Age | Commit message (Collapse) | Author |
|
Removes the warning that is displayed when the storage tests are run
with persistent storage, rather than the RAM FS. Testing with
persistent storage can be desirable, and wearing out the flash may not
be a concern for a given device. The RAM FS configuration is still
displayed at build time, so the test-runner may make their own
conclusions.
Change-Id: I6b9d5ce354cc6ddfd681e9387cdb852a5705f861
Signed-off-by: Jamie Fox <jamie.fox@arm.com>
|
|
Changes the storage tests to print a warning, but not fail the test,
when the UID that is created with the PSA_STORAGE_FLAG_WRITE_ONCE flag
already exists in storage.
This makes it possible to run the storage tests multiple times with
persistent storage without having failing tests. This is more desirable
than automatically wiping the storage before every test run, as it
provides proper test coverage for initialisation with an existing
filesystem.
Change-Id: Ia25384b6a1bb7fc0c718752b9a1ce409f1969507
Signed-off-by: Jamie Fox <jamie.fox@arm.com>
|
|
Add key derivation test cases in both secure and non-secure test
suites.
Add a common key derivation test function to support all the test
cases.
Change-Id: I3fd2c1e8bc3ed0a48bf0eb10253524aa4df6378a
Signed-off-by: David Hu <david.hu@arm.com>
|
|
Add test cases to perform minimal tests in test suites of symmetric
key algorithms based Initial Attestation both in NS and S side.
Add the expected token array of minimal tests for symmetric based
Initial Attestation.
Also add negative test cases.
Improve the buffer_too_small_test() a little and include it in the
negative test cases instead of a full-size token generation test,
to minimize the memory footprint of tests.
Change-Id: I0c4f8958081498f1fbab91220981877fc2f5abbc
Signed-off-by: David Hu <david.hu@arm.com>
|
|
Set up t_cose Short Circuit tagging flag if the associated flag is
set in Initial Attestation service.
Change-Id: I257fbad06f5feb396c43ffd7f838c33127116cd3
Signed-off-by: David Hu <david.hu@arm.com>
|
|
Add test cases in secure side and non-secure side respectively to
test symmetric key algorithm based Initial Attestation.
Enable Initial Attestation and symmetric key algorithm based
Initial Attestation in TF-M Profile Small Regression test config.
Change-Id: I74cd79712bd6dc679dcdbb49d1ffe02320cb0e13
Signed-off-by: David Hu <david.hu@arm.com>
|
|
Enable the token decoding process in symmetric key algorithm based
Initial Attestation for test.
In build type Debug, the symmetric IAK handle is fetched to verify
the tag of the generated token, in secure side.
Change-Id: I8e3175e5e3586ad80940d5ee9338f9dfc568a1b7
Signed-off-by: David Hu <david.hu@arm.com>
|
|
T_COSE test files are always built even if ENABLE_T_COSE_TESTS is
set to OFF.
Since test cases for COSE_Mac0 are not implemented, T_COSE test
build will fail for symmetric key algorithm based Initial
Attestation.
Disable the ENABLE_T_COSE_TESTS if SERVICES_TEST_ENABLED is OFF.
Skip T_COSE test cases when ENABLE_T_COSE_TESTS is OFF as a
workaround of build failure with symmetric key algorithm based
Initial Attestation.
Change-Id: If9f58900b95113c642b0c32204135b14e438f42f
Signed-off-by: David Hu <david.hu@arm.com>
|
|
- Move 'spm_xxx.h' to 'spm' folder, they should belong to 'spm'.
- Fix and simplify inclusion of header file.
- Fix format and typo error.
Change-Id: I129c6626ddffbbdba0e7edc27e9307f0d6ea9b79
Signed-off-by: Mingyang Sun <mingyang.sun@arm.com>
|
|
It's not used, and interferes when a platform doesn't have this file.
Change-Id: Icbffa7e912f297cbeaf4d1edfbd20fdf96efcacd
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
|
|
This patches renames SST(Secure STorage) to
PS(Protected Storage) for files, folders and any contents
in files to align with the PSA Storage API spec.
