Add protected-storage and internal-trusted-storage deployments
Adds SP deployments for protected-storage and
internal-trusted-storage, replacing the secure-storage deployment.
Includes service-level tests based on PSA ITS and PS APIs.
Amended to fix discovery bugs of storage sp from another sp.
Signed-off-by: Julian Hall <julian.hall@arm.com>
Change-Id: Ia1a8b6b1b694f00034c69b6d03018faa4b2588e6
diff --git a/deployments/protected-storage/opteesp/CMakeLists.txt b/deployments/protected-storage/opteesp/CMakeLists.txt
new file mode 100644
index 0000000..c4f0fd5
--- /dev/null
+++ b/deployments/protected-storage/opteesp/CMakeLists.txt
@@ -0,0 +1,104 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#-------------------------------------------------------------------------------
+cmake_minimum_required(VERSION 3.16)
+include(../../deployment.cmake REQUIRED)
+
+#-------------------------------------------------------------------------------
+# The CMakeLists.txt for building the protected-storage deployment for opteesp
+#
+# Builds the secure storage service provider for running in an SEL0 secure
+# partition hosted by OPTEE in the role of SPM.
+#-------------------------------------------------------------------------------
+include(${TS_ROOT}/environments/opteesp/env.cmake)
+project(trusted-services LANGUAGES C ASM)
+add_executable(protected-storage)
+target_include_directories(protected-storage PRIVATE "${TOP_LEVEL_INCLUDE_DIRS}")
+set(SP_UUID "751bf801-3dde-4768-a514-0f10aeed1790")
+
+
+# Include SP DEV KIT interface
+set(SP_DEV_KIT_INC_DIR ${CMAKE_CURRENT_LIST_DIR})
+list(APPEND CMAKE_MODULE_PATH "${TS_ROOT}/external/Spdevkit")
+find_package(Spdevkit COMPONENTS SP_HEADER interface)
+
+sp_dev_kit_configure_linking(TARGET protected-storage DEFINES ARM64=1)
+target_link_libraries(protected-storage ${SP_DEV_KIT_LIBRARIES})
+
+add_components(TARGET "protected-storage"
+ BASE_DIR ${TS_ROOT}
+ COMPONENTS
+ components/messaging/ffa/libsp
+ components/rpc/ffarpc/endpoint
+ components/rpc/common/interface
+ components/rpc/ffarpc/caller/sp
+ components/rpc/common/caller
+ components/service/common
+ components/service/common/provider
+ components/service/secure_storage/frontend/secure_storage_provider
+ components/service/secure_storage/backend/secure_storage_client
+ components/service/secure_storage/backend/null_store
+ components/service/secure_storage/factory/sp/optee_trusted_store
+ protocols/rpc/common/packed-c
+ protocols/service/secure_storage/packed-c
+ environments/opteesp
+)
+
+target_sources(protected-storage PRIVATE
+ sp.c
+)
+
+target_compile_definitions(protected-storage PRIVATE
+ ARM64=1
+)
+
+target_include_directories(protected-storage PRIVATE
+ ${TS_ROOT}
+ ${TS_ROOT}/components
+ ${TS_ROOT}/deployments/protected-storage/opteesp
+)
+
+if(CMAKE_C_COMPILER_ID STREQUAL "GNU")
+ target_compile_options(protected-storage PRIVATE
+ -fdiagnostics-show-option
+ -fpic
+ -gdwarf-2
+ -mstrict-align
+ -O0
+ -std=gnu99
+ )
+
+ # Options for GCC that control linking
+ target_link_options(protected-storage PRIVATE
+ -e __sp_entry
+ -fno-lto
+ -nostdlib
+ -pie
+ -zmax-page-size=4096
+ )
+ # Options directly for LD, these are not understood by GCC
+ target_link_options(protected-storage PRIVATE
+ -Wl,--as-needed
+ -Wl,--sort-section=alignment
+ # -Wl,--dynamic-list ${CMAKE_CURRENT_LIST_DIR}/dyn_list
+ )
+endif()
+
+compiler_generate_stripped_elf(TARGET protected-storage NAME "${SP_UUID}.stripped.elf" RES STRIPPED_ELF)
+
+######################################## install
+if (CMAKE_INSTALL_PREFIX_INITIALIZED_TO_DEFAULT)
+ set(CMAKE_INSTALL_PREFIX ${CMAKE_BINARY_DIR}/install CACHE PATH "location to install build output to." FORCE)
+endif()
+install(TARGETS protected-storage
+ PUBLIC_HEADER DESTINATION ${TS_ENV}/include
+ RUNTIME DESTINATION ${TS_ENV}/bin
+ )
+install(FILES ${STRIPPED_ELF} DESTINATION ${TS_ENV}/bin)
+
+set(EXPORT_SP_NAME "protected-storage")
+set(EXPORT_SP_UUID ${SP_UUID})
+include(${TS_ROOT}/environments/opteesp/ExportSp.cmake)
