SST: Add capability to use RAM instead of flash
The execution of SST regression tests reduces the life of the flash
memory as they write/erase multiple times in the memory.
This patch adds the capability to use RAM instead of flash memory
to run SST regression tests.
Change-Id: Ie6eff8e8deebe9f8d58dd13abc5e4a4148cd6994
Signed-off-by: Marc Moreno <marc.morenoberengue@arm.com>
diff --git a/CommonConfig.cmake b/CommonConfig.cmake
index 77ba88e..3ed12bd 100644
--- a/CommonConfig.cmake
+++ b/CommonConfig.cmake
@@ -208,6 +208,14 @@
if (NOT DEFINED SST_ENABLE_PARTIAL_ASSET_RW)
set (SST_ENABLE_PARTIAL_ASSET_RW ON)
endif()
+
+ if (NOT DEFINED SST_RAM_FS)
+ if (REGRESSION)
+ set (SST_RAM_FS ON)
+ else()
+ set (SST_RAM_FS OFF)
+ endif()
+ endif()
endif()
if (NOT DEFINED MBEDTLS_DEBUG)
diff --git a/docs/user_guides/services/tfm_sst_integration_guide.md b/docs/user_guides/services/tfm_sst_integration_guide.md
index 5eab3be..ee26c05 100644
--- a/docs/user_guides/services/tfm_sst_integration_guide.md
+++ b/docs/user_guides/services/tfm_sst_integration_guide.md
@@ -28,7 +28,7 @@
**Access Authentication** - Mechanism to establish requester's identity (a
non-secure entity, secure entity, or a remote server).
-**Access Granularity** - Accces permissions to create, write, read, delete and
+**Access Granularity** - Access permissions to create, write, read, delete and
reference an asset. Certain assets may be required to not be directly accessed
by an authorized client. It that case, the authorized client should be able to
reference the asset via another secure service.
@@ -124,7 +124,7 @@
`sst_asset_management.c` - Contains asset's access policy management code.
-`sst_utils.c` - Contains common and basic functionalities used accross the
+`sst_utils.c` - Contains common and basic functionalities used across the
SST service code.
### Flash Filesystem Interface
@@ -173,7 +173,7 @@
the secure storage service.
`crypto/sst_crypto_interface.c` - Currently, it implements the SST service
-cryptographic operations using mbed TLS library. The system integrator **may**
+cryptographic operations using Mbed TLS library. The system integrator **may**
replace this implementation with calls to another service, crypto library or
hardware crypto unit.
@@ -388,12 +388,12 @@
The reference encryption policy is built on AES-GCM, and it **may** be replaced
by a vendor specific implementation.
The SST service abstracts all the cryptographic requirements and specifies the
-required cryptografic interface in
+required cryptographic interface in
`secure_fw/services/secure_storage/crypto/sst_crypto_interface.h`
Currently, the SST service cryptographic operations are implemented in
`secure_fw/services/secure_storage/crypto/sst_crypto_interface.c`, using
-mbed TLS library.
+Mbed TLS library.
### SST Service Features Flags
@@ -428,6 +428,11 @@
- `SST_ROLLBACK_PROTECTION`: this flag allows to enable/disable rollback
protection in secure storage service. This flag takes effect only if the
target has non-volatile counters and `SST_ENCRYPTION` flag is on.
+ - `SST_RAM_FS`: this flag allows to enable/disable the use of RAM instead
+ of the flash to store the FS in secure storage service. This flag is set
+ by default in the regression tests, if it is not defined by the platform.
+ The SST regression tests reduce the life of the flash memory as they
+ write/erase multiple times in the memory.
