TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m.git / acae8bd7a9afeedd51e7e2a7ca942988a6ad8b3c^! / . / secure_fw
commitacae8bd7a9afeedd51e7e2a7ca942988a6ad8b3c[log] [tgz]
authorMate Toth-Pal <mate.toth-pal@arm.com>Tue Sep 10 16:47:11 2019 +0200
committerMate Toth-Pal <mate.toth-pal@arm.com>Mon Sep 23 20:54:26 2019 +0200
tree654a2651685028c6b1f40bac5acc6407a0545c7c
parent070279f0cb481f2fa61bd3fb80218234081ede90 [diff]
Core: Only allow PRoT services to make reset request

Only allow reset requests that are coming from a PSA Root of Trust
secure service.

Also make test service, that is making an SPM requests to be PRoT

Change-Id: Id89a619db4e59f7460600351081a231dab3a366e
Signed-off-by: Mate Toth-Pal <mate.toth-pal@arm.com>

diff --git a/secure_fw/core/tfm_core.c b/secure_fw/core/tfm_core.c
index 92dc567..3ac6f97 100644
--- a/secure_fw/core/tfm_core.c
+++ b/secure_fw/core/tfm_core.c

@@ -24,6 +24,8 @@
 #include "tfm_thread.h"
 #include "tfm_wait.h"
 #include "tfm_message_queue.h"
+#else
+#include "spm_api.h"
 #endif
 
 /*
@@ -189,14 +191,29 @@
     return TFM_SUCCESS;
 }
 
+#ifndef TFM_PSA_API
 void tfm_core_spm_request_handler(const struct tfm_state_context_t *svc_ctx)
 {
     uint32_t *res_ptr = (uint32_t *)&svc_ctx->r0;
+    uint32_t running_partition_flags = 0;
+    uint32_t running_partition_idx;
 
-    /* FixMe: check if caller partition is permitted to make an SPM request */
+    /* Check permissions on request type basis */
 
     switch (svc_ctx->r0) {
     case TFM_SPM_REQUEST_RESET_VOTE:
+        running_partition_idx =
+        tfm_spm_partition_get_running_partition_idx();
+        running_partition_flags = tfm_spm_partition_get_flags(
+                                                         running_partition_idx);
+
+        /* Currently only PSA Root of Trust services are allowed to make Reset
+         * vote request
+         */
+        if ((running_partition_flags & SPM_PART_FLAG_PSA_ROT) == 0) {
+            *res_ptr = (uint32_t)TFM_ERROR_GENERIC;
+        }
+
         /* FixMe: this is a placeholder for checks to be performed before
          * allowing execution of reset
          */
@@ -206,6 +223,7 @@
         *res_ptr = (uint32_t)TFM_ERROR_INVALID_PARAMETER;
     }
 }
+#endif /* TFM_PSA_API */
 
 int main(void)
 {

diff --git a/secure_fw/services/tfm_spm_db.inc b/secure_fw/services/tfm_spm_db.inc
index 14a4020..6d2bef6 100644
--- a/secure_fw/services/tfm_spm_db.inc
+++ b/secure_fw/services/tfm_spm_db.inc

@@ -467,7 +467,7 @@
     {
         .partition_id         = TFM_SP_CORE_TEST_ID,
         .partition_flags      = SPM_PART_FLAG_IPC
-                              | SPM_PART_FLAG_APP_ROT
+                              | SPM_PART_FLAG_PSA_ROT | SPM_PART_FLAG_APP_ROT
                               ,
         .partition_priority   = TFM_PRIORITY(NORMAL),
         .partition_init       = core_test_init,