SPM: Merge 'internal_msg' members into handle
'internal_msg' is a member of handle, defining a dedicated type for
it causes troubles when:
- Defining interfaces for processing connections. Taking the handle
as parameter makes message abstraction unnecessary, and taking
message as paramter makes extra message-to-handle mapping happen.
This patch is basically a search and replace, which eases the review.
After the merging, several unnecessary mapping functions are removed
(set/get rhandle e.g.). Followed up patches focus on detailed refine.
Change-Id: I2ec1375fde470d4a3983848afb46575d3cb0b392
Signed-off-by: Ken Liu <Ken.Liu@arm.com>
diff --git a/secure_fw/spm/cmsis_psa/psa_interface_sfn.c b/secure_fw/spm/cmsis_psa/psa_interface_sfn.c
index 0b214f1..d7e5179 100644
--- a/secure_fw/spm/cmsis_psa/psa_interface_sfn.c
+++ b/secure_fw/spm/cmsis_psa/psa_interface_sfn.c
@@ -34,7 +34,7 @@
p_target = GET_CURRENT_COMPONENT();
if (p_client != p_target) {
- stat = tfm_spm_partition_psa_reply(p_target->p_messages->msg.handle,
+ stat = tfm_spm_partition_psa_reply(p_target->p_handles->msg.handle,
stat);
}
@@ -85,7 +85,7 @@
p_target = GET_CURRENT_COMPONENT();
if (p_client != p_target) {
- stat = tfm_spm_partition_psa_reply(p_target->p_messages->msg.handle,
+ stat = tfm_spm_partition_psa_reply(p_target->p_handles->msg.handle,
stat);
}
@@ -104,7 +104,7 @@
p_target = GET_CURRENT_COMPONENT();
if (p_client != p_target) {
- stat = tfm_spm_partition_psa_reply(p_target->p_messages->msg.handle,
+ stat = tfm_spm_partition_psa_reply(p_target->p_handles->msg.handle,
PSA_SUCCESS);
}
diff --git a/secure_fw/spm/cmsis_psa/spm_ipc.c b/secure_fw/spm/cmsis_psa/spm_ipc.c
index 594a0bd..c6a26bf 100755
--- a/secure_fw/spm/cmsis_psa/spm_ipc.c
+++ b/secure_fw/spm/cmsis_psa/spm_ipc.c
@@ -51,7 +51,7 @@
struct service_t *stateless_services_ref_tbl[STATIC_HANDLE_NUM_LIMIT];
/* Pools */
-TFM_POOL_DECLARE(conn_handle_pool, sizeof(struct tfm_conn_handle_t),
+TFM_POOL_DECLARE(conn_handle_pool, sizeof(struct conn_handle_t),
CONFIG_TFM_CONN_HANDLE_MAX_NUM);
extern uint32_t scheduler_lock;
@@ -94,7 +94,7 @@
* loop_index is used to promise same handle instance is converted into
* different user handles in short time.
*/
-psa_handle_t tfm_spm_to_user_handle(struct tfm_conn_handle_t *handle_instance)
+psa_handle_t tfm_spm_to_user_handle(struct conn_handle_t *handle_instance)
{
psa_handle_t user_handle;
@@ -122,15 +122,15 @@
* user_handle in RANGE[CLIENT_HANDLE_VALUE_MIN, 0x3FFFFFFF]
* loop_index in RANGE[0, CONVERSION_FACTOR_VALUE - 1]
*/
-struct tfm_conn_handle_t *tfm_spm_to_handle_instance(psa_handle_t user_handle)
+struct conn_handle_t *tfm_spm_to_handle_instance(psa_handle_t user_handle)
{
- struct tfm_conn_handle_t *handle_instance;
+ struct conn_handle_t *handle_instance;
if (user_handle == PSA_NULL_HANDLE) {
return NULL;
}
- handle_instance = (struct tfm_conn_handle_t *)((((uintptr_t)user_handle -
+ handle_instance = (struct conn_handle_t *)((((uintptr_t)user_handle -
CLIENT_HANDLE_VALUE_MIN) >> CONVERSION_FACTOR_BITOFFSET) +
(uintptr_t)conn_handle_pool);
@@ -138,31 +138,30 @@
}
/* Service handle management functions */
-struct tfm_conn_handle_t *tfm_spm_create_conn_handle(struct service_t *service,
- int32_t client_id)
+struct conn_handle_t *tfm_spm_create_conn_handle(struct service_t *service,
+ int32_t client_id)
{
- struct tfm_conn_handle_t *p_handle;
+ struct conn_handle_t *p_handle;
TFM_CORE_ASSERT(service);
/* Get buffer for handle list structure from handle pool */
- p_handle = (struct tfm_conn_handle_t *)tfm_pool_alloc(conn_handle_pool);
+ p_handle = (struct conn_handle_t *)tfm_pool_alloc(conn_handle_pool);
if (!p_handle) {
return NULL;
}
spm_memset(p_handle, 0, sizeof(*p_handle));
- p_handle->internal_msg.service = service;
+ p_handle->service = service;
p_handle->status = TFM_HANDLE_STATUS_IDLE;
p_handle->client_id = client_id;
return p_handle;
}
-int32_t tfm_spm_validate_conn_handle(
- const struct tfm_conn_handle_t *conn_handle,
- int32_t client_id)
+int32_t tfm_spm_validate_conn_handle(const struct conn_handle_t *conn_handle,
+ int32_t client_id)
{
/* Check the handle address is validated */
if (is_valid_chunk_data_in_pool(conn_handle_pool,
@@ -179,7 +178,7 @@
}
int32_t tfm_spm_free_conn_handle(struct service_t *service,
- struct tfm_conn_handle_t *conn_handle)
+ struct conn_handle_t *conn_handle)
{
struct critical_section_t cs_assert = CRITICAL_SECTION_STATIC_INIT;
@@ -187,7 +186,7 @@
TFM_CORE_ASSERT(conn_handle != NULL);
/* Clear magic as the handler is not used anymore */
- conn_handle->internal_msg.magic = 0;
+ conn_handle->magic = 0;
CRITICAL_SECTION_ENTER(cs_assert);
@@ -198,55 +197,20 @@
return SPM_SUCCESS;
}
-int32_t tfm_spm_set_rhandle(struct service_t *service,
- struct tfm_conn_handle_t *conn_handle,
- void *rhandle)
-{
- TFM_CORE_ASSERT(service);
- /* Set reverse handle value only be allowed for a connected handle */
- TFM_CORE_ASSERT(conn_handle != NULL);
-
- conn_handle->rhandle = rhandle;
- return SPM_SUCCESS;
-}
-
-/**
- * \brief Get reverse handle value from connection handle.
