Core: change iovec return type to psa_status_t
- Change the return type of the iovec veneer functions to psa_status_t.
- Modify TF-M core to forward any return value from secure functions
that use iovec API to the caller.
- Update Core test services to use negative return values for
error, and zero or positive values for successful secure function
execution.
Change-Id: I5b42a194b955fd003c90d6dfd654ab55be483d20
Signed-off-by: Mate Toth-Pal <mate.toth-pal@arm.com>
diff --git a/interface/include/psa_client.h b/interface/include/psa_client.h
index dbe0e72..1fc8637 100644
--- a/interface/include/psa_client.h
+++ b/interface/include/psa_client.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -32,6 +32,7 @@
typedef int32_t psa_error_t;
typedef int32_t psa_handle_t;
+typedef int32_t psa_status_t;
/**
* A read-only input memory region provided to a RoT Service.
diff --git a/interface/include/psa_crypto.h b/interface/include/psa_crypto.h
index f122841..0bc8ad3 100644
--- a/interface/include/psa_crypto.h
+++ b/interface/include/psa_crypto.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -56,28 +56,7 @@
* @{
*/
-#if defined(PSA_SUCCESS)
-/* If PSA_SUCCESS is defined, assume that PSA crypto is being used
- * together with PSA IPC, which also defines the identifier
- * PSA_SUCCESS. We must not define PSA_SUCCESS ourselves in that case;
- * the other error code names don't clash. Also define psa_status_t as
- * an alias for the type used by PSA IPC. This is a temporary hack
- * until we unify error reporting in PSA IPC and PSA crypo.
- *
- * Note that psa_defs.h must be included before this header!
- */
-typedef psa_error_t psa_status_t;
-
-#else /* defined(PSA_SUCCESS) */
-
-/**
- * \brief Function return status.
- *
- * This is either #PSA_SUCCESS (which is zero), indicating success,
- * or a nonzero value indicating that an error occurred. Errors are
- * encoded as one of the \c PSA_ERROR_xxx values defined here.
- */
-typedef int32_t psa_status_t;
+#if !defined(PSA_SUCCESS)
/** The action was completed successfully. */
#define PSA_SUCCESS ((psa_status_t)0)
diff --git a/interface/include/tfm_api.h b/interface/include/tfm_api.h
index 8dbf57c..be36e2e 100644
--- a/interface/include/tfm_api.h
+++ b/interface/include/tfm_api.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2017-2019, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -41,11 +41,13 @@
/* FixMe: sort out DEBUG compile option and limit return value options
* on external interfaces */
-/* Note:
+/* For secure functions using prorietary signatures
* TFM will only return values recognized and parsed by TFM core.
* Service return codes are not automatically passed on to REE.
* Any non-zero return value is interpreted as an error that may trigger
* TEE error handling flow.
+ * For secure functions using the veneers in secure_fw/ns_callable/tfm_veneers.c
+ * (iovec API) this limitation does not apply.
*/
enum tfm_status_e
{
diff --git a/interface/include/tfm_veneers.h b/interface/include/tfm_veneers.h
index 0e0f6db..d857675 100644
--- a/interface/include/tfm_veneers.h
+++ b/interface/include/tfm_veneers.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -17,70 +17,70 @@
#endif
/******** TFM_SP_STORAGE ********/
-int32_t tfm_sst_am_create_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_sst_am_get_info_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_sst_am_get_attributes_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_sst_am_set_attributes_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_sst_am_read_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_sst_am_write_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_sst_am_delete_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_sst_am_create_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_sst_am_get_info_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_sst_am_get_attributes_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_sst_am_set_attributes_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_sst_am_read_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_sst_am_write_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_sst_am_delete_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
/******** TFM_SP_AUDIT_LOG ********/
-int32_t tfm_audit_core_retrieve_record_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_audit_core_add_record_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_audit_core_get_info_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_audit_core_get_record_info_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_audit_core_delete_record_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_audit_core_retrieve_record_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_audit_core_add_record_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_audit_core_get_info_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_audit_core_get_record_info_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_audit_core_delete_record_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
/******** TFM_SP_CRYPTO ********/
-int32_t tfm_tfm_crypto_import_key_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_tfm_crypto_destroy_key_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_tfm_crypto_get_key_information_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_tfm_crypto_export_key_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_tfm_crypto_encrypt_set_iv_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_tfm_crypto_encrypt_setup_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_tfm_crypto_decrypt_setup_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_tfm_crypto_cipher_update_wrapper_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_tfm_crypto_cipher_abort_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_tfm_crypto_cipher_finish_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_tfm_crypto_hash_start_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_tfm_crypto_hash_update_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_tfm_crypto_hash_finish_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_tfm_crypto_hash_verify_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