ARMmbed
/
mbed-os
mirror of https://github.com/ARMmbed/mbed-os.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fixes 

* Add #include <stddef.h> to psa/client.h
* Add Attestation service to TFM
* Update FUTURE_SEQUANA_PSA secure binaries
* Remove MBED_SPM from K64F
* Refactor psa_manifest/sid.h
* Increase stackl size in spm-client tests
* Add handling of errors from psa_get in partitions
pull/9823/head
Oren Cohen 2019-03-03 13:30:58 +02:00
parent 4eabce80b4
commit cfb60ec955
35 changed files with 90957 additions and 78639 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
TESTS/psa/crypto_access_control/COMPONENT_PSA_SRV_IPC/test_partition_proxy.c
View File

@ -16,7 +16,7 @@
*/
#include "psa/client.h"
#include "psa_test_partition_ifs.h"
#include "psa_manifest/sid.h"
#include "test_partition_proxy.h"
#define MINOR_VER 1

25
TESTS/psa/crypto_access_control/COMPONENT_SPE/psa_test_partition_partition.h → TESTS/psa/crypto_access_control/COMPONENT_SPE/psa_crypto_acl_test_partition.h
View File

@ -23,22 +23,23 @@
* Generated by tools/spm/generate_partition_code.py Version 1.0
**********************************************************************************************************************/
#ifndef PSA_TEST_PARTITION_PARTITION_H
#define PSA_TEST_PARTITION_PARTITION_H
#ifndef PSA_CRYPTO_ACL_TEST_PARTITION_H
#define PSA_CRYPTO_ACL_TEST_PARTITION_H
#define TEST_PARTITION_ID 128
#define CRYPTO_ACL_TEST_ID 128
#define TEST_PARTITION_ROT_SRV_COUNT (9UL)
#define TEST_PARTITION_EXT_ROT_SRV_COUNT (1UL)
#define CRYPTO_ACL_TEST_ROT_SRV_COUNT (9UL)
#define CRYPTO_ACL_TEST_EXT_ROT_SRV_COUNT (1UL)
/* TEST_PARTITION event flags */
#define TEST_PARTITION_RESERVED1_POS (1UL)
#define TEST_PARTITION_RESERVED1_MSK (1UL << TEST_PARTITION_RESERVED1_POS)
/* CRYPTO_ACL_TEST event flags */
#define CRYPTO_ACL_TEST_RESERVED1_POS (1UL)
#define CRYPTO_ACL_TEST_RESERVED1_MSK (1UL << CRYPTO_ACL_TEST_RESERVED1_POS)
#define TEST_PARTITION_RESERVED2_POS (2UL)
#define TEST_PARTITION_RESERVED2_MSK (1UL << TEST_PARTITION_RESERVED2_POS)
#define CRYPTO_ACL_TEST_RESERVED2_POS (2UL)
#define CRYPTO_ACL_TEST_RESERVED2_MSK (1UL << CRYPTO_ACL_TEST_RESERVED2_POS)
#define CRYPTO_ACL_TEST_WAIT_ANY_IRQ_MSK (0)
#define CRYPTO_CREATE_PERSISTENT_KEY_MSK_POS (4UL)
#define CRYPTO_CREATE_PERSISTENT_KEY_MSK (1UL << CRYPTO_CREATE_PERSISTENT_KEY_MSK_POS)
@ -59,7 +60,7 @@
#define CRYPTO_IMPORT_KEY_MSK_POS (12UL)
#define CRYPTO_IMPORT_KEY_MSK (1UL << CRYPTO_IMPORT_KEY_MSK_POS)
#define TEST_PARTITION_WAIT_ANY_SID_MSK (\
#define CRYPTO_ACL_TEST_WAIT_ANY_SID_MSK (\
CRYPTO_CREATE_PERSISTENT_KEY_MSK | \
CRYPTO_GENERATE_KEY_MSK | \
CRYPTO_OPEN_PERSISTENT_KEY_MSK | \
@ -71,4 +72,4 @@
CRYPTO_IMPORT_KEY_MSK)
#endif // PSA_TEST_PARTITION_PARTITION_H
#endif // PSA_CRYPTO_ACL_TEST_PARTITION_H

49
TESTS/psa/crypto_access_control/COMPONENT_SPE/test_partition.c
View File

@ -16,20 +16,13 @@
*/
#include <stdlib.h>
#include "psa_test_partition_partition.h"
#include "psa/service.h"
#include "psa_crypto_acl_test_partition.h"
#include "psa/client.h"
#include "psa/service.h"
#include "psa/crypto.h"
typedef psa_status_t (*SignalHandler)(psa_msg_t *);
#if defined(TARGET_TFM)
#define SPM_PANIC(format, ...) \
{ \
while(1){}; \
}
#endif
static void read_input_param_from_message(psa_msg_t *msg, uint8_t param_index, void *param_ptr)
{
size_t bytes_read = psa_read(msg->handle, param_index, param_ptr, msg->in_size[param_index]);
@ -207,41 +200,59 @@ void test_partition_main(void)
psa_signal_t signal;
psa_msg_t msg = {0};
while (1) {
signal = psa_wait_any(PSA_BLOCK);
signal = psa_wait(CRYPTO_ACL_TEST_WAIT_ANY_SID_MSK, PSA_BLOCK);
if (signal & CRYPTO_CREATE_PERSISTENT_KEY_MSK) {
psa_get(CRYPTO_CREATE_PERSISTENT_KEY_MSK, &msg);
if (PSA_SUCCESS != psa_get(CRYPTO_CREATE_PERSISTENT_KEY_MSK, &msg)) {
continue;
}
message_handler(&msg, crypto_create_persistent_key);
}
if (signal & CRYPTO_GENERATE_KEY_MSK) {
psa_get(CRYPTO_GENERATE_KEY_MSK, &msg);
if (PSA_SUCCESS != psa_get(CRYPTO_GENERATE_KEY_MSK, &msg)) {
continue;
}
message_handler(&msg, crypto_generate_key);
}
if (signal & CRYPTO_OPEN_PERSISTENT_KEY_MSK) {
psa_get(CRYPTO_OPEN_PERSISTENT_KEY_MSK, &msg);
if (PSA_SUCCESS != psa_get(CRYPTO_OPEN_PERSISTENT_KEY_MSK, &msg)) {
continue;
}
message_handler(&msg, crypto_open_persistent_key);
}
if (signal & CRYPTO_CLOSE_KEY_MSK) {
psa_get(CRYPTO_CLOSE_KEY_MSK, &msg);
if (PSA_SUCCESS != psa_get(CRYPTO_CLOSE_KEY_MSK, &msg)) {
continue;
}
message_handler(&msg, crypto_close_key);
}
if (signal & CRYPTO_SET_KEY_POLICY_MSK) {
psa_get(CRYPTO_SET_KEY_POLICY_MSK, &msg);
if (PSA_SUCCESS != psa_get(CRYPTO_SET_KEY_POLICY_MSK, &msg)) {
continue;
}
message_handler(&msg, crypto_set_key_policy);
}
if (signal & CRYPTO_DESTROY_KEY_MSK) {
psa_get(CRYPTO_DESTROY_KEY_MSK, &msg);
if (PSA_SUCCESS != psa_get(CRYPTO_DESTROY_KEY_MSK, &msg)) {
continue;
}
message_handler(&msg, crypto_destroy_key);
}
if (signal & CRYPTO_GET_KEY_INFO_MSK) {
psa_get(CRYPTO_GET_KEY_INFO_MSK, &msg);
if (PSA_SUCCESS != psa_get(CRYPTO_GET_KEY_INFO_MSK, &msg)) {
continue;
}
message_handler(&msg, crypto_get_key_info);
}
if (signal & CRYPTO_GET_KEY_POLICY_MSK) {
psa_get(CRYPTO_GET_KEY_POLICY_MSK, &msg);
if (PSA_SUCCESS != psa_get(CRYPTO_GET_KEY_POLICY_MSK, &msg)) {
continue;
}
message_handler(&msg, crypto_get_key_policy);
}
if (signal & CRYPTO_IMPORT_KEY_MSK) {
psa_get(CRYPTO_IMPORT_KEY_MSK, &msg);
if (PSA_SUCCESS != psa_get(CRYPTO_IMPORT_KEY_MSK, &msg)) {
continue;
}
message_handler(&msg, crypto_import_key);
}
}