- *
- * \param[in] service Target service context pointer
- * \param[in] conn_handle Connection handle created by
- * tfm_spm_create_conn_handle()
- *
- * \retval void * Success
- * \retval "Does not return" Panic for those:
- * service pointer are NULL
- * handle is \ref PSA_NULL_HANDLE
- * handle node does not be found
- */
-static void *tfm_spm_get_rhandle(struct service_t *service,
- struct tfm_conn_handle_t *conn_handle)
-{
- TFM_CORE_ASSERT(service);
- /* Get reverse handle value only be allowed for a connected handle */
- TFM_CORE_ASSERT(conn_handle != NULL);
-
- return conn_handle->rhandle;
-}
-
/* Partition management functions */
-struct tfm_msg_body_t *spm_get_msg_with_signal(struct partition_t *p_ptn,
+struct conn_handle_t *spm_get_handle_by_signal(struct partition_t *p_ptn,
psa_signal_t signal)
{
- struct tfm_msg_body_t *p_msg_iter;
- struct tfm_msg_body_t **pr_msg_iter, **last_found_msg_holder = NULL;
+ struct conn_handle_t *p_msg_iter;
+ struct conn_handle_t **pr_msg_iter, **last_found_msg_holder = NULL;
struct critical_section_t cs_assert = CRITICAL_SECTION_STATIC_INIT;
uint32_t nr_found_msgs = 0;
CRITICAL_SECTION_ENTER(cs_assert);
/* Return the last found message which applies a FIFO mechanism. */
- UNI_LIST_FOREACH_NODE_PNODE(pr_msg_iter, p_msg_iter, p_ptn, p_messages) {
+ UNI_LIST_FOREACH_NODE_PNODE(pr_msg_iter, p_msg_iter, p_ptn, p_handles) {
if (p_msg_iter->service->p_ldinf->signal == signal) {
last_found_msg_holder = pr_msg_iter;
nr_found_msgs++;
@@ -255,9 +219,8 @@
if (last_found_msg_holder) {
p_msg_iter = *last_found_msg_holder;
- UNI_LIST_REMOVE_NODE_BY_PNODE(last_found_msg_holder, p_messages);
+ UNI_LIST_REMOVE_NODE_BY_PNODE(last_found_msg_holder, p_handles);
- /* Clear the signal bit since the only message is removed. */
if (nr_found_msgs == 1) {
p_ptn->signals_asserted &= ~signal;
}
@@ -362,7 +325,7 @@
/* Message functions */
-struct tfm_msg_body_t *tfm_spm_get_msg_from_handle(psa_handle_t msg_handle)
+struct conn_handle_t *spm_get_handle_by_user_handle(psa_handle_t msg_handle)
{
/*
* The message handler passed by the caller is considered invalid in the
@@ -373,36 +336,33 @@
* unused, or owned by anither partition)
* Check the conditions above
*/
- struct tfm_msg_body_t *p_msg;
int32_t partition_id;
- struct tfm_conn_handle_t *p_conn_handle =
+ struct conn_handle_t *p_conn_handle =
tfm_spm_to_handle_instance(msg_handle);
if (is_valid_chunk_data_in_pool(
- conn_handle_pool, (uint8_t *)p_conn_handle) != 1) {
+ conn_handle_pool, (uint8_t *)p_conn_handle) != true) {
return NULL;
}
- p_msg = &p_conn_handle->internal_msg;
-
/*
* Check that the magic number is correct. This proves that the message
* structure contains an active message.
*/
- if (p_msg->magic != TFM_MSG_MAGIC) {
+ if (p_conn_handle->magic != TFM_MSG_MAGIC) {
return NULL;
}
/* Check that the running partition owns the message */
partition_id = tfm_spm_partition_get_running_partition_id();
- if (partition_id != p_msg->service->partition->p_ldinf->pid) {
+ if (partition_id != p_conn_handle->service->partition->p_ldinf->pid) {
return NULL;
}
- return p_msg;
+ return p_conn_handle;
}
-void tfm_spm_fill_msg(struct tfm_msg_body_t *msg,
+void spm_fill_message(struct conn_handle_t *hdl,
struct service_t *service,
psa_handle_t handle,
int32_t type, int32_t client_id,
@@ -411,9 +371,8 @@
psa_outvec *caller_outvec)
{
uint32_t i;
- struct tfm_conn_handle_t *conn_handle;
- TFM_CORE_ASSERT(msg);
+ TFM_CORE_ASSERT(hdl);
TFM_CORE_ASSERT(service);
TFM_CORE_ASSERT(!(invec == NULL && in_len != 0));
TFM_CORE_ASSERT(!(outvec == NULL && out_len != 0));
@@ -422,42 +381,37 @@
TFM_CORE_ASSERT(in_len + out_len <= PSA_MAX_IOVEC);
/* Clear message buffer before using it */
- spm_memset(&msg->msg, 0, sizeof(psa_msg_t));
+ spm_memset(&hdl->msg, 0, sizeof(psa_msg_t));
- THRD_SYNC_INIT(&msg->ack_evnt);
- msg->magic = TFM_MSG_MAGIC;
- msg->service = service;
- msg->p_client = GET_CURRENT_COMPONENT();
- msg->caller_outvec = caller_outvec;
- msg->msg.client_id = client_id;
+ THRD_SYNC_INIT(&hdl->ack_evnt);
+ hdl->magic = TFM_MSG_MAGIC;
+ hdl->service = service;
+ hdl->p_client = GET_CURRENT_COMPONENT();
+ hdl->caller_outvec = caller_outvec;
+ hdl->msg.client_id = client_id;
/* Copy contents */
- msg->msg.type = type;
+ hdl->msg.type = type;
