diff options
author | Manish Pandey <manish.pandey2@arm.com> | 2022-03-02 14:58:05 +0100 |
---|---|---|
committer | TrustedFirmware Code Review <review@review.trustedfirmware.org> | 2022-03-02 14:58:05 +0100 |
commit | 9edbad6e741afee5f8c7e3a0603350f3fef82575 (patch) | |
tree | 9931bfbdd3121b2bfd4eb7bed90ed58c40563e16 | |
parent | c0adf67dd803b6313a1368c1b4a0993faba2aacc (diff) | |
parent | 82bbc57e7a496c6821eb1833cc1f8ce8354b3d9b (diff) | |
download | tf-a-tests-9edbad6e741afee5f8c7e3a0603350f3fef82575.tar.gz |
Merge changes from topic "od/invalid-access-tests"
* changes:
test(tftf): prevent realm region access from nwd
test(cactus): prevent realm region access from swd
feat(fvp): enable test to access el3 memory
feat(tftf): add tests to access invalid memory
-rw-r--r-- | include/common/test_helpers.h | 9 | ||||
-rw-r--r-- | include/runtime_services/spm_common.h | 2 | ||||
-rw-r--r-- | plat/arm/fvp/include/platform_def.h | 30 | ||||
-rw-r--r-- | plat/arm/fvp/plat_setup.c | 2 | ||||
-rw-r--r-- | spm/cactus/aarch64/cactus_exceptions.S | 27 | ||||
-rw-r--r-- | spm/cactus/cactus.mk | 1 | ||||
-rw-r--r-- | spm/cactus/cactus_main.c | 7 | ||||
-rw-r--r-- | spm/cactus/cactus_tests/cactus_test_memory_sharing.c | 32 | ||||
-rw-r--r-- | tftf/tests/misc_tests/test_invalid_access.c | 173 | ||||
-rw-r--r-- | tftf/tests/runtime_services/secure_service/spm_common.c | 2 | ||||
-rw-r--r-- | tftf/tests/runtime_services/secure_service/test_ffa_exceptions.c | 107 | ||||
-rw-r--r-- | tftf/tests/tests-invalid-access.mk | 12 | ||||
-rw-r--r-- | tftf/tests/tests-invalid-access.xml | 16 | ||||
-rw-r--r-- | tftf/tests/tests-spm.mk | 6 | ||||
-rw-r--r-- | tftf/tests/tests-spm.xml | 8 | ||||
-rw-r--r-- | tftf/tests/tests-standard.mk | 1 | ||||
-rw-r--r-- | tftf/tests/tests-standard.xml | 2 |
17 files changed, 416 insertions, 21 deletions
diff --git a/include/common/test_helpers.h b/include/common/test_helpers.h index c628ee821..21c738d18 100644 --- a/include/common/test_helpers.h +++ b/include/common/test_helpers.h @@ -290,6 +290,15 @@ typedef test_result_t (*test_function_arg_t)(void *arg); } \ } while (false) +#define SKIP_TEST_IF_INVALID_ADDRESS(address) \ + do { \ + if (address == U(0xFFFFFFFF)) { \ + tftf_testcase_printf("Platform has not provided " \ + "valid address to access EL3\n"); \ + return TEST_RESULT_SKIPPED; \ + } \ + } while (false) + /* Helper macro to verify if system suspend API is supported */ #define is_psci_sys_susp_supported() \ (tftf_get_psci_feature_info(SMC_PSCI_SYSTEM_SUSPEND) \ diff --git a/include/runtime_services/spm_common.h b/include/runtime_services/spm_common.h index 398d01a4e..f187ed7d3 100644 --- a/include/runtime_services/spm_common.h +++ b/include/runtime_services/spm_common.h @@ -129,7 +129,7 @@ unsigned int get_ffa_feature_test_target(const struct ffa_features_test **test_t bool memory_retrieve(struct mailbox_buffers *mb, struct ffa_memory_region **retrieved, uint64_t handle, ffa_id_t sender, ffa_id_t receiver, - uint32_t mem_func, ffa_memory_region_flags_t flags); + ffa_memory_region_flags_t flags); /** * Helper to conduct a memory