commit 1ce712affb8be91ede0d1d9fd4f45d68201ac591
author Summer Qin <summer.qin@arm.com> Mon Oct 14 18:04:05 2019 +0800
committer Ken Liu <ken.liu@arm.com> Thu Dec 05 03:34:51 2019 +0000
tree ff8ee2b5b4ff6820da928eb9e1cac440e205bc89
parent 8aae06ff913222e28055c792597ed43d00449d67

Core: Add connect handle check

Check from the two aspects:
- Check the validation of the connection handle by checking if it is
  allocated from conn_handle_pool.
- Check the ownership of the connection handle by checking if the
  client_id stored in handle is the same as the current caller.

Change-Id: I4a6031f34d022760800acf1c3a41c4f7dc7747cc
Signed-off-by: Summer Qin <summer.qin@arm.com>

secure_fw/spm/spm_api.h

diff --git a/secure_fw/spm/spm_api.h b/secure_fw/spm/spm_api.h
index 9929b3c..35be8c2 100644
--- a/secure_fw/spm/spm_api.h
+++ b/secure_fw/spm/spm_api.h
@@ -123,6 +123,12 @@
                                          * TFM_HANDLE_STATUS_ACTIVE and
                                          * TFM_HANDLE_STATUS_IDLE
                                          */
+    int32_t client_id;                  /*
+                                         * Partition ID of the sender of the
+                                         * message:
+                                         *  - secure partition id;
+                                         *  - non secure client endpoint id.
+                                         */
     struct tfm_msg_body_t internal_msg; /* Internal message for message queue */
     struct tfm_spm_service_t *service;  /* RoT service pointer               */
     struct tfm_list_node_t list;        /* list node                         */
@@ -412,11 +418,25 @@
  * \brief                   Create connection handle for client connect
  *
  * \param[in] service       Target service context pointer
+ * \param[in] client_id     Partition ID of the sender of the message
  *
  * \retval PSA_NULL_HANDLE  Create failed \ref PSA_NULL_HANDLE
  * \retval >0               Service handle created, \ref psa_handle_t
  */
-psa_handle_t tfm_spm_create_conn_handle(struct tfm_spm_service_t *service);
+psa_handle_t tfm_spm_create_conn_handle(struct tfm_spm_service_t *service,
+                                        int32_t client_id);
+
+/**
+ * \brief                   Validate connection handle for client connect
+ *
+ * \param[in] conn_handle   Handle to be validated
+ * \param[in] client_id     Partition ID of the sender of the message
+ *
+ * \retval IPC_SUCCESS        Success
+ * \retval IPC_ERROR_GENERIC  Invalid handle
+ */
+int32_t tfm_spm_validate_conn_handle(psa_handle_t conn_handle,
+                                     int32_t client_id);
 
 /**
  * \brief                   Free connection handle which not used anymore.
@@ -560,7 +580,7 @@
  * \prarm[in] handle        Connect handle return by psa_connect().
  * \param[in] type          Message type, PSA_IPC_CONNECT, PSA_IPC_CALL or
  *                          PSA_IPC_DISCONNECT
- * \param[in] ns_caller     Whether from NS caller
+ * \param[in] client_id     Partition ID of the sender of the message
  * \param[in] invec         Array of input \ref psa_invec structures
  * \param[in] in_len        Number of input \ref psa_invec structures
  * \param[in] outvec        Array of output \ref psa_outvec structures
@@ -570,7 +590,7 @@
 void tfm_spm_fill_msg(struct tfm_msg_body_t *msg,
                       struct tfm_spm_service_t *service,
                       psa_handle_t handle,
-                      int32_t type, int32_t ns_caller,
+                      int32_t type, int32_t client_id,
                       psa_invec *invec, size_t in_len,
                       psa_outvec *outvec, size_t out_len,
                       psa_outvec *caller_outvec);