Change-Id: Icf991f59512875780c159f22737b521b3b2d4924
Signed-off-by: Kevin Peng <kevin.peng@arm.com>
|
|
Modify the flow of the IRQ test case so it can be executed with the IRQ
testing tool.
Change-Id: Ibc646baf2b979a0c054cc969b5a061e3c0e79081
Signed-off-by: Mate Toth-Pal <mate.toth-pal@arm.com>
|
|
Add support for FVP_SSE300_MPS2 platform
Change-Id: Ieddb5adbdc0cc47690bbe0b3dfbaf39d005d03ea
Signed-off-by: Mark Horvath <mark.horvath@arm.com>
Signed-off-by: Marton Berke <marton.berke@arm.com>
|
|
Change the absolute including into relative including
for partition service sources.
Change-Id: I1cc2057e5965046242a9b70e01e937243cacfc7e
Signed-off-by: Mingyang Sun <mingyang.sun@arm.com>
|
|
Control checking for hard-coded claim values in the attestation suite
by introducing the 'ATTEST_CLAIM_VALUE_CHECK' flag. When set to 'ON',
the test will check if the claim values match the constant values found
in 'platform/ext/common/template/attest_hal.c'.
Signed-off-by: Balint Matyi <Balint.Matyi@arm.com>
Change-Id: I22ab1471609d6b931deaf97f31cb3a0dcd83fda0
|
|
This is the first patch to follow the first commit of source structure
document. The items under the 'secure_fw' folder are re-organized:
- Create/Move some folders/files to follow document.
- Rename some folders to foll, for example, 'secure_fw/services' to
'secure_fw/partitions'.
- Update affected files to make it work.
This is a big change, to make the structure meet the basic shape of
the structure document defined, and make it easier to be understood
for users. Staging changes are not applicable so they are combined
into one - and because it is not the final shape yet, so:
- Upcoming updates on the 'secure_fw' folder would follow up soon.
- Fine-tune about the 'source_structure.rst' would come, too.
Change-Id: I5c11175e0a4579cd9b42d3e3519dbffb87334d0b
Signed-off-by: Ken Liu <ken.liu@arm.com>
|
|
Add Crypto test cases to verify AEAD interface with truncated
authentication tag.
Change-Id: Ied34592ed2ca1f23480720a15f0a178b691236c4
Signed-off-by: David Hu <david.hu@arm.com>
|
|
If initial attestation service is disabled, set ENABLE_QCBOR_TESTS
and ENABLE_T_COSE_TESTS to false, to skip T_COSE and QCBOR library
tests.
Change-Id: I16622a22ff55cf928be5d9204d06861732896055
Signed-off-by: David Hu <david.hu@arm.com>
|
|
Profile Small may only enable AES mode. Remove the hard-coded CBC
mode setting in common Crypto test cases. Instead, enable those
common test cases to test with the AES mode selected in Profile
Small.
Change-Id: I83d47e3bb705378b3369149031b4a466b8688f12
Signed-off-by: David Hu <david.hu@arm.com>
|
|
Add several configuration flags to control the build of Crypto
test cases.
TF-M Profiles can skip Crypto test cases in which the algorithms
are not supported.
Common Crypto tests will be optimized in further patches.
Change-Id: I48f7609858f65d321767af9a95a8894929f32e9f
Signed-off-by: David Hu <david.hu@arm.com>
|
|
Test if the client is S or NS by the DOMAIN_NS macro and
based on this, verify the Client-ID range.
Signed-off-by: Balint Matyi <Balint.Matyi@arm.com>
Change-Id: Ic23cc06477d945aa29aa415de399218336a1e99d
|
|
Hotfix to revert b3b01cc. Commit b3b01cc broke dual-cpu system
build.
It requires more time to debug. Revert it for now.