51
TESTS/psa/crypto_access_control/COMPONENT_SPE/TARGET_MBED_SPM/psa_test_partition_partition.c → TESTS/psa/crypto_access_control/TARGET_MBED_SPM/COMPONENT_SPE/psa_crypto_acl_test_partition.c
View File

@ -28,31 +28,30 @@
#include "rtx_os.h"
#include "spm_panic.h"
#include "spm_internal.h"
#include "psa_test_partition_partition.h"
#include "psa_test_partition_ifs.h"
#include "psa_crypto_srv_ifs.h"
#include "psa_crypto_acl_test_partition.h"
#include "psa_manifest/sid.h"
/* Threads stacks */
MBED_ALIGN(8) uint8_t test_partition_thread_stack[512] = {0};
MBED_ALIGN(8) uint8_t crypto_acl_test_thread_stack[512] = {0};
/* Threads control blocks */
osRtxThread_t test_partition_thread_cb = {0};
osRtxThread_t crypto_acl_test_thread_cb = {0};
/* Thread attributes - for thread initialization */
osThreadAttr_t test_partition_thread_attr = {
.name = "test_partition",
osThreadAttr_t crypto_acl_test_thread_attr = {
.name = "crypto_acl_test",
.attr_bits = 0,
.cb_mem = &test_partition_thread_cb,
.cb_size = sizeof(test_partition_thread_cb),
.stack_mem = test_partition_thread_stack,
.cb_mem = &crypto_acl_test_thread_cb,
.cb_size = sizeof(crypto_acl_test_thread_cb),
.stack_mem = crypto_acl_test_thread_stack,
.stack_size = 512,
.priority = osPriorityNormal,
.tz_module = 0,
.reserved = 0
};
spm_rot_service_t test_partition_rot_services[TEST_PARTITION_ROT_SRV_COUNT] = {
spm_rot_service_t crypto_acl_test_rot_services[CRYPTO_ACL_TEST_ROT_SRV_COUNT] = {
{
.sid = CRYPTO_CREATE_PERSISTENT_KEY,
.mask = CRYPTO_CREATE_PERSISTENT_KEY_MSK,
@ -163,41 +162,41 @@ spm_rot_service_t test_partition_rot_services[TEST_PARTITION_ROT_SRV_COUNT] = {
},
};
/* External SIDs used by TEST_PARTITION */
const uint32_t test_partition_external_sids[1] = {
/* External SIDs used by CRYPTO_ACL_TEST */
const uint32_t crypto_acl_test_external_sids[1] = {
PSA_KEY_MNG_ID,
};
static osRtxMutex_t test_partition_mutex = {0};
static const osMutexAttr_t test_partition_mutex_attr = {
.name = "test_partition_mutex",
static osRtxMutex_t crypto_acl_test_mutex = {0};
static const osMutexAttr_t crypto_acl_test_mutex_attr = {
.name = "crypto_acl_test_mutex",
.attr_bits = osMutexRecursive | osMutexPrioInherit | osMutexRobust,
.cb_mem = &test_partition_mutex,
.cb_size = sizeof(test_partition_mutex),
.cb_mem = &crypto_acl_test_mutex,
.cb_size = sizeof(crypto_acl_test_mutex),
};
extern void test_partition_main(void *ptr);
void test_partition_init(spm_partition_t *partition)
void crypto_acl_test_init(spm_partition_t *partition)
{
if (NULL == partition) {
SPM_PANIC("partition is NULL!\n");
}
partition->mutex = osMutexNew(&test_partition_mutex_attr);
partition->mutex = osMutexNew(&crypto_acl_test_mutex_attr);
if (NULL == partition->mutex) {
SPM_PANIC("Failed to create mutex for secure partition test_partition!\n");
SPM_PANIC("Failed to create mutex for secure partition crypto_acl_test!\n");
}
for (uint32_t i = 0; i < TEST_PARTITION_ROT_SRV_COUNT; ++i) {
test_partition_rot_services[i].partition = partition;
for (uint32_t i = 0; i < CRYPTO_ACL_TEST_ROT_SRV_COUNT; ++i) {
crypto_acl_test_rot_services[i].partition = partition;
}
partition->rot_services = test_partition_rot_services;
partition->rot_services = crypto_acl_test_rot_services;
partition->thread_id = osThreadNew(test_partition_main, NULL, &test_partition_thread_attr);
partition->thread_id = osThreadNew(test_partition_main, NULL, &crypto_acl_test_thread_attr);
if (NULL == partition->thread_id) {
SPM_PANIC("Failed to create start main thread of partition test_partition!\n");
SPM_PANIC("Failed to create start main thread of partition crypto_acl_test!\n");
}
}

49
TESTS/psa/crypto_access_control/COMPONENT_SPE/psa_setup.c → TESTS/psa/crypto_access_control/TARGET_MBED_SPM/COMPONENT_SPE/psa_setup.c
View File

