Core: PSA APIs alignment
Update PSA Client and Secure Partition APIs and some related files:
- Add psa_panic() to indicate an internal fault in a secure partition.
- Introduce a message type parameter to the psa_call() function which
is delivered as part of the psa_msg_t data to the RoT Service.
- Change 'minor version' to 'version'.
- Add PSA_HANDLE_IS_VALID() and PSA_HANDLE_TO_ERROR() macros.
- Move the definition of PSA_MAX_IOVEC and PSA_IPC_CALL from
psa/service.h to psa/client.h.
- Change the error code returned by psa_get() when the message could
not be delivered. It now returns PSA_ERROR_DOES_NOT_EXIST.
Change-Id: Ia717f591c80484699f4f491d1ed6dbc4fd7c050f
Signed-off-by: Summer Qin <summer.qin@arm.com>
diff --git a/secure_fw/core/ipc/include/tfm_svcalls.h b/secure_fw/core/ipc/include/tfm_svcalls.h
index 97c506b..371895a 100644
--- a/secure_fw/core/ipc/include/tfm_svcalls.h
+++ b/secure_fw/core/ipc/include/tfm_svcalls.h
@@ -41,9 +41,9 @@
* Or from secure client.
*
* \retval > 0 A handle for the connection.
- * \retval PSA_CONNECTION_REFUSED The SPM or RoT Service has refused the
+ * \retval PSA_ERROR_CONNECTION_REFUSED The SPM or RoT Service has refused the
* connection.
- * \retval PSA_CONNECTION_BUSY The SPM or RoT Service cannot make the
+ * \retval PSA_ERROR_CONNECTION_BUSY The SPM or RoT Service cannot make the
* connection at the moment.
* \retval "Does not return" The RoT Service ID and version are not
* supported, or the caller is not permitted to
@@ -62,13 +62,12 @@
*
* \retval >=0 RoT Service-specific status value.
* \retval <0 RoT Service-specific error code.
- * \retval PSA_DROP_CONNECTION The connection has been dropped by the RoT
- * Service. This indicates that either this or
- * a previous message was invalid.
- * \retval "Does not return" The call is invalid, one or more of the
- * following are true:
+ * \retval PSA_ERROR_PROGRAMMER_ERROR The connection has been terminated by the
+ * RoT Service. The call is a PROGRAMMER ERROR if
+ * one or more of the following are true:
* \arg An invalid handle was passed.
* \arg The connection is already handling a request.
+ * \arg type < 0.
* \arg An invalid memory reference was provided.
* \arg in_len + out_len > PSA_MAX_IOVEC.
* \arg The message is unrecognized by the RoT
diff --git a/secure_fw/core/ipc/psa_client.c b/secure_fw/core/ipc/psa_client.c
index 040d596..6a696e3 100644
--- a/secure_fw/core/ipc/psa_client.c
+++ b/secure_fw/core/ipc/psa_client.c
@@ -27,7 +27,7 @@
}
__attribute__((naked, section("SFN")))
-psa_handle_t psa_connect(uint32_t sid, uint32_t minor_version)
+psa_handle_t psa_connect(uint32_t sid, uint32_t version)
{
__ASM volatile("SVC %0 \n"
"BX LR \n"
@@ -36,6 +36,7 @@
__attribute__((naked, section("SFN")))
psa_status_t psa_call(psa_handle_t handle,
+ int32_t type,
const psa_invec *in_vec,
size_t in_len,
psa_outvec *out_vec,
diff --git a/secure_fw/core/ipc/tfm_svcalls.c b/secure_fw/core/ipc/tfm_svcalls.c
index d03b7dc..447a9f7 100644
--- a/secure_fw/core/ipc/tfm_svcalls.c
+++ b/secure_fw/core/ipc/tfm_svcalls.c
@@ -88,7 +88,7 @@
*/
connect_handle = tfm_spm_create_conn_handle(service);
if (connect_handle == PSA_NULL_HANDLE) {
- return PSA_CONNECTION_BUSY;
+ return PSA_ERROR_CONNECTION_BUSY;
}
/*
@@ -112,7 +112,7 @@
ns_caller, NULL, 0, NULL, 0, NULL);
if (!msg) {
/* Have no enough resource to create message */
- return PSA_CONNECTION_BUSY;
+ return PSA_ERROR_CONNECTION_BUSY;
}
/*
@@ -121,7 +121,7 @@
*/
tfm_spm_send_event(service, msg);
- return PSA_CONNECTION_BUSY;
+ return PSA_ERROR_CONNECTION_BUSY;
}
