Cppcheck: Fix warnings with updated tf-m-ci-scripts
Several cppcheck warnings are fixed in the following modules:
- Interface
- Partitions: Crypto/ITS/PS/Platform
- SPRTL headers
- Various headers
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
Change-Id: I08c9fa10895c0b723a2d8b3cdcd386b1752facaa
diff --git a/secure_fw/partitions/crypto/crypto_init.c b/secure_fw/partitions/crypto/crypto_init.c
index 28c787c..d11ea84 100644
--- a/secure_fw/partitions/crypto/crypto_init.c
+++ b/secure_fw/partitions/crypto/crypto_init.c
@@ -211,7 +211,7 @@
static void tfm_crypto_ipc_handler(void)
{
- psa_signal_t signals = 0;
+ psa_signal_t signals;
psa_msg_t msg;
psa_status_t status = PSA_SUCCESS;
uint32_t sfn_id = TFM_CRYPTO_SID_INVALID;
@@ -222,10 +222,7 @@
if (signals & TFM_CRYPTO_SIGNAL) {
/* Extract the message */
if (psa_get(TFM_CRYPTO_SIGNAL, &msg) != PSA_SUCCESS) {
- /* FIXME: Should be replaced by TF-M error handling */
- while (1) {
- ;
- }
+ psa_panic();
}
/* Process the message type */
@@ -234,24 +231,16 @@
/* Parse the message */
status = tfm_crypto_parse_msg(&msg, &iov, &sfn_id);
/* Call the dispatcher based on the SID passed as type */
- if (sfn_id != TFM_CRYPTO_SID_INVALID) {
+ if (status == PSA_SUCCESS) {
status = tfm_crypto_call_sfn(&msg, &iov, sfn_id);
- } else {
- status = PSA_ERROR_GENERIC_ERROR;
}
psa_reply(msg.handle, status);
break;
default:
- /* FIXME: Should be replaced by TF-M error handling */
- while (1) {
- ;
- }
+ psa_panic();
}
} else {
- /* FIXME: Should be replaced by TF-M error handling */
- while (1) {
- ;
- }
+ psa_panic();
}
}
diff --git a/secure_fw/partitions/crypto/tfm_crypto_private.h b/secure_fw/partitions/crypto/tfm_crypto_private.h
index e3ec377..b28224a 100644
--- a/secure_fw/partitions/crypto/tfm_crypto_private.h
+++ b/secure_fw/partitions/crypto/tfm_crypto_private.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2021, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -13,6 +13,25 @@
#endif
#ifdef TFM_PSA_API
+
+#include <stdbool.h>
+
+/* \brief Verifies that in_len is in the [in_min, in_max] range
+ * AND out_len is in the [out_min, out_max] range. In
+ * case any of the two in_len or out_len is out of range,
+ * returns false. Returns true in case of success.
+ */
+static inline bool tfm_crypto_private_check_length(
+ size_t in_len, size_t in_min, size_t in_max,
+ size_t out_len, size_t out_min, size_t out_max)
+{
+ if ((in_len >= in_min) && (in_len <= in_max) &&
+ (out_len >= out_min) && (out_len <= out_max)) {
+ return true;
+ }
+ return false;
+}
+
/*
* Validate the IOVEC[] lengths for IPC model. The tfm_crypto_call_sfn()
* reduces the entries in IOVEC[] which are empty from `in_len` and `out_len`.
@@ -25,9 +44,9 @@
* and `out_len`.
*/
#define CRYPTO_IN_OUT_LEN_VALIDATE(in_len, in_min, in_max, out_len, out_min, out_max) \
- if (!(((in_len) >= (in_min)) && ((in_len) <= (in_max))) || \
- !(((out_len) >= (out_min)) && ((out_len) <= (out_max)))) { \
- return PSA_ERROR_PROGRAMMER_ERROR; \
+ if (!tfm_crypto_private_check_length( \
+ in_len, in_min, in_max, out_len, out_min, out_max)) { \
+ return PSA_ERROR_PROGRAMMER_ERROR; \
}
#else
/*
diff --git a/secure_fw/partitions/crypto/tfm_crypto_secure_api.c b/secure_fw/partitions/crypto/tfm_crypto_secure_api.c
index 1d90e92..89b1ea6 100644
--- a/secure_fw/partitions/crypto/tfm_crypto_secure_api.c
+++ b/secure_fw/partitions/crypto/tfm_crypto_secure_api.c
@@ -926,7 +926,7 @@
.sfn_id = TFM_CRYPTO_AEAD_ENCRYPT_SID,
.key_id = key_id,
.alg = alg,
- .aead_in = {.nonce = {0}, .nonce_length = nonce_length}
+ .aead_in = {.nonce = {0}, .nonce_length = 0}
};
/* Sanitize the optional input */
@@ -934,9 +934,8 @@
return PSA_ERROR_INVALID_ARGUMENT;
}
- size_t idx = 0;
psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ {.base = NULL, .len = 0},
{.base = plaintext, .len = plaintext_length},
{.base = additional_data, .len = additional_data_length},
};
@@ -949,11 +948,15 @@
}
if (nonce != NULL) {
- for (idx = 0; idx < nonce_length; idx++) {
+ for (size_t idx = 0; idx < nonce_length; idx++) {
iov.aead_in.nonce[idx] = nonce[idx];
}
+ iov.aead_in.nonce_length = nonce_length;
}
+ in_vec[0].base = &iov;
+ in_vec[0].len = sizeof(struct tfm_crypto_pack_iovec);
+
#ifdef TFM_PSA_API
size_t in_len = ARRAY_SIZE(in_vec);
if (additional_data == NULL) {
@@ -992,7 +995,7 @@
.sfn_id = TFM_CRYPTO_AEAD_DECRYPT_SID,
.key_id = key_id,
.alg = alg,
- .aead_in = {.nonce = {0}, .nonce_length = nonce_length}
+ .aead_in = {.nonce = {0}, .nonce_length = 0}
};
/* Sanitize the optional input */
@@ -1000,9 +1003,8 @@
return PSA_ERROR_INVALID_ARGUMENT;
}
- size_t idx = 0;
psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ {.base = NULL, .len = 0},
{.base = ciphertext, .len = ciphertext_length},
{.base = additional_data, .len = additional_data_length},
};
@@ -1015,11 +1017,15 @@
}
if (nonce != NULL) {
- for (idx = 0; idx < nonce_length; idx++) {
+ for (size_t idx = 0; idx < nonce_length; idx++) {
iov.aead_in.nonce[idx] = nonce[idx];
}
+ iov.aead_in.nonce_length = nonce_length;
}
+ in_vec[0].base = &iov;
+ in_vec[0].len = sizeof(struct tfm_crypto_pack_iovec);
+
#ifdef TFM_PSA_API
size_t in_len = ARRAY_SIZE(in_vec);
if (additional_data == NULL) {