@ -27,34 +27,22 @@
#include "spm_internal.h"
#include "handles_manager.h"
#include "cmsis.h"
#include "psa_test_partition_partition.h"
#include "psa_attest_srv_partition.h"
#include "psa_crypto_srv_partition.h"
#include "psa_platform_partition.h"
#include "psa_its_partition.h"
#include "psa_crypto_acl_test_partition.h"
extern const uint32_t test_partition_external_sids[1];
extern const uint32_t attest_srv_external_sids[7];
extern const uint32_t crypto_srv_external_sids[4];
extern const uint32_t platform_external_sids[1];
extern const uint32_t crypto_acl_test_external_sids[1];
spm_partition_t g_partitions[5] = {
{
.partition_id = TEST_PARTITION_ID,
.thread_id = 0,
.flags_rot_srv = TEST_PARTITION_WAIT_ANY_SID_MSK,
.flags_interrupts = 0,
.rot_services = NULL,
.rot_services_count = TEST_PARTITION_ROT_SRV_COUNT,
.extern_sids = test_partition_external_sids,
.extern_sids_count = TEST_PARTITION_EXT_ROT_SRV_COUNT,
.irq_mapper = NULL,
},
{
.partition_id = ATTEST_SRV_ID,
.thread_id = 0,
.flags_rot_srv = ATTEST_SRV_WAIT_ANY_SID_MSK,
.flags_interrupts = 0,
.flags = ATTEST_SRV_WAIT_ANY_SID_MSK | ATTEST_SRV_WAIT_ANY_IRQ_MSK,
.rot_services = NULL,
.rot_services_count = ATTEST_SRV_ROT_SRV_COUNT,
.extern_sids = attest_srv_external_sids,
@ -64,8 +52,7 @@ spm_partition_t g_partitions[5] = {
{
.partition_id = CRYPTO_SRV_ID,
.thread_id = 0,
.flags_rot_srv = CRYPTO_SRV_WAIT_ANY_SID_MSK,
.flags_interrupts = 0,
.flags = CRYPTO_SRV_WAIT_ANY_SID_MSK | CRYPTO_SRV_WAIT_ANY_IRQ_MSK,
.rot_services = NULL,
.rot_services_count = CRYPTO_SRV_ROT_SRV_COUNT,
.extern_sids = crypto_srv_external_sids,
@ -75,8 +62,7 @@ spm_partition_t g_partitions[5] = {
{
.partition_id = PLATFORM_ID,
.thread_id = 0,
.flags_rot_srv = PLATFORM_WAIT_ANY_SID_MSK,
.flags_interrupts = 0,
.flags = PLATFORM_WAIT_ANY_SID_MSK | PLATFORM_WAIT_ANY_IRQ_MSK,
.rot_services = NULL,
.rot_services_count = PLATFORM_ROT_SRV_COUNT,
.extern_sids = platform_external_sids,
@ -86,14 +72,23 @@ spm_partition_t g_partitions[5] = {
{
.partition_id = ITS_ID,
.thread_id = 0,
.flags_rot_srv = ITS_WAIT_ANY_SID_MSK,
.flags_interrupts = 0,
.flags = ITS_WAIT_ANY_SID_MSK | ITS_WAIT_ANY_IRQ_MSK,
.rot_services = NULL,
.rot_services_count = ITS_ROT_SRV_COUNT,
.extern_sids = NULL,
.extern_sids_count = ITS_EXT_ROT_SRV_COUNT,
.irq_mapper = NULL,
},
{
.partition_id = CRYPTO_ACL_TEST_ID,
.thread_id = 0,
.flags = CRYPTO_ACL_TEST_WAIT_ANY_SID_MSK | CRYPTO_ACL_TEST_WAIT_ANY_IRQ_MSK,
.rot_services = NULL,
.rot_services_count = CRYPTO_ACL_TEST_ROT_SRV_COUNT,
.extern_sids = crypto_acl_test_external_sids,
.extern_sids_count = CRYPTO_ACL_TEST_EXT_ROT_SRV_COUNT,
.irq_mapper = NULL,
},
};
/* Check all the defined memory regions for overlapping. */
@ -104,11 +99,11 @@ const mem_region_t *mem_regions = NULL;
const uint32_t mem_region_count = 0;
// forward declaration of partition initializers
void test_partition_init(spm_partition_t *partition);
void attest_srv_init(spm_partition_t *partition);
void crypto_srv_init(spm_partition_t *partition);
void platform_init(spm_partition_t *partition);
void its_init(spm_partition_t *partition);
void crypto_acl_test_init(spm_partition_t *partition);
uint32_t init_partitions(spm_partition_t **partitions)
{
@ -116,11 +111,11 @@ uint32_t init_partitions(spm_partition_t **partitions)
SPM_PANIC("partitions is NULL!\n");
}
test_partition_init(&(g_partitions[0]));
attest_srv_init(&(g_partitions[1]));
crypto_srv_init(&(g_partitions[2]));
platform_init(&(g_partitions[3]));
its_init(&(g_partitions[4]));
attest_srv_init(&(g_partitions[0]));
crypto_srv_init(&(g_partitions[1]));
platform_init(&(g_partitions[2]));
its_init(&(g_partitions[3]));
crypto_acl_test_init(&(g_partitions[4]));
*partitions = g_partitions;
return 5;

2
TESTS/psa/crypto_access_control/crypto_acl_test_partition_psa.json → TESTS/psa/crypto_access_control/crypto_acl_tests_partition_psa.json
View File

@ -1,5 +1,5 @@
{
"name": "TEST_PARTITION",
"name": "CRYPTO_ACL_TEST",
"type": "APPLICATION-ROT",
"priority": "NORMAL",
"id": "0x00000080",

6
TESTS/psa/crypto_access_control/psa_test_partition_ifs.h → TESTS/psa/crypto_access_control/psa_crypto_acl_test_ifs.h
View File

@ -23,8 +23,8 @@
* Generated by tools/spm/generate_partition_code.py Version 1.0
**********************************************************************************************************************/
#ifndef PSA_TEST_PARTITION_PARTITION_ROT_SERVICES_H
#define PSA_TEST_PARTITION_PARTITION_ROT_SERVICES_H
#ifndef PSA_CRYPTO_ACL_TEST_PARTITION_ROT_SERVICES_H
#define PSA_CRYPTO_ACL_TEST_PARTITION_ROT_SERVICES_H
#define CRYPTO_CREATE_PERSISTENT_KEY 0x00000200
#define CRYPTO_GENERATE_KEY 0x00000201
@ -36,4 +36,4 @@
#define CRYPTO_GET_KEY_POLICY 0x00000207
#define CRYPTO_IMPORT_KEY 0x00000208
#endif // PSA_TEST_PARTITION_PARTITION_ROT_SERVICES_H
#endif // PSA_CRYPTO_ACL_TEST_PARTITION_ROT_SERVICES_H

6
TESTS/psa/spm_client/COMPONENT_NSPE/main.cpp
View File

@ -314,9 +314,9 @@ static void call_diff_handle(th_struct_t *thr_attr)
//Testing multiple parallel calls to the same SID with different handles
void multi_thread_diff_handles()
{
Thread T1(osPriorityNormal, 256);
Thread T2(osPriorityNormal, 256);
Thread T3(osPriorityNormal, 256);
Thread T1(osPriorityNormal, 512);
Thread T2(osPriorityNormal, 512);
Thread T3(osPriorityNormal, 512);
th_struct_t thr_attr[] = {{0}, {0}, {0}};

37
TESTS/psa/spm_client/TARGET_MBED_SPM/COMPONENT_SPE/psa_setup.c
View File

@ -27,32 +27,21 @@
#include "spm_internal.h"
#include "handles_manager.h"
#include "cmsis.h"
#include "psa_client_tests_part1_partition.h"
#include "psa_attest_srv_partition.h"
#include "psa_crypto_srv_partition.h"
#include "psa_platform_partition.h"
#include "psa_its_partition.h"
#include "psa_client_tests_part1_partition.h"
extern const uint32_t attest_srv_external_sids[7];
extern const uint32_t crypto_srv_external_sids[4];
extern const uint32_t platform_external_sids[1];
spm_partition_t g_partitions[5] = {
{
.partition_id = CLIENT_TESTS_PART1_ID,
.thread_id = 0,
.flags = CLIENT_TESTS_PART1_WAIT_ANY_SID_MSK | CLIENT_TESTS_PART1_WAIT_ANY_IRQ_MSK,
.rot_services = NULL,
.rot_services_count = CLIENT_TESTS_PART1_ROT_SRV_COUNT,
.extern_sids = NULL,
.extern_sids_count = CLIENT_TESTS_PART1_EXT_ROT_SRV_COUNT,
.irq_mapper = NULL,
},
{
.partition_id = ATTEST_SRV_ID,
.thread_id = 0,
.flags_rot_srv = ATTEST_SRV_WAIT_ANY_SID_MSK,
.flags_interrupts = 0,
.flags = ATTEST_SRV_WAIT_ANY_SID_MSK | ATTEST_SRV_WAIT_ANY_IRQ_MSK,
.rot_services = NULL,
.rot_services_count = ATTEST_SRV_ROT_SRV_COUNT,
.extern_sids = attest_srv_external_sids,
@ -89,6 +78,16 @@ spm_partition_t g_partitions[5] = {
.extern_sids_count = ITS_EXT_ROT_SRV_COUNT,
.irq_mapper = NULL,
},
{
.partition_id = CLIENT_TESTS_PART1_ID,
.thread_id = 0,
.flags = CLIENT_TESTS_PART1_WAIT_ANY_SID_MSK | CLIENT_TESTS_PART1_WAIT_ANY_IRQ_MSK,
.rot_services = NULL,
.rot_services_count = CLIENT_TESTS_PART1_ROT_SRV_COUNT,
.extern_sids = NULL,
.extern_sids_count = CLIENT_TESTS_PART1_EXT_ROT_SRV_COUNT,
.irq_mapper = NULL,
},
};
/* Check all the defined memory regions for overlapping. */
@ -99,11 +98,11 @@ const mem_region_t *mem_regions = NULL;
const uint32_t mem_region_count = 0;
// forward declaration of partition initializers
void client_tests_part1_init(spm_partition_t *partition);
void attest_srv_init(spm_partition_t *partition);
void crypto_srv_init(spm_partition_t *partition);
void platform_init(spm_partition_t *partition);
void its_init(spm_partition_t *partition);
void client_tests_part1_init(spm_partition_t *partition);
uint32_t init_partitions(spm_partition_t **partitions)
{
@ -111,11 +110,11 @@ uint32_t init_partitions(spm_partition_t **partitions)
SPM_PANIC("partitions is NULL!\n");
}
client_tests_part1_init(&(g_partitions[0]));
attest_srv_init(&(g_partitions[1]));
crypto_srv_init(&(g_partitions[2]));
platform_init(&(g_partitions[3]));
its_init(&(g_partitions[4]));
attest_srv_init(&(g_partitions[0]));
crypto_srv_init(&(g_partitions[1]));
platform_init(&(g_partitions[2]));
its_init(&(g_partitions[3]));
client_tests_part1_init(&(g_partitions[4]));
*partitions = g_partitions;
return 5;