relinquish. The caller is usually the receiver, diff --git a/plat/arm/fvp/include/platform_def.h b/plat/arm/fvp/include/platform_def.h index 7fc147d4d..8555c1f37 100644 --- a/plat/arm/fvp/include/platform_def.h +++ b/plat/arm/fvp/include/platform_def.h @@ -57,6 +57,36 @@ #define NOR_FLASH_BLOCKS_COUNT 255 #define FLASH_SIZE (NOR_FLASH_BLOCK_SIZE * NOR_FLASH_BLOCKS_COUNT) +/********************************** + * Addresses to test invalid access + **********************************/ +/* + * The top 16MB (or 64MB if RME is enabled) of DRAM1 is configured as + * follows for FVP platform: + * - L1 GPT DRAM: Reserved for L1 GPT if RME is enabled + * - REALM DRAM: Reserved for Realm world if RME is enabled + * - AP TZC DRAM: The remaining TZC secured DRAM reserved for AP use + * + * RME enabled(64MB) RME not enabled(16MB) + * 0xFC00_0000 -------------------- ------------------- 0xFF00_0000 + * | | | | + * | AP Secure (~28MB)| | AP TZC (~14MB) | + * -------------------- ------------------- 0xFFE0_0000 + * | | | | + * | REALM (32MB) | | EL3 TZC (2MB) | + * -------------------- ------------------- 0xFFFF_FFFF + * | | + * 0xFFE0_0000 | EL3 Root (3MB) | + * -------------------- + * | L1 GPT (1MB) | + * | | + * 0xFFFF_FFFF -------------------- + * + * + */ +/* For both RME & non-RME case top 2MB will be EL3 memory */ +#define EL3_MEMORY_ACCESS_ADDR U(0xFFE00000) + /******************************************************************************* * Base address and size for the FIP that contains FWU images. ******************************************************************************/ diff --git a/plat/arm/fvp/plat_setup.c b/plat/arm/fvp/plat_setup.c index fa978142b..814261150 100644 --- a/plat/arm/fvp/plat_setup.c +++ b/plat/arm/fvp/plat_setup.c @@ -34,6 +34,8 @@ static const mmap_region_t mmap[] = { MAP_REGION_FLAT(FLASH_BASE, FLASH_SIZE, MT_DEVICE | MT_RW | MT_NS), #endif MAP_REGION_FLAT(DRAM_BASE, TFTF_BASE - DRAM_BASE, MT_MEMORY | MT_RW | MT_NS), + /* Not usable in tftf, Only for testing purpose */ + MAP_REGION_FLAT(EL3_MEMORY_ACCESS_ADDR, PAGE_SIZE, MT_MEMORY | MT_RW | MT_NS), {0} }; #endif /* IMAGE_NS_BL1U */ diff --git a/spm/cactus/aarch64/cactus_exceptions.S b/spm/cactus/aarch64/cactus_exceptions.S index 6aec16d3e..9b024f852 100644 --- a/spm/cactus/aarch64/cactus_exceptions.S +++ b/spm/cactus/aarch64/cactus_exceptions.S @@ -31,14 +31,16 @@ unhandled_exception serr_sp0 /* * Current EL with SPx : 0x200 - 0x400. */ -unhandled_exception sync_spx +vector_entry sync_spx + b sync_exception_vector_entry +end_vector_entry sync_spx vector_entry irq_spx - b irq_vector_entry + b interrupt_vector_entry end_vector_entry irq_spx vector_entry fiq_spx - b fiq_vector_entry + b interrupt_vector_entry end_vector_entry fiq_spx unhandled_exception serr_spx @@ -98,23 +100,30 @@ unhandled_exception serr_a32 ldp x0, x1, [sp, #0x0] .endm -func irq_vector_entry +func sync_exception_vector_entry sub sp, sp, #0x100 save_gp_regs - bl cactus_interrupt_handler - restore_gp_regs + mov x19, sp + bl tftf_sync_exception_handler + cbnz x0, 0f + mov x0, x19 + /* Save original stack