Attest: Decouple attestation from TF-M SPM
Introduce an abstraction layer around the
TF-M SPM specific API calls to make it portable
with other SPM implementations.
Change-Id: I63596efd36674e3c85ab39ff0d2d6f9a8c9f444e
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
diff --git a/secure_fw/services/initial_attestation/CMakeLists.inc b/secure_fw/services/initial_attestation/CMakeLists.inc
index 9644905..831c910 100644
--- a/secure_fw/services/initial_attestation/CMakeLists.inc
+++ b/secure_fw/services/initial_attestation/CMakeLists.inc
@@ -34,6 +34,7 @@
#Append all our source files to global lists.
list(APPEND ALL_SRC_C
"${INITIAL_ATTESTATION_DIR}/tfm_attestation_secure_api.c"
+ "${INITIAL_ATTESTATION_DIR}/tfm_attestation.c"
"${INITIAL_ATTESTATION_DIR}/attestation_core.c"
"${INITIAL_ATTESTATION_DIR}/attestation_crypto_stub.c"
"${INITIAL_ATTESTATION_DIR}/attestation_key.c"
@@ -45,6 +46,7 @@
embedded_include_directories(PATH ${TFM_ROOT_DIR}/interface/include ABSOLUTE)
embedded_include_directories(PATH ${TFM_ROOT_DIR}/platform/ext/common ABSOLUTE)
embedded_include_directories(PATH ${TFM_ROOT_DIR}/platform/include ABSOLUTE)
+ embedded_include_directories(PATH ${TFM_ROOT_DIR}/bl2/include ABSOLUTE)
embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/core ABSOLUTE)
embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/spm ABSOLUTE)
embedded_include_directories(PATH ${TFM_ROOT_DIR}/lib/ext/qcbor/inc ABSOLUTE)
diff --git a/secure_fw/services/initial_attestation/attestation.h b/secure_fw/services/initial_attestation/attestation.h
index 356132d..84e1b66 100644
--- a/secure_fw/services/initial_attestation/attestation.h
+++ b/secure_fw/services/initial_attestation/attestation.h
@@ -9,13 +9,59 @@
#define __ATTESTATION_H__
#include "psa_initial_attestation_api.h"
-#include "psa_client.h"
+#include "tfm_client.h"
#ifdef __cplusplus
extern "C" {
#endif
/*!
+ * \brief Type of memory access
+ */
+enum attest_memory_access_t {
+ TFM_ATTEST_ACCESS_RO = 1,
+ TFM_ATTEST_ACCESS_RW = 2,
+};
+
+/*!
+ * \brief Copy the boot data (coming from boot loader) from shared memory area
+ * to service memory area
+ *
+ * \param[in] major_type Major type of TLV entries to copy
+ * \param[out] ptr Pointer to the buffer to store the boot data
+ * \parma[in] len Size of the buffer to store the boot data
+ *
+ * \return Returns error code as specified in \ref psa_attest_err_t
+ */
+enum psa_attest_err_t
+attest_get_boot_data(uint8_t major_type, void *ptr, uint32_t len);
+
+/*!
+ * \brief Get the ID of the caller thread.
+ *
+ * \param[out] caller_id Pointer where to store caller ID
+ *
+ * \return Returns error code as specified in \ref psa_attest_err_t
+ */
+enum psa_attest_err_t
+attest_get_caller_client_id(int32_t *caller_id);
+
+/*!
+ * \brief Verify memory access rights
+ *
+ * \param[in] addr Pointer to the base of the address range to check
+ * \param[in] size Size of the address range to check
+ * \param[in] access Type of memory access as specified in
+ * \ref attest_memory_access
+ *
+ * \return Returns error code as specified in \ref psa_attest_err_t
+ */
+enum psa_attest_err_t
+attest_check_memory_access(void *addr,
+ uint32_t size,
+ enum attest_memory_access_t access);
+
+/*!
* \brief Initialise the initial attestation service during the TF-M boot up
* process.