_tfm_crypto_hash_abort_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_tfm_crypto_import_key_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_tfm_crypto_destroy_key_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_tfm_crypto_get_key_information_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_tfm_crypto_export_key_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_tfm_crypto_encrypt_set_iv_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_tfm_crypto_encrypt_setup_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_tfm_crypto_decrypt_setup_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_tfm_crypto_cipher_update_wrapper_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_tfm_crypto_cipher_abort_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_tfm_crypto_cipher_finish_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_tfm_crypto_hash_start_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_tfm_crypto_hash_update_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_tfm_crypto_hash_finish_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_tfm_crypto_hash_verify_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_tfm_crypto_hash_abort_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
/******** TFM_SP_PLATFORM ********/
-int32_t tfm_platform_sp_system_reset_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_platform_sp_system_reset_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
/******** TFM_SP_INITIAL_ATTESTATION ********/
-int32_t tfm_initial_attest_get_token_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_initial_attest_get_token_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
#ifdef TFM_PARTITION_TEST_CORE
/******** TFM_SP_CORE_TEST ********/
-int32_t tfm_spm_core_test_sfn_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_spm_core_test_sfn_init_success_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_spm_core_test_sfn_direct_recursion_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_spm_core_test_sfn_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_spm_core_test_sfn_init_success_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_spm_core_test_sfn_direct_recursion_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
#endif /* TFM_PARTITION_TEST_CORE */
#ifdef TFM_PARTITION_TEST_CORE
/******** TFM_SP_CORE_TEST_2 ********/
-int32_t tfm_spm_core_test_2_slave_service_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_spm_core_test_2_sfn_invert_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_spm_core_test_2_check_caller_client_id_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_spm_core_test_2_get_every_second_byte_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_spm_core_test_2_slave_service_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_spm_core_test_2_sfn_invert_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_spm_core_test_2_check_caller_client_id_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_spm_core_test_2_get_every_second_byte_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
#endif /* TFM_PARTITION_TEST_CORE */
#ifdef TFM_PARTITION_TEST_SST
/******** TFM_SP_SST_TEST_PARTITION ********/
-int32_t tfm_sst_test_service_sfn_setup_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_sst_test_service_sfn_dummy_encrypt_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_sst_test_service_sfn_dummy_decrypt_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
-int32_t tfm_sst_test_service_sfn_clean_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_sst_test_service_sfn_setup_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_sst_test_service_sfn_dummy_encrypt_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_sst_test_service_sfn_dummy_decrypt_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_sst_test_service_sfn_clean_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
#endif /* TFM_PARTITION_TEST_SST */
#ifdef TFM_PARTITION_TEST_SECURE_SERVICES
/******** TFM_SP_SECURE_TEST_PARTITION ********/
-int32_t tfm_tfm_secure_client_service_sfn_run_tests_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_tfm_secure_client_service_sfn_run_tests_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
#endif /* TFM_PARTITION_TEST_SECURE_SERVICES */
#ifdef __cplusplus
diff --git a/interface/include/tfm_veneers.h.template b/interface/include/tfm_veneers.h.template
index c335e3a..4a5727c 100644
--- a/interface/include/tfm_veneers.h.template
+++ b/interface/include/tfm_veneers.h.template
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -21,7 +21,7 @@
#ifdef @@attr.conditional@@
@!GENERATOR_CONDITIONAL_END!@
/******** @@manifest.tfm_partition_name@@ ********/
-int32_t tfm_@@manifest.secure_functions.tfm_symbol@@_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_@@manifest.secure_functions.tfm_symbol@@_veneer(struct psa_invec *in_vec, size_t in_len, struct psa_outvec *out_vec, size_t out_len);
@!GENERATOR_CONDITIONAL_START!@ @@attr.conditional@@
#endif /* @@attr.conditional@@ */
@!GENERATOR_CONDITIONAL_END!@
diff --git a/secure_fw/core/tfm_secure_api.c b/secure_fw/core/tfm_secure_api.c
index 7f07631..b5e8528 100644
--- a/secure_fw/core/tfm_secure_api.c
+++ b/secure_fw/core/tfm_secure_api.c
@@ -43,6 +43,15 @@
static int32_t tfm_secure_lock;
static int32_t tfm_secure_api_initializing = 1;
+static int32_t is_iovec_api_call(void)
+{
+ uint32_t current_partition_idx =
+ tfm_spm_partition_get_running_partition_idx();
+ const struct spm_partition_runtime_data_t *curr_part_data =
+ tfm_spm_partition_get_runtime_data(current_partition_idx);
+ return curr_part_data->iovec_api;
+}
+
static int32_t *prepare_partition_ctx(
struct tfm_exc_stack_t *svc_ctx,
struct tfm_sfn_req_s *desc_ptr,
@@ -252,7 +261,7 @@
/* The number of vectors are within range. Extra checks to avoid overflow */
if ((in_len > PSA_MAX_IOVEC) || (out_len > PSA_MAX_IOVEC) ||
(in_len + out_len > PSA_MAX_IOVEC)) {
- return TFM_ERROR_STATUS(TFM_ERROR_INVALID_PARAMETER);
+ return TFM_ERROR_INVALID_PARAMETER;
}
/* Check whether the caller partition has at write access to the iovec
@@ -262,22 +271,22 @@
if ((in_vec == NULL) ||
(has_write_access_to_region(in_vec, sizeof(psa_invec)*in_len,