diff --git a/deployments/protected-storage/opteesp/default_protected-storage.dts.in b/deployments/protected-storage/opteesp/default_protected-storage.dts.in
new file mode 100644
index 0000000..1047a4c
--- /dev/null
+++ b/deployments/protected-storage/opteesp/default_protected-storage.dts.in
@@ -0,0 +1,19 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+@DTS_TAG@
+
+@DTS_NODE@ {
+ compatible = "arm,ffa-manifest-1.0";
+ ffa-version = <0x00010000>; /* 31:16 - Major, 15:0 - Minor */
+ uuid = <@EXPORT_SP_UUID_DT@>;
+ description = "PS";
+ execution-ctx-count = <1>;
+ exception-level = <1>; /* S-EL0 */
+ execution-state = <0>; /* AArch64 */
+ xlat-granule = <0>; /* 4KiB */
+ messaging-method = <0>; /* Direct messaging only */
+};
diff --git a/deployments/protected-storage/opteesp/optee_sp_user_defines.h b/deployments/protected-storage/opteesp/optee_sp_user_defines.h
new file mode 100644
index 0000000..e773055
--- /dev/null
+++ b/deployments/protected-storage/opteesp/optee_sp_user_defines.h
@@ -0,0 +1,21 @@
+/*
+ * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef SP_HEADER_DEFINES_H
+#define SP_HEADER_DEFINES_H
+
+/* To get UUID definition */
+#include "sp.h"
+
+#define OPTEE_SP_FLAGS 0
+
+/* Provisioned stack size */
+#define OPTEE_SP_STACK_SIZE (64 * 1024)
+
+/* Provisioned heap size */
+#define OPTEE_SP_HEAP_SIZE (32 * 1024)
+
+#endif /* SP_HEADER_DEFINES_H */
diff --git a/deployments/protected-storage/opteesp/sp.c b/deployments/protected-storage/opteesp/sp.c
new file mode 100644
index 0000000..3bf3f1d
--- /dev/null
+++ b/deployments/protected-storage/opteesp/sp.c
@@ -0,0 +1,67 @@
+/*
+ * Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include "sp.h"
+#include <ffa_api.h>
+#include <components/rpc/common/endpoint/rpc_interface.h>
+#include <components/rpc/ffarpc/endpoint/ffarpc_call_ep.h>
+#include <components/service/secure_storage/factory/storage_factory.h>
+#include <components/service/secure_storage/frontend/secure_storage_provider/secure_storage_provider.h>
+#include <sp_api.h>
+#include <sp_rxtx.h>
+#include <trace.h>
+
+uint16_t own_id = 0;
+static uint8_t tx_buffer[4096] __aligned(4096);
+static uint8_t rx_buffer[4096] __aligned(4096);
+
+void sp_main(struct ffa_init_info *init_info)
+{
+ ffa_result ffa_res;
+ sp_result sp_res;
+ struct rpc_interface *secure_storage_iface;
+ struct ffa_call_ep ffa_call_ep;
+ struct ffa_direct_msg req_msg;
+ struct ffa_direct_msg resp_msg;
+ struct secure_storage_provider secure_storage_provider;
+ struct storage_backend *storage_backend;
+
+ /* Boot */
+ (void) init_info;
+
+ ffa_res = ffa_id_get(&own_id);
+ if (ffa_res != FFA_OK) {
+ EMSG("id get error: %d", ffa_res);
+ }
+
+ sp_res = sp_rxtx_buffer_map(tx_buffer, rx_buffer, sizeof(rx_buffer));
+ if (sp_res != SP_RESULT_OK) {
+ EMSG("rxtx map error: %d", sp_res);
+ }
+
+ storage_backend = storage_factory_create(storage_factory_security_class_PROTECTED);
+ secure_storage_iface = secure_storage_provider_init(&secure_storage_provider, storage_backend);
+ ffa_call_ep_init(&ffa_call_ep, secure_storage_iface);
+
+ /* End of boot phase */
+ ffa_msg_wait(&req_msg);
+
+ while (1) {
+ if (req_msg.function_id == FFA_MSG_SEND_DIRECT_REQ_32) {
+ ffa_call_ep_receive(&ffa_call_ep, &req_msg, &resp_msg);
+
+ ffa_msg_send_direct_resp(req_msg.destination_id,
+ req_msg.source_id, resp_msg.args[0], resp_msg.args[1],
+ resp_msg.args[2], resp_msg.args[3], resp_msg.args[4],
+ &req_msg);
+ }
+ }
+}
+
+void sp_interrupt_handler(uint32_t interrupt_id)
+{
+ (void)interrupt_id;
+}
diff --git a/deployments/protected-storage/opteesp/sp.h b/deployments/protected-storage/opteesp/sp.h
new file mode 100644
index 0000000..3bb4484
--- /dev/null
+++ b/deployments/protected-storage/opteesp/sp.h
@@ -0,0 +1,19 @@
+/*
+ * Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef SP_H
+#define SP_H
+
+/* UUID for the Protected Store */
+#define OPTEE_SP_UUID \
+ { 0x751bf801, 0x3dde, 0x4768, \
+ { 0xa5, 0x14, 0x0f, 0x10, 0xae, 0xed, 0x17, 0x90 } }
+
+#define SP_UUID_BYTES \
+ { 0x75, 0x1b, 0xf8, 0x01, 0x3d, 0xde, 0x47, 0x68, \
+ 0xa5, 0x14, 0x0f, 0x10, 0xae, 0xed, 0x17, 0x90 }
+
+#endif /* SP_H */