6
TESTS/psa/spm_server/COMPONENT_SPE/server_tests_partition2.c
View File

@ -23,12 +23,6 @@
#if defined(TARGET_MBED_SPM)
#include "cmsis_os2.h"
#include "spm_panic.h"
#else
#define SPM_PANIC(format, ...) \
{ \
while(1){}; \
}
#endif
void server_part2_main(void *ptr)

65
TESTS/psa/spm_server/TARGET_MBED_SPM/COMPONENT_SPE/psa_setup.c
View File

@ -27,44 +27,23 @@
#include "spm_internal.h"
#include "handles_manager.h"
#include "cmsis.h"
#include "psa_server_test_part1_partition.h"
#include "psa_server_test_part2_partition.h"
#include "psa_attest_srv_partition.h"
#include "psa_crypto_srv_partition.h"
#include "psa_platform_partition.h"
#include "psa_its_partition.h"
#include "psa_server_tests_part1_partition.h"
#include "psa_server_tests_part2_partition.h"
extern const uint32_t server_test_part1_external_sids[2];
extern const uint32_t attest_srv_external_sids[7];
extern const uint32_t crypto_srv_external_sids[4];
extern const uint32_t platform_external_sids[1];
extern const uint32_t server_tests_part1_external_sids[2];
spm_partition_t g_partitions[6] = {
{
.partition_id = SERVER_TEST_PART1_ID,
.thread_id = 0,
.flags = SERVER_TEST_PART1_WAIT_ANY_SID_MSK | SERVER_TEST_PART1_WAIT_ANY_IRQ_MSK,
.rot_services = NULL,
.rot_services_count = SERVER_TEST_PART1_ROT_SRV_COUNT,
.extern_sids = server_test_part1_external_sids,
.extern_sids_count = SERVER_TEST_PART1_EXT_ROT_SRV_COUNT,
.irq_mapper = NULL,
},
{
.partition_id = SERVER_TEST_PART2_ID,
.thread_id = 0,
.flags = SERVER_TEST_PART2_WAIT_ANY_SID_MSK | SERVER_TEST_PART2_WAIT_ANY_IRQ_MSK,
.rot_services = NULL,
.rot_services_count = SERVER_TEST_PART2_ROT_SRV_COUNT,
.extern_sids = NULL,
.extern_sids_count = SERVER_TEST_PART2_EXT_ROT_SRV_COUNT,
.irq_mapper = NULL,
},
{
.partition_id = ATTEST_SRV_ID,
.thread_id = 0,
.flags_rot_srv = ATTEST_SRV_WAIT_ANY_SID_MSK,
.flags_interrupts = 0,
.flags = ATTEST_SRV_WAIT_ANY_SID_MSK | ATTEST_SRV_WAIT_ANY_IRQ_MSK,
.rot_services = NULL,
.rot_services_count = ATTEST_SRV_ROT_SRV_COUNT,
.extern_sids = attest_srv_external_sids,
@ -101,6 +80,26 @@ spm_partition_t g_partitions[6] = {
.extern_sids_count = ITS_EXT_ROT_SRV_COUNT,
.irq_mapper = NULL,
},
{
.partition_id = SERVER_TESTS_PART1_ID,
.thread_id = 0,
.flags = SERVER_TESTS_PART1_WAIT_ANY_SID_MSK | SERVER_TESTS_PART1_WAIT_ANY_IRQ_MSK,
.rot_services = NULL,
.rot_services_count = SERVER_TESTS_PART1_ROT_SRV_COUNT,
.extern_sids = server_tests_part1_external_sids,
.extern_sids_count = SERVER_TESTS_PART1_EXT_ROT_SRV_COUNT,
.irq_mapper = NULL,
},
{
.partition_id = SERVER_TESTS_PART2_ID,
.thread_id = 0,
.flags = SERVER_TESTS_PART2_WAIT_ANY_SID_MSK | SERVER_TESTS_PART2_WAIT_ANY_IRQ_MSK,
.rot_services = NULL,
.rot_services_count = SERVER_TESTS_PART2_ROT_SRV_COUNT,
.extern_sids = NULL,
.extern_sids_count = SERVER_TESTS_PART2_EXT_ROT_SRV_COUNT,
.irq_mapper = NULL,
},
};
/* Check all the defined memory regions for overlapping. */
@ -111,12 +110,12 @@ const mem_region_t *mem_regions = NULL;
const uint32_t mem_region_count = 0;
// forward declaration of partition initializers
void server_test_part1_init(spm_partition_t *partition);
void server_test_part2_init(spm_partition_t *partition);
void attest_srv_init(spm_partition_t *partition);
void crypto_srv_init(spm_partition_t *partition);
void platform_init(spm_partition_t *partition);
void its_init(spm_partition_t *partition);
void server_tests_part1_init(spm_partition_t *partition);
void server_tests_part2_init(spm_partition_t *partition);
uint32_t init_partitions(spm_partition_t **partitions)
{
@ -124,12 +123,12 @@ uint32_t init_partitions(spm_partition_t **partitions)
SPM_PANIC("partitions is NULL!\n");
}
server_test_part1_init(&(g_partitions[0]));
server_test_part2_init(&(g_partitions[1]));
attest_srv_init(&(g_partitions[2]));
crypto_srv_init(&(g_partitions[3]));
platform_init(&(g_partitions[4]));
its_init(&(g_partitions[5]));
attest_srv_init(&(g_partitions[0]));
crypto_srv_init(&(g_partitions[1]));
platform_init(&(g_partitions[2]));
its_init(&(g_partitions[3]));
server_tests_part1_init(&(g_partitions[4]));
server_tests_part2_init(&(g_partitions[5]));
*partitions = g_partitions;
return 6;

