AuditLog: Align the implementation to the PSA header
This change modifies the AuditLog service implementation
to reflect the changes introduced by the PSA compliant API
interface. The symbol name patterns for functions, variables,
folders and source files are also changed to be audit_* /
tfm_audit*.
Change-Id: I674060979961f568912870f49a72ed571499f059
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
diff --git a/app/CMakeLists.txt b/app/CMakeLists.txt
index 14ea7bb..528ad1a 100755
--- a/app/CMakeLists.txt
+++ b/app/CMakeLists.txt
@@ -45,7 +45,7 @@
"${APP_DIR}/tfm_integ_test.c"
"${APP_DIR}/os_wrapper_rtx.c"
"${INTERFACE_DIR}/src/tfm_sst_api.c"
- "${INTERFACE_DIR}/src/tfm_log_api.c"
+ "${INTERFACE_DIR}/src/tfm_audit_api.c"
"${INTERFACE_DIR}/src/tfm_id_mngr_dummy.c"
"${INTERFACE_DIR}/src/tfm_ns_lock_rtx.c"
)
diff --git a/docs/user_guides/services/tfm_log_integration_guide.md b/docs/user_guides/services/tfm_audit_integration_guide.md
similarity index 100%
rename from docs/user_guides/services/tfm_log_integration_guide.md
rename to docs/user_guides/services/tfm_audit_integration_guide.md
diff --git a/interface/include/audit_wrappers.h b/interface/include/audit_wrappers.h
new file mode 100644
index 0000000..ec98144
--- /dev/null
+++ b/interface/include/audit_wrappers.h
@@ -0,0 +1,63 @@
+/*
+ * Copyright (c) 2018, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef __AUDIT_WRAPPERS_H__
+#define __AUDIT_WRAPPERS_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*!
+ * \struct audit_core_retrieve_input
+ *
+ * \brief Input structure for the audit_core_retrieve_record_wrapper function
+ *
+ */
+struct audit_core_retrieve_input {
+ const uint32_t record_index; /*!< Index of the record to retrieve */
+ const uint32_t buffer_size; /*!< Size in bytes of the provided buffer */
+ const uint8_t *token; /*!< Must be set to NULL. Token used as a
+ * challenge for encryption, to protect
+ * against rollback attacks
+ */
+ const uint32_t token_size; /*!< Must be set to 0. Size in bytes of the
+ * token used as challenge
+ */
+};
+
+/*!
+ * \struct audit_core_retrieve_output
+ *
+ * \brief Output structure for the audit_core_retrieve_record_wrapper function
+ *
+ */
+struct audit_core_retrieve_output {
+ uint8_t *buffer; /*!< Buffer used to store the retrieved record */
+ uint32_t *record_size; /*!< Size in bytes of the retrieved record */
+};
+
+/*!
+ * \brief This function is a TF-M compatible wrapper for the
+ * \ref audit_core_retrieve_record implemented in the Audit log
+ * core functions
+ *
+ * \param[in] input_s Pointer to the structure containing input parameters
+ * associated with \ref psa_audit_retrieve_record
+ * \param[out] output_s Pointer to the structure containing output parameters
+ * associated with \ref psa_audit_retrieve_record
+ *
+ */
+enum psa_audit_err audit_core_retrieve_record_wrapper(
+ const struct audit_core_retrieve_input *input_s,
+ struct audit_core_retrieve_output *output_s);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __AUDIT_WRAPPERS_H__ */
diff --git a/interface/include/tfm_audit_veneers.h b/interface/include/tfm_audit_veneers.h
new file mode 100644
index 0000000..45dc42c
--- /dev/null
+++ b/interface/include/tfm_audit_veneers.h
@@ -0,0 +1,114 @@
+/*
+ * Copyright (c) 2018, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef __TFM_AUDIT_VENEERS_H__
+#define __TFM_AUDIT_VENEERS_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <stdint.h>
+#include "psa_audit_defs.h"
+#include "audit_wrappers.h"
+
+/**
+ * \brief Retrieves a record at the specified index (Veneer)
+ *
+ * \details The function retrieves an item specified by index and returns
+ * it on the buffer provided. The token is passed as a challenge
+ * value for the encryption scheme
+ *
+ * \note Currently the cryptography support is not yet enabled, so the
+ * token value is not used and must be passed as NULL, with 0 size
+ *
+ * \param[in] input_s Pointer to the structure containing input parameters
+ * associated with \ref psa_audit_retrieve_record
+ * \param[out] output_s Pointer to the structure containing output parameters
+ * associated with \ref psa_audit_retrieve_record
+ *
+ * \return Returns values as specified by the \ref psa_audit_err
+ *
+ */
+enum psa_audit_err tfm_audit_veneer_retrieve_record(
+ const struct audit_core_retrieve_input *input_s,
+ struct audit_core_retrieve_output *output_s);
+/**
+ * \brief Adds a record (Veneer)
+ *
+ * \details This function adds a record. This is a Secure only callable function
+ *
+ * \note This is a Secure only callable API, Non-Secure calls will
+ * always return error
+ *
+ * \param[in] record Pointer to the memory buffer containing the record
+ * to be added
+ *
+ * \return Returns values as specified by the \ref psa_audit_err
+ *
+ */
+enum psa_audit_err tfm_audit_veneer_add_record(
+ const struct psa_audit_record *record);
+
+/**
+ * \brief Returns the total number and size of the records stored (Veneer)
+ *
+ * \details The function returns the total size in bytes and the
+ * total number of records stored
+ *
+ * \param[out] num_records Total number of records stored
+ * \param[out] size Total size of the records stored, in bytes
+ *
+ * \return Returns values as specified by the \ref psa_audit_err
+ *
+ */
+enum psa_audit_err tfm_audit_veneer_get_info(uint32_t *num_records,
+ uint32_t *size);
+/**
+ * \brief Returns the size of the record at the specified index (Veneer)
+ *
+ * \details The function returns the size of the record at the given index
+ * provided as input
+ *
+ * \param[in] record_index Index of the record to return the size
+ * \param[out] size Size of the specified record, in bytes
+ *
+ * \return Returns values as specified by the \ref psa_audit_err
+ *
+ */
+enum psa_audit_err tfm_audit_veneer_get_record_info(const uint32_t record_index,
+ uint32_t *size);
+/**
+ * \brief Deletes a record at the specified index (Veneer)
+ *
+ * \details The function removes a record at the specified index. It passes
+ * an authorisation token for removal which is a MAC of the plain text
+ *
+ * \note Currently the cryptography support is not yet enabled, so the
+ * token value is not used and must be passed as NULL, with 0 size
+ *
+ * \note This is an experimental API function
+ *
+ * \param[in] record_index Index of the record to be removed. Currently, only
+ * the removal of the oldest entry, i.e. record_index 0
+ * is supported
+ * \param[in] token Must be set to NULL. Token used as authorisation for
+ * removal of the specified record_index
+ * \param[in] token_size Must be set to 0. Size in bytes of the token used as
+ * authorisation for removal
+ *
+ * \return Returns values as specified by the \ref psa_audit_err
+ *
+ */
+enum psa_audit_err tfm_audit_veneer_delete_record(const uint32_t record_index,
+ const uint8_t *token,
+ const uint32_t token_size);
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __TFM_AUDIT_VENEERS_H__ */
diff --git a/interface/include/tfm_log_api.h b/interface/include/tfm_log_api.h
deleted file mode 100644
index 6b7d0e6..0000000
--- a/interface/include/tfm_log_api.h
+++ /dev/null
@@ -1,75 +0,0 @@
-/*
- * Copyright (c) 2018, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#ifndef __TFM_LOG_API__
-#define __TFM_LOG_API__
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include "tfm_log_defs.h"
-
-/**
- * \brief Retrieves the audit log
- *
- * \details The function reads the audit log into the buffer provided.
- * If provided buffer size is too small to fit the full log,
- * the function will read the maximum number of items in the
- * log that fit the available space in the buffer
- *
- * \param[in] size Maximum number of bytes to retrieve from the log
- * \param[in] start Index of element from where to start retrieval
- * \param[out] buffer Pointer to the buffer that will hold the log
- * \param[out] info Pointer to the \ref tfm_log_info structure
- * contained information related to the retrieved
- * portion of the log (size and number of items)
- *
- * \return Returns TFM_LOG_ERR_SUCCESS if retrieval has been completed,
- * otherwise error as specified in \ref tfm_log_err
- *
- * \note If start is equal to TFM_ALG_READ_RECENT, the function will
- * retrieve the most recent elements that fit the provided size
- */
-enum tfm_log_err tfm_log_retrieve(uint32_t size,
- int32_t start,
- uint8_t *buffer,
- struct tfm_log_info *info);
-
-/**
- * \brief Gets the log information
- *
- * \param[out] info Pointer to the \ref tfm_log_info structure that
- * holds the current log size (both in bytes and items)
- *
- * \return Returns TFM_LOG_ERR_SUCCESS if reading has been completed,
- * otherwise error as specified in \ref tfm_log_err
- */
-enum tfm_log_err tfm_log_get_info(struct tfm_log_info *info);
-
-/**
- * \brief Deletes one or more elements from the head of the log
- *
- * \param[in] num_items Number of elements to be deleted
- * \param[out] rem_items Pointer to the number of elements removed. This
- * value indicates the number of elements actually
- * removed from the log. In case the number of items
- * stored is less than the number of items requested
- * to remove, this value will reflect the number of
- * items effectively removed.
- *
- * \return Returns TFM_LOG_ERR_SUCCESS if removal has been completed,
- * otherwise error as specified in \ref tfm_log_err
- */
-enum tfm_log_err tfm_log_delete_items(uint32_t num_items,
- uint32_t *rem_items);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __TFM_LOG_API__ */
diff --git a/interface/include/tfm_log_defs.h b/interface/include/tfm_log_defs.h
deleted file mode 100644
index 5153891..0000000
--- a/interface/include/tfm_log_defs.h
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * Copyright (c) 2018, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#ifndef __TFM_LOG_DEFS_H__
-#define __TFM_LOG_DEFS_H__
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include <stdint.h>
-#include "tfm_api.h"
-#include "limits.h"
-
-/*!
- * \def TFM_LOG_READ_RECENT
- *
- * \brief Special value used in the log retrieval API to indicate
- * that data should be read up to the most recent entry
- */
-#define TFM_LOG_READ_RECENT (-1)
-
-/*!
- * \struct tfm_log_info
- *
- * \brief Structure containing information related to the size in bytes
- * and number of items retrieved or available in the audit log
- */
-struct tfm_log_info {
- uint32_t size; /*!< Size in bytes of items retrieved or available */
- uint32_t num_items; /*!< Number of items retrieved or available */
-};
-
-/* The return value is shared with the TFM partition status value. The LOG
- * return codes shouldn't overlap with predefined TFM status values.
- */
-#define TFM_LOG_ERR_OFFSET (TFM_PARTITION_SPECIFIC_ERROR_MIN)
-
-enum tfm_log_err {
- TFM_LOG_ERR_SUCCESS = 0,
- TFM_LOG_ERR_FAILURE = TFM_LOG_ERR_OFFSET,
-
- /* Following entry is only to ensure the error code of int size */
- TFM_LOG_ERR_FORCE_INT_SIZE = INT_MAX
-};
-
-/*!
- * \struct tfm_log_line
- *
- * \brief The part of the log line which has to be
- * provided by the secure service that wants
- * to add information to the log
- */
-struct tfm_log_line {
- uint32_t size; /*!< Size in bytes of the three following fields */
- uint32_t function_id; /*!< ID of the function requested */
- uint32_t arg[4]; /*!< [r0,r1,r2,r3] arguments to the function */
- uint8_t payload[]; /*!< Flexible array member for payload */
-};
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __TFM_LOG_DEFS_H__ */
diff --git a/interface/include/tfm_log_veneers.h b/interface/include/tfm_log_veneers.h
deleted file mode 100644
index 043f611..0000000
--- a/interface/include/tfm_log_veneers.h
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * Copyright (c) 2018, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#ifndef __TFM_LOG_VENEERS_H__
-#define __TFM_LOG_VENEERS_H__
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include <stdint.h>
-#include "tfm_log_defs.h"
-
-/**
- * \brief Retrieves the audit log
- *
- * \details The function reads the audit log into the buffer provided.
- * If provided buffer size is too small to fit the full log,
- * the function will read the maximum number of items in the
- * log that fit the available space in the buffer
- *
- * \param[in] size Maximum number of bytes to retrieve from the log
- * \param[in] start Index of element from where to start retrieval
- * \param[out] buffer Pointer to the buffer that will hold the log
- * \param[out] info Pointer to the \ref tfm_log_info structure
- * contained information related to the retrieved
- * portion of the log (size and number of items)
- *
- * \return Returns TFM_LOG_ERR_SUCCESS if retrieval has been completed,
- * otherwise error as specified in \ref tfm_log_err
- *
- * \note If start is equal to TFM_ALG_READ_RECENT, the function will
- * retrieve the most recent elements that fit the provided size
- */
-enum tfm_log_err tfm_log_veneer_retrieve(uint32_t size,
- int32_t start,
- uint8_t *buffer,
- struct tfm_log_info *info);
-/**
- * \brief Adds a log entry
- *
- * \param[in] line Pointer to the line to be added. This memory must
- * be accessible by the audit logging service.
- *
- * \return Returns TFM_LOG_ERR_SUCCESS if addition has been completed
- * otherwise error as specified in \ref tfm_log_err
- *
- * \note This is a secure only callable API, NS calls will always
- * return error
- */
-enum tfm_log_err tfm_log_veneer_add_line(struct tfm_log_line *line);
-
-/**
- * \brief Gets the log information
- *
- * \param[out] info Pointer to the \ref tfm_log_info structure that
- * holds the current log size (both in bytes and items)
- *
- * \return Returns TFM_LOG_ERR_SUCCESS if reading has been completed,
- * otherwise error as specified in \ref tfm_log_err
- */
-enum tfm_log_err tfm_log_veneer_get_info(struct tfm_log_info *info);
-
-/**
- * \brief Deletes one or more elements from the head of the log
- *
- * \param[in] num_items Number of elements to be deleted
- * \param[out] rem_items Pointer to the number of elements removed. This
- * value indicates the number of elements actually
- * removed from the log. In case the number of items
- * stored is less than the number of items requested
- * to remove, this value will reflect the number of
- * items effectively removed.
