA/services/psa_prot_internal_storage/COMPONENT_PSA_SRV_IPC/psa_prot_internal_storage.c → components/TARGET_PSA/services/storage/its/COMPONENT_PSA_SRV_IPC/psa_prot_internal_storage.c
View File

@ -16,13 +16,14 @@
*/
#include "psa/client.h"
#include "psa/storage_common.h"
#include "psa/internal_trusted_storage.h"
#include "psa_its_ifs.h"
psa_its_status_t psa_its_set(psa_its_uid_t uid, uint32_t data_length, const void *p_data, psa_its_create_flags_t create_flags)
psa_status_t psa_its_set(psa_storage_uid_t uid, uint32_t data_length, const void *p_data, psa_storage_create_flags_t create_flags)
{
if (!p_data && data_length) {
return PSA_ITS_ERROR_INVALID_ARGUMENTS;
return PSA_ERROR_INVALID_ARGUMENT;
}
psa_invec msg[3] = {
@ -33,22 +34,22 @@ psa_its_status_t psa_its_set(psa_its_uid_t uid, uint32_t data_length, const void
psa_handle_t conn = psa_connect(PSA_ITS_SET, 1);
if (conn <= PSA_NULL_HANDLE) {
return PSA_ITS_ERROR_STORAGE_FAILURE;
return PSA_ERROR_STORAGE_FAILURE;
}
psa_status_t status = psa_call(conn, msg, 3, NULL, 0);
if (status == PSA_DROP_CONNECTION) {
status = PSA_ITS_ERROR_STORAGE_FAILURE;
status = PSA_ERROR_STORAGE_FAILURE;
}
psa_close(conn);
return status;
}
psa_its_status_t psa_its_get(psa_its_uid_t uid, uint32_t data_offset, uint32_t data_length, void *p_data)
psa_status_t psa_its_get(psa_storage_uid_t uid, uint32_t data_offset, uint32_t data_length, void *p_data)
{
if (!p_data && data_length) {
return PSA_ITS_ERROR_INVALID_ARGUMENTS;
return PSA_ERROR_INVALID_ARGUMENT;
}
psa_invec msg[2] = {
@ -59,31 +60,31 @@ psa_its_status_t psa_its_get(psa_its_uid_t uid, uint32_t data_offset, uint32_t d
psa_handle_t conn = psa_connect(PSA_ITS_GET, 1);
if (conn <= PSA_NULL_HANDLE) {
return PSA_ITS_ERROR_STORAGE_FAILURE;
return PSA_ERROR_STORAGE_FAILURE;
}
psa_status_t status = psa_call(conn, msg, 2, &resp, 1);
if (status == PSA_DROP_CONNECTION) {
status = PSA_ITS_ERROR_STORAGE_FAILURE;
status = PSA_ERROR_STORAGE_FAILURE;
}
psa_close(conn);
return status;
}
psa_its_status_t psa_its_get_info(psa_its_uid_t uid, struct psa_its_info_t *p_info)
psa_status_t psa_its_get_info(psa_storage_uid_t uid, struct psa_storage_info_t *p_info)
{
if (!p_info) {
return PSA_ITS_ERROR_INVALID_ARGUMENTS;
return PSA_ERROR_INVALID_ARGUMENT;
}
struct psa_its_info_t info = { 0, PSA_ITS_FLAG_NONE };
struct psa_storage_info_t info = { 0, PSA_STORAGE_FLAG_NONE };
psa_invec msg = { &uid, sizeof(uid) };
psa_outvec resp = { &info, sizeof(info) };
psa_handle_t conn = psa_connect(PSA_ITS_INFO, 1);
if (conn <= PSA_NULL_HANDLE) {
return PSA_ITS_ERROR_STORAGE_FAILURE;
return PSA_ERROR_STORAGE_FAILURE;
}
psa_status_t status = psa_call(conn, &msg, 1, &resp, 1);
@ -91,40 +92,40 @@ psa_its_status_t psa_its_get_info(psa_its_uid_t uid, struct psa_its_info_t *p_in
*p_info = info;
if (status == PSA_DROP_CONNECTION) {
status = PSA_ITS_ERROR_STORAGE_FAILURE;
status = PSA_ERROR_STORAGE_FAILURE;
}
psa_close(conn);
return status;
}
psa_its_status_t psa_its_remove(psa_its_uid_t uid)
psa_status_t psa_its_remove(psa_storage_uid_t uid)
{
psa_invec msg = { &uid, sizeof(uid) };
psa_handle_t conn = psa_connect(PSA_ITS_REMOVE, 1);
if (conn <= PSA_NULL_HANDLE) {
return PSA_ITS_ERROR_STORAGE_FAILURE;
return PSA_ERROR_STORAGE_FAILURE;
}
psa_status_t status = psa_call(conn, &msg, 1, NULL, 0);
if (status == PSA_DROP_CONNECTION) {
status = PSA_ITS_ERROR_STORAGE_FAILURE;
status = PSA_ERROR_STORAGE_FAILURE;
}
psa_close(conn);
return status;
}
psa_its_status_t psa_its_reset()
psa_status_t psa_its_reset()
{
psa_handle_t conn = psa_connect(PSA_ITS_RESET, 1);
if (conn <= PSA_NULL_HANDLE) {
return PSA_ITS_ERROR_STORAGE_FAILURE;
return PSA_ERROR_STORAGE_FAILURE;
}
psa_status_t status = psa_call(conn, NULL, 0, NULL, 0);
if (status == PSA_DROP_CONNECTION) {
status = PSA_ITS_ERROR_STORAGE_FAILURE;
status = PSA_ERROR_STORAGE_FAILURE;
}
psa_close(conn);

