aboutsummaryrefslogtreecommitdiff
path: root/test
AgeCommit message (Collapse)Author
2020-06-23Test: Remove warning when testing persistent storageJamie Fox
Removes the warning that is displayed when the storage tests are run with persistent storage, rather than the RAM FS. Testing with persistent storage can be desirable, and wearing out the flash may not be a concern for a given device. The RAM FS configuration is still displayed at build time, so the test-runner may make their own conclusions. Change-Id: I6b9d5ce354cc6ddfd681e9387cdb852a5705f861 Signed-off-by: Jamie Fox <jamie.fox@arm.com>
2020-06-23Test: Warn when a write-once UID already existsJamie Fox
Changes the storage tests to print a warning, but not fail the test, when the UID that is created with the PSA_STORAGE_FLAG_WRITE_ONCE flag already exists in storage. This makes it possible to run the storage tests multiple times with persistent storage without having failing tests. This is more desirable than automatically wiping the storage before every test run, as it provides proper test coverage for initialisation with an existing filesystem. Change-Id: Ia25384b6a1bb7fc0c718752b9a1ce409f1969507 Signed-off-by: Jamie Fox <jamie.fox@arm.com>
2020-06-22Test: Add key derivation test case in Crypto testDavid Hu
Add key derivation test cases in both secure and non-secure test suites. Add a common key derivation test function to support all the test cases. Change-Id: I3fd2c1e8bc3ed0a48bf0eb10253524aa4df6378a Signed-off-by: David Hu <david.hu@arm.com>
2020-06-22Test: Enhance the test suites of symmetric Initial AttestationDavid Hu
Add test cases to perform minimal tests in test suites of symmetric key algorithms based Initial Attestation both in NS and S side. Add the expected token array of minimal tests for symmetric based Initial Attestation. Also add negative test cases. Improve the buffer_too_small_test() a little and include it in the negative test cases instead of a full-size token generation test, to minimize the memory footprint of tests. Change-Id: I0c4f8958081498f1fbab91220981877fc2f5abbc Signed-off-by: David Hu <david.hu@arm.com>
2020-06-22Attest: Enable Short Circuit option in symmetric Initial AttestationDavid Hu
Set up t_cose Short Circuit tagging flag if the associated flag is set in Initial Attestation service. Change-Id: I257fbad06f5feb396c43ffd7f838c33127116cd3 Signed-off-by: David Hu <david.hu@arm.com>
2020-06-22Test: Add test of symmetric Initial AttestationDavid Hu
Add test cases in secure side and non-secure side respectively to test symmetric key algorithm based Initial Attestation. Enable Initial Attestation and symmetric key algorithm based Initial Attestation in TF-M Profile Small Regression test config. Change-Id: I74cd79712bd6dc679dcdbb49d1ffe02320cb0e13 Signed-off-by: David Hu <david.hu@arm.com>
2020-06-22Test: Enable symmetric Initial Attestation decodingDavid Hu
Enable the token decoding process in symmetric key algorithm based Initial Attestation for test. In build type Debug, the symmetric IAK handle is fetched to verify the tag of the generated token, in secure side. Change-Id: I8e3175e5e3586ad80940d5ee9338f9dfc568a1b7 Signed-off-by: David Hu <david.hu@arm.com>
2020-06-22Build: Skip T_COSE test cases when ENABLE_T_COSE_TESTS is OFFDavid Hu
T_COSE test files are always built even if ENABLE_T_COSE_TESTS is set to OFF. Since test cases for COSE_Mac0 are not implemented, T_COSE test build will fail for symmetric key algorithm based Initial Attestation. Disable the ENABLE_T_COSE_TESTS if SERVICES_TEST_ENABLED is OFF. Skip T_COSE test cases when ENABLE_T_COSE_TESTS is OFF as a workaround of build failure with symmetric key algorithm based Initial Attestation. Change-Id: If9f58900b95113c642b0c32204135b14e438f42f Signed-off-by: David Hu <david.hu@arm.com>
2020-06-19Core: Move spm header files to 'spm' folderMingyang Sun
- Move 'spm_xxx.h' to 'spm' folder, they should belong to 'spm'. - Fix and simplify inclusion of header file. - Fix format and typo error. Change-Id: I129c6626ddffbbdba0e7edc27e9307f0d6ea9b79 Signed-off-by: Mingyang Sun <mingyang.sun@arm.com>
2020-06-16test: core: Remove unneeded #include <platform_irq.h>Øyvind Rønningstad
It's not used, and interferes when a platform doesn't have this file. Change-Id: Icbffa7e912f297cbeaf4d1edfbd20fdf96efcacd Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