37
TESTS/psa/spm_smoke/TARGET_MBED_SPM/COMPONENT_SPE/psa_setup.c
View File

@ -27,32 +27,21 @@
#include "spm_internal.h"
#include "handles_manager.h"
#include "cmsis.h"
#include "psa_smoke_test_part1_partition.h"
#include "psa_attest_srv_partition.h"
#include "psa_crypto_srv_partition.h"
#include "psa_platform_partition.h"
#include "psa_its_partition.h"
#include "psa_smoke_tests_part1_partition.h"
extern const uint32_t attest_srv_external_sids[7];
extern const uint32_t crypto_srv_external_sids[4];
extern const uint32_t platform_external_sids[1];
spm_partition_t g_partitions[5] = {
{
.partition_id = SMOKE_TEST_PART1_ID,
.thread_id = 0,
.flags = SMOKE_TEST_PART1_WAIT_ANY_SID_MSK | SMOKE_TEST_PART1_WAIT_ANY_IRQ_MSK,
.rot_services = NULL,
.rot_services_count = SMOKE_TEST_PART1_ROT_SRV_COUNT,
.extern_sids = NULL,
.extern_sids_count = SMOKE_TEST_PART1_EXT_ROT_SRV_COUNT,
.irq_mapper = NULL,
},
{
.partition_id = ATTEST_SRV_ID,
.thread_id = 0,
.flags_rot_srv = ATTEST_SRV_WAIT_ANY_SID_MSK,
.flags_interrupts = 0,
.flags = ATTEST_SRV_WAIT_ANY_SID_MSK | ATTEST_SRV_WAIT_ANY_IRQ_MSK,
.rot_services = NULL,
.rot_services_count = ATTEST_SRV_ROT_SRV_COUNT,
.extern_sids = attest_srv_external_sids,
@ -89,6 +78,16 @@ spm_partition_t g_partitions[5] = {
.extern_sids_count = ITS_EXT_ROT_SRV_COUNT,
.irq_mapper = NULL,
},
{
.partition_id = SMOKE_TESTS_PART1_ID,
.thread_id = 0,
.flags = SMOKE_TESTS_PART1_WAIT_ANY_SID_MSK | SMOKE_TESTS_PART1_WAIT_ANY_IRQ_MSK,
.rot_services = NULL,
.rot_services_count = SMOKE_TESTS_PART1_ROT_SRV_COUNT,
.extern_sids = NULL,
.extern_sids_count = SMOKE_TESTS_PART1_EXT_ROT_SRV_COUNT,
.irq_mapper = NULL,
},
};
/* Check all the defined memory regions for overlapping. */
@ -99,11 +98,11 @@ const mem_region_t *mem_regions = NULL;
const uint32_t mem_region_count = 0;
// forward declaration of partition initializers
void smoke_test_part1_init(spm_partition_t *partition);
void attest_srv_init(spm_partition_t *partition);
void crypto_srv_init(spm_partition_t *partition);
void platform_init(spm_partition_t *partition);
void its_init(spm_partition_t *partition);
void smoke_tests_part1_init(spm_partition_t *partition);
uint32_t init_partitions(spm_partition_t **partitions)
{
@ -111,11 +110,11 @@ uint32_t init_partitions(spm_partition_t **partitions)
SPM_PANIC("partitions is NULL!\n");
}
smoke_test_part1_init(&(g_partitions[0]));
attest_srv_init(&(g_partitions[1]));
crypto_srv_init(&(g_partitions[2]));
platform_init(&(g_partitions[3]));
its_init(&(g_partitions[4]));
attest_srv_init(&(g_partitions[0]));
crypto_srv_init(&(g_partitions[1]));
platform_init(&(g_partitions[2]));
its_init(&(g_partitions[3]));
smoke_tests_part1_init(&(g_partitions[4]));
*partitions = g_partitions;
return 5;

3
components/TARGET_PSA/TARGET_MBED_SPM/COMPONENT_SPE/psa_setup.c
View File

@ -41,8 +41,7 @@ spm_partition_t g_partitions[4] = {
{
.partition_id = ATTEST_SRV_ID,
.thread_id = 0,
.flags_rot_srv = ATTEST_SRV_WAIT_ANY_SID_MSK,
.flags_interrupts = 0,
.flags = ATTEST_SRV_WAIT_ANY_SID_MSK | ATTEST_SRV_WAIT_ANY_IRQ_MSK,
.rot_services = NULL,
.rot_services_count = ATTEST_SRV_ROT_SRV_COUNT,
.extern_sids = attest_srv_external_sids,

17
components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/autogen/tfm_partition_defs.inc
View File

@ -25,33 +25,38 @@
#define ITS_ID (TFM_SP_BASE + 0)
#define PLATFORM_ID (TFM_SP_BASE + 1)
#define CRYPTO_SRV_ID (TFM_SP_BASE + 2)
#define ATTEST_SRV_ID (TFM_SP_BASE + 3)
/*************************** Test Partitions *********************************/
#ifdef USE_PSA_TEST_PARTITIONS
#ifdef USE_CRYPTO_ACL_TEST
#define CRYPTO_ACL_TEST_ID (TFM_SP_BASE + 4 + 0)
#endif
#ifdef USE_CLIENT_TESTS_PART1
#define CLIENT_TESTS_PART1_ID (TFM_SP_BASE + 3 + 0)
#define CLIENT_TESTS_PART1_ID (TFM_SP_BASE + 4 + 1)
#endif
#ifdef USE_SERVER_TESTS_PART1
#define SERVER_TESTS_PART1_ID (TFM_SP_BASE + 3 + 1)
#define SERVER_TESTS_PART1_ID (TFM_SP_BASE + 4 + 2)
#endif
#ifdef USE_SERVER_TESTS_PART2
#define SERVER_TESTS_PART2_ID (TFM_SP_BASE + 3 + 2)
#define SERVER_TESTS_PART2_ID (TFM_SP_BASE + 4 + 3)
#endif
#ifdef USE_SMOKE_TESTS_PART1
#define SMOKE_TESTS_PART1_ID (TFM_SP_BASE + 3 + 3)
#define SMOKE_TESTS_PART1_ID (TFM_SP_BASE + 4 + 4)
#endif
#endif // USE_PSA_TEST_PARTITIONS
#ifdef USE_PSA_TEST_PARTITIONS
#define TFM_MAX_USER_PARTITIONS (3 + 4)
#define TFM_MAX_USER_PARTITIONS (4 + 5)
#else
#define TFM_MAX_USER_PARTITIONS (3)
#define TFM_MAX_USER_PARTITIONS (4)
#endif
#endif // __TFM_PARTITION_DEFS_INC__

14
components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/autogen/tfm_partition_list.inc
View File

@ -28,8 +28,22 @@ PARTITION_DECLARE(CRYPTO_SRV, 0
, "APPLICATION-ROT", 35, NORMAL, 16384);
PARTITION_ADD_INIT_FUNC(CRYPTO_SRV, crypto_main);
/******** ATTEST_SRV ********/
PARTITION_DECLARE(ATTEST_SRV, 0
| SPM_PART_FLAG_IPC
, "APPLICATION-ROT", 37, NORMAL, 8192);
PARTITION_ADD_INIT_FUNC(ATTEST_SRV, attest_main);
#ifdef USE_PSA_TEST_PARTITIONS
#ifdef USE_CRYPTO_ACL_TEST
/******** CRYPTO_ACL_TEST ********/
PARTITION_DECLARE(CRYPTO_ACL_TEST, 0
| SPM_PART_FLAG_IPC
, "APPLICATION-ROT", 128, NORMAL, 512);
PARTITION_ADD_INIT_FUNC(CRYPTO_ACL_TEST, test_partition_main);
#endif // USE_CRYPTO_ACL_TEST
#ifdef USE_CLIENT_TESTS_PART1
/******** CLIENT_TESTS_PART1 ********/
PARTITION_DECLARE(CLIENT_TESTS_PART1, 0

18
components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/autogen/tfm_service_list.inc
View File