--------------
diff --git a/platform/ext/Mps2AN519.cmake b/platform/ext/Mps2AN519.cmake
index ca68320..d8d06cb 100644
--- a/platform/ext/Mps2AN519.cmake
+++ b/platform/ext/Mps2AN519.cmake
@@ -159,9 +159,10 @@
# to be sure the SST service knows that when it starts the SST area does not contain any
# valid SST flash layout and it needs to create one.
set(SST_CREATE_FLASH_LAYOUT ON)
+ set(SST_RAM_FS OFF)
embedded_include_directories(PATH "${PLATFORM_DIR}/target/mps2/an519/cmsis_drivers" ABSOLUTE)
endif()
if (MCUBOOT_RAM_LOADING)
message (FATAL_ERROR "MCUBOOT_RAM_LOADING is not supported on " ${TARGET_PLATFORM})
-endif()
\ No newline at end of file
+endif()
diff --git a/platform/ext/Mps2AN521.cmake b/platform/ext/Mps2AN521.cmake
index c56faef..451a36d 100644
--- a/platform/ext/Mps2AN521.cmake
+++ b/platform/ext/Mps2AN521.cmake
@@ -160,9 +160,10 @@
# to be sure the SST service knows that when it starts the SST area does not contain any
# valid SST flash layout and it needs to create one.
set(SST_CREATE_FLASH_LAYOUT ON)
+ set(SST_RAM_FS OFF)
embedded_include_directories(PATH "${PLATFORM_DIR}/target/mps2/an521/cmsis_drivers" ABSOLUTE)
endif()
if (MCUBOOT_RAM_LOADING)
message (FATAL_ERROR "MCUBOOT_RAM_LOADING is not supported on " ${TARGET_PLATFORM})
-endif()
\ No newline at end of file
+endif()
diff --git a/secure_fw/services/secure_storage/CMakeLists.inc b/secure_fw/services/secure_storage/CMakeLists.inc
index a0430d1..c553f89 100644
--- a/secure_fw/services/secure_storage/CMakeLists.inc
+++ b/secure_fw/services/secure_storage/CMakeLists.inc
@@ -55,6 +55,10 @@
message(FATAL_ERROR "Incomplete build configuration: SST_ENABLE_PARTIAL_ASSET_RW is undefined. ")
endif()
+ if (NOT DEFINED SST_RAM_FS)
+ message(FATAL_ERROR "Incomplete build configuration: SST_RAM_FS is undefined. ")
+ endif()
+
set (SECURE_STORAGE_C_SRC
"${SECURE_STORAGE_DIR}/tfm_sst_secure_api.c"
"${SECURE_STORAGE_DIR}/sst_asset_management.c"
@@ -98,6 +102,10 @@
set_property(SOURCE ${SECURE_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS SST_ENABLE_PARTIAL_ASSET_RW)
endif()
+ if (SST_RAM_FS)
+ set_property(SOURCE ${SECURE_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS SST_RAM_FS)
+ endif()
+
#Append all our source files to global lists.
list(APPEND ALL_SRC_C ${SECURE_STORAGE_C_SRC})
unset(SECURE_STORAGE_C_SRC)
@@ -113,6 +121,7 @@
message("- SST_VALIDATE_METADATA_FROM_FLASH: " ${SST_VALIDATE_METADATA_FROM_FLASH})
message("- SST_CREATE_FLASH_LAYOUT: " ${SST_CREATE_FLASH_LAYOUT})
message("- SST_ENABLE_PARTIAL_ASSET_RW: " ${SST_ENABLE_PARTIAL_ASSET_RW})
+ message("- SST_RAM_FS: " ${SST_RAM_FS})
#Setting include directories
embedded_include_directories(PATH ${TFM_ROOT_DIR} ABSOLUTE)
diff --git a/secure_fw/services/secure_storage/flash/sst_flash.c b/secure_fw/services/secure_storage/flash/sst_flash.c
index 1da7b60..d9f44c4 100644
--- a/secure_fw/services/secure_storage/flash/sst_flash.c
+++ b/secure_fw/services/secure_storage/flash/sst_flash.c
@@ -26,6 +26,13 @@
#define BLOCK_START_OFFSET 0
#define MAX_BLOCK_DATA_COPY 256
+
+#ifdef SST_RAM_FS
+#define BLOCK_DATA_SIZE (SST_BLOCK_SIZE * SST_TOTAL_NUM_OF_BLOCKS)
+
+static uint8_t block_data[BLOCK_DATA_SIZE] = {0};
+#endif
+
/*
* \brief Gets physical address of the given block ID.