- *
- * \return Returns TFM_LOG_ERR_SUCCESS if removal has been completed,
- * otherwise error as specified in \ref tfm_log_err
- */
-enum tfm_log_err tfm_log_veneer_delete_items(uint32_t num_items,
- uint32_t *rem_items);
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __TFM_LOG_VENEERS_H__ */
diff --git a/interface/src/tfm_audit_api.c b/interface/src/tfm_audit_api.c
new file mode 100644
index 0000000..2a69582
--- /dev/null
+++ b/interface/src/tfm_audit_api.c
@@ -0,0 +1,74 @@
+/*
+ * Copyright (c) 2018, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#include "tfm_audit_veneers.h"
+#include "psa_audit_api.h"
+#include "tfm_ns_lock.h"
+#include "audit_wrappers.h"
+
+enum psa_audit_err psa_audit_retrieve_record(const uint32_t record_index,
+ const uint32_t buffer_size,
+ const uint8_t *token,
+ const uint32_t token_size,
+ uint8_t *buffer,
+ uint32_t *record_size)
+{
+ const struct audit_core_retrieve_input input_s =
+ {.record_index = record_index,
+ .buffer_size = buffer_size,
+ .token = token,
+ .token_size = token_size};
+
+ struct audit_core_retrieve_output output_s = {.buffer = buffer,
+ .record_size = record_size};
+
+ return tfm_ns_lock_dispatch((veneer_fn)tfm_audit_veneer_retrieve_record,
+ (uint32_t)&input_s,
+ (uint32_t)&output_s,
+ 0,
+ 0);
+}
+
+enum psa_audit_err psa_audit_get_info(uint32_t *num_records,
+ uint32_t *size)
+{
+ return tfm_ns_lock_dispatch((veneer_fn)tfm_audit_veneer_get_info,
+ (uint32_t)num_records,
+ (uint32_t)size,
+ 0,
+ 0);
+}
+
+enum psa_audit_err psa_audit_get_record_info(const uint32_t record_index,
+ uint32_t *size)
+{
+ return tfm_ns_lock_dispatch((veneer_fn)tfm_audit_veneer_get_record_info,
+ (uint32_t)record_index,
+ (uint32_t)size,
+ 0,
+ 0);
+}
+
+enum psa_audit_err psa_audit_delete_record(const uint32_t record_index,
+ const uint8_t *token,
+ const uint32_t token_size)
+{
+ return tfm_ns_lock_dispatch((veneer_fn)tfm_audit_veneer_delete_record,
+ (uint32_t)record_index,
+ (uint32_t)token,
+ (uint32_t)token_size,
+ 0);
+}
+
+enum psa_audit_err psa_audit_add_record(const struct psa_audit_record *record)
+{
+ /* This API supports only Secure world calls. As this is the implementation
+ * of the Non-Secure interface, always directly return an error without
+ * routing the call to TF-M in the Secure world
+ */
+ return PSA_AUDIT_ERR_NOT_SUPPORTED;
+}
diff --git a/interface/src/tfm_log_api.c b/interface/src/tfm_log_api.c
deleted file mode 100644
index c6b27e7..0000000
--- a/interface/src/tfm_log_api.c
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
- * Copyright (c) 2018, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#include "tfm_log_veneers.h"
-#include "tfm_log_defs.h"
-#include "tfm_ns_lock.h"
-
-enum tfm_log_err tfm_log_retrieve(uint32_t size,
- int32_t start,
- uint8_t *buffer,
- struct tfm_log_info *info)
-{
- return tfm_ns_lock_dispatch((veneer_fn)tfm_log_veneer_retrieve,
- size,
- (uint32_t)start,
- (uint32_t)buffer,
- (uint32_t)info);
-}
-
-enum tfm_log_err tfm_log_get_info(struct tfm_log_info *info)
-{
- return tfm_ns_lock_dispatch((veneer_fn)tfm_log_veneer_get_info,
- (uint32_t)info,
- 0,
- 0,
- 0);
-}
-
-enum tfm_log_err tfm_log_delete_items(uint32_t num_items,
- uint32_t *rem_items)
-{
- return tfm_ns_lock_dispatch((veneer_fn)tfm_log_veneer_delete_items,
- num_items,
- (uint32_t)rem_items,
- 0,
- 0);
-}
diff --git a/secure_fw/ns_callable/CMakeLists.inc b/secure_fw/ns_callable/CMakeLists.inc
index 214bc37..70a071f 100644
--- a/secure_fw/ns_callable/CMakeLists.inc
+++ b/secure_fw/ns_callable/CMakeLists.inc
@@ -24,7 +24,7 @@
endif()
set (SS_NS_CALLABLE_C_SRC "${CMAKE_CURRENT_LIST_DIR}/tfm_sst_veneers.c"
- "${CMAKE_CURRENT_LIST_DIR}/tfm_log_veneers.c")
+ "${CMAKE_CURRENT_LIST_DIR}/tfm_audit_veneers.c")
#Append all our source files to global lists.
list(APPEND ALL_SRC_C ${SS_NS_CALLABLE_C_SRC})
diff --git a/secure_fw/ns_callable/tfm_audit_veneers.c b/secure_fw/ns_callable/tfm_audit_veneers.c
new file mode 100644
index 0000000..f09dd9c
--- /dev/null
+++ b/secure_fw/ns_callable/tfm_audit_veneers.c
@@ -0,0 +1,56 @@
+/*
+ * Copyright (c) 2018, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#include "tfm_audit_veneers.h"
+#include "secure_fw/services/audit_logging/audit_core.h"
+#include "tfm_secure_api.h"
+#include "tfm_api.h"
+#include "spm_partition_defs.h"
+#include "audit_wrappers.h"
+
+__tfm_secure_gateway_attributes__
+enum psa_audit_err tfm_audit_veneer_retrieve_record(
+ const struct audit_core_retrieve_input *input_s,
+ struct audit_core_retrieve_output *output_s)
+{
+ TFM_CORE_SFN_REQUEST(TFM_SP_AUDIT_LOG_ID,
+ audit_core_retrieve_record_wrapper,
+ input_s, output_s, 0, 0);
+}
+
+__tfm_secure_gateway_attributes__
+enum psa_audit_err tfm_audit_veneer_add_record(
+ const struct psa_audit_record *record)
+{
+ TFM_CORE_SFN_REQUEST(TFM_SP_AUDIT_LOG_ID, audit_core_add_record,
+ record, 0, 0, 0);
+}
+
+__tfm_secure_gateway_attributes__
+enum psa_audit_err tfm_audit_veneer_get_info(uint32_t *num_records,
+ uint32_t *size)
+{
+ TFM_CORE_SFN_REQUEST(TFM_SP_AUDIT_LOG_ID, audit_core_get_info,
+ num_records, size, 0, 0);
+}
+
+__tfm_secure_gateway_attributes__
+enum psa_audit_err tfm_audit_veneer_get_record_info(const uint32_t record_index,
+ uint32_t *size)
+{
+ TFM_CORE_SFN_REQUEST(TFM_SP_AUDIT_LOG_ID, audit_core_get_record_info,
+ record_index, size, 0, 0);
+}
+
+__tfm_secure_gateway_attributes__
+enum psa_audit_err tfm_audit_veneer_delete_record(const uint32_t record_index,
+ const uint8_t *token,
+ const uint32_t token_size)
+{
+ TFM_CORE_SFN_REQUEST(TFM_SP_AUDIT_LOG_ID, audit_core_delete_record,
+ record_index, token, token_size, 0);
+}
diff --git a/secure_fw/ns_callable/tfm_log_veneers.c b/secure_fw/ns_callable/tfm_log_veneers.c
deleted file mode 100644
index 358c175..0000000
--- a/secure_fw/ns_callable/tfm_log_veneers.c
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Copyright (c) 2018, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#include "tfm_log_veneers.h"
-#include "secure_fw/services/audit_logging/log_core.h"
-#include "tfm_secure_api.h"
-#include "tfm_api.h"
-#include "spm_partition_defs.h"
-
-__tfm_secure_gateway_attributes__
-enum tfm_log_err tfm_log_veneer_retrieve(uint32_t size,
- int32_t start,
- uint8_t *buffer,
- struct tfm_log_info *info)
-{
- TFM_CORE_SFN_REQUEST(TFM_SP_AUDIT_LOG_ID, log_core_retrieve,
- size, start, buffer, info);
-}
-
-__tfm_secure_gateway_attributes__
-enum tfm_log_err tfm_log_veneer_add_line(struct tfm_log_line *line)
-{
- TFM_CORE_SFN_REQUEST(TFM_SP_AUDIT_LOG_ID, log_core_add_line,
- line, 0, 0, 0);
-}
-
-__tfm_secure_gateway_attributes__
-enum tfm_log_err tfm_log_veneer_get_info(struct tfm_log_info *info)
-{
- TFM_CORE_SFN_REQUEST(TFM_SP_AUDIT_LOG_ID, log_core_get_info,
- info, 0, 0, 0);
-}
-
-__tfm_secure_gateway_attributes__
-enum tfm_log_err tfm_log_veneer_delete_items(uint32_t num_items,
- uint32_t *rem_items)
-{
- TFM_CORE_SFN_REQUEST(TFM_SP_AUDIT_LOG_ID, log_core_delete_items,
- num_items, rem_items, 0, 0);
-}
diff --git a/secure_fw/services/audit_logging/CMakeLists.inc b/secure_fw/services/audit_logging/CMakeLists.inc
index ed91cd9..691d5a3 100644
--- a/secure_fw/services/audit_logging/CMakeLists.inc
+++ b/secure_fw/services/audit_logging/CMakeLists.inc
@@ -35,7 +35,8 @@
message(FATAL_ERROR "Please set TFM_ROOT_DIR before including this file.")
endif()
- set (AUDIT_LOGGING_C_SRC "${AUDIT_LOGGING_DIR}/log_core.c")
+ set (AUDIT_LOGGING_C_SRC "${AUDIT_LOGGING_DIR}/audit_core.c"
+ "${AUDIT_LOGGING_DIR}/audit_wrappers.c")
#Append all our source files to global lists.
list(APPEND ALL_SRC_C ${AUDIT_LOGGING_C_SRC})
diff --git a/secure_fw/services/audit_logging/log_core.c b/secure_fw/services/audit_logging/audit_core.c
similarity index 61%
rename from secure_fw/services/audit_logging/log_core.c
rename to secure_fw/services/audit_logging/audit_core.c
index 56ec87a..30ee564 100644
--- a/secure_fw/services/audit_logging/log_core.c
+++ b/secure_fw/services/audit_logging/audit_core.c
@@ -8,21 +8,21 @@
#include <stdint.h>
#include <string.h>
#include <stddef.h>
-#include "log_core.h"
-#include "tfm_log_defs.h"
+#include "audit_core.h"
+#include "psa_audit_defs.h"
#include "tfm_secure_api.h"
/*!
- * \def LOG_UART_REDIRECTION
+ * \def AUDIT_UART_REDIRECTION
*
* \brief If set to 1 by the build system, UART redirection is enabled. Keep it
* disabled by default.
*/
-#ifndef LOG_UART_REDIRECTION
-#define LOG_UART_REDIRECTION (0U)
+#ifndef AUDIT_UART_REDIRECTION
+#define AUDIT_UART_REDIRECTION (0U)
#endif
-#if (LOG_UART_REDIRECTION == 1U)
+#if (AUDIT_UART_REDIRECTION == 1U)
/* CMSIS Driver for UART */
#include "Driver_USART.h"
@@ -123,7 +123,7 @@
in chronological order */
uint32_t last_el_idx; /*!< Index in the log of the last element
in chronological order */
- uint32_t num_items; /*!< Indicates the number of items
+ uint32_t num_records; /*!< Indicates the number of records
currently stored in the log. It has to be
zero after a reset, i.e. log is empty */
uint32_t stored_size; /*!< Indicates the total size of the items
@@ -216,27 +216,27 @@
/*!
* \brief Static function to update the state variables of the log after the
- * addition of a new log line of a given size
+ * addition of a new log record of a given size
*
* \param[in] first_el_idx First element index
* \param[in] last_el_idx Last element index
* \param[in] stored_size New value of the stored size
- * \param[in] num_items Number of elements stored
+ * \param[in] num_records Number of elements stored
*
*/
-static void log_update_state(const uint32_t first_el_idx,
- const uint32_t last_el_idx,
- const uint32_t stored_size,
- const uint32_t num_items)
+static void audit_update_state(const uint32_t first_el_idx,
+ const uint32_t last_el_idx,
+ const uint32_t stored_size,
+ const uint32_t num_records)
{
/* Update the indexes */
log_state.first_el_idx = first_el_idx;
log_state.last_el_idx = last_el_idx;
- /* Update the items*/
- log_state.num_items = num_items;
+ /* Update the number of records stored */
+ log_state.num_records = num_records;
- /* Update the size of the stored items */
+ /* Update the size of the stored records */
log_state.stored_size = stored_size;
}
@@ -245,14 +245,14 @@
* into the log. It will replace items based on "older entries first"
* policy in case not enough space is available in the log
*
- * \param[in] size Size of the line we need to fit
+ * \param[in] size Size of the record we need to fit
* \param[out] begin Pointer to the index to begin
* \param[out] end Pointer to the index to end
*
*/
-static void log_replace_item(const uint32_t size,
- uint32_t *begin,
- uint32_t *end)
+static void audit_replace_record(const uint32_t size,
+ uint32_t *begin,
+ uint32_t *end)
{
uint32_t first_el_idx = 0, last_el_idx = 0;
uint32_t num_items = 0, stored_size = 0;
@@ -261,7 +261,7 @@
/* Retrieve the current state variables of the log */
first_el_idx = log_state.first_el_idx;
last_el_idx = log_state.last_el_idx;
- num_items = log_state.num_items;
+ num_items = log_state.num_records;
stored_size = log_state.stored_size;
/* If there is not enough size, remove older entries */
@@ -296,27 +296,27 @@
*end = stop_pos;
/* Update the state with the new values of variables */
- log_update_state(first_el_idx, last_el_idx, stored_size, num_items);
+ audit_update_state(first_el_idx, last_el_idx, stored_size, num_items);
}
/*!
* \brief Static function to perform memory copying into the log buffer. It
* takes into account circular wrapping on the log buffer size.
*
- * \param[in] dest Pointer to the destination buffer
- * \param[in] src Pointer to the source buffer
- * \param[in] size Size in bytes to be copied
+ * \param[in] src Pointer to the source buffer
+ * \param[in] size Size in bytes to be copied
+ * \param[out] dest Pointer to the destination buffer
*
*/
-static enum tfm_log_err log_buffer_copy(uint8_t *dest,
- const uint8_t *src,
- const uint32_t size)
+static enum psa_audit_err audit_buffer_copy(const uint8_t *src,
+ const uint32_t size,
+ uint8_t *dest)
{
uint32_t idx = 0;
uint32_t dest_idx = (uint32_t)dest - (uint32_t)&log_buffer[0];
if ((dest_idx >= LOG_SIZE) || (size > LOG_SIZE)) {
- return TFM_LOG_ERR_FAILURE;
+ return PSA_AUDIT_ERR_FAILURE;
}
/* TODO: This can be an optimized copy using uint32_t
@@ -328,20 +328,20 @@
log_buffer[(dest_idx + idx) % LOG_SIZE] = src[idx];
}
- return TFM_LOG_ERR_SUCCESS;
+ return PSA_AUDIT_ERR_SUCCESS;
}
/*!
* \brief Static function to emulate memcpy
*
- * \param[out] dest Pointer to the destination buffer
* \param[in] src Pointer to the source buffer
* \param[in] size Size in bytes to be copied
+ * \param[out] dest Pointer to the destination buffer
*
*/
-static enum tfm_log_err log_memcpy(uint8_t *dest,
- const uint8_t *src,
- const uint32_t size)
+static enum psa_audit_err audit_memcpy(const uint8_t *src,
+ const uint32_t size,
+ uint8_t *dest)
{
uint32_t idx = 0;
@@ -349,25 +349,26 @@
dest[idx] = src[idx];
}
- return TFM_LOG_ERR_SUCCESS;
+ return PSA_AUDIT_ERR_SUCCESS;
}
/*!
* \brief Static function to format a log entry before the addition to the log
*
+ * \param[in] record Pointer to the record to be added
* \param[out] buffer Pointer to the buffer to format
- * \param[in] line Pointer to the line to be added
*
*/
-static enum tfm_log_err log_format_buffer(uint64_t *buffer,
- const struct tfm_log_line *line)
+static enum psa_audit_err audit_format_buffer(
+ const struct psa_audit_record *record,
+ uint64_t *buffer)
{
struct log_hdr *hdr = NULL;
struct log_tlr *tlr = NULL;
uint32_t size, idx;
- /* Get the size from the log line */
- size = line->size;
+ /* Get the size from the record */
+ size = record->size;
/* Format the scratch buffer with the complete log item */
hdr = (struct log_hdr *) buffer;
@@ -379,10 +380,10 @@
hdr->iv_counter = 0;
hdr->partition_id = DUMMY_PARTITION_ID;
- /* Copy the log line into the scratch buffer */
- log_memcpy( (uint8_t *) &(hdr->size),
- (const uint8_t *) line,
- size+4 );
+ /* Copy the record into the scratch buffer */
+ audit_memcpy( (const uint8_t *) record,
+ size+4,
+ (uint8_t *) &(hdr->size) );
/* FIXME: The MAC here is just a dummy value for prototyping. It will be
* filled by a call to the crypto interface directly when available.
