aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTudorCretu <tudor.cretu@arm.com>2019-08-09 15:35:12 +0100
committerJamie Fox <jamie.fox@arm.com>2020-02-07 16:46:53 +0000
commit1ad093737d5bd738d1031ca3601b9749ec72a781 (patch)
treefde5a15b32b9ecd89aec9172ffcd2b038532ffea
parent65873d80fd5b5805f7caa6a1ed74dabea726127b (diff)
downloadtrusted-firmware-m-1ad093737d5bd738d1031ca3601b9749ec72a781.tar.gz
SST: Use ITS as the backend of SST
This patch updates the SST service to call ITS as its backend. Also updates ITS to maintain a second filesystem context for SST, using the external flash device instead of the internal one. Change-Id: I83027aa859b369e6d7d8e085518e2b068e2f9eac Co-authored-by: Jamie Fox <jamie.fox@arm.com> Signed-off-by: Tudor Cretu <tudor.cretu@arm.com> Signed-off-by: Jamie Fox <jamie.fox@arm.com>
-rw-r--r--platform/ext/common/armclang/tfm_common_s.sct2
-rw-r--r--platform/ext/common/gcc/tfm_common_s.ld2
-rw-r--r--secure_fw/services/internal_trusted_storage/CMakeLists.inc21
-rw-r--r--secure_fw/services/internal_trusted_storage/flash/its_flash.c2
-rw-r--r--secure_fw/services/internal_trusted_storage/flash/its_flash.h4
-rw-r--r--secure_fw/services/internal_trusted_storage/flash/its_flash_info_external.c87
-rw-r--r--secure_fw/services/internal_trusted_storage/tfm_internal_trusted_storage.c86
-rw-r--r--secure_fw/services/internal_trusted_storage/tfm_its_req_mngr.c4
-rw-r--r--secure_fw/services/secure_storage/CMakeLists.inc6
-rw-r--r--secure_fw/services/secure_storage/flash/sst_flash.c243
-rw-r--r--secure_fw/services/secure_storage/flash/sst_flash.h136
-rw-r--r--secure_fw/services/secure_storage/flash_fs/sst_flash_fs.c461
-rw-r--r--secure_fw/services/secure_storage/flash_fs/sst_flash_fs.h139
-rw-r--r--secure_fw/services/secure_storage/flash_fs/sst_flash_fs_dblock.c192
-rw-r--r--secure_fw/services/secure_storage/flash_fs/sst_flash_fs_dblock.h102
-rw-r--r--secure_fw/services/secure_storage/flash_fs/sst_flash_fs_mblock.c1123
-rw-r--r--secure_fw/services/secure_storage/flash_fs/sst_flash_fs_mblock.h214
-rw-r--r--secure_fw/services/secure_storage/sst_encrypted_object.c60
-rw-r--r--secure_fw/services/secure_storage/sst_object_defs.h5
-rw-r--r--secure_fw/services/secure_storage/sst_object_system.c73
-rw-r--r--secure_fw/services/secure_storage/sst_object_table.c62
-rw-r--r--secure_fw/services/secure_storage/sst_utils.c23
-rw-r--r--secure_fw/services/secure_storage/sst_utils.h29
-rw-r--r--secure_fw/services/secure_storage/tfm_secure_storage.yaml10
-rw-r--r--secure_fw/spm/tfm_spm_db.inc10
-rw-r--r--test/test_services/tfm_sst_test_service/tfm_sst_test_service.yaml2
26 files changed, 304 insertions, 2794 deletions
diff --git a/platform/ext/common/armclang/tfm_common_s.sct b/platform/ext/common/armclang/tfm_common_s.sct
index bbbbf61168..214f0f41ee 100644
--- a/platform/ext/common/armclang/tfm_common_s.sct
+++ b/platform/ext/common/armclang/tfm_common_s.sct
@@ -339,7 +339,7 @@ LR_CODE S_CODE_START {
}
#if defined (TFM_PSA_API)
- TFM_SP_STORAGE_LINKER_STACK +0 ALIGN 128 EMPTY 0xA00 {
+ TFM_SP_STORAGE_LINKER_STACK +0 ALIGN 128 EMPTY 0x600 {
}
#endif
#endif /* TFM_PARTITION_SECURE_STORAGE */
diff --git a/platform/ext/common/gcc/tfm_common_s.ld b/platform/ext/common/gcc/tfm_common_s.ld
index dc6c75a9d8..42aebcf73d 100644
--- a/platform/ext/common/gcc/tfm_common_s.ld
+++ b/platform/ext/common/gcc/tfm_common_s.ld
@@ -918,7 +918,7 @@ SECTIONS
#if defined (TFM_PSA_API)
.TFM_SP_STORAGE_LINKER_STACK : ALIGN(128)
{
- . += 0xA00;
+ . += 0x600;
} > RAM
Image$$TFM_SP_STORAGE_LINKER_STACK$$ZI$$Base = ADDR(.TFM_SP_STORAGE_LINKER_STACK);
Image$$TFM_SP_STORAGE_LINKER_STACK$$ZI$$Limit = ADDR(.TFM_SP_STORAGE_LINKER_STACK) + SIZEOF(.TFM_SP_STORAGE_LINKER_STACK);
diff --git a/secure_fw/services/internal_trusted_storage/CMakeLists.inc b/secure_fw/services/internal_trusted_storage/CMakeLists.inc
index 2caa5041c8..1a4f03b062 100644
--- a/secure_fw/services/internal_trusted_storage/CMakeLists.inc
+++ b/secure_fw/services/internal_trusted_storage/CMakeLists.inc
@@ -44,12 +44,15 @@ set(INTERNAL_TRUSTED_STORAGE_C_SRC
"${INTERNAL_TRUSTED_STORAGE_DIR}/its_utils.c"
"${INTERNAL_TRUSTED_STORAGE_DIR}/flash/its_flash.c"
"${INTERNAL_TRUSTED_STORAGE_DIR}/flash/its_flash_info_internal.c"
+ "${INTERNAL_TRUSTED_STORAGE_DIR}/flash/its_flash_info_external.c"
"${INTERNAL_TRUSTED_STORAGE_DIR}/flash_fs/its_flash_fs.c"
"${INTERNAL_TRUSTED_STORAGE_DIR}/flash_fs/its_flash_fs_dblock.c"
"${INTERNAL_TRUSTED_STORAGE_DIR}/flash_fs/its_flash_fs_mblock.c"
)
-if (ITS_VALIDATE_METADATA_FROM_FLASH)
+# If either ITS or SST requires metadata to be validated, then compile the
+# validation code.
+if (ITS_VALIDATE_METADATA_FROM_FLASH OR SST_VALIDATE_METADATA_FROM_FLASH)
set_property(SOURCE ${INTERNAL_TRUSTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS ITS_VALIDATE_METADATA_FROM_FLASH)
endif()
@@ -57,8 +60,22 @@ if (ITS_CREATE_FLASH_LAYOUT)
set_property(SOURCE ${INTERNAL_TRUSTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS ITS_CREATE_FLASH_LAYOUT)
endif()
-if (ITS_RAM_FS)
+# FIXME: RAM FS can only be compiled if both ITS and SST have it enabled
+if (ITS_RAM_FS AND SST_RAM_FS)
set_property(SOURCE ${INTERNAL_TRUSTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS ITS_RAM_FS)
+ set_property(SOURCE ${INTERNAL_TRUSTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS SST_RAM_FS)
+endif()
+
+# Also set SST definitions
+if (SST_ENCRYPTION)
+ set_property(SOURCE ${INTERNAL_TRUSTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS SST_ENCRYPTION)
+ if (SST_ROLLBACK_PROTECTION)
+ set_property(SOURCE ${INTERNAL_TRUSTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS SST_ROLLBACK_PROTECTION)
+ endif()
+endif()
+
+if (SST_CREATE_FLASH_LAYOUT)
+ set_property(SOURCE ${INTERNAL_TRUSTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS SST_CREATE_FLASH_LAYOUT)
endif()
#Append all our source files to global lists.
diff --git a/secure_fw/services/internal_trusted_storage/flash/its_flash.c b/secure_fw/services/internal_trusted_storage/flash/its_flash.c
index 6f4efd7587..c06a07c9c2 100644
--- a/secure_fw/services/internal_trusted_storage/flash/its_flash.c
+++ b/secure_fw/services/internal_trusted_storage/flash/its_flash.c
@@ -14,9 +14,11 @@
#define MAX_BLOCK_DATA_COPY 256
extern const struct its_flash_info_t its_flash_info_internal;
+extern const struct its_flash_info_t its_flash_info_external;
static const struct its_flash_info_t *const flash_infos[] = {
[ITS_FLASH_ID_INTERNAL] = &its_flash_info_internal,
+ [ITS_FLASH_ID_EXTERNAL] = &its_flash_info_external,
};
/**
diff --git a/secure_fw/services/internal_trusted_storage/flash/its_flash.h b/secure_fw/services/internal_trusted_storage/flash/its_flash.h
index f7658c3901..4347e50957 100644
--- a/secure_fw/services/internal_trusted_storage/flash/its_flash.h
+++ b/secure_fw/services/internal_trusted_storage/flash/its_flash.h
@@ -26,7 +26,8 @@ extern "C" {
* \brief Provides a compile-time constant for the maximum program unit required
* by any flash device that can be accessed through this interface.
*/
-#define ITS_FLASH_MAX_PROGRAM_UNIT ITS_FLASH_PROGRAM_UNIT
+#define ITS_FLASH_MAX_PROGRAM_UNIT ITS_UTILS_MAX(ITS_FLASH_PROGRAM_UNIT, \
+ SST_FLASH_PROGRAM_UNIT)
/**
* \brief Enumerates the available flash devices.
@@ -36,6 +37,7 @@ extern "C" {
*/
enum its_flash_id_t {
ITS_FLASH_ID_INTERNAL = 0,
+ ITS_FLASH_ID_EXTERNAL,
};
/**
diff --git a/secure_fw/services/internal_trusted_storage/flash/its_flash_info_external.c b/secure_fw/services/internal_trusted_storage/flash/its_flash_info_external.c
new file mode 100644
index 0000000000..a046ee71ec
--- /dev/null
+++ b/secure_fw/services/internal_trusted_storage/flash/its_flash_info_external.c
@@ -0,0 +1,87 @@
+/*
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#include "its_flash.h"
+
+#include "Driver_Flash.h"
+#include "flash_layout.h"
+#include "secure_fw/services/internal_trusted_storage/its_utils.h"
+#include "secure_fw/services/secure_storage/sst_object_defs.h"
+
+#ifndef SST_FLASH_DEV_NAME
+#error "SST_FLASH_DEV_NAME must be defined by the target in flash_layout.h"
+#endif
+
+#ifndef SST_FLASH_AREA_ADDR
+#error "SST_FLASH_AREA_ADDR must be defined by the target in flash_layout.h"
+#endif
+
+/* Adjust to a size that will allow all assets to fit */
+#ifndef SST_FLASH_AREA_SIZE
+#error "SST_FLASH_AREA_SIZE must be defined by the target in flash_layout.h"
+#endif
+
+/* Adjust to match the size of the flash device's physical erase unit */
+#ifndef SST_SECTOR_SIZE
+#error "SST_SECTOR_SIZE must be defined by the target in flash_layout.h"
+#endif
+
+/* Adjust so that the maximum required asset size will fit in one block */
+#ifndef SST_SECTORS_PER_BLOCK
+#error "SST_SECTORS_PER_BLOCK must be defined by the target in flash_layout.h"
+#endif
+
+/* Adjust to match the size of the flash device's physical program unit */
+#ifndef SST_FLASH_PROGRAM_UNIT
+#error "SST_FLASH_PROGRAM_UNIT must be defined by the target in flash_layout.h"
+#endif
+
+/* FIXME: Support other flash program units */
+#if ((SST_FLASH_PROGRAM_UNIT != 1) && (SST_FLASH_PROGRAM_UNIT != 2) \
+ && (SST_FLASH_PROGRAM_UNIT != 4) && (SST_FLASH_PROGRAM_UNIT != 8))
+#error "The supported SST_FLASH_PROGRAM_UNIT values are 1, 2, 4 or 8 bytes"
+#endif
+
+/* Calculate the block layout */
+#define FLASH_INFO_BLOCK_SIZE (SST_SECTOR_SIZE * SST_SECTORS_PER_BLOCK)
+#define FLASH_INFO_NUM_BLOCKS (SST_FLASH_AREA_SIZE / FLASH_INFO_BLOCK_SIZE)
+
+/* Maximum file size */
+#define FLASH_INFO_MAX_FILE_SIZE ITS_UTILS_ALIGN(SST_MAX_OBJECT_SIZE, \
+ SST_FLASH_PROGRAM_UNIT)
+
+/* Maximum number of files */
+#define FLASH_INFO_MAX_NUM_FILES SST_MAX_NUM_OBJECTS
+
+/* Default value of each byte in the flash when erased */
+#define FLASH_INFO_ERASE_VAL 0xFFU
+
+#ifdef SST_RAM_FS
+/* Allocate a static buffer to emulate storage in RAM */
+static uint8_t sst_block_data[FLASH_INFO_BLOCK_SIZE * FLASH_INFO_NUM_BLOCKS];
+#define FLASH_INFO_DEV sst_block_data
+#else
+/* Import the CMSIS flash device driver */
+extern ARM_DRIVER_FLASH SST_FLASH_DEV_NAME;
+#define FLASH_INFO_DEV &SST_FLASH_DEV_NAME
+#endif
+
+const struct its_flash_info_t its_flash_info_external = {
+ .flash_dev = (void *)FLASH_INFO_DEV,
+ .flash_area_addr = SST_FLASH_AREA_ADDR,
+ .sector_size = SST_SECTOR_SIZE,
+ .block_size = FLASH_INFO_BLOCK_SIZE,
+ .num_blocks = FLASH_INFO_NUM_BLOCKS,
+ .program_unit = SST_FLASH_PROGRAM_UNIT,
+ .max_file_size = FLASH_INFO_MAX_FILE_SIZE,
+ .max_num_files = FLASH_INFO_MAX_NUM_FILES,
+ .erase_val = FLASH_INFO_ERASE_VAL,
+};
+
+/* Checks at compile time that the flash device configuration is valid */
+#include \
+"secure_fw/services/internal_trusted_storage/flash_fs/its_flash_fs_check_info.h"
diff --git a/secure_fw/services/internal_trusted_storage/tfm_internal_trusted_storage.c b/secure_fw/services/internal_trusted_storage/tfm_internal_trusted_storage.c
index f510bd16fc..49c18a4b8e 100644
--- a/secure_fw/services/internal_trusted_storage/tfm_internal_trusted_storage.c
+++ b/secure_fw/services/internal_trusted_storage/tfm_internal_trusted_storage.c
@@ -9,6 +9,7 @@
#include "flash/its_flash.h"
#include "flash_fs/its_flash_fs.h"
+#include "psa_manifest/pid.h"
#include "tfm_memory_utils.h"
#include "tfm_its_defs.h"
#include "its_utils.h"
@@ -16,7 +17,13 @@
static uint8_t g_fid[ITS_FILE_ID_SIZE];
static struct its_file_info_t g_file_info;
-static its_flash_fs_ctx_t fs_ctx;
+static its_flash_fs_ctx_t fs_ctx_its;
+static its_flash_fs_ctx_t fs_ctx_sst;
+
+static its_flash_fs_ctx_t *get_fs_ctx(int32_t client_id)
+{
+ return (client_id == TFM_SP_STORAGE) ? &fs_ctx_sst : &fs_ctx_its;
+}
/**
* \brief Maps a pair of client id and uid to a file id.
@@ -37,7 +44,8 @@ psa_status_t tfm_its_init(void)
{
psa_status_t status;
- status = its_flash_fs_prepare(&fs_ctx,
+ /* Initialise the ITS context */
+ status = its_flash_fs_prepare(&fs_ctx_its,
its_flash_get_info(ITS_FLASH_ID_INTERNAL));
#ifdef ITS_CREATE_FLASH_LAYOUT
/* If ITS_CREATE_FLASH_LAYOUT is set, it indicates that it is required to
@@ -55,17 +63,47 @@ psa_status_t tfm_its_init(void)
/* Remove all data in the ITS memory area and create a valid ITS flash
* layout in that area.
*/
- status = its_flash_fs_wipe_all(&fs_ctx);
+ status = its_flash_fs_wipe_all(&fs_ctx_its);
if (status != PSA_SUCCESS) {
return status;
}
/* Attempt to initialise again */
- status = its_flash_fs_prepare(&fs_ctx,
+ status = its_flash_fs_prepare(&fs_ctx_its,
its_flash_get_info(ITS_FLASH_ID_INTERNAL));
}
#endif /* ITS_CREATE_FLASH_LAYOUT */
+ /* Initialise the SST context */
+ status = its_flash_fs_prepare(&fs_ctx_sst,
+ its_flash_get_info(ITS_FLASH_ID_EXTERNAL));
+#ifdef SST_CREATE_FLASH_LAYOUT
+ /* If SST_CREATE_FLASH_LAYOUT is set, it indicates that it is required to
+ * create a SST flash layout. SST service will generate an empty and valid
+ * SST flash layout to store assets. It will erase all data located in the
+ * assigned SST memory area before generating the SST layout.