for (i = 0; i < in_len; i++) {
- msg->msg.in_size[i] = invec[i].len;
- msg->invec[i].base = invec[i].base;
+ hdl->msg.in_size[i] = invec[i].len;
+ hdl->invec[i].base = invec[i].base;
}
for (i = 0; i < out_len; i++) {
- msg->msg.out_size[i] = outvec[i].len;
- msg->outvec[i].base = outvec[i].base;
- /* Out len is used to record the writed number, set 0 here again */
- msg->outvec[i].len = 0;
+ hdl->msg.out_size[i] = outvec[i].len;
+ hdl->outvec[i].base = outvec[i].base;
+ /* Out len is used to record the wrote number, set 0 here again */
+ hdl->outvec[i].len = 0;
}
/* Use the user connect handle as the message handle */
- msg->msg.handle = handle;
-
- conn_handle = tfm_spm_to_handle_instance(handle);
- /* For connected handle, set rhandle to every message */
- if (conn_handle) {
- msg->msg.rhandle = tfm_spm_get_rhandle(service, conn_handle);
- }
+ hdl->msg.handle = handle;
+ hdl->msg.rhandle = hdl->rhandle;
/* Set the private data of NSPE client caller in multi-core topology */
if (TFM_CLIENT_ID_IS_NS(client_id)) {
- tfm_rpc_set_caller_data(msg, client_id);
+ tfm_rpc_set_caller_data(hdl, client_id);
}
}
@@ -559,7 +513,7 @@
tfm_pool_init(conn_handle_pool,
POOL_BUFFER_SIZE(conn_handle_pool),
- sizeof(struct tfm_conn_handle_t),
+ sizeof(struct conn_handle_t),
CONFIG_TFM_CONN_HANDLE_MAX_NUM);
UNI_LISI_INIT_NODE(PARTITION_LIST_ADDR, next);
@@ -655,7 +609,7 @@
return AAPCS_DUAL_U32_AS_U64(ctx_ctrls);
}
-void update_caller_outvec_len(struct tfm_msg_body_t *msg)
+void update_caller_outvec_len(struct conn_handle_t *hdl)
{
uint32_t i;
@@ -667,18 +621,18 @@
* If it is a NS request via RPC, the owner of this message is not set.
* Or if it is a SFN message, it does not have owner thread state either.
*/
- if ((!is_tfm_rpc_msg(msg)) && (msg->sfn_magic != TFM_MSG_MAGIC_SFN)) {
- TFM_CORE_ASSERT(msg->ack_evnt.owner->state == THRD_STATE_BLOCK);
+ if ((!is_tfm_rpc_msg(hdl)) && (hdl->sfn_magic != TFM_MSG_MAGIC_SFN)) {
+ TFM_CORE_ASSERT(hdl->ack_evnt.owner->state == THRD_STATE_BLOCK);
}
for (i = 0; i < PSA_MAX_IOVEC; i++) {
- if (msg->msg.out_size[i] == 0) {
+ if (hdl->msg.out_size[i] == 0) {
continue;
}
- TFM_CORE_ASSERT(msg->caller_outvec[i].base == msg->outvec[i].base);
+ TFM_CORE_ASSERT(hdl->caller_outvec[i].base == hdl->outvec[i].base);
- msg->caller_outvec[i].len = msg->outvec[i].len;
+ hdl->caller_outvec[i].len = hdl->outvec[i].len;
}
}
diff --git a/secure_fw/spm/cmsis_psa/spm_ipc.h b/secure_fw/spm/cmsis_psa/spm_ipc.h
index 516217c..4f513b3 100644
--- a/secure_fw/spm/cmsis_psa/spm_ipc.h
+++ b/secure_fw/spm/cmsis_psa/spm_ipc.h
@@ -77,8 +77,22 @@
#define GET_THRD_OWNER(x) TO_CONTAINER(x, struct partition_t, thrd)
#define GET_CTX_OWNER(x) TO_CONTAINER(x, struct partition_t, ctx_ctrl)
-/* Message struct to collect parameter from client */
-struct tfm_msg_body_t {
+/* RoT connection handle list */
+struct conn_handle_t {
+ void *rhandle; /* Reverse handle value */
+ uint32_t status; /*
+ * Status of handle, three valid
+ * options:
+ * TFM_HANDLE_STATUS_ACTIVE,
+ * TFM_HANDLE_STATUS_IDLE and
+ * TFM_HANDLE_STATUS_CONNECT_ERROR
+ */
+ int32_t client_id; /*
+ * Partition ID of the sender of the
+ * message:
+ * - secure partition id;
+ * - non secure client endpoint id.
+ */
int32_t magic;
struct partition_t *p_client; /* Caller partition */
struct service_t *service; /* RoT service pointer */
@@ -103,7 +117,7 @@
#if PSA_FRAMEWORK_HAS_MM_IOVEC
uint32_t iovec_status; /* MM-IOVEC status */
#endif
- struct tfm_msg_body_t *p_messages; /* Message(s) link */
+ struct conn_handle_t *p_handles; /* Handle(s) link */
};
/* Partition runtime type */
@@ -121,7 +135,7 @@
struct thread_t thrd; /* IPC model */
uint32_t state; /* SFN model */
};
- struct tfm_msg_body_t *p_messages;
+ struct conn_handle_t *p_handles;
struct partition_t *next;
};
@@ -132,25 +146,6 @@
struct service_t *next; /* For list operation */
};
-/* RoT connection handle list */
-struct tfm_conn_handle_t {
- void *rhandle; /* Reverse handle value */
- uint32_t status; /*
- * Status of handle, three valid
- * options:
- * TFM_HANDLE_STATUS_ACTIVE,
- * TFM_HANDLE_STATUS_IDLE and
- * TFM_HANDLE_STATUS_CONNECT_ERROR
- */
- int32_t client_id; /*
- * Partition ID of the sender of the
- * message:
- * - secure partition id;
- * - non secure client endpoint id.