@@ -392,7 +393,7 @@
tlr->mac[idx] = idx;
}
- return TFM_LOG_ERR_SUCCESS;
+ return PSA_AUDIT_ERR_SUCCESS;
}
/*!
@@ -405,9 +406,9 @@
* to UART
*
*/
-static void log_uart_redirection(const uint32_t start_idx)
+static void audit_uart_redirection(const uint32_t start_idx)
{
-#if (LOG_UART_REDIRECTION == 1U)
+#if (AUDIT_UART_REDIRECTION == 1U)
uint32_t size = *GET_SIZE_FIELD_POINTER(start_idx);
uint8_t end_of_line[] = {'\r', '\n'};
uint32_t idx = 0;
@@ -431,20 +432,20 @@
*/
/*!@{*/
-enum tfm_log_err log_core_init(void)
+enum psa_audit_err audit_core_init(void)
{
-#if (LOG_UART_REDIRECTION == 1U)
+#if (AUDIT_UART_REDIRECTION == 1U)
int32_t ret = ARM_DRIVER_OK;
ret = LOG_UART_NAME.Initialize(NULL);
if (ret != ARM_DRIVER_OK) {
- return TFM_LOG_ERR_FAILURE;
+ return PSA_AUDIT_ERR_FAILURE;
}
ret = LOG_UART_NAME.Control(ARM_USART_MODE_ASYNCHRONOUS,
LOG_UART_BAUD_RATE);
if (ret != ARM_DRIVER_OK) {
- return TFM_LOG_ERR_FAILURE;
+ return PSA_AUDIT_ERR_FAILURE;
}
/* If we get to this point, UART init is successful */
@@ -452,93 +453,130 @@
#endif
/* Clear the log state variables */
- log_update_state(0,0,0,0);
+ audit_update_state(0,0,0,0);
- return TFM_LOG_ERR_SUCCESS;
+ return PSA_AUDIT_ERR_SUCCESS;
}
-enum tfm_log_err log_core_delete_items(const uint32_t num_items,
- uint32_t *rem_items)
+enum psa_audit_err audit_core_delete_record(const uint32_t record_index,
+ const uint8_t *token,
+ const uint32_t token_size)
{
- uint32_t first_el_idx = 0, idx = 0;
+ uint32_t first_el_idx, size_removed;
- if (rem_items == NULL) {
- return TFM_LOG_ERR_FAILURE;
+ /* FixMe: Currently only the removal of the oldest entry, i.e.
+ * record_index 0, is supported. This has to be extended
+ * to support removal of random records
+ */
+ if (record_index > 0) {
+ return PSA_AUDIT_ERR_NOT_SUPPORTED;
}
- /* This means to delete all items in the log */
- if (num_items >= log_state.num_items) {
+ /* FixMe: Currently token and token_size parameters are not evaluated
+ * to check if the removal of the desired record_index is
+ * authorised
+ */
+ if ((token != NULL) || (token_size != 0)) {
+ return PSA_AUDIT_ERR_NOT_SUPPORTED;
+ }
- /* Update the number of removed items (all of them) */
- *rem_items = log_state.num_items;
+ /* Check that the record index to be removed is contained in the log */
+ if (record_index >= log_state.num_records) {
+ return PSA_AUDIT_ERR_FAILURE;
+ }
+
+ /* If the log contains just one element, reset the state and return */
+ if (log_state.num_records == 1) {
/* Clear the log state variables */
- log_update_state(0,0,0,0);
+ audit_update_state(0,0,0,0);
- return TFM_LOG_ERR_SUCCESS;
+ return PSA_AUDIT_ERR_SUCCESS;
}
- /* Get the index of the first element */
+ /* Get the index to the element to be removed */
first_el_idx = log_state.first_el_idx;
- /* Removing items means discarding items at the head */
- for (idx = 0; idx < num_items; idx++) {
- first_el_idx = GET_NEXT_LOG_INDEX(first_el_idx);
+ /* Get the size of the element that is being removed */
+ size_removed = COMPUTE_LOG_ENTRY_SIZE(
+ *GET_SIZE_FIELD_POINTER(first_el_idx));
+
+ /* Remove the oldest entry, it means moving the first element to the
+ * next log index */
+ first_el_idx = GET_NEXT_LOG_INDEX(first_el_idx);
+
+ /* Update the state with the new head and decrease the number of records
+ * currently stored and the new size of the stored records */
+ log_state.first_el_idx = first_el_idx;
+ log_state.num_records--;
+ log_state.stored_size -= size_removed;
+
+ return PSA_AUDIT_ERR_SUCCESS;
+}
+
+enum psa_audit_err audit_core_get_info(uint32_t *num_records,
+ uint32_t *size)
+{
+ /* Return the number of records that are currently stored */
+ *num_records = log_state.num_records;
+
+ /* Return the size of the records currently stored */
+ *size = log_state.stored_size;
+
+ return PSA_AUDIT_ERR_SUCCESS;
+}
+
+enum psa_audit_err audit_core_get_record_info(const uint32_t record_index,
+ uint32_t *size)
+{
+ uint32_t start_idx, idx;
+
+ if (record_index >= log_state.num_records) {
+ return PSA_AUDIT_ERR_FAILURE;
}
- /* Update the state with the new head and number of items */
- log_state.first_el_idx = first_el_idx;
- log_state.num_items -= num_items;
+ /* First element to read from the log */
+ start_idx = log_state.first_el_idx;
- /* Update the number of removed items */
- *rem_items = num_items;
+ /* Move the start_idx index to the desired element */
+ for (idx=0; idx<record_index; idx++) {
+ start_idx = GET_NEXT_LOG_INDEX(start_idx);
+ }
- return TFM_LOG_ERR_SUCCESS;
+ /* Get the size of the requested record */
+ *size = COMPUTE_LOG_ENTRY_SIZE(*GET_SIZE_FIELD_POINTER(start_idx));
+
+ return PSA_AUDIT_ERR_SUCCESS;
}
-enum tfm_log_err log_core_get_info(struct tfm_log_info *info)
+enum psa_audit_err audit_core_add_record(const struct psa_audit_record *record)
{
- /* Return the size of the items currently stored */
- info->size = log_state.stored_size;
-
- /* Return the number of items that are currently stored */
- info->num_items = log_state.num_items;
-
- return TFM_LOG_ERR_SUCCESS;
-}
-
-enum tfm_log_err log_core_add_line(const struct tfm_log_line *line)
-{
- struct tfm_log_info info;
-
uint32_t start_pos = 0, stop_pos = 0;
uint32_t first_el_idx = 0, last_el_idx = 0, size = 0;
uint32_t num_items = 0, stored_size = 0;
/* Check that the request comes from the secure world */
if (tfm_core_validate_secure_caller() != TFM_SUCCESS) {
- return TFM_LOG_ERR_FAILURE;
+ return PSA_AUDIT_ERR_FAILURE;
}
- /* Read the size from the input line */
- size = line->size;
+ /* Read the size from the input record */
+ size = record->size;
/* Check that size is a 4-byte multiple as expected */
if (size % 4) {
- return TFM_LOG_ERR_FAILURE;
+ return PSA_AUDIT_ERR_FAILURE;
}
/* Check that the entry to be added is not greater than the
* maximum space available
*/
if (size > (LOG_SIZE - (LOG_FIXED_FIELD_SIZE+LOG_MAC_SIZE))) {
- return TFM_LOG_ERR_FAILURE;
+ return PSA_AUDIT_ERR_FAILURE;
}
/* Get the size in bytes and num of elements present in the log */
- log_core_get_info(&info);
- num_items = info.num_items;
- stored_size = info.size;
+ audit_core_get_info(&num_items, &stored_size);
if (num_items == 0) {
@@ -550,22 +588,24 @@
/* The log is not empty, need to decide the candidate position
* and invalidate older entries in case there is not enough space
*/
- log_replace_item(COMPUTE_LOG_ENTRY_SIZE(size), &start_pos, &stop_pos);
+ audit_replace_record(COMPUTE_LOG_ENTRY_SIZE(size),
+ &start_pos,
+ &stop_pos);
}
/* Format the scratch buffer with the complete log item */
- log_format_buffer(&scratch_buffer[0], line);
+ audit_format_buffer(record, &scratch_buffer[0]);
/* TODO: At this point, encryption should be called if supported */
- /* Do the copy of the log line to be added in the log */
- log_buffer_copy( (uint8_t *) &log_buffer[start_pos],
- (const uint8_t *) &scratch_buffer[0],
- COMPUTE_LOG_ENTRY_SIZE(size) );
+ /* Do the copy of the log item to be added in the log */
+ audit_buffer_copy( (const uint8_t *) &scratch_buffer[0],
+ COMPUTE_LOG_ENTRY_SIZE(size),
+ (uint8_t *) &log_buffer[start_pos] );
/* Retrieve current log state */
first_el_idx = log_state.first_el_idx;
- num_items = log_state.num_items;
+ num_items = log_state.num_records;
stored_size = log_state.stored_size;
/* The last element is the one we just added */
@@ -576,144 +616,68 @@
stored_size += COMPUTE_LOG_ENTRY_SIZE(size);
/* Update the log state */
- log_update_state(first_el_idx, last_el_idx, stored_size, num_items);
+ audit_update_state(first_el_idx, last_el_idx, stored_size, num_items);
/* TODO: At this point, we would need to update the stored copy in
* persistent storage. Need to define a strategy for this
*/
/* Stream to a secure UART if available for the platform and built */
- log_uart_redirection(last_el_idx);
+ audit_uart_redirection(last_el_idx);
- return TFM_LOG_ERR_SUCCESS;
+ return PSA_AUDIT_ERR_SUCCESS;
}
-enum tfm_log_err log_core_retrieve(const uint32_t size,
- const int32_t start,
- uint8_t *buffer,
- struct tfm_log_info *info)
+enum psa_audit_err audit_core_retrieve_record(const uint32_t record_index,
+ const uint32_t buffer_size,
+ const uint8_t *token,
+ const uint32_t token_size,
+ uint8_t *buffer,
+ uint32_t *record_size)
+
{
- uint32_t stored_size = 0, retrieved_log_size = 0;
- uint32_t index_first_empty_el = 0;
- uint32_t idx, start_idx = 0, num_items = 0;
+ uint32_t idx, start_idx, record_size_tmp;
- struct tfm_log_info info_stored;
+ enum psa_audit_err err;
- /* size must be a non-zero value */
- if (size == 0) {
- info->size = 0;
- info->num_items = 0;
- return TFM_LOG_ERR_FAILURE;
+ /* FixMe: Currently token and token_size parameters are not evaluated
+ * to be used as a challenge for encryption as encryption support
+ * is still not yet available
+ */
+ if ((token != NULL) || (token_size != 0)) {
+ return PSA_AUDIT_ERR_NOT_SUPPORTED;
}
- /* Get the size in bytes and num of elements present in the log */
- log_core_get_info(&info_stored);
- num_items = info_stored.num_items;
- stored_size = info_stored.size;
+ /* Get the size of the record we want to retrieve */
+ err = audit_core_get_record_info(record_index, &record_size_tmp);
- /* Log is empty, but still a valid scenario */
- if (num_items == 0) {
- info->size = 0;
- info->num_items = 0;
- return TFM_LOG_ERR_SUCCESS;
+ /* Propagate the error to the caller in case of failure */
+ if (err != PSA_AUDIT_ERR_SUCCESS) {
+ return err;
}
- /* Compute the size in bytes to be retrieved */
- retrieved_log_size = MIN(size, stored_size);
+ /* buffer_size must be enough to hold the requested record */
+ if (buffer_size < record_size_tmp) {
+ *record_size = 0;
+ return PSA_AUDIT_ERR_FAILURE;
+ }
/* First element to read from the log */
start_idx = log_state.first_el_idx;
- if (start == TFM_LOG_READ_RECENT) {
-
- /* Get the index of the first empty location */
- index_first_empty_el = GET_NEXT_LOG_INDEX(log_state.last_el_idx);
-
- /* If the stored log size is bigger than what we are able to retrieve,
- * just return the latest entries that fit into the available space
- */
- while (retrieved_log_size < stored_size) {
-
- start_idx = GET_NEXT_LOG_INDEX(start_idx);
-
- /* Decrement the number of items that we will return */
- num_items--;
-
- stored_size = (index_first_empty_el >= start_idx) ?
- (index_first_empty_el - start_idx) :
- (LOG_SIZE - start_idx) + index_first_empty_el;
-
- if (stored_size < retrieved_log_size) {
- /* The retrieved log size now will be the new stored log size */
- retrieved_log_size = stored_size;
- }
- }
-
- /* size available is not enough even to retrieve a single log entry */
- if (stored_size == 0) {
- info->size = 0;
- info->num_items = 0;
- return TFM_LOG_ERR_SUCCESS;
- }
-
- } else if (start < num_items) {
-
- /* Move the start_idx index to the desired element */
- for (idx=0; idx<start; idx++) {
- start_idx = GET_NEXT_LOG_INDEX(start_idx);
- }
-
- /* Initialize to the size of the first element to retrieve */
- stored_size = COMPUTE_LOG_ENTRY_SIZE(
- *GET_SIZE_FIELD_POINTER(start_idx) );
-
- /* size available is not enough even to retrieve a single log entry */
- if (stored_size > retrieved_log_size) {
- info->size = 0;
- info->num_items = 0;
- return TFM_LOG_ERR_SUCCESS;
- }
-
- /* Initialize the value of num_items */
- num_items = 1;
-
- /* Compute the total size to retrieve */
- idx = GET_NEXT_LOG_INDEX(start_idx);
- while ((stored_size + COMPUTE_LOG_ENTRY_SIZE(
- *GET_SIZE_FIELD_POINTER(idx) )) <= retrieved_log_size) {
-
- /* Update stored_size */
- stored_size += COMPUTE_LOG_ENTRY_SIZE(
- *GET_SIZE_FIELD_POINTER(idx) );
-
- /* Increment the number of items that we will return */
- num_items++;
-
- /* Move to the next item to check */
- idx = GET_NEXT_LOG_INDEX(idx);
- }
-
- /* The retrieved log size now will be the new stored log size */
- retrieved_log_size = stored_size;
-
- } else {
-
- /* The index value is wrong */
- info->size = 0;
- info->num_items = 0;
- return TFM_LOG_ERR_FAILURE;
+ /* Move the start_idx index to the desired element */
+ for (idx=0; idx<record_index; idx++) {
+ start_idx = GET_NEXT_LOG_INDEX(start_idx);
}
/* Do the copy */
- for (idx=0; idx<retrieved_log_size; idx++) {
+ for (idx=0; idx<record_size_tmp; idx++) {
buffer[idx] = log_buffer[(start_idx + idx) % LOG_SIZE];
}
/* Update the retrieved size */
- info->size = retrieved_log_size;
- /* Update the number of items returned */
- info->num_items = num_items;
+ *record_size = record_size_tmp;
- return TFM_LOG_ERR_SUCCESS;
+ return PSA_AUDIT_ERR_SUCCESS;
}
/*!@}*/
diff --git a/secure_fw/services/audit_logging/audit_core.h b/secure_fw/services/audit_logging/audit_core.h
new file mode 100644
index 0000000..cf5fb38
--- /dev/null
+++ b/secure_fw/services/audit_logging/audit_core.h
@@ -0,0 +1,250 @@
+/*
+ * Copyright (c) 2018, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef __AUDIT_CORE_H__
+#define __AUDIT_CORE_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <stdint.h>
+#include <stddef.h>
+#include <limits.h>
+
+#include "psa_audit_defs.h"
+
+/*!