+ * This flag is required to be set if the SST memory area is located in
+ * non-persistent memory.
+ * This flag can be set if the SST memory area is located in persistent
+ * memory without a previous valid SST flash layout in it. That is the case
+ * when it is the first time in the device life that the SST service is
+ * executed.
+ */
+ if (status != PSA_SUCCESS) {
+ /* Remove all data in the SST memory area and create a valid SST flash
+ * layout in that area.
+ */
+ status = its_flash_fs_wipe_all(&fs_ctx_sst);
+ if (status != PSA_SUCCESS) {
+ return status;
+ }
+
+ /* Attempt to initialise again */
+ status = its_flash_fs_prepare(&fs_ctx_sst,
+ its_flash_get_info(ITS_FLASH_ID_EXTERNAL));
+ }
+#endif /* SST_CREATE_FLASH_LAYOUT */
+
return status;
}
@@ -93,7 +131,8 @@ psa_status_t tfm_its_set(int32_t client_id,
tfm_its_get_fid(client_id, uid, g_fid);
/* Read file info */
- status = its_flash_fs_file_get_info(&fs_ctx, g_fid, &g_file_info);
+ status = its_flash_fs_file_get_info(get_fs_ctx(client_id), g_fid,
+ &g_file_info);
if (status == PSA_SUCCESS) {
/* If the object exists and has the write once flag set, then it
* cannot be modified. Otherwise it needs to be removed.
@@ -101,7 +140,7 @@ psa_status_t tfm_its_set(int32_t client_id,
if (g_file_info.flags & PSA_STORAGE_FLAG_WRITE_ONCE) {
return PSA_ERROR_NOT_PERMITTED;
} else {
- status = its_flash_fs_file_delete(&fs_ctx, g_fid);
+ status = its_flash_fs_file_delete(get_fs_ctx(client_id), g_fid);
if (status != PSA_SUCCESS) {
return status;
}
@@ -114,7 +153,7 @@ psa_status_t tfm_its_set(int32_t client_id,
}
/* Create the file in the file system */
- return its_flash_fs_file_create(&fs_ctx,
+ return its_flash_fs_file_create(get_fs_ctx(client_id),
g_fid,
data_length,
data_length,
@@ -131,6 +170,15 @@ psa_status_t tfm_its_get(int32_t client_id,
{
psa_status_t status;
+#ifdef TFM_PARTITION_TEST_SST
+ /* The SST test partiton can call tfm_its_get() through SST code. Treat it
+ * as if it were SST.
+ */
+ if (client_id == TFM_SP_SST_TEST) {
+ client_id = TFM_SP_STORAGE;
+ }
+#endif
+
/* Check that the UID is valid */
if (uid == TFM_ITS_INVALID_UID) {
return PSA_ERROR_INVALID_ARGUMENT;
@@ -140,7 +188,8 @@ psa_status_t tfm_its_get(int32_t client_id,
tfm_its_get_fid(client_id, uid, g_fid);
/* Read file info */
- status = its_flash_fs_file_get_info(&fs_ctx, g_fid, &g_file_info);
+ status = its_flash_fs_file_get_info(get_fs_ctx(client_id), g_fid,
+ &g_file_info);
if (status != PSA_SUCCESS) {
return status;
}
@@ -155,8 +204,8 @@ psa_status_t tfm_its_get(int32_t client_id,
g_file_info.size_current - data_offset);
/* Read object data if any */
- status = its_flash_fs_file_read(&fs_ctx, g_fid, data_size, data_offset,
- p_data);
+ status = its_flash_fs_file_read(get_fs_ctx(client_id), g_fid, data_size,
+ data_offset, p_data);
if (status != PSA_SUCCESS) {
return status;
}
@@ -181,7 +230,8 @@ psa_status_t tfm_its_get_info(int32_t client_id, psa_storage_uid_t uid,
tfm_its_get_fid(client_id, uid, g_fid);
/* Read file info */
- status = its_flash_fs_file_get_info(&fs_ctx, g_fid, &g_file_info);
+ status = its_flash_fs_file_get_info(get_fs_ctx(client_id), g_fid,
+ &g_file_info);
if (status != PSA_SUCCESS) {
return status;
}
@@ -198,6 +248,15 @@ psa_status_t tfm_its_remove(int32_t client_id, psa_storage_uid_t uid)
{
psa_status_t status;
+#ifdef TFM_PARTITION_TEST_SST
+ /* The SST test partiton can call tfm_its_remove() through SST code. Treat
+ * it as if it were SST.
+ */
+ if (client_id == TFM_SP_SST_TEST) {
+ client_id = TFM_SP_STORAGE;
+ }
+#endif
+
/* Check that the UID is valid */
if (uid == TFM_ITS_INVALID_UID) {
return PSA_ERROR_INVALID_ARGUMENT;
@@ -206,7 +265,8 @@ psa_status_t tfm_its_remove(int32_t client_id, psa_storage_uid_t uid)
/* Set file id */
tfm_its_get_fid(client_id, uid, g_fid);
- status = its_flash_fs_file_get_info(&fs_ctx, g_fid, &g_file_info);
+ status = its_flash_fs_file_get_info(get_fs_ctx(client_id), g_fid,
+ &g_file_info);
if (status != PSA_SUCCESS) {
return status;
}
@@ -219,5 +279,5 @@ psa_status_t tfm_its_remove(int32_t client_id, psa_storage_uid_t uid)
}
/* Delete old file from the persistent area */
- return its_flash_fs_file_delete(&fs_ctx, g_fid);
+ return its_flash_fs_file_delete(get_fs_ctx(client_id), g_fid);
}
diff --git a/secure_fw/services/internal_trusted_storage/tfm_its_req_mngr.c b/secure_fw/services/internal_trusted_storage/tfm_its_req_mngr.c
index ba43ca1ef1..ea402f2e7c 100644
--- a/secure_fw/services/internal_trusted_storage/tfm_its_req_mngr.c
+++ b/secure_fw/services/internal_trusted_storage/tfm_its_req_mngr.c
@@ -13,6 +13,7 @@
#include "tfm_internal_trusted_storage.h"
#include "its_utils.h"
#include "flash_layout.h"
+#include "secure_fw/services/secure_storage/sst_object_defs.h"
#ifdef TFM_PSA_API
#include "psa/service.h"
@@ -26,7 +27,8 @@
/* FIXME: Duplicated from flash info */
#define ITS_MAX_FILE_SIZE \
- ITS_UTILS_ALIGN(ITS_MAX_ASSET_SIZE, ITS_FLASH_PROGRAM_UNIT)
+ ITS_UTILS_MAX(ITS_UTILS_ALIGN(ITS_MAX_ASSET_SIZE, ITS_FLASH_PROGRAM_UNIT), \
+ ITS_UTILS_ALIGN(SST_MAX_OBJECT_SIZE, SST_FLASH_PROGRAM_UNIT))
static uint8_t asset_data[ITS_MAX_FILE_SIZE] = {0};
diff --git a/secure_fw/services/secure_storage/CMakeLists.inc b/secure_fw/services/secure_storage/CMakeLists.inc
index d304fe2e1f..55dc163876 100644
--- a/secure_fw/services/secure_storage/CMakeLists.inc
+++ b/secure_fw/services/secure_storage/CMakeLists.inc
@@ -1,5 +1,5 @@
#-------------------------------------------------------------------------------
-# Copyright (c) 2017-2019, Arm Limited. All rights reserved.
+# Copyright (c) 2017-2020, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -56,10 +56,6 @@ set (SECURE_STORAGE_C_SRC
"${SECURE_STORAGE_DIR}/sst_object_system.c"
"${SECURE_STORAGE_DIR}/sst_object_table.c"
"${SECURE_STORAGE_DIR}/sst_utils.c"
- "${SECURE_STORAGE_DIR}/flash/sst_flash.c"
- "${SECURE_STORAGE_DIR}/flash_fs/sst_flash_fs.c"
- "${SECURE_STORAGE_DIR}/flash_fs/sst_flash_fs_dblock.c"
- "${SECURE_STORAGE_DIR}/flash_fs/sst_flash_fs_mblock.c"
)
if (SST_ENCRYPTION)
diff --git a/secure_fw/services/secure_storage/flash/sst_flash.c b/secure_fw/services/secure_storage/flash/sst_flash.c
deleted file mode 100644
index ce8c1f0f19..0000000000
--- a/secure_fw/services/secure_storage/flash/sst_flash.c
+++ /dev/null
@@ -1,243 +0,0 @@
-/*
- * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#include "sst_flash.h"
-
-#include <string.h>
-#include "cmsis_compiler.h"
-#include "Driver_Flash.h"
-#include "tfm_memory_utils.h"
-#include "tfm_sst_defs.h"
-
-#ifndef SST_FLASH_AREA_ADDR
-#error "SST_FLASH_AREA_ADDR must be defined in flash_layout.h file"
-#endif
-
-#ifndef SST_FLASH_DEV_NAME
-#error "SST_FLASH_DEV_NAME must be defined in flash_layout.h file"
-#endif
-
-/* Import the CMSIS flash device driver */
-extern ARM_DRIVER_FLASH SST_FLASH_DEV_NAME;
-
-#define BLOCK_START_OFFSET 0
-#define MAX_BLOCK_DATA_COPY 256
-
-#ifdef SST_RAM_FS
-#define BLOCK_DATA_SIZE (SST_BLOCK_SIZE * SST_TOTAL_NUM_OF_BLOCKS)
-
-static uint8_t block_data[BLOCK_DATA_SIZE] = {0};
-#endif
-
-/*
- * \brief Gets physical address of the given block ID.
- *
- * \param[in] block_id Block ID
- * \param[in] offset Offset position from the init of the block
- *
- * \returns Returns physical address for the given block ID.
- */
-__attribute__((always_inline))
-__STATIC_INLINE uint32_t get_phys_address(uint32_t block_id, uint32_t offset)
-{
- return (SST_FLASH_AREA_ADDR + (block_id * SST_BLOCK_SIZE) + offset);
-}
-
-#ifdef SST_RAM_FS
-static psa_ps_status_t flash_init(void)
-{
- /* Nothing needs to be done in case of Flash emulated in RAM */
-
- return PSA_PS_SUCCESS;
-}
-
-static psa_ps_status_t flash_read(uint32_t flash_addr, uint32_t size,
- uint8_t *buff)
-{
- uint32_t idx = flash_addr - SST_FLASH_AREA_ADDR;
-
- (void)tfm_memcpy(buff, &block_data[idx], size);
-
- return PSA_PS_SUCCESS;
-}
-
-static psa_ps_status_t flash_write(uint32_t flash_addr, uint32_t size,
- const uint8_t *buff)
-{
- uint32_t idx = flash_addr - SST_FLASH_AREA_ADDR;
-
- (void)tfm_memcpy(&block_data[idx], buff, size);
-
- return PSA_PS_SUCCESS;
-}
-
-static psa_ps_status_t flash_erase(uint32_t flash_addr)
-{
- uint32_t idx = flash_addr - SST_FLASH_AREA_ADDR;
-
- (void)tfm_memset(&block_data[idx], SST_FLASH_DEFAULT_VAL, SST_SECTOR_SIZE);
-
- return PSA_PS_SUCCESS;
-}
-#else
-static psa_ps_status_t flash_init(void)
-{
- int32_t err;
-
- err = SST_FLASH_DEV_NAME.Initialize(NULL);
- if (err != ARM_DRIVER_OK) {
- return PSA_PS_ERROR_STORAGE_FAILURE;
- }
-
- return PSA_PS_SUCCESS;
-}
-
-static psa_ps_status_t flash_read(uint32_t flash_addr, uint32_t size,
- uint8_t *buff)
-{
- int32_t err;
-
- err = SST_FLASH_DEV_NAME.ReadData(flash_addr, buff, size);
- if (err != ARM_DRIVER_OK) {
- return PSA_PS_ERROR_STORAGE_FAILURE;
- }
-
- return PSA_PS_SUCCESS;
-}
-
-static psa_ps_status_t flash_write(uint32_t flash_addr, uint32_t size,
- const uint8_t *buff)
-{
- int32_t err;
-
- err = SST_FLASH_DEV_NAME.ProgramData(flash_addr, buff, size);
- if (err != ARM_DRIVER_OK) {
- return PSA_PS_ERROR_STORAGE_FAILURE;
- }
-
- return PSA_PS_SUCCESS;
-}
-
-static psa_ps_status_t flash_erase(uint32_t flash_addr)
-{
- int32_t err;
-
- err = SST_FLASH_DEV_NAME.EraseSector(flash_addr);
- if (err != ARM_DRIVER_OK) {
- return PSA_PS_ERROR_STORAGE_FAILURE;
- }
-
- return PSA_PS_SUCCESS;
-}
-#endif /* SST_RAM_FS */
-
-psa_ps_status_t sst_flash_init(void)
-{
- return flash_init();
-}
-
-psa_ps_status_t sst_flash_read(uint32_t block_id, uint8_t *buff,
- uint32_t offset, uint32_t size)
-{
- uint32_t flash_addr;
-
- /* Gets flash address location defined by block ID and offset
- * parameters.
- */
- flash_addr = get_phys_address(block_id, offset);
-
- return flash_read(flash_addr, size, buff);
-}
-
-psa_ps_status_t sst_flash_write(uint32_t block_id, const uint8_t *buff,
- uint32_t offset, uint32_t size)
-{
- uint32_t flash_addr;
-
- /* Gets flash address location defined by block ID and offset
- * parameters.
- */
- flash_addr = get_phys_address(block_id, offset);
-
- return flash_write(flash_addr, size, buff);
-}
-
-psa_ps_status_t sst_flash_block_to_block_move(uint32_t dst_block,
- uint32_t dst_offset,
- uint32_t src_block,
- uint32_t src_offset,
- uint32_t size)
-{
- psa_ps_status_t err;
- uint8_t dst_block_data_copy[MAX_BLOCK_DATA_COPY];
- uint32_t dst_flash_addr;
- uint32_t src_flash_addr;
- uint32_t nbr_bytes_moved = 0;
- uint32_t bytes_to_move;
-
- /* Gets flash addresses defined by block ID and offset parameters */
- src_flash_addr = get_phys_address(src_block, src_offset);
- dst_flash_addr = get_phys_address(dst_block, dst_offset);
-
- while (nbr_bytes_moved < size) {
- /* Calculates the number of bytes to move */
- bytes_to_move = (size - nbr_bytes_moved);
- if (bytes_to_move > MAX_BLOCK_DATA_COPY) {
- bytes_to_move = MAX_BLOCK_DATA_COPY;
- }
-
- /* Reads data from source block and store it in the in-memory copy of
- * destination content.
- */
- err = flash_read(src_flash_addr, bytes_to_move, dst_block_data_copy);
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
-
- /* Writes in flash the in-memory block content after modification */
- err = flash_write(dst_flash_addr, bytes_to_move, dst_block_data_copy);
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
-
- /* Updates number of bytes moved */
- nbr_bytes_moved += bytes_to_move;
-
- /* Updates pointers to the source and destination flash regions */
- src_flash_addr += bytes_to_move;
- dst_flash_addr += bytes_to_move;
- };
-
- return PSA_PS_SUCCESS;
-}
-
-psa_ps_status_t sst_flash_erase_block(uint32_t block_id)
-{
- uint32_t flash_addr;
- uint32_t offset = BLOCK_START_OFFSET;
- uint32_t sectors_to_erase = SST_SECTORS_PER_BLOCK;
- psa_ps_status_t status;
-
- while (sectors_to_erase > 0) {
- /* Get the flash address defined by block ID and BLOCK_START_OFFSET
- * parameters.
