AuditLog: Use uniform signatures
This patch amends the Audit Logging service to use
Uniform Signatures.
Change-Id: If8a84b75b6ec5937ae27c62b2b8c43644a5b2505
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
diff --git a/interface/include/audit_wrappers.h b/interface/include/audit_wrappers.h
deleted file mode 100644
index 2e3f62e..0000000
--- a/interface/include/audit_wrappers.h
+++ /dev/null
@@ -1,63 +0,0 @@
-/*
- * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#ifndef __AUDIT_WRAPPERS_H__
-#define __AUDIT_WRAPPERS_H__
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*!
- * \struct audit_core_retrieve_input
- *
- * \brief Input structure for the audit_core_retrieve_record_wrapper function
- *
- */
-struct audit_core_retrieve_input {
- const uint32_t record_index; /*!< Index of the record to retrieve */
- const uint32_t buffer_size; /*!< Size in bytes of the provided buffer */
- const uint8_t *token; /*!< Must be set to NULL. Token used as a
- * challenge for encryption, to protect
- * against rollback attacks
- */
- const uint32_t token_size; /*!< Must be set to 0. Size in bytes of the
- * token used as challenge
- */
-};
-
-/*!
- * \struct audit_core_retrieve_output
- *
- * \brief Output structure for the audit_core_retrieve_record_wrapper function
- *
- */
-struct audit_core_retrieve_output {
- uint8_t *buffer; /*!< Buffer used to store the retrieved record */
- uint32_t *record_size; /*!< Size in bytes of the retrieved record */
-};
-
-/*!
- * \brief This function is a TF-M compatible wrapper for the
- * \ref audit_core_retrieve_record implemented in the Audit log
- * core functions
- *
- * \param[in] input_s Pointer to the structure containing input parameters
- * associated with \ref psa_audit_retrieve_record
- * \param[out] output_s Pointer to the structure containing output parameters
- * associated with \ref psa_audit_retrieve_record
- *
- */
-enum psa_audit_err audit_core_retrieve_record_wrapper(
- const struct audit_core_retrieve_input *input_s,
- const struct audit_core_retrieve_output *output_s);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __AUDIT_WRAPPERS_H__ */
diff --git a/interface/include/psa_audit_api.h b/interface/include/psa_audit_api.h
index f079f3e..d55a057 100644
--- a/interface/include/psa_audit_api.h
+++ b/interface/include/psa_audit_api.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -15,6 +15,7 @@
#define PSA_AUDIT_API_VERSION_MINOR (1)
#include "psa_audit_defs.h"
+#include "psa/error.h"
#ifdef __cplusplus
extern "C" {
@@ -40,15 +41,15 @@
* \param[out] buffer Buffer used to store the retrieved record
* \param[out] record_size Size in bytes of the retrieved record
*
- * \return Returns values as specified by the \ref psa_audit_err
+ * \return Returns values as specified by the \ref psa_status_t
*
*/
-enum psa_audit_err psa_audit_retrieve_record(const uint32_t record_index,
- const uint32_t buffer_size,
- const uint8_t *token,
- const uint32_t token_size,
- uint8_t *buffer,
- uint32_t *record_size);
+psa_status_t psa_audit_retrieve_record(const uint32_t record_index,
+ const uint32_t buffer_size,
+ const uint8_t *token,
+ const uint32_t token_size,
+ uint8_t *buffer,
+ uint32_t *record_size);
/**
* \brief Returns the total number and size of the records stored
*
@@ -58,10 +59,10 @@
* \param[out] num_records Total number of records stored
* \param[out] size Total size of the records stored, in bytes
*
- * \return Returns values as specified by the \ref psa_audit_err
+ * \return Returns values as specified by the \ref psa_status_t
*
*/
-enum psa_audit_err psa_audit_get_info(uint32_t *num_records, uint32_t *size);
+psa_status_t psa_audit_get_info(uint32_t *num_records, uint32_t *size);
/**
* \brief Returns the size of the record at the specified index
@@ -72,11 +73,11 @@
* \param[in] record_index Index of the record to return the size
* \param[out] size Size of the specified record, in bytes
*
- * \return Returns values as specified by the \ref psa_audit_err
+ * \return Returns values as specified by the \ref psa_status_t
*
*/
-enum psa_audit_err psa_audit_get_record_info(const uint32_t record_index,
- uint32_t *size);
+psa_status_t psa_audit_get_record_info(const uint32_t record_index,
+ uint32_t *size);
/**
* \brief Deletes a record at the specified index
@@ -97,12 +98,12 @@
* \param[in] token_size Must be set to 0. Size in bytes of the token used as
* authorisation for removal
*
- * \return Returns values as specified by the \ref psa_audit_err
+ * \return Returns values as specified by the \ref psa_status_t
*
*/
-enum psa_audit_err psa_audit_delete_record(const uint32_t record_index,
- const uint8_t *token,
- const uint32_t token_size);
+psa_status_t psa_audit_delete_record(const uint32_t record_index,
+ const uint8_t *token,
+ const uint32_t token_size);
/**
* \brief Adds a record
*
@@ -114,10 +115,10 @@
* \param[in] record Pointer to the memory buffer containing the record
* to be added
*
- * \return Returns values as specified by the \ref psa_audit_err
+ * \return Returns values as specified by the \ref psa_status_t
*
*/
-enum psa_audit_err psa_audit_add_record(const struct psa_audit_record *record);
+psa_status_t psa_audit_add_record(const struct psa_audit_record *record);
#ifdef __cplusplus
}
diff --git a/interface/include/psa_audit_defs.h b/interface/include/psa_audit_defs.h
index 1aeee33..479d76d 100644
--- a/interface/include/psa_audit_defs.h
+++ b/interface/include/psa_audit_defs.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -14,21 +14,6 @@
#include <stdint.h>
#include "tfm_api.h"
-#include "limits.h"
-
-/* The return value is shared with the TFM partition status value. The Audit
- * Log return codes shouldn't overlap with predefined TFM status values
- */
-#define PSA_AUDIT_ERR_OFFSET (TFM_PARTITION_SPECIFIC_ERROR_MIN)
-
-enum psa_audit_err {
- PSA_AUDIT_ERR_SUCCESS = 0, /*!< Operation successful */
- PSA_AUDIT_ERR_FAILURE = PSA_AUDIT_ERR_OFFSET, /*!< Generic failure */
- PSA_AUDIT_ERR_NOT_SUPPORTED, /*!< Operation not supported */
-
- /* Following entry is only to ensure the error code of int size */
- PSA_AUDIT_ERR_FORCE_INT_SIZE = INT_MAX
-};
/*!