desc_ptr->ns_caller) != 1)) {
- return TFM_ERROR_STATUS(TFM_ERROR_INVALID_PARAMETER);
+ return TFM_ERROR_INVALID_PARAMETER;
}
} else {
if (in_vec != NULL) {
- return TFM_ERROR_STATUS(TFM_ERROR_INVALID_PARAMETER);
+ return TFM_ERROR_INVALID_PARAMETER;
}
}
if (out_len > 0) {
if ((out_vec == NULL) ||
(has_write_access_to_region(out_vec, sizeof(psa_outvec)*out_len,
desc_ptr->ns_caller) != 1)) {
- return TFM_ERROR_STATUS(TFM_ERROR_INVALID_PARAMETER);
+ return TFM_ERROR_INVALID_PARAMETER;
}
} else {
if (out_vec != NULL) {
- return TFM_ERROR_STATUS(TFM_ERROR_INVALID_PARAMETER);
+ return TFM_ERROR_INVALID_PARAMETER;
}
}
@@ -289,7 +298,7 @@
if ((in_vec[i].base == NULL) ||
(has_read_access_to_region(in_vec[i].base, in_vec[i].len,
desc_ptr->ns_caller) != 1)) {
- return TFM_ERROR_STATUS(TFM_ERROR_INVALID_PARAMETER);
+ return TFM_ERROR_INVALID_PARAMETER;
}
}
}
@@ -298,7 +307,7 @@
if ((out_vec[i].base == NULL) ||
(has_write_access_to_region(out_vec[i].base, out_vec[i].len,
desc_ptr->ns_caller) != 1)) {
- return TFM_ERROR_STATUS(TFM_ERROR_INVALID_PARAMETER);
+ return TFM_ERROR_INVALID_PARAMETER;
}
}
}
@@ -616,7 +625,7 @@
/* FIXME: The condition should be removed once all the secure service
* calls are done via the iovec veneers */
- if (curr_part_data->orig_outvec != NULL) {
+ if (curr_part_data->iovec_api) {
iovec_args = (struct iovec_args_t *)
(®ION_NAME(Image$$, TFM_SECURE_STACK, $$ZI$$Limit)-
sizeof(struct iovec_args_t));
@@ -640,7 +649,7 @@
/* FIXME: The condition should be removed once all the secure service
* calls are done via the iovec veneers */
- if (curr_part_data->orig_outvec != NULL) {
+ if (curr_part_data->iovec_api) {
iovec_args = (struct iovec_args_t *)
(tfm_spm_partition_get_stack_top(current_partition_idx) -
sizeof(struct iovec_args_t));
@@ -731,7 +740,7 @@
res = tfm_check_sfn_req_integrity(desc_ptr);
if (res != TFM_SUCCESS) {
ERROR_MSG("Invalid service request!");
- return TFM_ERROR_STATUS(res);
+ tfm_secure_api_error_handler();
}
__disable_irq();
@@ -743,7 +752,7 @@
if (res != TFM_SUCCESS) {
/* The sanity check of iovecs failed. */
__enable_irq();
- return TFM_ERROR_STATUS(res);
+ tfm_secure_api_error_handler();
}
}
@@ -754,7 +763,7 @@
desc_ptr->caller_part_idx, SPM_PARTITION_STATE_CLOSED);
__enable_irq();
ERROR_MSG("Unauthorized service request!");
- return TFM_ERROR_STATUS(res);
+ tfm_secure_api_error_handler();
}
res = tfm_start_partition(desc_ptr, excReturn);
@@ -762,7 +771,7 @@
/* FixMe: consider possible fault scenarios */
__enable_irq();
ERROR_MSG("Failed to process service request!");
- return TFM_ERROR_STATUS(res);
+ tfm_secure_api_error_handler();
}
__enable_irq();
@@ -1079,17 +1088,19 @@
/* Store return value from secure partition */
int32_t retVal = *(int32_t *)__get_PSP();
- if ((retVal > TFM_SUCCESS) &&
- (retVal < TFM_PARTITION_SPECIFIC_ERROR_MIN)) {
- /* Secure function returned a reserved value */
+ if (!is_iovec_api_call()) {
+ if ((retVal > TFM_SUCCESS) &&
+ (retVal < TFM_PARTITION_SPECIFIC_ERROR_MIN)) {
+ /* Secure function returned a reserved value */
#ifdef TFM_CORE_DEBUG
- LOG_MSG("Invalid return value from secure partition!");
+ LOG_MSG("Invalid return value from secure partition!");
#endif
- /* FixMe: error can be traced to specific secure partition
- * and Core is not compromised. Error handling flow can be
- * refined
- */
- tfm_secure_api_error_handler();
+ /* FixMe: error can be traced to specific secure partition
+ * and Core is not compromised. Error handling flow can be
+ * refined
+ */
+ tfm_secure_api_error_handler();
+ }
}
res = tfm_return_from_partition(&lr);
diff --git a/secure_fw/ns_callable/tfm_veneers.c b/secure_fw/ns_callable/tfm_veneers.c
index ee8b6c1..76634f1 100644
--- a/secure_fw/ns_callable/tfm_veneers.c
+++ b/secure_fw/ns_callable/tfm_veneers.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -12,79 +12,79 @@
#include "secure_fw/spm/spm_partition_defs.h"
/******** TFM_SP_STORAGE ********/
-int32_t sst_am_create(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t sst_am_get_info(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t sst_am_get_attributes(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t sst_am_set_attributes(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t sst_am_read(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t sst_am_write(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t sst_am_delete(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t sst_am_create(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t sst_am_get_info(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t sst_am_get_attributes(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t sst_am_set_attributes(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t sst_am_read(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t sst_am_write(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t sst_am_delete(struct psa_invec *, size_t, struct psa_outvec *, size_t);
/******** TFM_SP_AUDIT_LOG ********/
-int32_t audit_core_retrieve_record(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t audit_core_add_record(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t audit_core_get_info(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t audit_core_get_record_info(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t audit_core_delete_record(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t audit_core_retrieve_record(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t audit_core_add_record(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t audit_core_get_info(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t audit_core_get_record_info(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t audit_core_delete_record(struct psa_invec *, size_t, struct psa_outvec *, size_t);
/******** TFM_SP_CRYPTO ********/