@ -35,8 +35,26 @@
{"PSA_GENERATOR_ID", CRYPTO_SRV_ID, PSA_GENERATOR, 0x00000F09, true, 1, TFM_VERSION_POLICY_STRICT},
{"PSA_ENTROPY_ID", CRYPTO_SRV_ID, PSA_ENTROPY_INJECT, 0x00000F0A, true, 1, TFM_VERSION_POLICY_STRICT},
/******** ATTEST_SRV ********/
{"PSA_ATTEST_GET_TOKEN_ID", ATTEST_SRV_ID, PSA_ATTEST_GET_TOKEN, 0x00000F10, true, 1, TFM_VERSION_POLICY_STRICT},
{"PSA_ATTEST_GET_TOKEN_SIZE_ID", ATTEST_SRV_ID, PSA_ATTEST_GET_TOKEN_SIZE, 0x00000F11, true, 1, TFM_VERSION_POLICY_STRICT},
{"PSA_ATTEST_INJECT_KEY_ID", ATTEST_SRV_ID, PSA_ATTEST_INJECT_KEY, 0x00000F12, true, 1, TFM_VERSION_POLICY_STRICT},
#ifdef USE_PSA_TEST_PARTITIONS
#ifdef USE_CRYPTO_ACL_TEST
/******** CRYPTO_ACL_TEST ********/
{"CRYPTO_CREATE_PERSISTENT_KEY", CRYPTO_ACL_TEST_ID, CRYPTO_CREATE_PERSISTENT_KEY_MSK, 0x00000200, true, 1, TFM_VERSION_POLICY_RELAXED},
{"CRYPTO_GENERATE_KEY", CRYPTO_ACL_TEST_ID, CRYPTO_GENERATE_KEY_MSK, 0x00000201, true, 1, TFM_VERSION_POLICY_RELAXED},
{"CRYPTO_OPEN_PERSISTENT_KEY", CRYPTO_ACL_TEST_ID, CRYPTO_OPEN_PERSISTENT_KEY_MSK, 0x00000202, true, 1, TFM_VERSION_POLICY_RELAXED},
{"CRYPTO_CLOSE_KEY", CRYPTO_ACL_TEST_ID, CRYPTO_CLOSE_KEY_MSK, 0x00000203, true, 1, TFM_VERSION_POLICY_RELAXED},
{"CRYPTO_SET_KEY_POLICY", CRYPTO_ACL_TEST_ID, CRYPTO_SET_KEY_POLICY_MSK, 0x00000204, true, 1, TFM_VERSION_POLICY_RELAXED},
{"CRYPTO_DESTROY_KEY", CRYPTO_ACL_TEST_ID, CRYPTO_DESTROY_KEY_MSK, 0x00000205, true, 1, TFM_VERSION_POLICY_RELAXED},
{"CRYPTO_GET_KEY_INFO", CRYPTO_ACL_TEST_ID, CRYPTO_GET_KEY_INFO_MSK, 0x00000206, true, 1, TFM_VERSION_POLICY_RELAXED},
{"CRYPTO_GET_KEY_POLICY", CRYPTO_ACL_TEST_ID, CRYPTO_GET_KEY_POLICY_MSK, 0x00000207, true, 1, TFM_VERSION_POLICY_RELAXED},
{"CRYPTO_IMPORT_KEY", CRYPTO_ACL_TEST_ID, CRYPTO_IMPORT_KEY_MSK, 0x00000208, true, 1, TFM_VERSION_POLICY_RELAXED},
#endif // USE_CRYPTO_ACL_TEST
#ifdef USE_CLIENT_TESTS_PART1
/******** CLIENT_TESTS_PART1 ********/
{"CLIENT_TESTS_PART1_ROT_SRV1", CLIENT_TESTS_PART1_ID, PART1_ROT_SRV1_MSK, 0x00001A05, true, 5, TFM_VERSION_POLICY_RELAXED},

30
components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/autogen/tfm_spm_signal_defs.h
View File

@ -54,8 +54,38 @@
#define PSA_ENTROPY_INJECT_POS (14UL)
#define PSA_ENTROPY_INJECT (1UL << PSA_ENTROPY_INJECT_POS)
/******** ATTEST_SRV ********/
#define PSA_ATTEST_GET_TOKEN_POS (4UL)
#define PSA_ATTEST_GET_TOKEN (1UL << PSA_ATTEST_GET_TOKEN_POS)
#define PSA_ATTEST_GET_TOKEN_SIZE_POS (5UL)
#define PSA_ATTEST_GET_TOKEN_SIZE (1UL << PSA_ATTEST_GET_TOKEN_SIZE_POS)
#define PSA_ATTEST_INJECT_KEY_POS (6UL)
#define PSA_ATTEST_INJECT_KEY (1UL << PSA_ATTEST_INJECT_KEY_POS)
#ifdef USE_PSA_TEST_PARTITIONS
#ifdef USE_CRYPTO_ACL_TEST
/******** CRYPTO_ACL_TEST ********/
#define CRYPTO_CREATE_PERSISTENT_KEY_MSK_POS (4UL)
#define CRYPTO_CREATE_PERSISTENT_KEY_MSK (1UL << CRYPTO_CREATE_PERSISTENT_KEY_MSK_POS)
#define CRYPTO_GENERATE_KEY_MSK_POS (5UL)
#define CRYPTO_GENERATE_KEY_MSK (1UL << CRYPTO_GENERATE_KEY_MSK_POS)
#define CRYPTO_OPEN_PERSISTENT_KEY_MSK_POS (6UL)
#define CRYPTO_OPEN_PERSISTENT_KEY_MSK (1UL << CRYPTO_OPEN_PERSISTENT_KEY_MSK_POS)
#define CRYPTO_CLOSE_KEY_MSK_POS (7UL)
#define CRYPTO_CLOSE_KEY_MSK (1UL << CRYPTO_CLOSE_KEY_MSK_POS)
#define CRYPTO_SET_KEY_POLICY_MSK_POS (8UL)
#define CRYPTO_SET_KEY_POLICY_MSK (1UL << CRYPTO_SET_KEY_POLICY_MSK_POS)
#define CRYPTO_DESTROY_KEY_MSK_POS (9UL)
#define CRYPTO_DESTROY_KEY_MSK (1UL << CRYPTO_DESTROY_KEY_MSK_POS)
#define CRYPTO_GET_KEY_INFO_MSK_POS (10UL)
#define CRYPTO_GET_KEY_INFO_MSK (1UL << CRYPTO_GET_KEY_INFO_MSK_POS)
#define CRYPTO_GET_KEY_POLICY_MSK_POS (11UL)
#define CRYPTO_GET_KEY_POLICY_MSK (1UL << CRYPTO_GET_KEY_POLICY_MSK_POS)
#define CRYPTO_IMPORT_KEY_MSK_POS (12UL)
#define CRYPTO_IMPORT_KEY_MSK (1UL << CRYPTO_IMPORT_KEY_MSK_POS)
#endif // USE_CRYPTO_ACL_TEST
#ifdef USE_CLIENT_TESTS_PART1
/******** CLIENT_TESTS_PART1 ********/
#define PART1_ROT_SRV1_MSK_POS (4UL)

2
components/TARGET_PSA/inc/psa/client.h
View File

@ -25,6 +25,8 @@
#ifndef __MBED_OS_DEFAULT_PSA_CLIENT_API_H__
#define __MBED_OS_DEFAULT_PSA_CLIENT_API_H__
#include <stddef.h>
#if !defined(UINT32_MAX)
#define UINT32_MAX ((uint32_t)-1)
#endif