+ * \struct log_entry
+ *
+ * \brief Structure of a single log entry
+ * in the log
+ * \details This can't be represented as a
+ * structure because the payload
+ * is of variable size, i.e.
+ *
+ * +-------------+0
+ * | TIMESTAMP |
+ * | |
+ * +-------------+8
+ * | IV_COUNTER |
+ * | |
+ * +-------------+12
+ * | PARTITION ID|
+ * | |
+ * +-------------+16
+ * | SIZE |
+ * | |
+ * +-------------+20
+ * | RECORD_ID |
+ * | |
+ * +-------------+24
+ * | PAYLOAD |
+ * | |
+ * | |
+ * | |
+ * +-------------+20 + SIZE
+ * | MAC |
+ * | |
+ * | |
+ * +-------------+20 + SIZE + MAC_SIZE
+ *
+ * SIZE: at least LOG_MIN_SIZE bytes, known only at runtime. It's the size of
+ * the (RECORD_ID, PAYLOAD) fields
+ *
+ * MAC_SIZE: known at build time (currently, 4 bytes)
+ *
+ * At runtime, when adding a record, the value of SIZE has to be checked and
+ * must be less than LOG_SIZE - MAC_SIZE - 12 and equal or greater than
+ * LOG_MIN_SIZE
+ *
+ */
+
+/*!
+ * \def LOG_MIN_SIZE
+ *
+ * \brief Minimum size of the encrypted part
+ */
+#define LOG_MIN_SIZE (4)
+
+/*!
+ * \enum audit_tlv_type
+ *
+ * \brief Possible types for a TLV entry
+ * in payload
+ */
+enum audit_tlv_type {
+ TLV_TYPE_ID = 0,
+ TLV_TYPE_AUTH = 1,
+
+ /* This is used to force the maximum size */
+ TLV_TYPE_MAX = INT_MAX
+};
+
+/*!
+ * \struct audit_tlv_entry
+ *
+ * \brief TLV entry structure with a flexible array member
+ */
+struct audit_tlv_entry {
+ enum audit_tlv_type type;
+ uint32_t length;
+ uint8_t value[];
+};
+
+/*!
+ * \def LOG_MAC_SIZE
+ *
+ * \brief Size in bytes of the MAC for each entry
+ */
+#define LOG_MAC_SIZE (4)
+
+/*!
+ * \struct log_hdr
+ *
+ * \brief Fixed size header for a log record
+ */
+struct log_hdr {
+ uint64_t timestamp;
+ uint32_t iv_counter;
+ uint32_t partition_id;
+ uint32_t size;
+ uint32_t id;
+};
+
+/*!
+ * \struct log_tlr
+ *
+ * \brief Fixed size logging entry trailer
+ */
+struct log_tlr {
+ uint8_t mac[LOG_MAC_SIZE];
+};
+
+/*!
+ * \def LOG_HDR_SIZE
+ *
+ * \brief Size in bytes of the (fixed) header for each entry
+ */
+#define LOG_HDR_SIZE (sizeof(struct log_hdr))
+
+/*!
+ * \def LOG_TLR_SIZE
+ *
+ * \brief Size in bytes of the (fixed) trailer for each entry
+ */
+#define LOG_TLR_SIZE (sizeof(struct log_tlr))
+
+/*!
+ * \brief Initializes the Audit logging service
+ * during the TFM boot up process
+ *
+ * \return Returns PSA_AUDIT_ERR_SUCCESS if init has been completed,
+ * otherwise error as specified in \ref psa_audit_err
+ */
+enum psa_audit_err audit_core_init(void);
+
+/*!
+ * \brief Retrieves a record at the specified index
+ *
+ * \details The function retrieves an item specified by index and returns
+ * it on the buffer provided. The token is passed as a challenge
+ * value for the encryption scheme
+ *
+ * \note Currently the cryptography support is not yet enabled, so the
+ * token value is not used and must be passed as NULL, with 0 size
+ *
+ * \param[in] record_index Index of the record to retrieve
+ * \param[in] buffer_size Size in bytes of the provided buffer
+ * \param[in] token Must be set to NULL. Token used as a challenge
+ * for encryption, to protect against rollback
+ * attacks
+ * \param[in] token_size Must be set to 0. Size in bytes of the token
+ * used as challenge
+ * \param[out] buffer Buffer used to store the retrieved record
+ * \param[out] record_size Size in bytes of the retrieved record
+ *
+ * \return Returns values as specified by the \ref psa_audit_err
+ *
+ */
+enum psa_audit_err audit_core_retrieve_record(const uint32_t record_index,
+ const uint32_t buffer_size,
+ const uint8_t *token,
+ const uint32_t token_size,
+ uint8_t *buffer,
+ uint32_t *record_size);
+/*!
+ * \brief Adds a record
+ *
+ * \details This function adds a record in the Audit log
+ *
+ * \param[in] record Pointer to the memory buffer containing the record
+ * to be added
+ *
+ * \return Returns values as specified by the \ref psa_audit_err
+ *
+ */
+enum psa_audit_err audit_core_add_record(const struct psa_audit_record *record);
+
+/*!
+ * \brief Returns the total number and size of the records stored
+ *
+ * \details The function returns the total size in bytes and the
+ * total number of records stored
+ *
+ * \param[out] num_records Total number of records stored
+ * \param[out] size Total size of the records stored, in bytes
+ *
+ * \return Returns values as specified by the \ref psa_audit_err
+ *
+ */
+enum psa_audit_err audit_core_get_info(uint32_t *num_records,
+ uint32_t *size);
+
+/*!
+ * \brief Returns the size of the record at the specified index
+ *
+ * \details The function returns the size of the record at the given index
+ * provided as input
+ *
+ * \param[in] record_index Index of the record to return the size
+ * \param[out] size Size of the specified record, in bytes
+ *
+ * \return Returns values as specified by the \ref psa_audit_err
+ *
+ */
+enum psa_audit_err audit_core_get_record_info(const uint32_t record_index,
+ uint32_t *size);
+/*!
+ * \brief Deletes a record at the specified index
+ *
+ * \details The function removes a record at the specified index. It passes
+ * an authorisation token for removal which is a MAC of the plain text
+ *
+ * \note Currently the cryptography support is not yet enabled, so the
+ * token value is not used and must be passed as NULL, with 0 size
+ *
+ * \param[in] record_index Index of the record to be removed. Currently, only
+ * the removal of the oldest entry, i.e. record_index 0
+ * is supported
+ * \param[in] token Must be set to NULL. Token used as authorisation for
+ * removal of the specified record_index
+ * \param[in] token_size Must be set to 0. Size in bytes of the token used as
+ * authorisation for removal
+ *
+ * \return Returns values as specified by the \ref psa_audit_err
+ *
+ */
+enum psa_audit_err audit_core_delete_record(const uint32_t record_index,
+ const uint8_t *token,
+ const uint32_t token_size);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __AUDIT_CORE_H__ */
diff --git a/secure_fw/services/audit_logging/audit_wrappers.c b/secure_fw/services/audit_logging/audit_wrappers.c
new file mode 100644
index 0000000..5640e5e
--- /dev/null
+++ b/secure_fw/services/audit_logging/audit_wrappers.c
@@ -0,0 +1,29 @@
+/*
+ * Copyright (c) 2018, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#include "audit_core.h"
+#include "audit_wrappers.h"
+#include "psa_audit_defs.h"
+
+/*!
+ * \defgroup public Public functions, TF-M compatible wrappers
+ *
+ */
+
+/*!@{*/
+enum psa_audit_err audit_core_retrieve_record_wrapper(
+ const struct audit_core_retrieve_input *input_s,
+ struct audit_core_retrieve_output *output_s)
+{
+ return audit_core_retrieve_record(input_s->record_index,
+ input_s->buffer_size,
+ input_s->token,
+ input_s->token_size,
+ output_s->buffer,
+ output_s->record_size);
+}
+/*!@}*/
diff --git a/secure_fw/services/audit_logging/log_core.h b/secure_fw/services/audit_logging/log_core.h
deleted file mode 100644
index 60a51ca..0000000
--- a/secure_fw/services/audit_logging/log_core.h
+++ /dev/null
@@ -1,232 +0,0 @@
-/*
- * Copyright (c) 2018, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#ifndef __LOG_CORE_H__
-#define __LOG_CORE_H__
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include <stdint.h>
-#include <stddef.h>
-#include <limits.h>
-
-#include "tfm_log_defs.h"
-
-/*!
- * \struct log_entry
- *
- * \brief Structure of a single log entry
- * in the log
- * \details This can't be represented as a
- * structure because the payload
- * is of variable size, i.e.
- *
- * +-------------+0
- * | TIMESTAMP |
- * | |
- * +-------------+8
- * | IV_COUNTER |
- * | |
- * +-------------+12
- * | PARTITION ID|
- * | |
- * +-------------+16
- * | SIZE |
- * | |
- * +-------------+20
- * | FUNCTION ID |
- * | |
- * +-------------+24
- * | ARG0-3 |
- * | |
- * | |
- * +-------------+40
- * | PAYLOAD |
- * | |
- * | |
- * | |
- * +-------------+20 + SIZE
- * | MAC |
- * | |
- * | |
- * +-------------+20 + SIZE + MAC_SIZE
- *
- * SIZE: at least 20 bytes
- * known only at runtime. It's the
- * size of the three fields that
- * follow it.
- *
- * MAC_SIZE: known at build time (currently,
- * 4 bytes)
- *
- * At runtime SIZE has to be checked and
- * must be less than LOG_SIZE - MAC_SIZE - 12
- * and equal or greater than 20
- */
-
-/*!
- * \def LOG_MIN_SIZE
- *
- * \brief Minimum size of the encrypted
- * part
- */
-#define LOG_MIN_SIZE (20)
-
-/*!
- * \enum log_tlv_type
- *
- * \brief Possible types for a TLV entry
- * in payload
- */
-enum log_tlv_type {
- TLV_TYPE_ID = 0,
- TLV_TYPE_AUTH = 1,
-
- /* This is used to force the maximum size */
- TLV_TYPE_MAX = INT_MAX
-};
-
-/*!
- * \struct log_tlv_entry
- *
- * \brief TLV entry structure with a flexible
- * array member
- */
-struct log_tlv_entry {
- enum log_tlv_type type;
- uint32_t length;
- uint8_t value[];
-};
-
-/*!
- * \def LOG_MAC_SIZE
- *
- * \brief Size in bytes of the MAC for each entry
- */
-#define LOG_MAC_SIZE (4)
-
-/*!
- * \struct log_hdr
- *
- * \brief Fixed size logging entry header
- */
-struct log_hdr {
- uint64_t timestamp;
- uint32_t iv_counter;
- uint32_t partition_id;
- uint32_t size;
- uint32_t function_id;
- uint32_t arg[4];
-};
-
-/*!
- * \struct log_tlr
- *
- * \brief Fixed size logging entry trailer
- */
-struct log_tlr {
- uint8_t mac[LOG_MAC_SIZE];
-};
-
-/*!
- * \def LOG_HDR_SIZE
- *
- * \brief Size in bytes of the (fixed) header for
- * each entry
- */
-#define LOG_HDR_SIZE (sizeof(struct log_hdr))
-
-/*!
- * \def LOG_TLR_SIZE
- *
- * \brief Size in bytes of the (fixed) trailer for
- * each entry
- */
-#define LOG_TLR_SIZE (sizeof(struct log_tlr))
-
-/*!
- * \brief Retrieves at most size bytes from the log
- *
- * \details The function reads the audit log into the buffer provided.
- * If provided buffer size is too small to fit the full log,
- * the function will read the maximum number of items in the
- * log that fit the available space in the buffer
- *
- * \param[in] size Maximum number of bytes to retrieve from the log
- * \param[in] start Index of element from where to start retrieval
- * \param[out] buffer Pointer to the buffer that will hold the log
- * \param[out] info Pointer to the \ref tfm_log_info structure
- * contained information related to the retrieved
- * portion of the log (size and number of items)
- *
- * \return Returns TFM_LOG_ERR_SUCCESS if retrieval has been completed,
- * otherwise error as specified in \ref tfm_log_err
- *
- * \note If start is equal to TFM_ALG_READ_RECENT, the function will
- * retrieve the most recent elements that fit the provided size
- */
-enum tfm_log_err log_core_retrieve(const uint32_t size,
- const int32_t start,
- uint8_t *buffer,
- struct tfm_log_info *info);
-/*!
- * \brief Initializes the Audit logging service
- * during the TFM boot up process
- *
- * \return Returns TFM_LOG_ERR_SUCCESS if init has been completed,
- * otherwise error as specified in \ref tfm_log_err
- */
-enum tfm_log_err log_core_init(void);
-
-/*!
- * \brief Adds a log line to the log. It's meant to be called
- * only by other services that want to log information
- *
- * \param[in] line Pointer to the line to be added. This memory must
- * be accessible by the Audit logging service
- *
- * \return Returns TFM_LOG_ERR_SUCCESS if addition has been completed
- * otherwise error as specified in \ref tfm_log_err
- *
- */
-enum tfm_log_err log_core_add_line(const struct tfm_log_line *line);
-
-/*!
- * \brief Gets the log information
- *
- * \param[out] info Pointer to the \ref tfm_log_info structure that
- * holds the current log size (both in bytes and items)
- *
- * \return Returns TFM_LOG_ERR_SUCCESS if reading has been completed,
- * otherwise error as specified in \ref tfm_log_err
- */
-enum tfm_log_err log_core_get_info(struct tfm_log_info *info);
-
-/*!
- * \brief Deletes one or more elements from the head of the log
- *
- * \param[in] num_items Number of elements to be deleted
- * \param[out] rem_items Pointer to the number of elements removed. This
- * value indicates the number of elements actually
- * removed from the log. In case the number of items
- * stored is less than the number of items requested
- * to remove, this value will reflect the number of
- * items effectively removed.