psa_status_t tfm_svcall_psa_call(uint32_t *args, int32_t ns_caller, uint32_t lr)
@@ -135,10 +135,15 @@
int i;
struct tfm_spm_ipc_partition_t *partition = NULL;
uint32_t privileged;
+ int32_t type;
TFM_ASSERT(args != NULL);
handle = (psa_handle_t)args[0];
+ type = (int32_t)args[1];
+ if (type < 0) {
+ tfm_panic();
+ }
partition = tfm_spm_get_running_partition();
if (!partition) {
tfm_panic();
@@ -146,29 +151,31 @@
privileged = tfm_spm_partition_get_privileged_mode(partition->index);
if (!ns_caller) {
- inptr = (psa_invec *)args[1];
- in_num = (size_t)args[2];
- outptr = (psa_outvec *)args[3];
+ inptr = (psa_invec *)args[2];
+ in_num = (size_t)args[3];
/*
- * 5th parameter is pushed at stack top before SVC, then PE hardware
- * stacks the execution context. The size of the context depends on
- * various settings:
- * - if FP is not used, 5th parameter is at 8th position counting
- * from SP;
- * - if FP is used and FPCCR_S.TS is 0, 5th parameter is at 26th
+ * 5th and 6th parameter is pushed at stack top before SVC, then PE
+ * hardware stacks the execution context. The size of the context
+ * depends on various settings:
+ * - if FP is not used, 5th and 6th parameters are at 8th and 9th
* position counting from SP;
- * - if FP is used and FPCCR_S.TS is 1, 5th parameter is at 42th
- * position counting from SP.
+ * - if FP is used and FPCCR_S.TS is 0, 5th and 6th parameters are at
+ * 26th and 27th position counting from SP;
+ * - if FP is used and FPCCR_S.TS is 1, 5th and 6th parameters are at
+ * 42th and 43th position counting from SP.
*/
- if (lr & EXC_RETURN_FPU_FRAME_BASIC) {
- out_num = (size_t)args[8];
+ if (lr & EXC_RETURN_FPU_FRAME_BASIC) {
+ outptr = (psa_outvec *)args[8];
+ out_num = (size_t)args[9];
#if defined (__FPU_USED) && (__FPU_USED == 1U)
- } else if (FPU->FPCCR & FPU_FPCCR_TS_Msk) {
- out_num = (size_t)args[42];
+ } else if (FPU->FPCCR & FPU_FPCCR_TS_Msk) {
+ outptr = (psa_outvec *)args[42];
+ out_num = (size_t)args[43];
#endif
- } else {
- out_num = (size_t)args[26];
- }
+ } else {
+ outptr = (psa_outvec *)args[26];
+ out_num = (size_t)args[27];
+ }
} else {
/*
* FixMe: From non-secure caller, vec and len are composed into a new
@@ -178,19 +185,19 @@
* Read parameters from the arguments. It is a fatal error if the
* memory reference for buffer is invalid or not readable.
*/
- if (tfm_memory_check((void *)args[1], sizeof(uint32_t),
- ns_caller, TFM_MEMORY_ACCESS_RO, privileged) != IPC_SUCCESS) {
- tfm_panic();
- }
if (tfm_memory_check((void *)args[2], sizeof(uint32_t),
ns_caller, TFM_MEMORY_ACCESS_RO, privileged) != IPC_SUCCESS) {
tfm_panic();
}
+ if (tfm_memory_check((void *)args[3], sizeof(uint32_t),
+ ns_caller, TFM_MEMORY_ACCESS_RO, privileged) != IPC_SUCCESS) {
+ tfm_panic();
+ }
- inptr = (psa_invec *)((psa_invec *)args[1])->base;
- in_num = ((psa_invec *)args[1])->len;
- outptr = (psa_outvec *)((psa_invec *)args[2])->base;
- out_num = ((psa_invec *)args[2])->len;
+ inptr = (psa_invec *)((psa_invec *)args[2])->base;
+ in_num = ((psa_invec *)args[2])->len;
+ outptr = (psa_outvec *)((psa_invec *)args[3])->base;
+ out_num = ((psa_invec *)args[3])->len;
}
/* It is a fatal error if in_len + out_len > PSA_MAX_IOVEC. */
@@ -372,7 +379,7 @@
*
* \retval PSA_SUCCESS Success, *msg will contain the delivered
* message.
- * \retval PSA_ERR_NOMSG Message could not be delivered.
+ * \retval PSA_ERROR_DOES_NOT_EXIST Message could not be delivered.
* \retval "Does not return" The call is invalid because one or more of the
* following are true:
* \arg signal has more than a single bit set.