pointer value on the stack */ + add x1, x0, #0x100 + str x1, [x0, #0xf8] + b print_exception +0: restore_gp_regs add sp, sp, #0x100 eret -endfunc irq_vector_entry +endfunc sync_exception_vector_entry -func fiq_vector_entry +func interrupt_vector_entry sub sp, sp, #0x100 save_gp_regs bl cactus_interrupt_handler restore_gp_regs add sp, sp, #0x100 eret -endfunc fiq_vector_entry +endfunc interrupt_vector_entry func crash_dump /* Save general-purpose registers on the stack. */ diff --git a/spm/cactus/cactus.mk b/spm/cactus/cactus.mk index 41095795e..8970b292e 100644 --- a/spm/cactus/cactus.mk +++ b/spm/cactus/cactus.mk @@ -68,6 +68,7 @@ CACTUS_SOURCES += drivers/arm/pl011/${ARCH}/pl011_console.S \ lib/smc/${ARCH}/asm_smc.S \ lib/smc/${ARCH}/smc.c \ lib/smc/${ARCH}/hvc.c \ + lib/exceptions/${ARCH}/sync.c \ lib/locks/${ARCH}/spinlock.S \ lib/utils/mp_printf.c \ ${XLAT_TABLES_LIB_SRCS} diff --git a/spm/cactus/cactus_main.c b/spm/cactus/cactus_main.c index c80abd963..58186d1d5 100644 --- a/spm/cactus/cactus_main.c +++ b/spm/cactus/cactus_main.c @@ -181,13 +181,6 @@ static void register_secondary_entrypoint(void) tftf_smc(&args); } -int tftf_irq_handler_dispatcher(void) -{ - ERROR("%s\n", __func__); - - return 0; -} - void __dead2 cactus_main(bool primary_cold_boot) { assert(IS_IN_EL1() != 0); diff --git a/spm/cactus/cactus_tests/cactus_test_memory_sharing.c b/spm/cactus/cactus_tests/cactus_test_memory_sharing.c index 69d62dd79..051208e65 100644 --- a/spm/cactus/cactus_tests/cactus_test_memory_sharing.c +++ b/spm/cactus/cactus_tests/cactus_test_memory_sharing.c @@ -14,6 +14,27 @@ #include <sp_helpers.h> #include <xlat_tables_defs.h> #include <lib/xlat_tables/xlat_tables_v2.h> +#include <sync.h> + +static volatile uint32_t data_abort_gpf_triggered; + +static bool data_abort_gpf_handler(void) +{ + uint64_t esr_el1 = read_esr_el1(); + + VERBOSE("%s count %u esr_el1 %llx elr_el1 %llx\n", + __func__, data_abort_gpf_triggered, esr_el1, + read_elr_el1()); + + /* Expect a data abort because of a GPF. */ + if ((EC_BITS(esr_el1) == EC_DABORT_CUR_EL) && + ((ISS_BITS(esr_el1) & ISS_DFSC_MASK) == DFSC_GPF_DABORT)) { + data_abort_gpf_triggered++; + return true; + } + + return false; +} /** * Each Cactus SP has a memory region dedicated to memory sharing tests @@ -51,7 +72,7 @@ CACTUS_CMD_HANDLER(mem_send_cmd, CACTUS_MEM_SEND_CMD) cactus_mem_send_get_retrv_flags(*args); uint32_t words_to_write = cactus_mem_send_words_to_write(*args); - expect(memory_retrieve(mb, &m, handle, source, vm_id, mem_func, + expect(memory_retrieve(mb, &m, handle, source, vm_id, retrv_flags), true); composite = ffa_memory_region_get_composite(m, 0); @@ -104,12 +125,17 @@ CACTUS_CMD_HANDLER(mem_send_cmd, CACTUS_MEM_SEND_CMD) } } + data_abort_gpf_triggered = 0; + register_custom_sync_exception_handler(data_abort_gpf_handler); + /* Write mem_func to retrieved memory region for validation purposes. */ VERBOSE("Writing: %x\n", mem_func); for (unsigned int i = 0U; i < words_to_write; i++) { ptr[i] = mem_func; } + unregister_custom_sync_exception_handler(); + /* * A FFA_MEM_DONATE changes the ownership of the page, as such no * relinquish is needed. @@ -120,7 +146,7 @@ CACTUS_CMD_HANDLER(mem_send_cmd, CACTUS_MEM_SEND_CMD) composite->constituents[0].page_count * PAGE_SIZE); if (ret != 0) { - ERROR("Failed first mmap_add_dynamic_region!