Interface: Change control param to uint32_t preprocessor
Define a uint32_t preprocessor to pack control params.
Signed-off-by: Xinyu Zhang <xinyu.zhang@arm.com>
Change-Id: I0992620af1c39ef6dba182cac88e81cd666be0c6
diff --git a/interface/include/tfm_api.h b/interface/include/tfm_api.h
index fea18cd..9d0df04 100644
--- a/interface/include/tfm_api.h
+++ b/interface/include/tfm_api.h
@@ -112,17 +112,17 @@
* \brief Call a secure function referenced by a connection handle.
*
* \param[in] handle Handle to connection.
- * \param[in] ctrl_param Parameter structure, includes request type,
- * in_num and out_num.
+ * \param[in] ctrl_param Parameters combined in uint32_t,
+ * includes request type, in_num and out_num.
* \param[in] in_vec Array of input \ref psa_invec structures.
* \param[in,out] out_vec Array of output \ref psa_outvec structures.
*
* \return Returns \ref psa_status_t status code.
*/
psa_status_t tfm_psa_call_veneer(psa_handle_t handle,
- const struct tfm_control_parameter_t *ctrl_param,
- const psa_invec *in_vec,
- psa_outvec *out_vec);
+ uint32_t ctrl_param,
+ const psa_invec *in_vec,
+ psa_outvec *out_vec);
/**
* \brief Close connection to secure function referenced by a connection handle.
diff --git a/interface/include/tfm_psa_call_param.h b/interface/include/tfm_psa_call_param.h
new file mode 100644
index 0000000..ed51da7
--- /dev/null
+++ b/interface/include/tfm_psa_call_param.h
@@ -0,0 +1,31 @@
+/*
+ * Copyright (c) 2021, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef __TFM_PSA_CALL_PARAM_H__
+#define __TFM_PSA_CALL_PARAM_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define TYPE_OFFSET 16U
+#define TYPE_MASK (0xFFFFUL << TYPE_OFFSET)
+#define IN_LEN_OFFSET 8U
+#define IN_LEN_MASK (0xFFUL << IN_LEN_OFFSET)
+#define OUT_LEN_OFFSET 0U
+#define OUT_LEN_MASK (0xFFUL << OUT_LEN_OFFSET)
+
+#define PARAM_PACK(type, in_len, out_len) \
+ (((((uint32_t)type) << TYPE_OFFSET) & TYPE_MASK) | \
+ ((((uint32_t)in_len) << IN_LEN_OFFSET) & IN_LEN_MASK) | \
+ ((((uint32_t)out_len) << OUT_LEN_OFFSET) & OUT_LEN_MASK))
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __TFM_PSA_CALL_PARAM_H__ */
diff --git a/interface/src/psa/psa_client.c b/interface/src/psa/psa_client.c
index e462063..2d92182 100644
--- a/interface/src/psa/psa_client.c
+++ b/interface/src/psa/psa_client.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2020, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -9,6 +9,7 @@
#include "tfm/tfm_core_svc.h"
#include "psa/client.h"
#include "tfm_api.h"
+#include "tfm_psa_call_param.h"
__attribute__((naked))
uint32_t psa_framework_version(void)
@@ -36,8 +37,9 @@
__attribute__((naked))
static psa_status_t psa_call_param_pack(psa_handle_t handle,
- struct tfm_control_parameter_t *ctrl_param,
- const psa_invec *in_vec, psa_outvec *out_vec)
+ uint32_t ctrl_param,
+ const psa_invec *in_vec,
+ psa_outvec *out_vec)
{
__ASM volatile("SVC %0 \n"
"BX LR \n"
@@ -51,12 +53,18 @@
psa_outvec *out_vec,
size_t out_len)
{
- struct tfm_control_parameter_t ctrl_param;
- ctrl_param.type = type;
- ctrl_param.in_len = in_len;
- ctrl_param.out_len = out_len;
+ if ((type > INT16_MAX) ||
+ (type < INT16_MIN) ||
+ (in_len > PSA_MAX_IOVEC) ||
+ (out_len > PSA_MAX_IOVEC) ||
+ ((in_len + out_len) > PSA_MAX_IOVEC)) {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
- return psa_call_param_pack(handle, &ctrl_param, in_vec, out_vec);
+ return psa_call_param_pack(handle,
