aboutsummaryrefslogtreecommitdiff
path: root/tftf/tests/runtime_services/secure_service/test_ffa_memory_sharing.c
AgeCommit message (Collapse)Author
2024-02-06refactor: cactus to handle expect exceptionJ-Alves
In the test 'rl_memory_cannot_be_accessed_in_s', tftf shares memory to the SP that it changed to realm PAS. The access from the SP should result in an exception. Cactus receives an indication it should expect an exception on memory access via the arguments of the 'cactus_mem_send_cmd' request. This is used to avoid the reads to check memory, which could return in an error response, which would make the test falsely fail. Signed-off-by: J-Alves <joao.alves@arm.com> Change-Id: Ie220d4bab04c052a73e8b04c8667c9973b95a9e0
2024-02-06test(memory share): memory contents checksJ-Alves
In RME enabled systems, the memory is expected to be scrubbed on PAS updates from S to NS. As well, it is likely that the memory addresses are shadowed, and the contents are not visible accross updates from the different address spaces. As such, the SP shall not rely on memory content to be in any form. FFA_MEM_LEND/FFA_MEM_DONATE are thus considered for memory allocation purposes. This patch changes the memory sharing tests, to cater for the correct assumptions. Signed-off-by: J-Alves <joao.alves@arm.com> Change-Id: I78ed47df789dda1d695e2e52b0df8c28b12658da
2024-02-06refactor(spm): clean-up after failed memory shareJ-Alves
Clean-up after failed memory share test, to allow for subsequent tests to still provide meaningful test results. Signed-off-by: J-Alves <joao.alves@arm.com> Change-Id: Ic763fb64c0948c19e6b7d7f99119b20cc05fc83b
2024-02-06test(spm): lend/donate realm memoryJ-Alves
Validate if memory gets delegated to a realm PAS, it can't be used in FF-A memory lend/donate from NS to SWd. Signed-off-by: J-Alves <joao.alves@arm.com> Change-Id: I16c9b7193b4ae8f56b1182e3b28d13a742bfcd4e
2024-02-06test(spm): use all constituents of memory shareJ-Alves
On memory sharing operation use all the constituents within the composite. Extended memory lend operation test to include multiple scattered pages to make sure the update to security state is happening to all memory regions. Signed-off-by: J-Alves <joao.alves@arm.com> Change-Id: I2179df12ca63636bdb6489eea77e809422f95430
2024-02-06test(spm): validate GPC with memory sharingJ-Alves
Validate during the lend/donate with the SWd, when RME is in the platform of test, if the NWd attempts to access the memory it will trigger a fault due to Granule Protection Checks (GPC). Signed-off-by: J-Alves <joao.alves@arm.com> Change-Id: Ibab25e7e56abaa28ae077d8b8c2c7cd377ccf515
2024-01-23feat(memory share): verify receiversJ-Alves
Added functions to validate the receivers list in the hypervisor retrieve request tests. Leverage them to validate receivers list. Signed-off-by: J-Alves <joao.alves@arm.com> Change-Id: I705f3ca9f0e540dce60f660ebf996f2462a51e3c
2024-01-22feat(ff-a): update FF-A version for memory sharing testsDaniel Boulby
Signed-off-by: Daniel Boulby <daniel.boulby@arm.com> Change-Id: I647ad7d5cac7942dd24f5c5cc339943225821be8
2024-01-11test(memory share): fragmented hypervisor retrieve requestKarl Meakin
Checks that the hypervisor retrieve request from section 17.4.3 of FF-A v1.2 REL0 is supported, when the request does not fit in a single fragment. Change-Id: I34c24251e2ed131758ce692dc538de704746e488 Signed-off-by: Karl Meakin <karl.meakin@arm.com>
2024-01-11feat(memory share): support sending fragmented messages.Karl Meakin
Updates `memory_init_and_send` to allow sending memory share messages across multiple fragments. Tests for this functionality will be added in the next commit. Change-Id: I6a47735415a8fed1d15322499f1d08cc3e1fd6a2 Signed-off-by: Karl Meakin <karl.meakin@arm.com>
2024-01-11test(memory share): multiple receiver hypervisor retrieve requestKarl Meakin
Checks that the hypervisor retrieve request from section 17.4.3 of FF-A v1.2 REL0 is supported, when specifying multiple recievers. Change-Id: I55e9f25aedaa408ab015115d5bab72bf17b22d25 Signed-off-by: Karl Meakin <karl.meakin@arm.com>
2024-01-11feat(memory share): send multiple receiver regionsKarl Meakin