\n"); + ERROR("Failed to unmap received memory region(%d)!\n", ret); return cactus_error_resp(vm_id, source, CACTUS_ERROR_TEST); } @@ -139,7 +165,7 @@ CACTUS_CMD_HANDLER(mem_send_cmd, CACTUS_MEM_SEND_CMD) } return cactus_success_resp(vm_id, - source, 0); + source, data_abort_gpf_triggered); } CACTUS_CMD_HANDLER(req_mem_send_cmd, CACTUS_REQ_MEM_SEND_CMD) diff --git a/tftf/tests/misc_tests/test_invalid_access.c b/tftf/tests/misc_tests/test_invalid_access.c new file mode 100644 index 000000000..2fb65421f --- /dev/null +++ b/tftf/tests/misc_tests/test_invalid_access.c @@ -0,0 +1,173 @@ +/* + * Copyright (c) 2022, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <plat/common/platform.h> + +#include <arch.h> +#include <arch_helpers.h> +#include <arch_features.h> +#include <debug.h> +#ifdef __aarch64__ +#include <sync.h> +#endif +#include <test_helpers.h> +#include <lib/aarch64/arch_features.h> +#include <runtime_services/realm_payload/realm_payload_test.h> +#include <tftf_lib.h> +#include <platform_def.h> + +/* + * Using "__aarch64__" here looks weird but its unavoidable because of following reason + * This test is part of standard test which runs on all platforms but pre-requisite + * to run this test (custom sync exception handler) is only implemented for aarch64. + * TODO: Write a framework so that tests kept in standard list can be selectively + * run on a given architecture + */ +#ifdef __aarch64__ + +#ifndef EL3_MEMORY_ACCESS_ADDR +#define EL3_MEMORY_ACCESS_ADDR U(0xFFFFFFFF) +#endif + +static volatile bool sync_exception_triggered; +static volatile bool data_abort_triggered; + +static __aligned(PAGE_SIZE) uint64_t share_page[PAGE_SIZE / sizeof(uint64_t)]; + +static bool data_abort_handler(void) +{ + uint64_t esr_elx = IS_IN_EL2() ? read_esr_el2() : read_esr_el1(); + unsigned int rme_supported = get_armv9_2_feat_rme_support(); + + sync_exception_triggered = true; + + VERBOSE("%s esr_elx %llx\n", __func__, esr_elx); + + if (EC_BITS(esr_elx) == EC_DABORT_CUR_EL) { + if (rme_supported == 0) { + /* Synchronous external data abort triggered by trustzone controller */ + if ((ISS_BITS(esr_elx) & ISS_DFSC_MASK) == DFSC_EXT_DABORT) { + VERBOSE("%s TZC Data Abort caught\n", __func__); + data_abort_triggered = true; + return true; + } + } else { + /* Synchronous data abort triggered by Granule protection */ + if ((ISS_BITS(esr_elx) & ISS_DFSC_MASK) == DFSC_GPF_DABORT) { + VERBOSE("%s GPF Data Abort caught\n", __func__); + data_abort_triggered = true; + return true; + } + } + } + + return false; +} + +test_result_t access_el3_memory_from_ns(void) +{ + const uintptr_t test_address = EL3_MEMORY_ACCESS_ADDR; + + SKIP_TEST_IF_INVALID_ADDRESS(test_address); + + VERBOSE("Attempt to access el3 memory (0x%lx)\n", test_address); + + data_abort_triggered = false; + register_custom_sync_exception_handler(data_abort_handler); + dsbsy(); + + *((volatile