* \struct psa_audit_record
diff --git a/interface/src/tfm_audit_api.c b/interface/src/tfm_audit_api.c
index 9ce86ef..fd4fc67 100644
--- a/interface/src/tfm_audit_api.c
+++ b/interface/src/tfm_audit_api.c
@@ -5,71 +5,100 @@
*
*/
-#include "tfm_audit_veneers.h"
#include "psa_audit_api.h"
+#include "tfm_veneers.h"
#include "tfm_ns_lock.h"
-#include "audit_wrappers.h"
-enum psa_audit_err psa_audit_retrieve_record(const uint32_t record_index,
- const uint32_t buffer_size,
- const uint8_t *token,
- const uint32_t token_size,
- uint8_t *buffer,
- uint32_t *record_size)
+#define ARRAY_SIZE(arr) (sizeof(arr)/sizeof(arr[0]))
+
+#define API_DISPATCH(sfn_name) \
+ tfm_ns_lock_dispatch((veneer_fn)tfm_##sfn_name##_veneer, \
+ (uint32_t)in_vec, (uint32_t)ARRAY_SIZE(in_vec), \
+ (uint32_t)out_vec, (uint32_t)ARRAY_SIZE(out_vec))
+
+#define API_DISPATCH_NO_INVEC(sfn_name) \
+ tfm_ns_lock_dispatch((veneer_fn)tfm_##sfn_name##_veneer, \
+ (uint32_t)NULL, 0, \
+ (uint32_t)out_vec, (uint32_t)ARRAY_SIZE(out_vec))
+
+#define API_DISPATCH_NO_OUTVEC(sfn_name) \
+ tfm_ns_lock_dispatch((veneer_fn)tfm_##sfn_name##_veneer, \
+ (uint32_t)in_vec, (uint32_t)ARRAY_SIZE(in_vec), \
+ (uint32_t)NULL, 0)
+
+psa_status_t psa_audit_retrieve_record(const uint32_t record_index,
+ const uint32_t buffer_size,
+ const uint8_t *token,
+ const uint32_t token_size,
+ uint8_t *buffer,
+ uint32_t *record_size)
{
- const struct audit_core_retrieve_input input_s =
- {.record_index = record_index,
- .buffer_size = buffer_size,
- .token = token,
- .token_size = token_size};
+ psa_status_t status;
+ psa_invec in_vec[] = {
+ {.base = &record_index, .len = sizeof(uint32_t)},
+ {.base = token, .len = token_size},
+ };
+ psa_outvec out_vec[] = {
+ {.base = buffer, .len = buffer_size},
+ };
- struct audit_core_retrieve_output output_s = {.buffer = buffer,
- .record_size = record_size};
+ status = API_DISPATCH(audit_core_retrieve_record);
- return (enum psa_audit_err) tfm_ns_lock_dispatch((veneer_fn)tfm_audit_veneer_retrieve_record,
- (uint32_t)&input_s,
- (uint32_t)&output_s,
- 0,
- 0);
+ *record_size = out_vec[0].len;
+
+ return status;
}
-enum psa_audit_err psa_audit_get_info(uint32_t *num_records,
- uint32_t *size)
+psa_status_t psa_audit_get_info(uint32_t *num_records, uint32_t *size)
{
- return (enum psa_audit_err) tfm_ns_lock_dispatch((veneer_fn)tfm_audit_veneer_get_info,
- (uint32_t)num_records,
- (uint32_t)size,
- 0,
- 0);
+ psa_status_t status;
+ psa_outvec out_vec[] = {
+ {.base = num_records, .len = sizeof(uint32_t)},
+ {.base = size, .len = sizeof(uint32_t)},
+ };
+
+ status = API_DISPATCH_NO_INVEC(audit_core_get_info);
+
+ return status;
}
-enum psa_audit_err psa_audit_get_record_info(const uint32_t record_index,
- uint32_t *size)
+psa_status_t psa_audit_get_record_info(const uint32_t record_index,
+ uint32_t *size)
{
- return (enum psa_audit_err) tfm_ns_lock_dispatch((veneer_fn)tfm_audit_veneer_get_record_info,
- (uint32_t)record_index,
- (uint32_t)size,
- 0,
- 0);
+ psa_status_t status;
+ psa_invec in_vec[] = {
+ {.base = &record_index, .len = sizeof(uint32_t)},
+ };
+ psa_outvec out_vec[] = {
+ {.base = size, .len = sizeof(uint32_t)},
+ };
+
+ status = API_DISPATCH(audit_core_get_record_info);
+
+ return status;
}
-enum psa_audit_err psa_audit_delete_record(const uint32_t record_index,
- const uint8_t *token,
- const uint32_t token_size)
+psa_status_t psa_audit_delete_record(const uint32_t record_index,
+ const uint8_t *token,
+ const uint32_t token_size)
{
- return (enum psa_audit_err) tfm_ns_lock_dispatch((veneer_fn)tfm_audit_veneer_delete_record,
- (uint32_t)record_index,
- (uint32_t)token,
- (uint32_t)token_size,
- 0);
+ psa_status_t status;
+ psa_invec in_vec[] = {
+ {.base = &record_index, .len = sizeof(uint32_t)},
+ {.base = token, .len = token_size},
+ };
+
+ status = API_DISPATCH_NO_OUTVEC(audit_core_delete_record);
+
+ return status;
}
-enum psa_audit_err psa_audit_add_record(const struct psa_audit_record *record)
+psa_status_t psa_audit_add_record(const struct psa_audit_record *record)
{
/* This API supports only Secure world calls. As this is the implementation
* of the Non-Secure interface, always directly return an error without
- * routing the call to TF-M in the Secure world
+ * routing the call to TF-M in the Secure world.
*/
(void)record;
- return PSA_AUDIT_ERR_NOT_SUPPORTED;
+ return PSA_ERROR_NOT_PERMITTED;
}
diff --git a/secure_fw/ns_callable/CMakeLists.inc b/secure_fw/ns_callable/CMakeLists.inc
index b8fcf5f..13a9ed3 100644
--- a/secure_fw/ns_callable/CMakeLists.inc
+++ b/secure_fw/ns_callable/CMakeLists.inc
@@ -29,10 +29,6 @@
set (SS_NS_CALLABLE_C_SRC "${CMAKE_CURRENT_LIST_DIR}/tfm_veneers.c")
endif()
-if (TFM_PARTITION_AUDIT_LOG)
- list(APPEND SS_NS_CALLABLE_C_SRC "${CMAKE_CURRENT_LIST_DIR}/tfm_audit_veneers.c")
-endif()
-
#Append all our source files to global lists.
list(APPEND ALL_SRC_C ${SS_NS_CALLABLE_C_SRC})
unset(SS_NS_CALLABLE_C_SRC)
diff --git a/secure_fw/services/audit_logging/CMakeLists.inc b/secure_fw/services/audit_logging/CMakeLists.inc
index 31c401f..215ea46 100644
--- a/secure_fw/services/audit_logging/CMakeLists.inc
+++ b/secure_fw/services/audit_logging/CMakeLists.inc
@@ -27,7 +27,6 @@
set (AUDIT_LOGGING_C_SRC
"${AUDIT_LOGGING_DIR}/tfm_audit_secure_api.c"
"${AUDIT_LOGGING_DIR}/audit_core.c"
- "${AUDIT_LOGGING_DIR}/audit_wrappers.c"
)
#Append all our source files to global lists.