2020-06-12SST: Rename SST(Secure STorage) to PS(Protected Storage)Kevin Peng
This patches renames SST(Secure STorage) to PS(Protected Storage) for files, folders and any contents in files to align with the PSA Storage API spec. Change-Id: Icf991f59512875780c159f22737b521b3b2d4924 Signed-off-by: Kevin Peng <kevin.peng@arm.com>
2020-06-11Test: Modify IRQ test flow for toolMate Toth-Pal
Modify the flow of the IRQ test case so it can be executed with the IRQ testing tool. Change-Id: Ibc646baf2b979a0c054cc969b5a061e3c0e79081 Signed-off-by: Mate Toth-Pal <mate.toth-pal@arm.com>
2020-06-11Platform: Add FVP_SSE300_MPS2 targetMark Horvath
Add support for FVP_SSE300_MPS2 platform Change-Id: Ieddb5adbdc0cc47690bbe0b3dfbaf39d005d03ea Signed-off-by: Mark Horvath <mark.horvath@arm.com> Signed-off-by: Marton Berke <marton.berke@arm.com>
2020-06-08Service: Update the include statementsMingyang Sun
Change the absolute including into relative including for partition service sources. Change-Id: I1cc2057e5965046242a9b70e01e937243cacfc7e Signed-off-by: Mingyang Sun <mingyang.sun@arm.com>
2020-06-04Test: Add attestation claim value check switchBalint Matyi
Control checking for hard-coded claim values in the attestation suite by introducing the 'ATTEST_CLAIM_VALUE_CHECK' flag. When set to 'ON', the test will check if the claim values match the constant values found in 'platform/ext/common/template/attest_hal.c'. Signed-off-by: Balint Matyi <Balint.Matyi@arm.com> Change-Id: I22ab1471609d6b931deaf97f31cb3a0dcd83fda0
2020-06-03Build: Follow the 'source_structure.rst'Ken Liu
This is the first patch to follow the first commit of source structure document. The items under the 'secure_fw' folder are re-organized: - Create/Move some folders/files to follow document. - Rename some folders to foll, for example, 'secure_fw/services' to 'secure_fw/partitions'. - Update affected files to make it work. This is a big change, to make the structure meet the basic shape of the structure document defined, and make it easier to be understood for users. Staging changes are not applicable so they are combined into one - and because it is not the final shape yet, so: - Upcoming updates on the 'secure_fw' folder would follow up soon. - Fine-tune about the 'source_structure.rst' would come, too. Change-Id: I5c11175e0a4579cd9b42d3e3519dbffb87334d0b Signed-off-by: Ken Liu <ken.liu@arm.com>
2020-05-29Test: Add test cases for AEAD with truncated authentication tagDavid Hu
Add Crypto test cases to verify AEAD interface with truncated authentication tag. Change-Id: Ied34592ed2ca1f23480720a15f0a178b691236c4 Signed-off-by: David Hu <david.hu@arm.com>
2020-05-29Test: Skip T_COSE and QCBOR test if initial attestation is disabledDavid Hu
If initial attestation service is disabled, set ENABLE_QCBOR_TESTS and ENABLE_T_COSE_TESTS to false, to skip T_COSE and QCBOR library tests. Change-Id: I16622a22ff55cf928be5d9204d06861732896055 Signed-off-by: David Hu <david.hu@arm.com>
2020-05-29Test: Make common Crypto test cases more generalDavid Hu
Profile Small may only enable AES mode. Remove the hard-coded CBC mode setting in common Crypto test cases. Instead, enable those common test cases to test with the AES mode selected in Profile Small. Change-Id: I83d47e3bb705378b3369149031b4a466b8688f12 Signed-off-by: David Hu <david.hu@arm.com>
2020-05-29Test: Add config flags to control build of Crypto test casesDavid Hu
Add several configuration flags to control the build of Crypto test cases. TF-M Profiles can skip Crypto test cases in which the algorithms are not supported. Common Crypto tests will be optimized in further patches. Change-Id: I48f7609858f65d321767af9a95a8894929f32e9f Signed-off-by: David Hu <david.hu@arm.com>
2020-05-14Test: Verify Client-ID range in attest tokenBalint Matyi
Test if the client is S or NS by the DOMAIN_NS macro and based on this, verify the Client-ID range. Signed-off-by: Balint Matyi <Balint.Matyi@arm.com> Change-Id: Ic23cc06477d945aa29aa415de399218336a1e99d
2020-05-11Test: Revert b3b01ccDavid Hu
Hotfix to revert b3b01cc. Commit b3b01cc broke dual-cpu system build. It requires more time to debug. Revert it for now. Change-Id: I0ca2f0952044f7fbb3df00b9a646c73ef5942138 Signed-off-by: David Hu <david.hu@arm.com>