Updates `memory_init_and_send` to allow passing more than one receiver. Tests for this functionality will be added in the next commit. Change-Id: I51d92d74f64bfebfa3d49ff6d5066050087b44ef Signed-off-by: Karl Meakin <karl.meakin@arm.com>
2024-01-11test(memory share): hypervisor retrieve requestKarl Meakin
Checks that the hypervisor retrieve request from section 17.4.3 of FF-A v1.2 REL0 is supported. Specifically, the tests: 1. Sends a FFA_MEM_SHARE/FFA_MEM_LEND/FFA_MEM_DONATE message from the tftf target to the SPMC. 2. Sends a hypervisor retrieve request from the tftf target to the SPMC. 3. Verify the contents of the FFA_MEM_RETRIEVE_RESP message against the previously sent message. 4. Invoke reclaim interface for SPMC to free memory owned by the handle. Change-Id: If27d8d5b515c5e468977ed4f5f4ddeb86e44c5df Signed-off-by: Karl Meakin <karl.meakin@arm.com>
2023-10-16test(spm): clear memory flag with two constituentsJ-Alves
Add another constituent to the test using the clear memory flags on retrieve request. This is relevant as there was a bug in the SPM implemention that was not clearing correctly multiple constituents in a fragment. Signed-off-by: J-Alves <joao.alves@arm.com> Change-Id: I17cf3f32b111771ca913e84e3e10e5b6f669933e
2023-10-16fix(memory share): reclaim and check memoryJ-Alves
If the test relates with FFA_MEM_DONATE do not reclaim or check memory. The memory is owned by the receiver, and is not accessible to sender. If operation is lend/share, TFTF should reclaim memory contents first, and then validate that the SP's access to memory. This is to avoid fault on lend, as lender doesn't have access to memory until after the reclaim. Change-Id: I548b5cf2ac5c2774123f438a02565723470b4d85 Signed-off-by: J-Alves <joao.alves@arm.com>
2023-10-13feat(cactus): use security state attributeJ-Alves
Cactus uses security attribute from memory transaction descriptor in the shared memory related tests. Change-Id: I7c4f3ef2c72e36236d23e5a061e27a2ea60fa2d6 Signed-off-by: J-Alves <joao.alves@arm.com>
2023-07-31fix(spm): stop spm from being built for in aarch32Daniel Boulby
Hafnium does not support Aarch32 therefore we do not want to build in this case. Move spm related test helpers into their own file and add FF-A tests to the aarch32_tests_to_skip.txt file Signed-off-by: Daniel Boulby <daniel.boulby@arm.com> Change-Id: Ic5a83ddf4aae2b7dd4b1c30e4cc76b0447e5b405
2023-04-26test(memory sharing): donate consecutively same memoryJ-Alves
TFTF attempts to donate the same memory address consecutively. The added test validates that such attempt fails, from NWd targetting the SP receiver to the first donate, as well as another SP. Signed-off-by: J-Alves <joao.alves@arm.com> Change-Id: Iee55ebea54beab2499b38372aa2579024237da5f
2023-04-26refactor(memory sharing): helper functionsJ-Alves
Refactor the memory sharing tests helper functions, to reuse them in the test of subsequent patches. Functions do not use hard-coded memory address and borrower in the memory share operation. Instead, these are provided in the arguments to the referred functions. Change-Id: I1fda810e3acde23e33b5bbe06cbbbc0c652eed97 Signed-off-by: J-Alves <joao.alves@arm.com>
2023-04-26test(spm): validate NWd can't share forbidden addressesJ-Alves
Validate that the NWd can't share memory addresses that are owned by SPMC, or the SPs. Such scenario could be used to circumvent SPM enforced sandboxing of each SP. Signed-off-by: J-Alves <joao.alves@arm.com> Change-Id: I43abffc0122183222d701c2a44cc806ca620b1ca
2023-04-14chore: reorder logs in the memory sharing testsJ-Alves
Reorder the logs in memory sharing tests for clarity. Signed-off-by: J-Alves <joao.alves@arm.com> Change-Id: I718024dea191346eacc4ebc0a64e0396b001d63f
2023-04-13feat(ff-a): memory share bump to v1.1 EAC0J-Alves
Hafnium was updated to match FF-A v1.1 EAC0 [1]. This is the equivalent change for FF-A memory sharing tests. [1] https://review.trustedfirmware.org/c/hafnium/hafnium/+/15012 Signed-off-by: J-Alves <joao.alves@arm.com> Change-Id: Ibf39ac35e1c7e336843be848fb389401dd792516
2022-07-04fix(memory share): memory type not specified for mem lendJ-Alves
