diff options
author | Edison Ai <edison.ai@arm.com> | 2019-11-13 09:37:12 +0800 |
---|---|---|
committer | Ken Liu <ken.liu@arm.com> | 2019-12-06 06:56:15 +0000 |
commit | e728fbfc2767c226c90876ab8ad26830af9578cc (patch) | |
tree | fac6f496a0aee10d69327f1812304dcb03bee125 | |
parent | 776606676af9114c632b70e71796bd8acadd6361 (diff) | |
download | trusted-firmware-m-e728fbfc2767c226c90876ab8ad26830af9578cc.tar.gz |
Core: Add dependency support
According to PSA FF, if access between a client Secure Partition and an
RoT Service is not specified in the manifest, then the client is not
allowed to connect to the RoT Service.
Change-Id: Iae45242a143981658e3fd73576b5a8f7f054a7bd
Signed-off-by: Edison Ai <edison.ai@arm.com>
-rw-r--r-- | secure_fw/core/ipc/tfm_psa_client_call.c | 24 | ||||
-rw-r--r-- | secure_fw/services/initial_attestation/tfm_initial_attestation.yaml | 3 | ||||
-rw-r--r-- | secure_fw/services/secure_storage/tfm_secure_storage.yaml | 3 | ||||
-rw-r--r-- | secure_fw/spm/spm_api.h | 15 | ||||
-rw-r--r-- | secure_fw/spm/spm_api_ipc.c | 32 | ||||
-rw-r--r-- | secure_fw/spm/spm_db.h | 2 | ||||
-rw-r--r-- | secure_fw/spm/tfm_spm_db.inc | 86 | ||||
-rw-r--r-- | secure_fw/spm/tfm_spm_db.inc.template | 27 | ||||
-rw-r--r-- | test/test_services/tfm_core_test/tfm_test_core.yaml | 5 | ||||
-rw-r--r-- | test/test_services/tfm_ipc_client/tfm_ipc_client_partition.yaml | 6 | ||||
-rw-r--r-- | test/test_services/tfm_secure_client_service/tfm_test_client_service.yaml | 16 | ||||
-rw-r--r-- | test/test_services/tfm_sst_test_service/tfm_sst_test_service.yaml | 3 |
12 files changed, 210 insertions, 12 deletions
diff --git a/secure_fw/core/ipc/tfm_psa_client_call.c b/secure_fw/core/ipc/tfm_psa_client_call.c index 40ba17e572..f6d2f712c6 100644 --- a/secure_fw/core/ipc/tfm_psa_client_call.c +++ b/secure_fw/core/ipc/tfm_psa_client_call.c @@ -36,11 +36,11 @@ uint32_t tfm_psa_version(uint32_t sid, int32_t ns_caller) } /* - * It should return PSA_VERSION_NONE if the caller is not authorized - * to access the RoT Service. + * It is a fatal error if the caller is not authorized to access the RoT + * Service. */ - if (ns_caller && !service->service_db->non_secure_client) { - return PSA_VERSION_NONE; + if (tfm_spm_check_authorization(sid, service, ns_caller) != IPC_SUCCESS) { + tfm_panic(); } return service->service_db->version; @@ -67,6 +67,14 @@ psa_status_t tfm_psa_connect(uint32_t sid, uint32_t version, } /* + * It is a fatal error if the caller is not authorized to access the RoT + * Service. + */ + if (tfm_spm_check_authorization(sid, service, ns_caller) != IPC_SUCCESS) { + tfm_panic(); + } + + /* * Create connection handle here since it is possible to return the error * code to client when creation fails. */ @@ -76,14 +84,6 @@ psa_status_t tfm_psa_connect(uint32_t sid, uint32_t version, } /* - * It is a fatal error if the caller is not authorized to access the RoT - * Service. - */ - if (ns_caller && !service->service_db->non_secure_client) { - tfm_panic(); - } - - /* * It is a fatal error if the version of the RoT Service requested is not * supported on the platform. */ diff --git a/secure_fw/services/initial_attestation/tfm_initial_attestation.yaml b/secure_fw/services/initial_attestation/tfm_initial_attestation.yaml index 2e790aaf19..015e75fed3 