aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjulhal01 <julian.hall@arm.com>2021-02-01 08:29:28 +0000
committerGyorgy Szing <Gyorgy.Szing@arm.com>2021-04-14 16:59:18 +0200
commit2c18fbfda57fdc7b3971bffbe5902caf52a9530a (patch)
treeb9b6ec0f0cba35f1f13fe1903626292df739f592
parentffa98d8e11e5630b9b5afc3cfacc2757e196088d (diff)
downloadtrusted-services-2c18fbfda57fdc7b3971bffbe5902caf52a9530a.tar.gz
Add platform specific TRNG driver
Adds platform specific TRNG driver to Crypto opteesp deployment. Fetches and builds the TZ-TRNG driver from its external repo and includes it when the crypto/opteesp is built for the arm/fvp/fvp_base_revc-2xaemv8a platform. Device region information provided as external configuration data is not yet integrated to the TRNG hardware is not yet used. Signed-off-by: Julian Hall <julian.hall@arm.com> Change-Id: I8a2946643a279dfcc3aff608427c85e674f0e084
-rw-r--r--components/config/interface/platform_config.h54
-rw-r--r--components/config/ramstore/component.cmake14
-rw-r--r--components/config/ramstore/config_ramstore.c116
-rw-r--r--components/config/ramstore/config_ramstore.h40
-rw-r--r--components/config/ramstore/test/component.cmake (renamed from components/service/crypto/provider/mbedcrypto/entropy_adapter/linux/component.cmake)2
-rw-r--r--components/config/ramstore/test/ramstore_tests.cpp93
-rw-r--r--components/service/crypto/client/test/mock/mock_crypto_client.cpp2
-rw-r--r--components/service/crypto/client/test/standalone/standalone_crypto_client.cpp2
-rw-r--r--components/service/crypto/provider/mbedcrypto/crypto_provider.c8
-rw-r--r--components/service/crypto/provider/mbedcrypto/crypto_provider.h2
-rw-r--r--components/service/crypto/provider/mbedcrypto/trng_adapter/linux/component.cmake13
-rw-r--r--components/service/crypto/provider/mbedcrypto/trng_adapter/linux/linux_trng_adapter.c (renamed from components/service/crypto/provider/mbedcrypto/entropy_adapter/linux/linux_entropy_adapter.c)11
-rw-r--r--components/service/crypto/provider/mbedcrypto/trng_adapter/platform/component.cmake (renamed from components/service/crypto/provider/mbedcrypto/entropy_adapter/platform/component.cmake)4
-rw-r--r--components/service/crypto/provider/mbedcrypto/trng_adapter/platform/platform_trng_adapter.c (renamed from components/service/crypto/provider/mbedcrypto/entropy_adapter/platform/platform_entropy_adapter.c)24
-rw-r--r--components/service/crypto/provider/mbedcrypto/trng_adapter/trng_adapter.h (renamed from components/service/crypto/provider/mbedcrypto/entropy_adapter/entropy_adapter.h)16
-rw-r--r--components/service/locator/standalone/services/crypto/crypto_service_context.cpp4
-rw-r--r--deployments/component-test/arm-linux/CMakeLists.txt2
-rw-r--r--deployments/component-test/component-test.cmake2
-rw-r--r--deployments/component-test/linux-pc/CMakeLists.txt2
-rw-r--r--deployments/crypto/opteesp/CMakeLists.txt5
-rw-r--r--deployments/crypto/opteesp/crypto_sp.c7
-rw-r--r--deployments/libts/linux-pc/CMakeLists.txt2
-rw-r--r--platform/drivers/arm/tztrng/driver.cmake68
-rw-r--r--platform/drivers/arm/tztrng/tztrng_trng.c79
-rw-r--r--platform/drivers/mock/mock_trng.c (renamed from platform/drivers/mock/mock_entropy.c)13
-rw-r--r--platform/interface/device_region.h34
-rw-r--r--platform/interface/trng.h (renamed from platform/interface/entropy.h)30
-rw-r--r--platform/providers/arm/fvp/fvp_base_revc-2xaemv8a/platform.cmake10
-rw-r--r--platform/providers/ts/mock/platform.cmake7
29 files changed, 601 insertions, 65 deletions
diff --git a/components/config/interface/platform_config.h b/components/config/interface/platform_config.h
new file mode 100644
index 0000000..d11f0eb
--- /dev/null
+++ b/components/config/interface/platform_config.h
@@ -0,0 +1,54 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef TS_CONFIG_INTERFACE_PLATFORM_CONFIG_H
+#define TS_CONFIG_INTERFACE_PLATFORM_CONFIG_H
+
+#include <platform/interface/device_region.h>
+#include <stddef.h>
+
+/**
+ * Provides a common interface for retrieving platform configuration
+ * data for initializing platform provided devices or services.
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief Query platform configuartion for a particular device_region
+ *
+ * \param[in] dev_class Class of device (e.g. 'trng')
+ * \param[in] dev_instance The instance of the class of a device on platform
+ *
+ * \return Pointer to device_region or NULL if no qualifying configuration
+ */
+struct device_region *platform_config_device_query(const char *dev_class,
+ int dev_instance);
+
+/**
+ * \brief Frees a device region returned by platform_config_device_query()
+ *
+ * \param[in] device_region Device region object to free. Can be NULL.
