Add protected-storage and internal-trusted-storage deployments
Adds SP deployments for protected-storage and
internal-trusted-storage, replacing the secure-storage deployment.
Includes service-level tests based on PSA ITS and PS APIs.
Amended to fix discovery bugs of storage sp from another sp.
Signed-off-by: Julian Hall <julian.hall@arm.com>
Change-Id: Ia1a8b6b1b694f00034c69b6d03018faa4b2588e6
diff --git a/deployments/component-test/component-test.cmake b/deployments/component-test/component-test.cmake
index 130d82b..99a8114 100644
--- a/deployments/component-test/component-test.cmake
+++ b/deployments/component-test/component-test.cmake
@@ -36,6 +36,8 @@
"components/service/locator/test"
"components/service/locator/standalone"
"components/service/locator/standalone/services/crypto"
+ "components/service/locator/standalone/services/internal-trusted-storage"
+ "components/service/locator/standalone/services/protected-storage"
"components/service/locator/standalone/services/test-runner"
"components/service/crypto/client/cpp"
"components/service/crypto/client/cpp/protobuf"
@@ -57,6 +59,7 @@
"components/service/secure_storage/frontend/secure_storage_provider"
"components/service/secure_storage/backend/secure_storage_client"
"components/service/secure_storage/backend/secure_storage_client/test"
+ "components/service/secure_storage/backend/null_store"
"components/service/secure_storage/backend/mock_store"
"components/service/secure_storage/backend/mock_store/test"
"components/service/secure_storage/backend/secure_flash_store"
diff --git a/deployments/crypto/opteesp/CMakeLists.txt b/deployments/crypto/opteesp/CMakeLists.txt
index 108223a..f8ed17d 100644
--- a/deployments/crypto/opteesp/CMakeLists.txt
+++ b/deployments/crypto/opteesp/CMakeLists.txt
@@ -42,7 +42,6 @@
"components/rpc/ffarpc/caller/sp"
"components/rpc/common/caller"
"components/rpc/common/interface"
- "components/rpc/dummy"
"components/service/common"
"components/service/common/serializer/protobuf"
"components/service/common/provider"
@@ -52,6 +51,8 @@
"components/service/crypto/provider/serializer/packed-c"
"components/service/secure_storage/frontend/psa/its"
"components/service/secure_storage/backend/secure_storage_client"
+ "components/service/secure_storage/backend/null_store"
+ "components/service/secure_storage/factory/sp/rot_store"
"protocols/rpc/common/packed-c"
"protocols/service/secure_storage/packed-c"
"protocols/service/crypto/protobuf"
diff --git a/deployments/crypto/opteesp/crypto_sp.c b/deployments/crypto/opteesp/crypto_sp.c
index 2512eee..b9c1fb2 100644
--- a/deployments/crypto/opteesp/crypto_sp.c
+++ b/deployments/crypto/opteesp/crypto_sp.c
@@ -3,10 +3,9 @@
* Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.