0
components/TARGET_PSA/services/psa_prot_internal_storage/COMPONENT_SPE/TARGET_MBED_SPM/psa_its_partition.c → components/TARGET_PSA/services/storage/its/COMPONENT_SPE/TARGET_MBED_SPM/psa_its_partition.c
View File

34
components/TARGET_PSA/services/psa_prot_internal_storage/COMPONENT_SPE/its_partition.c → components/TARGET_PSA/services/storage/its/COMPONENT_SPE/its_partition.c
View File

@ -44,10 +44,10 @@ typedef psa_status_t (*SignalHandler)(psa_msg_t *);
static psa_status_t storage_set(psa_msg_t *msg)
{
psa_its_uid_t key = 0;
psa_storage_uid_t key = 0;
void *data = NULL;
uint32_t alloc_size = msg->in_size[1];
psa_its_create_flags_t flags = 0;
psa_storage_create_flags_t flags = 0;
if ((msg->in_size[0] != sizeof(key)) || (msg->in_size[2] != sizeof(flags))) {
return PSA_DROP_CONNECTION;
@ -63,17 +63,17 @@ static psa_status_t storage_set(psa_msg_t *msg)
data = malloc(alloc_size);
if (data == NULL) {
return PSA_ITS_ERROR_STORAGE_FAILURE;
return PSA_ERROR_STORAGE_FAILURE;
}
if (psa_read(msg->handle, 1, data, msg->in_size[1]) != msg->in_size[1]) {
free(data);
return PSA_ITS_ERROR_STORAGE_FAILURE;
return PSA_ERROR_STORAGE_FAILURE;
}
#if defined(TARGET_MBED_SPM)
psa_its_status_t status = psa_its_set_impl(psa_identity(msg->handle), key, alloc_size, data, flags);
psa_status_t status = psa_its_set_impl(psa_identity(msg->handle), key, alloc_size, data, flags);
#else
psa_its_status_t status = psa_its_set_impl(msg->client_id, key, alloc_size, data, flags);
psa_status_t status = psa_its_set_impl(msg->client_id, key, alloc_size, data, flags);
#endif
memset(data, 0, alloc_size);
free(data);
@ -82,7 +82,7 @@ static psa_status_t storage_set(psa_msg_t *msg)
static psa_status_t storage_get(psa_msg_t *msg)
{
psa_its_uid_t key = 0;
psa_storage_uid_t key = 0;
uint32_t offset = 0;
if ((msg->in_size[0] != sizeof(key)) || (msg->in_size[1] != sizeof(offset))) {
@ -99,16 +99,16 @@ static psa_status_t storage_get(psa_msg_t *msg)
uint8_t *data = (uint8_t *)malloc(msg->out_size[0]);
if (data == NULL) {
return PSA_ITS_ERROR_STORAGE_FAILURE;
return PSA_ERROR_STORAGE_FAILURE;
}
#if defined(TARGET_MBED_SPM)
psa_its_status_t status = psa_its_get_impl(psa_identity(msg->handle), key, offset, msg->out_size[0], data);
psa_status_t status = psa_its_get_impl(psa_identity(msg->handle), key, offset, msg->out_size[0], data);
#else
psa_its_status_t status = psa_its_get_impl(msg->client_id, key, offset, msg->out_size[0], data);
psa_status_t status = psa_its_get_impl(msg->client_id, key, offset, msg->out_size[0], data);
#endif
if (status == PSA_ITS_SUCCESS) {
if (status == PSA_SUCCESS) {
psa_write(msg->handle, 0, data, msg->out_size[0]);
}
@ -119,8 +119,8 @@ static psa_status_t storage_get(psa_msg_t *msg)
static psa_status_t storage_info(psa_msg_t *msg)
{
struct psa_its_info_t info = { 0 };
psa_its_uid_t key = 0;
struct psa_storage_info_t info = { 0 };
psa_storage_uid_t key = 0;
if ((msg->in_size[0] != sizeof(key)) || (msg->out_size[0] != sizeof(info))) {
return PSA_DROP_CONNECTION;
@ -131,12 +131,12 @@ static psa_status_t storage_info(psa_msg_t *msg)
}
#if defined(TARGET_MBED_SPM)
psa_its_status_t status = psa_its_get_info_impl(psa_identity(msg->handle), key, &info);
psa_status_t status = psa_its_get_info_impl(psa_identity(msg->handle), key, &info);
#else
psa_its_status_t status = psa_its_get_info_impl(msg->client_id, key, &info);
psa_status_t status = psa_its_get_info_impl(msg->client_id, key, &info);
#endif
if (status == PSA_ITS_SUCCESS) {
if (status == PSA_SUCCESS) {
psa_write(msg->handle, 0, &info, msg->out_size[0]);
}
@ -145,7 +145,7 @@ static psa_status_t storage_info(psa_msg_t *msg)
static psa_status_t storage_remove(psa_msg_t *msg)
{
psa_its_uid_t key = 0;
psa_storage_uid_t key = 0;
if (msg->in_size[0] != sizeof(key)) {
return PSA_DROP_CONNECTION;