+ */
+void platform_config_device_query_free(struct device_region *device_region);
+
+/**
+ * \brief Add a device_region to the platform configuration
+ *
+ * \param[in] device_region The device_region object to add
+ *
+ * \return 0 if successful
+ */
+int platform_config_device_add(const struct device_region *device_region);
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* TS_CONFIG_INTERFACE_PLATFORM_CONFIG_H */
diff --git a/components/config/ramstore/component.cmake b/components/config/ramstore/component.cmake
new file mode 100644
index 0000000..3fb8540
--- /dev/null
+++ b/components/config/ramstore/component.cmake
@@ -0,0 +1,14 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#-------------------------------------------------------------------------------
+if (NOT DEFINED TGT)
+ message(FATAL_ERROR "mandatory parameter TGT is not defined.")
+endif()
+
+target_sources(${TGT} PRIVATE
+ "${CMAKE_CURRENT_LIST_DIR}/config_ramstore.c"
+ )
+
diff --git a/components/config/ramstore/config_ramstore.c b/components/config/ramstore/config_ramstore.c
new file mode 100644
index 0000000..548ba4b
--- /dev/null
+++ b/components/config/ramstore/config_ramstore.c
@@ -0,0 +1,116 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include "config_ramstore.h"
+#include <config/interface/platform_config.h>
+#include <stdlib.h>
+#include <string.h>
+#include <stdint.h>
+
+/**
+ * Variable length container for a configuration object.
+ */
+struct config_container
+{
+ size_t size;
+ struct config_container *next;
+};
+
+static struct config_container *config_container_create(const void *data, size_t size)
+{
+ struct config_container *container = malloc(sizeof(struct config_container) + size);
+
+ if (container) {
+
+ container->size = size;
+ container->next = NULL;
+
+ memcpy((uint8_t*)container + sizeof(struct config_container), data, size);
+ }
+
+ return container;
+}
+
+static void config_container_destroy(struct config_container *container)
+{
+ free(container);
+}
+
+static const void *config_container_data(const struct config_container *container)
+{
+ return (const uint8_t*)container + sizeof(struct config_container);
+}
+
+/**
+ * Singleton config_ramstore instance
+ */
+static struct config_ramstore
+{
+ struct config_container *device_region_list;
+} ramstore = {0};
+
+
+void config_ramstore_init(void)
+{
+ ramstore.device_region_list = NULL;
+}
+
+void config_ramstore_deinit(void)
+{
+ while (ramstore.device_region_list) {
+
+ struct config_container *next = ramstore.device_region_list->next;
+ free(ramstore.device_region_list);
+ ramstore.device_region_list = next;
+ }
+}
+
+int platform_config_device_add(const struct device_region *device_region)
+{
+ struct config_container *container;
+
+ container = config_container_create(device_region, sizeof(struct device_region));
+ if (!container) return -1;
+
+ container->next = ramstore.device_region_list;
+ ramstore.device_region_list = container;
+
+ return 0;
+}
+
+struct device_region *platform_config_device_query(const char *dev_class,
+ int dev_instance)
+{
+ struct device_region *result = NULL;
+ const struct config_container *container = ramstore.device_region_list;
+
+ while (container) {
+
+ const struct device_region *candidate;
+ candidate = (const struct device_region*)config_container_data(container);
+
+ if ((candidate->dev_instance == dev_instance) &&
+ (strcmp(candidate->dev_class, dev_class) == 0)) {
+
+ result = malloc(container->size);
+ if (result) {
+
+ memcpy(result, candidate, container->size);
+ }
+
+ break;
+ }
+
+ container = container->next;
+ }
+
+ return result;
+}
+
+void platform_config_device_query_free(struct device_region *device_region)
+{
+ free(device_region);
+}
diff --git a/components/config/ramstore/config_ramstore.h b/components/config/ramstore/config_ramstore.h
new file mode 100644
index 0000000..5df1838
--- /dev/null
+++ b/components/config/ramstore/config_ramstore.h
@@ -0,0 +1,40 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+/**
+ * A config store that implements the common config interface that
+ * saves configuration data in ram. This may be used in environments
+ * that are configured at run-time e.g. from device tree. The
+ * config_ramstore is a singleton.
+ */
+#ifndef CONFIG_RAMSTORE_H
+#define CONFIG_RAMSTORE_H
+
+#include <stddef.h>
+#include <platform/interface/device_region.h>
+#include <config/interface/platform_config.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief Initializes the singleton store
+ *
+ */
+void config_ramstore_init(void);
+
+/**
+ * \brief Clean-up the config_ramstore after use
+ */
+void config_ramstore_deinit(void);
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* CONFIG_RAMSTORE_H */
diff --git a/components/service/crypto/provider/mbedcrypto/entropy_adapter/linux/component.cmake b/components/config/ramstore/test/component.cmake
index 9be89d1..7f1df76 100644
--- a/components/service/crypto/provider/mbedcrypto/entropy_adapter/linux/component.cmake
+++ b/components/config/ramstore/test/component.cmake
@@ -9,5 +9,5 @@ if (NOT DEFINED TGT)
endif()
target_sources(${TGT} PRIVATE
- "${CMAKE_CURRENT_LIST_DIR}/linux_entropy_adapter.c"
+ "${CMAKE_CURRENT_LIST_DIR}/ramstore_tests.cpp"
)
diff --git a/components/config/ramstore/test/ramstore_tests.cpp b/components/config/ramstore/test/ramstore_tests.cpp
new file mode 100644
index 0000000..c597b57
--- /dev/null
+++ b/components/config/ramstore/test/ramstore_tests.cpp
@@ -0,0 +1,93 @@
+/*
+ * Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <cstring>
+#include <config/ramstore/config_ramstore.h>
+#include <CppUTest/TestHarness.h>
+
+TEST_GROUP(ConfigRamstoreTests)
+{
+ void setup()
+ {
+ config_ramstore_init();
+ }
+
+ void teardown()
+ {
+ config_ramstore_deinit();
+ }
+};
+
+TEST(ConfigRamstoreTests, checkEmptyConfig)
+{
+ /* Expect queries to an empty store to return gracefully */
+ struct device_region *query_result = platform_config_device_query("flash", 0);
+ CHECK(!query_result);
+