*/
-#include <rpc/ffarpc/caller/sp/ffarpc_caller.h>
+
#include <rpc/ffarpc/endpoint/ffarpc_call_ep.h>
-#include <rpc/dummy/dummy_caller.h>
-#include <service/secure_storage/backend/secure_storage_client/secure_storage_client.h>
+#include <service/secure_storage/factory/storage_factory.h>
#include <service/crypto/provider/mbedcrypto/crypto_provider.h>
#include <service/crypto/provider/serializer/protobuf/pb_crypto_provider_serializer.h>
#include <service/crypto/provider/serializer/packed-c/packedc_crypto_provider_serializer.h>
@@ -19,12 +18,7 @@
#include <trace.h>
-#define SP_STORAGE_UUID_BYTES \
- { 0xdc, 0x1e, 0xef, 0x48, 0xb1, 0x7a, 0x4c, 0xcf, \
- 0xac, 0x8b, 0xdf, 0xcf, 0xf7, 0x71, 0x1b, 0x14, }
-
uint16_t own_id = 0; /* !!Needs refactoring as parameter to ffarpc_caller_init */
-static const uint8_t storage_uuid[] = SP_STORAGE_UUID_BYTES;
static int sp_init(uint16_t *own_sp_id);
@@ -34,38 +28,21 @@
struct mbed_crypto_provider crypto_provider;
struct ffa_call_ep ffarpc_call_ep;
struct rpc_interface *crypto_iface;
- struct ffarpc_caller ffarpc_caller;
- struct dummy_caller dummy_caller;
- struct rpc_caller *storage_caller;
struct ffa_direct_msg req_msg;
- uint16_t storage_sp_ids[1];
+ struct storage_backend *storage_backend;
- /* Boot */
- (void) init_info;
-
+ /* Boot phase */
if (sp_init(&own_id) != 0) goto fatal_error;
config_ramstore_init();
sp_config_load(init_info);
- /* Establish RPC session with secure storage SP */
- storage_caller = ffarpc_caller_init(&ffarpc_caller);
-
- if (!ffarpc_caller_discover(storage_uuid, storage_sp_ids,
- sizeof(storage_sp_ids)/sizeof(uint16_t)) ||
- ffarpc_caller_open(&ffarpc_caller, storage_sp_ids[0], 0)) {
- /*
- * Failed to establish session. To allow the crypto service
- * to still be initialized, albeit with no persistent storage,
- * initialise a dummy_caller that will safely
- * handle rpc requests but will report an error.
- */
- storage_caller = dummy_caller_init(&dummy_caller,
- TS_RPC_CALL_ACCEPTED, PSA_ERROR_STORAGE_FAILURE);
- }
+ /* Create a storage backend for persistent key storage - prefer ITS */
+ storage_backend = storage_factory_create(storage_factory_security_class_INTERNAL_TRUSTED);
+ if (!storage_backend) goto fatal_error;
/* Initialize the crypto service */
- crypto_iface = mbed_crypto_provider_init(&crypto_provider, storage_caller, 0);
+ crypto_iface = mbed_crypto_provider_init(&crypto_provider, storage_backend, 0);
mbed_crypto_provider_register_serializer(&crypto_provider,
TS_RPC_ENCODING_PROTOBUF, pb_crypto_provider_serializer_instance());
diff --git a/deployments/secure-storage/opteesp/.gitignore b/deployments/internal-trusted-storage/opteesp/.gitignore
similarity index 100%
rename from deployments/secure-storage/opteesp/.gitignore
rename to deployments/internal-trusted-storage/opteesp/.gitignore
diff --git a/deployments/secure-storage/opteesp/CMakeLists.txt b/deployments/internal-trusted-storage/opteesp/CMakeLists.txt
similarity index 70%
rename from deployments/secure-storage/opteesp/CMakeLists.txt
rename to deployments/internal-trusted-storage/opteesp/CMakeLists.txt
index 4bcbd17..af0d932 100644
--- a/deployments/secure-storage/opteesp/CMakeLists.txt
+++ b/deployments/internal-trusted-storage/opteesp/CMakeLists.txt
@@ -8,15 +8,15 @@
include(../../deployment.cmake REQUIRED)
#-------------------------------------------------------------------------------
-# The CMakeLists.txt for building the secure-storage deployment for opteesp
+# The CMakeLists.txt for building the internal-trusted-storage deployment for opteesp