- */
- struct tfm_msg_body_t internal_msg; /* Internal message for message queue */
-};
-
enum tfm_memory_access_e {
TFM_MEMORY_ACCESS_RO = 1,
TFM_MEMORY_ACCESS_RW = 2,
@@ -169,25 +164,25 @@
* \brief Create connection handle for client connect
*
* \param[in] service Target service context pointer
- * \param[in] client_id Partition ID of the sender of the message
+ * \param[in] client_id Partition ID of the sender
*
* \retval NULL Create failed
* \retval "Not NULL" Service handle created
*/
-struct tfm_conn_handle_t *tfm_spm_create_conn_handle(struct service_t *service,
+struct conn_handle_t *tfm_spm_create_conn_handle(struct service_t *service,
int32_t client_id);
/**
* \brief Validate connection handle for client connect
*
* \param[in] conn_handle Handle to be validated
- * \param[in] client_id Partition ID of the sender of the message
+ * \param[in] client_id Partition ID of the sender
*
* \retval SPM_SUCCESS Success
* \retval SPM_ERROR_GENERIC Invalid handle
*/
int32_t tfm_spm_validate_conn_handle(
- const struct tfm_conn_handle_t *conn_handle,
+ const struct conn_handle_t *conn_handle,
int32_t client_id);
/**
@@ -202,22 +197,22 @@
* \retval "Does not return" Panic for not find service by handle
*/
int32_t tfm_spm_free_conn_handle(struct service_t *service,
- struct tfm_conn_handle_t *conn_handle);
+ struct conn_handle_t *conn_handle);
/******************** Partition management functions *************************/
/*
- * Lookup and fetch the last spotted message in the partition messages
+ * Lookup and grab the last spotted handles containing the message
* by the given signal. Only ONE signal bit can be accepted in 'signal',
- * multiple bits lead to 'no matched message found to that signal'.
+ * multiple bits lead to 'no matched handles found to that signal'.
*
- * Returns NULL if no message matched with the given signal.
- * Returns an internal message instance if spotted, the instance
- * is moved out of partition messages. Partition available signals
- * also get updated based on the count of message with given signal
- * still in the partition messages.
+ * Returns NULL if no handles matched with the given signal.
+ * Returns an internal handle instance if spotted, the instance
+ * is moved out of partition handles. Partition available signals
+ * also get updated based on the count of handles with given signal
+ * still in the partition handles.
*/
-struct tfm_msg_body_t *spm_get_msg_with_signal(struct partition_t *p_ptn,
+struct conn_handle_t *spm_get_handle_by_signal(struct partition_t *p_ptn,
psa_signal_t signal);
/**
@@ -245,20 +240,22 @@
/************************ Message functions **********************************/
/**
- * \brief Get message context by message handle.
+ * \brief Get spm work handle by given user handle.
*
* \param[in] msg_handle Message handle which is a reference generated
- * by the SPM to a specific message.
+ * by the SPM to a specific message. A few
+ * validations happen in this function before
+ * the final result returns.
*
- * \return The message body context pointer
- * \ref tfm_msg_body_t structures
+ * \return The spm work handle.
+ * \ref conn_handle_t structures
*/
-struct tfm_msg_body_t *tfm_spm_get_msg_from_handle(psa_handle_t msg_handle);
+struct conn_handle_t *spm_get_handle_by_user_handle(psa_handle_t msg_handle);
/**
- * \brief Fill the message for PSA client call.
+ * \brief Fill the user message in handle.
*
- * \param[in] msg Service Message Queue buffer pointer
+ * \param[in] hdl The 'handle' contains the user message.
* \param[in] service Target service context pointer, which can be
* obtained by partition management functions
* \prarm[in] handle Connect handle return by psa_connect().
@@ -271,7 +268,7 @@
* \param[in] out_len Number of output \ref psa_outvec structures
* \param[in] caller_outvec Array of caller output \ref psa_outvec structures
*/
-void tfm_spm_fill_msg(struct tfm_msg_body_t *msg,
+void spm_fill_message(struct conn_handle_t *hdl,
struct service_t *service,
psa_handle_t handle,
int32_t type, int32_t client_id,
@@ -374,35 +371,19 @@
/**
* \brief Converts a handle instance into a corresponded user handle.
*/
-psa_handle_t tfm_spm_to_user_handle(struct tfm_conn_handle_t *handle_instance);
+psa_handle_t tfm_spm_to_user_handle(struct conn_handle_t *handle_instance);
/**
* \brief Converts a user handle into a corresponded handle instance.
*/
-struct tfm_conn_handle_t *tfm_spm_to_handle_instance(psa_handle_t user_handle);
+struct conn_handle_t *tfm_spm_to_handle_instance(psa_handle_t user_handle);
/**
* \brief Move to handler mode by a SVC for specific purpose
*/
void tfm_core_handler_mode(void);
-/**
- * \brief Set reverse handle value for connection.
- *
- * \param[in] service Target service context pointer
- * \param[in] conn_handle Connection handle created by
- * tfm_spm_create_conn_handle()
- * \param[in] rhandle rhandle need to save
- *
- * \retval SPM_SUCCESS Success
- * \retval SPM_ERROR_BAD_PARAMETERS Bad parameters input
- * \retval "Does not return" Panic for not find handle node
- */
-int32_t tfm_spm_set_rhandle(struct service_t *service,
- struct tfm_conn_handle_t *conn_handle,
- void *rhandle);
-
-void update_caller_outvec_len(struct tfm_msg_body_t *msg);
+void update_caller_outvec_len(struct conn_handle_t *msg);
/*
* Set partition signal.
diff --git a/secure_fw/spm/cmsis_psa/tfm_rpc.c b/secure_fw/spm/cmsis_psa/tfm_rpc.c
index 88e7bdd..86a1b5a 100644
--- a/secure_fw/spm/cmsis_psa/tfm_rpc.c
+++ b/secure_fw/spm/cmsis_psa/tfm_rpc.c
@@ -115,12 +115,13 @@
void tfm_rpc_client_call_reply(const void *owner, int32_t ret)
{
- const struct tfm_msg_body_t *msg = (const struct tfm_msg_body_t *)owner;
+ const struct conn_handle_t *hdl =
+ (const struct conn_handle_t *)owner;
- rpc_ops.reply(msg->caller_data, ret);
+ rpc_ops.reply(hdl->caller_data, ret);
}
-void tfm_rpc_set_caller_data(struct tfm_msg_body_t *msg, int32_t client_id)
+void tfm_rpc_set_caller_data(struct conn_handle_t *hdl, int32_t client_id)
{
- msg->caller_data = rpc_ops.get_caller_data(client_id);
+ hdl->caller_data = rpc_ops.get_caller_data(client_id);
}
diff --git a/secure_fw/spm/cmsis_psa/tfm_rpc.h b/secure_fw/spm/cmsis_psa/tfm_rpc.h
index e1942e0..5023c40 100644
--- a/secure_fw/spm/cmsis_psa/tfm_rpc.h
+++ b/secure_fw/spm/cmsis_psa/tfm_rpc.h
@@ -168,7 +168,7 @@
* \retval true The message was allocated for a NS request via RPC.