0
components/TARGET_PSA/services/psa_prot_internal_storage/COMPONENT_SPE/psa_its_partition.h → components/TARGET_PSA/services/storage/its/COMPONENT_SPE/psa_its_partition.h
View File

0
components/TARGET_PSA/services/psa_prot_internal_storage/pits_psa.json → components/TARGET_PSA/services/storage/its/pits_psa.json
View File

0
components/TARGET_PSA/services/psa_prot_internal_storage/psa_its_ifs.h → components/TARGET_PSA/services/storage/its/psa_its_ifs.h
View File

145
components/TARGET_PSA/services/storage/its/psa_prot_internal_storage.h Normal file
View File

@ -0,0 +1,145 @@
/* Copyright (C) 2019, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/** @file
@brief This file describes the PSA Internal Trusted Storage API
*/
#ifndef __PSA_INTERNAL_TRUSTED_STORAGE_H__
#define __PSA_INTERNAL_TRUSTED_STORAGE_H__
#include <stddef.h>
#include <stdint.h>
#include "psa/error.h"
#include "psa/storage_common.h"
#include "mbed_toolchain.h"
#ifdef __cplusplus
extern "C" {
#endif
#define PSA_ITS_API_VERSION_MAJOR 1 /**< The major version number of the PSA ITS API. It will be incremented on significant updates that may include breaking changes */
#define PSA_ITS_API_VERSION_MINOR 1 /**< The minor version number of the PSA ITS API. It will be incremented in small updates that are unlikely to include breaking changes */
// These deprecated types are still used by our PSA compliance test tools
MBED_DEPRECATED("ITS specific types should not be used")
typedef psa_status_t psa_its_status_t;
MBED_DEPRECATED("ITS specific types should not be used")
typedef psa_storage_create_flags_t psa_its_create_flags_t;
MBED_DEPRECATED("ITS specific types should not be used")
typedef psa_storage_uid_t psa_its_uid_t;
MBED_DEPRECATED("ITS specific types should not be used")
struct psa_its_info_t {
uint32_t size;
psa_its_create_flags_t flags;
};
// These defines should also be deprecated
#define PSA_ITS_SUCCESS PSA_SUCCESS
#define PSA_ITS_ERROR_UID_NOT_FOUND PSA_ERROR_DOES_NOT_EXIST
#define PSA_ITS_ERROR_STORAGE_FAILURE PSA_ERROR_STORAGE_FAILURE
#define PSA_ITS_ERROR_INSUFFICIENT_SPACE PSA_ERROR_INSUFFICIENT_STORAGE
#define PSA_ITS_ERROR_OFFSET_INVALID PSA_ERROR_INVALID_ARGUMENT
#define PSA_ITS_ERROR_INCORRECT_SIZE PSA_ERROR_INVALID_ARGUMENT
#define PSA_ITS_ERROR_INVALID_ARGUMENTS PSA_ERROR_INVALID_ARGUMENT
#define PSA_ITS_ERROR_FLAGS_NOT_SUPPORTED PSA_ERROR_NOT_SUPPORTED
#define PSA_ITS_ERROR_WRITE_ONCE PSA_ERROR_ALREADY_EXISTS
/**
* \brief create a new or modify an existing uid/value pair
*
* \param[in] uid the identifier for the data
* \param[in] data_length The size in bytes of the data in `p_data`
* \param[in] p_data A buffer containing the data
* \param[in] create_flags The flags that the data will be stored with
*
* \return A status indicating the success/failure of the operation
* \retval PSA_SUCCESS The operation completed successfully
* \retval PSA_ERROR_NOT_PERMITTED The operation failed because the provided `uid` value was already created with PSA_STORAGE_WRITE_ONCE_FLAG
* \retval PSA_ERROR_NOT_SUPPORTED The operation failed because one or more of the flags provided in `create_flags` is not supported or is not valid