diff --git a/secure_fw/services/audit_logging/audit_core.c b/secure_fw/services/audit_logging/audit_core.c
index 924534f..687a08e 100644
--- a/secure_fw/services/audit_logging/audit_core.c
+++ b/secure_fw/services/audit_logging/audit_core.c
@@ -292,15 +292,15 @@
* \param[out] dest Pointer to the destination buffer
*
*/
-static enum psa_audit_err audit_buffer_copy(const uint8_t *src,
- const uint32_t size,
- uint8_t *dest)
+static psa_status_t audit_buffer_copy(const uint8_t *src,
+ const uint32_t size,
+ uint8_t *dest)
{
uint32_t idx = 0;
uint32_t dest_idx = (uint32_t)dest - (uint32_t)&log_buffer[0];
if ((dest_idx >= LOG_SIZE) || (size > LOG_SIZE)) {
- return PSA_AUDIT_ERR_FAILURE;
+ return PSA_ERROR_BUFFER_TOO_SMALL;
}
/* TODO: This can be an optimized copy using uint32_t
@@ -312,7 +312,7 @@
log_buffer[(dest_idx + idx) % LOG_SIZE] = src[idx];
}
- return PSA_AUDIT_ERR_SUCCESS;
+ return PSA_SUCCESS;
}
/*!
@@ -323,9 +323,9 @@
* \param[out] dest Pointer to the destination buffer
*
*/
-static enum psa_audit_err audit_memcpy(const uint8_t *src,
- const uint32_t size,
- uint8_t *dest)
+static psa_status_t audit_memcpy(const uint8_t *src,
+ const uint32_t size,
+ uint8_t *dest)
{
uint32_t idx = 0;
@@ -333,7 +333,7 @@
dest[idx] = src[idx];
}
- return PSA_AUDIT_ERR_SUCCESS;
+ return PSA_SUCCESS;
}
/*!
@@ -345,15 +345,15 @@
* \param[out] buffer Pointer to the buffer to format
*
*/
-static enum psa_audit_err audit_format_buffer(
- const struct psa_audit_record *record,
- const int32_t partition_id,
- uint64_t *buffer)
+static psa_status_t audit_format_buffer(const struct psa_audit_record *record,
+ const int32_t partition_id,
+ uint64_t *buffer)
{
struct log_hdr *hdr = NULL;
struct log_tlr *tlr = NULL;
uint32_t size;
uint8_t idx;
+ psa_status_t status;
/* Get the size from the record */
size = record->size;
@@ -374,10 +374,11 @@
hdr->partition_id = partition_id;
/* Copy the record into the scratch buffer */
- if (audit_memcpy( (const uint8_t *) record,
- size+4,
- (uint8_t *) &(hdr->size) ) != PSA_AUDIT_ERR_SUCCESS) {
- return PSA_AUDIT_ERR_FAILURE;
+ status = audit_memcpy((const uint8_t *) record,
+ size+4,
+ (uint8_t *) &(hdr->size));
+ if (status != PSA_SUCCESS) {
+ return status;
}
/* FIXME: The MAC here is just a dummy value for prototyping. It will be
@@ -388,7 +389,7 @@
tlr->mac[idx] = idx;
}
- return PSA_AUDIT_ERR_SUCCESS;
+ return PSA_SUCCESS;
}
/*!
@@ -421,26 +422,60 @@
#endif
}
+static psa_status_t _audit_core_get_info(uint32_t *num_records, uint32_t *size)
+{
+ /* Return the number of records that are currently stored */
+ *num_records = log_state.num_records;
+
+ /* Return the size of the records currently stored */
+ *size = log_state.stored_size;
+
+ return PSA_SUCCESS;
+}
+
+static psa_status_t _audit_core_get_record_info(const uint32_t record_index,
+ uint32_t *size)
+{
+ uint32_t start_idx, idx;
+
+ if (record_index >= log_state.num_records) {
+ return PSA_ERROR_PROGRAMMER_ERROR;
+ }
+
+ /* First element to read from the log */
+ start_idx = log_state.first_el_idx;
+
+ /* Move the start_idx index to the desired element */
+ for (idx = 0; idx < record_index; idx++) {
+ start_idx = GET_NEXT_LOG_INDEX(start_idx);
+ }
+
+ /* Get the size of the requested record */
+ *size = COMPUTE_LOG_ENTRY_SIZE(*GET_SIZE_FIELD_POINTER(start_idx));
+
+ return PSA_SUCCESS;
+}
+
/*!
* \defgroup public Public functions
*
*/
/*!@{*/
-enum psa_audit_err audit_core_init(void)
+psa_status_t audit_core_init(void)
{
#if (AUDIT_UART_REDIRECTION == 1U)
int32_t ret = ARM_DRIVER_OK;
ret = LOG_UART_NAME.Initialize(NULL);
if (ret != ARM_DRIVER_OK) {
- return PSA_AUDIT_ERR_FAILURE;
+ return PSA_ERROR_GENERIC_ERROR;
}
ret = LOG_UART_NAME.Control(ARM_USART_MODE_ASYNCHRONOUS,
LOG_UART_BAUD_RATE);
if (ret != ARM_DRIVER_OK) {
- return PSA_AUDIT_ERR_FAILURE;
+ return PSA_ERROR_GENERIC_ERROR;
}
/* If we get to this point, UART init is successful */
@@ -450,21 +485,34 @@
/* Clear the log state variables */
audit_update_state(0,0,0,0);
- return PSA_AUDIT_ERR_SUCCESS;
+ return PSA_SUCCESS;
}
-enum psa_audit_err audit_core_delete_record(const uint32_t record_index,
- const uint8_t *token,
- const uint32_t token_size)
+psa_status_t audit_core_delete_record(psa_invec in_vec[],
+ size_t in_len,
+ psa_outvec out_vec[],
+ size_t out_len)
{
uint32_t first_el_idx, size_removed;
+ if ((in_len != 2) || (out_len != 0)) {
+ return PSA_ERROR_CONNECTION_REFUSED;
+ }
+
+ if (in_vec[0].len != sizeof(uint32_t)) {
+ return PSA_ERROR_CONNECTION_REFUSED;
+ }
+
+ const uint32_t record_index = *((uint32_t *)in_vec[0].base);
+ const uint8_t *token = in_vec[1].base;
+ const uint32_t token_size = in_vec[1].len;
+
/* FixMe: Currently only the removal of the oldest entry, i.e.