2020-05-08Test: Verify Client-ID range in attest tokenBalint Matyi
Test if the client is S or NS by the ARM_FEATURE_CMSE macro and based on this, verify the Client-ID range. Change-Id: I32baaf1cdc7927f47d423ada4dc3ea77d670057e Signed-off-by: Balint Matyi <Balint.Matyi@arm.com>
2020-05-04Platform: Added a Non-Volatile counters serviceGalanakis, Minos
This patch introduces a new platform service exposing the non-volatile counters. Secure partitions can use this secure API to access the initialisation, increment and read operations on the nv counters, by setting "TFM_SP_PLATFORM_NV_COUNTER" as a dependency. Change-Id: Ia564e24417dfd9bb95cc61634dbbea17caa5974c Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2020-04-23Build: Major warnings cleanupTTornblom
This is a major type-mismatch cleanup and warnings elimination. The IAR toolchain runs with more warnings enabled than ARMCLANG or GNUARM, which has resulted in this effort. This should make it easier to enable "pedantic" mode also for GNUARM. There are still a few warnings about jumping past variable initialization and falling off the end of non-void functions, but there are comments in some of these parts that implies that this is done to catch programming errors, like having case labels for all possible enum values. Reordered initializer in tfm_attestation_req_mngr.c to eliminate CI warning. Disabled "Pe940" warnings in CommonConfig.cmake to suppress warnings about inline assembly functions declared to return value that doesn't declare a return value in the __ASM() statement. Disabled "Pe546" warnings to supress warnings about jumping over unused initializers. Fixed what appears to be a copy/paste bug in tfm_ss_core_test.c. Removed unused variable "ret" in Driver_PPC.c for AN519 and AN521, to make it similar to AN524. Signed-off-by: TTornblom <thomas.tornblom@iar.com> Change-Id: I2b729c73e4b004cff6b0530cc1350fcf900e4272
2020-04-21Build: Minor refine for build configurationsKevin Peng
The patch includes 3 refines: 1. Removes deprecated TFM_LEGACY_API config 2. CORE_TEST_POSITIVE tests can be enabled only in TFM isolation level 1. The check is currently done in the non_secure_suites.c. This patch moves the check from source file to CMake file to align with the other test suites. 3. Removes extra #if check for audit log test suite in source code. The check has been done in CMake Change-Id: I1b28f5f5139a0ff762f73334aadd38a931440b29 Signed-off-by: Kevin Peng <kevin.peng@arm.com>
2020-04-20Core: Remove memory permission check APIJamie Fox
Removes the tfm_core_memory_permission_check() API and all uses of it. This API is no longer required as all necessary memory permission checks are performed by the SPM on the iovec parameters before control reaches the secure partition. Change-Id: I6489328f508d0405272b598500a04d4336c8d2b3 Signed-off-by: Jamie Fox <jamie.fox@arm.com>
2020-04-20Test: Add crypto test for persistent key APIsJamie Fox
Change-Id: I8898049fa3308ab107aab0914179d687d43fd5e0 Signed-off-by: Jamie Fox <jamie.fox@arm.com>
2020-04-20Build: Update to IAR supportTTornblom
Cleaned up #ifdef in secure_fw/services/tfm_spm_db.inc.template Moved "signals" member to front of spm_partition_runtime_data_t. The suggestion to move the aggregate types to the front turned out to be hard to make work for both PSA and non-PSA configs. Moved REGION_DECLARE macros to new include file, platform/include/region.h. Cleaned up type cast in core_test_api.c Change-Id: I5dce1e7c019d4d7e4c14dc79be5ee2b855ad4f9e Signed-off-by: Thomas Tornblom <thomas.tornblom@iar.com>
2020-04-13Test: Fix map_t_cose_errors()Chris Brand
C arrays start from index 0, so the correct test for "does this entry exist?" is "< size" (or ">= size"). Also the mapping array t_cose_verify_error_map was missing values for a number of enumerals from enum attest_token_err_t, one of which was in the middle, meaning that the remaining entries were all in the wrong places. Replace the difficult-to-maintain array with a switch statement. Change-Id: I24a62c732848c23e6b30a8e21bb9c05e8c5e023f Signed-off-by: Chris Brand <chris.brand@cypress.com>
2020-04-03Attest: fix typo - ATTEST_TOKEN_ERR_CBOR_TYPEAlamy Liu
Change-Id: I540cf98000d771d539e0db82c09da457709186c7 Signed-off-by: Alamy Liu <alamy.liu@cypress.com>
