diff options
author | TudorCretu <tudor.cretu@arm.com> | 2019-08-09 15:35:12 +0100 |
---|---|---|
committer | Jamie Fox <jamie.fox@arm.com> | 2020-02-07 16:46:53 +0000 |
commit | 1ad093737d5bd738d1031ca3601b9749ec72a781 (patch) | |
tree | fde5a15b32b9ecd89aec9172ffcd2b038532ffea | |
parent | 65873d80fd5b5805f7caa6a1ed74dabea726127b (diff) | |
download | trusted-firmware-m-1ad093737d5bd738d1031ca3601b9749ec72a781.tar.gz |
SST: Use ITS as the backend of SST
This patch updates the SST service to call ITS as its backend. Also
updates ITS to maintain a second filesystem context for SST, using the
external flash device instead of the internal one.
Change-Id: I83027aa859b369e6d7d8e085518e2b068e2f9eac
Co-authored-by: Jamie Fox <jamie.fox@arm.com>
Signed-off-by: Tudor Cretu <tudor.cretu@arm.com>
Signed-off-by: Jamie Fox <jamie.fox@arm.com>
26 files changed, 304 insertions, 2794 deletions
diff --git a/platform/ext/common/armclang/tfm_common_s.sct b/platform/ext/common/armclang/tfm_common_s.sct index bbbbf61168..214f0f41ee 100644 --- a/platform/ext/common/armclang/tfm_common_s.sct +++ b/platform/ext/common/armclang/tfm_common_s.sct @@ -339,7 +339,7 @@ LR_CODE S_CODE_START { } #if defined (TFM_PSA_API) - TFM_SP_STORAGE_LINKER_STACK +0 ALIGN 128 EMPTY 0xA00 { + TFM_SP_STORAGE_LINKER_STACK +0 ALIGN 128 EMPTY 0x600 { } #endif #endif /* TFM_PARTITION_SECURE_STORAGE */ diff --git a/platform/ext/common/gcc/tfm_common_s.ld b/platform/ext/common/gcc/tfm_common_s.ld index dc6c75a9d8..42aebcf73d 100644 --- a/platform/ext/common/gcc/tfm_common_s.ld +++ b/platform/ext/common/gcc/tfm_common_s.ld @@ -918,7 +918,7 @@ SECTIONS #if defined (TFM_PSA_API) .TFM_SP_STORAGE_LINKER_STACK : ALIGN(128) { - . += 0xA00; + . += 0x600; } > RAM Image$$TFM_SP_STORAGE_LINKER_STACK$$ZI$$Base = ADDR(.TFM_SP_STORAGE_LINKER_STACK); Image$$TFM_SP_STORAGE_LINKER_STACK$$ZI$$Limit = ADDR(.TFM_SP_STORAGE_LINKER_STACK) + SIZEOF(.TFM_SP_STORAGE_LINKER_STACK); diff --git a/secure_fw/services/internal_trusted_storage/CMakeLists.inc b/secure_fw/services/internal_trusted_storage/CMakeLists.inc index 2caa5041c8..1a4f03b062 100644 --- a/secure_fw/services/internal_trusted_storage/CMakeLists.inc +++ b/secure_fw/services/internal_trusted_storage/CMakeLists.inc @@ -44,12 +44,15 @@ set(INTERNAL_TRUSTED_STORAGE_C_SRC "${INTERNAL_TRUSTED_STORAGE_DIR}/its_utils.c" "${INTERNAL_TRUSTED_STORAGE_DIR}/flash/its_flash.c" "${INTERNAL_TRUSTED_STORAGE_DIR}/flash/its_flash_info_internal.c" + "${INTERNAL_TRUSTED_STORAGE_DIR}/flash/its_flash_info_external.c" "${INTERNAL_TRUSTED_STORAGE_DIR}/flash_fs/its_flash_fs.c" "${INTERNAL_TRUSTED_STORAGE_DIR}/flash_fs/its_flash_fs_dblock.c" "${INTERNAL_TRUSTED_STORAGE_DIR}/flash_fs/its_flash_fs_mblock.c" ) -if (ITS_VALIDATE_METADATA_FROM_FLASH) +# If either ITS or SST requires metadata to be validated, then compile the +# validation code. +if (ITS_VALIDATE_METADATA_FROM_FLASH OR SST_VALIDATE_METADATA_FROM_FLASH) set_property(SOURCE ${INTERNAL_TRUSTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS ITS_VALIDATE_METADATA_FROM_FLASH) endif() @@ -57,8 +60,22 @@ if (ITS_CREATE_FLASH_LAYOUT) set_property(SOURCE ${INTERNAL_TRUSTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS ITS_CREATE_FLASH_LAYOUT) endif() -if (ITS_RAM_FS) +# FIXME: RAM FS can only be compiled if both ITS and SST have it enabled +if (ITS_RAM_FS AND SST_RAM_FS) set_property(SOURCE ${INTERNAL_TRUSTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS ITS_RAM_FS) + set_property(SOURCE ${INTERNAL_TRUSTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS SST_RAM_FS) +endif() + +# Also set SST definitions +if (SST_ENCRYPTION) + set_property(SOURCE ${INTERNAL_TRUSTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS SST_ENCRYPTION) + if (SST_ROLLBACK_PROTECTION) + set_property(SOURCE ${INTERNAL_TRUSTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS SST_ROLLBACK_PROTECTION) + endif() +endif() + +if (SST_CREATE_FLASH_LAYOUT) + set_property(SOURCE ${INTERNAL_TRUSTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS SST_CREATE_FLASH_LAYOUT) endif() #Append all our source files to global lists. diff --git a/secure_fw/services/internal_trusted_storage/flash/its_flash.c b/secure_fw/services/internal_trusted_storage/flash/its_flash.c index 6f4efd7587..c06a07c9c2 100644 --- a/secure_fw/services/internal_trusted_storage/flash/its_flash.c +++ b/secure_fw/services/internal_trusted_storage/flash/its_flash.c @@ -14,9 +14,11 @@ #define MAX_BLOCK_DATA_COPY 256 extern const struct its_flash_info_t its_flash_info_internal; +extern const struct its_flash_info_t its_flash_info_external; static const struct its_flash_info_t *const flash_infos[] = { [ITS_FLASH_ID_INTERNAL] = &its_flash_info_internal, + [ITS_FLASH_ID_EXTERNAL] = &its_flash_info_external, }; /** diff --git a/secure_fw/services/internal_trusted_storage/flash/its_flash.h b/secure_fw/services/internal_trusted_storage/flash/its_flash.h index f7658c3901..4347e50957 100644 --- a/secure_fw/services/internal_trusted_storage/flash/its_flash.h +++ b/secure_fw/services/internal_trusted_storage/flash/its_flash.h @@ -26,7 +26,8 @@ extern "C" { * \brief Provides a compile-time constant for the maximum program unit required * by any flash device that can be accessed through this interface. */ -#define ITS_FLASH_MAX_PROGRAM_UNIT ITS_FLASH_PROGRAM_UNIT +#define ITS_FLASH_MAX_PROGRAM_UNIT ITS_UTILS_MAX(ITS_FLASH_PROGRAM_UNIT, \ + SST_FLASH_PROGRAM_UNIT) /** * \brief Enumerates the available flash devices. @@ -36,6 +37,7 @@ extern "C" { */ enum its_flash_id_t { ITS_FLASH_ID_INTERNAL = 0, + ITS_FLASH_ID_EXTERNAL, }; /** diff --git a/secure_fw/services/internal_trusted_storage/flash/its_flash_info_external.c b/secure_fw/services/internal_trusted_storage/flash/its_flash_info_external.c new file mode 100644 index 0000000000..a046ee71ec --- /dev/null +++ b/secure_fw/services/internal_trusted_storage/flash/its_flash_info_external.c @@ -0,0 +1,87 @@ +/* + * Copyright (c) 2019-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#include "its_flash.h" + +#include "Driver_Flash.h" +#include "flash_layout.h" +#include "secure_fw/services/internal_trusted_storage/its_utils.h" +#include "secure_fw/services/secure_storage/sst_object_defs.h" + +#ifndef SST_FLASH_DEV_NAME +#error "SST_FLASH_DEV_NAME must be defined by the target in flash_layout.h" +#endif + +#ifndef SST_FLASH_AREA_ADDR +#error "SST_FLASH_AREA_ADDR must be defined by the target in flash_layout.h" +#endif + +/* Adjust to a size that will allow all assets to fit */ +#ifndef SST_FLASH_AREA_SIZE +#error "SST_FLASH_AREA_SIZE must be defined by the target in flash_layout.h" +#endif + +/* Adjust to match the size of the flash device's physical erase unit */ +#ifndef SST_SECTOR_SIZE +#error "SST_SECTOR_SIZE must be defined by the target in flash_layout.h" +#endif + +/* Adjust so that the maximum required asset size will fit in one block */ +#ifndef SST_SECTORS_PER_BLOCK +#error "SST_SECTORS_PER_BLOCK must be defined by the target in flash_layout.h" +#endif + +/* Adjust to match the size of the flash device's physical program unit */ +#ifndef SST_FLASH_PROGRAM_UNIT +#error "SST_FLASH_PROGRAM_UNIT must be defined by the target in flash_layout.h" +#endif + +/* FIXME: Support other flash program units */ +#if ((SST_FLASH_PROGRAM_UNIT != 1) && (SST_FLASH_PROGRAM_UNIT != 2) \ + && (SST_FLASH_PROGRAM_UNIT != 4) && (SST_FLASH_PROGRAM_UNIT != 8)) +#error "The supported SST_FLASH_PROGRAM_UNIT values are 1, 2, 4 or 8 bytes" +#endif + +/* Calculate the block layout */ +#define FLASH_INFO_BLOCK_SIZE (SST_SECTOR_SIZE * SST_SECTORS_PER_BLOCK) +#define FLASH_INFO_NUM_BLOCKS (SST_FLASH_AREA_SIZE / FLASH_INFO_BLOCK_SIZE) + +/* Maximum file size */ +#define FLASH_INFO_MAX_FILE_SIZE ITS_UTILS_ALIGN(SST_MAX_OBJECT_SIZE, \ + SST_FLASH_PROGRAM_UNIT) + +/* Maximum number of files */ +#define FLASH_INFO_MAX_NUM_FILES SST_MAX_NUM_OBJECTS + +/* Default value of each byte in the flash when erased */ +#define FLASH_INFO_ERASE_VAL 0xFFU + +#ifdef SST_RAM_FS +/* Allocate a static buffer to emulate storage in RAM */ +static uint8_t sst_block_data[FLASH_INFO_BLOCK_SIZE * FLASH_INFO_NUM_BLOCKS]; +#define FLASH_INFO_DEV sst_block_data +#else +/* Import the CMSIS flash device driver */ +extern ARM_DRIVER_FLASH SST_FLASH_DEV_NAME; +#define FLASH_INFO_DEV &SST_FLASH_DEV_NAME +#endif + +const struct its_flash_info_t its_flash_info_external = { + .flash_dev = (void *)FLASH_INFO_DEV, + .flash_area_addr = SST_FLASH_AREA_ADDR, + .sector_size = SST_SECTOR_SIZE, + .block_size = FLASH_INFO_BLOCK_SIZE, + .num_blocks = FLASH_INFO_NUM_BLOCKS, + .program_unit = SST_FLASH_PROGRAM_UNIT, + .max_file_size = FLASH_INFO_MAX_FILE_SIZE, + .max_num_files = FLASH_INFO_MAX_NUM_FILES, + .erase_val = FLASH_INFO_ERASE_VAL, +}; + +/* Checks at compile time that the flash device configuration is valid */ +#include \ +"secure_fw/services/internal_trusted_storage/flash_fs/its_flash_fs_check_info.h" diff --git a/secure_fw/services/internal_trusted_storage/tfm_internal_trusted_storage.c b/secure_fw/services/internal_trusted_storage/tfm_internal_trusted_storage.c index f510bd16fc..49c18a4b8e 100644 --- a/secure_fw/services/internal_trusted_storage/tfm_internal_trusted_storage.c +++ b/secure_fw/services/internal_trusted_storage/tfm_internal_trusted_storage.c @@ -9,6 +9,7 @@ #include "flash/its_flash.h" #include "flash_fs/its_flash_fs.h" +#include "psa_manifest/pid.h" #include "tfm_memory_utils.h" #include "tfm_its_defs.h" #include "its_utils.h" @@ -16,7 +17,13 @@ static uint8_t g_fid[ITS_FILE_ID_SIZE]; static struct its_file_info_t g_file_info; -static its_flash_fs_ctx_t fs_ctx; +static its_flash_fs_ctx_t fs_ctx_its; +static its_flash_fs_ctx_t fs_ctx_sst; + +static its_flash_fs_ctx_t *get_fs_ctx(int32_t client_id) +{ + return (client_id == TFM_SP_STORAGE) ? &fs_ctx_sst : &fs_ctx_its; +} /** * \brief Maps a pair of client id and uid to a file id. @@ -37,7 +44,8 @@ psa_status_t tfm_its_init(void) { psa_status_t status; - status = its_flash_fs_prepare(&fs_ctx, + /* Initialise the ITS context */ + status = its_flash_fs_prepare(&fs_ctx_its, its_flash_get_info(ITS_FLASH_ID_INTERNAL)); #ifdef ITS_CREATE_FLASH_LAYOUT /* If ITS_CREATE_FLASH_LAYOUT is set, it indicates that it is required to @@ -55,17 +63,47 @@ psa_status_t tfm_its_init(void) /* Remove all data in the ITS memory area and create a valid ITS flash * layout in that area. */ - status = its_flash_fs_wipe_all(&fs_ctx); + status = its_flash_fs_wipe_all(&fs_ctx_its); if (status != PSA_SUCCESS) { return status; } /* Attempt to initialise again */ - status = its_flash_fs_prepare(&fs_ctx, + status = its_flash_fs_prepare(&fs_ctx_its, its_flash_get_info(ITS_FLASH_ID_INTERNAL)); } #endif /* ITS_CREATE_FLASH_LAYOUT */ + /* Initialise the SST context */ + status = its_flash_fs_prepare(&fs_ctx_sst, + its_flash_get_info(ITS_FLASH_ID_EXTERNAL)); +#ifdef SST_CREATE_FLASH_LAYOUT + /* If SST_CREATE_FLASH_LAYOUT is set, it indicates that it is required to + * create a SST flash layout. SST service will generate an empty and valid + * SST flash layout to store assets. It will erase all data located in the + * assigned SST memory area before generating the SST layout. + * This flag is required to be set if the SST memory area is located in + * non-persistent memory. + * This flag can be set if the SST memory area is located in persistent + * memory without a previous valid SST flash layout in it. That is the case + * when it is the first time in the device life that the SST service is + * executed. + */ + if (status != PSA_SUCCESS) { + /* Remove all data in the SST memory area and create a valid SST flash + * layout in that area. + */ + status = its_flash_fs_wipe_all(&fs_ctx_sst); + if (status != PSA_SUCCESS) { + return status; + } + + /* Attempt to initialise again */ + status = its_flash_fs_prepare(&fs_ctx_sst, + its_flash_get_info(ITS_FLASH_ID_EXTERNAL)); + } +#endif /* SST_CREATE_FLASH_LAYOUT */ + return status; } @@ -93,7 +131,8 @@ psa_status_t tfm_its_set(int32_t client_id, tfm_its_get_fid(client_id, uid, g_fid); /* Read file info */ - status = its_flash_fs_file_get_info(&fs_ctx, g_fid, &g_file_info); + status = its_flash_fs_file_get_info(get_fs_ctx(client_id), g_fid, + &g_file_info); if (status == PSA_SUCCESS) { /* If the object exists and has the write once flag set, then it * cannot be modified. Otherwise it needs to be removed. @@ -101,7 +140,7 @@ psa_status_t tfm_its_set(int32_t client_id, if (g_file_info.flags & PSA_STORAGE_FLAG_WRITE_ONCE) { return PSA_ERROR_NOT_PERMITTED; } else { - status = its_flash_fs_file_delete(&fs_ctx, g_fid); + status = its_flash_fs_file_delete(get_fs_ctx(client_id), g_fid); if (status != PSA_SUCCESS) { return status; } @@ -114,7 +153,7 @@ psa_status_t tfm_its_set(int32_t client_id, } /* Create the file in the file system */ - return its_flash_fs_file_create(&fs_ctx, + return its_flash_fs_file_create(get_fs_ctx(client_id), g_fid, data_length, data_length, @@ -131,6 +170,15 @@ psa_status_t tfm_its_get(int32_t client_id, { psa_status_t status; +#ifdef TFM_PARTITION_TEST_SST + /* The SST test partiton can call tfm_its_get() through SST code. Treat it + * as if it were SST. + */ + if (client_id == TFM_SP_SST_TEST) { + client_id = TFM_SP_STORAGE; + } +#endif + /* Check that the UID is valid */ if (uid == TFM_ITS_INVALID_UID) { return PSA_ERROR_INVALID_ARGUMENT; @@ -140,7 +188,8 @@ psa_status_t tfm_its_get(int32_t client_id, tfm_its_get_fid(client_id, uid, g_fid); /* Read file info */ - status = its_flash_fs_file_get_info(&fs_ctx, g_fid, &g_file_info); + status = its_flash_fs_file_get_info(get_fs_ctx(client_id), g_fid, + &g_file_info); if (status != PSA_SUCCESS) { return status; } @@ -155,8 +204,8 @@ psa_status_t tfm_its_get(int32_t client_id, g_file_info.size_current - data_offset); /* Read object data if any */ - status = its_flash_fs_file_read(&fs_ctx, g_fid, data_size, data_offset, - p_data); + status = its_flash_fs_file_read(get_fs_ctx(client_id), g_fid, data_size, + data_offset, p_data); if (status != PSA_SUCCESS) { return status; } @@ -181,7 +230,8 @@ psa_status_t tfm_its_get_info(int32_t client_id, psa_storage_uid_t uid, tfm_its_get_fid(client_id, uid, g_fid); /* Read file info */ - status = its_flash_fs_file_get_info(&fs_ctx, g_fid, &g_file_info); + status = its_flash_fs_file_get_info(get_fs_ctx(client_id), g_fid, + &g_file_info); if (status != PSA_SUCCESS) { return status; } @@ -198,6 +248,15 @@ psa_status_t tfm_its_remove(int32_t client_id, psa_storage_uid_t uid) { psa_status_t status; +#ifdef TFM_PARTITION_TEST_SST + /* The SST test partiton can call tfm_its_remove() through SST code. Treat + * it as if it were SST. + */ + if (client_id == TFM_SP_SST_TEST) { + client_id = TFM_SP_STORAGE; + } +#endif + /* Check that the UID is valid */ if (uid == TFM_ITS_INVALID_UID) { return PSA_ERROR_INVALID_ARGUMENT; @@ -206,7 +265,8 @@ psa_status_t tfm_its_remove(int32_t client_id, psa_storage_uid_t uid) /* Set file id */ tfm_its_get_fid(client_id, uid, g_fid); - status = its_flash_fs_file_get_info(&fs_ctx, g_fid, &g_file_info); + status = its_flash_fs_file_get_info(get_fs_ctx(client_id), g_fid, + &g_file_info); if (status != PSA_SUCCESS) { return status; } @@ -219,5 +279,5 @@ psa_status_t tfm_its_remove(int32_t client_id, psa_storage_uid_t uid) } /* Delete old file from the persistent area */ - return its_flash_fs_file_delete(&fs_ctx, g_fid); + return its_flash_fs_file_delete(get_fs_ctx(client_id), g_fid); } diff --git a/secure_fw/services/internal_trusted_storage/tfm_its_req_mngr.c b/secure_fw/services/internal_trusted_storage/tfm_its_req_mngr.c index ba43ca1ef1..ea402f2e7c 100644 --- a/secure_fw/services/internal_trusted_storage/tfm_its_req_mngr.c +++ b/secure_fw/services/internal_trusted_storage/tfm_its_req_mngr.c @@ -13,6 +13,7 @@ #include "tfm_internal_trusted_storage.h" #include "its_utils.h" #include "flash_layout.h" +#include "secure_fw/services/secure_storage/sst_object_defs.h" #ifdef TFM_PSA_API #include "psa/service.h" @@ -26,7 +27,8 @@ /* FIXME: Duplicated from flash info */ #define ITS_MAX_FILE_SIZE \ - ITS_UTILS_ALIGN(ITS_MAX_ASSET_SIZE, ITS_FLASH_PROGRAM_UNIT) + ITS_UTILS_MAX(ITS_UTILS_ALIGN(ITS_MAX_ASSET_SIZE, ITS_FLASH_PROGRAM_UNIT), \ + ITS_UTILS_ALIGN(SST_MAX_OBJECT_SIZE, SST_FLASH_PROGRAM_UNIT)) static uint8_t asset_data[ITS_MAX_FILE_SIZE] = {0}; diff --git a/secure_fw/services/secure_storage/CMakeLists.inc b/secure_fw/services/secure_storage/CMakeLists.inc index d304fe2e1f..55dc163876 100644 --- a/secure_fw/services/secure_storage/CMakeLists.inc +++ b/secure_fw/services/secure_storage/CMakeLists.inc @@ -1,5 +1,5 @@ #------------------------------------------------------------------------------- -# Copyright (c) 2017-2019, Arm Limited. All rights reserved. +# Copyright (c) 2017-2020, Arm Limited. All rights reserved. # # SPDX-License-Identifier: BSD-3-Clause # @@ -56,10 +56,6 @@ set (SECURE_STORAGE_C_SRC "${SECURE_STORAGE_DIR}/sst_object_system.c" "${SECURE_STORAGE_DIR}/sst_object_table.c" "${SECURE_STORAGE_DIR}/sst_utils.c" - "${SECURE_STORAGE_DIR}/flash/sst_flash.c" - "${SECURE_STORAGE_DIR}/flash_fs/sst_flash_fs.c" - "${SECURE_STORAGE_DIR}/flash_fs/sst_flash_fs_dblock.c" - "${SECURE_STORAGE_DIR}/flash_fs/sst_flash_fs_mblock.c" ) if (SST_ENCRYPTION) diff --git a/secure_fw/services/secure_storage/flash/sst_flash.c b/secure_fw/services/secure_storage/flash/sst_flash.c deleted file mode 100644 index ce8c1f0f19..0000000000 --- a/secure_fw/services/secure_storage/flash/sst_flash.c +++ /dev/null @@ -1,243 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#include "sst_flash.h" - -#include <string.h> -#include "cmsis_compiler.h" -#include "Driver_Flash.h" -#include "tfm_memory_utils.h" -#include "tfm_sst_defs.h" - -#ifndef SST_FLASH_AREA_ADDR -#error "SST_FLASH_AREA_ADDR must be defined in flash_layout.h file" -#endif - -#ifndef SST_FLASH_DEV_NAME -#error "SST_FLASH_DEV_NAME must be defined in flash_layout.h file" -#endif - -/* Import the CMSIS flash device driver */ -extern ARM_DRIVER_FLASH SST_FLASH_DEV_NAME; - -#define BLOCK_START_OFFSET 0 -#define MAX_BLOCK_DATA_COPY 256 - -#ifdef SST_RAM_FS -#define BLOCK_DATA_SIZE (SST_BLOCK_SIZE * SST_TOTAL_NUM_OF_BLOCKS) - -static uint8_t block_data[BLOCK_DATA_SIZE] = {0}; -#endif - -/* - * \brief Gets physical address of the given block ID. - * - * \param[in] block_id Block ID - * \param[in] offset Offset position from the init of the block - * - * \returns Returns physical address for the given block ID. - */ -__attribute__((always_inline)) -__STATIC_INLINE uint32_t get_phys_address(uint32_t block_id, uint32_t offset) -{ - return (SST_FLASH_AREA_ADDR + (block_id * SST_BLOCK_SIZE) + offset); -} - -#ifdef SST_RAM_FS -static psa_ps_status_t flash_init(void) -{ - /* Nothing needs to be done in case of Flash emulated in RAM */ - - return PSA_PS_SUCCESS; -} - -static psa_ps_status_t flash_read(uint32_t flash_addr, uint32_t size, - uint8_t *buff) -{ - uint32_t idx = flash_addr - SST_FLASH_AREA_ADDR; - - (void)tfm_memcpy(buff, &block_data[idx], size); - - return PSA_PS_SUCCESS; -} - -static psa_ps_status_t flash_write(uint32_t flash_addr, uint32_t size, - const uint8_t *buff) -{ - uint32_t idx = flash_addr - SST_FLASH_AREA_ADDR; - - (void)tfm_memcpy(&block_data[idx], buff, size); - - return PSA_PS_SUCCESS; -} - -static psa_ps_status_t flash_erase(uint32_t flash_addr) -{ - uint32_t idx = flash_addr - SST_FLASH_AREA_ADDR; - - (void)tfm_memset(&block_data[idx], SST_FLASH_DEFAULT_VAL, SST_SECTOR_SIZE); - - return PSA_PS_SUCCESS; -} -#else -static psa_ps_status_t flash_init(void) -{ - int32_t err; - - err = SST_FLASH_DEV_NAME.Initialize(NULL); - if (err != ARM_DRIVER_OK) { - return PSA_PS_ERROR_STORAGE_FAILURE; - } - - return PSA_PS_SUCCESS; -} - -static psa_ps_status_t flash_read(uint32_t flash_addr, uint32_t size, - uint8_t *buff) -{ - int32_t err; - - err = SST_FLASH_DEV_NAME.ReadData(flash_addr, buff, size); - if (err != ARM_DRIVER_OK) { - return PSA_PS_ERROR_STORAGE_FAILURE; - } - - return PSA_PS_SUCCESS; -} - -static psa_ps_status_t flash_write(uint32_t flash_addr, uint32_t size, - const uint8_t *buff) -{ - int32_t err; - - err = SST_FLASH_DEV_NAME.ProgramData(flash_addr, buff, size); - if (err != ARM_DRIVER_OK) { - return PSA_PS_ERROR_STORAGE_FAILURE; - } - - return PSA_PS_SUCCESS; -} - -static psa_ps_status_t flash_erase(uint32_t flash_addr) -{ - int32_t err; - - err = SST_FLASH_DEV_NAME.EraseSector(flash_addr); - if (err != ARM_DRIVER_OK) { - return PSA_PS_ERROR_STORAGE_FAILURE; - } - - return PSA_PS_SUCCESS; -} -#endif /* SST_RAM_FS */ - -psa_ps_status_t sst_flash_init(void) -{ - return flash_init(); -} - -psa_ps_status_t sst_flash_read(uint32_t block_id, uint8_t *buff, - uint32_t offset, uint32_t size) -{ - uint32_t flash_addr; - - /* Gets flash address location defined by block ID and offset - * parameters. - */ - flash_addr = get_phys_address(block_id, offset); - - return flash_read(flash_addr, size, buff); -} - -psa_ps_status_t sst_flash_write(uint32_t block_id, const uint8_t *buff, - uint32_t offset, uint32_t size) -{ - uint32_t flash_addr; - - /* Gets flash address location defined by block ID and offset - * parameters. - */ - flash_addr = get_phys_address(block_id, offset); - - return flash_write(flash_addr, size, buff); -} - -psa_ps_status_t sst_flash_block_to_block_move(uint32_t dst_block, - uint32_t dst_offset, - uint32_t src_block, - uint32_t src_offset, - uint32_t size) -{ - psa_ps_status_t err; - uint8_t dst_block_data_copy[MAX_BLOCK_DATA_COPY]; - uint32_t dst_flash_addr; - uint32_t src_flash_addr; - uint32_t nbr_bytes_moved = 0; - uint32_t bytes_to_move; - - /* Gets flash addresses defined by block ID and offset parameters */ - src_flash_addr = get_phys_address(src_block, src_offset); - dst_flash_addr = get_phys_address(dst_block, dst_offset); - - while (nbr_bytes_moved < size) { - /* Calculates the number of bytes to move */ - bytes_to_move = (size - nbr_bytes_moved); - if (bytes_to_move > MAX_BLOCK_DATA_COPY) { - bytes_to_move = MAX_BLOCK_DATA_COPY; - } - - /* Reads data from source block and store it in the in-memory copy of - * destination content. - */ - err = flash_read(src_flash_addr, bytes_to_move, dst_block_data_copy); - if (err != PSA_PS_SUCCESS) { - return err; - } - - /* Writes in flash the in-memory block content after modification */ - err = flash_write(dst_flash_addr, bytes_to_move, dst_block_data_copy); - if (err != PSA_PS_SUCCESS) { - return err; - } - - /* Updates number of bytes moved */ - nbr_bytes_moved += bytes_to_move; - - /* Updates pointers to the source and destination flash regions */ - src_flash_addr += bytes_to_move; - dst_flash_addr += bytes_to_move; - }; - - return PSA_PS_SUCCESS; -} - -psa_ps_status_t sst_flash_erase_block(uint32_t block_id) -{ - uint32_t flash_addr; - uint32_t offset = BLOCK_START_OFFSET; - uint32_t sectors_to_erase = SST_SECTORS_PER_BLOCK; - psa_ps_status_t status; - - while (sectors_to_erase > 0) { - /* Get the flash address defined by block ID and BLOCK_START_OFFSET - * parameters. - */ - flash_addr = get_phys_address(block_id, offset); - - status = flash_erase(flash_addr); - if (status != PSA_PS_SUCCESS) { - break; - } - - sectors_to_erase--; - - /* Move to next sector */ - offset += SST_SECTOR_SIZE; - } - - return status; -} diff --git a/secure_fw/services/secure_storage/flash/sst_flash.h b/secure_fw/services/secure_storage/flash/sst_flash.h deleted file mode 100644 index bdd3c36501..0000000000 --- a/secure_fw/services/secure_storage/flash/sst_flash.h +++ /dev/null @@ -1,136 +0,0 @@ -/* - * Copyright (c) 2017-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#ifndef __SST_FLASH_H__ -#define __SST_FLASH_H__ - -#include <stdint.h> -#include "psa/protected_storage.h" -#include "flash_layout.h" - -#ifdef __cplusplus -extern "C" { -#endif - -/* Adjust to match your system's block size */ -#ifndef SST_SECTOR_SIZE -#error "SST_SECTOR_SIZE must be defined by the target in flash_layout.h" -#define SST_BLOCK_SIZE 0 -#else -#define SST_BLOCK_SIZE (SST_SECTOR_SIZE * SST_SECTORS_PER_BLOCK) -#endif - -/* Adjust to a size that will allow all assets to fit */ -#ifndef SST_FLASH_AREA_SIZE -#error "SST_FLASH_AREA_SIZE must be defined by the target in flash_layout.h" -#define SST_TOTAL_NUM_OF_BLOCKS 0 -#else -#define SST_TOTAL_NUM_OF_BLOCKS (SST_FLASH_AREA_SIZE / SST_BLOCK_SIZE) -#endif - -#ifndef SST_FLASH_PROGRAM_UNIT -#error "SST_FLASH_PROGRAM_UNIT must be defined in flash_layout.h" -#endif - -#if (SST_FLASH_PROGRAM_UNIT < 1) -#error "SST_FLASH_PROGRAM_UNIT must be bigger than 0" -#endif - -/* Default value of flash when erased */ -#define SST_FLASH_DEFAULT_VAL 0xFF -/* A single host specific sst_flash_xxx.c should be included during compile */ - -/* Invalid block index */ -#define SST_BLOCK_INVALID_ID 0xFFFFFFFF - -/** - * \brief Initialize the Flash Interface. - * - * \return Returns PSA_PS_SUCCESS if the function is executed correctly. - * Otherwise, it returns PSA_PS_ERROR_STORAGE_FAILURE. - */ -psa_ps_status_t sst_flash_init(void); - -/** - * \brief Reads block data from the position specified by block ID and offset. - * - * \param[in] block_id Block ID - * \param[out] buff Buffer pointer to store the data read - * \param[in] offset Offset position from the init of the block - * \param[in] size Number of bytes to read - * - * \note This function considers all input values are valid. That means, - * the range of address, based on blockid + offset + size, are always - * valid in the memory. - * - * \return Returns PSA_PS_SUCCESS if the function is executed correctly. - * Otherwise, it returns PSA_PS_ERROR_STORAGE_FAILURE. - */ -psa_ps_status_t sst_flash_read(uint32_t block_id, uint8_t *buff, - uint32_t offset, uint32_t size); - -/** - * \brief Writes block data to the position specified by block ID and offset. - * - * \param[in] block_id Block ID - * \param[in] buff Buffer pointer to the write data - * \param[in] offset Offset position from the init of the block - * \param[in] size Number of bytes to write - * - * \note This function considers all input values are valid. That means, - * the range of address, based on blockid + offset + size, are always - * valid in the memory. - * - * \return Returns PSA_PS_SUCCESS if the function is executed correctly. - * Otherwise, it returns PSA_PS_ERROR_STORAGE_FAILURE. - */ -psa_ps_status_t sst_flash_write(uint32_t block_id, const uint8_t *buff, - uint32_t offset, uint32_t size); - -/** - * \brief Moves data from src block ID to destination block ID. - * - * \param[in] dst_block Destination block ID - * \param[in] dst_offset Destination offset position from the init of the - * destination block - * \param[in] src_block Source block ID - * \param[in] src_offset Source offset position from the init of the source - * block - * \param[in] size Number of bytes to moves - * - * \note This function considers all input values are valid. That means, - * the range of address, based on block_id + offset + size, are always - * valid in the memory. - * It also considers that the destination block is already erased and - * ready to be written. - * - * \return Returns PSA_PS_SUCCESS if the function is executed correctly. - * Otherwise, it returns PSA_PS_ERROR_STORAGE_FAILURE. - */ -psa_ps_status_t sst_flash_block_to_block_move(uint32_t dst_block, - uint32_t dst_offset, - uint32_t src_block, - uint32_t src_offset, - uint32_t size); - -/** - * \brief Erases block ID data. - * - * \param[in] block_id Block ID - * - * \note This function considers all input values valids. - * - * \return Returns PSA_PS_SUCCESS if the function is executed correctly. - * Otherwise, it returns PSA_PS_ERROR_STORAGE_FAILURE. - */ -psa_ps_status_t sst_flash_erase_block(uint32_t block_id); - -#ifdef __cplusplus -} -#endif - -#endif /* __SST_FLASH_H__ */ diff --git a/secure_fw/services/secure_storage/flash_fs/sst_flash_fs.c b/secure_fw/services/secure_storage/flash_fs/sst_flash_fs.c deleted file mode 100644 index ce5d337d26..0000000000 --- a/secure_fw/services/secure_storage/flash_fs/sst_flash_fs.c +++ /dev/null @@ -1,461 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#include "sst_flash_fs.h" - -#include <stddef.h> - -#include "sst_flash_fs_dblock.h" -#include "sst_flash_fs_mblock.h" -#include "secure_fw/services/secure_storage/flash/sst_flash.h" -#include "secure_fw/services/secure_storage/sst_object_defs.h" -#include "secure_fw/services/secure_storage/sst_utils.h" - -#define SST_FLASH_FS_INIT_FILE 0 - -static psa_ps_status_t sst_flash_fs_file_write_aligned_data( - const struct sst_file_meta_t *file_meta, - uint32_t offset, - uint32_t size, - const uint8_t *data) -{ - psa_ps_status_t err; - uint32_t f_offset; - -#if (SST_FLASH_PROGRAM_UNIT != 1) - /* Check if offset is aligned with SST_FLASH_PROGRAM_UNIT */ - if (GET_ALIGNED_FLASH_BYTES(offset) != offset) { - return PSA_PS_ERROR_INVALID_ARGUMENT; - } - - /* Check if size is aligned with SST_FLASH_PROGRAM_UNIT */ - if (GET_ALIGNED_FLASH_BYTES(size) != size) { - return PSA_PS_ERROR_INVALID_ARGUMENT; - } -#endif /* (SST_FLASH_PROGRAM_UNIT != 1) */ - - /* Set offset inside the file where to start to write the content */ - f_offset = (file_meta->data_idx + offset); - - err = sst_flash_fs_dblock_write_file(file_meta->lblock, f_offset, - size, data); - return err; -} - -psa_ps_status_t sst_flash_fs_prepare(void) -{ - /* Initialize metadata block with the valid/active metablock */ - return sst_flash_fs_mblock_init(); -} - -psa_ps_status_t sst_flash_fs_wipe_all(void) -{ - /* Clean and initialize the metadata block */ - return sst_flash_fs_mblock_reset_metablock(); -} - -psa_ps_status_t sst_flash_fs_file_exist(uint32_t fid) -{ - psa_ps_status_t err; - uint32_t idx; - - err = sst_flash_fs_mblock_get_file_idx(fid, &idx); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_UID_NOT_FOUND; - } - - return PSA_PS_SUCCESS; -} - -psa_ps_status_t sst_flash_fs_file_create(uint32_t fid, - uint32_t max_size, - uint32_t data_size, - const uint8_t *data) -{ - struct sst_block_meta_t block_meta; - uint32_t cur_phys_block; - psa_ps_status_t err; - uint32_t idx; - struct sst_file_meta_t file_meta; - - /* Check if file already exists */ - err = sst_flash_fs_mblock_get_file_idx(fid, &idx); - if (err == PSA_PS_SUCCESS) { - /* If it exits return an error as needs to be removed first */ - return PSA_PS_ERROR_INVALID_ARGUMENT; - } - - /* Check if max_size is aligned with SST_FLASH_PROGRAM_UNIT */ - if (GET_ALIGNED_FLASH_BYTES(max_size) != max_size) { - return PSA_PS_ERROR_INVALID_ARGUMENT; - } - - /* Try to reserve an file based on the input parameters */ - err = sst_flash_fs_mblock_reserve_file(fid, max_size, &idx, - &file_meta, &block_meta); - if (err != PSA_PS_SUCCESS) { - return err; - } - - /* Check if data needs to be stored in the new file */ - if (data_size != 0) { - if ((data_size > max_size) || (data == NULL)) { - return PSA_PS_ERROR_INVALID_ARGUMENT; - } - - /* Write the content into scratch data block */ - err = sst_flash_fs_file_write_aligned_data(&file_meta, - SST_FLASH_FS_INIT_FILE, - data_size, - data); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - - /* Add current size the file metadata */ - file_meta.cur_size = data_size; - - err = sst_flash_fs_dblock_cp_remaining_data(&block_meta, &file_meta); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - - cur_phys_block = block_meta.phy_id; - - /* Cur scratch block become the active datablock */ - block_meta.phy_id = sst_flash_fs_mblock_cur_data_scratch_id( - file_meta.lblock); - - /* Swap the scratch data block */ - sst_flash_fs_mblock_set_data_scratch(cur_phys_block, file_meta.lblock); - - } - - /* Update metadata block information */ - err = sst_flash_fs_mblock_update_scratch_block_meta(file_meta.lblock, - &block_meta); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - - /* Add file metadata in the metadata block */ - err = sst_flash_fs_mblock_update_scratch_file_meta(idx, &file_meta); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - - /* Copy rest of the file metadata entries */ - err = sst_flash_fs_mblock_cp_remaining_file_meta(idx); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - - /* The file data in the logical block 0 is stored in same physical block - * where the metadata is stored. A change in the metadata requires a - * swap of physical blocks. So, the file data stored in the current - * metadata block needs to be copied in the scratch block, if the data - * of the file processed is not located in the logical block 0. When an - * file data is located in the logical block 0, that copy has been done - * while processing the file data. - */ - if ((file_meta.lblock != SST_LOGICAL_DBLOCK0) || (data_size == 0)) { - err = sst_flash_fs_mblock_migrate_lb0_data_to_scratch(); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - } - - /* Write metadata header, swap metadata blocks and erase scratch blocks */ - err = sst_flash_fs_mblock_meta_update_finalize(); - - return err; -} - -psa_ps_status_t sst_flash_fs_file_get_info(uint32_t fid, - struct sst_file_info_t *info) -{ - psa_ps_status_t err; - uint32_t idx; - struct sst_file_meta_t tmp_metadata; - - /* Get the meta data index */ - err = sst_flash_fs_mblock_get_file_idx(fid, &idx); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_UID_NOT_FOUND; - } - - /* Read file metadata */ - err = sst_flash_fs_mblock_read_file_meta(idx, &tmp_metadata); - if (err != PSA_PS_SUCCESS) { - return err; - } - - /* Check if index is still referring to same file */ - if (fid != tmp_metadata.id) { - return PSA_PS_ERROR_UID_NOT_FOUND; - } - - info->size_max = tmp_metadata.max_size; - info->size_current = tmp_metadata.cur_size; - - return PSA_PS_SUCCESS; -} - -psa_ps_status_t sst_flash_fs_file_write(uint32_t fid, uint32_t size, - uint32_t offset, const uint8_t *data) -{ - struct sst_block_meta_t block_meta; - uint32_t cur_phys_block; - psa_ps_status_t err; - uint32_t idx; - struct sst_file_meta_t file_meta; - - /* Get the file index */ - err = sst_flash_fs_mblock_get_file_idx(fid, &idx); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_UID_NOT_FOUND; - } - - /* Read file metadata */ - err = sst_flash_fs_mblock_read_file_meta(idx, &file_meta); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_UID_NOT_FOUND; - } - - /* Read block metadata */ - err = sst_flash_fs_mblock_read_block_metadata(file_meta.lblock, - &block_meta); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - - /* Write the content into scratch data block */ - err = sst_flash_fs_file_write_aligned_data(&file_meta, offset, size, data); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - - if (size > file_meta.cur_size) { - /* Update the file metadata */ - file_meta.cur_size = size; - } - - err = sst_flash_fs_dblock_cp_remaining_data(&block_meta, &file_meta); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - - cur_phys_block = block_meta.phy_id; - - /* Cur scratch block become the active datablock */ - block_meta.phy_id = sst_flash_fs_mblock_cur_data_scratch_id( - file_meta.lblock); - - /* Swap the scratch data block */ - sst_flash_fs_mblock_set_data_scratch(cur_phys_block, file_meta.lblock); - - /* Update block metadata in scratch metadata block */ - err = sst_flash_fs_mblock_update_scratch_block_meta(file_meta.lblock, - &block_meta); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - - /* Update file metadata to reflect new attributes */ - err = sst_flash_fs_mblock_update_scratch_file_meta(idx, &file_meta); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - - /* Copy rest of the file metadata entries */ - err = sst_flash_fs_mblock_cp_remaining_file_meta(idx); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - - /* The file data in the logical block 0 is stored in same physical block - * where the metadata is stored. A change in the metadata requires a - * swap of physical blocks. So, the file data stored in the current - * metadata block needs to be copied in the scratch block, if the data - * of the file processed is not located in the logical block 0. When an - * file data is located in the logical block 0, that copy has been done - * while processing the file data. - */ - if (file_meta.lblock != SST_LOGICAL_DBLOCK0) { - err = sst_flash_fs_mblock_migrate_lb0_data_to_scratch(); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - } - - /* Update the metablock header, swap scratch and active blocks, - * erase scratch blocks. - */ - err = sst_flash_fs_mblock_meta_update_finalize(); - - return err; -} - -psa_ps_status_t sst_flash_fs_file_delete(uint32_t fid) -{ - uint32_t del_file_data_idx; - uint32_t del_file_lblock; - uint32_t del_file_idx; - uint32_t del_file_max_size; - psa_ps_status_t err; - uint32_t src_offset = SST_BLOCK_SIZE; - uint32_t nbr_bytes_to_move = 0; - uint32_t idx; - struct sst_file_meta_t file_meta; - - /* Get the file index */ - err = sst_flash_fs_mblock_get_file_idx(fid, &del_file_idx); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_UID_NOT_FOUND; - } - - err = sst_flash_fs_mblock_read_file_meta(del_file_idx, &file_meta); - if (err != PSA_PS_SUCCESS) { - return err; - } - - if (sst_utils_validate_fid(file_meta.id) != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_UID_NOT_FOUND; - } - - /* Save logical block, data_index and max_size to be used later on */ - del_file_lblock = file_meta.lblock; - del_file_data_idx = file_meta.data_idx; - del_file_max_size = file_meta.max_size; - - /* Remove file metadata */ - file_meta.id = SST_INVALID_FID; - file_meta.lblock = 0; - file_meta.max_size = 0; - file_meta.cur_size = 0; - - /* Update file metadata in to the scratch block */ - err = sst_flash_fs_mblock_update_scratch_file_meta(del_file_idx, - &file_meta); - if (err != PSA_PS_SUCCESS) { - return err; - } - - /* Read all file metadata */ - for (idx = 0; idx < SST_MAX_NUM_OBJECTS; idx++) { - if (idx == del_file_idx) { - /* Skip deleted file */ - continue; - } - - /* Read file meta for the given file index */ - err = sst_flash_fs_mblock_read_file_meta(idx, &file_meta); - if (err != PSA_PS_SUCCESS) { - return err; - } - - /* Check if the file is located in the same logical block and has a - * valid FID. - */ - if ((file_meta.lblock == del_file_lblock) && - (file_meta.id != SST_INVALID_FID)) { - /* If a file is located after the data to delete, this - * needs to be moved. - */ - if (file_meta.data_idx > del_file_data_idx) { - /* Check if this is the position after the deleted - * data. This will be the first file data to move. - */ - if (src_offset > file_meta.data_idx) { - src_offset = file_meta.data_idx; - } - - /* Set the new file data index location in the - * data block. - */ - file_meta.data_idx -= del_file_max_size; - - /* Increase number of bytes to move */ - nbr_bytes_to_move += file_meta.max_size; - } - } - /* Update file metadata in to the scratch block */ - err = sst_flash_fs_mblock_update_scratch_file_meta(idx, &file_meta); - if (err != PSA_PS_SUCCESS) { - return err; - } - } - - /* Compact data block */ - err = sst_flash_fs_dblock_compact_block(del_file_lblock, del_file_max_size, - src_offset, del_file_data_idx, - nbr_bytes_to_move); - if (err != PSA_PS_SUCCESS) { - return err; - } - - /* The file data in the logical block 0 is stored in same physical block - * where the metadata is stored. A change in the metadata requires a - * swap of physical blocks. So, the file data stored in the current - * metadata block needs to be copied in the scratch block, if the data - * of the file processed is not located in the logical block 0. When an - * file data is located in the logical block 0, that copy has been done - * while processing the file data. - */ - if (del_file_lblock != SST_LOGICAL_DBLOCK0) { - err = sst_flash_fs_mblock_migrate_lb0_data_to_scratch(); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - } - - /* Update the metablock header, swap scratch and active blocks, - * erase scratch blocks. - */ - err = sst_flash_fs_mblock_meta_update_finalize(); - - return err; -} - -psa_ps_status_t sst_flash_fs_file_read(uint32_t fid, uint32_t size, - uint32_t offset, uint8_t *data) -{ - psa_ps_status_t err; - uint32_t idx; - struct sst_file_meta_t tmp_metadata; - - /* Get the file index */ - err = sst_flash_fs_mblock_get_file_idx(fid, &idx); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_UID_NOT_FOUND; - } - - /* Read file metadata */ - err = sst_flash_fs_mblock_read_file_meta(idx, &tmp_metadata); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - - /* Check if index is still referring to same file */ - if (fid != tmp_metadata.id) { - return PSA_PS_ERROR_UID_NOT_FOUND; - } - - /* Boundary check the incoming request */ - err = sst_utils_check_contained_in(tmp_metadata.cur_size, offset, size); - if (err != PSA_PS_SUCCESS) { - return err; - } - - /* Read the file from flash */ - err = sst_flash_fs_dblock_read_file(&tmp_metadata, offset, size, data); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - - return PSA_PS_SUCCESS; -} diff --git a/secure_fw/services/secure_storage/flash_fs/sst_flash_fs.h b/secure_fw/services/secure_storage/flash_fs/sst_flash_fs.h deleted file mode 100644 index 4af3f99537..0000000000 --- a/secure_fw/services/secure_storage/flash_fs/sst_flash_fs.h +++ /dev/null @@ -1,139 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#ifndef __SST_FLASH_FS_H__ -#define __SST_FLASH_FS_H__ - -/** - * \file sst_flash_fs.h - * - * \brief Secure storage service filesystem abstraction APIs. - * The purpose of this abstraction is to have the ability to plug-in - * other filesystems or filesystem proxys (supplicant). - */ - -#include <stdint.h> -#include "psa/protected_storage.h" - -/*! - * \struct sst_file_info_t - * - * \brief Structure to store the file information. - */ -struct sst_file_info_t { - uint32_t size_current; /*!< The current size of the flash file data */ - uint32_t size_max; /*!