SST: Improve code quality
This patch fixes the following things:
* cast unused parameters to void to be more explicit
* check the returning value of functions
* add const keyword when mutability is not required
* initialise unitialised variables
* add parenthesis for better readability of some expressions
Change-Id: Ib0f49959f86caab8ae0fe3e75568045f96727310
Signed-off-by: Hugues de Valon <hugues.devalon@arm.com>
diff --git a/interface/src/tfm_sst_api.c b/interface/src/tfm_sst_api.c
index 0678dd4..260dbc2 100644
--- a/interface/src/tfm_sst_api.c
+++ b/interface/src/tfm_sst_api.c
@@ -121,14 +121,21 @@
psa_ps_status_t psa_ps_create(psa_ps_uid_t uid, uint32_t size,
psa_ps_create_flags_t create_flags)
{
- (void)uid, (void)size, (void)create_flags;
+ (void)uid;
+ (void)size;
+ (void)create_flags;
+
return PSA_PS_ERROR_NOT_SUPPORTED;
}
psa_ps_status_t psa_ps_set_extended(psa_ps_uid_t uid, uint32_t data_offset,
uint32_t data_length, const void *p_data)
{
- (void)uid, (void)data_offset, (void)data_length, (void)p_data;
+ (void)uid;
+ (void)data_offset;
+ (void)data_length;
+ (void)p_data;
+
return PSA_PS_ERROR_NOT_SUPPORTED;
}
diff --git a/secure_fw/services/secure_storage/flash_fs/sst_flash_fs.c b/secure_fw/services/secure_storage/flash_fs/sst_flash_fs.c
index d1d65a3..ce5d337 100644
--- a/secure_fw/services/secure_storage/flash_fs/sst_flash_fs.c
+++ b/secure_fw/services/secure_storage/flash_fs/sst_flash_fs.c
@@ -339,7 +339,11 @@
file_meta.cur_size = 0;
/* Update file metadata in to the scratch block */
- sst_flash_fs_mblock_update_scratch_file_meta(del_file_idx, &file_meta);
+ err = sst_flash_fs_mblock_update_scratch_file_meta(del_file_idx,
+ &file_meta);
+ if (err != PSA_PS_SUCCESS) {
+ return err;
+ }
/* Read all file metadata */
for (idx = 0; idx < SST_MAX_NUM_OBJECTS; idx++) {
@@ -380,7 +384,10 @@
}
}
/* Update file metadata in to the scratch block */
- sst_flash_fs_mblock_update_scratch_file_meta(idx, &file_meta);
+ err = sst_flash_fs_mblock_update_scratch_file_meta(idx, &file_meta);
+ if (err != PSA_PS_SUCCESS) {
+ return err;
+ }
}
/* Compact data block */
@@ -409,7 +416,7 @@
/* Update the metablock header, swap scratch and active blocks,
* erase scratch blocks.
*/
- sst_flash_fs_mblock_meta_update_finalize();
+ err = sst_flash_fs_mblock_meta_update_finalize();
return err;
}
diff --git a/secure_fw/services/secure_storage/flash_fs/sst_flash_fs_mblock.c b/secure_fw/services/secure_storage/flash_fs/sst_flash_fs_mblock.c
index a845efe..afd40d5 100644
--- a/secure_fw/services/secure_storage/flash_fs/sst_flash_fs_mblock.c
+++ b/secure_fw/services/secure_storage/flash_fs/sst_flash_fs_mblock.c
@@ -220,8 +220,8 @@
* \return most recent metablock
*/
static uint8_t sst_mblock_latest_meta_block(
- struct sst_metadata_block_header_t *h_meta0,
- struct sst_metadata_block_header_t *h_meta1)
+ const struct sst_metadata_block_header_t *h_meta0,
+ const struct sst_metadata_block_header_t *h_meta1)
{
uint8_t cur_meta;
uint8_t meta0_swap_count = h_meta0->active_swap_count;
@@ -734,7 +734,7 @@
*/
static psa_ps_status_t sst_init_get_active_metablock(void)