@@ -445,7 +452,7 @@
tmp_msg = tfm_msg_dequeue(&service->msg_queue);
if (!tmp_msg) {
- return PSA_ERR_NOMSG;
+ return PSA_ERROR_DOES_NOT_EXIST;
}
tfm_memcpy(msg, &tmp_msg->msg, sizeof(psa_msg_t));
@@ -817,10 +824,10 @@
if (msg->msg.rhandle) {
tfm_spm_set_rhandle(service, msg->handle, msg->msg.rhandle);
}
- } else if (status == PSA_CONNECTION_REFUSED) {
- ret = PSA_CONNECTION_REFUSED;
- } else if (status == PSA_CONNECTION_BUSY) {
- ret = PSA_CONNECTION_BUSY;
+ } else if (status == PSA_ERROR_CONNECTION_REFUSED) {
+ ret = PSA_ERROR_CONNECTION_REFUSED;
+ } else if (status == PSA_ERROR_CONNECTION_BUSY) {
+ ret = PSA_ERROR_CONNECTION_BUSY;
} else {
tfm_panic();
}
@@ -829,8 +836,6 @@
/* Reply to PSA_IPC_CALL message. Return values are based on status */
if (status == PSA_SUCCESS) {
ret = PSA_SUCCESS;
- } else if (status == PSA_DROP_CONNECTION) {
- ret = PSA_DROP_CONNECTION;
} else if ((status >= (INT32_MIN + 1)) &&
(status <= (INT32_MIN + 127))) {
tfm_panic();
@@ -1162,7 +1167,7 @@
default:
LOG_MSG("Unknown SVC number requested!");
- return PSA_DROP_CONNECTION;
+ return PSA_ERROR_GENERIC_ERROR;
}
return PSA_SUCCESS;
}
diff --git a/secure_fw/ns_callable/tfm_psa_api_veneers.c b/secure_fw/ns_callable/tfm_psa_api_veneers.c
index 420d0c4..55f5d52 100644
--- a/secure_fw/ns_callable/tfm_psa_api_veneers.c
+++ b/secure_fw/ns_callable/tfm_psa_api_veneers.c
@@ -91,19 +91,18 @@
}
__tfm_secure_gateway_attributes__
-psa_handle_t tfm_psa_connect_veneer(uint32_t sid, uint32_t minor_version)
+psa_handle_t tfm_psa_connect_veneer(uint32_t sid, uint32_t version)
{
- TFM_CORE_NS_IPC_REQUEST_VENEER(tfm_svcall_psa_connect, sid,
- minor_version, 0, 0);
+ TFM_CORE_NS_IPC_REQUEST_VENEER(tfm_svcall_psa_connect, sid, version, 0, 0);
}
__tfm_secure_gateway_attributes__
-psa_status_t tfm_psa_call_veneer(psa_handle_t handle,
+psa_status_t tfm_psa_call_veneer(psa_handle_t handle, int32_t type,
const psa_invec *in_vecs,
const psa_invec *out_vecs)
{
- TFM_CORE_NS_IPC_REQUEST_VENEER(tfm_svcall_psa_call, handle, in_vecs,
- out_vecs, 0);
+ TFM_CORE_NS_IPC_REQUEST_VENEER(tfm_svcall_psa_call, handle, type, in_vecs,
+ out_vecs);
}
__tfm_secure_gateway_attributes__
diff --git a/secure_fw/services/crypto/crypto_aead.c b/secure_fw/services/crypto/crypto_aead.c
index f8fa055..383b0eb 100644
--- a/secure_fw/services/crypto/crypto_aead.c
+++ b/secure_fw/services/crypto/crypto_aead.c
@@ -8,7 +8,7 @@
#include <stddef.h>
#include <stdint.h>
-/* FixMe: Use PSA_CONNECTION_REFUSED when performing parameter
+/* FixMe: Use PSA_ERROR_CONNECTION_REFUSED when performing parameter
* integrity checks but this will have to be revised
* when the full set of error codes mandated by PSA FF
* is available.
@@ -32,11 +32,11 @@
psa_status_t status = PSA_SUCCESS;
if ( !((in_len == 2) || (in_len == 3)) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
const struct tfm_crypto_aead_pack_input *aead_pack_input = &iov->aead_in;
@@ -80,11 +80,11 @@
psa_status_t status = PSA_SUCCESS;
if ( !((in_len == 2) || (in_len == 3)) || (out_len > 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
const struct tfm_crypto_aead_pack_input *aead_pack_input = &iov->aead_in;
diff --git a/secure_fw/services/crypto/crypto_asymmetric.c b/secure_fw/services/crypto/crypto_asymmetric.c
index 57c7f92..a2d48c9 100644
--- a/secure_fw/services/crypto/crypto_asymmetric.c
+++ b/secure_fw/services/crypto/crypto_asymmetric.c
@@ -8,7 +8,7 @@
#include <stddef.h>
#include <stdint.h>
-/* FixMe: Use PSA_CONNECTION_REFUSED when performing parameter
+/* FixMe: Use PSA_ERROR_CONNECTION_REFUSED when performing parameter
* integrity checks but this will have to be revised
* when the full set of error codes mandated by PSA FF
* is available.