2020-04-03Build: Only pass -mcmse switch for secure compilesMate Toth-Pal
Don't define the C macro __ARM_FEATURE_CMSE at all, as that is done by the compiler by passing the -mcmse (or equivalent) switch to the compiler command. Also don't pass command line switch -mcmse to compiler in case of NS build. Change-Id: If9ab8e879b81b63b97c6785320225537004b35b1 Signed-off-by: Mate Toth-Pal <mate.toth-pal@arm.com>
2020-03-12Crypto: Disable SHA-1 by defaultJamie Fox
SHA-1 is considered to a weak message digest, so this patch changes it to disabled by default. Makes corresponding updates to the tests. Change-Id: Idfb7f1b33d46b9ba553a327e4ed83320e728870b Signed-off-by: Jamie Fox <jamie.fox@arm.com>
2020-02-24Crypto: Align to Mbed Crypto 3.0.1Antonio de Angelis
This patch upgrades the Crypto service to be able to use Mbed Crypto 3.0.1: - Updates the PSA crypto headers to latest available in mbed-crypto - Updates the service implementation - Updates the test suites where needed - Updates the SST and Attestation interfaces towards cryptographic functionalities - Updates documentation to reflect updated requirements, and changes in the integration guide This patch migrates the use of psa_asymmetric_sign() and psa_asymmetric_verify() to the non-deprecated versions of the API psa_sign_hash() and psa_verify_hash(). Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com> Change-Id: I7d8275def2336c1b5cfb8847b2842c305cfab116
2020-02-20Tools: Add linker_pattern support to manifest list fileJaykumar Pitambarbhai Patel
This change allows the PSA test suite partition manifest parsing without any error for undefined linker_pattern in manifest file as the linker_pattern support is now added to manifest list file. And move linker_pattern field from manifest to manifest_list file for the existing SP manifest files. Signed-off-by: Jaykumar Pitambarbhai Patel <jay08ec71@yahoo.com> Change-Id: I85bb540feb100e494287cb845084b0026b04ace4
2020-02-20Test: Heavy test case for multi-core multiple outstanding NS PSA client callDavid Hu
Add a heavyweight test case for multiple outstanding NS PSA client calls feature on multi-core topology. The heavyweight test case creates multiple threads to call Internal Trusted Storage service to write, read-back and remove assets. Change-Id: Ic1e81dd3774e2731ff81c4e79359708a67ee4ad7 Signed-off-by: David Hu <david.hu@arm.com>
2020-02-20Dualcpu: Add NS mailbox statistics functionalitiesDavid Hu
Add statistics module in NS mailbox. It records the number of mailbox message submission and the total number of occupied NS mailbox queue slots each time NS task acquires a mailbox queue slot. NS tests can call tfm_ns_mailbox_stats_avg_slots() to calculate the average number of occupied NS mailbox queue slots each time NS task acquires a mailbox queue slot. It can prove the feature of multiple outstanding NS PSA Client calls feature in dual-core mailbox. Change-Id: Icd9553996c516901f6b3fc7d68b4c4d0f0f0a5da Signed-off-by: David Hu <david.hu@arm.com>
2020-02-20Test: Light test for multi-core multiple outstanding NS PSA Client callsDavid Hu
Create multiple threads in NS test to send PSA client call to lightweight SPE secure services simultaneously. Each child thread in NS test loops several rounds of psa_connect(), psa_call() and psa_close(), which are sent to multi-core test specific secure services. Add two multi-core topology specific lightweight test secure services to handle the PSA client calls from NS child threads. Each just returns the number of PSA client calls. Change-Id: Id235a3a32ef126d35903fb7ec1ee70120bfbb040 Signed-off-by: David Hu <david.hu@arm.com>
2020-02-20Test: Add NS test interface of multi-core topologyDavid Hu
Add Non-secure test interface of multi-core topology. Add a dummy non-secure test case. Change-Id: Ie51fa92e4ed2ec034d886b3fc5a0fabdce80fa94 Signed-off-by: David Hu <david.hu@arm.com>
2020-02-20Test: Add a Secure Partition for multi-core testDavid Hu
Add a Secure Partition for multi-core topology specific tests. Add a dummy service and corresponding signal. Update the manifest files. Change-Id: Id0d9530d54afab76053bd74989f88902bfbbdd9b Signed-off-by: David Hu <david.hu@arm.com>
2020-02-19SST: Implement PSA Protected Storage 1.0Galanakis, Minos