* \retval false Otherwise.
*/
-__STATIC_INLINE bool is_tfm_rpc_msg(const struct tfm_msg_body_t *msg)
+__STATIC_INLINE bool is_tfm_rpc_msg(const struct conn_handle_t *msg)
{
/*
* FIXME
@@ -194,7 +194,7 @@
* \param[in] msg The address of \ref msg_body_t structure
* \param[in] client_id The client ID of the NS caller.
*/
-void tfm_rpc_set_caller_data(struct tfm_msg_body_t *msg, int32_t client_id);
+void tfm_rpc_set_caller_data(struct conn_handle_t *msg, int32_t client_id);
#else /* TFM_MULTI_CORE_TOPOLOGY */
diff --git a/secure_fw/spm/ffm/backend_ipc.c b/secure_fw/spm/ffm/backend_ipc.c
index 48c7899..443c5da 100644
--- a/secure_fw/spm/ffm/backend_ipc.c
+++ b/secure_fw/spm/ffm/backend_ipc.c
@@ -46,13 +46,13 @@
* current thread and trigger scheduler.
*/
static psa_status_t ipc_messaging(struct service_t *service,
- struct tfm_msg_body_t *msg)
+ struct conn_handle_t *hdl)
{
struct partition_t *p_owner = NULL;
psa_signal_t signal = 0;
struct critical_section_t cs_assert = CRITICAL_SECTION_STATIC_INIT;
- if (!msg || !service || !service->p_ldinf || !service->partition) {
+ if (!hdl || !service || !service->p_ldinf || !service->partition) {
return PSA_ERROR_PROGRAMMER_ERROR;
}
@@ -61,7 +61,7 @@
CRITICAL_SECTION_ENTER(cs_assert);
- UNI_LIST_INSERT_AFTER(p_owner, msg, p_messages);
+ UNI_LIST_INSERT_AFTER(p_owner, hdl, p_handles);
/* Messages put. Update signals */
p_owner->signals_asserted |= signal;
@@ -78,19 +78,19 @@
* thread.
*/
- if (!is_tfm_rpc_msg(msg)) {
- thrd_wait_on(&msg->ack_evnt, CURRENT_THREAD);
+ if (!is_tfm_rpc_msg(hdl)) {
+ thrd_wait_on(&hdl->ack_evnt, CURRENT_THREAD);
}
return PSA_SUCCESS;
}
-static int32_t ipc_replying(struct tfm_msg_body_t *p_msg, int32_t status)
+static int32_t ipc_replying(struct conn_handle_t *hdl, int32_t status)
{
- if (is_tfm_rpc_msg(p_msg)) {
- tfm_rpc_client_call_reply(p_msg, status);
+ if (is_tfm_rpc_msg(hdl)) {
+ tfm_rpc_client_call_reply(hdl, status);
} else {
- thrd_wake_up(&p_msg->ack_evnt, status);
+ thrd_wake_up(&hdl->ack_evnt, status);
}
/*
@@ -110,7 +110,7 @@
p_pt->signals_allowed |= PSA_DOORBELL | service_setting;
THRD_SYNC_INIT(&p_pt->waitobj);
- UNI_LISI_INIT_NODE(p_pt, p_messages);
+ UNI_LISI_INIT_NODE(p_pt, p_handles);
THRD_INIT(&p_pt->thrd, &p_pt->ctx_ctrl,
TO_THREAD_PRIORITY(PARTITION_PRIORITY(p_pldi->flags)));
diff --git a/secure_fw/spm/ffm/backend_sfn.c b/secure_fw/spm/ffm/backend_sfn.c
index b84c307..ab427b2 100644
--- a/secure_fw/spm/ffm/backend_sfn.c
+++ b/secure_fw/spm/ffm/backend_sfn.c
@@ -36,18 +36,18 @@
* current component state and activate the next component.