Change-Id: I0ca2f0952044f7fbb3df00b9a646c73ef5942138
Signed-off-by: David Hu <david.hu@arm.com>
|
|
Test if the client is S or NS by the ARM_FEATURE_CMSE macro and
based on this, verify the Client-ID range.
Change-Id: I32baaf1cdc7927f47d423ada4dc3ea77d670057e
Signed-off-by: Balint Matyi <Balint.Matyi@arm.com>
|
|
This patch introduces a new platform service exposing
the non-volatile counters. Secure partitions can use
this secure API to access the initialisation,
increment and read operations on the nv counters,
by setting "TFM_SP_PLATFORM_NV_COUNTER" as a dependency.
Change-Id: Ia564e24417dfd9bb95cc61634dbbea17caa5974c
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
|
|
This is a major type-mismatch cleanup and warnings elimination.
The IAR toolchain runs with more warnings enabled than ARMCLANG or
GNUARM, which has resulted in this effort.
This should make it easier to enable "pedantic" mode also for GNUARM.
There are still a few warnings about jumping past variable
initialization and falling off the end of non-void functions, but there
are comments in some of these parts that implies that this is done to
catch programming errors, like having case labels for all possible enum
values.
Reordered initializer in tfm_attestation_req_mngr.c to eliminate CI
warning.
Disabled "Pe940" warnings in CommonConfig.cmake to suppress warnings
about inline assembly functions declared to return value that doesn't
declare a return value in the __ASM() statement.
Disabled "Pe546" warnings to supress warnings about jumping over
unused initializers.
Fixed what appears to be a copy/paste bug in tfm_ss_core_test.c.
Removed unused variable "ret" in Driver_PPC.c for AN519 and AN521, to
make it similar to AN524.
Signed-off-by: TTornblom <thomas.tornblom@iar.com>
Change-Id: I2b729c73e4b004cff6b0530cc1350fcf900e4272
|
|
The patch includes 3 refines:
1. Removes deprecated TFM_LEGACY_API config
2. CORE_TEST_POSITIVE tests can be enabled only in TFM isolation
level 1. The check is currently done in the non_secure_suites.c.
This patch moves the check from source file to CMake file to
align with the other test suites.
3. Removes extra #if check for audit log test suite in source code.
The check has been done in CMake
Change-Id: I1b28f5f5139a0ff762f73334aadd38a931440b29
Signed-off-by: Kevin Peng <kevin.peng@arm.com>
|
|
Removes the tfm_core_memory_permission_check() API and all uses of it.
This API is no longer required as all necessary memory permission
checks are performed by the SPM on the iovec parameters before control
reaches the secure partition.
Change-Id: I6489328f508d0405272b598500a04d4336c8d2b3
Signed-off-by: Jamie Fox <jamie.fox@arm.com>
|
|
Change-Id: I8898049fa3308ab107aab0914179d687d43fd5e0
Signed-off-by: Jamie Fox <jamie.fox@arm.com>
|
|
Cleaned up #ifdef in secure_fw/services/tfm_spm_db.inc.template
Moved "signals" member to front of spm_partition_runtime_data_t.
The suggestion to move the aggregate types to the front turned
out to be hard to make work for both PSA and non-PSA configs.
Moved REGION_DECLARE macros to new include file,
platform/include/region.h.
Cleaned up type cast in core_test_api.c
Change-Id: I5dce1e7c019d4d7e4c14dc79be5ee2b855ad4f9e
Signed-off-by: Thomas Tornblom <thomas.tornblom@iar.com>
|
|
C arrays start from index 0, so the correct test for "does this entry
exist?" is "< size" (or ">= size").
Also the mapping array t_cose_verify_error_map was missing values for a
number of enumerals from enum attest_token_err_t, one of which was in
the middle, meaning that the remaining entries were all in the wrong
places.
Replace the difficult-to-maintain array with a switch statement.