* record_index 0, is supported. This has to be extended
* to support removal of random records
*/
if (record_index > 0) {
- return PSA_AUDIT_ERR_NOT_SUPPORTED;
+ return PSA_ERROR_NOT_SUPPORTED;
}
/* FixMe: Currently token and token_size parameters are not evaluated
@@ -472,12 +520,12 @@
* authorised
*/
if ((token != NULL) || (token_size != 0)) {
- return PSA_AUDIT_ERR_NOT_SUPPORTED;
+ return PSA_ERROR_NOT_SUPPORTED;
}
/* Check that the record index to be removed is contained in the log */
if (record_index >= log_state.num_records) {
- return PSA_AUDIT_ERR_FAILURE;
+ return PSA_ERROR_PROGRAMMER_ERROR;
}
/* If the log contains just one element, reset the state and return */
@@ -486,7 +534,7 @@
/* Clear the log state variables */
audit_update_state(0,0,0,0);
- return PSA_AUDIT_ERR_SUCCESS;
+ return PSA_SUCCESS;
}
/* Get the index to the element to be removed */
@@ -506,59 +554,101 @@
log_state.num_records--;
log_state.stored_size -= size_removed;
- return PSA_AUDIT_ERR_SUCCESS;
+ return PSA_SUCCESS;
}
-enum psa_audit_err audit_core_get_info(uint32_t *num_records,
- uint32_t *size)
+psa_status_t audit_core_get_info(psa_invec in_vec[],
+ size_t in_len,
+ psa_outvec out_vec[],
+ size_t out_len)
{
+ if ((in_len != 0) || (out_len != 2)) {
+ return PSA_ERROR_CONNECTION_REFUSED;
+ }
+
+ if ((out_vec[0].len != sizeof(uint32_t)) ||
+ (out_vec[1].len != sizeof(uint32_t))) {
+ return PSA_ERROR_CONNECTION_REFUSED;
+ }
+
+ uint32_t *num_records = out_vec[0].base;
+ uint32_t *size = out_vec[1].base;
+
/* Return the number of records that are currently stored */
*num_records = log_state.num_records;
/* Return the size of the records currently stored */
*size = log_state.stored_size;
- return PSA_AUDIT_ERR_SUCCESS;
+ return PSA_SUCCESS;
}
-enum psa_audit_err audit_core_get_record_info(const uint32_t record_index,
- uint32_t *size)
+psa_status_t audit_core_get_record_info(psa_invec in_vec[],
+ size_t in_len,
+ psa_outvec out_vec[],
+ size_t out_len)
{
uint32_t start_idx, idx;
+ if ((in_len != 1) || (out_len != 1)) {
+ return PSA_ERROR_CONNECTION_REFUSED;
+ }
+
+ if ((in_vec[0].len != sizeof(uint32_t)) ||
+ (out_vec[0].len != sizeof(uint32_t))) {
+ return PSA_ERROR_CONNECTION_REFUSED;
+ }
+
+ const uint32_t record_index = *((uint32_t *)in_vec[0].base);
+ uint32_t *size = out_vec[0].base;
+
if (record_index >= log_state.num_records) {
- return PSA_AUDIT_ERR_FAILURE;
+ return PSA_ERROR_PROGRAMMER_ERROR;
}
/* First element to read from the log */
start_idx = log_state.first_el_idx;
/* Move the start_idx index to the desired element */
- for (idx=0; idx<record_index; idx++) {
+ for (idx = 0; idx < record_index; idx++) {
start_idx = GET_NEXT_LOG_INDEX(start_idx);
}
/* Get the size of the requested record */
*size = COMPUTE_LOG_ENTRY_SIZE(*GET_SIZE_FIELD_POINTER(start_idx));
- return PSA_AUDIT_ERR_SUCCESS;
+ return PSA_SUCCESS;
}
-enum psa_audit_err audit_core_add_record(const struct psa_audit_record *record)
+psa_status_t audit_core_add_record(psa_invec in_vec[],
+ size_t in_len,
+ psa_outvec out_vec[],
+ size_t out_len)
{
uint32_t start_pos = 0, stop_pos = 0;
uint32_t first_el_idx = 0, last_el_idx = 0, size = 0;
uint32_t num_items = 0, stored_size = 0;
int32_t partition_id;
+ psa_status_t status;
+
+ if ((in_len != 1) || (out_len != 0)) {
+ return PSA_ERROR_CONNECTION_REFUSED;
+ }
+
+ if (in_vec[0].len != sizeof(struct psa_audit_record)) {
+ return PSA_ERROR_CONNECTION_REFUSED;
+ }
+
+ const struct psa_audit_record *record = in_vec[0].base;
/* Get the value of the partition ID of the caller through TFM secure API */
if (tfm_core_get_caller_client_id(&partition_id) != (int32_t)TFM_SUCCESS) {
- return PSA_AUDIT_ERR_FAILURE;
+ return PSA_ERROR_NOT_PERMITTED;
}
/* Check if the partition ID of the caller is from NS world */
if (TFM_CLIENT_ID_IS_NS(partition_id)) {
- return PSA_AUDIT_ERR_FAILURE;
+ return PSA_ERROR_NOT_PERMITTED;
}
/* Read the size from the input record */
@@ -566,20 +656,20 @@
/* Check that size is a 4-byte multiple as expected */
if (size % 4) {
- return PSA_AUDIT_ERR_FAILURE;
+ return PSA_ERROR_NOT_SUPPORTED;
}
/* Check that the entry to be added is not greater than the
* maximum space available
*/
if (size > (LOG_SIZE - (LOG_FIXED_FIELD_SIZE+LOG_MAC_SIZE))) {
- return PSA_AUDIT_ERR_FAILURE;
+ return PSA_ERROR_INSUFFICIENT_MEMORY;
}
/* Get the size in bytes and num of elements present in the log */
- if (audit_core_get_info(&num_items, &stored_size) !=
- PSA_AUDIT_ERR_SUCCESS) {
- return PSA_AUDIT_ERR_FAILURE;
+ status = _audit_core_get_info(&num_items, &stored_size);
+ if (status != PSA_SUCCESS) {
+ return status;
}
if (num_items == 0) {
@@ -597,19 +687,19 @@
}
/* Format the scratch buffer with the complete log item */
- if (audit_format_buffer(record, partition_id, &scratch_buffer[0])
- != PSA_AUDIT_ERR_SUCCESS) {
- return PSA_AUDIT_ERR_FAILURE;
+ status = audit_format_buffer(record, partition_id, &scratch_buffer[0]);
+ if (status != PSA_SUCCESS) {
+ return status;
}
/* TODO: At this point, encryption should be called if supported */
/* Do the copy of the log item to be added in the log */
- if (audit_buffer_copy( (const uint8_t *) &scratch_buffer[0],
- COMPUTE_LOG_ENTRY_SIZE(size),
- (uint8_t *) &log_buffer[start_pos] )
- != PSA_AUDIT_ERR_SUCCESS) {
- return PSA_AUDIT_ERR_FAILURE;
+ status = audit_buffer_copy((const uint8_t *) &scratch_buffer[0],
+ COMPUTE_LOG_ENTRY_SIZE(size),
+ (uint8_t *) &log_buffer[start_pos]);
+ if (status != PSA_SUCCESS) {
+ return status;
}
/* Retrieve current log state */
@@ -634,41 +724,52 @@
/* Stream to a secure UART if available for the platform and built */