*
@@ -40,8 +47,59 @@
return (SST_FLASH_AREA_ADDR + (block_id * SST_BLOCK_SIZE) + offset);
}
-static enum psa_sst_err_t flash_read(uint32_t flash_addr, uint8_t *buff,
- uint32_t size)
+#ifdef SST_RAM_FS
+static enum psa_sst_err_t flash_init(void)
+{
+ /* Nothing needs to be done in case of Flash emulated in RAM */
+
+ return PSA_SST_ERR_SUCCESS;
+}
+
+static enum psa_sst_err_t flash_read(uint32_t flash_addr, uint32_t size,
+ uint8_t *buff)
+{
+ uint32_t idx = flash_addr - SST_FLASH_AREA_ADDR;
+
+ sst_utils_memcpy(buff, &block_data[idx], size);
+
+ return PSA_SST_ERR_SUCCESS;
+}
+
+static enum psa_sst_err_t flash_write(uint32_t flash_addr, uint32_t size,
+ const uint8_t *buff)
+{
+ uint32_t idx = flash_addr - SST_FLASH_AREA_ADDR;
+
+ sst_utils_memcpy(&block_data[idx], buff, size);
+
+ return PSA_SST_ERR_SUCCESS;
+}
+
+static enum psa_sst_err_t flash_erase(uint32_t flash_addr)
+{
+ uint32_t idx = flash_addr - SST_FLASH_AREA_ADDR;
+
+ sst_utils_memset(&block_data[idx],
+ SST_FLASH_DEFAULT_VAL,
+ SST_BLOCK_SIZE);
+
+ return PSA_SST_ERR_SUCCESS;
+}
+#else
+static enum psa_sst_err_t flash_init(void)
+{
+ int32_t err;
+
+ err = FLASH_DEV_NAME.Initialize(NULL);
+ if(err != ARM_DRIVER_OK) {
+ return PSA_SST_ERR_SYSTEM_ERROR;
+ }
+
+ return PSA_SST_ERR_SUCCESS;
+}
+
+static enum psa_sst_err_t flash_read(uint32_t flash_addr, uint32_t size,
+ uint8_t *buff)
{
int32_t err;
@@ -53,8 +111,8 @@
return PSA_SST_ERR_SUCCESS;
}
-static enum psa_sst_err_t flash_write(uint32_t flash_addr, const uint8_t *buff,
- uint32_t size)
+static enum psa_sst_err_t flash_write(uint32_t flash_addr, uint32_t size,
+ const uint8_t *buff)
{
int32_t err;
@@ -77,17 +135,11 @@
return PSA_SST_ERR_SUCCESS;
}
+#endif /* SST_RAM_FS */
enum psa_sst_err_t sst_flash_init(void)
{
- int32_t err;
-
- err = FLASH_DEV_NAME.Initialize(NULL);
- if(err != ARM_DRIVER_OK) {
- return PSA_SST_ERR_SYSTEM_ERROR;
- }
-
- return PSA_SST_ERR_SUCCESS;
+ return flash_init();
}
enum psa_sst_err_t sst_flash_read(uint32_t block_id, uint8_t *buff,
@@ -100,7 +152,7 @@
*/
flash_addr = get_phys_address(block_id, offset);
- return flash_read(flash_addr, buff, size);
+ return flash_read(flash_addr, size, buff);
}
enum psa_sst_err_t sst_flash_write(uint32_t block_id, const uint8_t *buff,
@@ -113,7 +165,7 @@
*/
flash_addr = get_phys_address(block_id, offset);
- return flash_write(flash_addr, buff, size);
+ return flash_write(flash_addr, size, buff);
}
enum psa_sst_err_t sst_flash_block_to_block_move(uint32_t dst_block,
@@ -143,13 +195,13 @@
/* Reads data from source block and store it in the in-memory copy of
* destination content.