+ /* Expect freeing a null pointer to be harmless */
+ platform_config_device_query_free(query_result);
+}
+
+TEST(ConfigRamstoreTests, checkSingleConfig)
+{
+ struct device_region config;
+
+ /* This would be external configuration, obtained say from device tree */
+ strcpy(config.dev_class, "fs");
+ config.dev_instance = 2;
+ config.base_addr = (uint8_t*)0x0f000010;
+ config.io_region_size = 0x100;
+
+ /* Add the configuration object */
+ int status = platform_config_device_add(&config);
+ CHECK_EQUAL(0, status);
+
+ /* Expect query find the config object */
+ struct device_region *query_result = platform_config_device_query(config.dev_class, config.dev_instance);
+ CHECK(query_result);
+ CHECK(strcmp(config.dev_class, query_result->dev_class) == 0);
+ CHECK_EQUAL(config.dev_instance, query_result->dev_instance);
+ CHECK_EQUAL(config.base_addr, query_result->base_addr);
+ CHECK_EQUAL(config.io_region_size, query_result->io_region_size);
+
+ platform_config_device_query_free(query_result);
+}
+
+TEST(ConfigRamstoreTests, checkMultipleConfig)
+{
+ int status;
+
+ /* Add first config object */
+ struct device_region config1;
+
+ strcpy(config1.dev_class, "flash");
+ config1.dev_instance = 0;
+ config1.base_addr = (uint8_t*)0x0f000010;
+ config1.io_region_size = 0x100;
+
+ status = platform_config_device_add(&config1);
+ CHECK_EQUAL(0, status);
+
+ /* Add second config object */
+ struct device_region config2;
+
+ strcpy(config2.dev_class, "flash");
+ config2.dev_instance = 1;
+ config2.base_addr = (uint8_t*)0x0f000010;
+ config2.io_region_size = 0x100;
+
+ status = platform_config_device_add(&config2);
+ CHECK_EQUAL(0, status);
+
+ /* Expect queries for both objects to work */
+ struct device_region *query1_result = platform_config_device_query(config1.dev_class, config1.dev_instance);
+ CHECK(query1_result);
+
+ struct device_region *query2_result = platform_config_device_query(config2.dev_class, config2.dev_instance);
+ CHECK(query2_result);
+
+ platform_config_device_query_free(query2_result);
+} \ No newline at end of file
diff --git a/components/service/crypto/client/test/mock/mock_crypto_client.cpp b/components/service/crypto/client/test/mock/mock_crypto_client.cpp
index 69e7478..96195a8 100644
--- a/components/service/crypto/client/test/mock/mock_crypto_client.cpp
+++ b/components/service/crypto/client/test/mock/mock_crypto_client.cpp
@@ -34,7 +34,7 @@ bool mock_crypto_client::init()
storage_ep);
struct rpc_interface *crypto_ep = mbed_crypto_provider_init(&m_crypto_provider,
- storage_caller, NULL);
+ storage_caller, 0);
struct rpc_caller *crypto_caller = direct_caller_init_default(&m_crypto_caller,
crypto_ep);
diff --git a/components/service/crypto/client/test/standalone/standalone_crypto_client.cpp b/components/service/crypto/client/test/standalone/standalone_crypto_client.cpp
index 15986c6..86fd420 100644
--- a/components/service/crypto/client/test/standalone/standalone_crypto_client.cpp
+++ b/components/service/crypto/client/test/standalone/standalone_crypto_client.cpp
@@ -52,7 +52,7 @@ bool standalone_crypto_client::init()
}
struct rpc_interface *crypto_ep = mbed_crypto_provider_init(&m_crypto_provider,
- storage_caller, NULL);
+ storage_caller, 0);
struct rpc_caller *crypto_caller = direct_caller_init_default(&m_crypto_caller,
crypto_ep);
diff --git a/components/service/crypto/provider/mbedcrypto/crypto_provider.c b/components/service/crypto/provider/mbedcrypto/crypto_provider.c
index a12f625..4d5a0a3 100644
--- a/components/service/crypto/provider/mbedcrypto/crypto_provider.c
+++ b/components/service/crypto/provider/mbedcrypto/crypto_provider.c
@@ -7,7 +7,7 @@
#include <stdlib.h>
#include <protocols/service/crypto/packed-c/opcodes.h>
#include <service/crypto/provider/mbedcrypto/crypto_provider.h>
-#include <service/crypto/provider/mbedcrypto/entropy_adapter/entropy_adapter.h>
+#include <service/crypto/provider/mbedcrypto/trng_adapter/trng_adapter.h>
#include <service/secure_storage/client/psa/its/its_client.h>
#include <protocols/rpc/common/packed-c/status.h>
#include <psa/crypto.h>
@@ -46,11 +46,11 @@ static const struct service_handler handler_table[] = {
struct rpc_interface *mbed_crypto_provider_init(struct mbed_crypto_provider *context,
struct rpc_caller *storage_provider,
- void *entropy_adapter_config)
+ int trng_instance)
{
struct rpc_interface *rpc_interface = NULL;
- entropy_adapter_init(entropy_adapter_config);
+ trng_adapter_init(trng_instance);
/*
* A storage provider is required for persistent key storage. As this
@@ -76,7 +76,7 @@ struct rpc_interface *mbed_crypto_provider_init(struct mbed_crypto_provider *con
void mbed_crypto_provider_deinit(struct mbed_crypto_provider *context)
{
(void)context;
- entropy_adapter_deinit();
+ trng_adapter_deinit();
}
void mbed_crypto_provider_register_serializer(struct mbed_crypto_provider *context,
diff --git a/components/service/crypto/provider/mbedcrypto/crypto_provider.h b/components/service/crypto/provider/mbedcrypto/crypto_provider.h
index 5ffd0c3..0a7666f 100644
--- a/components/service/crypto/provider/mbedcrypto/crypto_provider.h
+++ b/components/service/crypto/provider/mbedcrypto/crypto_provider.h
@@ -35,7 +35,7 @@ struct mbed_crypto_provider
*/
struct rpc_interface *mbed_crypto_provider_init(struct mbed_crypto_provider *context,
struct rpc_caller *storage_provider,
- void *entropy_adapter_config);
+ int trng_instance);
/*
* When operation of the provider is no longer required, this function
diff --git a/components/service/crypto/provider/mbedcrypto/trng_adapter/linux/component.cmake b/components/service/crypto/provider/mbedcrypto/trng_adapter/linux/component.cmake
new file mode 100644
index 0000000..89056e2
--- /dev/null
+++ b/components/service/crypto/provider/mbedcrypto/trng_adapter/linux/component.cmake
@@ -0,0 +1,13 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#-------------------------------------------------------------------------------
+if (NOT DEFINED TGT)
+ message(FATAL_ERROR "mandatory parameter TGT is not defined.")