< The maximum size of the flash file data in - * bytes. - */ -}; - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Prepares the filesystem to accept operations on the files. - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -psa_ps_status_t sst_flash_fs_prepare(void); - -/** - * \brief Wipes all files from the filesystem. - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -psa_ps_status_t sst_flash_fs_wipe_all(void); - -/** - * \brief Checks if a file exists in the filesystem. - * - * \param[in] fid File ID - * - * \return Returns PSA_PS_SUCCESS if the file exists. If file does not - * exist, it returns PSA_PS_ERROR_UID_NOT_FOUND. Otherwise, it returns - * error code as specified in \ref psa_ps_status_t. - */ -psa_ps_status_t sst_flash_fs_file_exist(uint32_t fid); - -/** - * \brief Creates a file in the filesystem. - * - * \param[in] fid File ID - * \param[in] max_size Size of the file to be created - * \param[in] data_size Size of the incoming buffer. This parameter is set to 0 - * when the file is empty after the creation. - * \param[in] data Pointer to buffer containing the initial data. - * This parameter is set to NULL when the file is empty - * after the creation. - * - * \return Returns PSA_PS_SUCCESS if the file has been created correctly. - * If fid is in used, it returns PSA_PS_ERROR_INVALID_ARGUMENT. - * Otherwise, it returns error code as specified in - * \ref psa_ps_status_t. - */ -psa_ps_status_t sst_flash_fs_file_create(uint32_t fid, - uint32_t max_size, - uint32_t data_size, - const uint8_t *data); - -/** - * \brief Gets the file information referenced by the file ID. - * - * \param[in] fid File ID - * \param[out] info Pointer to the information structure to store the - * file information values \ref sst_file_info_t - * - * \return Returns error code specified in \ref psa_ps_status_t - */ -psa_ps_status_t sst_flash_fs_file_get_info(uint32_t fid, - struct sst_file_info_t *info); - -/** - * \brief Writes data to an existing file. - * - * \param[in] fid File ID - * \param[in] size Size of the incoming buffer - * \param[in] offset Offset in the file - * \param[in] data Pointer to buffer containing data to be written - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -psa_ps_status_t sst_flash_fs_file_write(uint32_t fid, - uint32_t size, - uint32_t offset, - const uint8_t *data); - -/** - * \brief Reads data from an existing file. - * - * \param[in] fid File ID - * \param[in] size Size to be read - * \param[in] offset Offset in the file - * \param[out] data Pointer to buffer to store the data - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -psa_ps_status_t sst_flash_fs_file_read(uint32_t fid, - uint32_t size, - uint32_t offset, - uint8_t *data); - -/** - * \brief Deletes file referenced by the file ID. - * - * \param[in] fid File ID - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -psa_ps_status_t sst_flash_fs_file_delete(uint32_t fid); - -#ifdef __cplusplus -} -#endif - -#endif /* __SST_FLASH_FS_H__ */ diff --git a/secure_fw/services/secure_storage/flash_fs/sst_flash_fs_dblock.c b/secure_fw/services/secure_storage/flash_fs/sst_flash_fs_dblock.c deleted file mode 100644 index fa2e409735..0000000000 --- a/secure_fw/services/secure_storage/flash_fs/sst_flash_fs_dblock.c +++ /dev/null @@ -1,192 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#include "sst_flash_fs_dblock.h" - -#include "secure_fw/services/secure_storage/sst_utils.h" -#include "secure_fw/services/secure_storage/flash/sst_flash.h" - -/** - * \brief Converts logical data block number to physical number. - * - * \param[in] lblock Logical block number - * - * \return Return physical block number. - */ -static uint32_t sst_dblock_lo_to_phy(uint32_t lblock) -{ - struct sst_block_meta_t block_meta; - psa_ps_status_t err; - - err = sst_flash_fs_mblock_read_block_metadata(lblock, &block_meta); - if (err != PSA_PS_SUCCESS) { - return SST_BLOCK_INVALID_ID; - } - - return block_meta.phy_id; -} - -psa_ps_status_t sst_flash_fs_dblock_compact_block(uint32_t lblock, - uint32_t free_size, - uint32_t src_offset, - uint32_t dst_offset, - uint32_t size) -{ - struct sst_block_meta_t block_meta; - psa_ps_status_t err; - uint32_t scratch_id = 0; - - /* Read current block meta */ - err = sst_flash_fs_mblock_read_block_metadata(lblock, &block_meta); - if (err != PSA_PS_SUCCESS) { - return err; - } - - /* Release data from block meta */ - block_meta.free_size += free_size; - - /* Save scratch data block physical IDs */ - scratch_id = sst_flash_fs_mblock_cur_data_scratch_id(lblock); - - /* Check if there are bytes to be compacted */ - if (size > 0) { - /* Move data from source offset in current data block to scratch block - * destination offset. - */ - err = sst_flash_block_to_block_move(scratch_id, dst_offset, - block_meta.phy_id, src_offset, - size); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - } - - if (dst_offset > block_meta.data_start) { - /* Copy data from the beginning of data block until - * the position where the data will be reallocated later - */ - err = sst_flash_block_to_block_move(scratch_id, - block_meta.data_start, - block_meta.phy_id, - block_meta.data_start, - (dst_offset-block_meta.data_start)); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - } - - /* Swap the scratch and current data blocks. Must swap even with nothing - * to compact so that deleted file is left in scratch and erased as part - * of finalization. - */ - sst_flash_fs_mblock_set_data_scratch(block_meta.phy_id, lblock); - - /* Set scratch block ID as the one which contains the new data block */ - block_meta.phy_id = scratch_id; - - /* Update block metadata in scratch metadata block */ - err = sst_flash_fs_mblock_update_scratch_block_meta(lblock, &block_meta); - if (err != PSA_PS_SUCCESS) { - /* Swap back the data block as there was an issue in the process */ - sst_flash_fs_mblock_set_data_scratch(scratch_id, lblock); - return err; - } - - return err; -} - -psa_ps_status_t sst_flash_fs_dblock_cp_data_to_scratch(uint32_t lblock, - uint32_t offset, - uint32_t size) -{ - uint32_t phys_block; - uint32_t scratch_id; - - /* Get physical block ID from where to read the data */ - phys_block = sst_dblock_lo_to_phy(lblock); - if (phys_block == SST_BLOCK_INVALID_ID) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - - /* Get the scratch data block ID to write the data */ - scratch_id = sst_flash_fs_mblock_cur_data_scratch_id(lblock); - - /* Data after updated content */ - return sst_flash_block_to_block_move(scratch_id, offset, - phys_block, offset, - size); -} - -psa_ps_status_t sst_flash_fs_dblock_read_file(struct sst_file_meta_t *file_meta, - uint32_t offset, - uint32_t size, - uint8_t *buf) -{ - uint32_t phys_block; - uint32_t pos; - - phys_block = sst_dblock_lo_to_phy(file_meta->lblock); - if (phys_block == SST_BLOCK_INVALID_ID) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - - pos = (file_meta->data_idx + offset); - - return sst_flash_read(phys_block, buf, pos, size); -} - -psa_ps_status_t sst_flash_fs_dblock_write_file(uint32_t lblock, - uint32_t offset, - uint32_t size, - const uint8_t *data) -{ - uint32_t scratch_id; - - scratch_id = sst_flash_fs_mblock_cur_data_scratch_id(lblock); - - return sst_flash_write(scratch_id, data, offset, size); -} - -psa_ps_status_t sst_flash_fs_dblock_cp_remaining_data( - const struct sst_block_meta_t *block_meta, - const struct sst_file_meta_t *file_meta) -{ - uint32_t after_file_offset; - psa_ps_status_t err; - uint32_t scratch_id; - uint32_t wrt_bytes; - - scratch_id = sst_flash_fs_mblock_cur_data_scratch_id(file_meta->lblock); - - if (file_meta->data_idx > block_meta->data_start) { - /* Move data before the referenced object */ - wrt_bytes = (file_meta->data_idx - block_meta->data_start); - - err = sst_flash_block_to_block_move(scratch_id, - block_meta->data_start, - block_meta->phy_id, - block_meta->data_start, - wrt_bytes); - if (err != PSA_PS_SUCCESS) { - return err; - } - - } - - /* The referenced file data is already in the scratch block, as it is - * processed before calling of this function. - */ - after_file_offset = file_meta->data_idx + file_meta->max_size; - - /* Calculate amount of bytes after the manipulated file */ - wrt_bytes = (SST_BLOCK_SIZE - (after_file_offset + block_meta->free_size)); - - /* Data after updated content */ - return sst_flash_block_to_block_move(scratch_id, after_file_offset, - block_meta->phy_id, after_file_offset, - wrt_bytes); -} diff --git a/secure_fw/services/secure_storage/flash_fs/sst_flash_fs_dblock.h b/secure_fw/services/secure_storage/flash_fs/sst_flash_fs_dblock.h deleted file mode 100644 index 4ba4ea5616..0000000000 --- a/secure_fw/services/secure_storage/flash_fs/sst_flash_fs_dblock.h +++ /dev/null @@ -1,102 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#ifndef __SST_FLASH_FS_DBLOCK_H__ -#define __SST_FLASH_FS_DBLOCK_H__ - -#include <stdint.h> -#include "sst_flash_fs_mblock.h" -#include "psa/protected_storage.h" - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Compacts block data for the given logical block. - * - * \param[in] lblock Logical data block to compact - * \param[in] free_size Available data size to compact - * \param[in] src_offset Offset in the current data block which points to the - * data position to reallocate - * \param[in] dst_offset Offset in the scratch block which points to the - * data position to store the data to be reallocated - * \param[in] size Number of bytes to be reallocated - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -psa_ps_status_t sst_flash_fs_dblock_compact_block(uint32_t lblock, - uint32_t free_size, - uint32_t src_offset, - uint32_t dst_offset, - uint32_t size); - -/** - * \brief Copies data from logical block to scratch data block. - * - * \param[in] lblock Logical data block to compact - * \param[in] offset Offset in the logical block which points to the - * start position to copy - * \param[in] size Number of bytes to be copied from logical block to - * scratch data block - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -psa_ps_status_t sst_flash_fs_dblock_cp_data_to_scratch(uint32_t lblock, - uint32_t offset, - uint32_t size); - -/** - * \brief Reads the file content. - * - * \param[in] file_meta File metadata - * \param[in] offset Offset in the file - * \param[in] size Size to be read - * \param[out] buf Buffer pointer to store the data - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -psa_ps_status_t sst_flash_fs_dblock_read_file(struct sst_file_meta_t *file_meta, - uint32_t offset, - uint32_t size, - uint8_t *buf); - -/** - * \brief Writes scratch data block content with requested data - * and the rest of the data from the given logical block. - * - * \param[in] lblock Current logical data block - * \param[in] offset Offset in the scratch data block where to start the - * copy of the incoming data - * \param[in] size Size of the incoming data - * \param[in] data Pointer to data buffer to copy in the scratch data - * block - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -psa_ps_status_t sst_flash_fs_dblock_write_file(uint32_t lblock, - uint32_t offset, - uint32_t size, - const uint8_t *data); - -/** - * \brief Writes logical block data, which is not related with the file - * maipulated, into the scratch block. - * - * \param[in] block_meta Pointer to block meta to process - * \param[in] file_meta Pointer to file's metadata manipulated - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -psa_ps_status_t sst_flash_fs_dblock_cp_remaining_data( - const struct sst_block_meta_t *block_meta, - const struct sst_file_meta_t *file_meta); -#ifdef __cplusplus -} -#endif - -#endif /* __SST_FLASH_FS_DBLOCK_H__ */ diff --git a/secure_fw/services/secure_storage/flash_fs/sst_flash_fs_mblock.c b/secure_fw/services/secure_storage/flash_fs/sst_flash_fs_mblock.c deleted file mode 100644 index 8365b2d3f0..0000000000 --- a/secure_fw/services/secure_storage/flash_fs/sst_flash_fs_mblock.c +++ /dev/null @@ -1,1123 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#include "sst_flash_fs_mblock.h" - -#include <stddef.h> - -#include "cmsis_compiler.h" -#include "secure_fw/services/secure_storage/sst_object_defs.h" -#include "secure_fw/services/secure_storage/sst_utils.h" -#include "tfm_memory_utils.h" - -#if ((SST_TOTAL_NUM_OF_BLOCKS < 2) || (SST_TOTAL_NUM_OF_BLOCKS == 3)) - /* The minimum number of blocks is 2. In this case, metadata and data are - * stored in the same physical block, and the other block is required for - * power failure safe operation. - * If at least 1 data block is available, 1 data scratch block is required for - * power failure safe operation. So, in this case, the minimum number of - * blocks is 4 (2 metadata block + 2 data blocks). - */ - #error "Total number of blocks should be 2 or bigger than 3" -#endif - -/* The numbers in the defines are physical block indexes, starting from 0, - * except for SST_NUM_DEDICATED_DBLOCKS. - */ -#if (SST_TOTAL_NUM_OF_BLOCKS == 2) - /* Metadata and data are stored in the same physical block, and the other - * block is required for power failure safe operation. - */ - - /* Initial position of scratch block is the scratch metadata block */ - #define SST_INIT_SCRATCH_DBLOCK 1 - - /* Metadata and data are stored in the same block */ - #define SST_INIT_DBLOCK_START 0 - - /* There are no dedicated data blocks when only two blocks are available */ - #define SST_NUM_DEDICATED_DBLOCKS 0 - -#else - - /* Initial position of scratch block is immediately after metadata blocks */ - #define SST_INIT_SCRATCH_DBLOCK 2 - - /* One metadata block and two scratch blocks are reserved. One scratch block - * for metadata operations and the other for files data operations. - */ - #define SST_INIT_DBLOCK_START 3 - - /* Number of blocks dedicated just for data is the number of blocks available - * beyond the initial datablock start index. - */ - #define SST_NUM_DEDICATED_DBLOCKS (SST_TOTAL_NUM_OF_BLOCKS - \ - SST_INIT_DBLOCK_START) -#endif /* SST_TOTAL_NUM_OF_BLOCKS == 2 */ - -/* Total number of datablocks is the number of dedicated datablocks plus - * logical datablock 0 stored in the metadata block. - */ -#define SST_NUM_ACTIVE_DBLOCKS (SST_NUM_DEDICATED_DBLOCKS + 1) - -/* Physical ID of the two metadata blocks */ -/* NOTE: the earmarked area may not always start at block number 0. - * However, the flash interface can always add the required offset. - */ -#define SST_METADATA_BLOCK0 0 -#define SST_METADATA_BLOCK1 1 - -/*! - * \def SST_OTHER_META_BLOCK - * - * \brief Macro to get the the swap metadata block. - */ -#define SST_OTHER_META_BLOCK(metablock) \ -((metablock == SST_METADATA_BLOCK0) ? \ -(SST_METADATA_BLOCK1) : (SST_METADATA_BLOCK0)) - -/*! - * \struct sst_metadata_block_header_t - * - * \brief Structure to store the metadata block header. - * - * \note The active_swap_count must be the last member to allow it to be - * programmed last. - */ -struct __attribute__((__aligned__(SST_FLASH_PROGRAM_UNIT))) -sst_metadata_block_header_t { - uint32_t scratch_dblock; /*!