{
- uint32_t cur_meta_block;
+ uint32_t cur_meta_block = SST_BLOCK_INVALID_ID;
psa_ps_status_t err;
struct sst_metadata_block_header_t h_meta0;
struct sst_metadata_block_header_t h_meta1;
@@ -917,7 +917,8 @@
}
/* Calculate data size stored in the B0 block */
- data_size = (SST_BLOCK_SIZE - block_meta.data_start - block_meta.free_size);
+ data_size = ((SST_BLOCK_SIZE - block_meta.data_start)
+ - block_meta.free_size);
err = sst_flash_block_to_block_move(scratch_metablock,
block_meta.data_start,
@@ -1025,7 +1026,11 @@
block_meta.data_start = SST_ALL_METADATA_SIZE;
block_meta.free_size = (SST_BLOCK_SIZE - block_meta.data_start);
block_meta.phy_id = SST_METADATA_BLOCK0;
- sst_mblock_update_scratch_block_meta(SST_LOGICAL_DBLOCK0, &block_meta);
+ err = sst_mblock_update_scratch_block_meta(SST_LOGICAL_DBLOCK0,
+ &block_meta);
+ if (err != PSA_PS_SUCCESS) {
+ return err;
+ }
/* Fill the block metadata for the dedicated datablocks, which have logical
* ids beginning from 1 and physical ids initially beginning from
diff --git a/secure_fw/services/secure_storage/sst_object_system.c b/secure_fw/services/secure_storage/sst_object_system.c
index 99e2713..9e19230 100644
--- a/secure_fw/services/secure_storage/sst_object_system.c
+++ b/secure_fw/services/secure_storage/sst_object_system.c
@@ -24,9 +24,11 @@
/* Set to 1 once sst_system_prepare has been called */
static uint8_t sst_system_ready = SST_SYSTEM_NOT_READY;
+#ifndef SST_ENCRYPTION
/* Gets the size of object written to the object system below */
#define SST_OBJECT_SIZE(max_size) (SST_OBJECT_HEADER_SIZE + (max_size))
#define SST_OBJECT_START_POSITION 0
+#endif /* SST_ENCRYPTION */
/* Allocate static variables to process objects */
static struct sst_object_t g_sst_object;
diff --git a/secure_fw/services/secure_storage/sst_object_table.c b/secure_fw/services/secure_storage/sst_object_table.c
index ab3119e..c85a86b 100644
--- a/secure_fw/services/secure_storage/sst_object_table.c
+++ b/secure_fw/services/secure_storage/sst_object_table.c
@@ -7,6 +7,8 @@
#include "sst_object_table.h"
+#include <stddef.h>
+
#include "cmsis_compiler.h"
#include "crypto/sst_crypto_interface.h"
#include "flash/sst_flash.h"
@@ -135,20 +137,12 @@
/* Object table entry size */
#define SST_OBJECTS_TABLE_ENTRY_SIZE sizeof(struct sst_obj_table_entry_t)
-/* Size of object table without any entries in it */
-#define SST_EMPTY_OBJ_TABLE_SIZE \
- (SST_OBJ_TABLE_SIZE - (SST_NUM_ASSETS * SST_OBJECTS_TABLE_ENTRY_SIZE))
-
/* Size of the data that is not required to authenticate */
#define SST_NON_AUTH_OBJ_TABLE_SIZE sizeof(union sst_crypto_t)
/* Start position to store the object table data in the FS object */
#define SST_OBJECT_TABLE_OBJECT_OFFSET 0
-/* Defines an object table with empty content */
-#define SST_OBJECT_TABLE_EMPTY_SIZE 0
-#define SST_OBJECT_TABLE_EMPTY NULL
-
/* The associated data is the header minus the crypto data */
#define SST_CRYPTO_ASSOCIATED_DATA(crypto) ((uint8_t *)crypto + \
SST_NON_AUTH_OBJ_TABLE_SIZE)
@@ -199,7 +193,7 @@
* \brief Object table init context structure.