Update memory share tests to match [1] in Hafnium. The memory attributes are not to be specified by the sender for memory lend or donate operations. [1] https://review.trustedfirmware.org/c/hafnium/hafnium/+/15514/4 Signed-off-by: J-Alves <joao.alves@arm.com> Change-Id: Ieed108ad3cfc8f0335ca6f0d7477a9766d8a40d5
2022-06-15Merge "fix: NS buffer (48b PA) memory sharing between SPs"Madhukar Pappireddy
2022-06-09fix: NS buffer (48b PA) memory sharing between SPsOlivier Deprez
Fix [1] by increasing cactus number of xlat tables. This permits running the SP SP mem sharing of a buffer located at a high physical PA region. Test config [2] provides the model parameters to configurare the PE, interconnect and SMMU to handle 48b physical address size. [1] https://review.trustedfirmware.org/c/TF-A/tf-a-tests/+/13599 [2] https://review.trustedfirmware.org/c/ci/tf-a-ci-scripts/+/15445 Signed-off-by: Olivier Deprez <olivier.deprez@arm.com> Change-Id: Ia290f15a6d30c898a5219d2bc1c3949b6ae7e7ef
2022-05-19test(spm): use ffa_helpers for ivy partitionDaniel Boulby
Allow the ivy partition to use the ffa_helpers functions. To achieve this we create a common struct for ff-a calls that is used for both parameters and returns, this aligns with the Hafnium implementation. We can then use preprocessor macros to pick either SMC or SVC as the conduit depending on the exception level the SP is running at. Change-Id: Ic9525baabcf40d15545b6f6d504cf954373f08f9 Signed-off-by: Daniel Boulby <daniel.boulby@arm.com>
2022-03-25test(cactus): add test for NS memory sharing between SPsFederico Recanati
Define a new shared memory region in 48-bit address range (configured as NS in the TZC) in cactus-tertiary's manifest. Since SPs can share either secure or non-secure memory, propagate the security information in the relevant cactus commands: CACTUS_REQ_MEM_SEND_CMD and CACTUS_MEM_SEND_CMD. Change-Id: I10af24c96ff8fc0d13c80a52b0264a1482a5cf56 Signed-off-by: Federico Recanati <federico.recanati@arm.com>
2022-02-09test(ff-a): clear memory for mem share between NWd and SWdJ-Alves
Add test to validate that memory is cleared on memory sharing operations between the SWd and NWd. Signed-off-by: J-Alves <joao.alves@arm.com> Change-Id: Ia1ac0f2a542b7498ac2ef6910d3af4bdb2f7755b
2022-02-09feat(cactus): memory sharing flags in test commandsJ-Alves
Extend the test command CACTUS_MEM_SEND_CMD: - To include the flags for the retriever to use in transaction descriptor to the FFA_MEM_RETRIEVE_REQ. - Number of words cactus should write to the shared page after retrieving it. - Check if memory has been cleared after mapping to cactus address space if clear memory flag was propagated in the command arguments. Signed-off-by: J-Alves <joao.alves@arm.com> Change-Id: I825b0f766bd7132a3488cdd17d83fce85adf4a5a
2022-01-14test(ff-a): test SP to NS-endpoint mem lend/shareMaksims Svecovs
Memory sharing/lending from SP to NS-endpoint is not allowed. Checks that the said operations are denied by SPMC. Signed-off-by: Maksims Svecovs <maksims.svecovs@arm.com> Change-Id: I86f3bd637711735b40de9a169e2b3c934d32f1be
2022-01-14refactor(ff-a): mem share helper change to test error returnsMaksims Svecovs
In order to test FF-A memory sharing operations in faulty cases we need to be able to get the details of smc call failure in tftf and cactus. Passes smc_ret_value in the relevant memory management test helpers. Signed-off-by: Maksims Svecovs <maksims.svecovs@arm.com> Change-Id: I81059b77cbb01fe9427905adbe262ba8d0670cee
2021-05-04Change the name of type ffa_vm_id_tDaniel Boulby
The type ffa_vm_id_t is used for all ffa_id variables not just ones specific to vms so remove this element from the name to make it simple ffa_id_t Signed-off-by: Daniel Boulby <daniel.boulby@arm.com> Change-Id: I29d751880c29b0a401cbc698f856c3651cc02789
2021-03-12SPM: Helpers for error logging after FF-A callsJ-Alves
Signed-off-by: J-Alves <joao.alves@arm.com> Change-Id: I7c4cb416baf6eb024eb134edb4bbb62d8746629f
2021-03-12SPM: Tidying FF-A Memory Sharing testsJ-Alves