- */
- flash_addr = get_phys_address(block_id, offset);
-
- status = flash_erase(flash_addr);
- if (status != PSA_PS_SUCCESS) {
- break;
- }
-
- sectors_to_erase--;
-
- /* Move to next sector */
- offset += SST_SECTOR_SIZE;
- }
-
- return status;
-}
diff --git a/secure_fw/services/secure_storage/flash/sst_flash.h b/secure_fw/services/secure_storage/flash/sst_flash.h
deleted file mode 100644
index bdd3c36501..0000000000
--- a/secure_fw/services/secure_storage/flash/sst_flash.h
+++ /dev/null
@@ -1,136 +0,0 @@
-/*
- * Copyright (c) 2017-2019, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#ifndef __SST_FLASH_H__
-#define __SST_FLASH_H__
-
-#include <stdint.h>
-#include "psa/protected_storage.h"
-#include "flash_layout.h"
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Adjust to match your system's block size */
-#ifndef SST_SECTOR_SIZE
-#error "SST_SECTOR_SIZE must be defined by the target in flash_layout.h"
-#define SST_BLOCK_SIZE 0
-#else
-#define SST_BLOCK_SIZE (SST_SECTOR_SIZE * SST_SECTORS_PER_BLOCK)
-#endif
-
-/* Adjust to a size that will allow all assets to fit */
-#ifndef SST_FLASH_AREA_SIZE
-#error "SST_FLASH_AREA_SIZE must be defined by the target in flash_layout.h"
-#define SST_TOTAL_NUM_OF_BLOCKS 0
-#else
-#define SST_TOTAL_NUM_OF_BLOCKS (SST_FLASH_AREA_SIZE / SST_BLOCK_SIZE)
-#endif
-
-#ifndef SST_FLASH_PROGRAM_UNIT
-#error "SST_FLASH_PROGRAM_UNIT must be defined in flash_layout.h"
-#endif
-
-#if (SST_FLASH_PROGRAM_UNIT < 1)
-#error "SST_FLASH_PROGRAM_UNIT must be bigger than 0"
-#endif
-
-/* Default value of flash when erased */
-#define SST_FLASH_DEFAULT_VAL 0xFF
-/* A single host specific sst_flash_xxx.c should be included during compile */
-
-/* Invalid block index */
-#define SST_BLOCK_INVALID_ID 0xFFFFFFFF
-
-/**
- * \brief Initialize the Flash Interface.
- *
- * \return Returns PSA_PS_SUCCESS if the function is executed correctly.
- * Otherwise, it returns PSA_PS_ERROR_STORAGE_FAILURE.
- */
-psa_ps_status_t sst_flash_init(void);
-
-/**
- * \brief Reads block data from the position specified by block ID and offset.
- *
- * \param[in] block_id Block ID
- * \param[out] buff Buffer pointer to store the data read
- * \param[in] offset Offset position from the init of the block
- * \param[in] size Number of bytes to read
- *
- * \note This function considers all input values are valid. That means,
- * the range of address, based on blockid + offset + size, are always
- * valid in the memory.
- *
- * \return Returns PSA_PS_SUCCESS if the function is executed correctly.
- * Otherwise, it returns PSA_PS_ERROR_STORAGE_FAILURE.
- */
-psa_ps_status_t sst_flash_read(uint32_t block_id, uint8_t *buff,
- uint32_t offset, uint32_t size);
-
-/**
- * \brief Writes block data to the position specified by block ID and offset.
- *
- * \param[in] block_id Block ID
- * \param[in] buff Buffer pointer to the write data
- * \param[in] offset Offset position from the init of the block
- * \param[in] size Number of bytes to write
- *
- * \note This function considers all input values are valid. That means,
- * the range of address, based on blockid + offset + size, are always
- * valid in the memory.
- *
- * \return Returns PSA_PS_SUCCESS if the function is executed correctly.
- * Otherwise, it returns PSA_PS_ERROR_STORAGE_FAILURE.
- */
-psa_ps_status_t sst_flash_write(uint32_t block_id, const uint8_t *buff,
- uint32_t offset, uint32_t size);
-
-/**
- * \brief Moves data from src block ID to destination block ID.
- *
- * \param[in] dst_block Destination block ID
- * \param[in] dst_offset Destination offset position from the init of the
- * destination block
- * \param[in] src_block Source block ID
- * \param[in] src_offset Source offset position from the init of the source
- * block
- * \param[in] size Number of bytes to moves
- *
- * \note This function considers all input values are valid. That means,
- * the range of address, based on block_id + offset + size, are always
- * valid in the memory.
- * It also considers that the destination block is already erased and
- * ready to be written.
- *
- * \return Returns PSA_PS_SUCCESS if the function is executed correctly.
- * Otherwise, it returns PSA_PS_ERROR_STORAGE_FAILURE.
- */
-psa_ps_status_t sst_flash_block_to_block_move(uint32_t dst_block,
- uint32_t dst_offset,
- uint32_t src_block,
- uint32_t src_offset,
- uint32_t size);
-
-/**
- * \brief Erases block ID data.
- *
- * \param[in] block_id Block ID
- *
- * \note This function considers all input values valids.
- *
- * \return Returns PSA_PS_SUCCESS if the function is executed correctly.
- * Otherwise, it returns PSA_PS_ERROR_STORAGE_FAILURE.
- */
-psa_ps_status_t sst_flash_erase_block(uint32_t block_id);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __SST_FLASH_H__ */
diff --git a/secure_fw/services/secure_storage/flash_fs/sst_flash_fs.c b/secure_fw/services/secure_storage/flash_fs/sst_flash_fs.c
deleted file mode 100644
index ce5d337d26..0000000000
--- a/secure_fw/services/secure_storage/flash_fs/sst_flash_fs.c
+++ /dev/null
@@ -1,461 +0,0 @@
-/*
- * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#include "sst_flash_fs.h"
-
-#include <stddef.h>
-
-#include "sst_flash_fs_dblock.h"
-#include "sst_flash_fs_mblock.h"
-#include "secure_fw/services/secure_storage/flash/sst_flash.h"
-#include "secure_fw/services/secure_storage/sst_object_defs.h"
-#include "secure_fw/services/secure_storage/sst_utils.h"
-
-#define SST_FLASH_FS_INIT_FILE 0
-
-static psa_ps_status_t sst_flash_fs_file_write_aligned_data(
- const struct sst_file_meta_t *file_meta,
- uint32_t offset,
- uint32_t size,
- const uint8_t *data)
-{
- psa_ps_status_t err;
- uint32_t f_offset;
-
-#if (SST_FLASH_PROGRAM_UNIT != 1)
- /* Check if offset is aligned with SST_FLASH_PROGRAM_UNIT */
- if (GET_ALIGNED_FLASH_BYTES(offset) != offset) {
- return PSA_PS_ERROR_INVALID_ARGUMENT;
- }
-
- /* Check if size is aligned with SST_FLASH_PROGRAM_UNIT */
- if (GET_ALIGNED_FLASH_BYTES(size) != size) {
- return PSA_PS_ERROR_INVALID_ARGUMENT;
- }
-#endif /* (SST_FLASH_PROGRAM_UNIT != 1) */
-
- /* Set offset inside the file where to start to write the content */
- f_offset = (file_meta->data_idx + offset);
-
- err = sst_flash_fs_dblock_write_file(file_meta->lblock, f_offset,
- size, data);
- return err;
-}
-
-psa_ps_status_t sst_flash_fs_prepare(void)
-{
- /* Initialize metadata block with the valid/active metablock */
- return sst_flash_fs_mblock_init();
-}
-
-psa_ps_status_t sst_flash_fs_wipe_all(void)
-{
- /* Clean and initialize the metadata block */
- return sst_flash_fs_mblock_reset_metablock();
-}
-
-psa_ps_status_t sst_flash_fs_file_exist(uint32_t fid)
-{
- psa_ps_status_t err;
- uint32_t idx;
-
- err = sst_flash_fs_mblock_get_file_idx(fid, &idx);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_UID_NOT_FOUND;
- }
-
- return PSA_PS_SUCCESS;
-}
-
-psa_ps_status_t sst_flash_fs_file_create(uint32_t fid,
- uint32_t max_size,
- uint32_t data_size,
- const uint8_t *data)
-{
- struct sst_block_meta_t block_meta;
- uint32_t cur_phys_block;
- psa_ps_status_t err;
- uint32_t idx;
- struct sst_file_meta_t file_meta;
-
- /* Check if file already exists */
- err = sst_flash_fs_mblock_get_file_idx(fid, &idx);
- if (err == PSA_PS_SUCCESS) {
- /* If it exits return an error as needs to be removed first */
- return PSA_PS_ERROR_INVALID_ARGUMENT;
- }
-
- /* Check if max_size is aligned with SST_FLASH_PROGRAM_UNIT */
- if (GET_ALIGNED_FLASH_BYTES(max_size) != max_size) {
- return PSA_PS_ERROR_INVALID_ARGUMENT;
- }
-
- /* Try to reserve an file based on the input parameters */
- err = sst_flash_fs_mblock_reserve_file(fid, max_size, &idx,
- &file_meta, &block_meta);
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
-
- /* Check if data needs to be stored in the new file */
- if (data_size != 0) {
- if ((data_size > max_size) || (data == NULL)) {
- return PSA_PS_ERROR_INVALID_ARGUMENT;
- }
-
- /* Write the content into scratch data block */
- err = sst_flash_fs_file_write_aligned_data(&file_meta,
- SST_FLASH_FS_INIT_FILE,
- data_size,
- data);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
-
- /* Add current size the file metadata */
- file_meta.cur_size = data_size;
-
- err = sst_flash_fs_dblock_cp_remaining_data(&block_meta, &file_meta);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
-
- cur_phys_block = block_meta.phy_id;
-
- /* Cur scratch block become the active datablock */
- block_meta.phy_id = sst_flash_fs_mblock_cur_data_scratch_id(
- file_meta.lblock);
-
- /* Swap the scratch data block */
- sst_flash_fs_mblock_set_data_scratch(cur_phys_block, file_meta.lblock);
-
- }
-
- /* Update metadata block information */
- err = sst_flash_fs_mblock_update_scratch_block_meta(file_meta.lblock,
- &block_meta);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
-
- /* Add file metadata in the metadata block */
- err = sst_flash_fs_mblock_update_scratch_file_meta(idx, &file_meta);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
-
- /* Copy rest of the file metadata entries */
- err = sst_flash_fs_mblock_cp_remaining_file_meta(idx);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
-
- /* The file data in the logical block 0 is stored in same physical block
- * where the metadata is stored. A change in the metadata requires a
- * swap of physical blocks. So, the file data stored in the current
- * metadata block needs to be copied in the scratch block, if the data
- * of the file processed is not located in the logical block 0. When an
- * file data is located in the logical block 0, that copy has been done
- * while processing the file data.
- */
- if ((file_meta.lblock != SST_LOGICAL_DBLOCK0) || (data_size == 0)) {
- err = sst_flash_fs_mblock_migrate_lb0_data_to_scratch();
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
- }
-
- /* Write metadata header, swap metadata blocks and erase scratch blocks */
- err = sst_flash_fs_mblock_meta_update_finalize();
-
- return err;
-}
-
-psa_ps_status_t sst_flash_fs_file_get_info(uint32_t fid,
- struct sst_file_info_t *info)
-{
- psa_ps_status_t err;
- uint32_t idx;
- struct sst_file_meta_t tmp_metadata;
-
- /* Get the meta data index */
- err = sst_flash_fs_mblock_get_file_idx(fid, &idx);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_UID_NOT_FOUND;
- }
-
- /* Read file metadata */
- err = sst_flash_fs_mblock_read_file_meta(idx, &tmp_metadata);
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
-
- /* Check if index is still referring to same file */
- if (fid != tmp_metadata.id) {
- return PSA_PS_ERROR_UID_NOT_FOUND;
- }
-
- info->size_max = tmp_metadata.max_size;
- info->size_current = tmp_metadata.cur_size;
-
- return PSA_PS_SUCCESS;
-}
-
-psa_ps_status_t sst_flash_fs_file_write(uint32_t fid, uint32_t size,
- uint32_t offset, const uint8_t *data)
-{
- struct sst_block_meta_t block_meta;
- uint32_t cur_phys_block;
- psa_ps_status_t err;
- uint32_t idx;
- struct sst_file_meta_t file_meta;
-
- /* Get the file index */
- err = sst_flash_fs_mblock_get_file_idx(fid, &idx);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_UID_NOT_FOUND;
- }
-
- /* Read file metadata */
- err = sst_flash_fs_mblock_read_file_meta(idx, &file_meta);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_UID_NOT_FOUND;
- }
-
- /* Read block metadata */
- err = sst_flash_fs_mblock_read_block_metadata(file_meta.lblock,
- &block_meta);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
-
- /* Write the content into scratch data block */
- err = sst_flash_fs_file_write_aligned_data(&file_meta, offset, size, data);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
-
- if (size > file_meta.cur_size) {
- /* Update the file metadata */
- file_meta.cur_size = size;
- }
-
- err = sst_flash_fs_dblock_cp_remaining_data(&block_meta, &file_meta);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
-
- cur_phys_block = block_meta.phy_id;
-
- /* Cur scratch block become the active datablock */
- block_meta.phy_id = sst_flash_fs_mblock_cur_data_scratch_id(
- file_meta.lblock);
-
- /* Swap the scratch data block */
- sst_flash_fs_mblock_set_data_scratch(cur_phys_block, file_meta.lblock);
-
- /* Update block metadata in scratch metadata block */
- err = sst_flash_fs_mblock_update_scratch_block_meta(file_meta.lblock,
- &block_meta);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
-
- /* Update file metadata to reflect new attributes */
- err = sst_flash_fs_mblock_update_scratch_file_meta(idx, &file_meta);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
-
- /* Copy rest of the file metadata entries */
- err = sst_flash_fs_mblock_cp_remaining_file_meta(idx);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
-
- /* The file data in the logical block 0 is stored in same physical block
- * where the metadata is stored. A change in the metadata requires a
- * swap of physical blocks. So, the file data stored in the current
- * metadata block needs to be copied in the scratch block, if the data
- * of the file processed is not located in the logical block 0. When an
- * file data is located in the logical block 0, that copy has been done
- * while processing the file data.
- */
- if (file_meta.lblock != SST_LOGICAL_DBLOCK0) {
- err = sst_flash_fs_mblock_migrate_lb0_data_to_scratch();
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
- }
-
- /* Update the metablock header, swap scratch and active blocks,
- * erase scratch blocks.
- */
- err = sst_flash_fs_mblock_meta_update_finalize();
-
- return err;
-}
-
-psa_ps_status_t sst_flash_fs_file_delete(uint32_t fid)
-{
- uint32_t del_file_data_idx;
- uint32_t del_file_lblock;
- uint32_t del_file_idx;
- uint32_t del_file_max_size;
- psa_ps_status_t err;
- uint32_t src_offset = SST_BLOCK_SIZE;
- uint32_t nbr_bytes_to_move = 0;
- uint32_t idx;
- struct sst_file_meta_t file_meta;
-
- /* Get the file index */
- err = sst_flash_fs_mblock_get_file_idx(fid, &del_file_idx);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_UID_NOT_FOUND;
- }
-
- err = sst_flash_fs_mblock_read_file_meta(del_file_idx, &file_meta);
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
-
- if (sst_utils_validate_fid(file_meta.id) != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_UID_NOT_FOUND;
- }
-
- /* Save logical block, data_index and max_size to be used later on */
- del_file_lblock = file_meta.lblock;
- del_file_data_idx = file_meta.data_idx;
- del_file_max_size = file_meta.max_size;
-
- /* Remove file metadata */
- file_meta.id = SST_INVALID_FID;
- file_meta.lblock = 0;
- file_meta.max_size = 0;
- file_meta.cur_size = 0;
-
- /* Update file metadata in to the scratch block */
- err = sst_flash_fs_mblock_update_scratch_file_meta(del_file_idx,
- &file_meta);
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
-
- /* Read all file metadata */
- for (idx = 0; idx < SST_MAX_NUM_OBJECTS; idx++) {
- if (idx == del_file_idx) {
- /* Skip deleted file */
- continue;
- }
-
- /* Read file meta for the given file index */
- err = sst_flash_fs_mblock_read_file_meta(idx, &file_meta);
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
-
- /* Check if the file is located in the same logical block and has a
- * valid FID.
- */
- if ((file_meta.lblock == del_file_lblock) &&
- (file_meta.id != SST_INVALID_FID)) {
- /* If a file is located after the data to delete, this
- * needs to be moved.
- */
- if (file_meta.data_idx > del_file_data_idx) {
- /* Check if this is the position after the deleted
- * data. This will be the first file data to move.
- */
- if (src_offset > file_meta.data_idx) {
- src_offset = file_meta.data_idx;
- }
-
- /* Set the new file data index location in the
- * data block.
- */
- file_meta.data_idx -= del_file_max_size;
-
- /* Increase number of bytes to move */
- nbr_bytes_to_move += file_meta.max_size;
- }
- }
- /* Update file metadata in to the scratch block */
- err = sst_flash_fs_mblock_update_scratch_file_meta(idx, &file_meta);
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
- }
-
- /* Compact data block */
- err = sst_flash_fs_dblock_compact_block(del_file_lblock, del_file_max_size,
- src_offset, del_file_data_idx,
- nbr_bytes_to_move);
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
-
- /* The file data in the logical block 0 is stored in same physical block
- * where the metadata is stored. A change in the metadata requires a
- * swap of physical blocks. So, the file data stored in the current
- * metadata block needs to be copied in the scratch block, if the data
- * of the file processed is not located in the logical block 0. When an
- * file data is located in the logical block 0, that copy has been done
- * while processing the file data.