#
# Builds the secure storage service provider for running in an SEL0 secure
# partition hosted by OPTEE in the role of SPM.
#-------------------------------------------------------------------------------
include(${TS_ROOT}/environments/opteesp/env.cmake)
project(trusted-services LANGUAGES C ASM)
-add_executable(secure-storage)
-target_include_directories(secure-storage PRIVATE "${TOP_LEVEL_INCLUDE_DIRS}")
+add_executable(internal-trusted-storage)
+target_include_directories(internal-trusted-storage PRIVATE "${TOP_LEVEL_INCLUDE_DIRS}")
set(SP_UUID "dc1eef48-b17a-4ccf-ac8b-dfcff7711b14")
@@ -25,10 +25,10 @@
list(APPEND CMAKE_MODULE_PATH "${TS_ROOT}/external/Spdevkit")
find_package(Spdevkit COMPONENTS SP_HEADER interface)
-sp_dev_kit_configure_linking(TARGET secure-storage DEFINES ARM64=1)
-target_link_libraries(secure-storage ${SP_DEV_KIT_LIBRARIES})
+sp_dev_kit_configure_linking(TARGET internal-trusted-storage DEFINES ARM64=1)
+target_link_libraries(internal-trusted-storage ${SP_DEV_KIT_LIBRARIES})
-add_components(TARGET "secure-storage"
+add_components(TARGET "internal-trusted-storage"
BASE_DIR ${TS_ROOT}
COMPONENTS
components/messaging/ffa/libsp
@@ -40,27 +40,28 @@
components/service/secure_storage/backend/secure_flash_store
components/service/secure_storage/backend/secure_flash_store/flash_fs
components/service/secure_storage/backend/secure_flash_store/flash
+ components/service/secure_storage/factory/common/sfs
protocols/rpc/common/packed-c
protocols/service/secure_storage/packed-c
environments/opteesp
)
-target_sources(secure-storage PRIVATE
+target_sources(internal-trusted-storage PRIVATE
sp.c
)
-target_compile_definitions(secure-storage PRIVATE
+target_compile_definitions(internal-trusted-storage PRIVATE
ARM64=1
)
-target_include_directories(secure-storage PRIVATE
+target_include_directories(internal-trusted-storage PRIVATE
${TS_ROOT}
${TS_ROOT}/components
- ${TS_ROOT}/deployments/secure-storage/opteesp
+ ${TS_ROOT}/deployments/internal-trusted-storage/opteesp
)
if(CMAKE_C_COMPILER_ID STREQUAL "GNU")
- target_compile_options(secure-storage PRIVATE
+ target_compile_options(internal-trusted-storage PRIVATE
-fdiagnostics-show-option
-fpic
-gdwarf-2
@@ -70,7 +71,7 @@
)
# Options for GCC that control linking
- target_link_options(secure-storage PRIVATE
+ target_link_options(internal-trusted-storage PRIVATE
-e __sp_entry
-fno-lto
-nostdlib
@@ -78,25 +79,25 @@
-zmax-page-size=4096
)
# Options directly for LD, these are not understood by GCC
- target_link_options(secure-storage PRIVATE
+ target_link_options(internal-trusted-storage PRIVATE
-Wl,--as-needed
-Wl,--sort-section=alignment
# -Wl,--dynamic-list ${CMAKE_CURRENT_LIST_DIR}/dyn_list
)
endif()
-compiler_generate_stripped_elf(TARGET secure-storage NAME "${SP_UUID}.stripped.elf" RES STRIPPED_ELF)
+compiler_generate_stripped_elf(TARGET internal-trusted-storage NAME "${SP_UUID}.stripped.elf" RES STRIPPED_ELF)
######################################## install
if (CMAKE_INSTALL_PREFIX_INITIALIZED_TO_DEFAULT)
set(CMAKE_INSTALL_PREFIX ${CMAKE_BINARY_DIR}/install CACHE PATH "location to install build output to." FORCE)
endif()
-install(TARGETS secure-storage
+install(TARGETS internal-trusted-storage
PUBLIC_HEADER DESTINATION ${TS_ENV}/include
RUNTIME DESTINATION ${TS_ENV}/bin
)
install(FILES ${STRIPPED_ELF} DESTINATION ${TS_ENV}/bin)
-set(EXPORT_SP_NAME "secure-storage")