+endif()
+
+target_sources(${TGT} PRIVATE
+ "${CMAKE_CURRENT_LIST_DIR}/linux_trng_adapter.c"
+ )
diff --git a/components/service/crypto/provider/mbedcrypto/entropy_adapter/linux/linux_entropy_adapter.c b/components/service/crypto/provider/mbedcrypto/trng_adapter/linux/linux_trng_adapter.c
index 83899b1..15a875a 100644
--- a/components/service/crypto/provider/mbedcrypto/entropy_adapter/linux/linux_entropy_adapter.c
+++ b/components/service/crypto/provider/mbedcrypto/trng_adapter/linux/linux_trng_adapter.c
@@ -5,7 +5,9 @@
*/
#include <mbedtls/entropy.h>
#include <mbedtls/entropy_poll.h>
-#include <service/crypto/provider/mbedcrypto/entropy_adapter/entropy_adapter.h>
+#include <service/crypto/provider/mbedcrypto/trng_adapter/trng_adapter.h>
+#include <unistd.h>
+#include <sys/syscall.h>
#include <errno.h>
#include <sys/syscall.h>
#include <unistd.h>
@@ -15,13 +17,12 @@
* function to the Linux getrandom system call.
*/
-int entropy_adapter_init(void *config)
+int trng_adapter_init(int instance)
{
- (void)config;
- return 0;
+ (void)instance;
}
-void entropy_adapter_deinit(void)
+void trng_adapter_deinit()
{
}
diff --git a/components/service/crypto/provider/mbedcrypto/entropy_adapter/platform/component.cmake b/components/service/crypto/provider/mbedcrypto/trng_adapter/platform/component.cmake
index d178f1f..575ac22 100644
--- a/components/service/crypto/provider/mbedcrypto/entropy_adapter/platform/component.cmake
+++ b/components/service/crypto/provider/mbedcrypto/trng_adapter/platform/component.cmake
@@ -9,9 +9,9 @@ if (NOT DEFINED TGT)
endif()
target_sources(${TGT} PRIVATE
- "${CMAKE_CURRENT_LIST_DIR}/platform_entropy_adapter.c"
+ "${CMAKE_CURRENT_LIST_DIR}/platform_trng_adapter.c"
)
set_property(TARGET ${TGT} APPEND_STRING PROPERTY TS_PLATFORM_DRIVER_DEPENDENCIES
- "entropy"
+ "trng"
)
diff --git a/components/service/crypto/provider/mbedcrypto/entropy_adapter/platform/platform_entropy_adapter.c b/components/service/crypto/provider/mbedcrypto/trng_adapter/platform/platform_trng_adapter.c
index 8bf3ec4..29628d1 100644
--- a/components/service/crypto/provider/mbedcrypto/entropy_adapter/platform/platform_entropy_adapter.c
+++ b/components/service/crypto/provider/mbedcrypto/trng_adapter/platform/platform_trng_adapter.c
@@ -5,25 +5,33 @@
*/
#include <mbedtls/entropy.h>
#include <mbedtls/entropy_poll.h>
-#include <platform/interface/entropy.h>
-#include <service/crypto/provider/mbedcrypto/entropy_adapter/entropy_adapter.h>
+#include <platform/interface/trng.h>
+#include <service/crypto/provider/mbedcrypto/trng_adapter/trng_adapter.h>
+#include <config/interface/platform_config.h>
#include <stddef.h>
/*
* An mbed tls compatibile hardware entropy source that adapts the mbed tls hardware poll
- * function to a platform entropy driver. The actual realization of the driver
+ * function to a platform trng driver. The actual realization of the driver
* will depend on the platform selected at build-time.