- */
- if (del_file_lblock != SST_LOGICAL_DBLOCK0) {
- err = sst_flash_fs_mblock_migrate_lb0_data_to_scratch();
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
- }
-
- /* Update the metablock header, swap scratch and active blocks,
- * erase scratch blocks.
- */
- err = sst_flash_fs_mblock_meta_update_finalize();
-
- return err;
-}
-
-psa_ps_status_t sst_flash_fs_file_read(uint32_t fid, uint32_t size,
- uint32_t offset, uint8_t *data)
-{
- psa_ps_status_t err;
- uint32_t idx;
- struct sst_file_meta_t tmp_metadata;
-
- /* Get the file index */
- err = sst_flash_fs_mblock_get_file_idx(fid, &idx);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_UID_NOT_FOUND;
- }
-
- /* Read file metadata */
- err = sst_flash_fs_mblock_read_file_meta(idx, &tmp_metadata);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
-
- /* Check if index is still referring to same file */
- if (fid != tmp_metadata.id) {
- return PSA_PS_ERROR_UID_NOT_FOUND;
- }
-
- /* Boundary check the incoming request */
- err = sst_utils_check_contained_in(tmp_metadata.cur_size, offset, size);
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
-
- /* Read the file from flash */
- err = sst_flash_fs_dblock_read_file(&tmp_metadata, offset, size, data);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
-
- return PSA_PS_SUCCESS;
-}
diff --git a/secure_fw/services/secure_storage/flash_fs/sst_flash_fs.h b/secure_fw/services/secure_storage/flash_fs/sst_flash_fs.h
deleted file mode 100644
index 4af3f99537..0000000000
--- a/secure_fw/services/secure_storage/flash_fs/sst_flash_fs.h
+++ /dev/null
@@ -1,139 +0,0 @@
-/*
- * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#ifndef __SST_FLASH_FS_H__
-#define __SST_FLASH_FS_H__
-
-/**
- * \file sst_flash_fs.h
- *
- * \brief Secure storage service filesystem abstraction APIs.
- * The purpose of this abstraction is to have the ability to plug-in
- * other filesystems or filesystem proxys (supplicant).
- */
-
-#include <stdint.h>
-#include "psa/protected_storage.h"
-
-/*!
- * \struct sst_file_info_t
- *
- * \brief Structure to store the file information.
- */
-struct sst_file_info_t {
- uint32_t size_current; /*!< The current size of the flash file data */
- uint32_t size_max; /*!< The maximum size of the flash file data in
- * bytes.
- */
-};
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \brief Prepares the filesystem to accept operations on the files.
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-psa_ps_status_t sst_flash_fs_prepare(void);
-
-/**
- * \brief Wipes all files from the filesystem.
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-psa_ps_status_t sst_flash_fs_wipe_all(void);
-
-/**
- * \brief Checks if a file exists in the filesystem.
- *
- * \param[in] fid File ID
- *
- * \return Returns PSA_PS_SUCCESS if the file exists. If file does not
- * exist, it returns PSA_PS_ERROR_UID_NOT_FOUND. Otherwise, it returns
- * error code as specified in \ref psa_ps_status_t.
- */
-psa_ps_status_t sst_flash_fs_file_exist(uint32_t fid);
-
-/**
- * \brief Creates a file in the filesystem.
- *
- * \param[in] fid File ID
- * \param[in] max_size Size of the file to be created
- * \param[in] data_size Size of the incoming buffer. This parameter is set to 0
- * when the file is empty after the creation.
- * \param[in] data Pointer to buffer containing the initial data.
- * This parameter is set to NULL when the file is empty
- * after the creation.
- *
- * \return Returns PSA_PS_SUCCESS if the file has been created correctly.
- * If fid is in used, it returns PSA_PS_ERROR_INVALID_ARGUMENT.
- * Otherwise, it returns error code as specified in
- * \ref psa_ps_status_t.
- */
-psa_ps_status_t sst_flash_fs_file_create(uint32_t fid,
- uint32_t max_size,
- uint32_t data_size,
- const uint8_t *data);
-
-/**
- * \brief Gets the file information referenced by the file ID.
- *
- * \param[in] fid File ID
- * \param[out] info Pointer to the information structure to store the
- * file information values \ref sst_file_info_t
- *
- * \return Returns error code specified in \ref psa_ps_status_t
- */
-psa_ps_status_t sst_flash_fs_file_get_info(uint32_t fid,
- struct sst_file_info_t *info);
-
-/**
- * \brief Writes data to an existing file.
- *
- * \param[in] fid File ID
- * \param[in] size Size of the incoming buffer
- * \param[in] offset Offset in the file
- * \param[in] data Pointer to buffer containing data to be written
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-psa_ps_status_t sst_flash_fs_file_write(uint32_t fid,
- uint32_t size,
- uint32_t offset,
- const uint8_t *data);
-
-/**
- * \brief Reads data from an existing file.
- *
- * \param[in] fid File ID
- * \param[in] size Size to be read
- * \param[in] offset Offset in the file
- * \param[out] data Pointer to buffer to store the data
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-psa_ps_status_t sst_flash_fs_file_read(uint32_t fid,
- uint32_t size,
- uint32_t offset,
- uint8_t *data);
-
-/**
- * \brief Deletes file referenced by the file ID.
- *
- * \param[in] fid File ID
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-psa_ps_status_t sst_flash_fs_file_delete(uint32_t fid);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __SST_FLASH_FS_H__ */
diff --git a/secure_fw/services/secure_storage/flash_fs/sst_flash_fs_dblock.c b/secure_fw/services/secure_storage/flash_fs/sst_flash_fs_dblock.c
deleted file mode 100644
index fa2e409735..0000000000
--- a/secure_fw/services/secure_storage/flash_fs/sst_flash_fs_dblock.c
+++ /dev/null
@@ -1,192 +0,0 @@
-/*
- * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#include "sst_flash_fs_dblock.h"
-
-#include "secure_fw/services/secure_storage/sst_utils.h"
-#include "secure_fw/services/secure_storage/flash/sst_flash.h"
-
-/**
- * \brief Converts logical data block number to physical number.
- *
- * \param[in] lblock Logical block number
- *
- * \return Return physical block number.
- */
-static uint32_t sst_dblock_lo_to_phy(uint32_t lblock)
-{
- struct sst_block_meta_t block_meta;
- psa_ps_status_t err;
-
- err = sst_flash_fs_mblock_read_block_metadata(lblock, &block_meta);
- if (err != PSA_PS_SUCCESS) {
- return SST_BLOCK_INVALID_ID;
- }
-
- return block_meta.phy_id;
-}
-
-psa_ps_status_t sst_flash_fs_dblock_compact_block(uint32_t lblock,
- uint32_t free_size,
- uint32_t src_offset,
- uint32_t dst_offset,
- uint32_t size)
-{
- struct sst_block_meta_t block_meta;
- psa_ps_status_t err;
- uint32_t scratch_id = 0;
-
- /* Read current block meta */
- err = sst_flash_fs_mblock_read_block_metadata(lblock, &block_meta);
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
-
- /* Release data from block meta */
- block_meta.free_size += free_size;
-
- /* Save scratch data block physical IDs */
- scratch_id = sst_flash_fs_mblock_cur_data_scratch_id(lblock);
-
- /* Check if there are bytes to be compacted */
- if (size > 0) {
- /* Move data from source offset in current data block to scratch block
- * destination offset.
- */
- err = sst_flash_block_to_block_move(scratch_id, dst_offset,
- block_meta.phy_id, src_offset,
- size);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
- }
-
- if (dst_offset > block_meta.data_start) {
- /* Copy data from the beginning of data block until
- * the position where the data will be reallocated later
- */
- err = sst_flash_block_to_block_move(scratch_id,
- block_meta.data_start,
- block_meta.phy_id,
- block_meta.data_start,
- (dst_offset-block_meta.data_start));
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
- }
-
- /* Swap the scratch and current data blocks. Must swap even with nothing
- * to compact so that deleted file is left in scratch and erased as part
- * of finalization.
- */
- sst_flash_fs_mblock_set_data_scratch(block_meta.phy_id, lblock);
-
- /* Set scratch block ID as the one which contains the new data block */
- block_meta.phy_id = scratch_id;
-
- /* Update block metadata in scratch metadata block */
- err = sst_flash_fs_mblock_update_scratch_block_meta(lblock, &block_meta);
- if (err != PSA_PS_SUCCESS) {
- /* Swap back the data block as there was an issue in the process */
- sst_flash_fs_mblock_set_data_scratch(scratch_id, lblock);
- return err;
- }
-
- return err;
-}
-
-psa_ps_status_t sst_flash_fs_dblock_cp_data_to_scratch(uint32_t lblock,
- uint32_t offset,
- uint32_t size)
-{
- uint32_t phys_block;
- uint32_t scratch_id;
-
- /* Get physical block ID from where to read the data */
- phys_block = sst_dblock_lo_to_phy(lblock);
- if (phys_block == SST_BLOCK_INVALID_ID) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
-
- /* Get the scratch data block ID to write the data */
- scratch_id = sst_flash_fs_mblock_cur_data_scratch_id(lblock);
-
- /* Data after updated content */
- return sst_flash_block_to_block_move(scratch_id, offset,
- phys_block, offset,
- size);
-}
-
-psa_ps_status_t sst_flash_fs_dblock_read_file(struct sst_file_meta_t *file_meta,
- uint32_t offset,
- uint32_t size,
- uint8_t *buf)
-{
- uint32_t phys_block;
- uint32_t pos;
-
- phys_block = sst_dblock_lo_to_phy(file_meta->lblock);
- if (phys_block == SST_BLOCK_INVALID_ID) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
-
- pos = (file_meta->data_idx + offset);
-
- return sst_flash_read(phys_block, buf, pos, size);
-}
-
-psa_ps_status_t sst_flash_fs_dblock_write_file(uint32_t lblock,
- uint32_t offset,
- uint32_t size,
- const uint8_t *data)
-{
- uint32_t scratch_id;
-
- scratch_id = sst_flash_fs_mblock_cur_data_scratch_id(lblock);
-
- return sst_flash_write(scratch_id, data, offset, size);
-}
-
-psa_ps_status_t sst_flash_fs_dblock_cp_remaining_data(
- const struct sst_block_meta_t *block_meta,
- const struct sst_file_meta_t *file_meta)
-{
- uint32_t after_file_offset;
- psa_ps_status_t err;
- uint32_t scratch_id;
- uint32_t wrt_bytes;
-
- scratch_id = sst_flash_fs_mblock_cur_data_scratch_id(file_meta->lblock);
-
- if (file_meta->data_idx > block_meta->data_start) {
- /* Move data before the referenced object */
- wrt_bytes = (file_meta->data_idx - block_meta->data_start);
-
- err = sst_flash_block_to_block_move(scratch_id,
- block_meta->data_start,
- block_meta->phy_id,
- block_meta->data_start,
- wrt_bytes);
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
-
- }
-
- /* The referenced file data is already in the scratch block, as it is
- * processed before calling of this function.
- */
- after_file_offset = file_meta->data_idx + file_meta->max_size;
-
- /* Calculate amount of bytes after the manipulated file */
- wrt_bytes = (SST_BLOCK_SIZE - (after_file_offset + block_meta->free_size));
-
- /* Data after updated content */
- return sst_flash_block_to_block_move(scratch_id, after_file_offset,
- block_meta->phy_id, after_file_offset,
- wrt_bytes);
-}
diff --git a/secure_fw/services/secure_storage/flash_fs/sst_flash_fs_dblock.h b/secure_fw/services/secure_storage/flash_fs/sst_flash_fs_dblock.h
deleted file mode 100644
index 4ba4ea5616..0000000000
--- a/secure_fw/services/secure_storage/flash_fs/sst_flash_fs_dblock.h
+++ /dev/null
@@ -1,102 +0,0 @@
-/*
- * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#ifndef __SST_FLASH_FS_DBLOCK_H__
-#define __SST_FLASH_FS_DBLOCK_H__
-
-#include <stdint.h>
-#include "sst_flash_fs_mblock.h"
-#include "psa/protected_storage.h"
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \brief Compacts block data for the given logical block.
- *
- * \param[in] lblock Logical data block to compact
- * \param[in] free_size Available data size to compact
- * \param[in] src_offset Offset in the current data block which points to the
- * data position to reallocate
- * \param[in] dst_offset Offset in the scratch block which points to the
- * data position to store the data to be reallocated
- * \param[in] size Number of bytes to be reallocated
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-psa_ps_status_t sst_flash_fs_dblock_compact_block(uint32_t lblock,
- uint32_t free_size,
- uint32_t src_offset,
- uint32_t dst_offset,
- uint32_t size);
-
-/**
- * \brief Copies data from logical block to scratch data block.
- *
- * \param[in] lblock Logical data block to compact
- * \param[in] offset Offset in the logical block which points to the
- * start position to copy
- * \param[in] size Number of bytes to be copied from logical block to
- * scratch data block
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-psa_ps_status_t sst_flash_fs_dblock_cp_data_to_scratch(uint32_t lblock,
- uint32_t offset,
- uint32_t size);
-
-/**
- * \brief Reads the file content.
- *
- * \param[in] file_meta File metadata
- * \param[in] offset Offset in the file
- * \param[in] size Size to be read
- * \param[out] buf Buffer pointer to store the data
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-psa_ps_status_t sst_flash_fs_dblock_read_file(struct sst_file_meta_t *file_meta,
- uint32_t offset,
- uint32_t size,
- uint8_t *buf);
-
-/**
- * \brief Writes scratch data block content with requested data
- * and the rest of the data from the given logical block.
- *
- * \param[in] lblock Current logical data block
- * \param[in] offset Offset in the scratch data block where to start the
- * copy of the incoming data
- * \param[in] size Size of the incoming data
- * \param[in] data Pointer to data buffer to copy in the scratch data
- * block
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-psa_ps_status_t sst_flash_fs_dblock_write_file(uint32_t lblock,
- uint32_t offset,
- uint32_t size,
- const uint8_t *data);
-
-/**
- * \brief Writes logical block data, which is not related with the file
- * maipulated, into the scratch block.
- *
- * \param[in] block_meta Pointer to block meta to process
- * \param[in] file_meta Pointer to file's metadata manipulated
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-psa_ps_status_t sst_flash_fs_dblock_cp_remaining_data(
- const struct sst_block_meta_t *block_meta,
- const struct sst_file_meta_t *file_meta);
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __SST_FLASH_FS_DBLOCK_H__ */
diff --git a/secure_fw/services/secure_storage/flash_fs/sst_flash_fs_mblock.c b/secure_fw/services/secure_storage/flash_fs/sst_flash_fs_mblock.c
deleted file mode 100644
index 8365b2d3f0..0000000000
--- a/secure_fw/services/secure_storage/flash_fs/sst_flash_fs_mblock.c
+++ /dev/null
@@ -1,1123 +0,0 @@
-/*
- * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#include "sst_flash_fs_mblock.h"
-
-#include <stddef.h>
-
-#include "cmsis_compiler.h"
-#include "secure_fw/services/secure_storage/sst_object_defs.h"
-#include "secure_fw/services/secure_storage/sst_utils.h"
-#include "tfm_memory_utils.h"
-
-#if ((SST_TOTAL_NUM_OF_BLOCKS < 2) || (SST_TOTAL_NUM_OF_BLOCKS == 3))
- /* The minimum number of blocks is 2. In this case, metadata and data are
- * stored in the same physical block, and the other block is required for
- * power failure safe operation.
- * If at least 1 data block is available, 1 data scratch block is required for
- * power failure safe operation. So, in this case, the minimum number of
- * blocks is 4 (2 metadata block + 2 data blocks).
- */
- #error "Total number of blocks should be 2 or bigger than 3"
-#endif
-
-/* The numbers in the defines are physical block indexes, starting from 0,
- * except for SST_NUM_DEDICATED_DBLOCKS.
- */
-#if (SST_TOTAL_NUM_OF_BLOCKS == 2)
- /* Metadata and data are stored in the same physical block, and the other
- * block is required for power failure safe operation.
- */
-
- /* Initial position of scratch block is the scratch metadata block */
- #define SST_INIT_SCRATCH_DBLOCK 1
-
- /* Metadata and data are stored in the same block */
- #define SST_INIT_DBLOCK_START 0
-
- /* There are no dedicated data blocks when only two blocks are available */
- #define SST_NUM_DEDICATED_DBLOCKS 0
-
-#else
-
- /* Initial position of scratch block is immediately after metadata blocks */
- #define SST_INIT_SCRATCH_DBLOCK 2
-
- /* One metadata block and two scratch blocks are reserved. One scratch block
- * for metadata operations and the other for files data operations.