audit_uart_redirection(last_el_idx);
- return PSA_AUDIT_ERR_SUCCESS;
+ return PSA_SUCCESS;
}
-enum psa_audit_err audit_core_retrieve_record(const uint32_t record_index,
- const uint32_t buffer_size,
- const uint8_t *token,
- const uint32_t token_size,
- uint8_t *buffer,
- uint32_t *record_size)
-
+psa_status_t audit_core_retrieve_record(psa_invec in_vec[],
+ size_t in_len,
+ psa_outvec out_vec[],
+ size_t out_len)
{
uint32_t idx, start_idx, record_size_tmp;
+ psa_status_t status;
- enum psa_audit_err err;
+ if ((in_len != 2) || (out_len != 1)) {
+ return PSA_ERROR_CONNECTION_REFUSED;
+ }
+
+ if (in_vec[0].len != sizeof(uint32_t)) {
+ return PSA_ERROR_CONNECTION_REFUSED;
+ }
+ const uint32_t record_index = *((uint32_t *)in_vec[0].base);
+ const uint8_t *token = in_vec[1].base;
+ const uint32_t token_size = in_vec[1].len;
+ uint8_t *buffer = out_vec[0].base;
+ uint32_t buffer_size = out_vec[0].len;
/* FixMe: Currently token and token_size parameters are not evaluated
* to be used as a challenge for encryption as encryption support
* is still not yet available
*/
if ((token != NULL) || (token_size != 0)) {
- return PSA_AUDIT_ERR_NOT_SUPPORTED;
+ out_vec[0].len = 0;
+ return PSA_ERROR_NOT_SUPPORTED;
}
/* Get the size of the record we want to retrieve */
- err = audit_core_get_record_info(record_index, &record_size_tmp);
+ status = _audit_core_get_record_info(record_index, &record_size_tmp);
/* Propagate the error to the caller in case of failure */
- if (err != PSA_AUDIT_ERR_SUCCESS) {
- return err;
+ if (status != PSA_SUCCESS) {
+ out_vec[0].len = 0;
+ return status;
}
/* buffer_size must be enough to hold the requested record */
if (buffer_size < record_size_tmp) {
- *record_size = 0;
- return PSA_AUDIT_ERR_FAILURE;
+ out_vec[0].len = 0;
+ return PSA_ERROR_BUFFER_TOO_SMALL;
}
/* First element to read from the log */
@@ -685,8 +786,8 @@
}
/* Update the retrieved size */
- *record_size = record_size_tmp;
+ out_vec[0].len = record_size_tmp;
- return PSA_AUDIT_ERR_SUCCESS;
+ return PSA_SUCCESS;
}
/*!@}*/
diff --git a/secure_fw/services/audit_logging/audit_core.h b/secure_fw/services/audit_logging/audit_core.h
index d41cc7c..700d0f2 100644
--- a/secure_fw/services/audit_logging/audit_core.h
+++ b/secure_fw/services/audit_logging/audit_core.h
@@ -17,6 +17,10 @@
#include <limits.h>
#include "psa_audit_defs.h"
+#include "psa/error.h"
+
+#define UNIFORM_SIGNATURE_API(api_name) \
+ psa_status_t api_name(psa_invec[], size_t, psa_outvec[], size_t)
/*!
* \struct log_entry
@@ -126,105 +130,21 @@
* \brief Initializes the Audit logging service
* during the TFM boot up process
*
- * \return Returns PSA_AUDIT_ERR_SUCCESS if init has been completed,
- * otherwise error as specified in \ref psa_audit_err
+ * \return Returns PSA_STATUS_T_SUCCESS if init has been completed,
+ * otherwise error as specified in \ref psa_status_t
*/
-enum psa_audit_err audit_core_init(void);
+psa_status_t audit_core_init(void);
-/*!
- * \brief Retrieves a record at the specified index
- *
- * \details The function retrieves an item specified by index and returns
- * it on the buffer provided. The token is passed as a challenge
- * value for the encryption scheme
- *
- * \note Currently the cryptography support is not yet enabled, so the
- * token value is not used and must be passed as NULL, with 0 size
- *
- * \param[in] record_index Index of the record to retrieve
- * \param[in] buffer_size Size in bytes of the provided buffer
- * \param[in] token Must be set to NULL. Token used as a challenge
- * for encryption, to protect against rollback
- * attacks
- * \param[in] token_size Must be set to 0. Size in bytes of the token
- * used as challenge
- * \param[out] buffer Buffer used to store the retrieved record
- * \param[out] record_size Size in bytes of the retrieved record
- *
- * \return Returns values as specified by the \ref psa_audit_err
- *
- */
-enum psa_audit_err audit_core_retrieve_record(const uint32_t record_index,
- const uint32_t buffer_size,
- const uint8_t *token,
- const uint32_t token_size,
- uint8_t *buffer,
- uint32_t *record_size);
-/*!
- * \brief Adds a record
- *
- * \details This function adds a record in the Audit log
- *
- * \param[in] record Pointer to the memory buffer containing the record
- * to be added
- *
- * \return Returns values as specified by the \ref psa_audit_err
- *
- */
-enum psa_audit_err audit_core_add_record(const struct psa_audit_record *record);
+#define LIST_TFM_AUDIT_UNIFORM_SIGNATURE_API \
+ X(audit_core_delete_record) \
+ X(audit_core_get_info) \
+ X(audit_core_get_record_info) \
+ X(audit_core_add_record) \
+ X(audit_core_retrieve_record) \
-/*!
- * \brief Returns the total number and size of the records stored
- *
- * \details The function returns the total size in bytes and the
- * total number of records stored
- *
- * \param[out] num_records Total number of records stored
- * \param[out] size Total size of the records stored, in bytes
- *
- * \return Returns values as specified by the \ref psa_audit_err
- *
- */
-enum psa_audit_err audit_core_get_info(uint32_t *num_records,
- uint32_t *size);
-
-/*!
- * \brief Returns the size of the record at the specified index
- *
- * \details The function returns the size of the record at the given index
- * provided as input
- *
- * \param[in] record_index Index of the record to return the size
- * \param[out] size Size of the specified record, in bytes
- *
- * \return Returns values as specified by the \ref psa_audit_err
- *
- */
-enum psa_audit_err audit_core_get_record_info(const uint32_t record_index,
- uint32_t *size);
-/*!