*/
-static struct ts_plat_entropy_driver driver = {0};
+static struct platform_trng_driver driver = {0};
-int entropy_adapter_init(void *config)
+int trng_adapter_init(int instance)
{
- return ts_plat_entropy_create(&driver, config);
+ int status;
+ struct device_region *device_region;
+
+ device_region = platform_config_device_query("trng", instance);
+ status = platform_trng_create(&driver, device_region);
+ platform_config_device_query_free(device_region);
+
+ return status;
}
-void entropy_adapter_deinit(void)
+void trng_adapter_deinit()
{
- ts_plat_entropy_destroy(&driver);
+ platform_trng_destroy(&driver);
driver.iface = NULL;
driver.context = NULL;
diff --git a/components/service/crypto/provider/mbedcrypto/entropy_adapter/entropy_adapter.h b/components/service/crypto/provider/mbedcrypto/trng_adapter/trng_adapter.h
index 48bb741..f1e7254 100644
--- a/components/service/crypto/provider/mbedcrypto/entropy_adapter/entropy_adapter.h
+++ b/components/service/crypto/provider/mbedcrypto/trng_adapter/trng_adapter.h
@@ -3,8 +3,8 @@
*
* SPDX-License-Identifier: BSD-3-Clause
*/
-#ifndef MBED_CRYPTO_ENTROPY_ADAPTER_H
-#define MBED_CRYPTO_ENTROPY_ADAPTER_H
+#ifndef MBED_CRYPTO_TRNG_ADAPTER_H
+#define MBED_CRYPTO_TRNG_ADAPTER_H
/*
* The build-time configuration of Mbed Crypto creates a dependency on a
@@ -20,21 +20,21 @@ extern "C" {
#endif
/**
- * \brief Initialise the entropy adapter
+ * \brief Initialise the trng adapter
*
- * \param config Entropy adapter specific configuration or NULL if none.
+ * \param instance Deployment specific trng instance.
*
* \return 0 if successful.
*/
-int entropy_adapter_init(void *config);
+int trng_adapter_init(int instance);
/**
- * \brief Cleans-up the entropy adapter.
+ * \brief Cleans-up the trng adapter.
*/
-void entropy_adapter_deinit(void);
+void trng_adapter_deinit();
#ifdef __cplusplus
} /* extern "C" */
#endif
-#endif /* MBED_CRYPTO_ENTROPY_ADAPTER_H */
+#endif /* MBED_CRYPTO_TRNG_ADAPTER_H */
diff --git a/components/service/locator/standalone/services/crypto/crypto_service_context.cpp b/components/service/locator/standalone/services/crypto/crypto_service_context.cpp
index e761224..7a49d26 100644
--- a/components/service/locator/standalone/services/crypto/crypto_service_context.cpp
+++ b/components/service/locator/standalone/services/crypto/crypto_service_context.cpp
@@ -26,9 +26,9 @@ void crypto_service_context::do_init()
{
struct rpc_interface *storage_ep = sfs_provider_init(&m_storage_provider);
struct rpc_caller *storage_caller = direct_caller_init_default(&m_storage_caller,
- storage_ep);
+ storage_ep);
struct rpc_interface *crypto_ep = mbed_crypto_provider_init(&m_crypto_provider,
- storage_caller, NULL);
+ storage_caller, 0);
mbed_crypto_provider_register_serializer(&m_crypto_provider,
TS_RPC_ENCODING_PROTOBUF, pb_crypto_provider_serializer_instance());
diff --git a/deployments/component-test/arm-linux/CMakeLists.txt b/deployments/component-test/arm-linux/CMakeLists.txt
index a0ad971..a3609d8 100644
--- a/deployments/component-test/arm-linux/CMakeLists.txt
+++ b/deployments/component-test/arm-linux/CMakeLists.txt
@@ -36,7 +36,7 @@ add_components(
TARGET "component-test"
BASE_DIR ${TS_ROOT}
COMPONENTS
- "components/service/crypto/provider/mbedcrypto/entropy_adapter/linux"
+ "components/service/crypto/provider/mbedcrypto/trng_adapter/linux"
)
#-------------------------------------------------------------------------------
diff --git a/deployments/component-test/component-test.cmake b/deployments/component-test/component-test.cmake
index dcb0d2d..2d7c21a 100644
--- a/deployments/component-test/component-test.cmake
+++ b/deployments/component-test/component-test.cmake
@@ -20,6 +20,8 @@ add_components(
"components/common/uuid/test"
"components/common/tlv"
"components/common/tlv/test"
+ "components/config/ramstore"
+ "components/config/ramstore/test"
"components/rpc/common/caller"
"components/rpc/common/interface"
"components/rpc/common/test/protocol"
diff --git a/deployments/component-test/linux-pc/CMakeLists.txt b/deployments/component-test/linux-pc/CMakeLists.txt
index a3ed949..2f0e19a 100644
--- a/deployments/component-test/linux-pc/CMakeLists.txt
+++ b/deployments/component-test/linux-pc/CMakeLists.txt
@@ -71,7 +71,7 @@ add_components(
TARGET "component-test"
BASE_DIR ${TS_ROOT}
COMPONENTS
- "components/service/crypto/provider/mbedcrypto/entropy_adapter/linux"
+ "components/service/crypto/provider/mbedcrypto/trng_adapter/linux"
)
#-------------------------------------------------------------------------------
diff --git a/deployments/crypto/opteesp/CMakeLists.txt b/deployments/crypto/opteesp/CMakeLists.txt
index 13447b1..356d0d3 100644
--- a/deployments/crypto/opteesp/CMakeLists.txt
+++ b/deployments/crypto/opteesp/CMakeLists.txt
@@ -35,6 +35,7 @@ add_components(TARGET "crypto-sp"
BASE_DIR ${TS_ROOT}
COMPONENTS
"components/common/tlv"
+ "components/config/ramstore"
"components/messaging/ffa/libsp"
"components/rpc/ffarpc/endpoint"
"components/rpc/ffarpc/caller/sp"
@@ -45,7 +46,7 @@ add_components(TARGET "crypto-sp"
"components/service/common/serializer/protobuf"
"components/service/common/provider"
"components/service/crypto/provider/mbedcrypto"
- "components/service/crypto/provider/mbedcrypto/entropy_adapter/platform"
+ "components/service/crypto/provider/mbedcrypto/trng_adapter/platform"
"components/service/crypto/provider/serializer/protobuf"
"components/service/crypto/provider/serializer/packed-c"
"components/service/secure_storage/client/psa"