-int32_t tfm_crypto_import_key(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t tfm_crypto_destroy_key(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t tfm_crypto_get_key_information(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t tfm_crypto_export_key(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t tfm_crypto_encrypt_set_iv(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t tfm_crypto_encrypt_setup(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t tfm_crypto_decrypt_setup(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t tfm_crypto_cipher_update_wrapper(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t tfm_crypto_cipher_abort(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t tfm_crypto_cipher_finish(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t tfm_crypto_hash_start(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t tfm_crypto_hash_update(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t tfm_crypto_hash_finish(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t tfm_crypto_hash_verify(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t tfm_crypto_hash_abort(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t tfm_crypto_import_key(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t tfm_crypto_destroy_key(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t tfm_crypto_get_key_information(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t tfm_crypto_export_key(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t tfm_crypto_encrypt_set_iv(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t tfm_crypto_encrypt_setup(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t tfm_crypto_decrypt_setup(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t tfm_crypto_cipher_update_wrapper(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t tfm_crypto_cipher_abort(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t tfm_crypto_cipher_finish(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t tfm_crypto_hash_start(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t tfm_crypto_hash_update(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t tfm_crypto_hash_finish(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t tfm_crypto_hash_verify(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t tfm_crypto_hash_abort(struct psa_invec *, size_t, struct psa_outvec *, size_t);
/******** TFM_SP_PLATFORM ********/
-int32_t platform_sp_system_reset(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t platform_sp_system_reset(struct psa_invec *, size_t, struct psa_outvec *, size_t);
/******** TFM_SP_INITIAL_ATTESTATION ********/
-int32_t initial_attest_get_token(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t initial_attest_get_token(struct psa_invec *, size_t, struct psa_outvec *, size_t);
#ifdef TFM_PARTITION_TEST_CORE
/******** TFM_SP_CORE_TEST ********/
-int32_t spm_core_test_sfn(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t spm_core_test_sfn_init_success(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t spm_core_test_sfn_direct_recursion(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t spm_core_test_sfn(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t spm_core_test_sfn_init_success(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t spm_core_test_sfn_direct_recursion(struct psa_invec *, size_t, struct psa_outvec *, size_t);
#endif /* TFM_PARTITION_TEST_CORE */
#ifdef TFM_PARTITION_TEST_CORE
/******** TFM_SP_CORE_TEST_2 ********/
-int32_t spm_core_test_2_slave_service(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t spm_core_test_2_sfn_invert(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t spm_core_test_2_check_caller_client_id(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t spm_core_test_2_get_every_second_byte(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t spm_core_test_2_slave_service(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t spm_core_test_2_sfn_invert(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t spm_core_test_2_check_caller_client_id(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t spm_core_test_2_get_every_second_byte(struct psa_invec *, size_t, struct psa_outvec *, size_t);
#endif /* TFM_PARTITION_TEST_CORE */
#ifdef TFM_PARTITION_TEST_SST
/******** TFM_SP_SST_TEST_PARTITION ********/
-int32_t sst_test_service_sfn_setup(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t sst_test_service_sfn_dummy_encrypt(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t sst_test_service_sfn_dummy_decrypt(struct psa_invec *, size_t, struct psa_outvec *, size_t);
-int32_t sst_test_service_sfn_clean(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t sst_test_service_sfn_setup(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t sst_test_service_sfn_dummy_encrypt(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t sst_test_service_sfn_dummy_decrypt(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t sst_test_service_sfn_clean(struct psa_invec *, size_t, struct psa_outvec *, size_t);
#endif /* TFM_PARTITION_TEST_SST */
#ifdef TFM_PARTITION_TEST_SECURE_SERVICES
/******** TFM_SP_SECURE_TEST_PARTITION ********/
-int32_t tfm_secure_client_service_sfn_run_tests(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t tfm_secure_client_service_sfn_run_tests(struct psa_invec *, size_t, struct psa_outvec *, size_t);
#endif /* TFM_PARTITION_TEST_SECURE_SERVICES */
#define TFM_VENEER_FUNCTION(partition_name, sfn_name) \
__tfm_secure_gateway_attributes__ \
- int32_t tfm_##sfn_name##_veneer(struct psa_invec *in_vec, \
- size_t in_len, \
- struct psa_outvec *out_vec, \
- size_t out_len) \
+ psa_status_t tfm_##sfn_name##_veneer(struct psa_invec *in_vec, \
+ size_t in_len, \
+ struct psa_outvec *out_vec, \
+ size_t out_len) \
{ \
TFM_CORE_IOVEC_SFN_REQUEST(partition_name##_ID, \
sfn_name, \
diff --git a/secure_fw/ns_callable/tfm_veneers.c.template b/secure_fw/ns_callable/tfm_veneers.c.template
index d67c16e..0386d05 100644
--- a/secure_fw/ns_callable/tfm_veneers.c.template
+++ b/secure_fw/ns_callable/tfm_veneers.c.template
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -16,7 +16,7 @@
#ifdef @@attr.conditional@@
@!GENERATOR_CONDITIONAL_END!@
/******** @@manifest.tfm_partition_name@@ ********/
-int32_t @@manifest.secure_functions.tfm_symbol@@(struct psa_invec *, size_t, struct psa_outvec *, size_t);
+psa_status_t @@manifest.secure_functions.tfm_symbol@@(struct psa_invec *, size_t, struct psa_outvec *, size_t);
@!GENERATOR_CONDITIONAL_START!@ @@attr.conditional@@