* \retval PSA_ERROR_INSUFFICIENT_STORAGE The operation failed because there was insufficient space on the storage medium
* \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
* \retval PSA_ERROR_INVALID_ARGUMENTS The operation failed because one of the provided pointers(`p_data`)
* is invalid, for example is `NULL` or references memory the caller cannot access
*/
psa_status_t psa_its_set(psa_storage_uid_t uid,
uint32_t data_length,
const void *p_data,
psa_storage_create_flags_t create_flags);
/**
* \brief Retrieve the value associated with a provided uid
*
* \param[in] uid The uid value
* \param[in] data_offset The starting offset of the data requested
* \param[in] data_length the amount of data requested (and the minimum allocated size of the `p_data` buffer)
* \param[out] p_data The buffer where the data will be placed upon successful completion
*
* \return A status indicating the success/failure of the operation
*
* \retval PSA_SUCCESS The operation completed successfully
* \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided `uid` value was not found in the storage
* \retval PSA_ERROR_BUFFER_TOO_SMALL The operation failed because the data associated with provided `uid` is not the same size as `data_size`
* \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
* \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_data`, `p_data_length`)
* is invalid. For example is `NULL` or references memory the caller cannot access
*/
psa_status_t psa_its_get(psa_storage_uid_t uid,
uint32_t data_offset,
uint32_t data_length,
void *p_data);
/**
* \brief Retrieve the metadata about the provided uid
*
* \param[in] uid The uid value
* \param[out] p_info A pointer to the `psa_storage_info_t` struct that will be populated with the metadata
*
* \return A status indicating the success/failure of the operation
*
* \retval PSA_SUCCESS The operation completed successfully
* \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided uid value was not found in the storage
* \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
* \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_info`)
* is invalid, for example is `NULL` or references memory the caller cannot access
*/
psa_status_t psa_its_get_info(psa_storage_uid_t uid,
struct psa_storage_info_t *p_info);
/**
* \brief Remove the provided key and its associated data from the storage
*
* \param[in] uid The uid value
*
* \return A status indicating the success/failure of the operation
*
* \retval PSA_SUCCESS The operation completed successfully
* \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided key value was not found in the storage
* \retval PSA_ERROR_NOT_PERMITTED The operation failed because the provided key value was created with PSA_STORAGE_WRITE_ONCE_FLAG
* \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
*/
psa_status_t psa_its_remove(psa_storage_uid_t uid);
#ifdef __cplusplus
}
#endif
#endif // __PSA_INTERNAL_TRUSTED_STORAGE_H__

139
components/TARGET_PSA/services/storage/ps/COMPONENT_NSPE/protected_storage.cpp Normal file
View File