Change-Id: I24a62c732848c23e6b30a8e21bb9c05e8c5e023f
Signed-off-by: Chris Brand <chris.brand@cypress.com>
|
|
Change-Id: I540cf98000d771d539e0db82c09da457709186c7
Signed-off-by: Alamy Liu <alamy.liu@cypress.com>
|
|
Don't define the C macro __ARM_FEATURE_CMSE at all, as that is done by
the compiler by passing the -mcmse (or equivalent) switch to the
compiler command. Also don't pass command line switch -mcmse to compiler
in case of NS build.
Change-Id: If9ab8e879b81b63b97c6785320225537004b35b1
Signed-off-by: Mate Toth-Pal <mate.toth-pal@arm.com>
|
|
SHA-1 is considered to a weak message digest, so this patch changes it
to disabled by default. Makes corresponding updates to the tests.
Change-Id: Idfb7f1b33d46b9ba553a327e4ed83320e728870b
Signed-off-by: Jamie Fox <jamie.fox@arm.com>
|
|
This patch upgrades the Crypto service to be able
to use Mbed Crypto 3.0.1:
- Updates the PSA crypto headers to latest available in mbed-crypto
- Updates the service implementation
- Updates the test suites where needed
- Updates the SST and Attestation interfaces
towards cryptographic functionalities
- Updates documentation to reflect updated
requirements, and changes in the integration guide
This patch migrates the use of psa_asymmetric_sign() and
psa_asymmetric_verify() to the non-deprecated versions of
the API psa_sign_hash() and psa_verify_hash().
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
Change-Id: I7d8275def2336c1b5cfb8847b2842c305cfab116
|
|
This change allows the PSA test suite partition manifest
parsing without any error for undefined linker_pattern
in manifest file as the linker_pattern support is now
added to manifest list file.
And move linker_pattern field from manifest to manifest_list
file for the existing SP manifest files.
Signed-off-by: Jaykumar Pitambarbhai Patel <jay08ec71@yahoo.com>
Change-Id: I85bb540feb100e494287cb845084b0026b04ace4
|
|
Add a heavyweight test case for multiple outstanding NS PSA client
calls feature on multi-core topology.
The heavyweight test case creates multiple threads to call Internal
Trusted Storage service to write, read-back and remove assets.
Change-Id: Ic1e81dd3774e2731ff81c4e79359708a67ee4ad7
Signed-off-by: David Hu <david.hu@arm.com>
|
|
Add statistics module in NS mailbox.
It records the number of mailbox message submission and the total
number of occupied NS mailbox queue slots each time NS task
acquires a mailbox queue slot.
NS tests can call tfm_ns_mailbox_stats_avg_slots() to calculate
the average number of occupied NS mailbox queue slots each time
NS task acquires a mailbox queue slot. It can prove the feature of
multiple outstanding NS PSA Client calls feature in dual-core
mailbox.
Change-Id: Icd9553996c516901f6b3fc7d68b4c4d0f0f0a5da
Signed-off-by: David Hu <david.hu@arm.com>
|
|
Create multiple threads in NS test to send PSA client call to
lightweight SPE secure services simultaneously.
Each child thread in NS test loops several rounds of psa_connect(),
psa_call() and psa_close(), which are sent to multi-core test
specific secure services.
Add two multi-core topology specific lightweight test secure
services to handle the PSA client calls from NS child threads. Each
just returns the number of PSA client calls.
Change-Id: Id235a3a32ef126d35903fb7ec1ee70120bfbb040
Signed-off-by: David Hu <david.hu@arm.com>
|
|
Add Non-secure test interface of multi-core topology.
Add a dummy non-secure test case.
Change-Id: Ie51fa92e4ed2ec034d886b3fc5a0fabdce80fa94
Signed-off-by: David Hu <david.hu@arm.com>
|
|
Add a Secure Partition for multi-core topology specific tests.
Add a dummy service and corresponding signal.
Update the manifest files.
Change-Id: Id0d9530d54afab76053bd74989f88902bfbbdd9b
Signed-off-by: David Hu <david.hu@arm.com>
|
|
Refactors SST to implement PSA Protected Storage version 1.0.