#endif /* @@attr.conditional@@ */
@!GENERATOR_CONDITIONAL_END!@
@@ -25,10 +25,10 @@
#define TFM_VENEER_FUNCTION(partition_name, sfn_name) \
__tfm_secure_gateway_attributes__ \
- int32_t tfm_##sfn_name##_veneer(struct psa_invec *in_vec, \
- size_t in_len, \
- struct psa_outvec *out_vec, \
- size_t out_len) \
+ psa_status_t tfm_##sfn_name##_veneer(struct psa_invec *in_vec, \
+ size_t in_len, \
+ struct psa_outvec *out_vec, \
+ size_t out_len) \
{ \
TFM_CORE_IOVEC_SFN_REQUEST(partition_name##_ID, \
sfn_name, \
diff --git a/secure_fw/spm/spm_api.c b/secure_fw/spm/spm_api.c
index d520786..1e9b99c 100644
--- a/secure_fw/spm/spm_api.c
+++ b/secure_fw/spm/spm_api.c
@@ -330,6 +330,7 @@
((psa_outvec *)args[2])[i].len;
}
runtime_data->orig_outvec = (psa_outvec *)args[2];
+ runtime_data->iovec_api = 1;
}
uint32_t tfm_spm_partition_get_running_partition_idx(void)
@@ -356,4 +357,5 @@
partition->runtime_data.iovec_args.out_vec[i].len = 0;
}
partition->runtime_data.orig_outvec = 0;
+ partition->runtime_data.iovec_api = 0;
}
diff --git a/secure_fw/spm/spm_api.h b/secure_fw/spm/spm_api.h
index e1a024f..5f20e48 100644
--- a/secure_fw/spm/spm_api.h
+++ b/secure_fw/spm/spm_api.h
@@ -61,6 +61,11 @@
uint32_t share;
uint32_t stack_ptr;
uint32_t lr;
+ int32_t iovec_api; /*!< Whether the function in the partition
+ * had been called using the iovec API.
+ * FIXME: Remove the field once this is the
+ * only option
+ */
struct iovec_args_t iovec_args;
psa_outvec *orig_outvec;
};
diff --git a/secure_fw/spm/spm_db.h b/secure_fw/spm/spm_db.h
index 4b3b413..512ede1 100644
--- a/secure_fw/spm/spm_db.h
+++ b/secure_fw/spm/spm_db.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2017-2019, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -8,7 +8,7 @@
#ifndef __SPM_DB_H__
#define __SPM_DB_H__
-typedef int32_t(*sp_init_function)(void);
+typedef psa_status_t(*sp_init_function)(void);
/**
* Holds the fields of the partition DB used by the SPM code. The values of
diff --git a/test/suites/core/non_secure/core_ns_positive_testsuite.c b/test/suites/core/non_secure/core_ns_positive_testsuite.c
index 246bcb6..aaf86a8 100644
--- a/test/suites/core/non_secure/core_ns_positive_testsuite.c
+++ b/test/suites/core/non_secure/core_ns_positive_testsuite.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2017-2019, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -94,7 +94,7 @@
err = tfm_spm_core_test_sfn_veneer(in_vec, 1, NULL, 0);
- if (err != TFM_SUCCESS) {
+ if (err != CORE_TEST_ERRNO_SUCCESS) {
TEST_FAIL("Secure function call from thread mode should be successful");
return;
}
@@ -110,12 +110,6 @@
struct tfm_core_test_call_args_t args = {in_vec, 1, NULL, 0};
err = tfm_core_test_call(tfm_spm_core_test_sfn_veneer, &args);
-
- if ((err != TFM_SUCCESS) && (err < TFM_PARTITION_SPECIFIC_ERROR_MIN)) {
- TEST_FAIL("TFM Core returned error.");
- return;
- }
-
switch (err) {
case CORE_TEST_ERRNO_SUCCESS:
ret->val = TEST_PASSED;
@@ -170,7 +164,7 @@
args.out_vec = NULL;
args.out_len = 0;
err = tfm_core_test_call(tfm_spm_core_test_2_slave_service_veneer, &args);
- if (err != TFM_SUCCESS) {
+ if (err != CORE_TEST_ERRNO_SUCCESS_2) {
TEST_FAIL("iovec sanitization failed on empty vectors.");
return;
}
@@ -182,7 +176,7 @@
args.out_vec = out_vec;
args.out_len = PSA_MAX_IOVEC - args.in_len;
err = tfm_core_test_call(tfm_spm_core_test_2_slave_service_veneer, &args);
- if (err != TFM_SUCCESS) {
+ if (err != CORE_TEST_ERRNO_SUCCESS_2) {
TEST_FAIL("iovec sanitization failed on full vectors.");
return;
}
@@ -194,7 +188,7 @@
args.out_vec = out_vec;
args.out_len = 1;
err = tfm_core_test_call(tfm_spm_core_test_2_slave_service_veneer, &args);
- if (err != TFM_SUCCESS) {
+ if (err != CORE_TEST_ERRNO_SUCCESS_2) {
TEST_FAIL(
"iovec sanitization failed on valid, partially full vectors.");
return;
@@ -214,7 +208,7 @@
args.out_len = 1;
out_vec[1].base = NULL;
err = tfm_core_test_call(tfm_spm_core_test_2_slave_service_veneer, &args);
- if (err != TFM_SUCCESS) {
+ if (err != CORE_TEST_ERRNO_SUCCESS_2) {
TEST_FAIL("content of an outvec out of range should not be checked");
return;
}
@@ -229,7 +223,7 @@
args.out_len = 1;
in_vec[2].len = 0;
err = tfm_core_test_call(tfm_spm_core_test_2_slave_service_veneer, &args);
- if (err != TFM_SUCCESS) {
+ if (err != CORE_TEST_ERRNO_SUCCESS_2) {
TEST_FAIL("content of an outvec out of range should not be checked");
return;
}
@@ -243,7 +237,7 @@
in_vec[1].len = 0;
in_vec[1].base = NULL;
err = tfm_core_test_call(tfm_spm_core_test_2_slave_service_veneer, &args);
- if (err != TFM_SUCCESS) {
+ if (err != CORE_TEST_ERRNO_SUCCESS_2) {
TEST_FAIL("If the len of an invec is 0, the base should be ignored");
return;
}
@@ -257,7 +251,7 @@
out_vec[1].len = 0;
out_vec[1].base = NULL;
err = tfm_core_test_call(tfm_spm_core_test_2_slave_service_veneer, &args);
- if (err != TFM_SUCCESS) {
+ if (err != CORE_TEST_ERRNO_SUCCESS_2) {
TEST_FAIL("If the len of an outvec is 0, the base should be ignored");
return;
}
@@ -285,7 +279,7 @@
err = tfm_core_test_call(tfm_spm_core_test_2_get_every_second_byte_veneer,
&args1);
- if (err != TFM_SUCCESS) {
+ if (err != CORE_TEST_ERRNO_SUCCESS) {
TEST_FAIL("call to secure function should be successful");
return;
}
@@ -313,7 +307,7 @@
in_vec[0].len = sizeof(int32_t);
err = tfm_core_test_call(tfm_spm_core_test_sfn_veneer, &args2);
- if (err != TFM_SUCCESS) {
+ if (err != CORE_TEST_ERRNO_SUCCESS) {
TEST_FAIL("Failed to execute secure side test");
return;
}
@@ -333,11 +327,6 @@
err = tfm_core_test_call(tfm_spm_core_test_sfn_init_success_veneer, &args);
- if ((err != TFM_SUCCESS) && (err < TFM_PARTITION_SPECIFIC_ERROR_MIN)) {
- TEST_FAIL("TFM Core returned error.");
- return;
- }
-
if (err != CORE_TEST_ERRNO_SUCCESS) {
TEST_FAIL("Failed to initialise test service.");
return;
@@ -382,11 +371,6 @@
err = tfm_core_test_call(tfm_spm_core_test_sfn_veneer, &args);
- if (err != TFM_SUCCESS && err < TFM_PARTITION_SPECIFIC_ERROR_MIN) {
- TEST_FAIL("TFM Core returned error.");
- return;
- }
-
if (err != CORE_TEST_ERRNO_SUCCESS) {
char *info = error_to_string(
"Service memory accesses configured incorrectly.", err);
@@ -412,11 +396,6 @@
err = tfm_core_test_call(tfm_spm_core_test_sfn_veneer, &args);