- * \brief Deletes a record at the specified index
- *
- * \details The function removes a record at the specified index. It passes
- * an authorisation token for removal which is a MAC of the plain text
- *
- * \note Currently the cryptography support is not yet enabled, so the
- * token value is not used and must be passed as NULL, with 0 size
- *
- * \param[in] record_index Index of the record to be removed. Currently, only
- * the removal of the oldest entry, i.e. record_index 0
- * is supported
- * \param[in] token Must be set to NULL. Token used as authorisation for
- * removal of the specified record_index
- * \param[in] token_size Must be set to 0. Size in bytes of the token used as
- * authorisation for removal
- *
- * \return Returns values as specified by the \ref psa_audit_err
- *
- */
-enum psa_audit_err audit_core_delete_record(const uint32_t record_index,
- const uint8_t *token,
- const uint32_t token_size);
+#define X(api_name) UNIFORM_SIGNATURE_API(api_name);
+LIST_TFM_AUDIT_UNIFORM_SIGNATURE_API
+#undef X
#ifdef __cplusplus
}
diff --git a/secure_fw/services/audit_logging/audit_wrappers.c b/secure_fw/services/audit_logging/audit_wrappers.c
deleted file mode 100644
index ec89cde..0000000
--- a/secure_fw/services/audit_logging/audit_wrappers.c
+++ /dev/null
@@ -1,29 +0,0 @@
-/*
- * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#include "audit_core.h"
-#include "audit_wrappers.h"
-#include "psa_audit_defs.h"
-
-/*!
- * \defgroup public Public functions, TF-M compatible wrappers
- *
- */
-
-/*!@{*/
-enum psa_audit_err audit_core_retrieve_record_wrapper(
- const struct audit_core_retrieve_input *input_s,
- const struct audit_core_retrieve_output *output_s)
-{
- return audit_core_retrieve_record(input_s->record_index,
- input_s->buffer_size,
- input_s->token,
- input_s->token_size,
- output_s->buffer,
- output_s->record_size);
-}
-/*!@}*/
diff --git a/secure_fw/services/audit_logging/tfm_audit_secure_api.c b/secure_fw/services/audit_logging/tfm_audit_secure_api.c
index f347fb4..383c66c 100644
--- a/secure_fw/services/audit_logging/tfm_audit_secure_api.c
+++ b/secure_fw/services/audit_logging/tfm_audit_secure_api.c
@@ -1,57 +1,110 @@
/*
- * Copyright (c) 2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
*/
#include "psa_audit_api.h"
-#include "tfm_audit_veneers.h"
-#include "audit_wrappers.h"
+#include "tfm_veneers.h"
+
+#define ARRAY_SIZE(arr) (sizeof(arr)/sizeof(arr[0]))
+
+#define API_DISPATCH(sfn_name) \
+ tfm_##sfn_name##_veneer( \
+ in_vec, ARRAY_SIZE(in_vec), \
+ out_vec, ARRAY_SIZE(out_vec))
+
+#define API_DISPATCH_NO_INVEC(sfn_name) \
+ tfm_##sfn_name##_veneer( \
+ NULL, 0, \
+ out_vec, ARRAY_SIZE(out_vec))
+
+#define API_DISPATCH_NO_OUTVEC(sfn_name) \
+ tfm_##sfn_name##_veneer( \
+ in_vec, ARRAY_SIZE(in_vec), \
+ NULL, 0)
__attribute__((section("SFN")))
-enum psa_audit_err psa_audit_retrieve_record(const uint32_t record_index,
- const uint32_t buffer_size,
- const uint8_t *token,
- const uint32_t token_size,
- uint8_t *buffer,
- uint32_t *record_size)
+psa_status_t psa_audit_retrieve_record(const uint32_t record_index,
+ const uint32_t buffer_size,
+ const uint8_t *token,
+ const uint32_t token_size,
+ uint8_t *buffer,
+ uint32_t *record_size)
{
- const struct audit_core_retrieve_input input_s =
- {.record_index = record_index,
- .buffer_size = buffer_size,
- .token = token,
- .token_size = token_size};
+ psa_status_t status;
+ psa_invec in_vec[] = {
+ {.base = &record_index, .len = sizeof(uint32_t)},
+ {.base = token, .len = token_size},
+ };
+ psa_outvec out_vec[] = {
+ {.base = buffer, .len = buffer_size},
+ };
- struct audit_core_retrieve_output output_s = {.buffer = buffer,
- .record_size = record_size};
+ status = API_DISPATCH(audit_core_retrieve_record);
- return tfm_audit_veneer_retrieve_record(&input_s, &output_s);
+ *record_size = out_vec[0].len;
+
+ return status;
}
__attribute__((section("SFN")))
-enum psa_audit_err psa_audit_get_info(uint32_t *num_records, uint32_t *size)
+psa_status_t psa_audit_get_info(uint32_t *num_records, uint32_t *size)
{
- return tfm_audit_veneer_get_info(num_records, size);
+ psa_status_t status;
+ psa_outvec out_vec[] = {
+ {.base = num_records, .len = sizeof(uint32_t)},
+ {.base = size, .len = sizeof(uint32_t)},
+ };
+
+ status = API_DISPATCH_NO_INVEC(audit_core_get_info);
+
+ return status;
}
__attribute__((section("SFN")))
-enum psa_audit_err psa_audit_get_record_info(const uint32_t record_index,
- uint32_t *size)
+psa_status_t psa_audit_get_record_info(const uint32_t record_index,
+ uint32_t *size)
{
- return tfm_audit_veneer_get_record_info(record_index, size);
+ psa_status_t status;
+ psa_invec in_vec[] = {
+ {.base = &record_index, .len = sizeof(uint32_t)},
+ };
+ psa_outvec out_vec[] = {
+ {.base = size, .len = sizeof(uint32_t)},
+ };
+
+ status = API_DISPATCH(audit_core_get_record_info);
+
+ return status;
}
__attribute__((section("SFN")))
-enum psa_audit_err psa_audit_delete_record(const uint32_t record_index,
- const uint8_t *token,
- const uint32_t token_size)
+psa_status_t psa_audit_delete_record(const uint32_t record_index,
+ const uint8_t *token,
+ const uint32_t token_size)
{
- return tfm_audit_veneer_delete_record(record_index, token, token_size);
+ psa_status_t status;
+ psa_invec in_vec[] = {
+ {.base = &record_index, .len = sizeof(uint32_t)},
+ {.base = token, .len = token_size},
+ };
+
+ status = API_DISPATCH_NO_OUTVEC(audit_core_delete_record);
+
+ return status;
}
__attribute__((section("SFN")))
-enum psa_audit_err psa_audit_add_record(const struct psa_audit_record *record)
+psa_status_t psa_audit_add_record(const struct psa_audit_record *record)