- *
- * \return Returns TFM_LOG_ERR_SUCCESS if removal has been completed,
- * otherwise error as specified in \ref tfm_log_err
- */
-enum tfm_log_err log_core_delete_items(const uint32_t num_items,
- uint32_t *rem_items);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* LOG_CORE_H_ */
diff --git a/secure_fw/services/audit_logging/manifest.yaml b/secure_fw/services/audit_logging/manifest.yaml
index b124345..0dbdeb9 100644
--- a/secure_fw/services/audit_logging/manifest.yaml
+++ b/secure_fw/services/audit_logging/manifest.yaml
@@ -19,46 +19,55 @@
{
"name": "TFM_PERIPHERAL_UART1",
"permission": "READ-WRITE",
- "conditional": "LOG_UART_REDIRECTION"
+ "conditional": "AUDIT_UART_REDIRECTION"
}
],
- "tfm_init_symbol": "log_core_init",
+ "tfm_init_symbol": "audit_core_init",
"secure_functions": [
{
- "sfid": "TFM_LOG_RETRIEVE_SFID",
- "signal": "TFM_LOG_RETRIEVE",
- "tfm_symbol": "log_core_retrieve",
+ "sfid": "TFM_AUDIT_RETRIEVE_RECORD_SFID",
+ "signal": "TFM_AUDIT_RETRIEVE_RECORD",
+ "tfm_symbol": "audit_core_retrieve_record",
"non_secure_clients": true,
"minor_version": 1,
"minor_policy": "strict"
},
{
- "sfid": "TFM_LOG_ADD_LINE_SFID",
- "signal": "TFM_LOG_ADD_LINE",
- "tfm_symbol": "log_core_add_line",
+ "sfid": "TFM_AUDIT_ADD_RECORD_SFID",
+ "signal": "TFM_AUDIT_ADD_RECORD",
+ "tfm_symbol": "audit_core_add_record",
"non_secure_clients": false,
"minor_version": 1,
"minor_policy": "strict"
},
{
- "sfid": "TFM_LOG_GET_INFO_SFID",
- "signal": "TFM_LOG_GET_INFO",
- "tfm_symbol": "log_core_get_info",
+ "sfid": "TFM_AUDIT_GET_INFO_SFID",
+ "signal": "TFM_AUDIT_GET_INFO",
+ "tfm_symbol": "audit_core_get_info",
"non_secure_clients": true,
"minor_version": 1,
"minor_policy": "strict"
},
{
- "sfid": "TFM_LOG_DELETE_ITEMS_SFID",
- "signal": "TFM_LOG_DELETE_ITEMS",
- "tfm_symbol": "log_core_delete_items",
+ "sfid": "TFM_AUDIT_GET_RECORD_INFO_SFID",
+ "signal": "TFM_AUDIT_GET_RECORD_INFO",
+ "tfm_symbol": "audit_core_get_record_info",
+ "non_secure_clients": true,
+ "minor_version": 1,
+ "minor_policy": "strict"
+ },
+ {
+ "sfid": "TFM_AUDIT_DELETE_RECORD_SFID",
+ "signal": "TFM_AUDIT_DELETE_RECORD",
+ "tfm_symbol": "audit_core_delete_record",
"non_secure_clients": true,
"minor_version": 1,
"minor_policy": "strict"
}
],
"source_files": [
- "log_core.c"
+ "audit_core.c",
+ "audit_wrappers.c"
],
"tfm_linker_pattern": {
"library_list": [
diff --git a/secure_fw/services/tfm_partition_list.inc b/secure_fw/services/tfm_partition_list.inc
index c5ad1b8..6b6547f 100644
--- a/secure_fw/services/tfm_partition_list.inc
+++ b/secure_fw/services/tfm_partition_list.inc
@@ -16,10 +16,10 @@
/******** TFM_SP_AUDIT_LOG ********/
PARTITION_DECLARE(TFM_SP_AUDIT_LOG, SPM_PART_FLAG_SECURE | SPM_PART_FLAG_TRUSTED);
-PARTITION_ADD_INIT_FUNC(TFM_SP_AUDIT_LOG, log_core_init);
-#ifdef LOG_UART_REDIRECTION
+PARTITION_ADD_INIT_FUNC(TFM_SP_AUDIT_LOG, audit_core_init);
+#ifdef AUDIT_UART_REDIRECTION
PARTITION_ADD_PERIPHERAL(TFM_SP_AUDIT_LOG, TFM_PERIPHERAL_UART1);
-#endif /* LOG_UART_REDIRECTION */
+#endif /* AUDIT_UART_REDIRECTION */
#ifdef TFM_PARTITION_TEST_CORE
/******** TFM_SP_CORE_TEST ********/
diff --git a/test/CMakeLists.inc b/test/CMakeLists.inc
index 61fb94c..fdc59bf 100644
--- a/test/CMakeLists.inc
+++ b/test/CMakeLists.inc
@@ -30,5 +30,5 @@
include(${CMAKE_CURRENT_LIST_DIR}/suites/core/CMakeLists.inc)
include(${CMAKE_CURRENT_LIST_DIR}/suites/invert/CMakeLists.inc)
include(${CMAKE_CURRENT_LIST_DIR}/suites/sst/CMakeLists.inc)
-include(${CMAKE_CURRENT_LIST_DIR}/suites/log/CMakeLists.inc)
+include(${CMAKE_CURRENT_LIST_DIR}/suites/audit/CMakeLists.inc)
include(${CMAKE_CURRENT_LIST_DIR}/test_services/CMakeLists.inc)
diff --git a/test/framework/non_secure_suites.c b/test/framework/non_secure_suites.c
index da74723..51ed186 100644
--- a/test/framework/non_secure_suites.c
+++ b/test/framework/non_secure_suites.c
@@ -11,7 +11,7 @@
/* Service specific includes */
#include "test/suites/sst/non_secure/sst_ns_tests.h"
-#include "test/suites/log/non_secure/log_ns_tests.h"
+#include "test/suites/audit/non_secure/audit_ns_tests.h"
#include "test/suites/invert/non_secure/invert_ns_tests.h"
#include "test/suites/core/non_secure/core_ns_tests.h"
@@ -26,8 +26,8 @@
{®ister_testsuite_ns_sst_ref_access, 0, 0, 0},
#endif
- /* Non-secure LOG test cases */
- {®ister_testsuite_ns_log_interface, 0, 0, 0},
+ /* Non-secure Audit Logging test cases */
+ {®ister_testsuite_ns_audit_interface, 0, 0, 0},
#ifdef TFM_PARTITION_TEST_CORE
/* Non-secure invert test cases */
diff --git a/test/framework/secure_suites.c b/test/framework/secure_suites.c
index f002cd7..63f0e96 100644
--- a/test/framework/secure_suites.c
+++ b/test/framework/secure_suites.c
@@ -11,7 +11,7 @@
/* Service specific includes */
#include "test/suites/sst/secure/sst_tests.h"
-#include "test/suites/log/secure/log_s_tests.h"
+#include "test/suites/audit/secure/audit_s_tests.h"
#include "test/suites/invert/secure/invert_s_tests.h"
#include "secure_fw/services/secure_storage/sst_object_system.h"
@@ -21,8 +21,8 @@
{®ister_testsuite_s_sst_sec_interface, 0, 0, 0},
{®ister_testsuite_s_sst_reliability, 0, 0, 0},
- /* Secure LOG test cases */
- {®ister_testsuite_s_log_interface, 0, 0, 0},
+ /* Secure Audit Logging test cases */
+ {®ister_testsuite_s_audit_interface, 0, 0, 0},
#ifdef TFM_PARTITION_TEST_CORE
/* Secure invert test cases */
diff --git a/test/suites/log/CMakeLists.inc b/test/suites/audit/CMakeLists.inc
similarity index 93%
rename from test/suites/log/CMakeLists.inc
rename to test/suites/audit/CMakeLists.inc
index 52b39c1..5231381 100644
--- a/test/suites/log/CMakeLists.inc
+++ b/test/suites/audit/CMakeLists.inc
@@ -27,8 +27,8 @@
if (NOT DEFINED ENABLE_AUDIT_LOGGING_SERVICE_TESTS)
message(FATAL_ERROR "Incomplete build configuration: ENABLE_AUDIT_LOGGING_SERVICE_TESTS is undefined. ")
elseif(ENABLE_AUDIT_LOGGING_SERVICE_TESTS)
- list(APPEND ALL_SRC_C_S "${AUDIT_LOGGING_TEST_DIR}/secure/log_s_interface_testsuite.c")
- list(APPEND ALL_SRC_C_NS "${AUDIT_LOGGING_TEST_DIR}/non_secure/log_ns_interface_testsuite.c")
+ list(APPEND ALL_SRC_C_S "${AUDIT_LOGGING_TEST_DIR}/secure/audit_s_interface_testsuite.c")
+ list(APPEND ALL_SRC_C_NS "${AUDIT_LOGGING_TEST_DIR}/non_secure/audit_ns_interface_testsuite.c")
#Setting include directories
embedded_include_directories(PATH ${TFM_ROOT_DIR} ABSOLUTE)
diff --git a/test/suites/log/log_tests_common.h b/test/suites/audit/audit_tests_common.h
similarity index 70%
rename from test/suites/log/log_tests_common.h
rename to test/suites/audit/audit_tests_common.h
index 0b10293..c23efff 100644
--- a/test/suites/log/log_tests_common.h
+++ b/test/suites/audit/audit_tests_common.h
@@ -5,8 +5,8 @@
*
*/
-#ifndef __LOG_TESTS_COMMON_H__
-#define __LOG_TESTS_COMMON_H__
+#ifndef __AUDIT_TESTS_COMMON_H__
+#define __AUDIT_TESTS_COMMON_H__
#include <stddef.h>
@@ -28,7 +28,7 @@
* \brief Size in bytes of the local buffer. Size accomodates two standard size
* (no payload) log items, at maximum
*/
-#define LOCAL_BUFFER_SIZE (100)
+#define LOCAL_BUFFER_SIZE (80)
/*!
* \def LOCAL_BUFFER_ITEMS
@@ -42,24 +42,24 @@
* \def STANDARD_LOG_ENTRY_SIZE
*
* \brief A log item with no payload (standard size) has the following size.
- * More details can be found observing \ref tfm_log_line
+ * More details can be found observing \ref psa_audit_record
* \ref tfm_log_tlr and \ref tfm_log_hdr
*/
-#define STANDARD_LOG_ENTRY_SIZE (44)
+#define STANDARD_LOG_ENTRY_SIZE (28)
/*!
* \def INITIAL_LOGGING_REQUESTS
*
* \brief Number of initial consecutive logging requests to perform
*/
-#define INITIAL_LOGGING_REQUESTS (23)
+#define INITIAL_LOGGING_REQUESTS (36)
/*!
* \def INITIAL_LOGGING_SIZE
*
* \brief Size of the initial consecutive logging requests
*/
-#define INITIAL_LOGGING_SIZE (1012)
+#define INITIAL_LOGGING_SIZE (1008)
/*!
* \def FINAL_LOGGING_REQUESTS
@@ -79,17 +79,24 @@
* \note This defines the state of the log when secure interface tests are
* terminated
*/
-#define FINAL_LOGGING_SIZE (88)
+#define FINAL_LOGGING_SIZE (56)
+
+/*!
+ * \def DUMMY_TEST_ID_BASE
+ *
+ * \brief The log record is initialized with a dummy ID which uses this value as
+ * base value
+ */
+#define DUMMY_TEST_RECORD_ID_BASE (0xABCD0000)
/*!
* \def SECOND_ELEMENT_EXPECTED_CONTENT
*
- * \brief Content of the log line in the second log item in the final request.
- * In particular this is the value of the first argument which has been
- * stored in the last addition from the secure test suite
+ * \brief Content of the log record in the second log item in the final request
+ *
*/
-#define SECOND_ELEMENT_EXPECTED_CONTENT ( 1 + \
- (INITIAL_LOGGING_REQUESTS+1+FINAL_LOGGING_REQUESTS)*10 )
+#define SECOND_ELEMENT_EXPECTED_CONTENT ( (DUMMY_TEST_RECORD_ID_BASE) + \
+ (INITIAL_LOGGING_REQUESTS+1+FINAL_LOGGING_REQUESTS) )
/*!
* \def MAX_LOG_SIZE
*
@@ -101,14 +108,14 @@
#define MAX_LOG_SIZE (1024)
/*!
- * \def MAX_LOG_LINE_SIZE
+ * \def MAX_LOG_RECORD_SIZE
*
* \brief The maximum possible log line size to fill a MAX_LOG_SIZE bytes log
*
* \note This takes into account additional fields that are concatenated to the
- * log line in the header and trailer
+ * record in the header and trailer
*/
-#define MAX_LOG_LINE_SIZE (1000)
+#define MAX_LOG_RECORD_SIZE (1000)
/*!
* \def INITIAL_LOG_SIZE
@@ -120,16 +127,16 @@
#define INITIAL_LOG_SIZE (FINAL_LOGGING_SIZE)
/*!
- * \def INITIAL_LOG_ITEMS
+ * \def INITIAL_LOG_RECORDS
*
- * \brief Initial state of the log number of items
+ * \brief Initial state of the log number of records
*
* \note This defines the state of the log when non-secure interface tests start
*/
-#define INITIAL_LOG_ITEMS (FINAL_LOGGING_REQUESTS)
+#define INITIAL_LOG_RECORDS (FINAL_LOGGING_REQUESTS)
#ifdef __cplusplus
}
#endif
-#endif /* __LOG_TESTS_COMMON_H__ */
+#endif /* __AUDIT_TESTS_COMMON_H__ */
diff --git a/test/suites/audit/non_secure/audit_ns_interface_testsuite.c b/test/suites/audit/non_secure/audit_ns_interface_testsuite.c
new file mode 100644
index 0000000..2391f18
--- /dev/null
+++ b/test/suites/audit/non_secure/audit_ns_interface_testsuite.c
@@ -0,0 +1,256 @@
+/*
+ * Copyright (c) 2018, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#include "test/framework/helpers.h"
+#include "psa_audit_api.h"
+#include "audit_ns_tests.h"
+#include "tfm_api.h"
+#include "secure_fw/services/audit_logging/audit_core.h"
+
+#include "../audit_tests_common.h"
+
+/*!
+ * \def EMPTY_RETRIEVED_LOG_SIZE
+ *
+ * \brief Log size when the retrieved buffer is empty
+ */
+#define EMPTY_RETRIEVED_LOG_SIZE (0)
+
+/*!
+ * \def EMPTY_RETRIEVED_LOG_ITEMS
+ *
+ * \brief Number of log items when retrieved buffer is empty
+ */
+#define EMPTY_RETRIEVED_LOG_ITEMS (0)
+
+/*!
+ * \def SINGLE_RETRIEVED_LOG_SIZE
+ *
+ * \brief Log size when the retrieved buffer has 1 item
+ * of standard size (no payload)
+ */
+#define SINGLE_RETRIEVED_LOG_SIZE (STANDARD_LOG_ENTRY_SIZE)
+
+/*!
+ * \def SINGLE_RETRIEVED_LOG_ITEMS
+ *
+ * \brief Number of log items when retrieved buffer has 1 item
+ */
+#define SINGLE_RETRIEVED_LOG_ITEMS (1)
+
+/*!
+ * \def SECOND_ELEMENT_START_INDEX
+ *
+ * \brief Index of the second item in the log
+ */
+#define SECOND_ELEMENT_START_INDEX (1)
+
+/* List of tests */
+static void tfm_audit_test_1001(struct test_result_t *ret);
+
+static struct test_t audit_veneers_tests[] = {
+ {&tfm_audit_test_1001, "TFM_AUDIT_TEST_1001",
+ "Non Secure functional", {0} },
+};
+
+void register_testsuite_ns_audit_interface(struct test_suite_t *p_test_suite)
+{
+ uint32_t list_size;
+
+ list_size = (sizeof(audit_veneers_tests) /
+ sizeof(audit_veneers_tests[0]));
+
+ set_testsuite("AuditLog non-secure interface test (TFM_AUDIT_TEST_1XXX)",
+ audit_veneers_tests, list_size, p_test_suite);
+}
+
+/**
+ * \brief Functional test of NS API
+ *
+ * \note This is a functional test only and doesn't
+ * mean to test all possible combinations of
+ * input parameters and return values.
+ * This tests the current status of the log as
+ * it's been left from the Secure tests. In case
+ * other tests are added in the Secure test suite,
+ * the status of the log will change and these
+ * tests may start failing.