@@ -30,11 +30,11 @@
size_t out_len)
{
if ((in_len != 2) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -60,11 +60,11 @@
size_t out_len)
{
if ((in_len != 3) || (out_len != 0)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -92,11 +92,11 @@
psa_status_t status;
if (!((in_len == 2) || (in_len == 3)) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -142,11 +142,11 @@
size_t out_len)
{
if (!((in_len == 2) || (in_len == 3)) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
diff --git a/secure_fw/services/crypto/crypto_cipher.c b/secure_fw/services/crypto/crypto_cipher.c
index 590b457..466cbfe 100644
--- a/secure_fw/services/crypto/crypto_cipher.c
+++ b/secure_fw/services/crypto/crypto_cipher.c
@@ -8,7 +8,7 @@
#include <stddef.h>
#include <stdint.h>
-/* FixMe: Use PSA_CONNECTION_REFUSED when performing parameter
+/* FixMe: Use PSA_ERROR_CONNECTION_REFUSED when performing parameter
* integrity checks but this will have to be revised
* when the full set of error codes mandated by PSA FF
* is available.
@@ -33,12 +33,12 @@
psa_cipher_operation_t *operation = NULL;
if ((in_len != 1) || (out_len != 2)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(out_vec[0].len != sizeof(uint32_t))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -79,12 +79,12 @@
psa_cipher_operation_t *operation = NULL;
if ((in_len != 2) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(out_vec[0].len != sizeof(uint32_t))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
uint32_t handle = iov->op_handle;
@@ -122,12 +122,12 @@
psa_cipher_operation_t *operation = NULL;
if ((in_len != 1) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((out_vec[0].len != sizeof(uint32_t)) ||
(in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
uint32_t handle = iov->op_handle;
@@ -169,12 +169,12 @@
psa_cipher_operation_t *operation = NULL;
if ((in_len != 1) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((out_vec[0].len != sizeof(uint32_t)) ||
(in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
uint32_t handle = iov->op_handle;
@@ -216,12 +216,12 @@
psa_cipher_operation_t *operation = NULL;
if ((in_len != 2) || (out_len != 2)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(out_vec[0].len != sizeof(uint32_t))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
uint32_t handle = iov->op_handle;
@@ -265,12 +265,12 @@
psa_cipher_operation_t *operation = NULL;
if ((in_len != 1) || (out_len != 2)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(out_vec[0].len != sizeof(uint32_t))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
uint32_t handle = iov->op_handle;
@@ -313,12 +313,12 @@
psa_cipher_operation_t *operation = NULL;
if ((in_len != 1) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(out_vec[0].len != sizeof(uint32_t))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
uint32_t handle = iov->op_handle;
diff --git a/secure_fw/services/crypto/crypto_generator.c b/secure_fw/services/crypto/crypto_generator.c
index bb79de9..b2102e1 100644
--- a/secure_fw/services/crypto/crypto_generator.c
+++ b/secure_fw/services/crypto/crypto_generator.c
@@ -8,7 +8,7 @@
#include <stddef.h>
#include <stdint.h>
-/* FixMe: Use PSA_CONNECTION_REFUSED when performing parameter
+/* FixMe: Use PSA_ERROR_CONNECTION_REFUSED when performing parameter
* integrity checks but this will have to be revised
* when the full set of error codes mandated by PSA FF
* is available.