@@ -66,7 +67,7 @@ target_sources(crypto-sp PRIVATE
# temporarily force platform - with this change, the build interface to
# an external builder such as a Yocto recipe is unchanged. Should remove
# once the build interface is published.
-set(TS_PLATFORM "ts/mock" CACHE STRING "Overridden" FORCE)
+set(TS_PLATFORM "arm/fvp/fvp_base_revc-2xaemv8a" CACHE STRING "Overridden" FORCE)
add_platform(TARGET "crypto-sp")
diff --git a/deployments/crypto/opteesp/crypto_sp.c b/deployments/crypto/opteesp/crypto_sp.c
index 39039b3..6b376b7 100644
--- a/deployments/crypto/opteesp/crypto_sp.c
+++ b/deployments/crypto/opteesp/crypto_sp.c
@@ -3,6 +3,7 @@
* Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.
*/
+#include <config/ramstore/config_ramstore.h>
#include <rpc/ffarpc/caller/sp/ffarpc_caller.h>
#include <rpc/ffarpc/endpoint/ffarpc_call_ep.h>
#include <rpc/dummy/dummy_caller.h>
@@ -43,6 +44,10 @@ void __noreturn sp_main(struct ffa_init_info *init_info)
if (sp_init(&own_id) != 0) goto fatal_error;
+ /* Read config data */
+ config_ramstore_init();
+ // ~ read here
+
/* Establish RPC session with secure storage SP */
storage_caller = ffarpc_caller_init(&ffarpc_caller);
@@ -60,7 +65,7 @@ void __noreturn sp_main(struct ffa_init_info *init_info)
}
/* Initialize the crypto service */
- crypto_iface = mbed_crypto_provider_init(&crypto_provider, storage_caller, NULL);
+ crypto_iface = mbed_crypto_provider_init(&crypto_provider, storage_caller, 0);
mbed_crypto_provider_register_serializer(&crypto_provider,
TS_RPC_ENCODING_PROTOBUF, pb_crypto_provider_serializer_instance());
diff --git a/deployments/libts/linux-pc/CMakeLists.txt b/deployments/libts/linux-pc/CMakeLists.txt
index ff1e139..7924f7c 100644
--- a/deployments/libts/linux-pc/CMakeLists.txt
+++ b/deployments/libts/linux-pc/CMakeLists.txt
@@ -37,7 +37,7 @@ add_components(
"components/service/locator/standalone"
"components/service/locator/standalone/services/crypto"
"components/service/crypto/provider/mbedcrypto"
- "components/service/crypto/provider/mbedcrypto/entropy_adapter/linux"
+ "components/service/crypto/provider/mbedcrypto/trng_adapter/linux"
"components/service/crypto/provider/serializer/protobuf"
"components/service/crypto/provider/serializer/packed-c"
"components/service/secure_storage/client/psa"
diff --git a/platform/drivers/arm/tztrng/driver.cmake b/platform/drivers/arm/tztrng/driver.cmake
new file mode 100644
index 0000000..58d98c8
--- /dev/null
+++ b/platform/drivers/arm/tztrng/driver.cmake
@@ -0,0 +1,68 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#-------------------------------------------------------------------------------
+
+# Driver source location and version
+set(ARM_TZTRNG_URL "https://github.com/ARM-software/TZ-TRNG.git" CACHE STRING "Arm TZ-TRNG driver repository URL")
+set(ARM_TZTRNG_REFSPEC "1.0.0" CACHE STRING "Arm TZ-TRNG driver git refspec")
+
+# Fetch driver source code from remote repository
+include(FetchContent)
+
+FetchContent_Declare(
+ arm-tztrng
+ GIT_REPOSITORY ${ARM_TZTRNG_URL}
+ GIT_TAG ${ARM_TZTRNG_REFSPEC}
+ GIT_SHALLOW TRUE
+)
+
+# FetchContent_GetProperties exports arm-tztrng_SOURCE_DIR and arm-tztrng_BINARY_DIR variables
+FetchContent_GetProperties(arm-tztrng)
+if(NOT arm-tztrng_POPULATED)
+ message(STATUS "Fetching arm-tztrng")
+ FetchContent_Populate(arm-tztrng)
+endif()
+
+# The driver has no cmake build support so it is necessary to bridge cmake variables to
+# driver build parameters.
+
+# Determine ARCH parameter
+if (CMAKE_SYSTEM_PROCESSOR STREQUAL "arm")
+ set(_arm-tztrng_ARCH "arm64")
+ set(_arm-tztrng_builddir "build-aarch64-linux-gnu")
+else()
+ message(FATAL_ERROR "Only arm builds of TZ-TRNG supported.")