- */
- #define SST_INIT_DBLOCK_START 3
-
- /* Number of blocks dedicated just for data is the number of blocks available
- * beyond the initial datablock start index.
- */
- #define SST_NUM_DEDICATED_DBLOCKS (SST_TOTAL_NUM_OF_BLOCKS - \
- SST_INIT_DBLOCK_START)
-#endif /* SST_TOTAL_NUM_OF_BLOCKS == 2 */
-
-/* Total number of datablocks is the number of dedicated datablocks plus
- * logical datablock 0 stored in the metadata block.
- */
-#define SST_NUM_ACTIVE_DBLOCKS (SST_NUM_DEDICATED_DBLOCKS + 1)
-
-/* Physical ID of the two metadata blocks */
-/* NOTE: the earmarked area may not always start at block number 0.
- * However, the flash interface can always add the required offset.
- */
-#define SST_METADATA_BLOCK0 0
-#define SST_METADATA_BLOCK1 1
-
-/*!
- * \def SST_OTHER_META_BLOCK
- *
- * \brief Macro to get the the swap metadata block.
- */
-#define SST_OTHER_META_BLOCK(metablock) \
-((metablock == SST_METADATA_BLOCK0) ? \
-(SST_METADATA_BLOCK1) : (SST_METADATA_BLOCK0))
-
-/*!
- * \struct sst_metadata_block_header_t
- *
- * \brief Structure to store the metadata block header.
- *
- * \note The active_swap_count must be the last member to allow it to be
- * programmed last.
- */
-struct __attribute__((__aligned__(SST_FLASH_PROGRAM_UNIT)))
-sst_metadata_block_header_t {
- uint32_t scratch_dblock; /*!< Physical block ID of the data
- * section's scratch block
- */
- uint8_t fs_version; /*!< SST system version */
- uint8_t active_swap_count; /*!< Physical block ID of the data */
-};
-
-/*!
- * \struct sst_flash_fs_context_t
- *
- * \brief Structure to store the flash file system context.
- *
- */
-struct sst_flash_fs_context_t {
- struct sst_metadata_block_header_t meta_block_header; /*!< Block metadata
- * header
- */
- uint32_t active_metablock; /*!< Active metadata block */
- uint32_t scratch_metablock; /*!< Scratch meta block */
-};
-
-static struct sst_flash_fs_context_t sst_flash_fs_ctx;
-
-#define SST_BLOCK_META_HEADER_SIZE sizeof(struct sst_metadata_block_header_t)
-#define SST_BLOCK_METADATA_SIZE sizeof(struct sst_block_meta_t)
-#define SST_FILE_METADATA_SIZE sizeof(struct sst_file_meta_t)
-
-#define SST_MAX_NUM_FILES SST_MAX_NUM_OBJECTS
-
-#define SST_ALL_METADATA_SIZE (SST_BLOCK_META_HEADER_SIZE + \
- (SST_NUM_ACTIVE_DBLOCKS * SST_BLOCK_METADATA_SIZE) + \
- (SST_MAX_NUM_FILES * SST_FILE_METADATA_SIZE))
-
-#define SST_ALIGNED_MAX_FILE_SIZE GET_ALIGNED_FLASH_BYTES(SST_MAX_OBJECT_SIZE)
-
-/* It is not required that all files fit in SST flash area at the same time.
- * So, it is possible that a create action fails because flash is full.
- * However, the larger file must have enough space in the SST flash area to be
- * created, at least, when the SST flash area is empty.
- */
-/* Checks at compile time if the largest file fits in the data area */
-SST_UTILS_BOUND_CHECK(LARGEST_FILE_NOT_FIT_IN_DATA_BLOCK,
- SST_ALIGNED_MAX_FILE_SIZE, SST_BLOCK_SIZE);
-
-#if (SST_TOTAL_NUM_OF_BLOCKS == 2)
-SST_UTILS_BOUND_CHECK(FILE_NOT_FIT_IN_DATA_AREA, SST_ALIGNED_MAX_FILE_SIZE,
- (SST_BLOCK_SIZE - SST_ALL_METADATA_SIZE));
-#endif
-
-/* Checks at compile time if the metadata fits in a flash block */
-SST_UTILS_BOUND_CHECK(METADATA_NOT_FIT_IN_METADATA_BLOCK,
- SST_ALL_METADATA_SIZE, SST_BLOCK_SIZE);
-
-/**
- * \brief Gets offset of a logical block's metadata in metadata block.
- *
- * \param[in] lblock Logical block number
- *
- * \return Return offset value in metadata block
- */
-static uint32_t sst_mblock_block_meta_offset(uint32_t lblock)
-{
- uint32_t offset;
-
- offset = SST_BLOCK_META_HEADER_SIZE +
- (lblock * SST_BLOCK_METADATA_SIZE);
-
- return offset;
-}
-
-/**
- * \brief Gets offset of an file metadata in metadata block.
- *
- * \param[in] idx File metadata entry index
- *
- * \return Return offset value in metadata block
- */
-static uint32_t sst_mblock_file_meta_offset(uint32_t idx)
-{
- uint32_t offset;
-
- offset = SST_BLOCK_META_HEADER_SIZE
- + (SST_NUM_ACTIVE_DBLOCKS * SST_BLOCK_METADATA_SIZE)
- + (idx * SST_FILE_METADATA_SIZE);
-
- return offset;
-}
-
-/**
- * \brief Gets current scratch metadata block.
- *
- * \return scratch metablock's id
- */
-__attribute__((always_inline))
-__STATIC_INLINE uint32_t sst_cur_meta_scratch_id(void)
-{
- return sst_flash_fs_ctx.scratch_metablock;
-}
-
-/**
- * \brief Gets current active metadata block.
- *
- * \return scratch metablock's ID
- */
-__attribute__((always_inline))
-__STATIC_INLINE uint32_t sst_mblock_cur_meta_active(void)
-{
- return sst_flash_fs_ctx.active_metablock;
-}
-
-/**
- * \brief Swaps metablocks. Scratch becomes active and active becomes scratch.
- */
-static void sst_mblock_swap_metablocks(void)
-{
- uint32_t tmp_block;
-
- tmp_block = sst_flash_fs_ctx.scratch_metablock;
- sst_flash_fs_ctx.scratch_metablock = sst_flash_fs_ctx.active_metablock;
- sst_flash_fs_ctx.active_metablock = tmp_block;
-}
-
-/**
- * \brief Finds the potential most recent valid metablock.
- *
- * \param[in] h_meta0 Header metadata of meta block 0
- * \param[in] h_meta1 Header metadata of meta block 1
- *
- * \return most recent metablock
- */
-static uint8_t sst_mblock_latest_meta_block(
- const struct sst_metadata_block_header_t *h_meta0,
- const struct sst_metadata_block_header_t *h_meta1)
-{
- uint8_t cur_meta;
- uint8_t meta0_swap_count = h_meta0->active_swap_count;
- uint8_t meta1_swap_count = h_meta1->active_swap_count;
-
- /* FIXME: Currently, it returns the potential most recent valid metablock
- * based on the swap count. This function will be updated later when
- * the rollback protection feature is introduced.
- */
-
- /* Logic: if the swap count is 0, then it has rolled over. The metadata
- * block with a swap count of 0 is the latest one, unless the other block
- * has a swap count of 1, in which case the roll over occurred in the
- * previous update. In all other cases, the block with the highest swap
- * count is the latest one.
- */
- if ((meta1_swap_count == 0) && (meta0_swap_count != 1)) {
- /* Metadata block 1 swap count has rolled over and metadata block 0
- * swap count has not, so block 1 is the latest
- */
- cur_meta = SST_METADATA_BLOCK1;
-
- } else if ((meta0_swap_count == 0) && (meta1_swap_count != 1)) {
- /* Metadata block 0 swap count has rolled over and metadata block 1
- * swap count has not, so block 0 is the latest.
- */
- cur_meta = SST_METADATA_BLOCK0;
-
- } else if (meta1_swap_count > meta0_swap_count) {
- /* Neither swap count has just rolled over and metadata block 1 has a
- * higher swap count, so block 1 is the latest.
- */
- cur_meta = SST_METADATA_BLOCK1;
-
- } else {
- /* Neither swap count has just rolled over and metadata block 0 has a
- * higher or equal swap count, so block 0 is the latest.
- */
- cur_meta = SST_METADATA_BLOCK0;
- }
-
- return cur_meta;
-}
-
-#ifdef SST_VALIDATE_METADATA_FROM_FLASH
-/**
- * \brief Validates file metadata in order to guarantee that a corruption or
- * malicious change in stored metadata doesn't result in an invalid
- * access.
- *
- * \param[in] file_meta Pointer to file meta structure
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-__attribute__((always_inline))
-__STATIC_INLINE psa_ps_status_t sst_mblock_validate_file_meta(
- const struct sst_file_meta_t *file_meta)
-{
- psa_ps_status_t err;
-
- /* Logical block ID can not be bigger or equal than number of
- * active blocks.
- */
- if (file_meta->lblock >= SST_NUM_ACTIVE_DBLOCKS) {
- return PSA_PS_ERROR_DATA_CORRUPT;
- }
-
- /* meta->id can be 0 if the file is not in use. If it is in
- * use, check the metadata.
- */
- if (sst_utils_validate_fid(file_meta->id) == PSA_PS_SUCCESS) {
- /* validate files values if file is in use */
- if (file_meta->max_size > SST_MAX_OBJECT_SIZE) {
- return PSA_PS_ERROR_DATA_CORRUPT;
- }
-
- /* The current file data size must be smaller or equal than
- * file data max size.
- */
- if (file_meta->cur_size > file_meta->max_size) {
- return PSA_PS_ERROR_DATA_CORRUPT;
- }
-
- if (file_meta->lblock == SST_LOGICAL_DBLOCK0) {
- /* In block 0, data index must be located after the metadata */
- if (file_meta->data_idx <
- sst_mblock_file_meta_offset(SST_MAX_NUM_OBJECTS)) {
- return PSA_PS_ERROR_DATA_CORRUPT;
- }
- }
-
- /* Boundary check the incoming request */
- err = sst_utils_check_contained_in(SST_BLOCK_SIZE,
- file_meta->data_idx,
- file_meta->max_size);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_DATA_CORRUPT;
- }
- }
-
- return PSA_PS_SUCCESS;
-}
-
-/**
- * \brief Validates block metadata in order to guarantee that a corruption or
- * malicious change in stored metadata doesn't result in an invalid
- * access.
- *
- * \param[in] block_meta Pointer to block meta structure
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-__attribute__((always_inline))
-__STATIC_INLINE psa_ps_status_t sst_mblock_validate_block_meta(
- const struct sst_block_meta_t *block_meta)
-{
- psa_ps_status_t err;
- /* Data block's data start at position 0 */
- uint32_t valid_data_start_value = 0;
-
- if (block_meta->phy_id >= SST_TOTAL_NUM_OF_BLOCKS) {
- return PSA_PS_ERROR_DATA_CORRUPT;
- }
-
- /* Boundary check: block data start + free size can not be bigger
- * than max block size.
- */
- err = sst_utils_check_contained_in(SST_BLOCK_SIZE,
- block_meta->data_start,
- block_meta->free_size);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_DATA_CORRUPT;
- }
-
- if (block_meta->phy_id == SST_METADATA_BLOCK0 ||
- block_meta->phy_id == SST_METADATA_BLOCK1) {
-
- /* For metadata + data block, data index must start after the
- * metadata area.
- */
- valid_data_start_value = sst_mblock_file_meta_offset(
- SST_MAX_NUM_OBJECTS);
- }
-
- if (block_meta->data_start != valid_data_start_value) {
- return PSA_PS_ERROR_DATA_CORRUPT;
- }
-
- return PSA_PS_SUCCESS;
-}
-#endif
-
-/**
- * \brief Gets a free file metadata table entry.
- *
- * \return Return index of a free file meta entry
- */
-static uint32_t sst_get_free_file_index(void)
-{
- psa_ps_status_t err;
- uint32_t i;
- struct sst_file_meta_t tmp_metadata;
-
- for (i = 0; i < SST_MAX_NUM_OBJECTS; i++) {
- err = sst_flash_fs_mblock_read_file_meta(i, &tmp_metadata);
- if (err != PSA_PS_SUCCESS) {
- return SST_METADATA_INVALID_INDEX;
- }
-
- /* Check if this entry is free by checking if ID values is an
- * invalid ID.
- */
- if (sst_utils_validate_fid(tmp_metadata.id) != PSA_PS_SUCCESS) {
- /* Found */
- return i;
- }
- }
-
- return SST_METADATA_INVALID_INDEX;
-}
-
-/**
- * \brief Writes an file metadata entry into scratch metadata block.
- *
- * \param[in] idx File metadata entry index in the metadata table
- * \param[in] file_meta Metadata pointer
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-static psa_ps_status_t sst_mblock_update_scratch_file_meta(uint32_t idx,
- struct sst_file_meta_t *file_meta)
-{
- psa_ps_status_t err;
- uint32_t pos;
- uint32_t scratch_block;
-
- scratch_block = sst_cur_meta_scratch_id();
-
- /* Calculate the position */
- pos = sst_mblock_file_meta_offset(idx);
- err = sst_flash_write(scratch_block, (uint8_t *)file_meta, pos,
- SST_FILE_METADATA_SIZE);
- return err;
-}
-
-/**
- * \brief Erases data and meta scratch blocks.
- */
-static psa_ps_status_t sst_mblock_erase_scratch_blocks(void)
-{
- psa_ps_status_t err;
- uint32_t scratch_datablock;
- uint32_t scratch_metablock;
-
- scratch_metablock = sst_cur_meta_scratch_id();
-
- /* For the atomicity of the data update process
- * and power-failure-safe operation, it is necessary that
- * metadata scratch block is erased before data block.
- */
- err = sst_flash_erase_block(scratch_metablock);
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
-
- /* If the number of blocks is bigger than 2, the code needs to erase the
- * scratch block used to process any change in the data block which contains
- * only data. Otherwise, if the number of blocks is equal to 2, it means
- * that all data is stored in the metadata block.
- */
- if (SST_TOTAL_NUM_OF_BLOCKS > 2) {
- scratch_datablock = sst_flash_fs_mblock_cur_data_scratch_id(
- (SST_LOGICAL_DBLOCK0 + 1));
- err = sst_flash_erase_block(scratch_datablock);
- }
-
- return err;
-}
-
-/**
- * \brief Updates scratch block meta.
- *
- * \param[in] lblock Logical block number
- * \param[in] block_meta Pointer to the block metadata data to write in the
- * scratch block
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-static psa_ps_status_t sst_mblock_update_scratch_block_meta(uint32_t lblock,
- struct sst_block_meta_t *block_meta)
-{
- psa_ps_status_t err;
- uint32_t meta_block;
- uint32_t pos;
-
- meta_block = sst_cur_meta_scratch_id();
- /* Calculate the position */
- pos = sst_mblock_block_meta_offset(lblock);
- err = sst_flash_write(meta_block, (uint8_t *)block_meta, pos,
- SST_BLOCK_METADATA_SIZE);
- return err;
-}
-
-/**
- * \brief Copies rest of the block metadata.
- *
- * \param[in] lblock Logical block number to skip
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-static psa_ps_status_t sst_mblock_copy_remaining_block_meta(uint32_t lblock)
-{
- struct sst_block_meta_t block_meta;
- psa_ps_status_t err;
- uint32_t meta_block;
- uint32_t pos;
- uint32_t scratch_block;
- uint32_t size;
-
- scratch_block = sst_cur_meta_scratch_id();
- meta_block = sst_mblock_cur_meta_active();
-
- if (lblock != SST_LOGICAL_DBLOCK0) {
- /* The file data in the logical block 0 is stored in same physical
- * block where the metadata is stored. A change in the metadata requires
- * a swap of physical blocks. So, the physical block ID of logical block
- * 0 needs to be updated to reflect this change, if the file processed
- * is not located in logical block 0. If it is located in block 0,
- * the physical block ID has been updated while processing the file
- * data.
- */
- err = sst_flash_fs_mblock_read_block_metadata(SST_LOGICAL_DBLOCK0,
- &block_meta);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
-
- /* Update physical ID for logical block 0 to match with the
- * metadata block physical ID.
- */
- block_meta.phy_id = scratch_block;
- err = sst_mblock_update_scratch_block_meta(SST_LOGICAL_DBLOCK0,
- &block_meta);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
-
- /* Copy the rest of metadata blocks between logical block 0 and
- * the logical block provided in the function.
- */
- if (lblock > 1) {
- pos = sst_mblock_block_meta_offset(SST_LOGICAL_DBLOCK0 + 1);
-
- size = sst_mblock_block_meta_offset(lblock) - pos;
-
- /* Copy rest of the block data from previous block */
- /* Data before updated content */
- err = sst_flash_block_to_block_move(scratch_block, pos, meta_block,
- pos, size);
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
- }
- }
-
- /* Move meta blocks data after updated content */
- pos = sst_mblock_block_meta_offset(lblock+1);
-
- size = sst_mblock_file_meta_offset(0) - pos;
-
- err = sst_flash_block_to_block_move(scratch_block, pos,
- meta_block, pos, size);
-
- return err;
-}
-
-/**
- * \brief Checks the validity of the metadata block's swap count.