@@ -31,12 +31,12 @@
{
psa_status_t status;
if ((in_len != 1) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(out_vec[0].len != sizeof(size_t))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -63,11 +63,11 @@
{
psa_status_t status;
if ((in_len != 1) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -94,12 +94,12 @@
{
psa_status_t status;
if ((in_len != 2) || (out_len != 0)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(in_vec[1].len != sizeof(size_t))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -132,12 +132,12 @@
{
psa_status_t status;
if ((in_len != 1) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(out_vec[0].len != sizeof(uint32_t))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -178,12 +178,12 @@
{
psa_status_t status;
if (!((in_len == 1) || (in_len == 2) || (in_len == 3)) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(out_vec[0].len != sizeof(uint32_t))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -240,12 +240,12 @@
{
psa_status_t status;
if ((in_len != 2) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(out_vec[0].len != sizeof(uint32_t))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -288,11 +288,11 @@
size_t out_len)
{
if ((in_len != 1) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
uint8_t *output = out_vec[0].base;
size_t output_size = out_vec[0].len;
@@ -306,12 +306,12 @@
size_t out_len)
{
if (!((in_len == 2) || (in_len == 3)) || (out_len != 0)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(in_vec[1].len != sizeof(size_t))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
psa_key_handle_t key_handle = iov->key_handle;
diff --git a/secure_fw/services/crypto/crypto_hash.c b/secure_fw/services/crypto/crypto_hash.c
index 911227d..25577ee 100644
--- a/secure_fw/services/crypto/crypto_hash.c
+++ b/secure_fw/services/crypto/crypto_hash.c
@@ -8,7 +8,7 @@
#include <stddef.h>
#include <stdint.h>
-/* FixMe: Use PSA_CONNECTION_REFUSED when performing parameter
+/* FixMe: Use PSA_ERROR_CONNECTION_REFUSED when performing parameter
* integrity checks but this will have to be revised
* when the full set of error codes mandated by PSA FF
* is available.
@@ -33,12 +33,12 @@
psa_hash_operation_t *operation = NULL;
if ((in_len != 1) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((out_vec[0].len != sizeof(uint32_t)) ||
(in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
uint32_t handle = iov->op_handle;
@@ -77,12 +77,12 @@
psa_hash_operation_t *operation = NULL;
if ((in_len != 2) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(out_vec[0].len != sizeof(uint32_t))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
uint32_t handle = iov->op_handle;
@@ -120,12 +120,12 @@
psa_hash_operation_t *operation = NULL;
if ((in_len != 1) || (out_len != 2)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(out_vec[0].len != sizeof(uint32_t))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
uint32_t handle = iov->op_handle;
@@ -168,12 +168,12 @@
psa_hash_operation_t *operation = NULL;
if ((in_len != 2) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(out_vec[0].len != sizeof(uint32_t))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
uint32_t handle = iov->op_handle;
@@ -213,12 +213,12 @@
psa_hash_operation_t *operation = NULL;
if ((in_len != 1) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(out_vec[0].len != sizeof(uint32_t))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
uint32_t handle = iov->op_handle;
@@ -258,12 +258,12 @@
psa_hash_operation_t *target_operation = NULL;
if ((in_len != 1) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(out_vec[0].len != sizeof(uint32_t))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
uint32_t source_handle = iov->op_handle;
diff --git a/secure_fw/services/crypto/crypto_key.c b/secure_fw/services/crypto/crypto_key.c
index 65a72b7..66718e1 100644
--- a/secure_fw/services/crypto/crypto_key.c
+++ b/secure_fw/services/crypto/crypto_key.c
@@ -8,7 +8,7 @@
#include <stddef.h>
#include <stdint.h>
-/* FixMe: Use PSA_CONNECTION_REFUSED when performing parameter
+/* FixMe: Use PSA_ERROR_CONNECTION_REFUSED when performing parameter
* integrity checks but this will have to be revised
* when the full set of error codes mandated by PSA FF
* is available.
@@ -70,12 +70,12 @@
size_t out_len)
{
if ((in_len != 1) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(out_vec[0].len != sizeof(psa_key_handle_t))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
psa_key_handle_t *key_handle = out_vec[0].base;
@@ -119,11 +119,11 @@
(void)out_vec;
if ((in_len != 2) || (out_len != 0)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -148,11 +148,11 @@
(void)out_vec;
if ((in_len != 1) || (out_len != 0)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -181,13 +181,13 @@
size_t out_len)
{
if ((in_len != 1) || (out_len != 2)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(out_vec[0].len != sizeof(psa_key_type_t)) ||
(out_vec[1].len != sizeof(size_t))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -204,11 +204,11 @@
size_t out_len)
{
if ((in_len != 1) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -225,11 +225,11 @@
size_t out_len)
{
if ((in_len != 1) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -248,13 +248,13 @@
(void)out_vec;
if ((in_len != 3) || (out_len != 0)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(in_vec[1].len != sizeof(psa_key_handle_t)) ||
(in_vec[2].len != sizeof(psa_key_policy_t))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -273,12 +273,12 @@
(void)out_vec;
if ((in_len != 2) || (out_len != 0)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(in_vec[1].len != sizeof(psa_key_policy_t))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -299,12 +299,12 @@
size_t out_len)
{
if ((in_len != 1) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(out_vec[0].len != sizeof(psa_key_policy_t))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -320,12 +320,12 @@
size_t out_len)
{
if ((in_len != 1) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(out_vec[0].len != sizeof(psa_key_lifetime_t))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
diff --git a/secure_fw/services/crypto/crypto_mac.c b/secure_fw/services/crypto/crypto_mac.c
index 788cfe1..16e996f 100644
--- a/secure_fw/services/crypto/crypto_mac.c
+++ b/secure_fw/services/crypto/crypto_mac.c
@@ -8,7 +8,7 @@
#include <stddef.h>
#include <stdint.h>
-/* FixMe: Use PSA_CONNECTION_REFUSED when performing parameter
+/* FixMe: Use PSA_ERROR_CONNECTION_REFUSED when performing parameter
* integrity checks but this will have to be revised
* when the full set of error codes mandated by PSA FF
* is available.