41
components/TARGET_PSA/inc/psa_manifest/sid.h
View File

@ -17,19 +17,19 @@
/*********** WARNING: This is an auto-generated file. Do not edit! ***********/
#ifndef SID_H
#define SID_H
/*************************** Service Partitions ******************************/
/******** ITS ********/
#define PSA_ITS_GET 0x00011A00
#define PSA_ITS_SET 0x00011A01
#define PSA_ITS_INFO 0x00011A02
#define PSA_ITS_REMOVE 0x00011A03
#define PSA_ITS_RESET 0x00011A04
/******** PLATFORM ********/
#define PSA_PLATFORM_LC_GET 0x00011000
#define PSA_PLATFORM_LC_SET 0x00011001
#define PSA_PLATFORM_SYSTEM_RESET 0x00011002
/******** CRYPTO_SRV ********/
#define PSA_CRYPTO_INIT_ID 0x00000F00
#define PSA_MAC_ID 0x00000F01
#define PSA_HASH_ID 0x00000F02
@ -42,22 +42,41 @@
#define PSA_GENERATOR_ID 0x00000F09
#define PSA_ENTROPY_ID 0x00000F0A
/*************************** Test Partitions *********************************/
/******** ATTEST_SRV ********/
#define PSA_ATTEST_GET_TOKEN_ID 0x00000F10
#define PSA_ATTEST_GET_TOKEN_SIZE_ID 0x00000F11
#define PSA_ATTEST_INJECT_KEY_ID 0x00000F12
// CLIENT_TESTS_PART1
/******** CRYPTO_ACL_TEST ********/
#define CRYPTO_CREATE_PERSISTENT_KEY 0x00000200
#define CRYPTO_GENERATE_KEY 0x00000201
#define CRYPTO_OPEN_PERSISTENT_KEY 0x00000202
#define CRYPTO_CLOSE_KEY 0x00000203
#define CRYPTO_SET_KEY_POLICY 0x00000204
#define CRYPTO_DESTROY_KEY 0x00000205
#define CRYPTO_GET_KEY_INFO 0x00000206
#define CRYPTO_GET_KEY_POLICY 0x00000207
#define CRYPTO_IMPORT_KEY 0x00000208
/******** CLIENT_TESTS_PART1 ********/
#define CLIENT_TESTS_PART1_ROT_SRV1 0x00001A05
#define CLIENT_TESTS_PART1_DROP_CONN 0x00001A06
#define CLIENT_TESTS_PART1_SECURE_CLIENTS_ONLY 0x00001A07
// SERVER_TESTS_PART1
/******** SERVER_TESTS_PART1 ********/
#define SERVER_TESTS_PART1_CONTROL 0x00001A01
#define SERVER_TESTS_PART1_TEST 0x00001A02
// SERVER_TESTS_PART2
/******** SERVER_TESTS_PART2 ********/
#define SERVER_TESTS_PART2_ROT_SRV_REVERSE 0x00001A03
#define SERVER_TESTS_PART2_ROT_SRV_DB_TST 0x00001A04
// SMOKE_TESTS_PART1
/******** SMOKE_TESTS_PART1 ********/
#define SMOKE_TESTS_PART1_ROT_SRV1 0x00001A00
#endif // SID_H

2
components/TARGET_PSA/services/attestation/COMPONENT_PSA_SRV_IMPL/attest_boot_status_loader.c
View File

@ -20,7 +20,7 @@
#include <string.h>
#include "attestation.h"
#include "attestation_bootloader_data.h"
#include "tfm_boot_status.h"
#include "tfm_impl/tfm_boot_status.h"
/*!
* \def SHARED_DATA_INITIALZED and SHARED_DATA_UNNITIALZED

2
components/TARGET_PSA/services/attestation/COMPONENT_PSA_SRV_IMPL/tfm_impl/attestation_core.c
View File

@ -10,7 +10,7 @@
#include <stddef.h>
#include "tfm_client.h"
#include "attestation.h"
#include "tfm_boot_status.h"
#include "tfm_impl/tfm_boot_status.h"
#include "tfm_plat_defs.h"
#include "tfm_plat_device_id.h"
#include "tfm_plat_boot_seed.h"

1
components/TARGET_PSA/services/attestation/COMPONENT_SPE/psa_attest_srv_partition.h
View File

@ -39,6 +39,7 @@
#define ATTEST_SRV_RESERVED2_MSK (1UL << ATTEST_SRV_RESERVED2_POS)
#define ATTEST_SRV_WAIT_ANY_IRQ_MSK (0)
#define PSA_ATTEST_GET_TOKEN_POS (4UL)
#define PSA_ATTEST_GET_TOKEN (1UL << PSA_ATTEST_GET_TOKEN_POS)

18
components/TARGET_PSA/services/attestation/COMPONENT_SPE/psa_attestation_partition.c
View File

@ -17,8 +17,8 @@
*/
// ---------------------------------- Includes ---------------------------------
#include "psa/service.h"
#include "psa/client.h"
#include "psa/service.h"
#include "psa_attest_srv_partition.h"
#include "psa_initial_attestation_api.h"
@ -32,7 +32,7 @@ int32_t g_caller_id = 0;
static void set_caller_id(psa_msg_t *msg)
{
g_caller_id = psa_identity(msg->handle);
g_caller_id = msg->client_id;
}
// ------------------------- Partition's Main Thread ---------------------------
@ -42,7 +42,9 @@ static void psa_attest_get_token(void)
psa_msg_t msg = { 0 };
enum psa_attest_err_t status = PSA_ATTEST_ERR_SUCCESS;
psa_get(PSA_ATTEST_GET_TOKEN, &msg);
if (PSA_SUCCESS != psa_get(PSA_ATTEST_GET_TOKEN, &msg)) {
return;
}
switch (msg.type) {
case PSA_IPC_CONNECT:
case PSA_IPC_DISCONNECT: {
@ -107,7 +109,9 @@ static void psa_attest_get_token_size(void)
psa_msg_t msg = { 0 };
enum psa_attest_err_t status = PSA_ATTEST_ERR_SUCCESS;
psa_get(PSA_ATTEST_GET_TOKEN_SIZE, &msg);
if (PSA_SUCCESS != psa_get(PSA_ATTEST_GET_TOKEN_SIZE, &msg)) {
return;
}
switch (msg.type) {
case PSA_IPC_CONNECT:
case PSA_IPC_DISCONNECT: {
@ -155,7 +159,9 @@ static void psa_attest_inject_key(void)
psa_msg_t msg = { 0 };
psa_status_t status = PSA_SUCCESS;
psa_get(PSA_ATTEST_INJECT_KEY, &msg);
if (PSA_SUCCESS != psa_get(PSA_ATTEST_INJECT_KEY, &msg)) {
return;
}
switch (msg.type) {
case PSA_IPC_CONNECT:
case PSA_IPC_DISCONNECT: {
@ -232,7 +238,7 @@ static void psa_attest_inject_key(void)
void attest_main(void *ptr)
{
while (1) {
uint32_t signals = psa_wait_any(PSA_BLOCK);
uint32_t signals = psa_wait(ATTEST_SRV_WAIT_ANY_SID_MSK, PSA_BLOCK);
if (signals & PSA_ATTEST_GET_TOKEN) {
psa_attest_get_token();
}

4
components/TARGET_PSA/services/attestation/COMPONENT_SPE/TARGET_MBED_SPM/psa_attest_srv_partition.c → components/TARGET_PSA/services/attestation/TARGET_MBED_SPM/COMPONENT_SPE/psa_attest_srv_partition.c Executable file → Normal file
View File

@ -29,9 +29,7 @@
#include "spm_panic.h"
#include "spm_internal.h"
#include "psa_attest_srv_partition.h"
#include "psa_attest_srv_ifs.h"
#include "psa_platform_ifs.h"
#include "psa_crypto_srv_ifs.h"
#include "psa_manifest/sid.h"
/* Threads stacks */

11
components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_access_control.c
View File