+ */
+static void tfm_audit_test_1001(struct test_result_t *ret)
+{
+ enum psa_audit_err err;
+
+ uint8_t local_buffer[LOCAL_BUFFER_SIZE];
+ uint32_t idx, stored_size, num_records, retrieved_size;
+
+ struct psa_audit_record *retrieved_buffer;
+
+ /* Get the log size (current state) */
+ err = psa_audit_get_info(&num_records, &stored_size);
+ if (err != PSA_AUDIT_ERR_SUCCESS) {
+ TEST_FAIL("Getting log info has returned error");
+ return;
+ }
+
+ if (stored_size != INITIAL_LOG_SIZE) {
+ TEST_FAIL("Stored size different from " STR(INITIAL_LOG_SIZE));
+ return;
+ }
+
+ if (num_records != INITIAL_LOG_RECORDS) {
+ TEST_FAIL("Stored records different from " STR(INITIAL_LOG_RECORDS));
+ return;
+ }
+
+ /* Check the length of each record individually */
+ for (idx=0; idx<num_records; idx++) {
+ err = psa_audit_get_record_info(idx, &stored_size);
+ if (err != PSA_AUDIT_ERR_SUCCESS) {
+ TEST_FAIL("Getting record size individually has returned error");
+ return;
+ }
+
+ if (stored_size != STANDARD_LOG_ENTRY_SIZE) {
+ TEST_FAIL("Unexpected record size for a single standard record");
+ return;
+ }
+ }
+
+ /* Check that if requesting length of a record which is not there fails */
+ err = psa_audit_get_record_info(num_records, &stored_size);
+ if (err != PSA_AUDIT_ERR_FAILURE) {
+ TEST_FAIL("Getting record size for non-existent record has not failed");
+ return;
+ }
+
+ /* Log contains 2 items. Retrieve into buffer which is able to contain the
+ * the full contents of the log, one record at a time
+ */
+ for (idx=0; idx<INITIAL_LOG_RECORDS; idx++) {
+ err = psa_audit_retrieve_record(
+ idx,
+ LOCAL_BUFFER_SIZE,
+ NULL,
+ 0,
+ &local_buffer[idx*STANDARD_LOG_ENTRY_SIZE],
+ &retrieved_size);
+
+ if (err != PSA_AUDIT_ERR_SUCCESS) {
+ TEST_FAIL("Log retrieval from NS returned error");
+ return;
+ }
+
+ if (retrieved_size != STANDARD_LOG_ENTRY_SIZE) {
+ TEST_FAIL("Expected retrieve size: " STR(STANDARD_LOG_ENTRY_SIZE));
+ return;
+ }
+ }
+
+ /* Retrieve into a small buffer. It's not enough to store a single
+ * item so the provided buffer must be empty after retrieval. We
+ * check the info structure to count how many items and bytes have
+ * been returned, and if they're zeros items / zero bytes, there is
+ * no point in checking the contents of the local_buffer.
+ */
+ err = psa_audit_retrieve_record(0,
+ LOCAL_BUFFER_SIZE/4,
+ NULL,
+ 0,
+ &local_buffer[0],
+ &retrieved_size);
+
+ if (err != PSA_AUDIT_ERR_FAILURE) {
+ TEST_FAIL("Log retrieval from NS should fail, buffer too small");
+ return;
+ }
+
+ if (retrieved_size != EMPTY_RETRIEVED_LOG_SIZE) {
+ TEST_FAIL("Expected log size is " STR(EMPTY_RETRIEVED_LOG_SIZE));
+ return;
+ }
+
+ /* Retrieve into a buffer which can hold a single element, but start from
+ * the second element that is stored in the log
+ */
+ err = psa_audit_retrieve_record(1,
+ STANDARD_LOG_ENTRY_SIZE,
+ NULL,
+ 0,
+ &local_buffer[0],
+ &retrieved_size);
+
+ if (err != PSA_AUDIT_ERR_SUCCESS) {
+ TEST_FAIL("Log retrieval from NS returned error");
+ return;
+ }
+
+ if (retrieved_size != SINGLE_RETRIEVED_LOG_SIZE) {
+ TEST_FAIL("Expected log size is " STR(SINGLE_RETRIEVED_LOG_SIZE));
+ return;
+ }
+
+ /* Inspect the contents of the retrieved buffer, i.e. check the
+ * retrieved log record contents
+ */
+ retrieved_buffer = (struct psa_audit_record *)
+ &local_buffer[offsetof(struct log_hdr, size)];
+
+ if (retrieved_buffer->id != SECOND_ELEMENT_EXPECTED_CONTENT) {
+ TEST_FAIL("Unexpected argument in the first entry");
+ return;
+ }
+
+ /* Delete oldest element in the log */
+ err = psa_audit_delete_record(0, NULL, 0);
+ if (err != PSA_AUDIT_ERR_SUCCESS) {
+ TEST_FAIL("Log record deletion from NS returned error");
+ return;
+ }
+
+ /* Get the log size (current state) */
+ err = psa_audit_get_info(&num_records, &stored_size);
+ if (err != PSA_AUDIT_ERR_SUCCESS) {
+ TEST_FAIL("Getting log info has returned error");
+ return;
+ }
+
+ if (num_records != 1) {
+ TEST_FAIL("Unexpected number of records in the log after delete");
+ return;
+ }
+
+ if (stored_size != STANDARD_LOG_ENTRY_SIZE) {
+ TEST_FAIL("Unexpected size in the log after deletion");
+ return;
+ }
+
+ /* Delete oldest element in the log. After this, the log will be empty */
+ err = psa_audit_delete_record(0, NULL, 0);
+ if (err != PSA_AUDIT_ERR_SUCCESS) {
+ TEST_FAIL("Log record deletion from NS returned error");
+ return;
+ }
+
+ /* Get the log size (current state) */
+ err = psa_audit_get_info(&num_records, &stored_size);
+ if (err != PSA_AUDIT_ERR_SUCCESS) {
+ TEST_FAIL("Getting log info has returned error");
+ return;
+ }
+
+ if (num_records != 0) {
+ TEST_FAIL("Unexpected number of records in the log after deletion");
+ return;
+ }
+
+ if (stored_size != 0) {
+ TEST_FAIL("Unexpected size in the log after deletion");
+ return;
+ }
+
+ ret->val = TEST_PASSED;
+}
diff --git a/test/suites/log/non_secure/log_ns_tests.h b/test/suites/audit/non_secure/audit_ns_tests.h
similarity index 67%
rename from test/suites/log/non_secure/log_ns_tests.h
rename to test/suites/audit/non_secure/audit_ns_tests.h
index 110008b..3578bbe 100644
--- a/test/suites/log/non_secure/log_ns_tests.h
+++ b/test/suites/audit/non_secure/audit_ns_tests.h
@@ -5,8 +5,8 @@
*
*/
-#ifndef __LOG_NS_TESTS_H__
-#define __LOG_NS_TESTS_H__
+#ifndef __AUDIT_NS_TESTS_H__
+#define __AUDIT_NS_TESTS_H__
#ifdef __cplusplus
extern "C" {
@@ -19,10 +19,10 @@
*
* \param[in] p_test_suite The test suite to be executed.
*/
-void register_testsuite_ns_log_interface(struct test_suite_t *p_test_suite);
+void register_testsuite_ns_audit_interface(struct test_suite_t *p_test_suite);
#ifdef __cplusplus
}
#endif
-#endif /* __LOG_NS_TESTS_H__ */
+#endif /* __AUDIT_NS_TESTS_H__ */
diff --git a/test/suites/audit/secure/audit_s_interface_testsuite.c b/test/suites/audit/secure/audit_s_interface_testsuite.c
new file mode 100644
index 0000000..847ab9b
--- /dev/null
+++ b/test/suites/audit/secure/audit_s_interface_testsuite.c
@@ -0,0 +1,426 @@
+/*
+ * Copyright (c) 2018, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#include "test/framework/helpers.h"
+#include "psa_audit_api.h"
+#include "audit_s_tests.h"
+#include "tfm_api.h"
+#include "tfm_audit_veneers.h"
+#include "audit_wrappers.h"
+#include "secure_fw/services/audit_logging/audit_core.h"
+
+#include "../audit_tests_common.h"
+
+/*!
+ * \def BASE_RETRIEVAL_LOG_INDEX
+ *
+ * \brief Base index from where to start elements retrieval
+ */
+#define BASE_RETRIEVAL_LOG_INDEX (6)
+
+/*!
+ * \def FIRST_RETRIEVAL_LOG_INDEX
+ *
+ * \brief Index of the first element in the log
+ */
+#define FIRST_RETRIEVAL_LOG_INDEX (0)
+
+/* List of tests */
+static void tfm_audit_test_1001(struct test_result_t *ret);
+
+static struct test_t audit_veneers_tests[] = {
+ {&tfm_audit_test_1001, "TFM_AUDIT_TEST_1001",
+ "Secure functional", {0} },
+};
+
+void register_testsuite_s_audit_interface(struct test_suite_t *p_test_suite)
+{
+ uint32_t list_size;
+
+ list_size = (sizeof(audit_veneers_tests) /
+ sizeof(audit_veneers_tests[0]));
+
+ set_testsuite("Audit Logging secure interface test (TFM_AUDIT_TEST_1XXX)",
+ audit_veneers_tests, list_size, p_test_suite);
+}
+
+/**
+ * \brief Functional test of the Secure interface
+ *
+ * \note This is a functional test only and doesn't
+ * mean to test all possible combinations of
+ * input parameters and return values.
+ * This tests will leave the log in a certain
+ * status which, in turn, will be evaluated by
+ * the Non Secure functional tests. If any tests
+ * are added here that will leave the log in a
+ * different state, Non Secure functional tests
+ * need to be amended accordingly.
+ */
+static void tfm_audit_test_1001(struct test_result_t *ret)
+{
+ enum psa_audit_err err;
+ uint8_t local_buffer[LOCAL_BUFFER_SIZE], idx;
+ struct psa_audit_record *record = (struct psa_audit_record *)
+ &local_buffer[0];
+ uint32_t num_records, stored_size, record_size;
+ struct psa_audit_record *retrieved_buffer;
+
+ struct audit_core_retrieve_output retrieve_output_s;
+
+ /* Fill the log with 36 records, each record is 28 bytes
+ * we end up filling the log without wrapping
+ */
+ for (idx=0; idx<INITIAL_LOGGING_REQUESTS; idx++) {
+ record->size = sizeof(struct psa_audit_record) - 4;
+ record->id = DUMMY_TEST_RECORD_ID_BASE + idx;
+
+ /* The record doesn't contain any payload */
+ err = tfm_audit_veneer_add_record(record);
+ if (err != PSA_AUDIT_ERR_SUCCESS) {
+ TEST_FAIL("Record addition has returned an error");
+ return;
+ }
+ }
+
+ /* Get the log size */
+ err = tfm_audit_veneer_get_info(&num_records, &stored_size);
+ if (err != PSA_AUDIT_ERR_SUCCESS) {
+ TEST_FAIL("Getting log info has returned error");
+ return;
+ }
+
+ if (stored_size != INITIAL_LOGGING_SIZE) {
+ TEST_FAIL("Expected log size is " STR(INITIAL_LOGGING_SIZE));
+ return;
+ }
+
+ if (num_records != INITIAL_LOGGING_REQUESTS) {
+ TEST_FAIL("Expected log records are " STR(INITIAL_LOGGING_REQUESTS));
+ return;
+ }
+
+ /* Retrieve two log records starting from a given index */
+ for (idx=BASE_RETRIEVAL_LOG_INDEX; idx<BASE_RETRIEVAL_LOG_INDEX+2; idx++) {
+
+ struct audit_core_retrieve_input retrieve_input_s =
+ {.record_index = idx,
+ .buffer_size = LOCAL_BUFFER_SIZE,
+ .token = NULL,
+ .token_size = 0};
+ retrieve_output_s.buffer =
+ &local_buffer[(idx-BASE_RETRIEVAL_LOG_INDEX)*STANDARD_LOG_ENTRY_SIZE];
+ retrieve_output_s.record_size = &record_size;
+
+ err = tfm_audit_veneer_retrieve_record(&retrieve_input_s,
+ &retrieve_output_s);
+
+ if (err != PSA_AUDIT_ERR_SUCCESS) {
+ TEST_FAIL("Retrieve indexes 6 or 7 has returned an error");
+ return;
+ }
+
+ if (record_size != STANDARD_LOG_ENTRY_SIZE) {
+ TEST_FAIL("Expected log size is " STR(STANDARD_LOG_ENTRY_SIZE));
+ return;
+ }
+ }
+
+ /* Inspect the content of the second log record retrieved */
+ retrieved_buffer = (struct psa_audit_record *)
+ &local_buffer[offsetof(struct log_hdr,size)+STANDARD_LOG_ENTRY_SIZE];
+
+ if (retrieved_buffer->id != ( DUMMY_TEST_RECORD_ID_BASE +
+ (BASE_RETRIEVAL_LOG_INDEX+1) )) {
+ TEST_FAIL("Unexpected argument in the index 7 entry");
+ return;
+ }
+
+ /* Retrieve the last two log records */
+ for (idx=num_records-2; idx<num_records; idx++) {
+
+ struct audit_core_retrieve_input retrieve_input_s =
+ {.record_index = idx,
+ .buffer_size = LOCAL_BUFFER_SIZE,
+ .token = NULL,
+ .token_size = 0};
+ retrieve_output_s.buffer =
+ &local_buffer[(idx-(num_records-2))*STANDARD_LOG_ENTRY_SIZE];
+ retrieve_output_s.record_size = &record_size;
+
+ err = tfm_audit_veneer_retrieve_record(&retrieve_input_s,
+ &retrieve_output_s);
+
+ if (err != PSA_AUDIT_ERR_SUCCESS) {
+ TEST_FAIL("Retrieve of last two log records has returned error");
+ return;
+ }
+
+ if (record_size != STANDARD_LOG_ENTRY_SIZE) {
+ TEST_FAIL("Expected log size is " STR(STANDARD_LOG_ENTRY_SIZE));
+ return;
+ }
+ }
+
+ /* Inspect the first record retrieved in the local buffer */
+ retrieved_buffer = (struct psa_audit_record *)
+ &local_buffer[offsetof(struct log_hdr,size)];
+
+ if (retrieved_buffer->id != ( DUMMY_TEST_RECORD_ID_BASE +
+ (INITIAL_LOGGING_REQUESTS-2) )) {
+ TEST_FAIL("Unexpected argument in the second last entry");
+ return;
+ }
+
+ /* Retrieve the first log item */
+ struct audit_core_retrieve_input retrieve_input_s_first =
+ {.record_index = 0,
+ .buffer_size = LOCAL_BUFFER_SIZE,
+ .token = NULL,
+ .token_size = 0};
+
+ retrieve_output_s.buffer = &local_buffer[0];
+ retrieve_output_s.record_size = &record_size;
+
+ err = tfm_audit_veneer_retrieve_record(&retrieve_input_s_first,
+ &retrieve_output_s);
+
+ if (err != PSA_AUDIT_ERR_SUCCESS) {
+ TEST_FAIL("Retrieve of the first log entry has returned error");
+ return;
+ }
+
+ if (record_size != STANDARD_LOG_ENTRY_SIZE) {
+ TEST_FAIL("Expected log size is " STR(STANDARD_LOG_ENTRY_SIZE));
+ return;
+ }
+
+ if (retrieved_buffer->id != DUMMY_TEST_RECORD_ID_BASE) {
+ TEST_FAIL("Unexpected argument in the first entry");
+ return;
+ }
+
+ /* Retrieve the last log item */
+ struct audit_core_retrieve_input retrieve_input_s_last =
+ {.record_index = num_records-1,
+ .buffer_size = LOCAL_BUFFER_SIZE,
+ .token = NULL,
+ .token_size = 0};
+
+ retrieve_output_s.buffer = &local_buffer[0];
+ retrieve_output_s.record_size = &record_size;
+
+ err = tfm_audit_veneer_retrieve_record(&retrieve_input_s_last,
+ &retrieve_output_s);
+
+ if (err != PSA_AUDIT_ERR_SUCCESS) {
+ TEST_FAIL("Retrieve of last two log entries has returned error");
+ return;
+ }
+
+ if (record_size != STANDARD_LOG_ENTRY_SIZE) {
+ TEST_FAIL("Expected log size is " STR(STANDARD_LOG_ENTRY_SIZE));
+ return;
+ }
+
+ /* Inspect the item just retrieved */
+ if (retrieved_buffer->id != ( DUMMY_TEST_RECORD_ID_BASE +
+ (INITIAL_LOGGING_REQUESTS-1) )) {
+ TEST_FAIL("Unexpected argument in the second last entry");
+ return;
+ }
+
+ /* Fill one more log record, this will wrap */
+ record->size = sizeof(struct psa_audit_record) - 4;
+ record->id = DUMMY_TEST_RECORD_ID_BASE + INITIAL_LOGGING_REQUESTS;
+
+ /* The addition of this new log item will wrap the log ending */
+ err = tfm_audit_veneer_add_record(record);
+ if (err != PSA_AUDIT_ERR_SUCCESS) {
+ TEST_FAIL("Record addition has returned an error");
+ return;
+ }
+
+ /* Get the log size */
+ err = tfm_audit_veneer_get_info(&num_records, &stored_size);
+ if (err != PSA_AUDIT_ERR_SUCCESS) {
+ TEST_FAIL("Getting log info has returned error");
+ return;
+ }
+
+ /* Check that the log state is the same, the item addition just performed
+ * is resulted into the removal of the oldest entry, so log size and number
+ * of log records is still the same as before
+ */
+ if (stored_size != INITIAL_LOGGING_SIZE) {
+ TEST_FAIL("Expected log size is " STR(INITIAL_LOGGING_SIZE));
+ return;
+ }
+
+ if (num_records != INITIAL_LOGGING_REQUESTS) {
+ TEST_FAIL("Expected log records are " STR(INITIAL_LOGGING_REQUESTS));
+ return;
+ }
+
+ /* Retrieve the last two log records */
+ for (idx=num_records-2; idx<num_records; idx++) {
+
+ struct audit_core_retrieve_input retrieve_input_s =
+ {.record_index = idx,
+ .buffer_size = LOCAL_BUFFER_SIZE,
+ .token = NULL,
+ .token_size = 0};
+
+ retrieve_output_s.buffer =
+ &local_buffer[(idx-(num_records-2))*STANDARD_LOG_ENTRY_SIZE];
+ retrieve_output_s.record_size = &record_size;
+
+ /* Retrieve the last two items */
+ err = tfm_audit_veneer_retrieve_record(&retrieve_input_s,
+ &retrieve_output_s);
+
+ if (err != PSA_AUDIT_ERR_SUCCESS) {
+ TEST_FAIL("Retrieve of last two log records has returned error");
+ return;
+ }
+
+ if (record_size != STANDARD_LOG_ENTRY_SIZE) {
+ TEST_FAIL("Expected record size is " STR(STANDARD_LOG_ENTRY_SIZE));
+ return;
+ }
+ }
+
+ /* Inspect the first record retrieved */
+ if (retrieved_buffer->id != ( DUMMY_TEST_RECORD_ID_BASE +
+ (INITIAL_LOGGING_REQUESTS-1) )) {
+ TEST_FAIL("Unexpected argument in the second last entry");
+ return;
+ }
+
+ /* Inspect the second record retrieved in the local buffer */
+ retrieved_buffer = (struct psa_audit_record *)
+ &local_buffer[offsetof(struct log_hdr,size)+STANDARD_LOG_ENTRY_SIZE];
+
+ if (retrieved_buffer->id != ( DUMMY_TEST_RECORD_ID_BASE +
+ (INITIAL_LOGGING_REQUESTS) )) {
+ TEST_FAIL("Unexpected argument in the last entry");
+ return;
+ }
+
+ /* Fill now one big record that will invalidate all existing records */
+ record->size = MAX_LOG_RECORD_SIZE;
+ record->id = DUMMY_TEST_RECORD_ID_BASE + INITIAL_LOGGING_REQUESTS + 1;
+
+ /* The record has maximum possible payload for log size of 1024 */
+ err = tfm_audit_veneer_add_record(record);
+ if (err != PSA_AUDIT_ERR_SUCCESS) {
+ TEST_FAIL("Record addition has returned an error");
+ return;
+ }
+
+ /* Get the log size */
+ err = tfm_audit_veneer_get_info(&num_records, &stored_size);
+ if (err != PSA_AUDIT_ERR_SUCCESS) {
+ TEST_FAIL("Getting log info has returned error");
+ return;
+ }
+
+ /* Check that the log state has one element with maximum size */
+ if (stored_size != MAX_LOG_SIZE) {
+ TEST_FAIL("Expected log size is " STR(MAX_LOG_SIZE));
+ return;
+ }
+
+ if (num_records != 1) {
+ TEST_FAIL("Expected log records are 1");
+ return;
+ }
+
+ /* Try to retrieve the maximum possible size that fits our buffer.