@@ -33,12 +33,12 @@
psa_mac_operation_t *operation = NULL;
if ((in_len != 1) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((out_vec[0].len != sizeof(uint32_t)) ||
(in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
uint32_t handle = iov->op_handle;
@@ -83,12 +83,12 @@
psa_mac_operation_t *operation = NULL;
if ((in_len != 1) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((out_vec[0].len != sizeof(uint32_t)) ||
(in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
uint32_t handle = iov->op_handle;
@@ -133,12 +133,12 @@
psa_mac_operation_t *operation = NULL;
if ((in_len != 2) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(out_vec[0].len != sizeof(uint32_t))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
uint32_t handle = iov->op_handle;
@@ -176,12 +176,12 @@
psa_mac_operation_t *operation = NULL;
if ((in_len != 1) || (out_len != 2)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(out_vec[0].len != sizeof(uint32_t))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
uint32_t handle = iov->op_handle;
@@ -224,12 +224,12 @@
psa_mac_operation_t *operation = NULL;
if ((in_len != 2) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(out_vec[0].len != sizeof(uint32_t))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
uint32_t handle = iov->op_handle;
@@ -269,12 +269,12 @@
psa_mac_operation_t *operation = NULL;
if ((in_len != 1) || (out_len != 1)) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(out_vec[0].len != sizeof(uint32_t))) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
uint32_t handle = iov->op_handle;
diff --git a/secure_fw/services/crypto/tfm_crypto_secure_api.c b/secure_fw/services/crypto/tfm_crypto_secure_api.c
index 01be810..af6e5a3 100644
--- a/secure_fw/services/crypto/tfm_crypto_secure_api.c
+++ b/secure_fw/services/crypto/tfm_crypto_secure_api.c
@@ -31,12 +31,12 @@
#define PSA_CLOSE() psa_close(ipc_handle)
#define API_DISPATCH(sfn_name, sfn_id) \
- psa_call(ipc_handle, /*PSA_IPC_CALL,*/ \
+ psa_call(ipc_handle, PSA_IPC_CALL, \
in_vec, ARRAY_SIZE(in_vec), \
out_vec, ARRAY_SIZE(out_vec))
#define API_DISPATCH_NO_OUTVEC(sfn_name, sfn_id) \
- psa_call(ipc_handle, /*PSA_IPC_CALL,*/ \
+ psa_call(ipc_handle, PSA_IPC_CALL, \
in_vec, ARRAY_SIZE(in_vec), \
(psa_outvec *)NULL, 0)
#else
@@ -1097,7 +1097,7 @@
if (additional_data == NULL) {
in_len--;
}
- status = psa_call(ipc_handle, in_vec, in_len,
+ status = psa_call(ipc_handle, PSA_IPC_CALL, in_vec, in_len,
out_vec, ARRAY_SIZE(out_vec));
#else
status = API_DISPATCH(tfm_crypto_aead_encrypt,
@@ -1168,7 +1168,7 @@
if (additional_data == NULL) {
in_len--;
}
- status = psa_call(ipc_handle, in_vec, in_len,
+ status = psa_call(ipc_handle, PSA_IPC_CALL, in_vec, in_len,
out_vec, ARRAY_SIZE(out_vec));
#else
status = API_DISPATCH(tfm_crypto_aead_decrypt,
@@ -1300,7 +1300,7 @@
if (salt == NULL) {
in_len--;
}
- status = psa_call(ipc_handle, in_vec, in_len,
+ status = psa_call(ipc_handle, PSA_IPC_CALL, in_vec, in_len,
out_vec, ARRAY_SIZE(out_vec));
#else
status = API_DISPATCH(tfm_crypto_asymmetric_encrypt,
@@ -1358,7 +1358,7 @@
if (salt == NULL) {
in_len--;
}
- status = psa_call(ipc_handle, in_vec, in_len,
+ status = psa_call(ipc_handle, PSA_IPC_CALL, in_vec, in_len,
out_vec, ARRAY_SIZE(out_vec));
#else
status = API_DISPATCH(tfm_crypto_asymmetric_decrypt,
@@ -1549,7 +1549,7 @@
in_len--;
}
}
- status = psa_call(ipc_handle, in_vec, in_len,
+ status = psa_call(ipc_handle, PSA_IPC_CALL, in_vec, in_len,
out_vec, ARRAY_SIZE(out_vec));
#else
status = API_DISPATCH(tfm_crypto_key_derivation,
@@ -1671,7 +1671,7 @@
in_len--;
}
- status = psa_call(ipc_handle, in_vec, in_len, NULL, 0);
+ status = psa_call(ipc_handle, PSA_IPC_CALL, in_vec, in_len, NULL, 0);
#else
status = API_DISPATCH_NO_OUTVEC(tfm_crypto_generate_key,