< Physical block ID of the data - * section's scratch block - */ - uint8_t fs_version; /*!< SST system version */ - uint8_t active_swap_count; /*!< Physical block ID of the data */ -}; - -/*! - * \struct sst_flash_fs_context_t - * - * \brief Structure to store the flash file system context. - * - */ -struct sst_flash_fs_context_t { - struct sst_metadata_block_header_t meta_block_header; /*!< Block metadata - * header - */ - uint32_t active_metablock; /*!< Active metadata block */ - uint32_t scratch_metablock; /*!< Scratch meta block */ -}; - -static struct sst_flash_fs_context_t sst_flash_fs_ctx; - -#define SST_BLOCK_META_HEADER_SIZE sizeof(struct sst_metadata_block_header_t) -#define SST_BLOCK_METADATA_SIZE sizeof(struct sst_block_meta_t) -#define SST_FILE_METADATA_SIZE sizeof(struct sst_file_meta_t) - -#define SST_MAX_NUM_FILES SST_MAX_NUM_OBJECTS - -#define SST_ALL_METADATA_SIZE (SST_BLOCK_META_HEADER_SIZE + \ - (SST_NUM_ACTIVE_DBLOCKS * SST_BLOCK_METADATA_SIZE) + \ - (SST_MAX_NUM_FILES * SST_FILE_METADATA_SIZE)) - -#define SST_ALIGNED_MAX_FILE_SIZE GET_ALIGNED_FLASH_BYTES(SST_MAX_OBJECT_SIZE) - -/* It is not required that all files fit in SST flash area at the same time. - * So, it is possible that a create action fails because flash is full. - * However, the larger file must have enough space in the SST flash area to be - * created, at least, when the SST flash area is empty. - */ -/* Checks at compile time if the largest file fits in the data area */ -SST_UTILS_BOUND_CHECK(LARGEST_FILE_NOT_FIT_IN_DATA_BLOCK, - SST_ALIGNED_MAX_FILE_SIZE, SST_BLOCK_SIZE); - -#if (SST_TOTAL_NUM_OF_BLOCKS == 2) -SST_UTILS_BOUND_CHECK(FILE_NOT_FIT_IN_DATA_AREA, SST_ALIGNED_MAX_FILE_SIZE, - (SST_BLOCK_SIZE - SST_ALL_METADATA_SIZE)); -#endif - -/* Checks at compile time if the metadata fits in a flash block */ -SST_UTILS_BOUND_CHECK(METADATA_NOT_FIT_IN_METADATA_BLOCK, - SST_ALL_METADATA_SIZE, SST_BLOCK_SIZE); - -/** - * \brief Gets offset of a logical block's metadata in metadata block. - * - * \param[in] lblock Logical block number - * - * \return Return offset value in metadata block - */ -static uint32_t sst_mblock_block_meta_offset(uint32_t lblock) -{ - uint32_t offset; - - offset = SST_BLOCK_META_HEADER_SIZE + - (lblock * SST_BLOCK_METADATA_SIZE); - - return offset; -} - -/** - * \brief Gets offset of an file metadata in metadata block. - * - * \param[in] idx File metadata entry index - * - * \return Return offset value in metadata block - */ -static uint32_t sst_mblock_file_meta_offset(uint32_t idx) -{ - uint32_t offset; - - offset = SST_BLOCK_META_HEADER_SIZE - + (SST_NUM_ACTIVE_DBLOCKS * SST_BLOCK_METADATA_SIZE) - + (idx * SST_FILE_METADATA_SIZE); - - return offset; -} - -/** - * \brief Gets current scratch metadata block. - * - * \return scratch metablock's id - */ -__attribute__((always_inline)) -__STATIC_INLINE uint32_t sst_cur_meta_scratch_id(void) -{ - return sst_flash_fs_ctx.scratch_metablock; -} - -/** - * \brief Gets current active metadata block. - * - * \return scratch metablock's ID - */ -__attribute__((always_inline)) -__STATIC_INLINE uint32_t sst_mblock_cur_meta_active(void) -{ - return sst_flash_fs_ctx.active_metablock; -} - -/** - * \brief Swaps metablocks. Scratch becomes active and active becomes scratch. - */ -static void sst_mblock_swap_metablocks(void) -{ - uint32_t tmp_block; - - tmp_block = sst_flash_fs_ctx.scratch_metablock; - sst_flash_fs_ctx.scratch_metablock = sst_flash_fs_ctx.active_metablock; - sst_flash_fs_ctx.active_metablock = tmp_block; -} - -/** - * \brief Finds the potential most recent valid metablock. - * - * \param[in] h_meta0 Header metadata of meta block 0 - * \param[in] h_meta1 Header metadata of meta block 1 - * - * \return most recent metablock - */ -static uint8_t sst_mblock_latest_meta_block( - const struct sst_metadata_block_header_t *h_meta0, - const struct sst_metadata_block_header_t *h_meta1) -{ - uint8_t cur_meta; - uint8_t meta0_swap_count = h_meta0->active_swap_count; - uint8_t meta1_swap_count = h_meta1->active_swap_count; - - /* FIXME: Currently, it returns the potential most recent valid metablock - * based on the swap count. This function will be updated later when - * the rollback protection feature is introduced. - */ - - /* Logic: if the swap count is 0, then it has rolled over. The metadata - * block with a swap count of 0 is the latest one, unless the other block - * has a swap count of 1, in which case the roll over occurred in the - * previous update. In all other cases, the block with the highest swap - * count is the latest one. - */ - if ((meta1_swap_count == 0) && (meta0_swap_count != 1)) { - /* Metadata block 1 swap count has rolled over and metadata block 0 - * swap count has not, so block 1 is the latest - */ - cur_meta = SST_METADATA_BLOCK1; - - } else if ((meta0_swap_count == 0) && (meta1_swap_count != 1)) { - /* Metadata block 0 swap count has rolled over and metadata block 1 - * swap count has not, so block 0 is the latest. - */ - cur_meta = SST_METADATA_BLOCK0; - - } else if (meta1_swap_count > meta0_swap_count) { - /* Neither swap count has just rolled over and metadata block 1 has a - * higher swap count, so block 1 is the latest. - */ - cur_meta = SST_METADATA_BLOCK1; - - } else { - /* Neither swap count has just rolled over and metadata block 0 has a - * higher or equal swap count, so block 0 is the latest. - */ - cur_meta = SST_METADATA_BLOCK0; - } - - return cur_meta; -} - -#ifdef SST_VALIDATE_METADATA_FROM_FLASH -/** - * \brief Validates file metadata in order to guarantee that a corruption or - * malicious change in stored metadata doesn't result in an invalid - * access. - * - * \param[in] file_meta Pointer to file meta structure - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -__attribute__((always_inline)) -__STATIC_INLINE psa_ps_status_t sst_mblock_validate_file_meta( - const struct sst_file_meta_t *file_meta) -{ - psa_ps_status_t err; - - /* Logical block ID can not be bigger or equal than number of - * active blocks. - */ - if (file_meta->lblock >= SST_NUM_ACTIVE_DBLOCKS) { - return PSA_PS_ERROR_DATA_CORRUPT; - } - - /* meta->id can be 0 if the file is not in use. If it is in - * use, check the metadata. - */ - if (sst_utils_validate_fid(file_meta->id) == PSA_PS_SUCCESS) { - /* validate files values if file is in use */ - if (file_meta->max_size > SST_MAX_OBJECT_SIZE) { - return PSA_PS_ERROR_DATA_CORRUPT; - } - - /* The current file data size must be smaller or equal than - * file data max size. - */ - if (file_meta->cur_size > file_meta->max_size) { - return PSA_PS_ERROR_DATA_CORRUPT; - } - - if (file_meta->lblock == SST_LOGICAL_DBLOCK0) { - /* In block 0, data index must be located after the metadata */ - if (file_meta->data_idx < - sst_mblock_file_meta_offset(SST_MAX_NUM_OBJECTS)) { - return PSA_PS_ERROR_DATA_CORRUPT; - } - } - - /* Boundary check the incoming request */ - err = sst_utils_check_contained_in(SST_BLOCK_SIZE, - file_meta->data_idx, - file_meta->max_size); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_DATA_CORRUPT; - } - } - - return PSA_PS_SUCCESS; -} - -/** - * \brief Validates block metadata in order to guarantee that a corruption or - * malicious change in stored metadata doesn't result in an invalid - * access. - * - * \param[in] block_meta Pointer to block meta structure - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -__attribute__((always_inline)) -__STATIC_INLINE psa_ps_status_t sst_mblock_validate_block_meta( - const struct sst_block_meta_t *block_meta) -{ - psa_ps_status_t err; - /* Data block's data start at position 0 */ - uint32_t valid_data_start_value = 0; - - if (block_meta->phy_id >= SST_TOTAL_NUM_OF_BLOCKS) { - return PSA_PS_ERROR_DATA_CORRUPT; - } - - /* Boundary check: block data start + free size can not be bigger - * than max block size. - */ - err = sst_utils_check_contained_in(SST_BLOCK_SIZE, - block_meta->data_start, - block_meta->free_size); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_DATA_CORRUPT; - } - - if (block_meta->phy_id == SST_METADATA_BLOCK0 || - block_meta->phy_id == SST_METADATA_BLOCK1) { - - /* For metadata + data block, data index must start after the - * metadata area. - */ - valid_data_start_value = sst_mblock_file_meta_offset( - SST_MAX_NUM_OBJECTS); - } - - if (block_meta->data_start != valid_data_start_value) { - return PSA_PS_ERROR_DATA_CORRUPT; - } - - return PSA_PS_SUCCESS; -} -#endif - -/** - * \brief Gets a free file metadata table entry. - * - * \return Return index of a free file meta entry - */ -static uint32_t sst_get_free_file_index(void) -{ - psa_ps_status_t err; - uint32_t i; - struct sst_file_meta_t tmp_metadata; - - for (i = 0; i < SST_MAX_NUM_OBJECTS; i++) { - err = sst_flash_fs_mblock_read_file_meta(i, &tmp_metadata); - if (err != PSA_PS_SUCCESS) { - return SST_METADATA_INVALID_INDEX; - } - - /* Check if this entry is free by checking if ID values is an - * invalid ID. - */ - if (sst_utils_validate_fid(tmp_metadata.id) != PSA_PS_SUCCESS) { - /* Found */ - return i; - } - } - - return SST_METADATA_INVALID_INDEX; -} - -/** - * \brief Writes an file metadata entry into scratch metadata block. - * - * \param[in] idx File metadata entry index in the metadata table - * \param[in] file_meta Metadata pointer - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -static psa_ps_status_t sst_mblock_update_scratch_file_meta(uint32_t idx, - struct sst_file_meta_t *file_meta) -{ - psa_ps_status_t err; - uint32_t pos; - uint32_t scratch_block; - - scratch_block = sst_cur_meta_scratch_id(); - - /* Calculate the position */ - pos = sst_mblock_file_meta_offset(idx); - err = sst_flash_write(scratch_block, (uint8_t *)file_meta, pos, - SST_FILE_METADATA_SIZE); - return err; -} - -/** - * \brief Erases data and meta scratch blocks. - */ -static psa_ps_status_t sst_mblock_erase_scratch_blocks(void) -{ - psa_ps_status_t err; - uint32_t scratch_datablock; - uint32_t scratch_metablock; - - scratch_metablock = sst_cur_meta_scratch_id(); - - /* For the atomicity of the data update process - * and power-failure-safe operation, it is necessary that - * metadata scratch block is erased before data block. - */ - err = sst_flash_erase_block(scratch_metablock); - if (err != PSA_PS_SUCCESS) { - return err; - } - - /* If the number of blocks is bigger than 2, the code needs to erase the - * scratch block used to process any change in the data block which contains - * only data. Otherwise, if the number of blocks is equal to 2, it means - * that all data is stored in the metadata block. - */ - if (SST_TOTAL_NUM_OF_BLOCKS > 2) { - scratch_datablock = sst_flash_fs_mblock_cur_data_scratch_id( - (SST_LOGICAL_DBLOCK0 + 1)); - err = sst_flash_erase_block(scratch_datablock); - } - - return err; -} - -/** - * \brief Updates scratch block meta. - * - * \param[in] lblock Logical block number - * \param[in] block_meta Pointer to the block metadata data to write in the - * scratch block - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -static psa_ps_status_t sst_mblock_update_scratch_block_meta(uint32_t lblock, - struct sst_block_meta_t *block_meta) -{ - psa_ps_status_t err; - uint32_t meta_block; - uint32_t pos; - - meta_block = sst_cur_meta_scratch_id(); - /* Calculate the position */ - pos = sst_mblock_block_meta_offset(lblock); - err = sst_flash_write(meta_block, (uint8_t *)block_meta, pos, - SST_BLOCK_METADATA_SIZE); - return err; -} - -/** - * \brief Copies rest of the block metadata. - * - * \param[in] lblock Logical block number to skip - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -static psa_ps_status_t sst_mblock_copy_remaining_block_meta(uint32_t lblock) -{ - struct sst_block_meta_t block_meta; - psa_ps_status_t err; - uint32_t meta_block; - uint32_t pos; - uint32_t scratch_block; - uint32_t size; - - scratch_block = sst_cur_meta_scratch_id(); - meta_block = sst_mblock_cur_meta_active(); - - if (lblock != SST_LOGICAL_DBLOCK0) { - /* The file data in the logical block 0 is stored in same physical - * block where the metadata is stored. A change in the metadata requires - * a swap of physical blocks. So, the physical block ID of logical block - * 0 needs to be updated to reflect this change, if the file processed - * is not located in logical block 0. If it is located in block 0, - * the physical block ID has been updated while processing the file - * data. - */ - err = sst_flash_fs_mblock_read_block_metadata(SST_LOGICAL_DBLOCK0, - &block_meta); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - - /* Update physical ID for logical block 0 to match with the - * metadata block physical ID. - */ - block_meta.phy_id = scratch_block; - err = sst_mblock_update_scratch_block_meta(SST_LOGICAL_DBLOCK0, - &block_meta); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - - /* Copy the rest of metadata blocks between logical block 0 and - * the logical block provided in the function. - */ - if (lblock > 1) { - pos = sst_mblock_block_meta_offset(SST_LOGICAL_DBLOCK0 + 1); - - size = sst_mblock_block_meta_offset(lblock) - pos; - - /* Copy rest of the block data from previous block */ - /* Data before updated content */ - err = sst_flash_block_to_block_move(scratch_block, pos, meta_block, - pos, size); - if (err != PSA_PS_SUCCESS) { - return err; - } - } - } - - /* Move meta blocks data after updated content */ - pos = sst_mblock_block_meta_offset(lblock+1); - - size = sst_mblock_file_meta_offset(0) - pos; - - err = sst_flash_block_to_block_move(scratch_block, pos, - meta_block, pos, size); - - return err; -} - -/** - * \brief Checks the validity of the metadata block's swap count. - * - * \param[in] swap_count Swap count to validate - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -__attribute__((always_inline)) -__STATIC_INLINE psa_ps_status_t sst_mblock_validate_swap_count( - uint8_t swap_count) -{ - psa_ps_status_t err = PSA_PS_SUCCESS; - - /* When a flash block is erased, the default value - * is usually 0xFF (i.e. all 1s). Since the swap count - * is updated last (when encryption is disabled), it is - * possible that due to a power failure, the swap count - * value in metadata header is 0xFFFF..., which mean - * it will appear to be most recent block. Which isn't - * a problem in itself, as the rest of the metadata is fully - * valid (as it would have been written before swap count). - * However, this also means that previous update process - * wasn't complete. So, if the value is 0xFF..., revert - * back to previous metablock instead. - */ - if (swap_count == SST_FLASH_DEFAULT_VAL) { - err = PSA_PS_ERROR_OPERATION_FAILED; - } - - return err; -} - -/** - * \brief Checks the validity of FS version. - * - * \param[in] fs_version File system version. - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -__attribute__((always_inline)) -__STATIC_INLINE psa_ps_status_t sst_mblock_validate_fs_version( - uint8_t fs_version) -{ - psa_ps_status_t err = PSA_PS_SUCCESS; - - /* Looks for exact version number. - * FIXME: backward compatibility could be considered in future revisions. - */ - if (fs_version != SST_SUPPORTED_VERSION) { - err = PSA_PS_ERROR_OPERATION_FAILED; - } - - return err; -} - -/** - * \brief Validates header metadata in order to guarantee that a corruption or - * malicious change in stored metadata doesn't result in an invalid - * access and the header version is correct. - * - * \param[in] h_meta Pointer to metadata block header - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -static psa_ps_status_t sst_mblock_validate_header_meta( - struct sst_metadata_block_header_t *h_meta) -{ - psa_ps_status_t err; - - err = sst_mblock_validate_fs_version(h_meta->fs_version); - if (err == PSA_PS_SUCCESS) { - err = sst_mblock_validate_swap_count(h_meta->active_swap_count); - } - - return err; -} - -/** - * \brief Writes the scratch metadata's header. - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -static psa_ps_status_t sst_mblock_write_scratch_meta_header(void) -{ - psa_ps_status_t err; - uint32_t scratch_metablock; - - scratch_metablock = sst_cur_meta_scratch_id(); - - /* Increment the swap count */ - sst_flash_fs_ctx.meta_block_header.active_swap_count += 1; - - err = sst_mblock_validate_swap_count( - sst_flash_fs_ctx.meta_block_header.active_swap_count); - if (err != PSA_PS_SUCCESS) { - /* Reset the swap count to 0 */ - sst_flash_fs_ctx.meta_block_header.active_swap_count = 0; - } - - /* Write the metadata block header */ - err = sst_flash_write(scratch_metablock, - (uint8_t *)(&sst_flash_fs_ctx.meta_block_header), - 0, SST_BLOCK_META_HEADER_SIZE); - - return err; -} - -/** - * \brief Reads the active metadata block header into sst_system_ctx. - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -static psa_ps_status_t sst_mblock_read_meta_header(void) -{ - psa_ps_status_t err; - - err = sst_flash_read(sst_flash_fs_ctx.active_metablock, - (uint8_t *)&sst_flash_fs_ctx.meta_block_header, 0, - SST_BLOCK_META_HEADER_SIZE); - if (err != PSA_PS_SUCCESS) { - return err; - } - - err = sst_mblock_validate_header_meta(&sst_flash_fs_ctx.meta_block_header); - - return err; -} - -/** - * \brief Reserves space for an file. - * - * \param[in] fid File ID - * \param[in] size Size of the file for which space is reserve - * \param[out] file_meta File metadata entry - * \param[out] block_meta Block metadata entry - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -static psa_ps_status_t sst_mblock_reserve_file(uint32_t fid, uint32_t size, - struct sst_file_meta_t *file_meta, - struct sst_block_meta_t *block_meta) -{ - psa_ps_status_t err; - uint32_t i; - - for (i = 0; i < SST_NUM_ACTIVE_DBLOCKS; i++) { - err = sst_flash_fs_mblock_read_block_metadata(i, block_meta); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - - if (block_meta->free_size >= size) { - /* Set file metadata */ - file_meta->lblock = i; - file_meta->data_idx = SST_BLOCK_SIZE - block_meta->free_size; - file_meta->max_size = size; - file_meta->id = fid; - file_meta->cur_size = 0; - - /* Update block metadata */ - block_meta->free_size -= size; - return PSA_PS_SUCCESS; - } - } - - /* No block has large enough space to fit the requested file */ - return PSA_PS_ERROR_INSUFFICIENT_SPACE; -} - -/** - * \brief Validates and find the valid-active metablock - * - * \return Returns value as specified in \ref psa_ps_status_t - */ -static psa_ps_status_t sst_init_get_active_metablock(void) -{ - uint32_t cur_meta_block = SST_BLOCK_INVALID_ID; - psa_ps_status_t err; - struct sst_metadata_block_header_t h_meta0; - struct sst_metadata_block_header_t h_meta1; - uint8_t num_valid_meta_blocks = 0; - - /* First two blocks are reserved for metadata */ - - /* Read the header of both the metdata blocks */ - err = sst_flash_read(SST_METADATA_BLOCK0, (uint8_t *)&h_meta0, - 0, SST_BLOCK_META_HEADER_SIZE); - if (err != PSA_PS_SUCCESS) { - return err; - } - - err = sst_flash_read(SST_METADATA_BLOCK1, (uint8_t *)&h_meta1, - 0, SST_BLOCK_META_HEADER_SIZE); - if (err != PSA_PS_SUCCESS) { - return err; - } - - /* If there are two potential active metadata blocks, - * an out of turn power down sequence didn't allow previous - * update operation to complete. Need to find out the valid - * metadata block now. - */ - if (sst_mblock_validate_header_meta(&h_meta0) == PSA_PS_SUCCESS) { - num_valid_meta_blocks++; - cur_meta_block = SST_METADATA_BLOCK0; - } - - if (sst_mblock_validate_header_meta(&h_meta1) == PSA_PS_SUCCESS) { - num_valid_meta_blocks++; - cur_meta_block = SST_METADATA_BLOCK1; - } - - /* If there are more than 1 potential metablocks, the previous - * update operation was interrupted by power failure. In which case, - * need to find out which one is potentially latest metablock. - */ - if (num_valid_meta_blocks > 1) { - cur_meta_block = sst_mblock_latest_meta_block(&h_meta0, &h_meta1); - } else if (num_valid_meta_blocks == 0) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - - sst_flash_fs_ctx.active_metablock = cur_meta_block; - sst_flash_fs_ctx.scratch_metablock = SST_OTHER_META_BLOCK(cur_meta_block); - - return PSA_PS_SUCCESS; -} - -psa_ps_status_t sst_flash_fs_mblock_cp_remaining_file_meta(uint32_t idx) -{ - psa_ps_status_t err; - uint32_t end; - uint32_t meta_block; - uint32_t pos; - uint32_t scratch_block; - - scratch_block = sst_cur_meta_scratch_id(); - meta_block = sst_mblock_cur_meta_active(); - /* Calculate the position */ - pos = sst_mblock_file_meta_offset(0); - /* Copy rest of the block data from previous block */ - /* Data before updated content */ - err = sst_flash_block_to_block_move(scratch_block, pos, meta_block, pos, - (idx * SST_FILE_METADATA_SIZE)); - if (err != PSA_PS_SUCCESS) { - return err; - } - - /* Data after updated content */ - pos = sst_mblock_file_meta_offset(idx + 1); - - /* Get end of file meta position which is the position after the last - * byte of file meta. - */ - end = sst_mblock_file_meta_offset(SST_MAX_NUM_OBJECTS); - if (end > pos) { - err = sst_flash_block_to_block_move(scratch_block, pos, meta_block, - pos, (end - pos)); - } - - return err; -} - -uint32_t sst_flash_fs_mblock_cur_data_scratch_id(uint32_t lblock) -{ - if (lblock == SST_LOGICAL_DBLOCK0) { - /* Scratch logical data block 0 physical IDs */ - return sst_cur_meta_scratch_id(); - } - - return sst_flash_fs_ctx.meta_block_header.scratch_dblock; -} - -psa_ps_status_t sst_flash_fs_mblock_get_file_idx(uint32_t fid, uint32_t *idx) -{ - psa_ps_status_t err; - uint32_t i; - struct sst_file_meta_t tmp_metadata; - - for (i = 0; i < SST_MAX_NUM_OBJECTS; i++) { - err = sst_flash_fs_mblock_read_file_meta(i, &tmp_metadata); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - - /* ID with value 0x00 means end of file meta section */ - if (tmp_metadata.id == fid) { - /* Found */ - *idx = i; - return PSA_PS_SUCCESS; - } - } - - return PSA_PS_ERROR_UID_NOT_FOUND; -} - -psa_ps_status_t sst_flash_fs_mblock_init(void) -{ - psa_ps_status_t err; - - /* Initialize Flash Interface */ - err = sst_flash_init(); - if (err != PSA_PS_SUCCESS) { - return err; - } - - err = sst_init_get_active_metablock(); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - - err = sst_mblock_read_meta_header(); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - - /* Erase the other scratch metadata block */ - err = sst_mblock_erase_scratch_blocks(); - - return err; -} - -psa_ps_status_t sst_flash_fs_mblock_meta_update_finalize(void) -{ - psa_ps_status_t err; - - /* Write the metadata block header to flash */ - err = sst_mblock_write_scratch_meta_header(); - if (err != PSA_PS_SUCCESS) { - return err; - } - - /* Update the running context */ - sst_mblock_swap_metablocks(); - - /* Erase meta block and current scratch block */ - err = sst_mblock_erase_scratch_blocks(); - - return err; -} - -psa_ps_status_t sst_flash_fs_mblock_migrate_lb0_data_to_scratch(void) -{ - struct sst_block_meta_t block_meta; - uint32_t current_metablock; - uint32_t data_size; - psa_ps_status_t err; - uint32_t scratch_metablock; - - scratch_metablock = sst_cur_meta_scratch_id(); - current_metablock = sst_mblock_cur_meta_active(); - - err = sst_flash_fs_mblock_read_block_metadata(SST_LOGICAL_DBLOCK0, - &block_meta); - if (err != PSA_PS_SUCCESS) { - return err; - } - - /* Calculate data size stored in the B0 block */ - data_size = ((SST_BLOCK_SIZE - block_meta.data_start) - - block_meta.free_size); - - err = sst_flash_block_to_block_move(scratch_metablock, - block_meta.data_start, - current_metablock, - block_meta.data_start, - data_size); - return err; -} - -psa_ps_status_t sst_flash_fs_mblock_read_file_meta(uint32_t idx, - struct sst_file_meta_t *file_meta) -{ - psa_ps_status_t err; - uint32_t offset; - - offset = sst_mblock_file_meta_offset(idx); - err = sst_flash_read(sst_flash_fs_ctx.active_metablock, - (uint8_t *)file_meta, offset, - SST_FILE_METADATA_SIZE); - -#ifdef SST_VALIDATE_METADATA_FROM_FLASH - if (err == PSA_PS_SUCCESS) { - err = sst_mblock_validate_file_meta(file_meta); - } -#endif - - return err; -} - -psa_ps_status_t sst_flash_fs_mblock_read_block_metadata(uint32_t lblock, - struct sst_block_meta_t *block_meta) -{ - psa_ps_status_t err; - uint32_t metablock; - uint32_t pos; - - metablock = sst_mblock_cur_meta_active(); - pos = sst_mblock_block_meta_offset(lblock); - err = sst_flash_read(metablock, (uint8_t *)block_meta, - pos, SST_BLOCK_METADATA_SIZE); - -#ifdef SST_VALIDATE_METADATA_FROM_FLASH - if (err == PSA_PS_SUCCESS) { - err = sst_mblock_validate_block_meta(block_meta); - } -#endif - - return err; -} - -psa_ps_status_t sst_flash_fs_mblock_reserve_file(uint32_t fid, uint32_t size, - uint32_t *idx, - struct sst_file_meta_t *file_meta, - struct sst_block_meta_t *block_meta) -{ - psa_ps_status_t err; - - err = sst_mblock_reserve_file(fid, size, file_meta, block_meta); - - *idx = sst_get_free_file_index(); - if ((err != PSA_PS_SUCCESS) || - (*idx == SST_METADATA_INVALID_INDEX)) { - return PSA_PS_ERROR_INSUFFICIENT_SPACE; - } - - return PSA_PS_SUCCESS; -} - -psa_ps_status_t sst_flash_fs_mblock_reset_metablock(void) -{ - struct sst_block_meta_t block_meta; - psa_ps_status_t err; - uint32_t i; - uint32_t metablock_to_erase_first = SST_METADATA_BLOCK0; - struct sst_file_meta_t file_metadata; - - /* Erase both metadata blocks. If at least one metadata block is valid, - * ensure that the active metadata block is erased last to prevent rollback - * in the case of a power failure between the two erases. - */ - if (sst_init_get_active_metablock() == PSA_PS_SUCCESS) { - metablock_to_erase_first = sst_flash_fs_ctx.scratch_metablock; - } - - err = sst_flash_erase_block(metablock_to_erase_first); - if (err != PSA_PS_SUCCESS) { - return err; - } - - err = sst_flash_erase_block(SST_OTHER_META_BLOCK(metablock_to_erase_first)); - if (err != PSA_PS_SUCCESS) { - return err; - } - - sst_flash_fs_ctx.meta_block_header.active_swap_count = 0; - sst_flash_fs_ctx.meta_block_header.scratch_dblock = SST_INIT_SCRATCH_DBLOCK; - sst_flash_fs_ctx.meta_block_header.fs_version = SST_SUPPORTED_VERSION; - sst_flash_fs_ctx.scratch_metablock = SST_METADATA_BLOCK1; - sst_flash_fs_ctx.active_metablock = SST_METADATA_BLOCK0; - - /* Fill the block metadata for logical datablock 0, which has the physical - * id of the active metadata block. For this datablock, the space available - * for data is from the end of the metadata to the end of the block. - */ - block_meta.data_start = SST_ALL_METADATA_SIZE; - block_meta.free_size = (SST_BLOCK_SIZE - block_meta.data_start); - block_meta.phy_id = SST_METADATA_BLOCK0; - err = sst_mblock_update_scratch_block_meta(SST_LOGICAL_DBLOCK0, - &block_meta); - if (err != PSA_PS_SUCCESS) { - return err; - } - - /* Fill the block metadata for the dedicated datablocks, which have logical - * ids beginning from 1 and physical ids initially beginning from - * SST_INIT_DBLOCK_START. For these datablocks, the space available for - * data is the entire block. - */ - block_meta.data_start = 0; - block_meta.free_size = SST_BLOCK_SIZE; - for (i = 0; i < SST_NUM_DEDICATED_DBLOCKS; i++) { - /* If a flash error is detected, the code erases the rest - * of the blocks anyway to remove all data stored in them. - */ - err |= sst_flash_erase_block(i + SST_INIT_DBLOCK_START); - } - - /* If an error is detected while erasing the flash, then return a - * system error to abort core wipe process. - */ - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_STORAGE_FAILURE; - } - - for (i = 0; i < SST_NUM_DEDICATED_DBLOCKS; i++) { - block_meta.phy_id = i + SST_INIT_DBLOCK_START; - err = sst_mblock_update_scratch_block_meta(i + 1, &block_meta); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - } - - /* Initialize file metadata table */ - (void)tfm_memset(&file_metadata, SST_DEFAULT_EMPTY_BUFF_VAL, - SST_FILE_METADATA_SIZE); - for (i = 0; i < SST_MAX_NUM_OBJECTS; i++) { - /* In the beginning phys id is same as logical id */ - /* Update file metadata to reflect new attributes */ - err = sst_mblock_update_scratch_file_meta(i, &file_metadata); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - } - - err = sst_mblock_write_scratch_meta_header(); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - - /* Swap active and scratch metablocks */ - sst_mblock_swap_metablocks(); - - return PSA_PS_SUCCESS; -} - -void sst_flash_fs_mblock_set_data_scratch(uint32_t phy_id, uint32_t lblock) -{ - if (lblock != SST_LOGICAL_DBLOCK0) { - sst_flash_fs_ctx.meta_block_header.scratch_dblock = phy_id; - } -} - -psa_ps_status_t sst_flash_fs_mblock_update_scratch_block_meta( - uint32_t lblock, - struct sst_block_meta_t *block_meta) -{ - psa_ps_status_t err; - - /* If the file is the logical block 0, then update the physical ID to the - * current scratch metadata block so that it is correct after the metadata - * blocks are swapped. - */ - if (lblock == SST_LOGICAL_DBLOCK0) { - block_meta->phy_id = sst_cur_meta_scratch_id(); - } - - err = sst_mblock_update_scratch_block_meta(lblock, block_meta); - if (err != PSA_PS_SUCCESS) { - return PSA_PS_ERROR_OPERATION_FAILED; - } - - err = sst_mblock_copy_remaining_block_meta(lblock); - - return err; -} - -psa_ps_status_t sst_flash_fs_mblock_update_scratch_file_meta(uint32_t idx, - struct sst_file_meta_t *file_meta) -{ - return sst_mblock_update_scratch_file_meta(idx, file_meta); -} diff --git a/secure_fw/services/secure_storage/flash_fs/sst_flash_fs_mblock.h b/secure_fw/services/secure_storage/flash_fs/sst_flash_fs_mblock.h deleted file mode 100644 index bee15f9dd6..0000000000 --- a/secure_fw/services/secure_storage/flash_fs/sst_flash_fs_mblock.h +++ /dev/null @@ -1,214 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#ifndef __SST_FLASH_FS_MBLOCK_H__ -#define __SST_FLASH_FS_MBLOCK_H__ - -#include <stdint.h> - -#include "secure_fw/services/secure_storage/flash/sst_flash.h" -#include "secure_fw/services/secure_storage/sst_object_defs.h" -#include "psa/protected_storage.h" - -/*! - * \def SST_SUPPORTED_VERSION - * - * \brief Defines the supported version. - */ -#define SST_SUPPORTED_VERSION 0x01 - -/*! - * \def SST_METADATA_INVALID_INDEX - * - * \brief Defines the invalid index value when the metadata table is full - */ -#define SST_METADATA_INVALID_INDEX 0xFFFF - -/*! - * \def SST_LOGICAL_DBLOCK0 - * - * \brief Defines logical data block 0 ID - */ -#define SST_LOGICAL_DBLOCK0 0 - -/*! - * \struct sst_block_meta_t - * - * \brief Structure to store information about each physical flash memory block. - */ -struct __attribute__((__aligned__(SST_FLASH_PROGRAM_UNIT))) sst_block_meta_t { - uint32_t phy_id; /*!< Physical ID of this logical block */ - uint32_t data_start; /*!< Offset from the beginning of the - * block to the location where the data - * starts - */ - uint32_t free_size; /*!< Number of bytes free at end of - * block (set during block compaction - * for gap reuse) - */ -}; - -/*! - * \struct sst_file_meta_t - * - * \brief Structure to store file metadata. - * - */ -struct __attribute__((__aligned__(SST_FLASH_PROGRAM_UNIT))) sst_file_meta_t { - uint32_t lblock; /*!< Logical datablock where file is stored */ - uint32_t data_idx; /*!< Offset in the logical data block */ - uint32_t cur_size; /*!< Size in storage system for this fragment */ - uint32_t max_size; /*!< Maximum size of this file */ - uint32_t id; /*!< ID of this file, compiler generated - * based on user defined user_defs.h - */ -}; - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Initializes metadata block with the valid/active metablock. - * - * \return Returns value as specified in \ref psa_ps_status_t - */ -psa_ps_status_t sst_flash_fs_mblock_init(void); - -/** - * \brief Copies rest of the file metadata, except for the one pointed by - * index. - * - * \param[in] idx File metadata entry index to skip - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -psa_ps_status_t sst_flash_fs_mblock_cp_remaining_file_meta(uint32_t idx); - -/** - * \brief Gets current scratch datablock physical ID. - * - * \param[in] lblock Logical block number - * - * \return current scratch data block - */ -uint32_t sst_flash_fs_mblock_cur_data_scratch_id(uint32_t lblock); - -/** - * \brief Gets file metadata entry index. - * - * \param[in] fid ID of the file - * \param[out] idx Index of the file metadata in the file system - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -psa_ps_status_t sst_flash_fs_mblock_get_file_idx(uint32_t fid, uint32_t *idx); - -/** - * \brief Finalizes an update operation. - * Last step when a create/write/delete is performed. - * - * \return Returns offset value in metadata block - */ -psa_ps_status_t sst_flash_fs_mblock_meta_update_finalize(void); - -/** - * \brief Writes the files data area of logical block 0 into the scratch - * block. - * - * \note The files data in the logical block 0 is stored in same physical - * block where the metadata is stored. A change in the metadata requires a - * swap of physical blocks. So, the files data stored in the current - * medadata block needs to be copied in the scratch block, unless - * the data of the file processed is located in the logical block 0. - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -psa_ps_status_t sst_flash_fs_mblock_migrate_lb0_data_to_scratch(void); - -/** - * \brief Reads specified file metadata. - * - * \param[in] idx File metadata entry index - * \param[out] file_meta Pointer to file meta structure - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -psa_ps_status_t sst_flash_fs_mblock_read_file_meta(uint32_t idx, - struct sst_file_meta_t *file_meta); - -/** - * \brief Reads specified logical block metadata. - * - * \param[in] lblock Logical block number - * \param[out] block_meta Pointer to block meta structure - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -psa_ps_status_t sst_flash_fs_mblock_read_block_metadata(uint32_t lblock, - struct sst_block_meta_t *block_meta); - -/** - * \brief Reserves space for a file. - * - * \param[in] file_id File ID - * \param[in] size Size of the file for which space is reserve - * \param[out] file_meta_idx File metadata entry index - * \param[out] file_meta File metadata entry - * \param[out] block_meta Block metadata entry - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -psa_ps_status_t sst_flash_fs_mblock_reserve_file(uint32_t file_id, - uint32_t size, - uint32_t *file_meta_idx, - struct sst_file_meta_t *file_meta, - struct sst_block_meta_t *block_meta); - -/** - * \brief Resets metablock by cleaning and initializing the metadatablock. - * - * \return Returns value as specified in \ref psa_ps_status_t - */ -psa_ps_status_t sst_flash_fs_mblock_reset_metablock(void); - -/** - * \brief Sets current data scratch block - * - * \param[in] phy_id Physical ID of scratch data block - * \param[in] lblock Logical block number - */ -void sst_flash_fs_mblock_set_data_scratch(uint32_t phy_id, uint32_t lblock); - -/** - * \brief Puts logical block's metadata in scratch metadata block - * - * \param[in] lblock Logical block number - * \param[in] block_meta Pointer to block's metadata - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -psa_ps_status_t sst_flash_fs_mblock_update_scratch_block_meta( - uint32_t lblock, - struct sst_block_meta_t *block_meta); - -/** - * \brief Writes a file metadata entry into scratch metadata block. - * - * \param[in] idx File's index in the metadata table - * \param[in] file_meta Metadata pointer - * - * \return Returns error code as specified in \ref psa_ps_status_t - */ -psa_ps_status_t sst_flash_fs_mblock_update_scratch_file_meta(uint32_t idx, - struct sst_file_meta_t *file_meta); - -#ifdef __cplusplus -} -#endif - -#endif /* __SST_FLASH_FS_MBLOCK_H__ */ diff --git a/secure_fw/services/secure_storage/sst_encrypted_object.c b/secure_fw/services/secure_storage/sst_encrypted_object.c index 0383ba4511..aad27520bd 100644 --- a/secure_fw/services/secure_storage/sst_encrypted_object.c +++ b/secure_fw/services/secure_storage/sst_encrypted_object.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause * @@ -10,7 +10,7 @@ #include <stddef.h> #include "crypto/sst_crypto_interface.h" -#include "flash_fs/sst_flash_fs.h" +#include "psa/internal_trusted_storage.h" #include "tfm_memory_utils.h" #include "sst_object_defs.h" #include "sst_utils.h" @@ -19,14 +19,11 @@ #define SST_ENCRYPT_SIZE(plaintext_size) \ ((plaintext_size) + SST_OBJECT_HEADER_SIZE - sizeof(union sst_crypto_t)) -#define SST_CRYPTO_CLEAR_BUF_VALUE 0 #define SST_OBJECT_START_POSITION 0 -#define SST_EMPTY_OBJECT_SIZE 0 /* Buffer to store the maximum encrypted object */ /* FIXME: Do partial encrypt/decrypt to reduce the size of internal buffer */ -#define SST_MAX_ENCRYPTED_OBJ_SIZE GET_ALIGNED_FLASH_BYTES( \ - SST_ENCRYPT_SIZE(SST_MAX_OBJECT_DATA_SIZE)) +#define SST_MAX_ENCRYPTED_OBJ_SIZE SST_ENCRYPT_SIZE(SST_MAX_OBJECT_DATA_SIZE) /* FIXME: add the tag length to the crypto buffer size to account for the tag * being appended to the ciphertext by the crypto layer. @@ -139,26 +136,21 @@ psa_ps_status_t sst_encrypted_object_read(uint32_t fid, struct sst_object_t *obj) { psa_ps_status_t err; - struct sst_file_info_t file_info; uint32_t decrypt_size; - - /* Get the current size of the encrypted object */ - err = sst_flash_fs_file_get_info(fid, &file_info); - if (err != PSA_PS_SUCCESS) { - return err; - } + size_t data_length; /* Read the encrypted object from the the persistent area */ - err = sst_flash_fs_file_read(fid, file_info.size_current, - SST_OBJECT_START_POSITION, - obj->header.crypto.ref.iv); + err = psa_status_to_psa_ps_status( + psa_its_get(fid, SST_OBJECT_START_POSITION, + SST_MAX_OBJECT_SIZE, + (void *)obj->header.crypto.ref.iv, + &data_length)); if (err != PSA_PS_SUCCESS) { return err; } /* Get the decrypt size */ - decrypt_size = file_info.size_current - - GET_ALIGNED_FLASH_BYTES(sizeof(obj->header.crypto.ref.iv)); + decrypt_size = data_length - sizeof(obj->header.crypto.ref.iv); /* Decrypt the object data */ err = sst_object_auth_decrypt(fid, decrypt_size, obj); @@ -175,27 +167,7 @@ psa_ps_status_t sst_encrypted_object_write(uint32_t fid, psa_ps_status_t err; uint32_t wrt_size; - wrt_size = SST_ENCRYPT_SIZE(obj->header.info.max_size) + - sizeof(obj->header.crypto.ref.iv); - - wrt_size = GET_ALIGNED_FLASH_BYTES(wrt_size); - -#if (SST_FLASH_PROGRAM_UNIT!=1) - /* FIX ME - * As GET_ALIGNED_FLASH_BYTES is called twice - * to align IV ,and header + payload - */ - wrt_size +=SST_FLASH_PROGRAM_UNIT; -#endif - - /* Create an object in the object system */ - err = sst_flash_fs_file_create(fid, wrt_size, SST_EMPTY_OBJECT_SIZE, NULL); - if (err != PSA_PS_SUCCESS) { - return err; - } - - wrt_size = GET_ALIGNED_FLASH_BYTES( - SST_ENCRYPT_SIZE(obj->header.info.current_size)); + wrt_size = SST_ENCRYPT_SIZE(obj->header.info.current_size); /* Authenticate and encrypt the object */ err = sst_object_auth_encrypt(fid, wrt_size, obj); @@ -205,13 +177,11 @@ psa_ps_status_t sst_encrypted_object_write(uint32_t fid, wrt_size += sizeof(obj->header.crypto.ref.iv); - wrt_size = GET_ALIGNED_FLASH_BYTES(wrt_size); - /* Write the encrypted object to the persistent area. The tag values is not * copied as it is stored in the object table. */ - err = sst_flash_fs_file_write(fid, wrt_size, SST_OBJECT_START_POSITION, - obj->header.crypto.ref.iv); - - return err; + return psa_status_to_psa_ps_status( + psa_its_set(fid, wrt_size, + (const void *)obj->header.crypto.ref.iv, + PSA_STORAGE_FLAG_NONE)); } diff --git a/secure_fw/services/secure_storage/sst_object_defs.h b/secure_fw/services/secure_storage/sst_object_defs.h index 56aedf2496..a5e264b7da 100644 --- a/secure_fw/services/secure_storage/sst_object_defs.h +++ b/secure_fw/services/secure_storage/sst_object_defs.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause * @@ -12,7 +12,6 @@ #include "flash_layout.h" #include "psa/protected_storage.h" -#include "sst_utils.h" #ifdef SST_ENCRYPTION #include "crypto/sst_crypto_interface.h" @@ -45,7 +44,7 @@ struct sst_obj_header_t { }; -#define SST_MAX_OBJECT_DATA_SIZE GET_ALIGNED_FLASH_BYTES(SST_MAX_ASSET_SIZE) +#define SST_MAX_OBJECT_DATA_SIZE SST_MAX_ASSET_SIZE /*! * \struct sst_object_t diff --git a/secure_fw/services/secure_storage/sst_object_system.c b/secure_fw/services/secure_storage/sst_object_system.c index 833fee300c..33f47436ac 100644 --- a/secure_fw/services/secure_storage/sst_object_system.c +++ b/secure_fw/services/secure_storage/sst_object_system.