{
- return tfm_audit_veneer_add_record(record);
+ psa_status_t status;
+ psa_invec in_vec[] = {
+ {.base = record, .len = sizeof(struct psa_audit_record)},
+ };
+
+ status = API_DISPATCH_NO_OUTVEC(audit_core_add_record);
+
+ return status;
}
diff --git a/test/suites/audit/non_secure/audit_ns_interface_testsuite.c b/test/suites/audit/non_secure/audit_ns_interface_testsuite.c
index ee8a187..5c27ba9 100644
--- a/test/suites/audit/non_secure/audit_ns_interface_testsuite.c
+++ b/test/suites/audit/non_secure/audit_ns_interface_testsuite.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -82,7 +82,7 @@
*/
static void tfm_audit_test_1001(struct test_result_t *ret)
{
- enum psa_audit_err err;
+ psa_status_t status;
uint8_t local_buffer[LOCAL_BUFFER_SIZE];
uint32_t idx, stored_size, num_records, retrieved_size;
@@ -90,8 +90,8 @@
struct psa_audit_record *retrieved_buffer;
/* Get the log size (current state) */
- err = psa_audit_get_info(&num_records, &stored_size);
- if (err != PSA_AUDIT_ERR_SUCCESS) {
+ status = psa_audit_get_info(&num_records, &stored_size);
+ if (status != PSA_SUCCESS) {
TEST_FAIL("Getting log info has returned error");
return;
}
@@ -108,8 +108,8 @@
/* Check the length of each record individually */
for (idx=0; idx<num_records; idx++) {
- err = psa_audit_get_record_info(idx, &stored_size);
- if (err != PSA_AUDIT_ERR_SUCCESS) {
+ status = psa_audit_get_record_info(idx, &stored_size);
+ if (status != PSA_SUCCESS) {
TEST_FAIL("Getting record size individually has returned error");
return;
}
@@ -121,8 +121,8 @@
}
/* Check that if requesting length of a record which is not there fails */
- err = psa_audit_get_record_info(num_records, &stored_size);
- if (err != PSA_AUDIT_ERR_FAILURE) {
+ status = psa_audit_get_record_info(num_records, &stored_size);
+ if (status == PSA_SUCCESS) {
TEST_FAIL("Getting record size for non-existent record has not failed");
return;
}
@@ -131,7 +131,7 @@
* the full contents of the log, one record at a time
*/
for (idx=0; idx<INITIAL_LOG_RECORDS; idx++) {
- err = psa_audit_retrieve_record(
+ status = psa_audit_retrieve_record(
idx,
LOCAL_BUFFER_SIZE,
NULL,
@@ -139,7 +139,7 @@
&local_buffer[idx*STANDARD_LOG_ENTRY_SIZE],
&retrieved_size);
- if (err != PSA_AUDIT_ERR_SUCCESS) {
+ if (status != PSA_SUCCESS) {
TEST_FAIL("Log retrieval from NS returned error");
return;
}
@@ -156,14 +156,14 @@
* been returned, and if they're zeros items / zero bytes, there is
* no point in checking the contents of the local_buffer.
*/
- err = psa_audit_retrieve_record(0,
- LOCAL_BUFFER_SIZE/4,
- NULL,
- 0,
- &local_buffer[0],
- &retrieved_size);
+ status = psa_audit_retrieve_record(0,
+ LOCAL_BUFFER_SIZE/4,
+ NULL,
+ 0,
+ &local_buffer[0],
+ &retrieved_size);
- if (err != PSA_AUDIT_ERR_FAILURE) {
+ if (status == PSA_SUCCESS) {
TEST_FAIL("Log retrieval from NS should fail, buffer too small");
return;
}
@@ -176,14 +176,14 @@
/* Retrieve into a buffer which can hold a single element, but start from
* the second element that is stored in the log
*/
- err = psa_audit_retrieve_record(1,
- STANDARD_LOG_ENTRY_SIZE,
- NULL,
- 0,
- &local_buffer[0],
- &retrieved_size);
+ status = psa_audit_retrieve_record(1,
+ STANDARD_LOG_ENTRY_SIZE,
+ NULL,
+ 0,
+ &local_buffer[0],
+ &retrieved_size);
- if (err != PSA_AUDIT_ERR_SUCCESS) {
+ if (status != PSA_SUCCESS) {
TEST_FAIL("Log retrieval from NS returned error");
return;
}
@@ -205,15 +205,15 @@
}
/* Delete oldest element in the log */
- err = psa_audit_delete_record(0, NULL, 0);
- if (err != PSA_AUDIT_ERR_SUCCESS) {
+ status = psa_audit_delete_record(0, NULL, 0);
+ if (status != PSA_SUCCESS) {
TEST_FAIL("Log record deletion from NS returned error");
return;
}
/* Get the log size (current state) */
- err = psa_audit_get_info(&num_records, &stored_size);
- if (err != PSA_AUDIT_ERR_SUCCESS) {
+ status = psa_audit_get_info(&num_records, &stored_size);
+ if (status != PSA_SUCCESS) {
TEST_FAIL("Getting log info has returned error");
return;
}
@@ -229,15 +229,15 @@
}
/* Delete oldest element in the log. After this, the log will be empty */
- err = psa_audit_delete_record(0, NULL, 0);
- if (err != PSA_AUDIT_ERR_SUCCESS) {
+ status = psa_audit_delete_record(0, NULL, 0);
+ if (status != PSA_SUCCESS) {
TEST_FAIL("Log record deletion from NS returned error");
return;
}
/* Get the log size (current state) */
- err = psa_audit_get_info(&num_records, &stored_size);
- if (err != PSA_AUDIT_ERR_SUCCESS) {
+ status = psa_audit_get_info(&num_records, &stored_size);
+ if (status != PSA_SUCCESS) {
TEST_FAIL("Getting log info has returned error");
return;
}
diff --git a/test/suites/audit/secure/audit_s_interface_testsuite.c b/test/suites/audit/secure/audit_s_interface_testsuite.c
index d781f60..cf74fea 100644
--- a/test/suites/audit/secure/audit_s_interface_testsuite.c
+++ b/test/suites/audit/secure/audit_s_interface_testsuite.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -10,7 +10,6 @@
#include "audit_s_tests.h"
#include "tfm_api.h"
#include "psa_audit_api.h"
-#include "audit_wrappers.h"
#include "secure_fw/services/audit_logging/audit_core.h"
#include "../audit_tests_common.h"
@@ -63,7 +62,7 @@
*/
static void tfm_audit_test_1001(struct test_result_t *ret)
{
- enum psa_audit_err err;
+ psa_status_t status;
uint8_t local_buffer[LOCAL_BUFFER_SIZE], idx;
struct psa_audit_record *record = (struct psa_audit_record *)
&local_buffer[0];
@@ -78,16 +77,16 @@
record->id = DUMMY_TEST_RECORD_ID_BASE + idx;
/* The record doesn't contain any payload */
- err = psa_audit_add_record(record);
- if (err != PSA_AUDIT_ERR_SUCCESS) {
+ status = psa_audit_add_record(record);
+ if (status != PSA_SUCCESS) {