+set(EXPORT_SP_NAME "internal-trusted-storage")
set(EXPORT_SP_UUID ${SP_UUID})
include(${TS_ROOT}/environments/opteesp/ExportSp.cmake)
diff --git a/deployments/secure-storage/opteesp/default_secure-storage.dts.in b/deployments/internal-trusted-storage/opteesp/default_internal-trusted-storage.dts.in
similarity index 92%
rename from deployments/secure-storage/opteesp/default_secure-storage.dts.in
rename to deployments/internal-trusted-storage/opteesp/default_internal-trusted-storage.dts.in
index 1a8d6a3..3ce8dd6 100644
--- a/deployments/secure-storage/opteesp/default_secure-storage.dts.in
+++ b/deployments/internal-trusted-storage/opteesp/default_internal-trusted-storage.dts.in
@@ -10,7 +10,7 @@
compatible = "arm,ffa-manifest-1.0";
ffa-version = <0x00010000>; /* 31:16 - Major, 15:0 - Minor */
uuid = <@EXPORT_SP_UUID_DT@>;
- description = "Secure Storage";
+ description = "ITS";
execution-ctx-count = <1>;
exception-level = <1>; /* S-EL0 */
execution-state = <0>; /* AArch64 */
diff --git a/deployments/secure-storage/opteesp/optee_sp_user_defines.h b/deployments/internal-trusted-storage/opteesp/optee_sp_user_defines.h
similarity index 100%
copy from deployments/secure-storage/opteesp/optee_sp_user_defines.h
copy to deployments/internal-trusted-storage/opteesp/optee_sp_user_defines.h
diff --git a/deployments/secure-storage/opteesp/sp.c b/deployments/internal-trusted-storage/opteesp/sp.c
similarity index 91%
rename from deployments/secure-storage/opteesp/sp.c
rename to deployments/internal-trusted-storage/opteesp/sp.c
index c3bc94a..626c2d4 100644
--- a/deployments/secure-storage/opteesp/sp.c
+++ b/deployments/internal-trusted-storage/opteesp/sp.c
@@ -8,7 +8,7 @@
#include <ffa_api.h>
#include <components/rpc/common/endpoint/rpc_interface.h>
#include <components/rpc/ffarpc/endpoint/ffarpc_call_ep.h>
-#include <components/service/secure_storage/backend/secure_flash_store/secure_flash_store.h>
+#include <components/service/secure_storage/factory/storage_factory.h>
#include <components/service/secure_storage/frontend/secure_storage_provider/secure_storage_provider.h>
#include <sp_api.h>
#include <sp_rxtx.h>
@@ -42,7 +42,7 @@
EMSG("rxtx map error: %d", sp_res);
}
- storage_backend = sfs_init();
+ storage_backend = storage_factory_create(storage_factory_security_class_INTERNAL_TRUSTED);
secure_storage_iface = secure_storage_provider_init(&secure_storage_provider, storage_backend);
ffa_call_ep_init(&ffa_call_ep, secure_storage_iface);
diff --git a/deployments/secure-storage/opteesp/sp.h b/deployments/internal-trusted-storage/opteesp/sp.h
similarity index 73%
rename from deployments/secure-storage/opteesp/sp.h
rename to deployments/internal-trusted-storage/opteesp/sp.h
index 299c95e..5aa76c3 100644
--- a/deployments/secure-storage/opteesp/sp.h
+++ b/deployments/internal-trusted-storage/opteesp/sp.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,6 +7,7 @@
#ifndef SP_H
#define SP_H
+/* UUID for the Internal Trusted Store */
#define OPTEE_SP_UUID \
{ 0xdc1eef48, 0xb17a, 0x4ccf, \
{ 0xac, 0x8b, 0xdf, 0xcf, 0xf7, 0x71, 0x1b, 0x14 } }
diff --git a/deployments/libts/linux-pc/CMakeLists.txt b/deployments/libts/linux-pc/CMakeLists.txt
index 3378ee3..9beecac 100644
--- a/deployments/libts/linux-pc/CMakeLists.txt
+++ b/deployments/libts/linux-pc/CMakeLists.txt
@@ -36,6 +36,8 @@
"components/service/common/provider"
"components/service/locator/standalone"