Moving code about memory sharing tests to comply with recent changes: - Placed helper functions that can be used by TFTF and Cactus in files spm_common.c/h. - Removed 'ffa_memory_sharing_test' and added its body to handler of test command CACTUS_MEM_SEND_CMD. Signed-off-by: J-Alves <joao.alves@arm.com> Change-Id: I58af9b475730d171306581741becbb0665e1859d
2021-03-11FF-A: Check FF-A return is a valid direct responseJ-Alves
Added a helper function to check if return of FFA_MSG_SEND_DIRECT_REQ is FFA_MSG_SEND_DIRECT_RESP. This is intended to make it easier to maintain cactus test commands framework. Signed-off-by: J-Alves <joao.alves@arm.com> Change-Id: Ia43e88908aa3cbdd529a8835bffe43dee3e04a76
2021-03-03FF-A: Accessors for arguments from FF-A callsJ-Alves
Defined some accessors for arguments from FF-A calls, namely for func id, error code, and direct message destination/source. This should help make consistent how they were being handled, enforcing also adequate type checking. Replace the accesses to those FF-A arguments with respective wrapper calls. Change-Id: I99d8e77f3b24728c30eafa3e76a830246790ec5f Signed-off-by: J-Alves <joao.alves@arm.com>
2021-02-10[SPM] tidying common code to tftf and cactusMax Shvetsov
This patch moves the code used to test SPM functionality, not explicitly described in FF-A specification, from ffa_helpers to spm_common which is built for both tftf and cactus. Signed-off-by: Max Shvetsov <maksims.svecovs@arm.com> Change-Id: I461efad977cc4d02701feea7b2215a61453716ef
2021-02-04Merge "Nit: Change name from helper function and macro"Olivier Deprez
2021-01-21Nit: Change name from helper function and macroJ-Alves
Removed reference to Hafnium in name from helper function and macro to make them generic. Signed-off-by: J-Alves <joao.alves@arm.com> Change-Id: I5bdba013b3a0478dc1ef9058e71747480ba5ff1d
2021-01-21Cactus: refactor of cactus_test_cmds.hJ-Alves
Change from macros to static inline functions, to enforce type checking. Signed-off-by: J-Alves <joao.alves@arm.com> Change-Id: I2cbaf99683ca5b2a5689256240894ed05d99e0d8
2021-01-20Cactus: cmd for mem share testsJ-Alves
Previously there was no cmd id for the mem share tests in 'cactus_test_cmds.h', the func id was being reused. For consistency added the cmd id 'CACTUS_MEM_SEND_CMD'. Signed-off-by: J-Alves <joao.alves@arm.com> Change-Id: Ia2cee00d444d2b753855f2323578df0f9bcf4fb2
2021-01-20TFTF: tests to request SP-to-SP memory shareJ-Alves
Signed-off-by: J-Alves <joao.alves@arm.com> Change-Id: I06cd2aedf48232dff4c530f1930297f2d962b3f3
2021-01-20TFTF: Refactor FF-A memory sharing testsJ-Alves
- Created helper functions to initialize ffa_memory_region and to send the respective memory region to the SP, making it possible to reuse the logic in SP-to-SP memory share tests. - Added comments to document relevant aspects about memory sharing. Signed-off-by: J-Alves <joao.alves@arm.com> Change-Id: Id3c6db092d5b5eeed746a5fae30b8c853876fc53
2020-12-15TFTF: helpers for SPM testsJ-Alves
Added functions and macros to help check at the beginning of the test, that system is as expected for SPM tests in which Hafnium is deployed as SPMC. This includes: - Checking SPMC has expected FFA_VERSION; - Checking that expected FF-A endpoints are deployed in the system; - Getting global TFTF mailbox. Signed-off-by: J-Alves <joao.alves@arm.com> Change-Id: I9195bcff8ed93156e838b192bb70a9634e18fbbf
2020-12-10SPM: RXTX map test on TFTFJ-Alves
Some FF-A interfaces use RXTX buffers to exchange information with SPMC. To avoid repetition of RXTX mapping across the spm-related tests, and prevent allocation of multiple pages for RXTX buffers within TFTF runtime: - Implemented test helpers that hold address of RXTX buffers; - Implemented test to FFA_RXTX_MAP ABI, that also sets value of RXTX buffers; - Cleaned up memory sharing tests that previously implemented RXTX mapping. Signed-off-by: J-Alves <joao.alves@arm.com> Change-Id: I4a67982d3d185bf83809156e4fce03c6edb967d9
2020-10-29TFTF: tests for FF-A memory sharing operationsJ-Alves
Test FF-A memory sharing interfaces between tftf and cactus secure partitions. Signed-off-by: J-Alves <joao.alves@arm.com> Change-Id: I837e44ab2cb10b42af23afbc9a94c726b4af7b64