*/
static psa_status_t sfn_messaging(struct service_t *service,
- struct tfm_msg_body_t *msg)
+ struct conn_handle_t *hdl)
{
struct partition_t *p_target;
psa_status_t status;
- if (!msg || !service || !service->p_ldinf || !service->partition) {
+ if (!hdl || !service || !service->p_ldinf || !service->partition) {
return PSA_ERROR_PROGRAMMER_ERROR;
}
- msg->sfn_magic = TFM_MSG_MAGIC_SFN;
+ hdl->sfn_magic = TFM_MSG_MAGIC_SFN;
p_target = service->partition;
- p_target->p_messages = msg;
+ p_target->p_handles = hdl;
SET_CURRENT_COMPONENT(p_target);
@@ -62,14 +62,14 @@
p_target->state = SFN_PARTITION_STATE_INITED;
}
- status = ((service_fn_t)service->p_ldinf->sfn)(&msg->msg);
+ status = ((service_fn_t)service->p_ldinf->sfn)(&hdl->msg);
return status;
}
-static int32_t sfn_replying(struct tfm_msg_body_t *p_msg, int32_t status)
+static int32_t sfn_replying(struct conn_handle_t *hdl, int32_t status)
{
- SET_CURRENT_COMPONENT(p_msg->p_client);
+ SET_CURRENT_COMPONENT(hdl->p_client);
/*
* Returning a value here is necessary, because 'psa_reply' is absent
@@ -89,7 +89,7 @@
{
const struct partition_load_info_t *p_pldi = p_pt->p_ldinf;
- p_pt->p_messages = NULL;
+ p_pt->p_handles = NULL;
p_pt->state = SFN_PARTITION_STATE_NOT_INITED;
THRD_SYNC_INIT(&p_pt->waitobj);
diff --git a/secure_fw/spm/ffm/psa_api.c b/secure_fw/spm/ffm/psa_api.c
index 1588263..80af53f 100644
--- a/secure_fw/spm/ffm/psa_api.c
+++ b/secure_fw/spm/ffm/psa_api.c
@@ -146,9 +146,8 @@
{
psa_invec invecs[PSA_MAX_IOVEC];
psa_outvec outvecs[PSA_MAX_IOVEC];
- struct tfm_conn_handle_t *conn_handle;
+ struct conn_handle_t *conn_handle;
struct service_t *service;
- struct tfm_msg_body_t *msg;
int i, j;
int32_t client_id;
uint32_t sid, version, index;
@@ -238,7 +237,7 @@
return PSA_ERROR_PROGRAMMER_ERROR;
}
- service = conn_handle->internal_msg.service;
+ service = conn_handle->service;
if (!service) {
/* FixMe: Need to implement a mechanism to resolve this failure. */
@@ -313,12 +312,10 @@
}
}
- msg = &(conn_handle->internal_msg);
-
- tfm_spm_fill_msg(msg, service, handle, type, client_id,
+ spm_fill_message(conn_handle, service, handle, type, client_id,
invecs, in_num, outvecs, out_num, outptr);
- return backend_instance.messaging(service, msg);
+ return backend_instance.messaging(service, conn_handle);
}
/* Following PSA APIs are only needed by connection-based services */
@@ -327,8 +324,7 @@
psa_status_t tfm_spm_client_psa_connect(uint32_t sid, uint32_t version)
{
struct service_t *service;
- struct tfm_msg_body_t *msg;
- struct tfm_conn_handle_t *connect_handle;
+ struct conn_handle_t *connect_handle;
int32_t client_id;
psa_handle_t handle;
bool ns_caller = tfm_spm_is_ns_caller();
@@ -377,21 +373,18 @@
return PSA_ERROR_CONNECTION_BUSY;
}
- msg = &(connect_handle->internal_msg);
-
handle = tfm_spm_to_user_handle(connect_handle);
/* No input or output needed for connect message */
- tfm_spm_fill_msg(msg, service, handle, PSA_IPC_CONNECT,
+ spm_fill_message(connect_handle, service, handle, PSA_IPC_CONNECT,
client_id, NULL, 0, NULL, 0, NULL);
- return backend_instance.messaging(service, msg);
+ return backend_instance.messaging(service, connect_handle);
}
psa_status_t tfm_spm_client_psa_close(psa_handle_t handle)
{
struct service_t *service;
- struct tfm_msg_body_t *msg;
- struct tfm_conn_handle_t *conn_handle;
+ struct conn_handle_t *conn_handle;
int32_t client_id;
bool ns_caller = tfm_spm_is_ns_caller();
@@ -416,14 +409,12 @@
return PSA_ERROR_PROGRAMMER_ERROR;
}
- service = conn_handle->internal_msg.service;
+ service = conn_handle->service;
if (!service) {
/* FixMe: Need to implement one mechanism to resolve this failure. */
return PSA_ERROR_PROGRAMMER_ERROR;
}
- msg = &(conn_handle->internal_msg);
-
/*
* It is a PROGRAMMER ERROR if the connection is currently handling a
* request.
@@ -433,10 +424,10 @@
}
/* No input or output needed for close message */
- tfm_spm_fill_msg(msg, service, handle, PSA_IPC_DISCONNECT, client_id,
- NULL, 0, NULL, 0, NULL);
+ spm_fill_message(conn_handle, service, handle, PSA_IPC_DISCONNECT,
+ client_id, NULL, 0, NULL, 0, NULL);
- return backend_instance.messaging(service, msg);
+ return backend_instance.messaging(service, conn_handle);
}
#endif /* CONFIG_TFM_CONNECTION_BASED_SERVICE_API */
@@ -481,7 +472,7 @@
psa_status_t tfm_spm_partition_psa_get(psa_signal_t signal, psa_msg_t *msg)
{
- struct tfm_msg_body_t *tmp_msg = NULL;
+ struct conn_handle_t *tmp_msg = NULL;
struct partition_t *partition = NULL;
uint32_t privileged;
@@ -526,14 +517,12 @@
* Get message by signal from partition. It is a fatal error if getting
* failed, which means the input signal is not correspond to an RoT service.
*/
- tmp_msg = spm_get_msg_with_signal(partition, signal);
+ tmp_msg = spm_get_handle_by_signal(partition, signal);
if (!tmp_msg) {
return PSA_ERROR_DOES_NOT_EXIST;
}
- (TO_CONTAINER(tmp_msg,
- struct tfm_conn_handle_t,
- internal_msg))->status = TFM_HANDLE_STATUS_ACTIVE;
+ tmp_msg->status = TFM_HANDLE_STATUS_ACTIVE;
spm_memcpy(msg, &tmp_msg->msg, sizeof(psa_msg_t));
@@ -544,11 +533,11 @@
void *buffer, size_t num_bytes)
{
size_t bytes;
- struct tfm_msg_body_t *msg = NULL;
+ struct conn_handle_t *msg = NULL;
uint32_t priv_mode;
/* It is a fatal error if message handle is invalid */
- msg = tfm_spm_get_msg_from_handle(msg_handle);
+ msg = spm_get_handle_by_user_handle(msg_handle);
if (!msg) {
tfm_core_panic();
}
@@ -612,10 +601,10 @@
size_t tfm_spm_partition_psa_skip(psa_handle_t msg_handle, uint32_t invec_idx,
size_t num_bytes)
{
- struct tfm_msg_body_t *msg = NULL;
+ struct conn_handle_t *msg = NULL;
/* It is a fatal error if message handle is invalid */
- msg = tfm_spm_get_msg_from_handle(msg_handle);
+ msg = spm_get_handle_by_user_handle(msg_handle);
if (!msg) {
tfm_core_panic();
}
@@ -672,11 +661,11 @@
void tfm_spm_partition_psa_write(psa_handle_t msg_handle, uint32_t outvec_idx,
const void *buffer, size_t num_bytes)
{
- struct tfm_msg_body_t *msg = NULL;
+ struct conn_handle_t *msg = NULL;
uint32_t priv_mode;
/* It is a fatal error if message handle is invalid */
- msg = tfm_spm_get_msg_from_handle(msg_handle);
+ msg = spm_get_handle_by_user_handle(msg_handle);
if (!msg) {
tfm_core_panic();
}
@@ -739,15 +728,14 @@
int32_t tfm_spm_partition_psa_reply(psa_handle_t msg_handle,
psa_status_t status)
{
- struct service_t *service = NULL;
- struct tfm_msg_body_t *msg = NULL;
+ struct service_t *service;
+ struct conn_handle_t *hdl;
int32_t ret = PSA_SUCCESS;
- struct tfm_conn_handle_t *conn_handle;
struct critical_section_t cs_assert = CRITICAL_SECTION_STATIC_INIT;
/* It is a fatal error if message handle is invalid */
- msg = tfm_spm_get_msg_from_handle(msg_handle);
- if (!msg) {
+ hdl = spm_get_handle_by_user_handle(msg_handle);
+ if (!hdl) {
tfm_core_panic();
}
@@ -756,17 +744,12 @@
* body structure. Only two parameters are passed in this function: handle
* and status, so it is useful and simply to do like this.
