commit 905b2c7e1328f2f4b3c03e54828bd1da4ac6957c
author nabkah01 <nabil.kahlouche@arm.com> Thu Feb 10 10:46:32 2022 +0000
committer Nabil Kahlouche <nabil.kahlouche@arm.com> Wed May 18 16:43:30 2022 +0200
tree ac4a303c0da652a5afad88abef3fdf43212b28d3
parent bf00f8d659be9c285ea9465e0f50fec3aca7acc2

test(tftf): prevent secure region access from Realm world

This change adds a TFTF test attempting an access to a memory region
marked Secure in the GPT from a Realm world.
RMM catches the GPF and return a proper code error which is used in
TFTF to assert the test result accordingly.

Signed-off-by: Nabil Kahlouche <nabil.kahlouche@arm.com>
Change-Id: I1c259e0db0910b5e4b72856c07613a8989ba9187

tftf/tests/misc_tests/test_invalid_access.c

diff --git a/tftf/tests/misc_tests/test_invalid_access.c b/tftf/tests/misc_tests/test_invalid_access.c
index 5cfc711..12cd4b5 100644
--- a/tftf/tests/misc_tests/test_invalid_access.c
+++ b/tftf/tests/misc_tests/test_invalid_access.c
@@ -215,6 +215,66 @@
 	return TEST_RESULT_SUCCESS;
 }
 
+static test_result_t memory_cannot_be_accessed_in_rl(u_register_t params)
+{
+	u_register_t retrmm;
+	static char rd[GRANULE_SIZE] __aligned(GRANULE_SIZE);
+
+	if (get_armv9_2_feat_rme_support() == 0U) {
+		return TEST_RESULT_SKIPPED;
+	}
+
+	retrmm = realm_version();
+
+	VERBOSE("RMM version is: %lu.%lu\n",
+			RMI_ABI_VERSION_GET_MAJOR(retrmm),
+			RMI_ABI_VERSION_GET_MINOR(retrmm));
+
+	/*
+	 * TODO: Remove this once SMC_RMM_REALM_CREATE is implemented in TRP
+	 * For the moment skip the test if RMM is TRP, TRP version is always null.
+	 */
+	if (retrmm == 0U) {
+		return TEST_RESULT_SKIPPED;
+	}
+
+	retrmm = realm_granule_delegate((u_register_t)&rd[0]);
+	if (retrmm != 0UL) {
+		ERROR("Delegate operation returns fail, %lx\n", retrmm);
+		return TEST_RESULT_FAIL;
+	}
+
+	/* Create a realm using a parameter in a secure physical address space should fail. */
+	retrmm = realm_create((u_register_t)&rd[0], params);
+	if (retrmm == 0UL) {
+		ERROR("Realm create operation should fail, %lx\n", retrmm);
+		retrmm = realm_destroy((u_register_t)&rd[0]);
+		if (retrmm != 0UL) {
+			ERROR("Realm destroy operation returns fail, %lx\n", retrmm);
+			return TEST_RESULT_FAIL;
+		}
+		return TEST_RESULT_FAIL;
+	} else if (retrmm != RMM_STATUS_ERROR_INPUT) {
+		ERROR("Realm create operation should fail with code:%ld retrmm:%ld\n",
+		RMM_STATUS_ERROR_INPUT, retrmm);
+		return TEST_RESULT_FAIL;
+	}
+
+	retrmm = realm_granule_undelegate((u_register_t)&rd[0]);
+	if (retrmm != 0UL) {
+		INFO("Undelegate operation returns fail, %lx\n", retrmm);
+		return TEST_RESULT_FAIL;
+	}
+
+	return TEST_RESULT_SUCCESS;
+}
+
+test_result_t s_memory_cannot_be_accessed_in_rl(void)
+{
+	u_register_t params = (u_register_t)SECURE_MEMORY_ACCESS_ADDR;
+	return memory_cannot_be_accessed_in_rl(params);
+}
+
 #else
 
 test_result_t el3_memory_cannot_be_accessed_in_ns(void)
@@ -234,4 +294,11 @@
 	tftf_testcase_printf("Test not ported to AArch32\n");
 	return TEST_RESULT_SKIPPED;
 }
+
+test_result_t s_memory_cannot_be_accessed_in_rl(void)
+{
+	tftf_testcase_printf("Test not ported to AArch32\n");
+	return TEST_RESULT_SKIPPED;
+}
+
 #endif /* __aarch64__ */