- *
- * \param[in] swap_count Swap count to validate
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-__attribute__((always_inline))
-__STATIC_INLINE psa_ps_status_t sst_mblock_validate_swap_count(
- uint8_t swap_count)
-{
- psa_ps_status_t err = PSA_PS_SUCCESS;
-
- /* When a flash block is erased, the default value
- * is usually 0xFF (i.e. all 1s). Since the swap count
- * is updated last (when encryption is disabled), it is
- * possible that due to a power failure, the swap count
- * value in metadata header is 0xFFFF..., which mean
- * it will appear to be most recent block. Which isn't
- * a problem in itself, as the rest of the metadata is fully
- * valid (as it would have been written before swap count).
- * However, this also means that previous update process
- * wasn't complete. So, if the value is 0xFF..., revert
- * back to previous metablock instead.
- */
- if (swap_count == SST_FLASH_DEFAULT_VAL) {
- err = PSA_PS_ERROR_OPERATION_FAILED;
- }
-
- return err;
-}
-
-/**
- * \brief Checks the validity of FS version.
- *
- * \param[in] fs_version File system version.
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-__attribute__((always_inline))
-__STATIC_INLINE psa_ps_status_t sst_mblock_validate_fs_version(
- uint8_t fs_version)
-{
- psa_ps_status_t err = PSA_PS_SUCCESS;
-
- /* Looks for exact version number.
- * FIXME: backward compatibility could be considered in future revisions.
- */
- if (fs_version != SST_SUPPORTED_VERSION) {
- err = PSA_PS_ERROR_OPERATION_FAILED;
- }
-
- return err;
-}
-
-/**
- * \brief Validates header metadata in order to guarantee that a corruption or
- * malicious change in stored metadata doesn't result in an invalid
- * access and the header version is correct.
- *
- * \param[in] h_meta Pointer to metadata block header
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-static psa_ps_status_t sst_mblock_validate_header_meta(
- struct sst_metadata_block_header_t *h_meta)
-{
- psa_ps_status_t err;
-
- err = sst_mblock_validate_fs_version(h_meta->fs_version);
- if (err == PSA_PS_SUCCESS) {
- err = sst_mblock_validate_swap_count(h_meta->active_swap_count);
- }
-
- return err;
-}
-
-/**
- * \brief Writes the scratch metadata's header.
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-static psa_ps_status_t sst_mblock_write_scratch_meta_header(void)
-{
- psa_ps_status_t err;
- uint32_t scratch_metablock;
-
- scratch_metablock = sst_cur_meta_scratch_id();
-
- /* Increment the swap count */
- sst_flash_fs_ctx.meta_block_header.active_swap_count += 1;
-
- err = sst_mblock_validate_swap_count(
- sst_flash_fs_ctx.meta_block_header.active_swap_count);
- if (err != PSA_PS_SUCCESS) {
- /* Reset the swap count to 0 */
- sst_flash_fs_ctx.meta_block_header.active_swap_count = 0;
- }
-
- /* Write the metadata block header */
- err = sst_flash_write(scratch_metablock,
- (uint8_t *)(&sst_flash_fs_ctx.meta_block_header),
- 0, SST_BLOCK_META_HEADER_SIZE);
-
- return err;
-}
-
-/**
- * \brief Reads the active metadata block header into sst_system_ctx.
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-static psa_ps_status_t sst_mblock_read_meta_header(void)
-{
- psa_ps_status_t err;
-
- err = sst_flash_read(sst_flash_fs_ctx.active_metablock,
- (uint8_t *)&sst_flash_fs_ctx.meta_block_header, 0,
- SST_BLOCK_META_HEADER_SIZE);
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
-
- err = sst_mblock_validate_header_meta(&sst_flash_fs_ctx.meta_block_header);
-
- return err;
-}
-
-/**
- * \brief Reserves space for an file.
- *
- * \param[in] fid File ID
- * \param[in] size Size of the file for which space is reserve
- * \param[out] file_meta File metadata entry
- * \param[out] block_meta Block metadata entry
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-static psa_ps_status_t sst_mblock_reserve_file(uint32_t fid, uint32_t size,
- struct sst_file_meta_t *file_meta,
- struct sst_block_meta_t *block_meta)
-{
- psa_ps_status_t err;
- uint32_t i;
-
- for (i = 0; i < SST_NUM_ACTIVE_DBLOCKS; i++) {
- err = sst_flash_fs_mblock_read_block_metadata(i, block_meta);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
-
- if (block_meta->free_size >= size) {
- /* Set file metadata */
- file_meta->lblock = i;
- file_meta->data_idx = SST_BLOCK_SIZE - block_meta->free_size;
- file_meta->max_size = size;
- file_meta->id = fid;
- file_meta->cur_size = 0;
-
- /* Update block metadata */
- block_meta->free_size -= size;
- return PSA_PS_SUCCESS;
- }
- }
-
- /* No block has large enough space to fit the requested file */
- return PSA_PS_ERROR_INSUFFICIENT_SPACE;
-}
-
-/**
- * \brief Validates and find the valid-active metablock
- *
- * \return Returns value as specified in \ref psa_ps_status_t
- */
-static psa_ps_status_t sst_init_get_active_metablock(void)
-{
- uint32_t cur_meta_block = SST_BLOCK_INVALID_ID;
- psa_ps_status_t err;
- struct sst_metadata_block_header_t h_meta0;
- struct sst_metadata_block_header_t h_meta1;
- uint8_t num_valid_meta_blocks = 0;
-
- /* First two blocks are reserved for metadata */
-
- /* Read the header of both the metdata blocks */
- err = sst_flash_read(SST_METADATA_BLOCK0, (uint8_t *)&h_meta0,
- 0, SST_BLOCK_META_HEADER_SIZE);
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
-
- err = sst_flash_read(SST_METADATA_BLOCK1, (uint8_t *)&h_meta1,
- 0, SST_BLOCK_META_HEADER_SIZE);
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
-
- /* If there are two potential active metadata blocks,
- * an out of turn power down sequence didn't allow previous
- * update operation to complete. Need to find out the valid
- * metadata block now.
- */
- if (sst_mblock_validate_header_meta(&h_meta0) == PSA_PS_SUCCESS) {
- num_valid_meta_blocks++;
- cur_meta_block = SST_METADATA_BLOCK0;
- }
-
- if (sst_mblock_validate_header_meta(&h_meta1) == PSA_PS_SUCCESS) {
- num_valid_meta_blocks++;
- cur_meta_block = SST_METADATA_BLOCK1;
- }
-
- /* If there are more than 1 potential metablocks, the previous
- * update operation was interrupted by power failure. In which case,
- * need to find out which one is potentially latest metablock.
- */
- if (num_valid_meta_blocks > 1) {
- cur_meta_block = sst_mblock_latest_meta_block(&h_meta0, &h_meta1);
- } else if (num_valid_meta_blocks == 0) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
-
- sst_flash_fs_ctx.active_metablock = cur_meta_block;
- sst_flash_fs_ctx.scratch_metablock = SST_OTHER_META_BLOCK(cur_meta_block);
-
- return PSA_PS_SUCCESS;
-}
-
-psa_ps_status_t sst_flash_fs_mblock_cp_remaining_file_meta(uint32_t idx)
-{
- psa_ps_status_t err;
- uint32_t end;
- uint32_t meta_block;
- uint32_t pos;
- uint32_t scratch_block;
-
- scratch_block = sst_cur_meta_scratch_id();
- meta_block = sst_mblock_cur_meta_active();
- /* Calculate the position */
- pos = sst_mblock_file_meta_offset(0);
- /* Copy rest of the block data from previous block */
- /* Data before updated content */
- err = sst_flash_block_to_block_move(scratch_block, pos, meta_block, pos,
- (idx * SST_FILE_METADATA_SIZE));
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
-
- /* Data after updated content */
- pos = sst_mblock_file_meta_offset(idx + 1);
-
- /* Get end of file meta position which is the position after the last
- * byte of file meta.
- */
- end = sst_mblock_file_meta_offset(SST_MAX_NUM_OBJECTS);
- if (end > pos) {
- err = sst_flash_block_to_block_move(scratch_block, pos, meta_block,
- pos, (end - pos));
- }
-
- return err;
-}
-
-uint32_t sst_flash_fs_mblock_cur_data_scratch_id(uint32_t lblock)
-{
- if (lblock == SST_LOGICAL_DBLOCK0) {
- /* Scratch logical data block 0 physical IDs */
- return sst_cur_meta_scratch_id();
- }
-
- return sst_flash_fs_ctx.meta_block_header.scratch_dblock;
-}
-
-psa_ps_status_t sst_flash_fs_mblock_get_file_idx(uint32_t fid, uint32_t *idx)
-{
- psa_ps_status_t err;
- uint32_t i;
- struct sst_file_meta_t tmp_metadata;
-
- for (i = 0; i < SST_MAX_NUM_OBJECTS; i++) {
- err = sst_flash_fs_mblock_read_file_meta(i, &tmp_metadata);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
-
- /* ID with value 0x00 means end of file meta section */
- if (tmp_metadata.id == fid) {
- /* Found */
- *idx = i;
- return PSA_PS_SUCCESS;
- }
- }
-
- return PSA_PS_ERROR_UID_NOT_FOUND;
-}
-
-psa_ps_status_t sst_flash_fs_mblock_init(void)
-{
- psa_ps_status_t err;
-
- /* Initialize Flash Interface */
- err = sst_flash_init();
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
-
- err = sst_init_get_active_metablock();
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
-
- err = sst_mblock_read_meta_header();
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
-
- /* Erase the other scratch metadata block */
- err = sst_mblock_erase_scratch_blocks();
-
- return err;
-}
-
-psa_ps_status_t sst_flash_fs_mblock_meta_update_finalize(void)
-{
- psa_ps_status_t err;
-
- /* Write the metadata block header to flash */
- err = sst_mblock_write_scratch_meta_header();
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
-
- /* Update the running context */
- sst_mblock_swap_metablocks();
-
- /* Erase meta block and current scratch block */
- err = sst_mblock_erase_scratch_blocks();
-
- return err;
-}
-
-psa_ps_status_t sst_flash_fs_mblock_migrate_lb0_data_to_scratch(void)
-{
- struct sst_block_meta_t block_meta;
- uint32_t current_metablock;
- uint32_t data_size;
- psa_ps_status_t err;
- uint32_t scratch_metablock;
-
- scratch_metablock = sst_cur_meta_scratch_id();
- current_metablock = sst_mblock_cur_meta_active();
-
- err = sst_flash_fs_mblock_read_block_metadata(SST_LOGICAL_DBLOCK0,
- &block_meta);
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
-
- /* Calculate data size stored in the B0 block */
- data_size = ((SST_BLOCK_SIZE - block_meta.data_start)
- - block_meta.free_size);
-
- err = sst_flash_block_to_block_move(scratch_metablock,
- block_meta.data_start,
- current_metablock,
- block_meta.data_start,
- data_size);
- return err;
-}
-
-psa_ps_status_t sst_flash_fs_mblock_read_file_meta(uint32_t idx,
- struct sst_file_meta_t *file_meta)
-{
- psa_ps_status_t err;
- uint32_t offset;
-
- offset = sst_mblock_file_meta_offset(idx);
- err = sst_flash_read(sst_flash_fs_ctx.active_metablock,
- (uint8_t *)file_meta, offset,
- SST_FILE_METADATA_SIZE);
-
-#ifdef SST_VALIDATE_METADATA_FROM_FLASH
- if (err == PSA_PS_SUCCESS) {
- err = sst_mblock_validate_file_meta(file_meta);
- }
-#endif
-
- return err;
-}
-
-psa_ps_status_t sst_flash_fs_mblock_read_block_metadata(uint32_t lblock,
- struct sst_block_meta_t *block_meta)
-{
- psa_ps_status_t err;
- uint32_t metablock;
- uint32_t pos;
-
- metablock = sst_mblock_cur_meta_active();
- pos = sst_mblock_block_meta_offset(lblock);
- err = sst_flash_read(metablock, (uint8_t *)block_meta,
- pos, SST_BLOCK_METADATA_SIZE);
-
-#ifdef SST_VALIDATE_METADATA_FROM_FLASH
- if (err == PSA_PS_SUCCESS) {
- err = sst_mblock_validate_block_meta(block_meta);
- }
-#endif
-
- return err;
-}
-
-psa_ps_status_t sst_flash_fs_mblock_reserve_file(uint32_t fid, uint32_t size,
- uint32_t *idx,
- struct sst_file_meta_t *file_meta,
- struct sst_block_meta_t *block_meta)
-{
- psa_ps_status_t err;
-
- err = sst_mblock_reserve_file(fid, size, file_meta, block_meta);
-
- *idx = sst_get_free_file_index();
- if ((err != PSA_PS_SUCCESS) ||
- (*idx == SST_METADATA_INVALID_INDEX)) {
- return PSA_PS_ERROR_INSUFFICIENT_SPACE;
- }
-
- return PSA_PS_SUCCESS;
-}
-
-psa_ps_status_t sst_flash_fs_mblock_reset_metablock(void)
-{
- struct sst_block_meta_t block_meta;
- psa_ps_status_t err;
- uint32_t i;
- uint32_t metablock_to_erase_first = SST_METADATA_BLOCK0;
- struct sst_file_meta_t file_metadata;
-
- /* Erase both metadata blocks. If at least one metadata block is valid,
- * ensure that the active metadata block is erased last to prevent rollback
- * in the case of a power failure between the two erases.
- */
- if (sst_init_get_active_metablock() == PSA_PS_SUCCESS) {
- metablock_to_erase_first = sst_flash_fs_ctx.scratch_metablock;
- }
-
- err = sst_flash_erase_block(metablock_to_erase_first);
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
-
- err = sst_flash_erase_block(SST_OTHER_META_BLOCK(metablock_to_erase_first));
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
-
- sst_flash_fs_ctx.meta_block_header.active_swap_count = 0;
- sst_flash_fs_ctx.meta_block_header.scratch_dblock = SST_INIT_SCRATCH_DBLOCK;
- sst_flash_fs_ctx.meta_block_header.fs_version = SST_SUPPORTED_VERSION;
- sst_flash_fs_ctx.scratch_metablock = SST_METADATA_BLOCK1;
- sst_flash_fs_ctx.active_metablock = SST_METADATA_BLOCK0;
-
- /* Fill the block metadata for logical datablock 0, which has the physical
- * id of the active metadata block. For this datablock, the space available
- * for data is from the end of the metadata to the end of the block.
- */
- block_meta.data_start = SST_ALL_METADATA_SIZE;
- block_meta.free_size = (SST_BLOCK_SIZE - block_meta.data_start);
- block_meta.phy_id = SST_METADATA_BLOCK0;
- err = sst_mblock_update_scratch_block_meta(SST_LOGICAL_DBLOCK0,
- &block_meta);
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
-
- /* Fill the block metadata for the dedicated datablocks, which have logical
- * ids beginning from 1 and physical ids initially beginning from
- * SST_INIT_DBLOCK_START. For these datablocks, the space available for
- * data is the entire block.
- */
- block_meta.data_start = 0;
- block_meta.free_size = SST_BLOCK_SIZE;
- for (i = 0; i < SST_NUM_DEDICATED_DBLOCKS; i++) {
- /* If a flash error is detected, the code erases the rest
- * of the blocks anyway to remove all data stored in them.
- */
- err |= sst_flash_erase_block(i + SST_INIT_DBLOCK_START);
- }
-
- /* If an error is detected while erasing the flash, then return a
- * system error to abort core wipe process.
- */
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_STORAGE_FAILURE;
- }
-
- for (i = 0; i < SST_NUM_DEDICATED_DBLOCKS; i++) {
- block_meta.phy_id = i + SST_INIT_DBLOCK_START;
- err = sst_mblock_update_scratch_block_meta(i + 1, &block_meta);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
- }
-
- /* Initialize file metadata table */
- (void)tfm_memset(&file_metadata, SST_DEFAULT_EMPTY_BUFF_VAL,
- SST_FILE_METADATA_SIZE);
- for (i = 0; i < SST_MAX_NUM_OBJECTS; i++) {
- /* In the beginning phys id is same as logical id */
- /* Update file metadata to reflect new attributes */
- err = sst_mblock_update_scratch_file_meta(i, &file_metadata);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
- }
-
- err = sst_mblock_write_scratch_meta_header();
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
-
- /* Swap active and scratch metablocks */
- sst_mblock_swap_metablocks();
-
- return PSA_PS_SUCCESS;
-}
-
-void sst_flash_fs_mblock_set_data_scratch(uint32_t phy_id, uint32_t lblock)
-{
- if (lblock != SST_LOGICAL_DBLOCK0) {
- sst_flash_fs_ctx.meta_block_header.scratch_dblock = phy_id;
- }
-}
-
-psa_ps_status_t sst_flash_fs_mblock_update_scratch_block_meta(
- uint32_t lblock,
- struct sst_block_meta_t *block_meta)
-{
- psa_ps_status_t err;
-
- /* If the file is the logical block 0, then update the physical ID to the
- * current scratch metadata block so that it is correct after the metadata
- * blocks are swapped.