*/
- service = msg->service;
+ service = hdl->service;
if (!service) {
tfm_core_panic();
}
- /*
- * Three type of message are passed in this function: CONNECTION, REQUEST,
- * DISCONNECTION. It needs to process differently for each type.
- */
- conn_handle = tfm_spm_to_handle_instance(msg_handle);
- switch (msg->msg.type) {
+ switch (hdl->msg.type) {
case PSA_IPC_CONNECT:
/*
* Reply to PSA_IPC_CONNECT message. Connect handle is returned if the
@@ -777,7 +760,7 @@
ret = msg_handle;
} else if (status == PSA_ERROR_CONNECTION_REFUSED) {
/* Refuse the client connection, indicating a permanent error. */
- tfm_spm_free_conn_handle(service, conn_handle);
+ tfm_spm_free_conn_handle(service, hdl);
ret = PSA_ERROR_CONNECTION_REFUSED;
} else if (status == PSA_ERROR_CONNECTION_BUSY) {
/* Fail the client connection, indicating a transient error. */
@@ -788,7 +771,7 @@
break;
case PSA_IPC_DISCONNECT:
/* Service handle is not used anymore */
- tfm_spm_free_conn_handle(service, conn_handle);
+ tfm_spm_free_conn_handle(service, hdl);
/*
* If the message type is PSA_IPC_DISCONNECT, then the status code is
@@ -796,7 +779,7 @@
*/
break;
default:
- if (msg->msg.type >= PSA_IPC_CALL) {
+ if (hdl->msg.type >= PSA_IPC_CALL) {
#if PSA_FRAMEWORK_HAS_MM_IOVEC
@@ -807,14 +790,14 @@
int i;
for (i = 0; i < PSA_MAX_IOVEC * 2; i++) {
- if (IOVEC_IS_MAPPED(msg, i) && (!IOVEC_IS_UNMAPPED(msg, i))) {
- SET_IOVEC_UNMAPPED(msg, i);
+ if (IOVEC_IS_MAPPED(hdl, i) && (!IOVEC_IS_UNMAPPED(hdl, i))) {
+ SET_IOVEC_UNMAPPED(hdl, i);
/*
* Any output vectors that are still mapped will report that
* zero bytes have been written.
*/
if (i >= OUTVEC_IDX_BASE) {
- msg->outvec[i - OUTVEC_IDX_BASE].len = 0;
+ hdl->outvec[i - OUTVEC_IDX_BASE].len = 0;
}
}
}
@@ -828,9 +811,9 @@
* psa_outvec structure for the parameter before returning from
* psa_call().
*/
- update_caller_outvec_len(msg);
+ update_caller_outvec_len(hdl);
if (SERVICE_IS_STATELESS(service->p_ldinf->flags)) {
- tfm_spm_free_conn_handle(service, conn_handle);
+ tfm_spm_free_conn_handle(service, hdl);
}
} else {
tfm_core_panic();
@@ -842,13 +825,13 @@
* If the source of the programmer error is a Secure Partition, the SPM
* must panic the Secure Partition in response to a PROGRAMMER ERROR.
*/
- if (TFM_CLIENT_ID_IS_NS(msg->msg.client_id)) {
- conn_handle->status = TFM_HANDLE_STATUS_CONNECT_ERROR;
+ if (TFM_CLIENT_ID_IS_NS(hdl->msg.client_id)) {
+ hdl->status = TFM_HANDLE_STATUS_CONNECT_ERROR;
} else {
tfm_core_panic();
}
} else {
- conn_handle->status = TFM_HANDLE_STATUS_IDLE;
+ hdl->status = TFM_HANDLE_STATUS_IDLE;
}
/*
@@ -857,7 +840,7 @@
* involved.
*/
CRITICAL_SECTION_ENTER(cs_assert);
- ret = backend_instance.replying(msg, ret);
+ ret = backend_instance.replying(hdl, ret);
CRITICAL_SECTION_LEAVE(cs_assert);
return ret;
@@ -996,25 +979,21 @@
void tfm_spm_partition_psa_set_rhandle(psa_handle_t msg_handle, void *rhandle)
{
- struct tfm_msg_body_t *msg = NULL;
- struct tfm_conn_handle_t *conn_handle;
+ struct conn_handle_t *hdl;
/* It is a fatal error if message handle is invalid */
- msg = tfm_spm_get_msg_from_handle(msg_handle);
- if (!msg) {
+ hdl = spm_get_handle_by_user_handle(msg_handle);
+ if (!hdl) {
tfm_core_panic();
}
/* It is a PROGRAMMER ERROR if a stateless service sets rhandle. */
- if (SERVICE_IS_STATELESS(msg->service->p_ldinf->flags)) {
+ if (SERVICE_IS_STATELESS(hdl->service->p_ldinf->flags)) {
tfm_core_panic();
}
- msg->msg.rhandle = rhandle;
- conn_handle = tfm_spm_to_handle_instance(msg_handle);
-
- /* Store reverse handle for following client calls. */
- tfm_spm_set_rhandle(msg->service, conn_handle, rhandle);
+ hdl->msg.rhandle = rhandle;
+ hdl->rhandle = rhandle;
}
#endif /* CONFIG_TFM_CONNECTION_BASED_SERVICE_API */
@@ -1024,24 +1003,24 @@
const void *tfm_spm_partition_psa_map_invec(psa_handle_t msg_handle,
uint32_t invec_idx)
{
- struct tfm_msg_body_t *msg = NULL;
+ struct conn_handle_t *hdl;
uint32_t privileged;
struct partition_t *partition = NULL;
/* It is a fatal error if message handle is invalid */
- msg = tfm_spm_get_msg_from_handle(msg_handle);
- if (!msg) {
+ hdl = spm_get_handle_by_user_handle(msg_handle);
+ if (!hdl) {
tfm_core_panic();
}
- partition = msg->service->partition;
+ partition = hdl->service->partition;
privileged = GET_PARTITION_PRIVILEGED_MODE(partition->p_ldinf);
/*
* It is a fatal error if MM-IOVEC has not been enabled for the RoT
* Service that received the message.