+ * As there is just one big record filling the whole space, nothing
+ * will be returned and the API will fail
+ */
+ struct audit_core_retrieve_input retrieve_input_s_max =
+ {.record_index = 0,
+ .buffer_size = LOCAL_BUFFER_SIZE,
+ .token = NULL,
+ .token_size = 0};
+
+ retrieve_output_s.buffer = &local_buffer[0];
+ retrieve_output_s.record_size = &record_size;
+
+ err = tfm_audit_veneer_retrieve_record(&retrieve_input_s_max,
+ &retrieve_output_s);
+
+ if (err != PSA_AUDIT_ERR_FAILURE) {
+ TEST_FAIL("Retrieve of index 0 should fail as it's too big");
+ return;
+ }
+
+ if (record_size != 0) {
+ TEST_FAIL("Retrieved log size has unexpected size instead of 0");
+ return;
+ }
+
+ /* Add two standard length records again */
+ for (idx=0; idx<2; idx++) {
+ record->size = sizeof(struct psa_audit_record) - 4;
+ record->id = DUMMY_TEST_RECORD_ID_BASE +
+ INITIAL_LOGGING_REQUESTS + 2 + idx;
+
+ /* The record doesn't contain any payload */
+ err = tfm_audit_veneer_add_record(record);
+ if (err != PSA_AUDIT_ERR_SUCCESS) {
+ TEST_FAIL("Record addition has returned an error");
+ return;
+ }
+ }
+
+ /* Get the log size */
+ err = tfm_audit_veneer_get_info(&num_records, &stored_size);
+ if (err != PSA_AUDIT_ERR_SUCCESS) {
+ TEST_FAIL("Getting log info has returned error");
+ return;
+ }
+
+ /* As the log was full, the addition of the last two log records results
+ * in the resetting of the log completely. The log will contain only
+ * the last two items we have just added.
+ */
+ if (stored_size != FINAL_LOGGING_SIZE) {
+ TEST_FAIL("Expected log size is " STR(FINAL_LOGGING_SIZE));
+ return;
+ }
+
+ if (num_records != FINAL_LOGGING_REQUESTS) {
+ TEST_FAIL("Expected log records are " STR(FINAL_LOGGING_REQUESTS));
+ return;
+ }
+
+ /* Check the length of each record individually */
+ for (idx=0; idx<num_records; idx++) {
+ err = tfm_audit_veneer_get_record_info(idx, &stored_size);
+ if (err != PSA_AUDIT_ERR_SUCCESS) {
+ TEST_FAIL("Getting record size individually has returned error");
+ return;
+ }
+
+ if (stored_size != STANDARD_LOG_ENTRY_SIZE) {
+ TEST_FAIL("Unexpected log record size for a single standard item");
+ return;
+ }
+ }
+
+ /* Check that if requesting length of a record which is not there fails */
+ err = tfm_audit_veneer_get_record_info(num_records, &stored_size);
+ if (err != PSA_AUDIT_ERR_FAILURE) {
+ TEST_FAIL("Getting record size for non-existent record has not failed");
+ return;
+ }
+
+ ret->val = TEST_PASSED;
+}
diff --git a/test/suites/log/secure/log_s_tests.h b/test/suites/audit/secure/audit_s_tests.h
similarity index 68%
rename from test/suites/log/secure/log_s_tests.h
rename to test/suites/audit/secure/audit_s_tests.h
index 0ef77dd..87bc904 100644
--- a/test/suites/log/secure/log_s_tests.h
+++ b/test/suites/audit/secure/audit_s_tests.h
@@ -5,8 +5,8 @@
*
*/
-#ifndef __LOG_S_TESTS_H__
-#define __LOG_S_TESTS_H__
+#ifndef __AUDIT_S_TESTS_H__
+#define __AUDIT_S_TESTS_H__
#ifdef __cplusplus
extern "C" {
@@ -19,10 +19,10 @@
*
* \param[in] p_test_suite The test suite to be executed.
*/
-void register_testsuite_s_log_interface(struct test_suite_t *p_test_suite);
+void register_testsuite_s_audit_interface(struct test_suite_t *p_test_suite);
#ifdef __cplusplus
}
#endif
-#endif /* __LOG_S_TESTS_H__ */
+#endif /* __AUDIT_S_TESTS_H__ */
diff --git a/test/suites/log/non_secure/log_ns_interface_testsuite.c b/test/suites/log/non_secure/log_ns_interface_testsuite.c
deleted file mode 100644
index e1e6c4e..0000000
--- a/test/suites/log/non_secure/log_ns_interface_testsuite.c
+++ /dev/null
@@ -1,249 +0,0 @@
-/*
- * Copyright (c) 2018, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#include "test/framework/helpers.h"
-#include "tfm_log_api.h"
-#include "log_ns_tests.h"
-#include "tfm_api.h"
-#include "secure_fw/services/audit_logging/log_core.h"
-
-#include "../log_tests_common.h"
-
-/*!
- * \def EMPTY_RETRIEVED_LOG_SIZE
- *
- * \brief Log size when the retrieved buffer is empty
- */
-#define EMPTY_RETRIEVED_LOG_SIZE (0)
-
-/*!
- * \def EMPTY_RETRIEVED_LOG_ITEMS
- *
- * \brief Number of log items when retrieved buffer is empty
- */
-#define EMPTY_RETRIEVED_LOG_ITEMS (0)
-
-/*!
- * \def SINGLE_RETRIEVED_LOG_SIZE
- *
- * \brief Log size when the retrieved buffer has 1 item
- * of standard size (no payload)
- */
-#define SINGLE_RETRIEVED_LOG_SIZE (STANDARD_LOG_ENTRY_SIZE)
-
-/*!
- * \def SINGLE_RETRIEVED_LOG_ITEMS
- *
- * \brief Number of log items when retrieved buffer has 1 item
- */
-#define SINGLE_RETRIEVED_LOG_ITEMS (1)
-
-/*!
- * \def SECOND_ELEMENT_START_INDEX
- *
- * \brief Index of the second item in the log
- */
-#define SECOND_ELEMENT_START_INDEX (1)
-
-/* List of tests */
-static void tfm_log_test_1001(struct test_result_t *ret);
-
-static struct test_t log_veneers_tests[] = {
- {&tfm_log_test_1001, "TFM_LOG_TEST_1001",
- "Non Secure functional", {0} },
-};
-
-void register_testsuite_ns_log_interface(struct test_suite_t *p_test_suite)
-{
- uint32_t list_size;
-
- list_size = (sizeof(log_veneers_tests) /
- sizeof(log_veneers_tests[0]));
-
- set_testsuite("Audit Logging non-secure interface test (TFM_LOG_TEST_1XXX)",
- log_veneers_tests, list_size, p_test_suite);
-}
-
-/**
- * \brief Functional test of NS API
- *
- * \note This is a functional test only and doesn't
- * mean to test all possible combinations of
- * input parameters and return values.
- * This tests the current status of the log as
- * it's been left from the Secure tests. In case
- * other tests are added in the Secure test suite,
- * the status of the log will change and these
- * tests may start failing.
- */
-static void tfm_log_test_1001(struct test_result_t *ret)
-{
- enum tfm_log_err err;
-
- uint8_t local_buffer[LOCAL_BUFFER_SIZE];
- uint32_t size, rem_items;
-
- struct tfm_log_info info;
- struct tfm_log_line *retrieved_buffer;
-
- /* Get the log size (current state) */
- err = tfm_log_get_info(&info);
- if (err != TFM_LOG_ERR_SUCCESS) {
- TEST_FAIL("Getting log info has returned error");
- return;
- }
-
- if (info.size != INITIAL_LOG_SIZE) {
- TEST_FAIL("Stored size different from " STR(INITIAL_LOG_SIZE));
- return;
- }
-
- if (info.num_items != INITIAL_LOG_ITEMS) {
- TEST_FAIL("Stored items number different from " STR(INITIAL_LOG_ITEMS));
- return;
- }
-
- /* Log contains 2 items. Retrieve into buffer which is able to contain the
- * the full contents of the log
- */
- size = INITIAL_LOG_SIZE;
-
- err = tfm_log_retrieve(size,
- TFM_LOG_READ_RECENT,
- &local_buffer[0],
- &info);
-
- if (err != TFM_LOG_ERR_SUCCESS) {
- TEST_FAIL("Log retrieval from NS returned error");
- return;
- }
-
- if (info.size != INITIAL_LOG_SIZE) {
- TEST_FAIL("Expected log size to retrieve is " STR(INITIAL_LOG_SIZE));
- return;
- }
-
- if (info.num_items != INITIAL_LOG_ITEMS) {
- TEST_FAIL("Expected number of items read is " STR(INITIAL_LOG_ITEMS));
- return;
- }
-
- /* Retrieve into a 16-byte buffer. It's not enough to store a single
- * item so the provided buffer must be empty after retrieval. We
- * check the info structure to count how many items and bytes have
- * been returned, and if they're zeros items / zero bytes, there is
- * no point in checking the contents of the local_buffer.
- */
- size = 16;
-
- err = tfm_log_retrieve(size,
- TFM_LOG_READ_RECENT,
- &local_buffer[0],
- &info);
-
- if (err != TFM_LOG_ERR_SUCCESS) {
- TEST_FAIL("Log retrieval from NS returned error");
- return;
- }
-
- if (info.size != EMPTY_RETRIEVED_LOG_SIZE) {
- TEST_FAIL("Expected log size is " STR(EMPTY_RETRIEVED_LOG_SIZE));
- return;
- }
-
- if (info.num_items != EMPTY_RETRIEVED_LOG_ITEMS) {
- TEST_FAIL("Expected read items are " STR(EMPTY_RETRIEVED_LOG_ITEMS));
- return;
- }
-
- /* Retrieve into a 70-byte buffer: only last entry fits and is retrieved */
- size = 70;
-
- err = tfm_log_retrieve(size,
- TFM_LOG_READ_RECENT,
- &local_buffer[0],
- &info);
-
- if (err != TFM_LOG_ERR_SUCCESS) {
- TEST_FAIL("Log retrieval from NS returned error");
- return;
- }
-
- if (info.size != SINGLE_RETRIEVED_LOG_SIZE) {
- TEST_FAIL("Expected log size is " STR(SINGLE_RETRIEVED_LOG_SIZE));
- return;
- }
-
- if (info.num_items != SINGLE_RETRIEVED_LOG_ITEMS) {
- TEST_FAIL("Expected read items are " STR(SINGLE_RETRIEVED_LOG_ITEMS));
- return;
- }
-
- /* Retrieve into a buffer which can hold a single element, but start from
- * the second element that is stored in the log
- */
- size = STANDARD_LOG_ENTRY_SIZE;
-
- err = tfm_log_retrieve(size,
- SECOND_ELEMENT_START_INDEX,
- &local_buffer[0],
- &info);
-
- if (err != TFM_LOG_ERR_SUCCESS) {
- TEST_FAIL("Log retrieval from NS returned error");
- return;
- }
-
- if (info.size != SINGLE_RETRIEVED_LOG_SIZE) {
- TEST_FAIL("Expected log size is " STR(SINGLE_RETRIEVED_LOG_SIZE));
- return;
- }
-
- if (info.num_items != SINGLE_RETRIEVED_LOG_ITEMS) {
- TEST_FAIL("Expected read items are " STR(SINGLE_RETRIEVED_LOG_ITEMS));
- return;
- }
-
- /* Inspect the contents of the retrieved buffer, i.e. check the
- * retrieved log line contents
- */
- retrieved_buffer = (struct tfm_log_line *)
- &local_buffer[offsetof(struct log_hdr, size)];
-
- if (retrieved_buffer->arg[0] != SECOND_ELEMENT_EXPECTED_CONTENT) {
- TEST_FAIL("Unexpected argument in the first entry");
- return;
- }
-
- /* Delete one element in the log */
- err = tfm_log_delete_items(1, &rem_items);
- if (err != TFM_LOG_ERR_SUCCESS) {
- TEST_FAIL("Log item deletion from NS returned error");
- return;
- }
-
- if (rem_items != 1) {
- TEST_FAIL("Unexpected number of deleted items different than 1");
- return;
- }
-
- /* Try to delete two elements in the log. The log has just one element, so
- * check that the number of deleted items is less than requested
- */
- err = tfm_log_delete_items(2, &rem_items);
- if (err != TFM_LOG_ERR_SUCCESS) {
- TEST_FAIL("Log item deletion from NS returned error");
- return;
- }
-
- if (rem_items != 1) {
- TEST_FAIL("Unexpected number of deleted items different than 1");
- return;
- }
-
- ret->val = TEST_PASSED;
-}
diff --git a/test/suites/log/secure/log_s_interface_testsuite.c b/test/suites/log/secure/log_s_interface_testsuite.c
deleted file mode 100644
index e1be93a..0000000
--- a/test/suites/log/secure/log_s_interface_testsuite.c
+++ /dev/null
@@ -1,398 +0,0 @@
-/*
- * Copyright (c) 2018, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#include "test/framework/helpers.h"
-#include "tfm_log_api.h"
-#include "log_s_tests.h"
-#include "tfm_api.h"
-#include "tfm_log_veneers.h"
-#include "secure_fw/services/audit_logging/log_core.h"
-
-#include "../log_tests_common.h"
-
-/*!
