Interface: Fix parameter mismatch between client & service
In RPC implementations of TF-M, the data model of the Client and Service
may be different. So, for C integer types with an implementation-defined
bit width, the type definition in the client library's environment may
not be equivalent to the one in the RoT Service environment.
The IPC protocols used in TF-M generally use fixed-width types to avoid
this kind of issue. However, there are a few PSA APIs that use size_t
parameters, which are then passed in iovecs.
To avoid passing parameters of an unexpected size to the service, this
change makes the definition of size_t in the RoT Service environment
visible to the client and converts parameters as required.
Change-Id: Ieb3577479ee42d4f7c7ea6189ea96d1638cbdf39
Signed-off-by: Jamie Fox <jamie.fox@arm.com>
Signed-off-by: David Vincze <david.vincze@arm.com>
diff --git a/interface/include/psa/client.h b/interface/include/psa/client.h
index b4e8b09..967db72 100644
--- a/interface/include/psa/client.h
+++ b/interface/include/psa/client.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2021, Arm Limited. All rights reserved.
+ * SPDX-FileCopyrightText: Copyright The TrustedFirmware-M Contributors
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -21,6 +21,13 @@
#define IOVEC_LEN(arr) ((uint32_t)(sizeof(arr)/sizeof(arr[0])))
#endif
+/**
+ * Type definitions equivalent to size_t as defined in the RoT Service
+ * environment.
+ */
+typedef uint32_t rot_size_t;
+#define ROT_SIZE_MAX UINT32_MAX
+
/*********************** PSA Client Macros and Types *************************/
/**
diff --git a/interface/src/tfm_attest_api.c b/interface/src/tfm_attest_api.c
index 35d5df3..e55c3cb 100644
--- a/interface/src/tfm_attest_api.c
+++ b/interface/src/tfm_attest_api.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2022, Arm Limited. All rights reserved.
+ * SPDX-FileCopyrightText: Copyright The TrustedFirmware-M Contributors
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -42,16 +42,30 @@
size_t *token_size)
{
psa_status_t status;
+ rot_size_t challenge_size_param;
+ rot_size_t token_size_param = 0;
+
psa_invec in_vec[] = {
- {&challenge_size, sizeof(challenge_size)}
+ {&challenge_size_param, sizeof(challenge_size_param)}
};
psa_outvec out_vec[] = {
- {token_size, sizeof(size_t)}
+ {&token_size_param, sizeof(token_size_param)}
};
+ if (challenge_size > ROT_SIZE_MAX) {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
+ challenge_size_param = (rot_size_t)challenge_size;
+
+ if (token_size == NULL) {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
+
status = psa_call(TFM_ATTESTATION_SERVICE_HANDLE, TFM_ATTEST_GET_TOKEN_SIZE,
in_vec, IOVEC_LEN(in_vec),
out_vec, IOVEC_LEN(out_vec));
+ *token_size = token_size_param;
+
return status;
}
diff --git a/interface/src/tfm_its_api.c b/interface/src/tfm_its_api.c
index adea920..9488bdc 100644
--- a/interface/src/tfm_its_api.c
+++ b/interface/src/tfm_its_api.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019-2021, Arm Limited. All rights reserved.
+ * SPDX-FileCopyrightText: Copyright The TrustedFirmware-M Contributors
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -10,6 +10,12 @@
#include "psa_manifest/sid.h"
#include "tfm_its_defs.h"
+struct rot_psa_its_storage_info_t {
+ rot_size_t capacity;
+ rot_size_t size;
+ psa_storage_create_flags_t flags;
+};
+
psa_status_t psa_its_set(psa_storage_uid_t uid,
size_t data_length,
const void *p_data,
@@ -36,16 +42,22 @@
size_t *p_data_length)
{
psa_status_t status;
+ rot_size_t data_offset_param;
psa_invec in_vec[] = {
{ .base = &uid, .len = sizeof(uid) },
- { .base = &data_offset, .len = sizeof(data_offset) }
+ { .base = &data_offset_param, .len = sizeof(data_offset_param) }
};
psa_outvec out_vec[] = {
{ .base = p_data, .len = data_size }
};
+ if (data_offset > ROT_SIZE_MAX) {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
+ data_offset_param = (rot_size_t)data_offset;
+
if (p_data_length == NULL) {
return PSA_ERROR_INVALID_ARGUMENT;
}
@@ -62,19 +74,28 @@
struct psa_storage_info_t *p_info)
{
psa_status_t status;
+ struct rot_psa_its_storage_info_t info_param = {0};
psa_invec in_vec[] = {
{ .base = &uid, .len = sizeof(uid) }
};
psa_outvec out_vec[] = {
- { .base = p_info, .len = sizeof(*p_info) }
+ { .base = &info_param, .len = sizeof(info_param) }
};
+ if (p_info == NULL) {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
+
status = psa_call(TFM_INTERNAL_TRUSTED_STORAGE_SERVICE_HANDLE,
TFM_ITS_GET_INFO, in_vec, IOVEC_LEN(in_vec), out_vec,
IOVEC_LEN(out_vec));
+ p_info->capacity = info_param.capacity;
+ p_info->size = info_param.size;
+ p_info->flags = info_param.flags;
+
return status;
}
diff --git a/interface/src/tfm_ps_api.c b/interface/src/tfm_ps_api.c
index 047f4d1..a9e40f8 100644
--- a/interface/src/tfm_ps_api.c
+++ b/interface/src/tfm_ps_api.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2022, Arm Limited. All rights reserved.
+ * SPDX-FileCopyrightText: Copyright The TrustedFirmware-M Contributors
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -10,6 +10,12 @@
#include "psa_manifest/sid.h"
#include "tfm_ps_defs.h"
+struct rot_psa_ps_storage_info_t {
+ rot_size_t capacity;
+ rot_size_t size;
+ psa_storage_create_flags_t flags;
+};
+
psa_status_t psa_ps_set(psa_storage_uid_t uid,
size_t data_length,
const void *p_data,
@@ -36,16 +42,22 @@
size_t *p_data_length)
{
psa_status_t status;
+ rot_size_t data_offset_param;
psa_invec in_vec[] = {
{ .base = &uid, .len = sizeof(uid) },
- { .base = &data_offset, .len = sizeof(data_offset) }
+ { .base = &data_offset_param, .len = sizeof(data_offset_param) }
};
psa_outvec out_vec[] = {
{ .base = p_data, .len = data_size }
};
+ if (data_offset > ROT_SIZE_MAX) {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
+ data_offset_param = (rot_size_t)data_offset;
+
if (p_data_length == NULL) {
return PSA_ERROR_INVALID_ARGUMENT;
}
@@ -62,18 +74,27 @@
struct psa_storage_info_t *p_info)
{
psa_status_t status;
+ struct rot_psa_ps_storage_info_t info_param = {0};
psa_invec in_vec[] = {
{ .base = &uid, .len = sizeof(uid) }
};
psa_outvec out_vec[] = {
- { .base = p_info, .len = sizeof(*p_info) }
+ { .base = &info_param, .len = sizeof(info_param) }
};
+ if (p_info == NULL) {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
+
status = psa_call(TFM_PROTECTED_STORAGE_SERVICE_HANDLE, TFM_PS_GET_INFO,
in_vec, IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
+ p_info->capacity = info_param.capacity;
+ p_info->size = info_param.size;
+ p_info->flags = info_param.flags;
+
return status;
}