- if (err != TFM_SUCCESS && err < TFM_PARTITION_SPECIFIC_ERROR_MIN) {
- TEST_FAIL("TFM Core returned error.");
- return;
- }
-
if (err != CORE_TEST_ERRNO_SUCCESS) {
char *info = error_to_string(
"Service memory accesses configured incorrectly.", err);
@@ -433,18 +412,18 @@
uint32_t inbuf[] = {1, 2, 3, 4, 0xAAAFFF, 0xFFFFFFFF};
uint32_t outbuf[16] = {0};
- int32_t result;
+ int32_t result = 1;
psa_invec in_vec[] = { {inbuf, sizeof(inbuf)} };
psa_outvec outvec[] = { {outbuf, sizeof(outbuf)},
{&result, sizeof(int32_t)} };
struct tfm_core_test_call_args_t args = {in_vec, 1, outvec, 2};
res = tfm_core_test_call(tfm_spm_core_test_2_sfn_invert_veneer, &args);
- if ((res != TFM_SUCCESS) && (res < TFM_PARTITION_SPECIFIC_ERROR_MIN)) {
+ if (res != CORE_TEST_ERRNO_SUCCESS) {
TEST_FAIL("Call to secure service should be successful.");
return;
}
- if ((result == 0) && (res == TFM_SUCCESS)) {
+ if (result == 0) {
for (i = 0; i < sizeof(inbuf) >> 2; i++) {
if (outbuf[i] != ~inbuf[i]) {
TEST_FAIL("Secure function failed to modify buffer.");
@@ -475,11 +454,6 @@
err = tfm_core_test_call(tfm_spm_core_test_sfn_veneer, &args);
- if (err != TFM_SUCCESS && err < TFM_PARTITION_SPECIFIC_ERROR_MIN) {
- TEST_FAIL("Call to secure service should be successful.");
- return;
- }
-
if (err != CORE_TEST_ERRNO_SUCCESS) {
TEST_FAIL("The internal service call failed.");
return;
@@ -497,11 +471,6 @@
err = tfm_core_test_call(tfm_spm_core_test_sfn_veneer, &args);
- if ((err != TFM_SUCCESS) && (err < TFM_PARTITION_SPECIFIC_ERROR_MIN)) {
- TEST_FAIL("TFM Core returned error.");
- return;
- }
-
if (err != CORE_TEST_ERRNO_SUCCESS) {
TEST_FAIL("Failed to redirect share region in service.");
return;
@@ -525,12 +494,8 @@
struct tfm_core_test_call_args_t args = {in_vec, 3, outvec, 1};
res = tfm_core_test_call(tfm_spm_core_test_sfn_veneer, &args);
- if ((res != TFM_SUCCESS) && (res < TFM_PARTITION_SPECIFIC_ERROR_MIN)) {
- TEST_FAIL("Call to secure service should be successful.");
- return;
- }
switch (res) {
- case TFM_SUCCESS:
+ case CORE_TEST_ERRNO_SUCCESS:
for (i = 0; i < sizeof(inbuf) >> 2; i++) {
if (outbuf[i] != ~inbuf[i]) {
TEST_FAIL("Secure function failed to modify buffer.");
@@ -569,11 +534,6 @@
err = tfm_core_test_call(tfm_spm_core_test_sfn_veneer, &args);
- if (err != TFM_SUCCESS && err < TFM_PARTITION_SPECIFIC_ERROR_MIN) {
- TEST_FAIL("Call to secure service should be successful.");
- return;
- }
-
if (err != CORE_TEST_ERRNO_SUCCESS) {
TEST_FAIL("The internal service call failed.");
return;
@@ -591,11 +551,6 @@
err = tfm_core_test_call(tfm_spm_core_test_sfn_veneer, &args);
- if (err != TFM_SUCCESS && err < TFM_PARTITION_SPECIFIC_ERROR_MIN) {
- TEST_FAIL("Call to secure service should be successful.");
- return;
- }
-
if (err != CORE_TEST_ERRNO_SUCCESS) {
TEST_FAIL("The SPM request failed.");
return;
diff --git a/test/test_services/tfm_core_test/core_test_defs.h b/test/test_services/tfm_core_test/core_test_defs.h
index cae4264..c34d7a2 100644
--- a/test/test_services/tfm_core_test/core_test_defs.h
+++ b/test/test_services/tfm_core_test/core_test_defs.h
@@ -41,18 +41,23 @@
#define CORE_TEST_ERROR_GET_CODE(x) (x & 0xFFFF)
enum core_test_errno_t {
- CORE_TEST_ERRNO_SUCCESS = 0,
- CORE_TEST_ERRNO_SP_NOT_INITED = TFM_PARTITION_SPECIFIC_ERROR_MIN,
- CORE_TEST_ERRNO_UNEXPECTED_CORE_BEHAVIOUR,
- CORE_TEST_ERRNO_SP_RECURSION_NOT_REJECTED,
- CORE_TEST_ERRNO_INVALID_BUFFER,
- CORE_TEST_ERRNO_SLAVE_SP_CALL_FAILURE,
- CORE_TEST_ERRNO_SLAVE_SP_BUFFER_FAILURE,
- CORE_TEST_ERRNO_FIRST_CALL_FAILED,
- CORE_TEST_ERRNO_SECOND_CALL_FAILED,
- CORE_TEST_ERRNO_PERIPHERAL_ACCESS_FAILED,
- CORE_TEST_ERRNO_TEST_FAULT,
- CORE_TEST_ERRNO_INVALID_TEST_ID,
+ CORE_TEST_ERRNO_SP_NOT_INITED = -12,
+ CORE_TEST_ERRNO_UNEXPECTED_CORE_BEHAVIOUR = -11,
+ CORE_TEST_ERRNO_SP_RECURSION_NOT_REJECTED = -10,
+ CORE_TEST_ERRNO_INVALID_BUFFER = -9,
+ CORE_TEST_ERRNO_SLAVE_SP_CALL_FAILURE = -8,
+ CORE_TEST_ERRNO_SLAVE_SP_BUFFER_FAILURE = -7,
+ CORE_TEST_ERRNO_FIRST_CALL_FAILED = -6,
+ CORE_TEST_ERRNO_SECOND_CALL_FAILED = -5,
+ CORE_TEST_ERRNO_PERIPHERAL_ACCESS_FAILED = -4,
+ CORE_TEST_ERRNO_TEST_FAULT = -3,
+ CORE_TEST_ERRNO_INVALID_TEST_ID = -2,
+ CORE_TEST_ERRNO_INVALID_PARAMETER = -1,
+
+ CORE_TEST_ERRNO_SUCCESS = 0,
+
+ CORE_TEST_ERRNO_SUCCESS_2 = 1,
+
/* Following entry is only to ensure the error code of int size */
CORE_TEST_ERRNO_FORCE_INT_SIZE = INT_MAX
};
diff --git a/test/test_services/tfm_core_test/tfm_ss_core_test.c b/test/test_services/tfm_core_test/tfm_ss_core_test.c
index 18dc6ec..d8cc347 100644
--- a/test/test_services/tfm_core_test/tfm_ss_core_test.c
+++ b/test/test_services/tfm_core_test/tfm_ss_core_test.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017 - 2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2017 - 2019, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -8,7 +8,7 @@
#include <stddef.h>
#include "tfm_ss_core_test.h"
#include "tfm_api.h"
-#include "core_test_defs.h"
+#include "test/test_services/tfm_core_test/core_test_defs.h"
#include "tfm_veneers.h"
#include "secure_fw/core/secure_utilities.h"
#include "secure_fw/core/tfm_secure_api.h"
@@ -34,17 +34,18 @@
static int32_t* invalid_addresses [] = {(int32_t*)0x0, (int32_t*)0xFFF12000};
-int32_t core_test_init(void)
+psa_status_t core_test_init(void)
{
partition_init_done = 1;
- return TFM_SUCCESS;
+ return CORE_TEST_ERRNO_SUCCESS;
}
-int32_t spm_core_test_sfn_init_success(struct psa_invec *in_vec, size_t in_len,
+psa_status_t spm_core_test_sfn_init_success(
+ struct psa_invec *in_vec, size_t in_len,
struct psa_outvec *out_vec, size_t out_len)
{
if ((in_len != 0) || (out_len != 0)) {
- return TFM_ERROR_INVALID_PARAMETER;
+ return CORE_TEST_ERRNO_INVALID_PARAMETER;
}
if (partition_init_done) {
@@ -54,15 +55,16 @@
}
}
-int32_t spm_core_test_sfn_direct_recursion(
+psa_status_t spm_core_test_sfn_direct_recursion(
struct psa_invec *in_vec, size_t in_len,
struct psa_outvec *out_vec, size_t out_len)
{
uint32_t depth;
struct psa_invec new_vec = {NULL, sizeof(uint32_t)};
- if ((in_len != 1) || (out_len != 0) || (in_vec[0].len != sizeof(uint32_t))) {
- return TFM_ERROR_INVALID_PARAMETER;
+ if ((in_len != 1) || (out_len != 0) ||
+ (in_vec[0].len != sizeof(uint32_t))) {