+endif()
+
+# Determine the full path for the generated library and public header
+set(_arm-tztrng_genlib "${arm-tztrng_SOURCE_DIR}/host/src/tztrng_lib/${_arm-tztrng_builddir}/libcc_tztrng.a")
+set(_arm-tztrng_host_incpath "${arm-tztrng_SOURCE_DIR}/host/src/tztrng_lib/include")
+set(_arm-tztrng_shared_incpath "${arm-tztrng_SOURCE_DIR}/shared/hw/include")
+
+# Set HOST_PROJ_ROOT parameter to use TS provided build defines
+set(_arm-tztrng_HOST_PROJ_ROOT ${CMAKE_CURRENT_LIST_DIR})
+
+# Add custom command to build the driver library using the TZ-TRNG provided makefile
+add_custom_command(
+ OUTPUT ${_arm-tztrng_genlib}
+ COMMAND make ARGS "ARCH=${_arm-tztrng_ARCH}"
+ WORKING_DIRECTORY "${arm-tztrng_SOURCE_DIR}/host/src/tztrng_lib/"
+)
+
+# Define target for the library
+add_custom_target(
+ libcc_tztrng
+ DEPENDS ${_arm-tztrng_genlib}
+)
+
+# Add generated library to build target
+target_include_directories(${TGT} PRIVATE "${_arm-tztrng_host_incpath}")
+target_include_directories(${TGT} PRIVATE "${_arm-tztrng_shared_incpath}")
+target_link_libraries(${TGT} PRIVATE ${_arm-tztrng_genlib})
+add_dependencies(${TGT} libcc_tztrng)
+
+# Add adapter to map platform trng interface to tz-trng driver
+target_sources(${TGT} PRIVATE "${CMAKE_CURRENT_LIST_DIR}/tztrng_trng.c")
diff --git a/platform/drivers/arm/tztrng/tztrng_trng.c b/platform/drivers/arm/tztrng/tztrng_trng.c
new file mode 100644
index 0000000..f52eeaa
--- /dev/null
+++ b/platform/drivers/arm/tztrng/tztrng_trng.c
@@ -0,0 +1,79 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+#include <platform/interface/trng.h>
+#include <platform/interface/device_region.h>
+#include <tztrng.h>
+#include <tztrng_defs.h>
+#include <stdlib.h>
+#include <limits.h>
+
+/*
+ * A platform trng driver that uses the tz-trng driver to provide a
+ * hardware entropy source.
+ */
+struct tztrng_instance
+{
+ struct device_region trng_device_region;
+};
+
+
+static int trng_poll(void *context, unsigned char *output, size_t nbyte, size_t *len)
+{
+ struct tztrng_instance *this_instance = (struct tztrng_instance*)context;
+ int status = 0;
+
+ *len = 0;
+
+ if (nbyte >= sizeof(unsigned char)) {
+
+ if (this_instance) {
+
+ status = CC_TrngGetSource((unsigned long)this_instance->trng_device_region.base_addr,
+ output, len, nbyte * CHAR_BIT);
+ }
+ else {
+ /* No context for TRNG instance */
+ /* status = LLF_RND_STATE_PTR_INVALID_ERROR; @todo mbedcrypto segfaults when an error is returned */
+ *len = sizeof(unsigned char);
+ }
+ }
+
+ return status;
+}
+
+int platform_trng_create(struct platform_trng_driver *driver,
+ const struct device_region *device_region)
+{
+ static const struct platform_trng_iface iface = { .poll = trng_poll };
+
+ /*
+ * Default to leaving the driver in a safe but inoperable state.
+ */
+ driver->iface = &iface;
+ driver->context = NULL;
+
+ if (device_region) {
+
+ /*
+ * A device region has been provided, possibly from an external configuation.
+ * Check that it's a sensible size to defend against a bogus configuration.
+ */
+ struct tztrng_instance *new_instance = malloc(sizeof(struct tztrng_instance));
+
+ if (new_instance) {
+
+ new_instance->trng_device_region = *device_region;
+ driver->context = new_instance;
+ }
+ }
+
+ return 0;
+}
+
+void platform_trng_destroy(struct platform_trng_driver *driver)
+{
+ free(driver->context);
+}
diff --git a/platform/drivers/mock/mock_entropy.c b/platform/drivers/mock/mock_trng.c
index 56e9054..24b14c0 100644
--- a/platform/drivers/mock/mock_entropy.c
+++ b/platform/drivers/mock/mock_trng.c
@@ -3,10 +3,10 @@
*
* SPDX-License-Identifier: BSD-3-Clause
*/
-#include <platform/interface/entropy.h>
+#include <platform/interface/trng.h>
/*
- * A platform entropy driver that provides a mock implementation that
+ * A platform trng driver that provides a mock implementation that
* always returns a fixed value. Intended for test purposes only.
*/
static int mock_poll(void *context, unsigned char *output, size_t nbyte, size_t *len)
@@ -24,11 +24,12 @@ static int mock_poll(void *context, unsigned char *output, size_t nbyte, size_t
return 0;
}
-int ts_plat_entropy_create(struct ts_plat_entropy_driver *driver, void *config)
+int platform_trng_create(struct platform_trng_driver *driver,
+ const struct device_region *device_region)
{
- static const struct ts_plat_entropy_iface iface = { .poll = mock_poll };
+ static const struct platform_trng_iface iface = { .poll = mock_poll };
- (void)config;
+ (void)device_region;
driver->context = NULL;
driver->iface = &iface;
@@ -36,7 +37,7 @@ int ts_plat_entropy_create(struct ts_plat_entropy_driver *driver, void *config)
return 0;
}
-void ts_plat_entropy_destroy(struct ts_plat_entropy_driver *driver)
+void platform_trng_destroy(struct platform_trng_driver *driver)
{
(void)driver;
}
diff --git a/platform/interface/device_region.h b/platform/interface/device_region.h
new file mode 100644
index 0000000..1ad1721
--- /dev/null
+++ b/platform/interface/device_region.h
@@ -0,0 +1,34 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef TS_PLATFORM_INTERFACE_DEVICE_REGION_H
+#define TS_PLATFORM_INTERFACE_DEVICE_REGION_H
+
+#include <stddef.h>
+#include <stdint.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * Defines a structure for describing a contiguous IO memory region
+ * and other configuration information about a peripheral. This may be based on
+ * buildtime or runtime configuration information e.g. from device tree.