@ -0,0 +1,139 @@
/* Copyright (c) 2019 ARM Limited
*
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include <cstring>
#include "KVMap.h"
#include "KVStore.h"
#include "kv_config.h"
#include "TDBStore.h"
#include "psa/protected_storage.h"
#include "psa_storage_common_impl.h"
#include "mbed_error.h"
#include "mbed_toolchain.h"
using namespace mbed;
#ifdef __cplusplus
extern "C"
{
#endif
#define STR_EXPAND(tok) #tok
#define PS_VERSION_KEY "PSA_PS_VERSION" // PS version entry identifier in TDBStore
// Global PID for protected storage, used when calling IMPL functions
#define PSA_PS_GLOBAL_PID 1
static KVStore *kvstore = NULL;
MBED_WEAK psa_status_t ps_version_migrate(KVStore *kvstore,
const psa_storage_version_t *old_version, const psa_storage_version_t *new_version)
{
(void)kvstore;
(void)old_version;
(void)new_version;
return PSA_SUCCESS;
}
static void ps_init(void)
{
int ret = kv_init_storage_config();
if (ret) {
// Can only happen due to system misconfiguration.
// Thus considered as unrecoverable error for runtime.
error("Failed initializing kvstore configuration\n");
}
KVMap &kv_map = KVMap::get_instance();
psa_storage_version_t version = {PSA_PS_API_VERSION_MAJOR, PSA_PS_API_VERSION_MINOR};
kvstore = kv_map.get_main_kv_instance(STR_EXPAND(MBED_CONF_STORAGE_DEFAULT_KV));
if (!kvstore) {
// Can only happen due to system misconfiguration.
// Thus considered as unrecoverable error for runtime.
error("Failed getting kvstore instance\n");
}
psa_storage_handle_version(kvstore, PS_VERSION_KEY, &version, ps_version_migrate);
}
// used from test only
void ps_deinit(void)
{
kvstore = NULL;
}
psa_status_t psa_ps_set(psa_storage_uid_t uid, uint32_t data_length, const void *p_data, psa_storage_create_flags_t create_flags)
{
if (!kvstore) {
ps_init();
}
return psa_storage_set_impl(kvstore, PSA_PS_GLOBAL_PID, uid, data_length, p_data, create_flags);
}
psa_status_t psa_ps_get(psa_storage_uid_t uid, uint32_t data_offset, uint32_t data_length, void *p_data)
{
if (!kvstore) {
ps_init();
}
return psa_storage_get_impl(kvstore, PSA_PS_GLOBAL_PID, uid, data_offset, data_length, p_data);
}
psa_status_t psa_ps_get_info(psa_storage_uid_t uid, struct psa_storage_info_t *p_info)
{
if (!kvstore) {
ps_init();
}
return psa_storage_get_info_impl(kvstore, PSA_PS_GLOBAL_PID, uid, p_info);
}
psa_status_t psa_ps_remove(psa_storage_uid_t uid)
{
if (!kvstore) {
ps_init();
}
return psa_storage_remove_impl(kvstore, PSA_PS_GLOBAL_PID, uid);
}
extern "C" psa_status_t psa_ps_reset()
{
// Do not call its_init here to avoid version check before reset
int ret = kv_init_storage_config();
if (ret) {
// Can only happen due to system misconfiguration.
// Thus considered as unrecoverable error for runtime.
error("Failed initializing kvstore configuration\n");
}
KVMap &kv_map = KVMap::get_instance();
kvstore = kv_map.get_main_kv_instance(STR_EXPAND(MBED_CONF_STORAGE_DEFAULT_KV));
if (!kvstore) {
// Can only happen due to system misconfiguration.
// Thus considered as unrecoverable error for runtime.
error("Failed getting kvstore instance\n");
}
return psa_storage_reset_impl(kvstore);
}
#ifdef __cplusplus
}
#endif

16
features/mbedtls/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/src/default_random_seed.cpp
View File

@ -5,21 +5,13 @@
int mbed_default_seed_read(unsigned char *buf, size_t buf_len)
{
/* Make sure that in case of an error the value will be negative
* return (-1 * rc);
* Mbed TLS errors are negative values
*/
psa_its_status_t rc = psa_its_get(PSA_CRYPTO_ITS_RANDOM_SEED_UID, 0, buf_len, buf);
return ( -1 * rc );
psa_status_t rc = psa_its_get(PSA_CRYPTO_ITS_RANDOM_SEED_UID, 0, buf_len, buf);
return ( rc );
}
int mbed_default_seed_write(unsigned char *buf, size_t buf_len)
{
psa_its_status_t rc = psa_its_set(PSA_CRYPTO_ITS_RANDOM_SEED_UID, buf_len, buf, 0);
/* Make sure that in case of an error the value will be negative
* return (-1 * rc);
* Mbed TLS errors are negative values
*/
return ( -1 * rc );
psa_status_t rc = psa_its_set(PSA_CRYPTO_ITS_RANDOM_SEED_UID, buf_len, buf, 0);
return ( rc );
}

2
tools/psa/generate_tfm_partition_code.py
View File

@ -34,7 +34,7 @@ TEMPLATES_LIST_FILE = path_join(SCRIPT_DIR, 'tfm', 'tfm_generated_file_list.json
SERVICES_DIR = os.path.join(MBED_OS_ROOT, "components", "TARGET_PSA", "services")
SERVICES_MANIFESTS = [
path_join(SERVICES_DIR, 'psa_prot_internal_storage', 'pits_psa.json'),
path_join(SERVICES_DIR, 'storage', 'its', 'pits_psa.json'),
path_join(SERVICES_DIR, 'platform', 'platform_psa.json'),
path_join(SERVICES_DIR, 'crypto', 'crypto_partition_psa.json')
]