uint64_t *)test_address); + + dsbsy(); + unregister_custom_sync_exception_handler(); + + if (sync_exception_triggered == false) { + tftf_testcase_printf("No sync exception while accessing (0x%lx)\n", test_address); + return TEST_RESULT_SKIPPED; + } + + if (data_abort_triggered == false) { + tftf_testcase_printf("Sync exception is not data abort\n"); + return TEST_RESULT_FAIL; + } + + return TEST_RESULT_SUCCESS; +} + +/** + * @Test_Aim@ Check a realm region cannot be accessed from normal world. + * + * This test delegates a TFTF allocated buffer to Realm. It then attempts + * a read access to the region from normal world. This results in the PE + * triggering a GPF caught by a custom synchronous abort handler. + * + */ +test_result_t rl_memory_cannot_be_accessed_in_ns(void) +{ + test_result_t result = TEST_RESULT_FAIL; + u_register_t retmm; + + if (get_armv9_2_feat_rme_support() == 0U) { + return TEST_RESULT_SKIPPED; + } + + sync_exception_triggered = false; + data_abort_triggered = false; + register_custom_sync_exception_handler(data_abort_handler); + + /* First read access to the test region must not fail. */ + *((volatile uint64_t *)share_page); + + if ((sync_exception_triggered != false) || + (data_abort_triggered != false)) { + goto out_unregister; + } + + /* Delegate the shared page to Realm. */ + retmm = realm_granule_delegate((u_register_t)&share_page); + if (retmm != 0UL) { + ERROR("Granule delegate failed!\n"); + goto out_unregister; + } + + /* This access shall trigger a GPF. */ + *((volatile uint64_t *)share_page); + + if ((sync_exception_triggered != true) || + (data_abort_triggered != true)) { + goto out_undelegate; + } + + result = TEST_RESULT_SUCCESS; + +out_undelegate: + /* Undelegate the shared page. */ + retmm = realm_granule_undelegate((u_register_t)&share_page); + if (retmm != 0UL) { + ERROR("Granule undelegate failed!\n"); + } + +out_unregister: + unregister_custom_sync_exception_handler(); + + return result; +} + +#else + +test_result_t access_el3_memory_from_ns(void) +{ + tftf_testcase_printf("Test not ported to AArch32\n"); + return TEST_RESULT_SKIPPED; +} + +test_result_t rl_memory_cannot_be_accessed_in_ns(void) +{ + tftf_testcase_printf("Test not ported to AArch32\n"); + return TEST_RESULT_SKIPPED; +} + +#endif /* __aarch64__ */ diff --git a/tftf/tests/runtime_services/secure_service/spm_common.c b/tftf/tests/runtime_services/secure_service/spm_common.c index aa1d2eddc..fa4d1bc64 100644 --- a/tftf/tests/runtime_services/secure_service/spm_common.c +++ b/tftf/tests/runtime_services/secure_service/spm_common.c @@ -351,7 +351,7 @@ unsigned int get_ffa_feature_test_target( bool memory_retrieve(struct mailbox_buffers *mb, struct ffa_memory_region **retrieved, uint64_t handle, ffa_id_t sender, ffa_id_t receiver, - uint32_t mem_func, ffa_memory_region_flags_t flags) + ffa_memory_region_flags_t flags) { smc_ret_values ret; uint32_t fragment_size; diff --git a/tftf/tests/runtime_services/secure_service/test_ffa_exceptions.c b/tftf/tests/runtime_services/secure_service/test_ffa_exceptions.c new file