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017-2019, Arm Limited. All rights reserved. + * Copyright (c) 2017-2020, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause * @@ -10,7 +10,7 @@ #include <stddef.h> #include "cmsis_compiler.h" -#include "flash_fs/sst_flash_fs.h" +#include "psa/internal_trusted_storage.h" #include "tfm_memory_utils.h" #ifdef SST_ENCRYPTION #include "sst_encrypted_object.h" @@ -74,9 +74,7 @@ static psa_ps_status_t sst_remove_old_data(uint32_t old_fid) } /* Delete old file from the persistent area */ - err = sst_flash_fs_file_delete(old_fid); - - return err; + return psa_status_to_psa_ps_status(psa_its_remove(old_fid)); } #ifndef SST_ENCRYPTION @@ -96,11 +94,14 @@ enum read_type_t { static psa_ps_status_t sst_read_object(enum read_type_t type) { psa_ps_status_t err; + size_t data_length; /* Read object header */ - err = sst_flash_fs_file_read(g_obj_tbl_info.fid, SST_OBJECT_HEADER_SIZE, - SST_OBJECT_START_POSITION, - (uint8_t *)&g_sst_object.header); + err = psa_status_to_psa_ps_status(psa_its_get(g_obj_tbl_info.fid, + SST_OBJECT_START_POSITION, + SST_OBJECT_HEADER_SIZE, + (void *)&g_sst_object.header, + &data_length)); if (err != PSA_PS_SUCCESS) { return err; } @@ -110,23 +111,23 @@ static psa_ps_status_t sst_read_object(enum read_type_t type) */ if (g_sst_object.header.fid != g_obj_tbl_info.fid || g_sst_object.header.version != g_obj_tbl_info.version) { - err = PSA_PS_ERROR_DATA_CORRUPT; + return PSA_PS_ERROR_DATA_CORRUPT; } - if (type == READ_ALL_OBJECT) { - /* Read object data if any */ - if (g_sst_object.header.info.current_size > 0) { - err = sst_flash_fs_file_read(g_obj_tbl_info.fid, - g_sst_object.header.info.current_size, - SST_OBJECT_HEADER_SIZE, - g_sst_object.data); - if (err != PSA_PS_SUCCESS) { - return err; - } + /* Read object data if any */ + if (type == READ_ALL_OBJECT && g_sst_object.header.info.current_size > 0) { + err = psa_status_to_psa_ps_status( + psa_its_get(g_obj_tbl_info.fid, + SST_OBJECT_HEADER_SIZE, + g_sst_object.header.info.current_size, + (void *)g_sst_object.data, + &data_length)); + if (err != PSA_PS_SUCCESS) { + return err; } } - return err; + return PSA_PS_SUCCESS; } /** @@ -139,9 +140,6 @@ static psa_ps_status_t sst_read_object(enum read_type_t type) */ static psa_ps_status_t sst_write_object(uint32_t wrt_size) { - psa_ps_status_t err; - uint32_t max_size = SST_OBJECT_SIZE(g_sst_object.header.info.max_size); - /* Add object identification and increase object version */ g_sst_object.header.fid = g_obj_tbl_info.fid; g_sst_object.header.version++; @@ -149,11 +147,9 @@ static psa_ps_status_t sst_write_object(uint32_t wrt_size) /* Save object version to be stored in the object table */ g_obj_tbl_info.version = g_sst_object.header.version; - err = sst_flash_fs_file_create(g_obj_tbl_info.fid, - GET_ALIGNED_FLASH_BYTES(max_size), - GET_ALIGNED_FLASH_BYTES(wrt_size), - (const uint8_t *)&g_sst_object); - return err; + return psa_status_to_psa_ps_status(psa_its_set(g_obj_tbl_info.fid, wrt_size, + (const void *)&g_sst_object, + PSA_STORAGE_FLAG_NONE)); } #endif /* !SST_ENCRYPTION */ @@ -162,11 +158,6 @@ psa_ps_status_t sst_system_prepare(void) { psa_ps_status_t err; - err = sst_flash_fs_prepare(); - if (err != PSA_PS_SUCCESS) { - return err; - } - /* Reuse the allocated g_sst_object.data to store a temporary object table * data to be validate inside the function. * The stored date will be cleaned up when the g_sst_object.data will @@ -317,7 +308,7 @@ psa_ps_status_t sst_object_create(psa_ps_uid_t uid, int32_t client_id, /* Remove new object as object table is not persistent and propagate * object table manipulation error. */ - (void)sst_flash_fs_file_delete(g_obj_tbl_info.fid); + (void)psa_its_remove(g_obj_tbl_info.fid); goto clear_data_and_return; } @@ -427,7 +418,7 @@ psa_ps_status_t sst_object_write(psa_ps_uid_t uid, int32_t client_id, /* Remove new object as object table is not persistent and propagate * object table manipulation error. */ - (void)sst_flash_fs_file_delete(g_obj_tbl_info.fid); + (void)psa_its_remove(g_obj_tbl_info.fid); goto clear_data_and_return; } @@ -525,8 +516,6 @@ clear_data_and_return: psa_ps_status_t sst_system_wipe_all(void) { - psa_ps_status_t err; - /* This function may get called as a corrective action * if a system level security violation is detected. * This could be asynchronous to normal system operation @@ -534,15 +523,5 @@ psa_ps_status_t sst_system_wipe_all(void) * this function doesn't block on the lock and directly * moves to erasing the flash instead. */ - err = sst_flash_fs_wipe_all(); - if (err != PSA_PS_SUCCESS) { - return err; - } - - err = sst_flash_fs_prepare(); - if (err != PSA_PS_SUCCESS) { - return err; - } - return sst_object_table_create(); } diff --git a/secure_fw/services/secure_storage/sst_object_table.c b/secure_fw/services/secure_storage/sst_object_table.c index 2d07807499..2c5fff3078 100644 --- a/secure_fw/services/secure_storage/sst_object_table.c +++ b/secure_fw/services/secure_storage/sst_object_table.c @@ -11,13 +11,16 @@ #include "cmsis_compiler.h" #include "crypto/sst_crypto_interface.h" -#include "flash/sst_flash.h" -#include "flash_fs/sst_flash_fs.h" +#include "flash_layout.h" #include "nv_counters/sst_nv_counters.h" +#include "psa/internal_trusted_storage.h" #include "tfm_memory_utils.h" #include "sst_utils.h" #include "tfm_sst_defs.h" +/* FIXME: Duplicated from flash info */ +#define SST_FLASH_DEFAULT_VAL 0xFFU + /*! * \def SST_OBJECT_SYSTEM_VERSION * @@ -51,7 +54,7 @@ struct sst_obj_table_entry_t { * * \brief Object table structure. */ -struct __attribute__((__aligned__(SST_FLASH_PROGRAM_UNIT))) sst_obj_table_t { +struct sst_obj_table_t { #ifdef SST_ENCRYPTION union sst_crypto_t crypto; /*!< Crypto metadata. */ #endif @@ -216,22 +219,26 @@ __STATIC_INLINE void sst_object_table_fs_read_table( struct sst_obj_table_init_ctx_t *init_ctx) { psa_ps_status_t err; - /* FIXME: Read table from a persistent memory (flash location or FS) */ + size_t data_length; /* Read file with the table 0 data */ - err = sst_flash_fs_file_read(SST_TABLE_FS_ID(SST_OBJ_TABLE_IDX_0), - SST_OBJ_TABLE_SIZE, - SST_OBJECT_TABLE_OBJECT_OFFSET, - (uint8_t *)init_ctx->p_table[SST_OBJ_TABLE_IDX_0]); + err = psa_status_to_psa_ps_status( + psa_its_get(SST_TABLE_FS_ID(SST_OBJ_TABLE_IDX_0), + SST_OBJECT_TABLE_OBJECT_OFFSET, + SST_OBJ_TABLE_SIZE, + (void *)init_ctx->p_table[SST_OBJ_TABLE_IDX_0], + &data_length)); if (err != PSA_PS_SUCCESS) { init_ctx->table_state[SST_OBJ_TABLE_IDX_0] = SST_OBJ_TABLE_INVALID; } /* Read file with the table 1 data */ - err = sst_flash_fs_file_read(SST_TABLE_FS_ID(SST_OBJ_TABLE_IDX_1), - SST_OBJ_TABLE_SIZE, - SST_OBJECT_TABLE_OBJECT_OFFSET, - (uint8_t *)init_ctx->p_table[SST_OBJ_TABLE_IDX_1]); + err = psa_status_to_psa_ps_status( + psa_its_get(SST_TABLE_FS_ID(SST_OBJ_TABLE_IDX_1), + SST_OBJECT_TABLE_OBJECT_OFFSET, + SST_OBJ_TABLE_SIZE, + (void *)init_ctx->p_table[SST_OBJ_TABLE_IDX_1], + &data_length)); if (err != PSA_PS_SUCCESS) { init_ctx->table_state[SST_OBJ_TABLE_IDX_1] = SST_OBJ_TABLE_INVALID; } @@ -253,12 +260,12 @@ __STATIC_INLINE psa_ps_status_t sst_object_table_fs_write_table( uint32_t obj_table_id = SST_TABLE_FS_ID(sst_obj_table_ctx.scratch_table); uint8_t swap_table_idxs = sst_obj_table_ctx.scratch_table; - /* Create file to store object table in the FS */ - err = sst_flash_fs_file_create(obj_table_id, - SST_OBJ_TABLE_SIZE, - SST_OBJ_TABLE_SIZE, - (const uint8_t *)obj_table); + err = psa_status_to_psa_ps_status(psa_its_set(obj_table_id, + SST_OBJ_TABLE_SIZE, + (const void *)obj_table, + PSA_STORAGE_FLAG_NONE)); + if (err != PSA_PS_SUCCESS) { return err; } @@ -888,8 +895,8 @@ psa_ps_status_t sst_object_table_init(uint8_t *obj_data) } /* Remove the old object table file */ - err = sst_flash_fs_file_delete(SST_TABLE_FS_ID( - sst_obj_table_ctx.scratch_table)); + err = psa_status_to_psa_ps_status( + psa_its_remove(SST_TABLE_FS_ID(sst_obj_table_ctx.scratch_table))); if (err != PSA_PS_SUCCESS && err != PSA_PS_ERROR_UID_NOT_FOUND) { return err; } @@ -933,18 +940,13 @@ psa_ps_status_t sst_object_table_get_free_fid(uint32_t fid_num, */ fid = SST_OBJECT_FS_ID(idx); - /* Check if there is a file in the persistent area with that ID. That - * can happened when the system is rebooted (e.g. power cut, ...) in the + /* If there is a file in the persistent area with that ID then remove it. + * That can happen when the system is rebooted (e.g. power cut, ...) in the * middle of a create, write or delete operation. */ - if (sst_flash_fs_file_exist(fid) == PSA_PS_SUCCESS) { - /* Remove old file from the persistent area, to keep it consistent - * with the table content. - */ - err = sst_flash_fs_file_delete(fid); - if (err != PSA_PS_SUCCESS) { - return err; - } + err = psa_status_to_psa_ps_status(psa_its_remove(fid)); + if (err != PSA_PS_SUCCESS && err != PSA_PS_ERROR_UID_NOT_FOUND) { + return err; } *p_fid = fid; @@ -1073,5 +1075,5 @@ psa_ps_status_t sst_object_table_delete_old_table(void) { uint32_t table_id = SST_TABLE_FS_ID(sst_obj_table_ctx.scratch_table); - return sst_flash_fs_file_delete(table_id); + return psa_status_to_psa_ps_status(psa_its_remove(table_id)); } diff --git a/secure_fw/services/secure_storage/sst_utils.c b/secure_fw/services/secure_storage/sst_utils.c index a16ce476dc..e4099b3293 100644 --- a/secure_fw/services/secure_storage/sst_utils.c +++ b/secure_fw/services/secure_storage/sst_utils.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017-2019, Arm Limited. All rights reserved. + * Copyright (c) 2017-2020, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause * @@ -27,11 +27,24 @@ psa_ps_status_t sst_utils_check_contained_in(uint32_t superset_size, return PSA_PS_SUCCESS; } -psa_ps_status_t sst_utils_validate_fid(uint32_t fid) +psa_ps_status_t psa_status_to_psa_ps_status(psa_status_t status) { - if (fid == SST_INVALID_FID) { + switch (status) { + case PSA_SUCCESS: + return PSA_PS_SUCCESS; + case PSA_ERROR_NOT_PERMITTED: + return PSA_PS_ERROR_WRITE_ONCE; + case PSA_ERROR_NOT_SUPPORTED: + return PSA_PS_ERROR_FLAGS_NOT_SUPPORTED; + case PSA_ERROR_INSUFFICIENT_STORAGE: + return PSA_PS_ERROR_INSUFFICIENT_SPACE; + case PSA_ERROR_STORAGE_FAILURE: + return PSA_PS_ERROR_STORAGE_FAILURE; + case PSA_ERROR_DOES_NOT_EXIST: return PSA_PS_ERROR_UID_NOT_FOUND; + case PSA_ERROR_INVALID_ARGUMENT: + return PSA_PS_ERROR_INVALID_ARGUMENT; + default: + return PSA_PS_ERROR_OPERATION_FAILED; } - - return PSA_PS_SUCCESS; } diff --git a/secure_fw/services/secure_storage/sst_utils.h b/secure_fw/services/secure_storage/sst_utils.h index 3133c19d4e..2a2f292ea9 100644 --- a/secure_fw/services/secure_storage/sst_utils.h +++ b/secure_fw/services/secure_storage/sst_utils.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017-2019, Arm Limited. All rights reserved. + * Copyright (c) 2017-2020, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause * @@ -10,7 +10,7 @@ #include <stdint.h> -#include "flash_layout.h" +#include "psa/error.h" #include "psa/protected_storage.h" #ifdef __cplusplus @@ -20,12 +20,6 @@ extern "C" { #define SST_INVALID_FID 0 #define SST_DEFAULT_EMPTY_BUFF_VAL 0 -/* FIXME: Support other flash program units.*/ -#if ((SST_FLASH_PROGRAM_UNIT != 1) && (SST_FLASH_PROGRAM_UNIT != 2) \ - && (SST_FLASH_PROGRAM_UNIT != 4) && (SST_FLASH_PROGRAM_UNIT != 8)) -#error "The supported SST_FLASH_PROGRAM_UNIT values are 1, 2 or 4, 8 bytes" -#endif - /** * \brief Macro to check, at compilation time, if data fits in data buffer * @@ -42,17 +36,6 @@ extern "C" { typedef char err_msg[(data_size <= data_buf_size)*2 - 1] /** - * \brief Macro to get the number of bytes aligned with the - * SST_FLASH_PROGRAM_UNIT. - * - * \param[in] nbr_bytes Number of bytes - * - * \return Return number of bytes aligned with SST_FLASH_PROGRAM_UNIT - */ -#define GET_ALIGNED_FLASH_BYTES(nbr_bytes) \ - ((nbr_bytes + (SST_FLASH_PROGRAM_UNIT - 1)) & ~((SST_FLASH_PROGRAM_UNIT - 1))) - -/** * \brief Checks if a subset region is fully contained within a superset region. * * \param[in] superset_size Size of superset region @@ -75,13 +58,9 @@ psa_ps_status_t sst_utils_check_contained_in(uint32_t superset_size, uint32_t subset_size); /** - * \brief Validates file ID - * - * \param[in] fid File ID - * - * \return Returns error code as specified in \ref psa_ps_status_t + * \brief Converts from psa_status_t to psa_ps_status_t */ -psa_ps_status_t sst_utils_validate_fid(uint32_t fid); +psa_ps_status_t psa_status_to_psa_ps_status(psa_status_t status); #ifdef __cplusplus } diff --git a/secure_fw/services/secure_storage/tfm_secure_storage.yaml b/secure_fw/services/secure_storage/tfm_secure_storage.yaml index 804a344e08..9f117ec851 100644 --- a/secure_fw/services/secure_storage/tfm_secure_storage.yaml +++ b/secure_fw/services/secure_storage/tfm_secure_storage.yaml @@ -1,5 +1,5 @@ #------------------------------------------------------------------------------- -# Copyright (c) 2018-2019, Arm Limited. All rights reserved. +# Copyright (c) 2018-2020, Arm Limited. All rights reserved. # # SPDX-License-Identifier: BSD-3-Clause # @@ -11,7 +11,7 @@ "type": "PSA-ROT", "priority": "NORMAL", "entry_point": "tfm_sst_req_mngr_init", - "stack_size": "0xA00", + "stack_size": "0x600", "secure_functions": [ { "name": "TFM_SST_SET", @@ -86,7 +86,11 @@ } ], "dependencies": [ - "TFM_CRYPTO" + "TFM_CRYPTO", + "TFM_ITS_SET", + "TFM_ITS_GET", + "TFM_ITS_GET_INFO", + "TFM_ITS_REMOVE" ], "linker_pattern": { "library_list": [ diff --git a/secure_fw/spm/tfm_spm_db.inc b/secure_fw/spm/tfm_spm_db.inc index ce05fd6f0d..59f7f0e1ff 100644 --- a/secure_fw/spm/tfm_spm_db.inc +++ b/secure_fw/spm/tfm_spm_db.inc @@ -528,6 +528,10 @@ uint32_t *ctx_stack_list[] = static int32_t dependencies_TFM_SP_STORAGE[] = { TFM_CRYPTO_SID, + TFM_ITS_SET_SID, + TFM_ITS_GET_SID, + TFM_ITS_GET_INFO_SID, + TFM_ITS_REMOVE_SID, }; #endif /* TFM_PARTITION_SECURE_STORAGE */ @@ -584,6 +588,8 @@ static int32_t dependencies_TFM_SP_IPC_CLIENT_TEST[] = static int32_t dependencies_TFM_SP_SST_TEST[] = { TFM_CRYPTO_SID, + TFM_ITS_GET_SID, + TFM_ITS_REMOVE_SID, }; #endif /* TFM_PARTITION_TEST_SST */ @@ -636,7 +642,7 @@ const struct spm_partition_static_data_t static_data_list[] = , .partition_priority = TFM_PRIORITY(NORMAL), .partition_init = tfm_sst_req_mngr_init, - .dependencies_num = 1, + .dependencies_num = 5, .p_dependencies = dependencies_TFM_SP_STORAGE, }, #endif /* TFM_PARTITION_SECURE_STORAGE */ @@ -828,7 +834,7 @@ const struct spm_partition_static_data_t static_data_list[] = , .partition_priority = TFM_PRIORITY(NORMAL), .partition_init = tfm_sst_test_init, - .dependencies_num = 1, + .dependencies_num = 3, .p_dependencies = dependencies_TFM_SP_SST_TEST, }, #endif /* TFM_PARTITION_TEST_SST */ diff --git a/test/test_services/tfm_sst_test_service/tfm_sst_test_service.yaml b/test/test_services/tfm_sst_test_service/tfm_sst_test_service.yaml index aa3c66c10f..5e85396609 100644 --- a/test/test_services/tfm_sst_test_service/tfm_sst_test_service.yaml +++ b/test/test_services/tfm_sst_test_service/tfm_sst_test_service.yaml @@ -32,6 +32,8 @@ ], "dependencies": [ "TFM_CRYPTO", + "TFM_ITS_GET", + "TFM_ITS_REMOVE" ], "linker_pattern": { "object_list": [ |