*
diff --git a/secure_fw/services/initial_attestation/attestation_core.c b/secure_fw/services/initial_attestation/attestation_core.c
index 35f0fab..6e20954 100644
--- a/secure_fw/services/initial_attestation/attestation_core.c
+++ b/secure_fw/services/initial_attestation/attestation_core.c
@@ -8,15 +8,12 @@
#include <stdint.h>
#include <string.h>
#include <stddef.h>
+#include "tfm_client.h"
#include "attestation.h"
-#include "secure_utilities.h"
-#include "tfm_api.h"
-#include "tfm_secure_api.h"
-#include "psa_client.h"
-#include "bl2/include/tfm_boot_status.h"
-#include "platform/include/tfm_plat_defs.h"
-#include "platform/include/tfm_plat_device_id.h"
-#include "platform/include/tfm_plat_boot_seed.h"
+#include "tfm_boot_status.h"
+#include "tfm_plat_defs.h"
+#include "tfm_plat_device_id.h"
+#include "tfm_plat_boot_seed.h"
#include "tfm_attest_hal.h"
#include "attest_token.h"
#include "attest_eat_defines.h"
@@ -48,14 +45,11 @@
enum psa_attest_err_t attest_init(void)
{
- enum tfm_status_e res;
+ enum psa_attest_err_t res;
- res = tfm_core_get_boot_data(TLV_MAJOR_IAS, boot_status, MAX_BOOT_STATUS);
- if (res != TFM_SUCCESS) {
- return PSA_ATTEST_ERR_INIT_FAILED;
- }
+ res = attest_get_boot_data(TLV_MAJOR_IAS, boot_status, MAX_BOOT_STATUS);
- return PSA_ATTEST_ERR_SUCCESS;
+ return res;
}
/*!
@@ -564,12 +558,12 @@
static enum psa_attest_err_t
attest_add_caller_id_claim(struct attest_token_ctx *token_ctx)
{
- uint32_t res;
+ enum psa_attest_err_t res;
int32_t caller_id;
- res = tfm_core_get_caller_client_id(&caller_id);
- if (res != 0) {
- return PSA_ATTEST_ERR_CLAIM_UNAVAILABLE;
+ res = attest_get_caller_client_id(&caller_id);
+ if (res != PSA_ATTEST_ERR_SUCCESS) {
+ return res;
}
attest_token_add_integer(token_ctx,
@@ -586,6 +580,7 @@
*
* \return Returns error code as specified in \ref psa_attest_err_t
*/
+
static enum psa_attest_err_t
attest_add_security_lifecycle_claim(struct attest_token_ctx *token_ctx)
{
@@ -830,7 +825,6 @@
initial_attest_get_token(const psa_invec *in_vec, uint32_t num_invec,
psa_outvec *out_vec, uint32_t num_outvec)
{
- enum tfm_status_e tfm_err;
enum psa_attest_err_t attest_err = PSA_ATTEST_ERR_SUCCESS;
struct useful_buf_c challenge;
struct useful_buf token;
@@ -846,19 +840,17 @@
goto error;
}
- tfm_err = tfm_core_memory_permission_check((void *)challenge.ptr,
- challenge.len,
- TFM_MEMORY_ACCESS_RO);
- if (tfm_err != TFM_SUCCESS) {
- attest_err = PSA_ATTEST_ERR_INVALID_INPUT;
+ attest_err = attest_check_memory_access((void *)challenge.ptr,
+ challenge.len,
+ TFM_ATTEST_ACCESS_RO);
+ if (attest_err != PSA_ATTEST_ERR_SUCCESS) {
goto error;
}
- tfm_err = tfm_core_memory_permission_check(token.ptr,
- token.len,
- TFM_MEMORY_ACCESS_RW);
- if (tfm_err != TFM_SUCCESS) {
- attest_err = PSA_ATTEST_ERR_INVALID_INPUT;
+ attest_err = attest_check_memory_access(token.ptr,
+ token.len,
+ TFM_ATTEST_ACCESS_RW);
+ if (attest_err != PSA_ATTEST_ERR_SUCCESS) {
goto error;
}
diff --git a/secure_fw/services/initial_attestation/manifest.yaml b/secure_fw/services/initial_attestation/manifest.yaml
index 1de3305..2c83291 100644