+ PARAM_PACK(type, in_len, out_len),
+ in_vec,
+ out_vec);
}
__attribute__((naked))
diff --git a/interface/src/tfm_psa_ns_api.c b/interface/src/tfm_psa_ns_api.c
index 9a677a2..9d60a11 100644
--- a/interface/src/tfm_psa_ns_api.c
+++ b/interface/src/tfm_psa_ns_api.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -8,6 +8,7 @@
#include "psa/client.h"
#include "tfm_ns_interface.h"
#include "tfm_api.h"
+#include "tfm_psa_call_param.h"
/**** API functions ****/
@@ -47,23 +48,18 @@
psa_outvec *out_vec,
size_t out_len)
{
- /* FixMe: sanity check can be added to offload some NS thread checks from
- * TFM secure API
- */
-
- /* Due to v8M restrictions, TF-M NS API needs to add another layer of
- * serialization in order for NS to pass arguments to S
- */
- const struct tfm_control_parameter_t ctrl_param = {
- .type = type,
- .in_len = in_len,
- .out_len = out_len,
- };
+ if ((type > INT16_MAX) ||
+ (type < INT16_MIN) ||
+ (in_len > PSA_MAX_IOVEC) ||
+ (out_len > PSA_MAX_IOVEC) ||
+ ((in_len + out_len) > PSA_MAX_IOVEC)) {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
return tfm_ns_interface_dispatch(
(veneer_fn)tfm_psa_call_veneer,
(uint32_t)handle,
- (uint32_t)&ctrl_param,
+ PARAM_PACK(type, in_len, out_len),
(uint32_t)in_vec,
(uint32_t)out_vec);
}
diff --git a/secure_fw/spm/cmsis_psa/tfm_psa_api_veneers.c b/secure_fw/spm/cmsis_psa/tfm_psa_api_veneers.c
index d2f4b4b0..a3328cd 100644
--- a/secure_fw/spm/cmsis_psa/tfm_psa_api_veneers.c
+++ b/secure_fw/spm/cmsis_psa/tfm_psa_api_veneers.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2020, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -50,9 +50,9 @@
__tfm_psa_secure_gateway_attributes__
psa_status_t tfm_psa_call_veneer(psa_handle_t handle,
- const struct tfm_control_parameter_t *ctrl_param,
- const psa_invec *in_vec,
- psa_outvec *out_vec)
+ uint32_t ctrl_param,
+ const psa_invec *in_vec,
+ psa_outvec *out_vec)
{
__ASM volatile("SVC %0 \n"
"BXNS LR \n"
diff --git a/secure_fw/spm/ffm/psa_client_service_apis.c b/secure_fw/spm/ffm/psa_client_service_apis.c
index 9f2e95f..467c8c7 100644
--- a/secure_fw/spm/ffm/psa_client_service_apis.c
+++ b/secure_fw/spm/ffm/psa_client_service_apis.c
@@ -20,6 +20,7 @@
#include "ffm/spm_error_base.h"
#include "tfm_rpc.h"
#include "tfm_spm_hal.h"
+#include "tfm_psa_call_param.h"
/*********************** SPM functions for PSA Client APIs *******************/
@@ -68,7 +69,6 @@
struct partition_t *partition = NULL;
uint32_t privileged;
int32_t type;
- struct tfm_control_parameter_t ctrl_param;
TFM_CORE_ASSERT(args != NULL);
handle = (psa_handle_t)args[0];
@@ -80,21 +80,9 @@
privileged = tfm_spm_partition_get_privileged_mode(
partition->p_static->flags);
- /*
- * Read parameters from the arguments. It is a PROGRAMMER ERROR if the
- * memory reference for buffer is invalid or not readable.
- */
- if (tfm_memory_check((const void *)args[1],
- sizeof(struct tfm_control_parameter_t), ns_caller,
- TFM_MEMORY_ACCESS_RW, privileged) != SPM_SUCCESS) {
- TFM_PROGRAMMER_ERROR(ns_caller, PSA_ERROR_PROGRAMMER_ERROR);
- }
-
- spm_memcpy(&ctrl_param, (const void *)args[1], sizeof(ctrl_param));
-
- type = ctrl_param.type;
- in_num = ctrl_param.in_len;
- out_num = ctrl_param.out_len;
+ type = (int32_t)((args[1] & TYPE_MASK) >> TYPE_OFFSET);
+ in_num = (size_t)((args[1] & IN_LEN_MASK) >> IN_LEN_OFFSET);
+ out_num = (size_t)((args[1] & OUT_LEN_MASK) >> OUT_LEN_OFFSET);
inptr = (psa_invec *)args[2];
outptr = (psa_outvec *)args[3];