- */
- if (lblock == SST_LOGICAL_DBLOCK0) {
- block_meta->phy_id = sst_cur_meta_scratch_id();
- }
-
- err = sst_mblock_update_scratch_block_meta(lblock, block_meta);
- if (err != PSA_PS_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
-
- err = sst_mblock_copy_remaining_block_meta(lblock);
-
- return err;
-}
-
-psa_ps_status_t sst_flash_fs_mblock_update_scratch_file_meta(uint32_t idx,
- struct sst_file_meta_t *file_meta)
-{
- return sst_mblock_update_scratch_file_meta(idx, file_meta);
-}
diff --git a/secure_fw/services/secure_storage/flash_fs/sst_flash_fs_mblock.h b/secure_fw/services/secure_storage/flash_fs/sst_flash_fs_mblock.h
deleted file mode 100644
index bee15f9dd6..0000000000
--- a/secure_fw/services/secure_storage/flash_fs/sst_flash_fs_mblock.h
+++ /dev/null
@@ -1,214 +0,0 @@
-/*
- * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#ifndef __SST_FLASH_FS_MBLOCK_H__
-#define __SST_FLASH_FS_MBLOCK_H__
-
-#include <stdint.h>
-
-#include "secure_fw/services/secure_storage/flash/sst_flash.h"
-#include "secure_fw/services/secure_storage/sst_object_defs.h"
-#include "psa/protected_storage.h"
-
-/*!
- * \def SST_SUPPORTED_VERSION
- *
- * \brief Defines the supported version.
- */
-#define SST_SUPPORTED_VERSION 0x01
-
-/*!
- * \def SST_METADATA_INVALID_INDEX
- *
- * \brief Defines the invalid index value when the metadata table is full
- */
-#define SST_METADATA_INVALID_INDEX 0xFFFF
-
-/*!
- * \def SST_LOGICAL_DBLOCK0
- *
- * \brief Defines logical data block 0 ID
- */
-#define SST_LOGICAL_DBLOCK0 0
-
-/*!
- * \struct sst_block_meta_t
- *
- * \brief Structure to store information about each physical flash memory block.
- */
-struct __attribute__((__aligned__(SST_FLASH_PROGRAM_UNIT))) sst_block_meta_t {
- uint32_t phy_id; /*!< Physical ID of this logical block */
- uint32_t data_start; /*!< Offset from the beginning of the
- * block to the location where the data
- * starts
- */
- uint32_t free_size; /*!< Number of bytes free at end of
- * block (set during block compaction
- * for gap reuse)
- */
-};
-
-/*!
- * \struct sst_file_meta_t
- *
- * \brief Structure to store file metadata.
- *
- */
-struct __attribute__((__aligned__(SST_FLASH_PROGRAM_UNIT))) sst_file_meta_t {
- uint32_t lblock; /*!< Logical datablock where file is stored */
- uint32_t data_idx; /*!< Offset in the logical data block */
- uint32_t cur_size; /*!< Size in storage system for this fragment */
- uint32_t max_size; /*!< Maximum size of this file */
- uint32_t id; /*!< ID of this file, compiler generated
- * based on user defined user_defs.h
- */
-};
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \brief Initializes metadata block with the valid/active metablock.
- *
- * \return Returns value as specified in \ref psa_ps_status_t
- */
-psa_ps_status_t sst_flash_fs_mblock_init(void);
-
-/**
- * \brief Copies rest of the file metadata, except for the one pointed by
- * index.
- *
- * \param[in] idx File metadata entry index to skip
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-psa_ps_status_t sst_flash_fs_mblock_cp_remaining_file_meta(uint32_t idx);
-
-/**
- * \brief Gets current scratch datablock physical ID.
- *
- * \param[in] lblock Logical block number
- *
- * \return current scratch data block
- */
-uint32_t sst_flash_fs_mblock_cur_data_scratch_id(uint32_t lblock);
-
-/**
- * \brief Gets file metadata entry index.
- *
- * \param[in] fid ID of the file
- * \param[out] idx Index of the file metadata in the file system
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-psa_ps_status_t sst_flash_fs_mblock_get_file_idx(uint32_t fid, uint32_t *idx);
-
-/**
- * \brief Finalizes an update operation.
- * Last step when a create/write/delete is performed.
- *
- * \return Returns offset value in metadata block
- */
-psa_ps_status_t sst_flash_fs_mblock_meta_update_finalize(void);
-
-/**
- * \brief Writes the files data area of logical block 0 into the scratch
- * block.
- *
- * \note The files data in the logical block 0 is stored in same physical
- * block where the metadata is stored. A change in the metadata requires a
- * swap of physical blocks. So, the files data stored in the current
- * medadata block needs to be copied in the scratch block, unless
- * the data of the file processed is located in the logical block 0.
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-psa_ps_status_t sst_flash_fs_mblock_migrate_lb0_data_to_scratch(void);
-
-/**
- * \brief Reads specified file metadata.
- *
- * \param[in] idx File metadata entry index
- * \param[out] file_meta Pointer to file meta structure
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-psa_ps_status_t sst_flash_fs_mblock_read_file_meta(uint32_t idx,
- struct sst_file_meta_t *file_meta);
-
-/**
- * \brief Reads specified logical block metadata.
- *
- * \param[in] lblock Logical block number
- * \param[out] block_meta Pointer to block meta structure
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-psa_ps_status_t sst_flash_fs_mblock_read_block_metadata(uint32_t lblock,
- struct sst_block_meta_t *block_meta);
-
-/**
- * \brief Reserves space for a file.
- *
- * \param[in] file_id File ID
- * \param[in] size Size of the file for which space is reserve
- * \param[out] file_meta_idx File metadata entry index
- * \param[out] file_meta File metadata entry
- * \param[out] block_meta Block metadata entry
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-psa_ps_status_t sst_flash_fs_mblock_reserve_file(uint32_t file_id,
- uint32_t size,
- uint32_t *file_meta_idx,
- struct sst_file_meta_t *file_meta,
- struct sst_block_meta_t *block_meta);
-
-/**
- * \brief Resets metablock by cleaning and initializing the metadatablock.
- *
- * \return Returns value as specified in \ref psa_ps_status_t
- */
-psa_ps_status_t sst_flash_fs_mblock_reset_metablock(void);
-
-/**
- * \brief Sets current data scratch block
- *
- * \param[in] phy_id Physical ID of scratch data block
- * \param[in] lblock Logical block number
- */
-void sst_flash_fs_mblock_set_data_scratch(uint32_t phy_id, uint32_t lblock);
-
-/**
- * \brief Puts logical block's metadata in scratch metadata block
- *
- * \param[in] lblock Logical block number
- * \param[in] block_meta Pointer to block's metadata
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-psa_ps_status_t sst_flash_fs_mblock_update_scratch_block_meta(
- uint32_t lblock,
- struct sst_block_meta_t *block_meta);
-
-/**
- * \brief Writes a file metadata entry into scratch metadata block.
- *
- * \param[in] idx File's index in the metadata table
- * \param[in] file_meta Metadata pointer
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
- */
-psa_ps_status_t sst_flash_fs_mblock_update_scratch_file_meta(uint32_t idx,
- struct sst_file_meta_t *file_meta);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __SST_FLASH_FS_MBLOCK_H__ */
diff --git a/secure_fw/services/secure_storage/sst_encrypted_object.c b/secure_fw/services/secure_storage/sst_encrypted_object.c
index 0383ba4511..aad27520bd 100644
--- a/secure_fw/services/secure_storage/sst_encrypted_object.c
+++ b/secure_fw/services/secure_storage/sst_encrypted_object.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -10,7 +10,7 @@
#include <stddef.h>
#include "crypto/sst_crypto_interface.h"
-#include "flash_fs/sst_flash_fs.h"
+#include "psa/internal_trusted_storage.h"
#include "tfm_memory_utils.h"
#include "sst_object_defs.h"
#include "sst_utils.h"
@@ -19,14 +19,11 @@
#define SST_ENCRYPT_SIZE(plaintext_size) \
((plaintext_size) + SST_OBJECT_HEADER_SIZE - sizeof(union sst_crypto_t))
-#define SST_CRYPTO_CLEAR_BUF_VALUE 0
#define SST_OBJECT_START_POSITION 0
-#define SST_EMPTY_OBJECT_SIZE 0
/* Buffer to store the maximum encrypted object */
/* FIXME: Do partial encrypt/decrypt to reduce the size of internal buffer */
-#define SST_MAX_ENCRYPTED_OBJ_SIZE GET_ALIGNED_FLASH_BYTES( \
- SST_ENCRYPT_SIZE(SST_MAX_OBJECT_DATA_SIZE))
+#define SST_MAX_ENCRYPTED_OBJ_SIZE SST_ENCRYPT_SIZE(SST_MAX_OBJECT_DATA_SIZE)
/* FIXME: add the tag length to the crypto buffer size to account for the tag
* being appended to the ciphertext by the crypto layer.
@@ -139,26 +136,21 @@ psa_ps_status_t sst_encrypted_object_read(uint32_t fid,
struct sst_object_t *obj)
{
psa_ps_status_t err;
- struct sst_file_info_t file_info;
uint32_t decrypt_size;
-
- /* Get the current size of the encrypted object */
- err = sst_flash_fs_file_get_info(fid, &file_info);
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
+ size_t data_length;
/* Read the encrypted object from the the persistent area */
- err = sst_flash_fs_file_read(fid, file_info.size_current,
- SST_OBJECT_START_POSITION,
- obj->header.crypto.ref.iv);
+ err = psa_status_to_psa_ps_status(
+ psa_its_get(fid, SST_OBJECT_START_POSITION,
+ SST_MAX_OBJECT_SIZE,
+ (void *)obj->header.crypto.ref.iv,
+ &data_length));
if (err != PSA_PS_SUCCESS) {
return err;
}
/* Get the decrypt size */
- decrypt_size = file_info.size_current -
- GET_ALIGNED_FLASH_BYTES(sizeof(obj->header.crypto.ref.iv));
+ decrypt_size = data_length - sizeof(obj->header.crypto.ref.iv);
/* Decrypt the object data */
err = sst_object_auth_decrypt(fid, decrypt_size, obj);
@@ -175,27 +167,7 @@ psa_ps_status_t sst_encrypted_object_write(uint32_t fid,
psa_ps_status_t err;
uint32_t wrt_size;
- wrt_size = SST_ENCRYPT_SIZE(obj->header.info.max_size) +
- sizeof(obj->header.crypto.ref.iv);
-
- wrt_size = GET_ALIGNED_FLASH_BYTES(wrt_size);
-
-#if (SST_FLASH_PROGRAM_UNIT!=1)
- /* FIX ME
- * As GET_ALIGNED_FLASH_BYTES is called twice
- * to align IV ,and header + payload
- */
- wrt_size +=SST_FLASH_PROGRAM_UNIT;
-#endif
-
- /* Create an object in the object system */
- err = sst_flash_fs_file_create(fid, wrt_size, SST_EMPTY_OBJECT_SIZE, NULL);
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
-
- wrt_size = GET_ALIGNED_FLASH_BYTES(
- SST_ENCRYPT_SIZE(obj->header.info.current_size));
+ wrt_size = SST_ENCRYPT_SIZE(obj->header.info.current_size);
/* Authenticate and encrypt the object */
err = sst_object_auth_encrypt(fid, wrt_size, obj);
@@ -205,13 +177,11 @@ psa_ps_status_t sst_encrypted_object_write(uint32_t fid,
wrt_size += sizeof(obj->header.crypto.ref.iv);
- wrt_size = GET_ALIGNED_FLASH_BYTES(wrt_size);
-
/* Write the encrypted object to the persistent area. The tag values is not
* copied as it is stored in the object table.
*/
- err = sst_flash_fs_file_write(fid, wrt_size, SST_OBJECT_START_POSITION,
- obj->header.crypto.ref.iv);
-
- return err;
+ return psa_status_to_psa_ps_status(
+ psa_its_set(fid, wrt_size,
+ (const void *)obj->header.crypto.ref.iv,
+ PSA_STORAGE_FLAG_NONE));
}
diff --git a/secure_fw/services/secure_storage/sst_object_defs.h b/secure_fw/services/secure_storage/sst_object_defs.h
index 56aedf2496..a5e264b7da 100644
--- a/secure_fw/services/secure_storage/sst_object_defs.h
+++ b/secure_fw/services/secure_storage/sst_object_defs.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -12,7 +12,6 @@
#include "flash_layout.h"
#include "psa/protected_storage.h"
-#include "sst_utils.h"
#ifdef SST_ENCRYPTION
#include "crypto/sst_crypto_interface.h"
@@ -45,7 +44,7 @@ struct sst_obj_header_t {
};
-#define SST_MAX_OBJECT_DATA_SIZE GET_ALIGNED_FLASH_BYTES(SST_MAX_ASSET_SIZE)
+#define SST_MAX_OBJECT_DATA_SIZE SST_MAX_ASSET_SIZE
/*!
* \struct sst_object_t
diff --git a/secure_fw/services/secure_storage/sst_object_system.c b/secure_fw/services/secure_storage/sst_object_system.c
index 833fee300c..33f47436ac 100644
--- a/secure_fw/services/secure_storage/sst_object_system.c
+++ b/secure_fw/services/secure_storage/sst_object_system.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2017-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -10,7 +10,7 @@
#include <stddef.h>
#include "cmsis_compiler.h"
-#include "flash_fs/sst_flash_fs.h"
+#include "psa/internal_trusted_storage.h"
#include "tfm_memory_utils.h"
#ifdef SST_ENCRYPTION
#include "sst_encrypted_object.h"
@@ -74,9 +74,7 @@ static psa_ps_status_t sst_remove_old_data(uint32_t old_fid)
}
/* Delete old file from the persistent area */
- err = sst_flash_fs_file_delete(old_fid);
-
- return err;
+ return psa_status_to_psa_ps_status(psa_its_remove(old_fid));
}
#ifndef SST_ENCRYPTION
@@ -96,11 +94,14 @@ enum read_type_t {
static psa_ps_status_t sst_read_object(enum read_type_t type)
{
psa_ps_status_t err;
+ size_t data_length;
/* Read object header */
- err = sst_flash_fs_file_read(g_obj_tbl_info.fid, SST_OBJECT_HEADER_SIZE,
- SST_OBJECT_START_POSITION,
- (uint8_t *)&g_sst_object.header);
+ err = psa_status_to_psa_ps_status(psa_its_get(g_obj_tbl_info.fid,
+ SST_OBJECT_START_POSITION,
+ SST_OBJECT_HEADER_SIZE,
+ (void *)&g_sst_object.header,
+ &data_length));
if (err != PSA_PS_SUCCESS) {
return err;
}
@@ -110,23 +111,23 @@ static psa_ps_status_t sst_read_object(enum read_type_t type)
*/
if (g_sst_object.header.fid != g_obj_tbl_info.fid ||
g_sst_object.header.version != g_obj_tbl_info.version) {
- err = PSA_PS_ERROR_DATA_CORRUPT;
+ return PSA_PS_ERROR_DATA_CORRUPT;
}
- if (type == READ_ALL_OBJECT) {
- /* Read object data if any */
- if (g_sst_object.header.info.current_size > 0) {
- err = sst_flash_fs_file_read(g_obj_tbl_info.fid,
- g_sst_object.header.info.current_size,
- SST_OBJECT_HEADER_SIZE,
- g_sst_object.data);
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
+ /* Read object data if any */
+ if (type == READ_ALL_OBJECT && g_sst_object.header.info.current_size > 0) {
+ err = psa_status_to_psa_ps_status(
+ psa_its_get(g_obj_tbl_info.fid,
+ SST_OBJECT_HEADER_SIZE,
+ g_sst_object.header.info.current_size,
+ (void *)g_sst_object.data,
+ &data_length));
+ if (err != PSA_PS_SUCCESS) {
+ return err;
}
}
- return err;
+ return PSA_PS_SUCCESS;
}
/**
@@ -139,9 +140,6 @@ static psa_ps_status_t sst_read_object(enum read_type_t type)
*/
static psa_ps_status_t sst_write_object(uint32_t wrt_size)
{
- psa_ps_status_t err;
- uint32_t max_size = SST_OBJECT_SIZE(g_sst_object.header.info.max_size);
-
/* Add object identification and increase object version */
g_sst_object.header.fid = g_obj_tbl_info.fid;
g_sst_object.header.version++;
@@ -149,11 +147,9 @@ static psa_ps_status_t sst_write_object(uint32_t wrt_size)
/* Save object version to be stored in the object table */
g_obj_tbl_info.version = g_sst_object.header.version;
- err = sst_flash_fs_file_create(g_obj_tbl_info.fid,
- GET_ALIGNED_FLASH_BYTES(max_size),
- GET_ALIGNED_FLASH_BYTES(wrt_size),
- (const uint8_t *)&g_sst_object);
- return err;
+ return psa_status_to_psa_ps_status(psa_its_set(g_obj_tbl_info.fid, wrt_size,
+ (const void *)&g_sst_object,
+ PSA_STORAGE_FLAG_NONE));
}
#endif /* !SST_ENCRYPTION */
@@ -162,11 +158,6 @@ psa_ps_status_t sst_system_prepare(void)
{
psa_ps_status_t err;
- err = sst_flash_fs_prepare();
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
-
/* Reuse the allocated g_sst_object.data to store a temporary object table
* data to be validate inside the function.