*/
struct sst_obj_table_init_ctx_t {
- struct sst_obj_table_t *p_table[SST_NUM_OBJ_TABLES]; /*!< Pointer to
+ struct sst_obj_table_t *p_table[SST_NUM_OBJ_TABLES]; /*!< Pointers to
* object tables
*/
enum sst_obj_table_state table_state[SST_NUM_OBJ_TABLES]; /*!< Array to
@@ -858,8 +852,12 @@
{
psa_ps_status_t err;
struct sst_obj_table_init_ctx_t init_ctx = {
- .p_table = {&sst_obj_table_ctx.obj_table, 0},
- .table_state = {0, 0}
+ .p_table = {&sst_obj_table_ctx.obj_table, NULL},
+ .table_state = {SST_OBJ_TABLE_VALID, SST_OBJ_TABLE_VALID},
+#ifdef SST_ROLLBACK_PROTECTION
+ .nvc_1 = 0U,
+ .nvc_3 = 0U,
+#endif /* SST_ROLLBACK_PROTECTION */
};
init_ctx.p_table[SST_OBJ_TABLE_IDX_1] = (struct sst_obj_table_t *)obj_data;
@@ -976,7 +974,15 @@
psa_ps_status_t err;
uint32_t idx = 0;
uint32_t backup_idx = 0;
- struct sst_obj_table_entry_t backup_entry;
+ struct sst_obj_table_entry_t backup_entry = {
+#ifdef SST_ENCRYPTION
+ .tag = {0U},
+#else
+ .version = 0U,
+#endif /* SST_ENCRYPTION */
+ .uid = TFM_SST_INVALID_UID,
+ .client_id = 0,
+ };
struct sst_obj_table_t *p_table = &sst_obj_table_ctx.obj_table;
err = sst_get_object_entry_idx(uid, client_id, &backup_idx);
@@ -1006,10 +1012,12 @@
err = sst_object_table_save_table(p_table);
if (err != PSA_PS_SUCCESS) {
- /* Rollback the change in the table */
- sst_utils_memcpy((uint8_t *)&p_table->obj_db[backup_idx],
- (const uint8_t *)&backup_entry,
- SST_OBJECTS_TABLE_ENTRY_SIZE);
+ if (backup_entry.uid != TFM_SST_INVALID_UID) {
+ /* Rollback the change in the table */
+ sst_utils_memcpy((uint8_t *)&p_table->obj_db[backup_idx],
+ (const uint8_t *)&backup_entry,
+ SST_OBJECTS_TABLE_ENTRY_SIZE);
+ }
sst_table_delete_entry(idx);
}
diff --git a/secure_fw/services/secure_storage/tfm_protected_storage.c b/secure_fw/services/secure_storage/tfm_protected_storage.c
index 89434cc..64162c3 100644
--- a/secure_fw/services/secure_storage/tfm_protected_storage.c
+++ b/secure_fw/services/secure_storage/tfm_protected_storage.c
@@ -31,6 +31,9 @@
* layout in that area.
*/
err = sst_system_wipe_all();
+ if (err != PSA_PS_SUCCESS) {
+ return err;
+ }
/* Attempt to initialise again */
err = sst_system_prepare();
diff --git a/secure_fw/services/secure_storage/tfm_sst_secure_api.c b/secure_fw/services/secure_storage/tfm_sst_secure_api.c
index 17a63d6..905767e 100644
--- a/secure_fw/services/secure_storage/tfm_sst_secure_api.c
+++ b/secure_fw/services/secure_storage/tfm_sst_secure_api.c
@@ -119,7 +119,10 @@
psa_ps_status_t psa_ps_create(psa_ps_uid_t uid, uint32_t size,
psa_ps_create_flags_t create_flags)
{
- (void)uid, (void)size, (void)create_flags;
+ (void)uid;
+ (void)size;
+ (void)create_flags;
+
return PSA_PS_ERROR_NOT_SUPPORTED;
}
@@ -127,7 +130,11 @@
psa_ps_status_t psa_ps_set_extended(psa_ps_uid_t uid, uint32_t data_offset,
uint32_t data_length, const void *p_data)
{
- (void)uid, (void)data_offset, (void)data_length, (void)p_data;
+ (void)uid;
+ (void)data_offset;
+ (void)data_length;
+ (void)p_data;
+
return PSA_PS_ERROR_NOT_SUPPORTED;
}