mode 100644 index 000000000..f68a5278c --- /dev/null +++ b/tftf/tests/runtime_services/secure_service/test_ffa_exceptions.c @@ -0,0 +1,107 @@ +/* + * Copyright (c) 2022, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <arch_helpers.h> +#include <cactus_test_cmds.h> +#include <debug.h> +#include <ffa_endpoints.h> +#include <ffa_svc.h> +#include <irq.h> +#include <platform.h> +#include <runtime_services/realm_payload/realm_payload_test.h> +#include <smccc.h> +#include <spm_common.h> +#include <test_helpers.h> + +#define SENDER HYP_ID +#define RECEIVER SP_ID(1) + +static __aligned(PAGE_SIZE) uint64_t share_page[PAGE_SIZE / sizeof(uint64_t)]; + +static const struct ffa_uuid expected_sp_uuids[] = { + {PRIMARY_UUID}, {SECONDARY_UUID}, {TERTIARY_UUID} +}; + +/** + * @Test_Aim@ Check a realm region cannot be accessed from a secure partition. + * + * This test shares a TFTF allocated buffer with a secure partition through + * FF-A memory sharing operation. The buffer is initially marked NS in the GPT + * and transitioned to realm after sharing. Then, the SP is invoked to retrieve + * the region (map it to its S2 translation regime), and maps it to its secure + * S1 translation regime. It then attempts a read access which results in the + * PE triggering a GPF caught by a custom synchronous abort handler. + * + */ +test_result_t rl_memory_cannot_be_accessed_in_s(void) +{ + struct ffa_memory_region_constituent constituents[] = { + { + (void *)share_page, 1, 0 + } + }; + const uint32_t constituents_count = sizeof(constituents) / + sizeof(struct ffa_memory_region_constituent); + ffa_memory_handle_t handle; + struct mailbox_buffers mb; + smc_ret_values ret; + u_register_t retmm; + + if (get_armv9_2_feat_rme_support() == 0U) { + return TEST_RESULT_SKIPPED; + } + + CHECK_SPMC_TESTING_SETUP(1, 1, expected_sp_uuids); + + GET_TFTF_MAILBOX(mb); + + handle = memory_init_and_send((struct ffa_memory_region *)mb.send, + PAGE_SIZE, SENDER, RECEIVER, + constituents, constituents_count, + FFA_MEM_SHARE_SMC32, &ret); + + if (handle == FFA_MEMORY_HANDLE_INVALID) { + return TEST_RESULT_FAIL; + } + + VERBOSE("TFTF - Handle: %llx Address: %p\n", + handle, constituents[0].address); + + /* Delegate the shared page to Realm. */ + retmm = realm_granule_delegate((u_register_t)&share_page); + if (retmm != 0UL) { + ERROR("Granule delegate failed!\n"); + return TEST_RESULT_FAIL; + } + + /* Retrieve the shared page and attempt accessing it. */ + ret = cactus_mem_send_cmd(SENDER, RECEIVER, FFA_MEM_SHARE_SMC32, + handle, 0, 1); + + /* Undelegate the shared page. */ + retmm = realm_granule_undelegate((u_register_t)&share_page); + if (retmm != 0UL) { + ERROR("Granule undelegate failed!\n"); + return TEST_RESULT_FAIL; + } + + if (is_ffa_call_error(ffa_mem_reclaim(handle, 0))) { + ERROR("Memory reclaim failed!\n"); + return TEST_RESULT_FAIL; + } + + /* + * Expect success response with value 1 hinting an exception + * triggered while the SP accessed the region. + */ + if (!(cactus_get_response(ret) == CACTUS_SUCCESS && + cactus_error_code(ret) == 1)) { + ERROR("Exceptions test failed!