* The stored date will be cleaned up when the g_sst_object.data will
@@ -317,7 +308,7 @@ psa_ps_status_t sst_object_create(psa_ps_uid_t uid, int32_t client_id,
/* Remove new object as object table is not persistent and propagate
* object table manipulation error.
*/
- (void)sst_flash_fs_file_delete(g_obj_tbl_info.fid);
+ (void)psa_its_remove(g_obj_tbl_info.fid);
goto clear_data_and_return;
}
@@ -427,7 +418,7 @@ psa_ps_status_t sst_object_write(psa_ps_uid_t uid, int32_t client_id,
/* Remove new object as object table is not persistent and propagate
* object table manipulation error.
*/
- (void)sst_flash_fs_file_delete(g_obj_tbl_info.fid);
+ (void)psa_its_remove(g_obj_tbl_info.fid);
goto clear_data_and_return;
}
@@ -525,8 +516,6 @@ clear_data_and_return:
psa_ps_status_t sst_system_wipe_all(void)
{
- psa_ps_status_t err;
-
/* This function may get called as a corrective action
* if a system level security violation is detected.
* This could be asynchronous to normal system operation
@@ -534,15 +523,5 @@ psa_ps_status_t sst_system_wipe_all(void)
* this function doesn't block on the lock and directly
* moves to erasing the flash instead.
*/
- err = sst_flash_fs_wipe_all();
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
-
- err = sst_flash_fs_prepare();
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
-
return sst_object_table_create();
}
diff --git a/secure_fw/services/secure_storage/sst_object_table.c b/secure_fw/services/secure_storage/sst_object_table.c
index 2d07807499..2c5fff3078 100644
--- a/secure_fw/services/secure_storage/sst_object_table.c
+++ b/secure_fw/services/secure_storage/sst_object_table.c
@@ -11,13 +11,16 @@
#include "cmsis_compiler.h"
#include "crypto/sst_crypto_interface.h"
-#include "flash/sst_flash.h"
-#include "flash_fs/sst_flash_fs.h"
+#include "flash_layout.h"
#include "nv_counters/sst_nv_counters.h"
+#include "psa/internal_trusted_storage.h"
#include "tfm_memory_utils.h"
#include "sst_utils.h"
#include "tfm_sst_defs.h"
+/* FIXME: Duplicated from flash info */
+#define SST_FLASH_DEFAULT_VAL 0xFFU
+
/*!
* \def SST_OBJECT_SYSTEM_VERSION
*
@@ -51,7 +54,7 @@ struct sst_obj_table_entry_t {
*
* \brief Object table structure.
*/
-struct __attribute__((__aligned__(SST_FLASH_PROGRAM_UNIT))) sst_obj_table_t {
+struct sst_obj_table_t {
#ifdef SST_ENCRYPTION
union sst_crypto_t crypto; /*!< Crypto metadata. */
#endif
@@ -216,22 +219,26 @@ __STATIC_INLINE void sst_object_table_fs_read_table(
struct sst_obj_table_init_ctx_t *init_ctx)
{
psa_ps_status_t err;
- /* FIXME: Read table from a persistent memory (flash location or FS) */
+ size_t data_length;
/* Read file with the table 0 data */
- err = sst_flash_fs_file_read(SST_TABLE_FS_ID(SST_OBJ_TABLE_IDX_0),
- SST_OBJ_TABLE_SIZE,
- SST_OBJECT_TABLE_OBJECT_OFFSET,
- (uint8_t *)init_ctx->p_table[SST_OBJ_TABLE_IDX_0]);
+ err = psa_status_to_psa_ps_status(
+ psa_its_get(SST_TABLE_FS_ID(SST_OBJ_TABLE_IDX_0),
+ SST_OBJECT_TABLE_OBJECT_OFFSET,
+ SST_OBJ_TABLE_SIZE,
+ (void *)init_ctx->p_table[SST_OBJ_TABLE_IDX_0],
+ &data_length));
if (err != PSA_PS_SUCCESS) {
init_ctx->table_state[SST_OBJ_TABLE_IDX_0] = SST_OBJ_TABLE_INVALID;
}
/* Read file with the table 1 data */
- err = sst_flash_fs_file_read(SST_TABLE_FS_ID(SST_OBJ_TABLE_IDX_1),
- SST_OBJ_TABLE_SIZE,
- SST_OBJECT_TABLE_OBJECT_OFFSET,
- (uint8_t *)init_ctx->p_table[SST_OBJ_TABLE_IDX_1]);
+ err = psa_status_to_psa_ps_status(
+ psa_its_get(SST_TABLE_FS_ID(SST_OBJ_TABLE_IDX_1),
+ SST_OBJECT_TABLE_OBJECT_OFFSET,
+ SST_OBJ_TABLE_SIZE,
+ (void *)init_ctx->p_table[SST_OBJ_TABLE_IDX_1],
+ &data_length));
if (err != PSA_PS_SUCCESS) {
init_ctx->table_state[SST_OBJ_TABLE_IDX_1] = SST_OBJ_TABLE_INVALID;
}
@@ -253,12 +260,12 @@ __STATIC_INLINE psa_ps_status_t sst_object_table_fs_write_table(
uint32_t obj_table_id = SST_TABLE_FS_ID(sst_obj_table_ctx.scratch_table);
uint8_t swap_table_idxs = sst_obj_table_ctx.scratch_table;
-
/* Create file to store object table in the FS */
- err = sst_flash_fs_file_create(obj_table_id,
- SST_OBJ_TABLE_SIZE,
- SST_OBJ_TABLE_SIZE,
- (const uint8_t *)obj_table);
+ err = psa_status_to_psa_ps_status(psa_its_set(obj_table_id,
+ SST_OBJ_TABLE_SIZE,
+ (const void *)obj_table,
+ PSA_STORAGE_FLAG_NONE));
+
if (err != PSA_PS_SUCCESS) {
return err;
}
@@ -888,8 +895,8 @@ psa_ps_status_t sst_object_table_init(uint8_t *obj_data)
}
/* Remove the old object table file */
- err = sst_flash_fs_file_delete(SST_TABLE_FS_ID(
- sst_obj_table_ctx.scratch_table));
+ err = psa_status_to_psa_ps_status(
+ psa_its_remove(SST_TABLE_FS_ID(sst_obj_table_ctx.scratch_table)));
if (err != PSA_PS_SUCCESS && err != PSA_PS_ERROR_UID_NOT_FOUND) {
return err;
}
@@ -933,18 +940,13 @@ psa_ps_status_t sst_object_table_get_free_fid(uint32_t fid_num,
*/
fid = SST_OBJECT_FS_ID(idx);
- /* Check if there is a file in the persistent area with that ID. That
- * can happened when the system is rebooted (e.g. power cut, ...) in the
+ /* If there is a file in the persistent area with that ID then remove it.
+ * That can happen when the system is rebooted (e.g. power cut, ...) in the
* middle of a create, write or delete operation.
*/
- if (sst_flash_fs_file_exist(fid) == PSA_PS_SUCCESS) {
- /* Remove old file from the persistent area, to keep it consistent
- * with the table content.
- */
- err = sst_flash_fs_file_delete(fid);
- if (err != PSA_PS_SUCCESS) {
- return err;
- }
+ err = psa_status_to_psa_ps_status(psa_its_remove(fid));
+ if (err != PSA_PS_SUCCESS && err != PSA_PS_ERROR_UID_NOT_FOUND) {
+ return err;
}
*p_fid = fid;
@@ -1073,5 +1075,5 @@ psa_ps_status_t sst_object_table_delete_old_table(void)
{
uint32_t table_id = SST_TABLE_FS_ID(sst_obj_table_ctx.scratch_table);
- return sst_flash_fs_file_delete(table_id);
+ return psa_status_to_psa_ps_status(psa_its_remove(table_id));
}
diff --git a/secure_fw/services/secure_storage/sst_utils.c b/secure_fw/services/secure_storage/sst_utils.c
index a16ce476dc..e4099b3293 100644
--- a/secure_fw/services/secure_storage/sst_utils.c
+++ b/secure_fw/services/secure_storage/sst_utils.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2017-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -27,11 +27,24 @@ psa_ps_status_t sst_utils_check_contained_in(uint32_t superset_size,
return PSA_PS_SUCCESS;
}
-psa_ps_status_t sst_utils_validate_fid(uint32_t fid)
+psa_ps_status_t psa_status_to_psa_ps_status(psa_status_t status)
{
- if (fid == SST_INVALID_FID) {
+ switch (status) {
+ case PSA_SUCCESS:
+ return PSA_PS_SUCCESS;
+ case PSA_ERROR_NOT_PERMITTED:
+ return PSA_PS_ERROR_WRITE_ONCE;
+ case PSA_ERROR_NOT_SUPPORTED:
+ return PSA_PS_ERROR_FLAGS_NOT_SUPPORTED;
+ case PSA_ERROR_INSUFFICIENT_STORAGE:
+ return PSA_PS_ERROR_INSUFFICIENT_SPACE;
+ case PSA_ERROR_STORAGE_FAILURE:
+ return PSA_PS_ERROR_STORAGE_FAILURE;
+ case PSA_ERROR_DOES_NOT_EXIST:
return PSA_PS_ERROR_UID_NOT_FOUND;
+ case PSA_ERROR_INVALID_ARGUMENT:
+ return PSA_PS_ERROR_INVALID_ARGUMENT;
+ default:
+ return PSA_PS_ERROR_OPERATION_FAILED;
}
-
- return PSA_PS_SUCCESS;
}
diff --git a/secure_fw/services/secure_storage/sst_utils.h b/secure_fw/services/secure_storage/sst_utils.h
index 3133c19d4e..2a2f292ea9 100644
--- a/secure_fw/services/secure_storage/sst_utils.h
+++ b/secure_fw/services/secure_storage/sst_utils.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2017-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -10,7 +10,7 @@
#include <stdint.h>
-#include "flash_layout.h"
+#include "psa/error.h"
#include "psa/protected_storage.h"
#ifdef __cplusplus
@@ -20,12 +20,6 @@ extern "C" {
#define SST_INVALID_FID 0
#define SST_DEFAULT_EMPTY_BUFF_VAL 0
-/* FIXME: Support other flash program units.*/
-#if ((SST_FLASH_PROGRAM_UNIT != 1) && (SST_FLASH_PROGRAM_UNIT != 2) \
- && (SST_FLASH_PROGRAM_UNIT != 4) && (SST_FLASH_PROGRAM_UNIT != 8))
-#error "The supported SST_FLASH_PROGRAM_UNIT values are 1, 2 or 4, 8 bytes"
-#endif
-
/**
* \brief Macro to check, at compilation time, if data fits in data buffer
*
@@ -42,17 +36,6 @@ extern "C" {
typedef char err_msg[(data_size <= data_buf_size)*2 - 1]
/**
- * \brief Macro to get the number of bytes aligned with the
- * SST_FLASH_PROGRAM_UNIT.
- *
- * \param[in] nbr_bytes Number of bytes
- *
- * \return Return number of bytes aligned with SST_FLASH_PROGRAM_UNIT
- */
-#define GET_ALIGNED_FLASH_BYTES(nbr_bytes) \
- ((nbr_bytes + (SST_FLASH_PROGRAM_UNIT - 1)) & ~((SST_FLASH_PROGRAM_UNIT - 1)))
-
-/**
* \brief Checks if a subset region is fully contained within a superset region.
*
* \param[in] superset_size Size of superset region
@@ -75,13 +58,9 @@ psa_ps_status_t sst_utils_check_contained_in(uint32_t superset_size,
uint32_t subset_size);
/**
- * \brief Validates file ID
- *
- * \param[in] fid File ID
- *
- * \return Returns error code as specified in \ref psa_ps_status_t
+ * \brief Converts from psa_status_t to psa_ps_status_t
*/
-psa_ps_status_t sst_utils_validate_fid(uint32_t fid);
+psa_ps_status_t psa_status_to_psa_ps_status(psa_status_t status);
#ifdef __cplusplus
}
diff --git a/secure_fw/services/secure_storage/tfm_secure_storage.yaml b/secure_fw/services/secure_storage/tfm_secure_storage.yaml
index 804a344e08..9f117ec851 100644
--- a/secure_fw/services/secure_storage/tfm_secure_storage.yaml
+++ b/secure_fw/services/secure_storage/tfm_secure_storage.yaml
@@ -1,5 +1,5 @@
#-------------------------------------------------------------------------------
-# Copyright (c) 2018-2019, Arm Limited. All rights reserved.
+# Copyright (c) 2018-2020, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -11,7 +11,7 @@
"type": "PSA-ROT",
"priority": "NORMAL",
"entry_point": "tfm_sst_req_mngr_init",
- "stack_size": "0xA00",
+ "stack_size": "0x600",
"secure_functions": [
{
"name": "TFM_SST_SET",
@@ -86,7 +86,11 @@
}
],
"dependencies": [
- "TFM_CRYPTO"
+ "TFM_CRYPTO",
+ "TFM_ITS_SET",
+ "TFM_ITS_GET",
+ "TFM_ITS_GET_INFO",
+ "TFM_ITS_REMOVE"
],
"linker_pattern": {
"library_list": [
diff --git a/secure_fw/spm/tfm_spm_db.inc b/secure_fw/spm/tfm_spm_db.inc
index ce05fd6f0d..59f7f0e1ff 100644
--- a/secure_fw/spm/tfm_spm_db.inc
+++ b/secure_fw/spm/tfm_spm_db.inc
@@ -528,6 +528,10 @@ uint32_t *ctx_stack_list[] =
static int32_t dependencies_TFM_SP_STORAGE[] =
{
TFM_CRYPTO_SID,
+ TFM_ITS_SET_SID,
+ TFM_ITS_GET_SID,
+ TFM_ITS_GET_INFO_SID,
+ TFM_ITS_REMOVE_SID,
};
#endif /* TFM_PARTITION_SECURE_STORAGE */
@@ -584,6 +588,8 @@ static int32_t dependencies_TFM_SP_IPC_CLIENT_TEST[] =
static int32_t dependencies_TFM_SP_SST_TEST[] =
{
TFM_CRYPTO_SID,
+ TFM_ITS_GET_SID,
+ TFM_ITS_REMOVE_SID,
};
#endif /* TFM_PARTITION_TEST_SST */
@@ -636,7 +642,7 @@ const struct spm_partition_static_data_t static_data_list[] =
,
.partition_priority = TFM_PRIORITY(NORMAL),
.partition_init = tfm_sst_req_mngr_init,
- .dependencies_num = 1,
+ .dependencies_num = 5,
.p_dependencies = dependencies_TFM_SP_STORAGE,
},
#endif /* TFM_PARTITION_SECURE_STORAGE */
@@ -828,7 +834,7 @@ const struct spm_partition_static_data_t static_data_list[] =
,
.partition_priority = TFM_PRIORITY(NORMAL),
.partition_init = tfm_sst_test_init,
- .dependencies_num = 1,
+ .dependencies_num = 3,
.p_dependencies = dependencies_TFM_SP_SST_TEST,
},
#endif /* TFM_PARTITION_TEST_SST */
diff --git a/test/test_services/tfm_sst_test_service/tfm_sst_test_service.yaml b/test/test_services/tfm_sst_test_service/tfm_sst_test_service.yaml
index aa3c66c10f..5e85396609 100644
--- a/test/test_services/tfm_sst_test_service/tfm_sst_test_service.yaml
+++ b/test/test_services/tfm_sst_test_service/tfm_sst_test_service.yaml
@@ -32,6 +32,8 @@
],
"dependencies": [
"TFM_CRYPTO",
+ "TFM_ITS_GET",
+ "TFM_ITS_REMOVE"
],
"linker_pattern": {
"object_list": [