+ return CORE_TEST_ERRNO_INVALID_PARAMETER;
}
depth = *((uint32_t *)in_vec[0].base);
@@ -77,7 +79,7 @@
int32_t ret = tfm_spm_core_test_sfn_direct_recursion_veneer(&new_vec,
1, NULL, 0);
- if (ret == TFM_SUCCESS) {
+ if (ret == CORE_TEST_ERRNO_SUCCESS) {
/* This is an unexpected return value */
return CORE_TEST_ERRNO_UNEXPECTED_CORE_BEHAVIOUR;
} else if (ret == CORE_TEST_ERRNO_SP_RECURSION_NOT_REJECTED) {
@@ -94,7 +96,7 @@
#define MPS2_USERLED_MASK (0x3)
-int32_t test_mpu_access(
+psa_status_t test_mpu_access(
uint32_t *data_r_ptr, uint32_t *code_ptr, uint32_t *data_w_ptr)
{
/* If these accesses fail, TFM Core kicks in, there's no returning to sfn */
@@ -132,10 +134,10 @@
}
data_w_ptr[2] = *code_ptr;
- return TFM_SUCCESS;
+ return CORE_TEST_ERRNO_SUCCESS;
}
-int32_t test_memory_permissions(
+psa_status_t test_memory_permissions(
uint32_t *data_r_ptr, uint32_t *code_ptr, uint32_t *data_w_ptr)
{
int32_t len = sizeof(uint32_t);
@@ -175,10 +177,10 @@
CORE_TEST_RETURN_ERROR(CORE_TEST_ERRNO_UNEXPECTED_CORE_BEHAVIOUR);
}
- return TFM_SUCCESS;
+ return CORE_TEST_ERRNO_SUCCESS;
}
-int32_t test_share_redirection(void)
+psa_status_t test_share_redirection(void)
{
uint32_t tmp;
@@ -190,10 +192,10 @@
/* Write to scratch */
tfm_scratch_area[1] = tmp;
- return TFM_SUCCESS;
+ return CORE_TEST_ERRNO_SUCCESS;
}
-int32_t test_peripheral_access(void)
+psa_status_t test_peripheral_access(void)
{
struct arm_mps2_fpgaio_t *fpgaio = SEC_MPS2_FPGAIO;
/* Check read access */
@@ -208,12 +210,13 @@
return CORE_TEST_ERRNO_PERIPHERAL_ACCESS_FAILED;
}
- return TFM_SUCCESS;
+ return CORE_TEST_ERRNO_SUCCESS;
}
#define SS_BUFFER_LEN 16
-int32_t test_ss_to_ss_buffer(uint32_t *in_ptr, uint32_t *out_ptr, int32_t len)
+psa_status_t test_ss_to_ss_buffer(uint32_t *in_ptr, uint32_t *out_ptr,
+ int32_t len)
{
int32_t i;
/* Service internal buffer */
@@ -254,7 +257,7 @@
/* Call internal service with buffer handling */
res = tfm_spm_core_test_2_sfn_invert_veneer(in_vec, 1, outvec, 2);
- if (res != TFM_SUCCESS) {
+ if (res != CORE_TEST_ERRNO_SUCCESS) {
return CORE_TEST_ERRNO_SLAVE_SP_CALL_FAILURE;
}
@@ -273,10 +276,10 @@
out_ptr[i] = ss_buffer[i];
}
- return TFM_SUCCESS;
+ return CORE_TEST_ERRNO_SUCCESS;
}
-static int32_t test_outvec_write(void)
+static psa_status_t test_outvec_write(void)
{
int32_t err;
int i;
@@ -323,7 +326,7 @@
err = tfm_spm_core_test_2_get_every_second_byte_veneer(in_vec, 2,
out_vec, 2);
- if (err != TFM_SUCCESS) {
+ if (err != CORE_TEST_ERRNO_SUCCESS) {
return CORE_TEST_ERRNO_TEST_FAULT;
}
@@ -346,22 +349,22 @@
return CORE_TEST_ERRNO_UNEXPECTED_CORE_BEHAVIOUR;
}
- return TFM_SUCCESS;
+ return CORE_TEST_ERRNO_SUCCESS;
}
-static int32_t test_ss_to_ss(void)
+psa_status_t test_ss_to_ss(void)
{
/* Call to a different service, should be successful */
int32_t ret = tfm_spm_core_test_2_slave_service_veneer(NULL, 0, NULL, 0);
- if (ret == TFM_SUCCESS) {
+ if (ret == CORE_TEST_ERRNO_SUCCESS_2) {
return CORE_TEST_ERRNO_SUCCESS;
} else {
return CORE_TEST_ERRNO_SLAVE_SP_CALL_FAILURE;
}
}
-static int32_t test_get_caller_client_id(void)
+static psa_status_t test_get_caller_client_id(void)
{
/* Call to a special service that checks the caller service ID */
size_t i;
@@ -371,7 +374,7 @@
caller_client_id_zi = INVALID_NS_CLIENT_ID;
ret = tfm_spm_core_test_2_check_caller_client_id_veneer(NULL, 0, NULL, 0);
- if (ret != TFM_SUCCESS) {
+ if (ret != CORE_TEST_ERRNO_SUCCESS) {
return CORE_TEST_ERRNO_SLAVE_SP_CALL_FAILURE;
}
@@ -401,10 +404,10 @@
return CORE_TEST_ERRNO_TEST_FAULT;
}
- return TFM_SUCCESS;
+ return CORE_TEST_ERRNO_SUCCESS;
}
-static int32_t test_spm_request(void)
+static psa_status_t test_spm_request(void)
{
/* Request a reset vote, should be successful */
int32_t ret = tfm_spm_request_reset_vote();
@@ -442,16 +445,16 @@
}
}
-int32_t test_wait_button(void)
+psa_status_t test_wait_button(void)
{
LOG_MSG("Inside the service, press button to continue...");
wait_button_event();
LOG_MSG("Leaving the service");
- return TFM_SUCCESS;
+ return CORE_TEST_ERRNO_SUCCESS;
}
#endif
-static int32_t test_block(void)
+static psa_status_t test_block(void)
{
#ifdef CORE_TEST_INTERACTIVE
/* Only block if interactive test is turned on */
@@ -462,7 +465,7 @@
#endif /* CORE_TEST_INTERACTIVE */
}
-int32_t spm_core_test_sfn(struct psa_invec *in_vec, size_t in_len,
+psa_status_t spm_core_test_sfn(struct psa_invec *in_vec, size_t in_len,
struct psa_outvec *out_vec, size_t out_len)
{
uint32_t tc;
@@ -471,7 +474,7 @@
int32_t arg3;
if ((in_len < 1) || (in_vec[0].len != sizeof(uint32_t))) {
- return TFM_ERROR_INVALID_PARAMETER;
+ return CORE_TEST_ERRNO_INVALID_PARAMETER;
}
tc = *((uint32_t *)in_vec[0].base);
@@ -481,7 +484,7 @@
(in_vec[1].len < sizeof(int32_t)) ||
(in_vec[2].len < sizeof(int32_t)) ||
(out_vec[0].len < 3*sizeof(int32_t))) {
- return TFM_ERROR_INVALID_PARAMETER;
+ return CORE_TEST_ERRNO_INVALID_PARAMETER;
}
arg1 = (int32_t)in_vec[1].base;
arg2 = (int32_t)in_vec[2].base;
@@ -493,7 +496,7 @@
(in_vec[1].len < sizeof(int32_t)) ||
(in_vec[2].len < sizeof(int32_t)) ||
(out_vec[0].len < sizeof(int32_t))) {
- return TFM_ERROR_INVALID_PARAMETER;
+ return CORE_TEST_ERRNO_INVALID_PARAMETER;
}
arg1 = (int32_t)in_vec[1].base;
arg2 = (int32_t)in_vec[2].base;
@@ -507,12 +510,12 @@
case CORE_TEST_ID_SS_TO_SS_BUFFER:
if ((in_len != 3) || (out_len != 1) ||
(in_vec[2].len != sizeof(int32_t))) {
- return TFM_ERROR_INVALID_PARAMETER;
+ return CORE_TEST_ERRNO_INVALID_PARAMETER;
}
arg3 = *((int32_t *)in_vec[2].base);
if ((in_vec[1].len < arg3*sizeof(int32_t)) ||
(out_vec[0].len < arg3*sizeof(int32_t))) {
- return TFM_ERROR_INVALID_PARAMETER;
+ return CORE_TEST_ERRNO_INVALID_PARAMETER;
}
arg1 = (int32_t)in_vec[1].base;
arg2 = (int32_t)out_vec[0].base;
diff --git a/test/test_services/tfm_core_test/tfm_ss_core_test.h b/test/test_services/tfm_core_test/tfm_ss_core_test.h
index 2b84193..eb9598f 100644
--- a/test/test_services/tfm_core_test/tfm_ss_core_test.h
+++ b/test/test_services/tfm_core_test/tfm_ss_core_test.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2017-2019, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -35,7 +35,7 @@
* \return Returns \ref CORE_TEST_ERRNO_SUCCESS on success, and
* \ref CORE_TEST_ERRNO_SP_NOT_INITED on failure.