100644 --- a/secure_fw/services/initial_attestation/tfm_initial_attestation.yaml +++ b/secure_fw/services/initial_attestation/tfm_initial_attestation.yaml @@ -66,5 +66,8 @@ "version": 1, "version_policy": "STRICT" } + ], + "dependencies": [ + "TFM_CRYPTO" ] } diff --git a/secure_fw/services/secure_storage/tfm_secure_storage.yaml b/secure_fw/services/secure_storage/tfm_secure_storage.yaml index 74e46fa67e..e7c8a42a83 100644 --- a/secure_fw/services/secure_storage/tfm_secure_storage.yaml +++ b/secure_fw/services/secure_storage/tfm_secure_storage.yaml @@ -86,6 +86,9 @@ "version_policy": "STRICT" } ], + "dependencies": [ + "TFM_CRYPTO" + ], "linker_pattern": { "library_list": [ "*tfm_storage*" diff --git a/secure_fw/spm/spm_api.h b/secure_fw/spm/spm_api.h index 35be8c2ce8..9d748bc95f 100644 --- a/secure_fw/spm/spm_api.h +++ b/secure_fw/spm/spm_api.h @@ -628,6 +628,21 @@ int32_t tfm_spm_check_client_version(struct tfm_spm_service_t *service, uint32_t version); /** + * \brief Check the client access authorization + * + * \param[in] sid Target RoT Service identity + * \param[in] service Target service context pointer, which can be get + * by partition management functions + * \param[in] ns_caller Whether from NS caller + * + * \retval IPC_SUCCESS Success + * \retval IPC_ERROR_GENERIC Authorization check failed + */ +int32_t tfm_spm_check_authorization(uint32_t sid, + struct tfm_spm_service_t *service, + int32_t ns_caller); + +/** * \brief Check the memory reference is valid. * * \param[in] buffer Pointer of memory reference diff --git a/secure_fw/spm/spm_api_ipc.c b/secure_fw/spm/spm_api_ipc.c index 4933e97f65..6eed0c0d18 100644 --- a/secure_fw/spm/spm_api_ipc.c +++ b/secure_fw/spm/spm_api_ipc.c @@ -262,6 +262,38 @@ int32_t tfm_spm_check_client_version(struct tfm_spm_service_t *service, return IPC_SUCCESS; } +int32_t tfm_spm_check_authorization(uint32_t sid, + struct tfm_spm_service_t *service, + int32_t ns_caller) +{ + struct spm_partition_desc_t *partition = NULL; + int32_t i; + + TFM_ASSERT(service); + + if (ns_caller) { + if (!service->service_db->non_secure_client) { + return IPC_ERROR_GENERIC; + } + } else { + partition = tfm_spm_get_running_partition(); + if (!partition) { + tfm_panic(); + } + + for (i = 0; i < partition->static_data->dependencies_num; i++) { + if (partition->static_data->p_dependencies[i] == sid) { + break; + } + } + + if (i == partition->static_data->dependencies_num) { + return IPC_ERROR_GENERIC; + } + } + return IPC_SUCCESS; +} + /* Message functions */ struct tfm_msg_body_t *tfm_spm_get_msg_from_handle(psa_handle_t msg_handle) { diff --git a/secure_fw/spm/spm_db.h b/secure_fw/spm/spm_db.h index c5869fc679..593a180365 100644 --- a/secure_fw/spm/spm_db.h +++ b/secure_fw/spm/spm_db.h @@ -41,6 +41,8 @@ struct spm_partition_static_data_t { uint32_t partition_flags; uint32_t partition_priority; sp_entry_point partition_init; + uint32_t dependencies_num; + int32_t *p_dependencies; }; /** diff --git a/secure_fw/spm/tfm_spm_db.inc b/secure_fw/spm/tfm_spm_db.inc index a8549677c5..28f0e1af8f 100644 --- a/secure_fw/spm/tfm_spm_db.inc +++ b/secure_fw/spm/tfm_spm_db.inc @@ -11,6 +11,7 @@ #define __TFM_SPM_DB_INC__ #include "spm_api.h" +#include "psa_manifest/sid.h" /**************************************************************************/ /** IRQ count per partition */ @@ -448,6 +449,65 @@ uint32_t *ctx_stack_list[] = #endif /* !defined(TFM_PSA_API) */ /**************************************************************************/ +/** Dependencies array for Secure Partition */ +/**************************************************************************/ +static int32_t dependencies_TFM_SP_STORAGE[] = +{ + TFM_CRYPTO_SID, +}; + +static int32_t dependencies_TFM_SP_INITIAL_ATTESTATION[] = +{ + TFM_CRYPTO_SID, +}; + +#ifdef TFM_PARTITION_TEST_CORE +static int32_t dependencies_TFM_SP_CORE_TEST[] = +{ + SPM_CORE_TEST_2_INVERT_SID, + SPM_CORE_TEST_2_GET_EVERY_SECOND_BYTE_SID, + SPM_CORE_TEST_2_SLAVE_SERVICE_SID, +}; +#endif /* TFM_PARTITION_TEST_CORE */ + +#ifdef TFM_PARTITION_TEST_SECURE_SERVICES +static int32_t dependencies_TFM_SP_SECURE_TEST_PARTITION[] = +{ + TFM_CRYPTO_SID, + TFM_SST_SET_SID, + TFM_SST_GET_SID, + TFM_SST_GET_INFO_SID, + TFM_SST_REMOVE_SID, + TFM_SST_GET_SUPPORT_SID, + TFM_ITS_SET_SID, + TFM_ITS_GET_SID, + TFM_ITS_GET_INFO_SID, + TFM_ITS_REMOVE_SID, + TFM_ATTEST_GET_TOKEN_SID, + TFM_ATTEST_GET_TOKEN_SIZE_SID, + TFM_ATTEST_GET_PUBLIC_KEY_SID, + TFM_SST_TEST_PREPARE_SID, +}; +#endif /* TFM_PARTITION_TEST_SECURE_SERVICES */ + +#ifdef TFM_PARTITION_TEST_CORE_IPC +static int32_t dependencies_TFM_SP_IPC_CLIENT_TEST[] = +{ + IPC_SERVICE_TEST_PSA_ACCESS_APP_READ_ONLY_MEM_SID, + IPC_SERVICE_TEST_PSA_ACCESS_APP_MEM_SID, + IPC_SERVICE_TEST_BASIC_SID, + IPC_SERVICE_TEST_APP_ACCESS_PSA_MEM_SID, +}; +#endif /* TFM_PARTITION_TEST_CORE_IPC */ + +#ifdef TFM_PARTITION_TEST_SST +static int32_t dependencies_TFM_SP_SST_TEST[] = +{ + TFM_CRYPTO_SID, +}; +#endif /* TFM_PARTITION_TEST_SST */ + +/**************************************************************************/ /** The static data of the partition list */ /**************************************************************************/ const struct spm_partition_static_data_t static_data_list[] = @@ -487,6 +547,8 @@ const struct spm_partition_static_data_t static_data_list[] = , .partition_priority = TFM_PRIORITY(NORMAL), .partition_init = tfm_sst_req_mngr_init, + .dependencies_num = 1, + .p_dependencies = dependencies_TFM_SP_STORAGE, }, { @@ -499,6 +561,8 @@ const struct spm_partition_static_data_t static_data_list[] = , .partition_priority = TFM_PRIORITY(NORMAL), .partition_init = tfm_its_req_mngr_init, + .dependencies_num = 0, + .p_dependencies = NULL, }, #ifdef TFM_PARTITION_AUDIT_LOG @@ -512,6 +576,8 @@ const struct spm_partition_static_data_t static_data_list[] = , .partition_priority = TFM_PRIORITY(NORMAL), .partition_init = audit_core_init, + .dependencies_num = 0, + .p_dependencies = NULL, }, #endif /* TFM_PARTITION_AUDIT_LOG */ @@ -525,6 +591,8 @@ const struct spm_partition_static_data_t static_data_list[] = , .partition_priority = TFM_PRIORITY(NORMAL), .partition_init = tfm_crypto_init, + .dependencies_num = 0, + .p_dependencies = NULL, }, #ifdef TFM_PARTITION_PLATFORM @@ -538,6 +606,8 @@ const struct spm_partition_static_data_t static_data_list[] = , .partition_priority = TFM_PRIORITY(NORMAL), .partition_init = platform_sp_init, + .dependencies_num = 0, + .p_dependencies = NULL, }, #endif /* TFM_PARTITION_PLATFORM */ @@ -551,6 +621,8 @@ const struct spm_partition_static_data_t