TFM_CRYPTO_GENERATE_KEY);
diff --git a/secure_fw/services/initial_attestation/tfm_attestation_secure_api.c b/secure_fw/services/initial_attestation/tfm_attestation_secure_api.c
index 282698c..794311a 100644
--- a/secure_fw/services/initial_attestation/tfm_attestation_secure_api.c
+++ b/secure_fw/services/initial_attestation/tfm_attestation_secure_api.c
@@ -54,7 +54,7 @@
return PSA_ATTEST_ERR_GENERAL;
}
- status = psa_call(handle,
+ status = psa_call(handle, PSA_IPC_CALL,
in_vec, IOVEC_LEN(in_vec),
out_vec, IOVEC_LEN(out_vec));
psa_close(handle);
@@ -134,7 +134,7 @@
return PSA_ATTEST_ERR_GENERAL;
}
- status = psa_call(handle,
+ status = psa_call(handle, PSA_IPC_CALL,
in_vec, IOVEC_LEN(in_vec),
out_vec, IOVEC_LEN(out_vec));
psa_close(handle);
diff --git a/secure_fw/services/secure_storage/tfm_sst_req_mngr.c b/secure_fw/services/secure_storage/tfm_sst_req_mngr.c
index 87d4e76..0f7d49b 100644
--- a/secure_fw/services/secure_storage/tfm_sst_req_mngr.c
+++ b/secure_fw/services/secure_storage/tfm_sst_req_mngr.c
@@ -33,13 +33,14 @@
* function call, as calls to the Crypto service are required for
* initialisation.
*
- * \return PSA_SUCCESS if SST is initialised, PSA_CONNECTION_REFUSED otherwise.
+ * \return PSA_SUCCESS if SST is initialised, PSA_ERROR_CONNECTION_REFUSED
+ * otherwise.
*/
static psa_status_t sst_check_init(void)
{
if (!sst_is_init) {
if (tfm_sst_init() != PSA_PS_SUCCESS) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
sst_is_init = true;
}
@@ -59,17 +60,17 @@
psa_ps_status_t *err;
if (sst_check_init() != PSA_SUCCESS) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_len != 3) || (out_len != 1)) {
/* The number of arguments are incorrect */
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if (in_vec[0].len != sizeof(psa_ps_uid_t)) {
/* The input argument size is incorrect */
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
uid = *((psa_ps_uid_t *)in_vec[0].base);
@@ -79,14 +80,14 @@
if (in_vec[2].len != sizeof(psa_ps_create_flags_t)) {
/* The input argument size is incorrect */
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
create_flags = *(psa_ps_create_flags_t *)in_vec[2].base;
if (out_vec[0].len != sizeof(psa_ps_status_t)) {
/* The output argument size is incorrect */
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
err = (psa_ps_status_t *)out_vec[0].base;
@@ -94,7 +95,7 @@
/* Get the caller's client ID */
status = tfm_core_get_caller_client_id(&client_id);
if (status != (int32_t)TFM_SUCCESS) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
*err = tfm_sst_set(client_id, uid, data_length, p_data, create_flags);
@@ -114,31 +115,31 @@
psa_ps_status_t *err;
if (sst_check_init() != PSA_SUCCESS) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_len != 2) || (out_len != 2)) {
/* The number of arguments are incorrect */
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if (in_vec[0].len != sizeof(psa_ps_uid_t)) {
/* The input argument size is incorrect */
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
uid = *((psa_ps_uid_t *)in_vec[0].base);
if (in_vec[1].len != sizeof(data_offset)) {
/* The input argument size is incorrect */
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
data_offset = *(uint32_t *)in_vec[1].base;
if (out_vec[0].len != sizeof(psa_ps_status_t)) {
/* The output argument size is incorrect */
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
err = (psa_ps_status_t *)out_vec[0].base;
@@ -149,7 +150,7 @@
/* Get the caller's client ID */
status = tfm_core_get_caller_client_id(&client_id);
if (status != (int32_t)TFM_SUCCESS) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
*err = tfm_sst_get(client_id, uid, data_offset, data_length, p_data);
@@ -168,31 +169,31 @@
psa_ps_status_t *err;