TEST_FAIL("Record addition has returned an error");
return;
}
}
/* Get the log size */
- err = psa_audit_get_info(&num_records, &stored_size);
- if (err != PSA_AUDIT_ERR_SUCCESS) {
+ status = psa_audit_get_info(&num_records, &stored_size);
+ if (status != PSA_SUCCESS) {
TEST_FAIL("Getting log info has returned error");
return;
}
@@ -107,14 +106,14 @@
uint8_t *p_buf =
&local_buffer[(idx-BASE_RETRIEVAL_LOG_INDEX)*STANDARD_LOG_ENTRY_SIZE];
- err = psa_audit_retrieve_record(idx,
- LOCAL_BUFFER_SIZE,
- NULL,
- 0,
- p_buf,
- &record_size);
+ status = psa_audit_retrieve_record(idx,
+ LOCAL_BUFFER_SIZE,
+ NULL,
+ 0,
+ p_buf,
+ &record_size);
- if (err != PSA_AUDIT_ERR_SUCCESS) {
+ if (status != PSA_SUCCESS) {
TEST_FAIL("Retrieve indexes 6 or 7 has returned an error");
return;
}
@@ -140,14 +139,14 @@
uint8_t *p_buf =
&local_buffer[(idx-(num_records-2))*STANDARD_LOG_ENTRY_SIZE];
- err = psa_audit_retrieve_record(idx,
- LOCAL_BUFFER_SIZE,
- NULL,
- 0,
- p_buf,
- &record_size);
+ status = psa_audit_retrieve_record(idx,
+ LOCAL_BUFFER_SIZE,
+ NULL,
+ 0,
+ p_buf,
+ &record_size);
- if (err != PSA_AUDIT_ERR_SUCCESS) {
+ if (status != PSA_SUCCESS) {
TEST_FAIL("Retrieve of last two log records has returned error");
return;
}
@@ -169,14 +168,14 @@
}
/* Retrieve the first log item */
- err = psa_audit_retrieve_record(0,
- LOCAL_BUFFER_SIZE,
- NULL,
- 0,
- &local_buffer[0],
- &record_size);
+ status = psa_audit_retrieve_record(0,
+ LOCAL_BUFFER_SIZE,
+ NULL,
+ 0,
+ &local_buffer[0],
+ &record_size);
- if (err != PSA_AUDIT_ERR_SUCCESS) {
+ if (status != PSA_SUCCESS) {
TEST_FAIL("Retrieve of the first log entry has returned error");
return;
}
@@ -191,14 +190,14 @@
return;
}
- err = psa_audit_retrieve_record(num_records - 1,
- LOCAL_BUFFER_SIZE,
- NULL,
- 0,
- &local_buffer[0],
- &record_size);
+ status = psa_audit_retrieve_record(num_records - 1,
+ LOCAL_BUFFER_SIZE,
+ NULL,
+ 0,
+ &local_buffer[0],
+ &record_size);
- if (err != PSA_AUDIT_ERR_SUCCESS) {
+ if (status != PSA_SUCCESS) {
TEST_FAIL("Retrieve of last two log entries has returned error");
return;
}
@@ -220,15 +219,15 @@
record->id = DUMMY_TEST_RECORD_ID_BASE + INITIAL_LOGGING_REQUESTS;
/* The addition of this new log item will wrap the log ending */
- err = psa_audit_add_record(record);
- if (err != PSA_AUDIT_ERR_SUCCESS) {
+ status = psa_audit_add_record(record);
+ if (status != PSA_SUCCESS) {
TEST_FAIL("Record addition has returned an error");
return;
}
/* Get the log size */
- err = psa_audit_get_info(&num_records, &stored_size);
- if (err != PSA_AUDIT_ERR_SUCCESS) {
+ status = psa_audit_get_info(&num_records, &stored_size);
+ if (status != PSA_SUCCESS) {
TEST_FAIL("Getting log info has returned error");
return;
}
@@ -253,14 +252,14 @@
&local_buffer[(idx-(num_records-2))*STANDARD_LOG_ENTRY_SIZE];
/* Retrieve the last two items */
- err = psa_audit_retrieve_record(idx,
- LOCAL_BUFFER_SIZE,
- NULL,
- 0,
- p_buf,
- &record_size);
+ status = psa_audit_retrieve_record(idx,
+ LOCAL_BUFFER_SIZE,
+ NULL,
+ 0,
+ p_buf,
+ &record_size);
- if (err != PSA_AUDIT_ERR_SUCCESS) {
+ if (status != PSA_SUCCESS) {
TEST_FAIL("Retrieve of last two log records has returned error");
return;
}
@@ -293,15 +292,15 @@
record->id = DUMMY_TEST_RECORD_ID_BASE + INITIAL_LOGGING_REQUESTS + 1;
/* The record has maximum possible payload for log size of 1024 */
- err = psa_audit_add_record(record);
- if (err != PSA_AUDIT_ERR_SUCCESS) {
+ status = psa_audit_add_record(record);
+ if (status != PSA_SUCCESS) {
TEST_FAIL("Record addition has returned an error");
return;
}
/* Get the log size */
- err = psa_audit_get_info(&num_records, &stored_size);
- if (err != PSA_AUDIT_ERR_SUCCESS) {
+ status = psa_audit_get_info(&num_records, &stored_size);
+ if (status != PSA_SUCCESS) {
TEST_FAIL("Getting log info has returned error");
return;
}
@@ -321,14 +320,14 @@
* As there is just one big record filling the whole space, nothing
* will be returned and the API will fail
*/
- err = psa_audit_retrieve_record(0,
- LOCAL_BUFFER_SIZE,
- NULL,
- 0,
- &local_buffer[0],
- &record_size);
+ status = psa_audit_retrieve_record(0,
+ LOCAL_BUFFER_SIZE,
+ NULL,
+ 0,
+ &local_buffer[0],
+ &record_size);
- if (err != PSA_AUDIT_ERR_FAILURE) {
+ if (status == PSA_SUCCESS) {
TEST_FAIL("Retrieve of index 0 should fail as it's too big");
return;
}
@@ -345,16 +344,16 @@
INITIAL_LOGGING_REQUESTS + 2 + idx;
/* The record doesn't contain any payload */
- err = psa_audit_add_record(record);
- if (err != PSA_AUDIT_ERR_SUCCESS) {
+ status = psa_audit_add_record(record);
+ if (status != PSA_SUCCESS) {
TEST_FAIL("Record addition has returned an error");
return;
}
}
/* Get the log size */
- err = psa_audit_get_info(&num_records, &stored_size);
- if (err != PSA_AUDIT_ERR_SUCCESS) {
+ status = psa_audit_get_info(&num_records, &stored_size);
+ if (status != PSA_SUCCESS) {
TEST_FAIL("Getting log info has returned error");
return;
}
@@ -375,8 +374,8 @@
/* Check the length of each record individually */
for (idx=0; idx<num_records; idx++) {
- err = psa_audit_get_record_info(idx, &stored_size);
- if (err != PSA_AUDIT_ERR_SUCCESS) {
+ status = psa_audit_get_record_info(idx, &stored_size);
+ if (status != PSA_SUCCESS) {
TEST_FAIL("Getting record size individually has returned error");
return;
}
@@ -388,8 +387,8 @@
}
/* Check that if requesting length of a record which is not there fails */
- err = psa_audit_get_record_info(num_records, &stored_size);
- if (err != PSA_AUDIT_ERR_FAILURE) {
+ status = psa_audit_get_record_info(num_records, &stored_size);
+ if (status == PSA_SUCCESS) {
TEST_FAIL("Getting record size for non-existent record has not failed");
return;
}