commit 2d4bc2efa54cd674be28e83f95528e78fa5ed789
author Kevin Peng <kevin.peng@arm.com> Fri Jan 28 16:19:30 2022 +0800
committer Kevin Peng <kevin.peng@arm.com> Fri Mar 11 03:14:32 2022 +0100
tree acf3521a42308f8b3de55666f9d9f5829aa652b6
parent 40478c26a1f489d4b99b51a9bbaac793de668119

Partitions: Convert PSA Partitions to SFN Model

This patch converts the following Secure Partitions to SFN Model:
- Crypto
- ITS
- PS
- Initial Attestation

Change-Id: Iecd1ed578681c78c5231064a7278b4fc967dca23
Signed-off-by: Kevin Peng <kevin.peng@arm.com>

secure_fw/partitions/crypto/crypto_init.c

diff --git a/secure_fw/partitions/crypto/crypto_init.c b/secure_fw/partitions/crypto/crypto_init.c
index 5c9965c..0fb8a69 100644
--- a/secure_fw/partitions/crypto/crypto_init.c
+++ b/secure_fw/partitions/crypto/crypto_init.c
@@ -111,14 +111,13 @@
     scratch.alloc_index = 0;
 }
 
-static psa_status_t tfm_crypto_call_srv(psa_msg_t *msg,
-                                        struct tfm_crypto_pack_iovec *iov,
-                                        const uint32_t srv_id)
+static psa_status_t tfm_crypto_call_srv(const psa_msg_t *msg)
 {
     psa_status_t status = PSA_SUCCESS;
     size_t in_len = PSA_MAX_IOVEC, out_len = PSA_MAX_IOVEC, i;
     psa_invec in_vec[PSA_MAX_IOVEC] = { {NULL, 0} };
     psa_outvec out_vec[PSA_MAX_IOVEC] = { {NULL, 0} };
+    struct tfm_crypto_pack_iovec iov = {0};
     void *alloc_buf_ptr = NULL;
 
     /* Check the number of in_vec filled */
@@ -130,8 +129,17 @@
     if (in_len < 1) {
         return PSA_ERROR_GENERIC_ERROR;
     }
+
+    if (psa_read(msg->handle, 0, &iov, sizeof(iov)) != sizeof(iov)) {
+        return PSA_ERROR_GENERIC_ERROR;
+    }
+
+    if (iov.srv_id >= TFM_CRYPTO_SID_MAX) {
+        return PSA_ERROR_GENERIC_ERROR;
+    }
+
     /* Initialise the first iovec with the IOV read when parsing */
-    in_vec[0].base = iov;
+    in_vec[0].base = &iov;
     in_vec[0].len = sizeof(struct tfm_crypto_pack_iovec);
 
     /* Alloc/read from the second element as the first is read when parsing */
@@ -143,10 +151,10 @@
             return status;
         }
         /* Read from the IPC framework inputs into the scratch */
-        (void) psa_read(msg->handle, i, alloc_buf_ptr, msg->in_size[i]);
+        in_vec[i].len =
+                       psa_read(msg->handle, i, alloc_buf_ptr, msg->in_size[i]);
         /* Populate the fields of the input to the secure function */
         in_vec[i].base = alloc_buf_ptr;
-        in_vec[i].len = msg->in_size[i];
     }
 
     /* Check the number of out_vec filled */
@@ -170,7 +178,7 @@
     (void)tfm_crypto_set_scratch_owner(msg->client_id);
 
     /* Call the uniform signature API */
-    status = sfid_func_table[srv_id](in_vec, in_len, out_vec, out_len);
+    status = sfid_func_table[iov.srv_id](in_vec, in_len, out_vec, out_len);
 
     /* Write into the IPC framework outputs from the scratch */
     for (i = 0; i < out_len; i++) {
@@ -183,70 +191,6 @@
     return status;
 }
 
-static psa_status_t tfm_crypto_parse_msg(psa_msg_t *msg,
-                                         struct tfm_crypto_pack_iovec *iov,
-                                         uint32_t *srv_id_p)
-{
-    size_t read_size;
-
-    /* Read the in_vec[0] which holds the IOVEC always */
-    read_size = psa_read(msg->handle,
-                         0,
-                         iov,
-                         sizeof(struct tfm_crypto_pack_iovec));
-
-    if (read_size != sizeof(struct tfm_crypto_pack_iovec)) {
-        return PSA_ERROR_GENERIC_ERROR;
-    }
-
-    if (iov->srv_id >= TFM_CRYPTO_SID_MAX) {
-        *srv_id_p = TFM_CRYPTO_SID_INVALID;
-        return PSA_ERROR_GENERIC_ERROR;
-    }
-
-    *srv_id_p = iov->srv_id;
-
-    return PSA_SUCCESS;
-}
-
-static void tfm_crypto_ipc_handler(void)
-{
-    psa_signal_t signals;
-    psa_msg_t msg;
-    psa_status_t status = PSA_SUCCESS;
-    uint32_t srv_id = TFM_CRYPTO_SID_INVALID;
-    struct tfm_crypto_pack_iovec iov = {0};
-
-    while (1) {
-        signals = psa_wait(PSA_WAIT_ANY, PSA_BLOCK);
-        if (signals & TFM_CRYPTO_SIGNAL) {
-            /* Extract the message */
-            if (psa_get(TFM_CRYPTO_SIGNAL, &msg) != PSA_SUCCESS) {
-                psa_panic();
-            }
-
-            /* Process the message type */
-            switch (msg.type) {
-            case PSA_IPC_CALL:
-                /* Parse the message */
-                status = tfm_crypto_parse_msg(&msg, &iov, &srv_id);
-                /* Call the dispatcher based on the SID passed as type */
-                if (status == PSA_SUCCESS) {
-                    status = tfm_crypto_call_srv(&msg, &iov, srv_id);
-                }
-                psa_reply(msg.handle, status);
-                break;
-            default:
-                psa_panic();
-            }
-        } else {
-            psa_panic();
-        }
-    }
-
-    /* NOTREACHED */
-    return;
-}
 #endif /* TFM_PSA_API */
 
 /**
@@ -333,15 +277,20 @@
     }
 
     /* Initialise the engine layer */
-    status = tfm_crypto_engine_init();
-    if (status != PSA_SUCCESS) {
-        return status;
-    }
+    return tfm_crypto_engine_init();
+}
 
 #ifdef TFM_PSA_API
-    /* Should not return in normal operations */
-    tfm_crypto_ipc_handler();
-#endif
+psa_status_t tfm_crypto_sfn(const psa_msg_t *msg)
+{
+    /* Process the message type */
+    switch (msg->type) {
+    case PSA_IPC_CALL:
+        return tfm_crypto_call_srv(msg);
+    default:
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
 
-    return status;
+    return PSA_ERROR_GENERIC_ERROR;
 }
+#endif