"components/service/locator/standalone/services/crypto"
+ "components/service/locator/standalone/services/internal-trusted-storage"
+ "components/service/locator/standalone/services/protected-storage"
"components/service/locator/standalone/services/test-runner"
"components/service/crypto/provider/mbedcrypto"
"components/service/crypto/provider/mbedcrypto/trng_adapter/linux"
@@ -44,9 +46,8 @@
"components/service/secure_storage/frontend/psa/its"
"components/service/secure_storage/frontend/secure_storage_provider"
"components/service/secure_storage/backend/secure_storage_client"
- "components/service/secure_storage/backend/secure_flash_store"
- "components/service/secure_storage/backend/secure_flash_store/flash_fs"
- "components/service/secure_storage/backend/secure_flash_store/flash"
+ "components/service/secure_storage/backend/mock_store"
+ "components/service/secure_storage/backend/null_store"
"components/service/test_runner/provider"
"components/service/test_runner/provider/serializer/packed-c"
"components/service/test_runner/provider/backend/mock"
@@ -92,6 +93,13 @@
COMPONENTS
"components/app/test-runner"
"components/common/tlv"
+ "components/service/common"
+ "components/service/secure_storage/test/service"
+ "components/service/secure_storage/frontend/psa/its"
+ "components/service/secure_storage/frontend/psa/its/test"
+ "components/service/secure_storage/frontend/psa/ps"
+ "components/service/secure_storage/frontend/psa/ps/test"
+ "components/service/secure_storage/backend/secure_storage_client"
"components/service/crypto/test/service"
"components/service/crypto/test/service/protobuf"
"components/service/crypto/test/service/packed-c"
diff --git a/deployments/secure-storage/opteesp/CMakeLists.txt b/deployments/protected-storage/opteesp/CMakeLists.txt
similarity index 65%
copy from deployments/secure-storage/opteesp/CMakeLists.txt
copy to deployments/protected-storage/opteesp/CMakeLists.txt
index 4bcbd17..c4f0fd5 100644
--- a/deployments/secure-storage/opteesp/CMakeLists.txt
+++ b/deployments/protected-storage/opteesp/CMakeLists.txt
@@ -8,16 +8,16 @@
include(../../deployment.cmake REQUIRED)
#-------------------------------------------------------------------------------
-# The CMakeLists.txt for building the secure-storage deployment for opteesp
+# The CMakeLists.txt for building the protected-storage deployment for opteesp
#
# Builds the secure storage service provider for running in an SEL0 secure
# partition hosted by OPTEE in the role of SPM.
#-------------------------------------------------------------------------------
include(${TS_ROOT}/environments/opteesp/env.cmake)
project(trusted-services LANGUAGES C ASM)
-add_executable(secure-storage)
-target_include_directories(secure-storage PRIVATE "${TOP_LEVEL_INCLUDE_DIRS}")
-set(SP_UUID "dc1eef48-b17a-4ccf-ac8b-dfcff7711b14")
+add_executable(protected-storage)
+target_include_directories(protected-storage PRIVATE "${TOP_LEVEL_INCLUDE_DIRS}")
+set(SP_UUID "751bf801-3dde-4768-a514-0f10aeed1790")
# Include SP DEV KIT interface
@@ -25,42 +25,44 @@
list(APPEND CMAKE_MODULE_PATH "${TS_ROOT}/external/Spdevkit")
find_package(Spdevkit COMPONENTS SP_HEADER interface)
-sp_dev_kit_configure_linking(TARGET secure-storage DEFINES ARM64=1)
-target_link_libraries(secure-storage ${SP_DEV_KIT_LIBRARIES})
+sp_dev_kit_configure_linking(TARGET protected-storage DEFINES ARM64=1)