static_data_list[] = , .partition_priority = TFM_PRIORITY(NORMAL), .partition_init = attest_partition_init, + .dependencies_num = 1, + .p_dependencies = dependencies_TFM_SP_INITIAL_ATTESTATION, }, #ifdef TFM_PARTITION_TEST_CORE @@ -564,6 +636,8 @@ const struct spm_partition_static_data_t static_data_list[] = , .partition_priority = TFM_PRIORITY(NORMAL), .partition_init = core_test_init, + .dependencies_num = 3, + .p_dependencies = dependencies_TFM_SP_CORE_TEST, }, #endif /* TFM_PARTITION_TEST_CORE */ @@ -578,6 +652,8 @@ const struct spm_partition_static_data_t static_data_list[] = , .partition_priority = TFM_PRIORITY(NORMAL), .partition_init = core_test_2_init, + .dependencies_num = 0, + .p_dependencies = NULL, }, #endif /* TFM_PARTITION_TEST_CORE */ @@ -592,6 +668,8 @@ const struct spm_partition_static_data_t static_data_list[] = , .partition_priority = TFM_PRIORITY(NORMAL), .partition_init = tfm_secure_client_service_init, + .dependencies_num = 14, + .p_dependencies = dependencies_TFM_SP_SECURE_TEST_PARTITION, }, #endif /* TFM_PARTITION_TEST_SECURE_SERVICES */ @@ -606,6 +684,8 @@ const struct spm_partition_static_data_t static_data_list[] = , .partition_priority = TFM_PRIORITY(HIGH), .partition_init = ipc_service_test_main, + .dependencies_num = 0, + .p_dependencies = NULL, }, #endif /* TFM_PARTITION_TEST_CORE_IPC */ @@ -620,6 +700,8 @@ const struct spm_partition_static_data_t static_data_list[] = , .partition_priority = TFM_PRIORITY(NORMAL), .partition_init = ipc_client_test_main, + .dependencies_num = 4, + .p_dependencies = dependencies_TFM_SP_IPC_CLIENT_TEST, }, #endif /* TFM_PARTITION_TEST_CORE_IPC */ @@ -634,6 +716,8 @@ const struct spm_partition_static_data_t static_data_list[] = , .partition_priority = TFM_PRIORITY(NORMAL), .partition_init = tfm_irq_test_1_init, + .dependencies_num = 0, + .p_dependencies = NULL, }, #endif /* TFM_ENABLE_IRQ_TEST */ @@ -648,6 +732,8 @@ const struct spm_partition_static_data_t static_data_list[] = , .partition_priority = TFM_PRIORITY(NORMAL), .partition_init = tfm_sst_test_init, + .dependencies_num = 1, + .p_dependencies = dependencies_TFM_SP_SST_TEST, }, #endif /* TFM_PARTITION_TEST_SST */ diff --git a/secure_fw/spm/tfm_spm_db.inc.template b/secure_fw/spm/tfm_spm_db.inc.template index 5e12dd0b64..5e84b5dd09 100644 --- a/secure_fw/spm/tfm_spm_db.inc.template +++ b/secure_fw/spm/tfm_spm_db.inc.template @@ -11,6 +11,7 @@ #define __TFM_SPM_DB_INC__ #include "spm_api.h" +#include "psa_manifest/sid.h" /**************************************************************************/ /** IRQ count per partition */ @@ -126,6 +127,26 @@ uint32_t *ctx_stack_list[] = #endif /* !defined(TFM_PSA_API) */ /**************************************************************************/ +/** Dependencies array for Secure Partition */ +/**************************************************************************/ +{% for manifest in manifests %} + {% if manifest.manifest.dependencies %} + {% if manifest.attr.conditional %} +#ifdef {{manifest.attr.conditional}} + {% endif %} +static int32_t dependencies_{{manifest.manifest.name}}[] = +{ + {% for dependence in manifest.manifest.dependencies %} + {{dependence}}_SID, + {% endfor %} +}; + {% if manifest.attr.conditional %} +#endif /* {{manifest.attr.conditional}} */ + {% endif %} + + {% endif %} +{% endfor %} +/**************************************************************************/ /** The static data of the partition list */ /**************************************************************************/ const struct spm_partition_static_data_t static_data_list[] = @@ -183,6 +204,12 @@ const struct spm_partition_static_data_t static_data_list[] = , .partition_priority = TFM_PRIORITY({{manifest.manifest.priority}}), .partition_init = {{manifest.manifest.entry_point}}, + .dependencies_num = {{manifest.manifest.dependencies | length()}}, + {% if manifest.manifest.dependencies %} + .p_dependencies = dependencies_{{manifest.manifest.name}}, + {% else %} + .p_dependencies = NULL, + {% endif %} {{'},'}} {% if manifest.attr.conditional %} #endif /* {{manifest.attr.conditional}} */ diff --git a/test/test_services/tfm_core_test/tfm_test_core.yaml b/test/test_services/tfm_core_test/tfm_test_core.yaml index b198a63a51..d6ccdcf50e 100644 --- a/test/test_services/tfm_core_test/tfm_test_core.yaml +++ b/test/test_services/tfm_core_test/tfm_test_core.yaml @@ -132,5 +132,10 @@ "version": 1, "version_policy": "STRICT" } + ], + "dependencies": [ + "SPM_CORE_TEST_2_INVERT", + "SPM_CORE_TEST_2_GET_EVERY_SECOND_BYTE", + "SPM_CORE_TEST_2_SLAVE_SERVICE" ] } diff --git a/test/test_services/tfm_ipc_client/tfm_ipc_client_partition.yaml b/test/test_services/tfm_ipc_client/tfm_ipc_client_partition.yaml index 916072134d..d5de667ff7 100644 --- a/test/test_services/tfm_ipc_client/tfm_ipc_client_partition.yaml +++ b/test/test_services/tfm_ipc_client/tfm_ipc_client_partition.yaml @@ -52,6 +52,12 @@ "version_policy": "STRICT" } ], + "dependencies": [ + "IPC_SERVICE_TEST_PSA_ACCESS_APP_READ_ONLY_MEM", + "IPC_SERVICE_TEST_PSA_ACCESS_APP_MEM", + "IPC_SERVICE_TEST_BASIC", + "IPC_SERVICE_TEST_APP_ACCESS_PSA_MEM" + ], "linker_pattern": { "object_list": [ "*ipc_client_test.*" diff --git a/test/test_services/tfm_secure_client_service/tfm_test_client_service.yaml b/test/test_services/tfm_secure_client_service/tfm_test_client_service.yaml index 80159bd060..fe135667dc 100644 --- a/test/test_services/tfm_secure_client_service/tfm_test_client_service.yaml +++ b/test/test_services/tfm_secure_client_service/tfm_test_client_service.yaml @@ -37,6 +37,22 @@ "version_policy": "STRICT" } ], + "dependencies": [ + "TFM_CRYPTO", + "TFM_SST_SET", + "TFM_SST_GET", + "TFM_SST_GET_INFO", + "TFM_SST_REMOVE", + "TFM_SST_GET_SUPPORT", + "TFM_ITS_SET", + "TFM_ITS_GET", + "TFM_ITS_GET_INFO", + "TFM_ITS_REMOVE", + "TFM_ATTEST_GET_TOKEN", + "TFM_ATTEST_GET_TOKEN_SIZE", + "TFM_ATTEST_GET_PUBLIC_KEY", + "TFM_SST_TEST_PREPARE" + ], # Currently there is no platform dependent section of the manifest file, # therefore all platform dependent files must be listed here which can be used # on any supported platform. diff --git a/test/test_services/tfm_sst_test_service/tfm_sst_test_service.yaml b/test/test_services/tfm_sst_test_service/tfm_sst_test_service.yaml index b69d0c6645..de3a67cc8f 100644 --- a/test/test_services/tfm_sst_test_service/tfm_sst_test_service.yaml +++ b/test/test_services/tfm_sst_test_service/tfm_sst_test_service.yaml @@ -31,6 +31,9 @@ "version_policy": "STRICT" } ], + "dependencies": [ + "TFM_CRYPTO", + ], "linker_pattern": { "object_list": [ "*tfm_sst_test_service.*", |