*/
-int32_t spm_core_test_sfn_init_success(
+psa_status_t spm_core_test_sfn_init_success(
struct psa_invec *in_vec, size_t in_len,
struct psa_outvec *out_vec, size_t out_len);
@@ -57,7 +57,7 @@
*
* \return Returns \ref CORE_TEST_ERRNO_SUCCESS.
*/
-int32_t spm_core_test_sfn_direct_recursion(
+psa_status_t spm_core_test_sfn_direct_recursion(
struct psa_invec *in_vec, size_t in_len,
struct psa_outvec *out_vec, size_t out_len);
@@ -80,7 +80,7 @@
*
* \return Can return various error codes.
*/
-int32_t spm_core_test_sfn(struct psa_invec *in_vec, size_t in_len,
+psa_status_t spm_core_test_sfn(struct psa_invec *in_vec, size_t in_len,
struct psa_outvec *out_vec, size_t out_len);
#ifdef __cplusplus
diff --git a/test/test_services/tfm_core_test_2/tfm_ss_core_test_2.c b/test/test_services/tfm_core_test_2/tfm_ss_core_test_2.c
index b86aa55..ac5c172 100644
--- a/test/test_services/tfm_core_test_2/tfm_ss_core_test_2.c
+++ b/test/test_services/tfm_core_test_2/tfm_ss_core_test_2.c
@@ -1,11 +1,12 @@
/*
- * Copyright (c) 2017-2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2017-2019, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
*/
#include <stddef.h>
+#include "test/test_services/tfm_core_test/core_test_defs.h"
#include "tfm_ss_core_test_2.h"
#include "tfm_api.h"
#include "tfm_secure_api.h"
@@ -30,25 +31,27 @@
* closed, and none of its functions can be called.
* A new test service for this purpose is to be added.
*/
-int32_t core_test_2_init(void)
+psa_status_t core_test_2_init(void)
{
- return TFM_SUCCESS;
+ return CORE_TEST_ERRNO_SUCCESS;
}
-int32_t spm_core_test_2_slave_service(struct psa_invec *in_vec,
+psa_status_t spm_core_test_2_slave_service(struct psa_invec *in_vec,
size_t in_len,
struct psa_outvec *out_vec,
size_t out_len)
{
/* This function doesn't do any sanity check on the input parameters, nor
- * makes any expectation of them, always returns successfully.
- * This is to test the parameter sanitization mechanisms implemented in SPM.
+ * makes any expectation of them, always returns successfully, with a
+ * non-zero return value.
+ * This is to test the parameter sanitization mechanisms implemented in SPM,
+ * and the handling of non-zero success codes.
*/
- return TFM_SUCCESS;
+ return CORE_TEST_ERRNO_SUCCESS_2;
}
-int32_t spm_core_test_2_check_caller_client_id(void)
+psa_status_t spm_core_test_2_check_caller_client_id(void)
{
size_t i;
int32_t caller_client_id_stack = INVALID_NS_CLIENT_ID;
@@ -82,34 +85,34 @@
return CORE_TEST_ERRNO_TEST_FAULT;
}
- return TFM_SUCCESS;
+ return CORE_TEST_ERRNO_SUCCESS;
}
-int32_t spm_core_test_2_get_every_second_byte(
+psa_status_t spm_core_test_2_get_every_second_byte(
struct psa_invec *in_vec, size_t in_len,
struct psa_outvec *out_vec, size_t out_len)
{
int i, j;
if (in_len != out_len) {
- return TFM_ERROR_INVALID_PARAMETER;
+ return CORE_TEST_ERRNO_INVALID_PARAMETER;
}
for (i = 0; i < in_len; ++i) {
if (in_vec[i].len/2 > out_vec[i].len) {
- return TFM_ERROR_INVALID_PARAMETER;
+ return CORE_TEST_ERRNO_INVALID_PARAMETER;
}
for (j = 1; j < in_vec[i].len; j += 2) {
((uint8_t *)out_vec[i].base)[j/2] = ((uint8_t *)in_vec[i].base)[j];
}
out_vec[i].len = in_vec[i].len/2;
}
- return TFM_SUCCESS;
+ return CORE_TEST_ERRNO_SUCCESS;
}
/* Invert function */
#define SFN_INVERT_MAX_LEN 128
-int32_t spm_core_test_2_sfn_invert(struct psa_invec *in_vec, size_t in_len,
+psa_status_t spm_core_test_2_sfn_invert(struct psa_invec *in_vec, size_t in_len,
struct psa_outvec *out_vec, size_t out_len)
{
int32_t i;
@@ -120,12 +123,12 @@
int32_t *res_ptr;
if (in_len != 1 || out_len != 2) {
- return TFM_ERROR_INVALID_PARAMETER;
+ return CORE_TEST_ERRNO_INVALID_PARAMETER;
}
if ((out_vec[0].len < in_vec[0].len) || (in_vec[0].len%4 != 0) ||
(out_vec[1].len < sizeof(int32_t))) {
- return TFM_ERROR_INVALID_PARAMETER;
+ return CORE_TEST_ERRNO_INVALID_PARAMETER;
}
len = in_vec[0].len / 4;
@@ -164,5 +167,5 @@
}
*res_ptr = 0;
- return TFM_SUCCESS;
+ return CORE_TEST_ERRNO_SUCCESS;
}
diff --git a/test/test_services/tfm_core_test_2/tfm_ss_core_test_2.h b/test/test_services/tfm_core_test_2/tfm_ss_core_test_2.h
index 0ae9068..96cc17d 100644
--- a/test/test_services/tfm_core_test_2/tfm_ss_core_test_2.h
+++ b/test/test_services/tfm_core_test_2/tfm_ss_core_test_2.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2017-2019, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -30,7 +30,8 @@
*
* \return Returns \ref TFM_SUCCESS.
*/
-int32_t spm_core_test_2_slave_service(struct psa_invec *in_vec, size_t in_len,
+psa_status_t spm_core_test_2_slave_service(
+ struct psa_invec *in_vec, size_t in_len,
struct psa_outvec *out_vec, size_t out_len);
@@ -54,7 +55,7 @@
*
* \return Returns \ref TFM_SUCCESS on success, TFM_PARTITION_BUSY otherwise.
*/
-int32_t spm_core_test_2_sfn_invert(struct psa_invec *in_vec, size_t in_len,
+psa_status_t spm_core_test_2_sfn_invert(struct psa_invec *in_vec, size_t in_len,
struct psa_outvec *out_vec, size_t out_len);
/**
@@ -73,7 +74,7 @@
* \return Returns \ref TFM_SUCCESS on success, \ref CORE_TEST_ERRNO_TEST_FAULT
* othervise.
*/
-int32_t spm_core_test_2_check_caller_client_id(void);
+psa_status_t spm_core_test_2_check_caller_client_id(void);
#ifdef __cplusplus
}