@ -17,19 +17,12 @@
#include <string.h>
#include "psa/client.h"
#include "psa/service.h"
#include "psa_crypto_access_control.h"
#include "psa_crypto_core.h"
#include "psa_crypto_slot_management.h"
#if defined(TARGET_TFM)
#define SPM_PANIC(format, ...) \
{ \
while(1){}; \
}
#else
#include "spm_panic.h"
#endif
typedef struct psa_crypto_access_control_s {
psa_key_handle_t key_handle;
int32_t partition_id;

20
components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c
View File

@ -228,7 +228,7 @@ static void psa_mac_operation(void)
switch (psa_crypto.func) {
case PSA_MAC_SIGN_SETUP: {
if (!psa_crypto_access_control_is_handle_permitted(psa_crypto.handle,
psa_identity(msg.handle))) {
msg.client_id)) {
status = PSA_ERROR_INVALID_HANDLE;
break;
}
@ -241,7 +241,7 @@ static void psa_mac_operation(void)
case PSA_MAC_VERIFY_SETUP: {
if (!psa_crypto_access_control_is_handle_permitted(psa_crypto.handle,
psa_identity(msg.handle))) {
msg.client_id)) {
status = PSA_ERROR_INVALID_HANDLE;
break;
}
@ -597,7 +597,7 @@ static void psa_asymmetric_operation(void)
}
if (!psa_crypto_access_control_is_handle_permitted(psa_crypto.handle,
psa_identity(msg.handle))) {
msg.client_id)) {
status = PSA_ERROR_INVALID_HANDLE;
break;
}
@ -791,7 +791,7 @@ static void psa_aead_operation()
}
if (!psa_crypto_access_control_is_handle_permitted(psa_crypto.handle,
psa_identity(msg.handle))) {
msg.client_id)) {
status = PSA_ERROR_INVALID_HANDLE;
break;
}
@ -918,7 +918,7 @@ static void psa_symmetric_operation(void)
switch (psa_crypto_ipc.func) {
case PSA_CIPHER_ENCRYPT_SETUP: {
if (!psa_crypto_access_control_is_handle_permitted(psa_crypto_ipc.handle,
psa_identity(msg.handle))) {
msg.client_id)) {
status = PSA_ERROR_INVALID_HANDLE;
break;
}
@ -931,7 +931,7 @@ static void psa_symmetric_operation(void)
case PSA_CIPHER_DECRYPT_SETUP: {
if (!psa_crypto_access_control_is_handle_permitted(psa_crypto_ipc.handle,
psa_identity(msg.handle))) {
msg.client_id)) {
status = PSA_ERROR_INVALID_HANDLE;
break;
}
@ -1095,7 +1095,7 @@ static void psa_key_management_operation(void)
SPM_PANIC("SPM read length mismatch");
}
partition_id = psa_identity(msg.handle);
partition_id = msg.client_id;
switch (psa_key_mng.func) {
case PSA_GET_KEY_LIFETIME: {
@ -1569,7 +1569,7 @@ void psa_crypto_generator_operations(void)
size_t bits;
if (!psa_crypto_access_control_is_handle_permitted(psa_crypto_ipc.handle,
psa_identity(msg.handle))) {
msg.client_id)) {
status = PSA_ERROR_INVALID_HANDLE;
break;
}
@ -1600,7 +1600,7 @@ void psa_crypto_generator_operations(void)
uint8_t *salt = NULL;
if (!psa_crypto_access_control_is_handle_permitted(psa_crypto_ipc.handle,
psa_identity(msg.handle))) {
msg.client_id)) {
status = PSA_ERROR_INVALID_HANDLE;
break;
}
@ -1645,7 +1645,7 @@ void psa_crypto_generator_operations(void)
uint8_t *private_key = NULL;
if (!psa_crypto_access_control_is_handle_permitted(psa_crypto_ipc.handle,
psa_identity(msg.handle))) {
msg.client_id)) {
status = PSA_ERROR_INVALID_HANDLE;
break;
}

2
targets/TARGET_Cypress/TARGET_PSOC6_FUTURE/TARGET_FUTURE_SEQUANA_PSA/prebuilt/README.md
View File

@ -7,7 +7,7 @@ These images were compiled by the following command:
```
mbed compile -m FUTURE_SEQUANA_M0_PSA -t GCC_ARM --profile release -N psa_release_1.0
mbed test --compile -m FUTURE_SEQUANA_M0_PSA -t GCC_ARM --profile debug -n *psa-spm*
mbed test --compile -m FUTURE_SEQUANA_M0_PSA -t GCC_ARM --profile debug -n *psa-spm*,*psa-crypto_access_control
```
To update the prebuilt binaries run the previous commands.

31270
targets/TARGET_Cypress/TARGET_PSOC6_FUTURE/TARGET_FUTURE_SEQUANA_PSA/prebuilt/crypto_access_control.hex
View File

File diff suppressed because it is too large Load Diff

21806
targets/TARGET_Cypress/TARGET_PSOC6_FUTURE/TARGET_FUTURE_SEQUANA_PSA/prebuilt/psa_release_1.0.hex
View File

File diff suppressed because it is too large Load Diff

38412
targets/TARGET_Cypress/TARGET_PSOC6_FUTURE/TARGET_FUTURE_SEQUANA_PSA/prebuilt/spm_client.hex
View File

File diff suppressed because it is too large Load Diff

39104
targets/TARGET_Cypress/TARGET_PSOC6_FUTURE/TARGET_FUTURE_SEQUANA_PSA/prebuilt/spm_server.hex
View File

File diff suppressed because it is too large Load Diff

38462
targets/TARGET_Cypress/TARGET_PSOC6_FUTURE/TARGET_FUTURE_SEQUANA_PSA/prebuilt/spm_smoke.hex
View File

File diff suppressed because it is too large Load Diff

3
targets/targets.json
View File

@ -1465,8 +1465,7 @@
"KPSDK_CODE",
"MCU_K64F",
"Freescale_EMAC",
"PSA",
"MBED_SPM"
"PSA"
],
"is_disk_virtual": true,
"macros": ["CPU_MK64FN1M0VMD12", "FSL_RTOS_MBED", "MBEDTLS_PSA_CRYPTO_C"],

3
tools/psa/generate_tfm_partition_code.py
View File

@ -35,7 +35,8 @@ TEMPLATES_LIST_FILE = path_join(SCRIPT_DIR, 'tfm', 'tfm_generated_file_list.json
SERVICES_MANIFESTS = [
path_join(SERVICES_DIR, 'storage', 'its', 'pits_psa.json'),
path_join(SERVICES_DIR, 'platform', 'platform_psa.json'),
path_join(SERVICES_DIR, 'crypto', 'crypto_partition_psa.json')
path_join(SERVICES_DIR, 'crypto', 'crypto_partition_psa.json'),
path_join(SERVICES_DIR, 'attestation', 'attestation_partition_psa.json')
]

14
tools/psa/tfm/templates/sid.h.tpl
View File

@ -17,25 +17,19 @@
/*********** WARNING: This is an auto-generated file. Do not edit! ***********/
#ifndef SID_H
#define SID_H
/*************************** Service Partitions ******************************/
{% for partition in service_partitions %}
/******** {{partition.name|upper}} ********/
{% for rot_srv in partition.rot_services %}
#define {{rot_srv.name|upper}} {{rot_srv.id}}
{% endfor %}
{% endfor %}
/*************************** Test Partitions *********************************/
{% endfor %}
{% for partition in test_partitions %}
// {{partition.name|upper}}
/******** {{partition.name|upper}} ********/
{% for rot_srv in partition.rot_services %}
#define {{rot_srv.name|upper}} {{rot_srv.id}}
{% endfor %}
{% endfor %}
#endif // SID_H
{# End of file #}