Measured Boot & Delegated Attest: Model conversion
Convert Measured Boot Partition and Delegated Attest
Partition into SFN model. Now these partitions can work
both in IPC backend and SFN backend.
Signed-off-by: Sherry Zhang <sherry.zhang2@arm.com>
Change-Id: I89cd2bf69a9ea8d1781271b67b1bbdc2be39ca3e
diff --git a/partitions/delegated_attestation/delegated_attest_req_mngr.c b/partitions/delegated_attestation/delegated_attest_req_mngr.c
index 8037bb4..4e1268b 100644
--- a/partitions/delegated_attestation/delegated_attest_req_mngr.c
+++ b/partitions/delegated_attestation/delegated_attest_req_mngr.c
@@ -125,51 +125,15 @@
return status;
}
-static void delegated_attestation_signal_handle(psa_signal_t signal)
+psa_status_t tfm_delegated_attestation_sfn(const psa_msg_t *msg)
{
- psa_status_t status;
- psa_msg_t msg;
-
- /* Retrieve the message corresponding to the
- * Delegated Attestation service signal.
- */
- status = psa_get(signal, &msg);
- if (status != PSA_SUCCESS) {
- return;
- }
-
- switch (msg.type) {
+ switch (msg->type) {
case DELEGATED_ATTEST_GET_DELEGATED_KEY:
- status = get_delegated_attestation_key(&msg);
- /* Reply with the message result status to unblock the client */
- psa_reply(msg.handle, status);
- break;
+ return get_delegated_attestation_key(msg);
case DELEGATED_ATTEST_GET_PLATFORM_TOKEN:
- status = get_platform_attestation_token(&msg);
- /* Reply with the message result status to unblock the client */
- psa_reply(msg.handle, status);
- break;
+ return get_platform_attestation_token(msg);
default:
/* Invalid message type */
- psa_panic();
- }
-}
-
-void delegated_attest_partition_main(void)
-{
- psa_signal_t signals = 0;
-
- /* Delegated Attestation partition initialization.
- * - Nothing to do -
- */
-
- while (1) {
- signals = psa_wait(PSA_WAIT_ANY, PSA_BLOCK);
- if (signals & TFM_DELEGATED_ATTESTATION_SIGNAL) {
- delegated_attestation_signal_handle(TFM_DELEGATED_ATTESTATION_SIGNAL);
- } else {
- /* Should not come here */
- psa_panic();
- }
+ return PSA_ERROR_NOT_SUPPORTED;
}
}
diff --git a/partitions/delegated_attestation/tfm_delegated_attestation.yaml b/partitions/delegated_attestation/tfm_delegated_attestation.yaml
index 3d20bc6..2bbce90 100644
--- a/partitions/delegated_attestation/tfm_delegated_attestation.yaml
+++ b/partitions/delegated_attestation/tfm_delegated_attestation.yaml
@@ -10,8 +10,7 @@
"name": "TFM_SP_DELEGATED_ATTESTATION",
"type": "APPLICATION-ROT",
"priority": "NORMAL",
- "model": "IPC",
- "entry_point": "delegated_attest_partition_main",
+ "model": "SFN",
"stack_size": "0x0500",
"services": [
{
diff --git a/partitions/measured_boot/measured_boot_req_mngr.c b/partitions/measured_boot/measured_boot_req_mngr.c
index 8f27536..3a69d21 100644
--- a/partitions/measured_boot/measured_boot_req_mngr.c
+++ b/partitions/measured_boot/measured_boot_req_mngr.c
@@ -155,36 +155,6 @@
extend_iov.lock_measurement);
}
-static void measured_boot_signal_handle(psa_signal_t signal)
-{
- psa_status_t status;
- psa_msg_t msg;
-
- /* Retrieve the message corresponding to the measured_boot service signal */
- status = psa_get(signal, &msg);
- if (status != PSA_SUCCESS) {
- return;
- }
-
- /* Decode the message */
- switch (msg.type) {
- case TFM_MEASURED_BOOT_READ:
- status = read_measurements(&msg);
- /* Reply with the message result status to unblock the client */
- psa_reply(msg.handle, status);
- break;
- case TFM_MEASURED_BOOT_EXTEND:
- status = extend_measurement(&msg);
- /* Reply with the message result status to unblock the client */
- psa_reply(msg.handle, status);
- break;
- default:
- /* Invalid message type */
- status = PSA_ERROR_NOT_SUPPORTED;
- break;
- }
-}
-
/**
* \brief The measured_boot partition's entry function.
*/
@@ -202,18 +172,18 @@
status = collect_shared_measurements();
#endif
- if (status != PSA_SUCCESS) {
- psa_panic();
- }
+ return status;
+}
- psa_signal_t signals = 0;
-
- while (1) {
- signals = psa_wait(PSA_WAIT_ANY, PSA_BLOCK);
- if (signals & TFM_MEASURED_BOOT_SIGNAL) {
- measured_boot_signal_handle(TFM_MEASURED_BOOT_SIGNAL);
- } else {
- psa_panic();
- }
+psa_status_t tfm_measured_boot_sfn(const psa_msg_t *msg)
+{
+ switch (msg->type) {
+ case TFM_MEASURED_BOOT_READ:
+ return read_measurements(msg);
+ case TFM_MEASURED_BOOT_EXTEND:
+ return extend_measurement(msg);
+ default:
+ /* Invalid message type */
+ return PSA_ERROR_NOT_SUPPORTED;
}
}
diff --git a/partitions/measured_boot/tfm_measured_boot.yaml b/partitions/measured_boot/tfm_measured_boot.yaml
index 17530fa..81a60f2 100644
--- a/partitions/measured_boot/tfm_measured_boot.yaml
+++ b/partitions/measured_boot/tfm_measured_boot.yaml
@@ -10,8 +10,8 @@
"name": "TFM_SP_MEASURED_BOOT",
"type": "PSA-ROT",
"priority": "NORMAL",
- "model": "IPC",
- "entry_point": "tfm_measured_boot_init",
+ "model": "SFN",
+ "entry_init": "tfm_measured_boot_init",
"stack_size": "0x400",
"services": [
{