+target_link_libraries(protected-storage ${SP_DEV_KIT_LIBRARIES})
-add_components(TARGET "secure-storage"
+add_components(TARGET "protected-storage"
BASE_DIR ${TS_ROOT}
COMPONENTS
components/messaging/ffa/libsp
components/rpc/ffarpc/endpoint
components/rpc/common/interface
+ components/rpc/ffarpc/caller/sp
+ components/rpc/common/caller
components/service/common
components/service/common/provider
components/service/secure_storage/frontend/secure_storage_provider
- components/service/secure_storage/backend/secure_flash_store
- components/service/secure_storage/backend/secure_flash_store/flash_fs
- components/service/secure_storage/backend/secure_flash_store/flash
+ components/service/secure_storage/backend/secure_storage_client
+ components/service/secure_storage/backend/null_store
+ components/service/secure_storage/factory/sp/optee_trusted_store
protocols/rpc/common/packed-c
protocols/service/secure_storage/packed-c
environments/opteesp
)
-target_sources(secure-storage PRIVATE
+target_sources(protected-storage PRIVATE
sp.c
)
-target_compile_definitions(secure-storage PRIVATE
+target_compile_definitions(protected-storage PRIVATE
ARM64=1
)
-target_include_directories(secure-storage PRIVATE
+target_include_directories(protected-storage PRIVATE
${TS_ROOT}
${TS_ROOT}/components
- ${TS_ROOT}/deployments/secure-storage/opteesp
+ ${TS_ROOT}/deployments/protected-storage/opteesp
)
if(CMAKE_C_COMPILER_ID STREQUAL "GNU")
- target_compile_options(secure-storage PRIVATE
+ target_compile_options(protected-storage PRIVATE
-fdiagnostics-show-option
-fpic
-gdwarf-2
@@ -70,7 +72,7 @@
)
# Options for GCC that control linking
- target_link_options(secure-storage PRIVATE
+ target_link_options(protected-storage PRIVATE
-e __sp_entry
-fno-lto
-nostdlib
@@ -78,25 +80,25 @@
-zmax-page-size=4096
)
# Options directly for LD, these are not understood by GCC
- target_link_options(secure-storage PRIVATE
+ target_link_options(protected-storage PRIVATE
-Wl,--as-needed
-Wl,--sort-section=alignment
# -Wl,--dynamic-list ${CMAKE_CURRENT_LIST_DIR}/dyn_list
)
endif()
-compiler_generate_stripped_elf(TARGET secure-storage NAME "${SP_UUID}.stripped.elf" RES STRIPPED_ELF)
+compiler_generate_stripped_elf(TARGET protected-storage NAME "${SP_UUID}.stripped.elf" RES STRIPPED_ELF)
######################################## install
if (CMAKE_INSTALL_PREFIX_INITIALIZED_TO_DEFAULT)
set(CMAKE_INSTALL_PREFIX ${CMAKE_BINARY_DIR}/install CACHE PATH "location to install build output to." FORCE)
endif()
-install(TARGETS secure-storage
+install(TARGETS protected-storage
PUBLIC_HEADER DESTINATION ${TS_ENV}/include
RUNTIME DESTINATION ${TS_ENV}/bin
)
install(FILES ${STRIPPED_ELF} DESTINATION ${TS_ENV}/bin)
-set(EXPORT_SP_NAME "secure-storage")
+set(EXPORT_SP_NAME "protected-storage")
set(EXPORT_SP_UUID ${SP_UUID})
include(${TS_ROOT}/environments/opteesp/ExportSp.cmake)
diff --git a/deployments/secure-storage/opteesp/default_secure-storage.dts.in b/deployments/protected-storage/opteesp/default_protected-storage.dts.in
similarity index 92%
copy from deployments/secure-storage/opteesp/default_secure-storage.dts.in
copy to deployments/protected-storage/opteesp/default_protected-storage.dts.in
index 1a8d6a3..1047a4c 100644
--- a/deployments/secure-storage/opteesp/default_secure-storage.dts.in
+++ b/deployments/protected-storage/opteesp/default_protected-storage.dts.in
@@ -10,7 +10,7 @@