- * \def TEST_FUNCTION_ID
- *
- * \brief The log line is initialized with a function ID
- * which corresponds to the requester function ID, i.e.
- * a dummy test function ID
- */
-#define DUMMY_TEST_FUNCTION_ID (0xABCDABCD)
-
-/*!
- * \def BASE_RETRIEVAL_LOG_INDEX
- *
- * \brief Base index from where to start elements retrieval
- */
-#define BASE_RETRIEVAL_LOG_INDEX (6)
-
-/*!
- * \def FIRST_RETRIEVAL_LOG_INDEX
- *
- * \brief Index of the first element in the log
- */
-#define FIRST_RETRIEVAL_LOG_INDEX (0)
-
-/* List of tests */
-static void tfm_log_test_1001(struct test_result_t *ret);
-
-static struct test_t log_veneers_tests[] = {
- {&tfm_log_test_1001, "TFM_LOG_TEST_1001",
- "Secure functional", {0} },
-};
-
-void register_testsuite_s_log_interface(struct test_suite_t *p_test_suite)
-{
- uint32_t list_size;
-
- list_size = (sizeof(log_veneers_tests) /
- sizeof(log_veneers_tests[0]));
-
- set_testsuite("Audit Logging secure interface test (TFM_LOG_TEST_1XXX)",
- log_veneers_tests, list_size, p_test_suite);
-}
-
-/**
- * \brief Functional test of the Secure interface
- *
- * \note This is a functional test only and doesn't
- * mean to test all possible combinations of
- * input parameters and return values.
- * This tests will leave the log in a certain
- * status which, in turn, will be evaluated by
- * the Non Secure functional tests. If any tests
- * are added here that will leave the log in a
- * different state, Non Secure functional tests
- * need to be amended accordingly.
- */
-static void tfm_log_test_1001(struct test_result_t *ret)
-{
- enum tfm_log_err err;
- uint8_t local_buffer[LOCAL_BUFFER_SIZE], idx = 0;
- struct tfm_log_line *line = (struct tfm_log_line *)
- &local_buffer[0];
- struct tfm_log_info info;
- struct tfm_log_line *retrieved_buffer;
-
- /* Fill the log with 25 lines, each line is 40 bytes
- * we end up filling the log without wrapping
- */
- for (idx=0; idx<INITIAL_LOGGING_REQUESTS; idx++) {
- line->size = sizeof(struct tfm_log_line) - 4;
- line->function_id = DUMMY_TEST_FUNCTION_ID;
- line->arg[0] = 0x1 + idx*10;
- line->arg[1] = 0x2 + idx*10;
- line->arg[2] = 0x3 + idx*10;
- line->arg[3] = 0x4 + idx*10;
-
- /* The line doesn't contain any payload */
- err = tfm_log_veneer_add_line(line);
- if (err != TFM_LOG_ERR_SUCCESS) {
- TEST_FAIL("Log line addition has returned an error");
- return;
- }
- }
-
- /* Get the log size */
- err = tfm_log_veneer_get_info(&info);
- if (err != TFM_LOG_ERR_SUCCESS) {
- TEST_FAIL("Getting log info has returned error");
- return;
- }
-
- if (info.size != INITIAL_LOGGING_SIZE) {
- TEST_FAIL("Expected log size is " STR(INITIAL_LOGGING_SIZE));
- return;
- }
-
- if (info.num_items != INITIAL_LOGGING_REQUESTS) {
- TEST_FAIL("Expected log items are " STR(INITIAL_LOGGING_REQUESTS));
- return;
- }
-
- /* Retrieve two log items starting from a given index */
- err = tfm_log_veneer_retrieve(LOCAL_BUFFER_SIZE,
- BASE_RETRIEVAL_LOG_INDEX,
- &local_buffer[0],
- &info);
-
- if (err != TFM_LOG_ERR_SUCCESS) {
- TEST_FAIL("Retrieve indexes 6 and 7 has returned an error");
- return;
- }
-
- if (info.size != (2*STANDARD_LOG_ENTRY_SIZE)) {
- TEST_FAIL("Expected log size is " STR((2*STANDARD_LOG_ENTRY_SIZE)));
- return;
- }
-
- if (info.num_items != LOCAL_BUFFER_ITEMS) {
- TEST_FAIL("Expected log items are " STR(LOCAL_BUFFER_ITEMS));
- return;
- }
-
- /* Inspect the content of the second log line retrieved */
- retrieved_buffer = (struct tfm_log_line *)
- &local_buffer[offsetof(struct log_hdr,size)+STANDARD_LOG_ENTRY_SIZE];
-
- if (retrieved_buffer->arg[0] != (0x1 + (BASE_RETRIEVAL_LOG_INDEX+1)*10)) {
- TEST_FAIL("Unexpected argument in the index 7 entry");
- return;
- }
-
- /* Retrieve the last two log items */
- err = tfm_log_veneer_retrieve(LOCAL_BUFFER_SIZE,
- TFM_LOG_READ_RECENT,
- &local_buffer[0],
- &info);
-
- if (err != TFM_LOG_ERR_SUCCESS) {
- TEST_FAIL("Retrieve of last two log entries has returned error");
- return;
- }
-
- /* Inspect the first line retrieved in the local buffer */
- retrieved_buffer = (struct tfm_log_line *)
- &local_buffer[offsetof(struct log_hdr,size)];
-
- if (info.size != (2*STANDARD_LOG_ENTRY_SIZE)) {
- TEST_FAIL("Expected log size is " STR((2*STANDARD_LOG_ENTRY_SIZE)));
- return;
- }
-
- if (info.num_items != LOCAL_BUFFER_ITEMS) {
- TEST_FAIL("Expected log items are " STR(LOCAL_BUFFER_ITEMS));
- return;
- }
-
- if (retrieved_buffer->arg[0] != (0x1 + (INITIAL_LOGGING_REQUESTS-2)*10)) {
- TEST_FAIL("Unexpected argument in the second last entry");
- return;
- }
-
- /* Retrieve the first log item */
- err = tfm_log_veneer_retrieve(STANDARD_LOG_ENTRY_SIZE,
- FIRST_RETRIEVAL_LOG_INDEX,
- &local_buffer[0],
- &info);
-
- if (err != TFM_LOG_ERR_SUCCESS) {
- TEST_FAIL("Retrieve of the first log entry has returned error");
- return;
- }
-
- if (info.size != STANDARD_LOG_ENTRY_SIZE) {
- TEST_FAIL("Expected log size is " STR(STANDARD_LOG_ENTRY_SIZE));
- return;
- }
-
- if (info.num_items != 1) {
- TEST_FAIL("Number of items read is different from 1");
- return;
- }
-
- if (retrieved_buffer->arg[0] != (0x1 + FIRST_RETRIEVAL_LOG_INDEX*10)) {
- TEST_FAIL("Unexpected argument in the first entry");
- return;
- }
-
- /* Retrieve the last log item. Provide a buffer size which is slightly
- * bigger than the size of a single log entry
- */
- err = tfm_log_veneer_retrieve(STANDARD_LOG_ENTRY_SIZE+4,
- TFM_LOG_READ_RECENT,
- &local_buffer[0],
- &info);
-
- if (err != TFM_LOG_ERR_SUCCESS) {
- TEST_FAIL("Retrieve of last two log entries has returned error");
- return;
- }
-
- if (info.size != STANDARD_LOG_ENTRY_SIZE) {
- TEST_FAIL("Expected log size is " STR(STANDARD_LOG_ENTRY_SIZE));
- return;
- }
-
- if (info.num_items != 1) {
- TEST_FAIL("Number of items read is different from 1");
- return;
- }
-
- if (retrieved_buffer->arg[0] != (0x1 + (INITIAL_LOGGING_REQUESTS-1)*10)) {
- TEST_FAIL("Unexpected argument in the second last entry");
- return;
- }
-
- /* Fill one more log line, this will wrap */
- line->size = sizeof(struct tfm_log_line) - 4;
- line->function_id = DUMMY_TEST_FUNCTION_ID;
- line->arg[0] = 0x1 + INITIAL_LOGGING_REQUESTS*10;
- line->arg[1] = 0x2 + INITIAL_LOGGING_REQUESTS*10;
- line->arg[2] = 0x3 + INITIAL_LOGGING_REQUESTS*10;
- line->arg[3] = 0x4 + INITIAL_LOGGING_REQUESTS*10;
-
- /* The addition of this new log item will wrap the log ending */
- err = tfm_log_veneer_add_line(line);
- if (err != TFM_LOG_ERR_SUCCESS) {
- TEST_FAIL("Log line addition has returned an error");
- return;
- }
-
- /* Get the log size */
- err = tfm_log_veneer_get_info(&info);
- if (err != TFM_LOG_ERR_SUCCESS) {
- TEST_FAIL("Getting log info has returned error");
- return;
- }
-
- /* Check that the log state is the same, the item addition just performed
- * is resulted into the removal of the oldest entry, so log size and number
- * of log items is still the same as before
- */
- if (info.size != INITIAL_LOGGING_SIZE) {
- TEST_FAIL("Expected log size is " STR(INITIAL_LOGGING_SIZE));
- return;
- }
-
- if (info.num_items != INITIAL_LOGGING_REQUESTS) {
- TEST_FAIL("Expected log items are " STR(INITIAL_LOGGING_REQUESTS));
- return;
- }
-
- /* Retrieve the last two items */
- err = tfm_log_veneer_retrieve(LOCAL_BUFFER_SIZE,
- TFM_LOG_READ_RECENT,
- &local_buffer[0],
- &info);
-
- if (err != TFM_LOG_ERR_SUCCESS) {
- TEST_FAIL("Retrieve of last two log entries has returned error");
- return;
- }
-
- if (info.size != (2*STANDARD_LOG_ENTRY_SIZE)) {
- TEST_FAIL("Expected log size is " STR((2*STANDARD_LOG_ENTRY_SIZE)));
- return;
- }
-
- if (info.num_items != LOCAL_BUFFER_ITEMS) {
- TEST_FAIL("Expected log items are " STR(LOCAL_BUFFER_ITEMS));
- return;
- }
-
- if (retrieved_buffer->arg[0] != (0x1 + (INITIAL_LOGGING_REQUESTS-1)*10)) {
- TEST_FAIL("Unexpected argument in the second last entry");
- return;
- }
-
- /* Inspect the second line retrieved in the local buffer */
- retrieved_buffer = (struct tfm_log_line *)
- &local_buffer[offsetof(struct log_hdr,size)+STANDARD_LOG_ENTRY_SIZE];
-
- if (retrieved_buffer->arg[0] != (0x1 + INITIAL_LOGGING_REQUESTS*10)) {
- TEST_FAIL("Unexpected argument in the last entry");
- return;
- }
-
- /* Fill now one big line that will invalidate all existing lines */
- line->size = MAX_LOG_LINE_SIZE;
- line->function_id = DUMMY_TEST_FUNCTION_ID;
- line->arg[0] = 0x1 + ((INITIAL_LOGGING_REQUESTS+1)*10);
- line->arg[1] = 0x2 + ((INITIAL_LOGGING_REQUESTS+1)*10);
- line->arg[2] = 0x3 + ((INITIAL_LOGGING_REQUESTS+1)*10);
- line->arg[3] = 0x4 + ((INITIAL_LOGGING_REQUESTS+1)*10);
-
- /* The line has maximum possible payload for log size of 1024 */
- err = tfm_log_veneer_add_line(line);
- if (err != TFM_LOG_ERR_SUCCESS) {
- TEST_FAIL("Log line addition has returned an error");
- return;
- }
-
- /* Get the log size */
- err = tfm_log_veneer_get_info(&info);
- if (err != TFM_LOG_ERR_SUCCESS) {
- TEST_FAIL("Getting log info has returned error");
- return;
- }
-
- /* Check that the log state has one element with maximum size */
- if (info.size != MAX_LOG_SIZE) {
- TEST_FAIL("Expected log size is " STR(MAX_LOG_SIZE));
- return;
- }
-
- if (info.num_items != 1) {
- TEST_FAIL("Expected log items are 1");
- return;
- }
-
- /* Try to retrieve the maximum possible size that fits our buffer.
- * As there is just one big line filling the whole space, nothing
- * will be returned
- */
- err = tfm_log_veneer_retrieve(LOCAL_BUFFER_SIZE,
- TFM_LOG_READ_RECENT,
- &local_buffer[0],
- &info);
-
- if (err != TFM_LOG_ERR_SUCCESS) {
- TEST_FAIL("Retrieve of last two log entries has returned error");
- return;
- }
-
- if (info.size != 0) {
- TEST_FAIL("Retrieved log size has unexpected size instead of 0");
- return;
- }
-
- if (info.num_items != 0) {
- TEST_FAIL("Number of items read is different from 0");
- return;
- }
-
- /* Add two standard length lines again */
- for (idx=0; idx<2; idx++) {
- line->size = sizeof(struct tfm_log_line) - 4;
- line->function_id = DUMMY_TEST_FUNCTION_ID;
- line->arg[0] = 0x1 + (INITIAL_LOGGING_REQUESTS+2+idx)*10;
- line->arg[1] = 0x2 + (INITIAL_LOGGING_REQUESTS+2+idx)*10;
- line->arg[2] = 0x3 + (INITIAL_LOGGING_REQUESTS+2+idx)*10;
- line->arg[3] = 0x4 + (INITIAL_LOGGING_REQUESTS+2+idx)*10;
-
- /* The line doesn't contain any payload */
- err = tfm_log_veneer_add_line(line);
- if (err != TFM_LOG_ERR_SUCCESS) {
- TEST_FAIL("Log line addition has returned an error");
- return;
- }
- }
-
- /* Get the log size */
- err = tfm_log_veneer_get_info(&info);
- if (err != TFM_LOG_ERR_SUCCESS) {
- TEST_FAIL("Getting log info has returned error");
- return;
- }
-
- /* As the log was full, the addition of the last two log lines results
- * in the resetting of the log completely. The log will contain only
- * the last two items we have just added.
- */
- if (info.size != FINAL_LOGGING_SIZE) {
- TEST_FAIL("Expected log size is " STR(FINAL_LOGGING_SIZE));
- return;
- }
-
- if (info.num_items != FINAL_LOGGING_REQUESTS) {
- TEST_FAIL("Expected log items are " STR(FINAL_LOGGING_REQUESTS));
- return;
- }
-
- ret->val = TEST_PASSED;
-}