if (sst_check_init() != PSA_SUCCESS) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_len != 1) || (out_len != 2)) {
/* The number of arguments are incorrect */
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if (in_vec[0].len != sizeof(psa_ps_uid_t)) {
/* The input argument size is incorrect */
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
uid = *((psa_ps_uid_t *)in_vec[0].base);
if (out_vec[0].len != sizeof(psa_ps_status_t)) {
/* The output argument size is incorrect */
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
err = (psa_ps_status_t *)out_vec[0].base;
if (out_vec[1].len != sizeof(struct psa_ps_info_t)) {
/* The output argument size is incorrect */
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
p_info = (struct psa_ps_info_t *)out_vec[1].base;
@@ -200,7 +201,7 @@
/* Get the caller's client ID */
status = tfm_core_get_caller_client_id(&client_id);
if (status != (int32_t)TFM_SUCCESS) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
*err = tfm_sst_get_info(client_id, uid, p_info);
@@ -217,24 +218,24 @@
psa_ps_status_t *err;
if (sst_check_init() != PSA_SUCCESS) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_len != 1) || (out_len != 1)) {
/* The number of arguments are incorrect */
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if (in_vec[0].len != sizeof(psa_ps_uid_t)) {
/* The input argument size is incorrect */
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
uid = *((psa_ps_uid_t *)in_vec[0].base);
if (out_vec[0].len != sizeof(psa_ps_status_t)) {
/* The output argument size is incorrect */
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
err = (psa_ps_status_t *)out_vec[0].base;
@@ -242,7 +243,7 @@
/* Get the caller's client ID */
status = tfm_core_get_caller_client_id(&client_id);
if (status != (int32_t)TFM_SUCCESS) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
*err = tfm_sst_remove(client_id, uid);
@@ -258,17 +259,17 @@
(void)in_vec;
if (sst_check_init() != PSA_SUCCESS) {
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if ((in_len != 0) || (out_len != 1)) {
/* The number of arguments are incorrect */
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
if (out_vec[0].len != sizeof(*support_flags)) {
/* The output argument size is incorrect */
- return PSA_CONNECTION_REFUSED;
+ return PSA_ERROR_CONNECTION_REFUSED;
}
support_flags = (uint32_t *)out_vec[0].base;
diff --git a/secure_fw/services/secure_storage/tfm_sst_secure_api.c b/secure_fw/services/secure_storage/tfm_sst_secure_api.c
index a5afc36..f7832ad 100644
--- a/secure_fw/services/secure_storage/tfm_sst_secure_api.c
+++ b/secure_fw/services/secure_storage/tfm_sst_secure_api.c
@@ -43,7 +43,7 @@
return PSA_PS_ERROR_OPERATION_FAILED;
}
- status = psa_call(handle, in_vec, IOVEC_LEN(in_vec), out_vec,
+ status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), out_vec,
IOVEC_LEN(out_vec));
psa_close(handle);
@@ -90,7 +90,7 @@
return PSA_PS_ERROR_OPERATION_FAILED;
}
- status = psa_call(handle, in_vec, IOVEC_LEN(in_vec), out_vec,
+ status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), out_vec,
IOVEC_LEN(out_vec));
psa_close(handle);
@@ -133,7 +133,7 @@
return PSA_PS_ERROR_OPERATION_FAILED;
}
- status = psa_call(handle, in_vec, IOVEC_LEN(in_vec), out_vec,
+ status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), out_vec,
IOVEC_LEN(out_vec));
psa_close(handle);
@@ -176,7 +176,7 @@
return PSA_PS_ERROR_OPERATION_FAILED;
}
- status = psa_call(handle, in_vec, IOVEC_LEN(in_vec), out_vec,
+ status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), out_vec,
IOVEC_LEN(out_vec));
psa_close(handle);
@@ -243,7 +243,7 @@
return support_flags;
}
- (void)psa_call(handle, NULL, 0, out_vec, IOVEC_LEN(out_vec));
+ (void)psa_call(handle, PSA_IPC_CALL, NULL, 0, out_vec, IOVEC_LEN(out_vec));
psa_close(handle);
#else