compatible = "arm,ffa-manifest-1.0";
ffa-version = <0x00010000>; /* 31:16 - Major, 15:0 - Minor */
uuid = <@EXPORT_SP_UUID_DT@>;
- description = "Secure Storage";
+ description = "PS";
execution-ctx-count = <1>;
exception-level = <1>; /* S-EL0 */
execution-state = <0>; /* AArch64 */
diff --git a/deployments/secure-storage/opteesp/optee_sp_user_defines.h b/deployments/protected-storage/opteesp/optee_sp_user_defines.h
similarity index 100%
rename from deployments/secure-storage/opteesp/optee_sp_user_defines.h
rename to deployments/protected-storage/opteesp/optee_sp_user_defines.h
diff --git a/deployments/secure-storage/opteesp/sp.c b/deployments/protected-storage/opteesp/sp.c
similarity index 91%
copy from deployments/secure-storage/opteesp/sp.c
copy to deployments/protected-storage/opteesp/sp.c
index c3bc94a..3bf3f1d 100644
--- a/deployments/secure-storage/opteesp/sp.c
+++ b/deployments/protected-storage/opteesp/sp.c
@@ -8,7 +8,7 @@
#include <ffa_api.h>
#include <components/rpc/common/endpoint/rpc_interface.h>
#include <components/rpc/ffarpc/endpoint/ffarpc_call_ep.h>
-#include <components/service/secure_storage/backend/secure_flash_store/secure_flash_store.h>
+#include <components/service/secure_storage/factory/storage_factory.h>
#include <components/service/secure_storage/frontend/secure_storage_provider/secure_storage_provider.h>
#include <sp_api.h>
#include <sp_rxtx.h>
@@ -42,7 +42,7 @@
EMSG("rxtx map error: %d", sp_res);
}
- storage_backend = sfs_init();
+ storage_backend = storage_factory_create(storage_factory_security_class_PROTECTED);
secure_storage_iface = secure_storage_provider_init(&secure_storage_provider, storage_backend);
ffa_call_ep_init(&ffa_call_ep, secure_storage_iface);
diff --git a/deployments/protected-storage/opteesp/sp.h b/deployments/protected-storage/opteesp/sp.h
new file mode 100644
index 0000000..3bb4484
--- /dev/null
+++ b/deployments/protected-storage/opteesp/sp.h
@@ -0,0 +1,19 @@
+/*
+ * Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef SP_H
+#define SP_H
+
+/* UUID for the Protected Store */
+#define OPTEE_SP_UUID \
+ { 0x751bf801, 0x3dde, 0x4768, \
+ { 0xa5, 0x14, 0x0f, 0x10, 0xae, 0xed, 0x17, 0x90 } }
+
+#define SP_UUID_BYTES \
+ { 0x75, 0x1b, 0xf8, 0x01, 0x3d, 0xde, 0x47, 0x68, \
+ 0xa5, 0x14, 0x0f, 0x10, 0xae, 0xed, 0x17, 0x90 }
+
+#endif /* SP_H */
diff --git a/deployments/ts-service-test/ts-service-test.cmake b/deployments/ts-service-test/ts-service-test.cmake
index 4bd8c71..04b0266 100644
--- a/deployments/ts-service-test/ts-service-test.cmake
+++ b/deployments/ts-service-test/ts-service-test.cmake
@@ -28,6 +28,7 @@
BASE_DIR ${TS_ROOT}
COMPONENTS
"components/common/tlv"
+ "components/service/common"
"components/service/crypto/test/service"
"components/service/crypto/test/service/protobuf"
"components/service/crypto/test/service/packed-c"
@@ -37,6 +38,12 @@
"components/service/common/serializer/protobuf"
"protocols/service/crypto/protobuf"
"protocols/service/crypto/packed-c"
+ "components/service/secure_storage/test/service"
+ "components/service/secure_storage/frontend/psa/its"
+ "components/service/secure_storage/frontend/psa/its/test"
+ "components/service/secure_storage/frontend/psa/ps"
+ "components/service/secure_storage/frontend/psa/ps/test"
+ "components/service/secure_storage/backend/secure_storage_client"
)
#-------------------------------------------------------------------------------