+ */
+struct device_region
+{
+ char dev_class[16]; /**< Identifier for class of device e.g. 'trng' */
+ int dev_instance; /**< Instance of the class of device on a platform */
+ uint8_t *base_addr; /**< Base address or region */
+ size_t io_region_size; /**< Size of I/O region in bytes */
+};
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* TS_PLATFORM_INTERFACE_DEVICE_REGION_H */
diff --git a/platform/interface/entropy.h b/platform/interface/trng.h
index d81cd60..9c24581 100644
--- a/platform/interface/entropy.h
+++ b/platform/interface/trng.h
@@ -4,28 +4,29 @@
* SPDX-License-Identifier: BSD-3-Clause
*/
-#ifndef TS_PLATFORM_INTERFACE_ENTROPY_H
-#define TS_PLATFORM_INTERFACE_ENTROPY_H
+#ifndef TS_PLATFORM_INTERFACE_TRNG_H
+#define TS_PLATFORM_INTERFACE_TRNG_H
/*
- * Interface definintion for a platform entropy driver. A platform provider will
+ * Interface definintion for a platform trng driver. A platform provider will
* provide concrete implementations of this interface for each alternative
* implementation supported.
*/
#include <stddef.h>
+#include "device_region.h"
#ifdef __cplusplus
extern "C" {
#endif
/*
- * Virtual interface for a platform entropy driver. A platform will provide
+ * Virtual interface for a platform trng driver. A platform will provide
* one or more concrete implementations of this interface.
*/
-struct ts_plat_entropy_iface
+struct platform_trng_iface
{
/**
- * \brief Poll for bytes of entropy from a platform entropy source
+ * \brief Poll for bytes of entropy from a platform trng
*
* \param context Platform driver context
* \param output Buffer for output
@@ -38,33 +39,34 @@ struct ts_plat_entropy_iface
};
/*
- * A platform entropy driver instance.
+ * A platform trng driver instance.
*/
-struct ts_plat_entropy_driver
+struct platform_trng_driver
{
void *context; /**< Opaque driver context */
- const struct ts_plat_entropy_iface *iface; /**< Interface methods */
+ const struct platform_trng_iface *iface; /**< Interface methods */
};
/**
- * \brief Factory method to construct a platform specific entropy driver
+ * \brief Factory method to construct a platform specific trng driver
*
* \param driver Pointer to driver structure to initialize on construction.
- * \param config Driver specific configuration or NULL if none.
+ * \param device_region Pointer a device region object or NULL if none.
*
* \return 0 if successful.
*/
-int ts_plat_entropy_create(struct ts_plat_entropy_driver *driver, void *config);
+int platform_trng_create(struct platform_trng_driver *driver,
+ const struct device_region *device_region);
/**
* \brief Destroy a driver constructed using the factory method
*
* \param driver Pointer to driver structure for constructed driver.
*/
-void ts_plat_entropy_destroy(struct ts_plat_entropy_driver *driver);
+void platform_trng_destroy(struct platform_trng_driver *driver);
#ifdef __cplusplus
}
#endif
-#endif /* TS_PLATFORM_INTERFACE_ENTROPY_H */
+#endif /* TS_PLATFORM_INTERFACE_TRNG_H */
diff --git a/platform/providers/arm/fvp/fvp_base_revc-2xaemv8a/platform.cmake b/platform/providers/arm/fvp/fvp_base_revc-2xaemv8a/platform.cmake
index 86686e3..cb01389 100644
--- a/platform/providers/arm/fvp/fvp_base_revc-2xaemv8a/platform.cmake
+++ b/platform/providers/arm/fvp/fvp_base_revc-2xaemv8a/platform.cmake
@@ -13,6 +13,10 @@ get_property(_platform_driver_dependencies TARGET ${TGT}
PROPERTY TS_PLATFORM_DRIVER_DEPENDENCIES
)
-target_sources(${TGT} PRIVATE
- "${TS_ROOT}/platform/drivers/mock/mock_entropy.c"
-)
+#-------------------------------------------------------------------------------
+# Map platform dependencies to suitable drivers for this platform
+#
+#-------------------------------------------------------------------------------
+if ("trng" IN_LIST _platform_driver_dependencies)
+ include(${TS_ROOT}/platform/drivers/arm/tztrng/driver.cmake)
+endif()
diff --git a/platform/providers/ts/mock/platform.cmake b/platform/providers/ts/mock/platform.cmake
index 601974a..a4d8d34 100644
--- a/platform/providers/ts/mock/platform.cmake
+++ b/platform/providers/ts/mock/platform.cmake
@@ -16,6 +16,7 @@ get_property(_platform_driver_dependencies TARGET ${TGT}
PROPERTY TS_PLATFORM_DRIVER_DEPENDENCIES
)
-target_sources(${TGT} PRIVATE
- "${TS_ROOT}/platform/drivers/mock/mock_entropy.c"
-)
+# Map platform dependencies to suitable drivers for this platform
+if ("trng" IN_LIST _platform_driver_dependencies)
+ target_sources(${TGT} PRIVATE "${TS_ROOT}/platform/drivers/mock/mock_trng.c")
+endif()