--- a/secure_fw/services/initial_attestation/manifest.yaml
+++ b/secure_fw/services/initial_attestation/manifest.yaml
@@ -39,7 +39,7 @@
"attestation_crypto_stub.c",
"attestation_key.c",
"attest_token.c",
-
+ "tfm_attestation.c",
],
"tfm_linker_pattern": [
"library_list": [
diff --git a/secure_fw/services/initial_attestation/tfm_attestation.c b/secure_fw/services/initial_attestation/tfm_attestation.c
new file mode 100644
index 0000000..f2dbf92
--- /dev/null
+++ b/secure_fw/services/initial_attestation/tfm_attestation.c
@@ -0,0 +1,56 @@
+/*
+ * Copyright (c) 2019, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#include "tfm_api.h"
+#include "tfm_secure_api.h"
+#include "attestation.h"
+#include "psa_initial_attestation_api.h"
+#include "bl2/include/tfm_boot_status.h"
+
+enum psa_attest_err_t
+attest_check_memory_access(void *addr,
+ uint32_t size,
+ enum attest_memory_access_t access)
+{
+ enum tfm_status_e tfm_res;
+ enum psa_attest_err_t attest_res = PSA_ATTEST_ERR_SUCCESS;
+
+ tfm_res = tfm_core_memory_permission_check(addr, size, access);
+ if (tfm_res) {
+ attest_res = PSA_ATTEST_ERR_INVALID_INPUT;
+ }
+
+ return attest_res;
+}
+
+enum psa_attest_err_t
+attest_get_caller_client_id(int32_t *caller_id)
+{
+ enum tfm_status_e tfm_res;
+ enum psa_attest_err_t attest_res = PSA_ATTEST_ERR_SUCCESS;
+
+ tfm_res = tfm_core_get_caller_client_id(caller_id);
+ if (tfm_res) {
+ attest_res = PSA_ATTEST_ERR_CLAIM_UNAVAILABLE;
+ }
+
+ return attest_res;
+}
+
+enum psa_attest_err_t
+attest_get_boot_data(uint8_t major_type, void *ptr, uint32_t len)
+{
+ enum tfm_status_e tfm_res;
+ enum psa_attest_err_t attest_res = PSA_ATTEST_ERR_SUCCESS;
+
+ tfm_res = tfm_core_get_boot_data(major_type, ptr, len);
+ if (tfm_res != TFM_SUCCESS) {
+ attest_res = PSA_ATTEST_ERR_INIT_FAILED;
+ }
+
+ return attest_res;
+}
diff --git a/secure_fw/services/initial_attestation/tfm_attestation_secure_api.c b/secure_fw/services/initial_attestation/tfm_attestation_secure_api.c
index 4b71974..14e5f3f 100644
--- a/secure_fw/services/initial_attestation/tfm_attestation_secure_api.c
+++ b/secure_fw/services/initial_attestation/tfm_attestation_secure_api.c
@@ -8,7 +8,7 @@
#include "psa_initial_attestation_api.h"
#include "tfm_veneers.h"
#include "secure_utilities.h"
-#include "psa_client.h"
+#include "tfm_client.h"
#include "tfm_secure_api.h"
#include <string.h>
diff --git a/secure_fw/services/initial_attestation/tfm_client.h b/secure_fw/services/initial_attestation/tfm_client.h
new file mode 100644
index 0000000..78adb0d
--- /dev/null
+++ b/secure_fw/services/initial_attestation/tfm_client.h
@@ -0,0 +1,25 @@
+/*
+ * Copyright (c) 2019, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef __TFM_CLIENT_H__
+#define __TFM_CLIENT_H__
+
+#include "psa_client.h" /* psa_invec, psa_outvec */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Intentionally empty, the aim of this file to include psa_client.h, which
+ * contains the psa_invec and psa_outvec definitions in TF-M project, but these
+ * might has different location in another projects.
+ */
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __TFM_CLIENT_H__ */