*/
- err = flash_read(src_flash_addr, dst_block_data_copy, bytes_to_move);
+ err = flash_read(src_flash_addr, bytes_to_move, dst_block_data_copy);
if (err != PSA_SST_ERR_SUCCESS) {
return err;
}
/* Writes in flash the in-memory block content after modification */
- err = flash_write(dst_flash_addr, dst_block_data_copy, bytes_to_move);
+ err = flash_write(dst_flash_addr, bytes_to_move, dst_block_data_copy);
if (err != PSA_SST_ERR_SUCCESS) {
return err;
}
diff --git a/test/suites/sst/CMakeLists.inc b/test/suites/sst/CMakeLists.inc
index f527bc5..bc535e1 100644
--- a/test/suites/sst/CMakeLists.inc
+++ b/test/suites/sst/CMakeLists.inc
@@ -52,6 +52,14 @@
set_property(SOURCE ${ALL_SRC_C_NS} APPEND PROPERTY COMPILE_DEFINITIONS SST_ENABLE_PARTIAL_ASSET_RW)
endif()
+ if (NOT SST_RAM_FS AND NOT REFERENCE_PLATFORM)
+ # Show flash warning message only when the RAM FS is not in use or the tests are compiled to
+ # be executed in the reference plaforms (AN519 and AN521). The reference platforms use RAM
+ # memory to emulated a flash device as they do not have one.
+ set_property(SOURCE ${ALL_SRC_C_S} APPEND PROPERTY COMPILE_DEFINITIONS SST_SHOW_FLASH_WARNING)
+ set_property(SOURCE ${ALL_SRC_C_NS} APPEND PROPERTY COMPILE_DEFINITIONS SST_SHOW_FLASH_WARNING)
+ endif()
+
#Setting include directories
embedded_include_directories(PATH ${TFM_ROOT_DIR} ABSOLUTE)
embedded_include_directories(PATH ${TFM_ROOT_DIR}/test/interface/include ABSOLUTE)
diff --git a/test/suites/sst/non_secure/sst_ns_interface_testsuite.c b/test/suites/sst/non_secure/sst_ns_interface_testsuite.c
index 0c817ec..e774641 100644
--- a/test/suites/sst/non_secure/sst_ns_interface_testsuite.c
+++ b/test/suites/sst/non_secure/sst_ns_interface_testsuite.c
@@ -153,6 +153,13 @@
set_testsuite("SST non-secure interface tests (TFM_SST_TEST_1XXX)",
asset_veeners_tests, list_size, p_test_suite);
+
+#ifdef SST_SHOW_FLASH_WARNING
+ TEST_LOG("\r\n**WARNING** The SST regression tests reduce the life of the "
+ "flash memory as they write/erase multiple times the memory. \r\n"
+ "Please, set the SST_RAM_FS flag to use RAM instead of flash."
+ "\r\n\r\n");
+#endif
}
/**
diff --git a/test/suites/sst/secure/sst_sec_interface_testsuite.c b/test/suites/sst/secure/sst_sec_interface_testsuite.c
index ba206a4..a7991c0 100644
--- a/test/suites/sst/secure/sst_sec_interface_testsuite.c
+++ b/test/suites/sst/secure/sst_sec_interface_testsuite.c
@@ -125,6 +125,13 @@
set_testsuite("SST secure interface tests (TFM_SST_TEST_2XXX)",
write_tests, list_size, p_test_suite);
+
+#ifdef SST_SHOW_FLASH_WARNING
+ TEST_LOG("\r\n**WARNING** The SST regression tests reduce the life of the "
+ "flash memory as they write/erase multiple times the memory. \r\n"
+ "Please, set the SST_RAM_FS flag to use RAM instead of flash."
+ "\r\n\r\n");
+#endif
}
/**