Refactors SST to implement PSA Protected Storage version 1.0. Change-Id: I967375e98799a465069525f203881f5331d6d84a Signed-off-by: Galanakis, Minos <minos.galanakis@arm.com>
2020-02-19Attest: Align interface to PSA API 1.0Raef Coles
Change the arguments to psa_initial_attest_get_token and psa_initial_attest_get_token_size as per the PSA 1.0 spec. Update documentation for new function signature. Change-Id: Ied6a0bea9ab4a404c147db286584a0873f1a3bf3 Signed-off-by: Raef Coles <raef.coles@arm.com>
2020-02-19Attest: Introduce PSA error codesRaef Coles
This change addresses the compliance with PSA initial attestation API 1.0.0 version. It replaces the existing psa_attest_err_t enum values with the error codes that are detailed in the interface/include/psa/error.h file. Change-Id: I1795331e7081589371c82f0e56655db6a543edd3 Signed-off-by: Sverteczky, Marcell <marcell.sverteczky@arm.com> Signed-off-by: Raef Coles <raef.coles@arm.com>
2020-02-11Test: Update test framework APIDevaraj Ranganna
Currently the test framework which executes test suites doesn't return anything. Therefore it is not possible for application layer to know the status of test cases. This is change is intended to export the test case pass/fail status to application layer and beyond (if any test framework is used by Non-secure side). Change-Id: I67e6305a7e0947583bc5af88e909d4d22a9d7270 Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
2020-02-07SST: Use ITS as the backend of SSTTudorCretu
This patch updates the SST service to call ITS as its backend. Also updates ITS to maintain a second filesystem context for SST, using the external flash device instead of the internal one. Change-Id: I83027aa859b369e6d7d8e085518e2b068e2f9eac Co-authored-by: Jamie Fox <jamie.fox@arm.com> Signed-off-by: Tudor Cretu <tudor.cretu@arm.com> Signed-off-by: Jamie Fox <jamie.fox@arm.com>
2020-02-05QCBOR: Quiet static analyzers; add bigfloat support; documentation improvementsLaurence Lundblade
Refined use of types, particular integer types and their signedness so there are fewer warnings from static analyzers. Added casts to make implicit type conversions explicit and more clear for code reader. No actual bugs or vulnerabilities where found by the static analyzer but a lot of lines were changed. Cleaner handling of too-long bstr and tstr error condition when decoding. Add support for bigfloats and decimal fractions -- all of RFC 7049 is now supported except duplicate detection when decoding maps and some of strict mode. Dead-stripping and/or linking through a .a file will automatically leave out the added code on the encoder side. bytes or so of code on the decode side Documentation corrections and improved code formatting, fewer long lines, spelling... A lot of lines where change for this. Repair a few tests that weren't testing what they were supposed to be testing. Change-Id: I4c9c56c1ee16812eac7a5c2f2ba0d896f3f1b5ae Signed-off-by: Laurence Lundblade <lgl@securitytheory.com>
2020-02-05Test: Increase secure test service stack sizeTamas Ban
Increase the stack size with 0x80 bytes because the updated version of QCBOR consume a slightly more stack. Change-Id: I5680a2af86d848bea0e248399da7649cb0c372e3 Signed-off-by: Tamas Ban <tamas.ban@arm.com>
2020-01-31Attest: Fix static code analyser issuesTamas Ban
Fix the following type of issues: - Dead code - Unused function - Uninitialized variable - Parameter type mismatch Change-Id: Ib4f8fa7c9037a8d55279154f875d0ec7f5a3c177 Signed-off-by: Tamas Ban <tamas.ban@arm.com>
2020-01-27Adjust partition stack sizeKen Liu
These partitions' stack size have been increased: - Initial Attestation : 0xA00 to 0xA80 - Test IPC Client : 0x280 to 0x300 - Test Secure Client 2: 0x200 to 0x300 - Test SST : 0x440 to 0x500 - Test Core Test : 0x300 to 0x380 - Test Core Test 2 : 0x200 to 0x280 Total SP stack increment : 0x80 Total Test SP stack increment : 0x340 The same purpose as '2679c160ea2485d529c3874fed6cc20185908a79'. Change-Id: Idfdebdee6cf80107c2fa7f37e530d7b4f857b972 Signed-off-by: Ken Liu <ken.liu@arm.com>
2020-01-23Attest: Refine compile time build optionsTamas Ban
To have more granular config options for attestation separate the test code and COSE key-id inclusion to be dependent on different compile time options. Change-Id: I351ce445f7beacf3378bbec4f740923bcd352f90 Signed-off-by: Tamas Ban <tamas.ban@arm.com>