\n"); + return TEST_RESULT_FAIL; + } + + return TEST_RESULT_SUCCESS; +} diff --git a/tftf/tests/tests-invalid-access.mk b/tftf/tests/tests-invalid-access.mk new file mode 100644 index 000000000..f4d23a53b --- /dev/null +++ b/tftf/tests/tests-invalid-access.mk @@ -0,0 +1,12 @@ +# +# Copyright (c) 2022, Arm Limited. All rights reserved. +# +# SPDX-License-Identifier: BSD-3-Clause +# + +TESTS_SOURCES += tftf/tests/misc_tests/test_invalid_access.c + +TESTS_SOURCES += \ + $(addprefix tftf/tests/runtime_services/realm_payload/, \ + realm_payload_test_helpers.c \ + ) diff --git a/tftf/tests/tests-invalid-access.xml b/tftf/tests/tests-invalid-access.xml new file mode 100644 index 000000000..96b924081 --- /dev/null +++ b/tftf/tests/tests-invalid-access.xml @@ -0,0 +1,16 @@ +<?xml version="1.0" encoding="utf-8"?> + +<!-- + Copyright (c) 2022, Arm Limited. All rights reserved. + + SPDX-License-Identifier: BSD-3-Clause +--> + +<testsuites> + <testsuite name="Invalid memory access" description="Invalid memory access"> + <testcase name="Access EL3 memory from NS world" + function="access_el3_memory_from_ns" /> + <testcase name="Access Realm memory from NS world" + function="rl_memory_cannot_be_accessed_in_ns" /> + </testsuite> +</testsuites> diff --git a/tftf/tests/tests-spm.mk b/tftf/tests/tests-spm.mk index 79cfb6178..941758c35 100644 --- a/tftf/tests/tests-spm.mk +++ b/tftf/tests/tests-spm.mk @@ -16,4 +16,10 @@ TESTS_SOURCES += \ test_ffa_notifications.c \ test_spm_cpu_features.c \ test_spm_smmu.c \ + test_ffa_exceptions.c \ + ) + +TESTS_SOURCES += \ + $(addprefix tftf/tests/runtime_services/realm_payload/, \ + realm_payload_test_helpers.c \ ) diff --git a/tftf/tests/tests-spm.xml b/tftf/tests/tests-spm.xml index cc79ea0b5..9a78c8ac4 100644 --- a/tftf/tests/tests-spm.xml +++ b/tftf/tests/tests-spm.xml @@ -44,6 +44,14 @@ function="test_ffa_partition_info" /> </testsuite> + <testsuite name="SP exceptions" + description="SP exceptions" > + + <testcase name="Access from a SP to a Realm region" + function="rl_memory_cannot_be_accessed_in_s" /> + + </testsuite> + <testsuite name="FF-A Direct messaging" description="Test FF-A Direct messaging" > diff --git a/tftf/tests/tests-standard.mk b/tftf/tests/tests-standard.mk index a72207722..fac3fd902 100644 --- a/tftf/tests/tests-standard.mk +++ b/tftf/tests/tests-standard.mk @@ -24,6 +24,7 @@ TESTS_MAKEFILE := $(addprefix tftf/tests/, \ tests-uncontainable.mk \ tests-debugfs.mk \ tests-realm-payload.mk \ + tests-invalid-access.mk \ ) include ${TESTS_MAKEFILE} diff --git a/tftf/tests/tests-standard.xml b/tftf/tests/tests-standard.xml index 384a5f4e0..1e8ed2762 100644 --- a/tftf/tests/tests-standard.xml +++ b/tftf/tests/tests-standard.xml @@ -25,6 +25,7 @@ <!ENTITY tests-pmu-leakage SYSTEM "tests-pmu-leakage.xml"> <!ENTITY tests-debugfs SYSTEM "tests-debugfs.xml"> <!ENTITY tests-realm-payload SYSTEM "tests-realm-payload.xml"> + <!ENTITY tests-invalid-access SYSTEM "tests-invalid-access.xml"> ]> <testsuites> @@ -45,5 +46,6 @@ &tests-pmu-leakage; &tests-debugfs; &tests-realm-payload; + &tests-invalid-access; </testsuites> |