Change-Id: I967375e98799a465069525f203881f5331d6d84a
Signed-off-by: Galanakis, Minos <minos.galanakis@arm.com>
|
|
Change the arguments to psa_initial_attest_get_token and
psa_initial_attest_get_token_size as per the PSA 1.0 spec. Update
documentation for new function signature.
Change-Id: Ied6a0bea9ab4a404c147db286584a0873f1a3bf3
Signed-off-by: Raef Coles <raef.coles@arm.com>
|
|
This change addresses the compliance with PSA initial attestation
API 1.0.0 version. It replaces the existing psa_attest_err_t enum
values with the error codes that are detailed in the
interface/include/psa/error.h file.
Change-Id: I1795331e7081589371c82f0e56655db6a543edd3
Signed-off-by: Sverteczky, Marcell <marcell.sverteczky@arm.com>
Signed-off-by: Raef Coles <raef.coles@arm.com>
|
|
Currently the test framework which executes test suites doesn't return
anything. Therefore it is not possible for application layer to know the
status of test cases. This is change is intended to export the test case
pass/fail status to application layer and beyond (if any test framework
is used by Non-secure side).
Change-Id: I67e6305a7e0947583bc5af88e909d4d22a9d7270
Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
|
|
This patch updates the SST service to call ITS as its backend. Also
updates ITS to maintain a second filesystem context for SST, using the
external flash device instead of the internal one.
Change-Id: I83027aa859b369e6d7d8e085518e2b068e2f9eac
Co-authored-by: Jamie Fox <jamie.fox@arm.com>
Signed-off-by: Tudor Cretu <tudor.cretu@arm.com>
Signed-off-by: Jamie Fox <jamie.fox@arm.com>
|
|
Refined use of types, particular integer types and their signedness so there
are fewer warnings from static analyzers. Added casts to make implicit
type conversions explicit and more clear for code reader. No actual bugs
or vulnerabilities where found by the static analyzer but a lot of lines
were changed.
Cleaner handling of too-long bstr and tstr error condition when decoding.
Add support for bigfloats and decimal fractions -- all of RFC 7049 is now
supported except duplicate detection when decoding maps and some of
strict mode. Dead-stripping and/or linking through a .a file will
automatically leave out the added code on the encoder side.
bytes or so of code on the decode side
Documentation corrections and improved code formatting, fewer
long lines, spelling... A lot of lines where change for this.
Repair a few tests that weren't testing what they were supposed
to be testing.
Change-Id: I4c9c56c1ee16812eac7a5c2f2ba0d896f3f1b5ae
Signed-off-by: Laurence Lundblade <lgl@securitytheory.com>
|
|
Increase the stack size with 0x80 bytes because the
updated version of QCBOR consume a slightly more stack.
Change-Id: I5680a2af86d848bea0e248399da7649cb0c372e3
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
|
|
Fix the following type of issues:
- Dead code
- Unused function
- Uninitialized variable
- Parameter type mismatch
Change-Id: Ib4f8fa7c9037a8d55279154f875d0ec7f5a3c177
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
|
|
These partitions' stack size have been increased:
- Initial Attestation : 0xA00 to 0xA80
- Test IPC Client : 0x280 to 0x300
- Test Secure Client 2: 0x200 to 0x300
- Test SST : 0x440 to 0x500
- Test Core Test : 0x300 to 0x380
- Test Core Test 2 : 0x200 to 0x280
Total SP stack increment : 0x80
Total Test SP stack increment : 0x340
The same purpose as '2679c160ea2485d529c3874fed6cc20185908a79'.
Change-Id: Idfdebdee6cf80107c2fa7f37e530d7b4f857b972
Signed-off-by: Ken Liu <ken.liu@arm.com>
|
|
To have more granular config options for attestation
separate the test code and COSE key-id inclusion to be
dependent on different compile time options.
Change-Id: I351ce445f7beacf3378bbec4f740923bcd352f90
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
|