*/
- if (!SERVICE_ENABLED_MM_IOVEC(msg->service->p_ldinf->flags)) {
+ if (!SERVICE_ENABLED_MM_IOVEC(hdl->service->p_ldinf->flags)) {
tfm_core_panic();
}
@@ -1049,7 +1028,7 @@
* It is a fatal error if message handle does not refer to a request
* message.
*/
- if (msg->msg.type < PSA_IPC_CALL) {
+ if (hdl->msg.type < PSA_IPC_CALL) {
tfm_core_panic();
}
@@ -1062,7 +1041,7 @@
}
/* It is a fatal error if the input vector has length zero. */
- if (msg->msg.in_size[invec_idx] == 0) {
+ if (hdl->msg.in_size[invec_idx] == 0) {
tfm_core_panic();
}
@@ -1070,7 +1049,7 @@
* It is a fatal error if the input vector has already been mapped using
* psa_map_invec().
*/
- if (IOVEC_IS_MAPPED(msg, (invec_idx + INVEC_IDX_BASE))) {
+ if (IOVEC_IS_MAPPED(hdl, (invec_idx + INVEC_IDX_BASE))) {
tfm_core_panic();
}
@@ -1078,7 +1057,7 @@
* It is a fatal error if the input vector has already been accessed
* using psa_read() or psa_skip().
*/
- if (IOVEC_IS_ACCESSED(msg, (invec_idx + INVEC_IDX_BASE))) {
+ if (IOVEC_IS_ACCESSED(hdl, (invec_idx + INVEC_IDX_BASE))) {
tfm_core_panic();
}
@@ -1086,24 +1065,24 @@
* It is a fatal error if the memory reference for the wrap input vector is
* invalid or not readable.
*/
- if (tfm_memory_check(msg->invec[invec_idx].base, msg->invec[invec_idx].len,
+ if (tfm_memory_check(hdl->invec[invec_idx].base, hdl->invec[invec_idx].len,
false, TFM_MEMORY_ACCESS_RO, privileged) != SPM_SUCCESS) {
tfm_core_panic();
}
- SET_IOVEC_MAPPED(msg, (invec_idx + INVEC_IDX_BASE));
+ SET_IOVEC_MAPPED(hdl, (invec_idx + INVEC_IDX_BASE));
- return msg->invec[invec_idx].base;
+ return hdl->invec[invec_idx].base;
}
void tfm_spm_partition_psa_unmap_invec(psa_handle_t msg_handle,
uint32_t invec_idx)
{
- struct tfm_msg_body_t *msg = NULL;
+ struct conn_handle_t *hdl;
/* It is a fatal error if message handle is invalid */
- msg = tfm_spm_get_msg_from_handle(msg_handle);
- if (!msg) {
+ hdl = spm_get_handle_by_user_handle(msg_handle);
+ if (!hdl) {
tfm_core_panic();
}
@@ -1111,7 +1090,7 @@
* It is a fatal error if MM-IOVEC has not been enabled for the RoT
* Service that received the message.
*/
- if (!SERVICE_ENABLED_MM_IOVEC(msg->service->p_ldinf->flags)) {
+ if (!SERVICE_ENABLED_MM_IOVEC(hdl->service->p_ldinf->flags)) {
tfm_core_panic();
}
@@ -1119,7 +1098,7 @@
* It is a fatal error if message handle does not refer to a request
* message.
*/
- if (msg->msg.type < PSA_IPC_CALL) {
+ if (hdl->msg.type < PSA_IPC_CALL) {
tfm_core_panic();
}
@@ -1135,7 +1114,7 @@
* It is a fatal error if The input vector has not been mapped by a call to
* psa_map_invec().
*/
- if (!IOVEC_IS_MAPPED(msg, (invec_idx + INVEC_IDX_BASE))) {
+ if (!IOVEC_IS_MAPPED(hdl, (invec_idx + INVEC_IDX_BASE))) {
tfm_core_panic();
}
@@ -1143,34 +1122,34 @@
* It is a fatal error if the input vector has already been unmapped by a
* call to psa_unmap_invec().
*/
- if (IOVEC_IS_UNMAPPED(msg, (invec_idx + INVEC_IDX_BASE))) {
+ if (IOVEC_IS_UNMAPPED(hdl, (invec_idx + INVEC_IDX_BASE))) {
tfm_core_panic();
}
- SET_IOVEC_UNMAPPED(msg, (invec_idx + INVEC_IDX_BASE));
+ SET_IOVEC_UNMAPPED(hdl, (invec_idx + INVEC_IDX_BASE));
}
void *tfm_spm_partition_psa_map_outvec(psa_handle_t msg_handle,
uint32_t outvec_idx)
{
- struct tfm_msg_body_t *msg = NULL;
+ struct conn_handle_t *hdl;
uint32_t privileged;
struct partition_t *partition = NULL;
/* It is a fatal error if message handle is invalid */
- msg = tfm_spm_get_msg_from_handle(msg_handle);
- if (!msg) {
+ hdl = spm_get_handle_by_user_handle(msg_handle);
+ if (!hdl) {
tfm_core_panic();
}
- partition = msg->service->partition;
+ partition = hdl->service->partition;
privileged = GET_PARTITION_PRIVILEGED_MODE(partition->p_ldinf);
/*
* It is a fatal error if MM-IOVEC has not been enabled for the RoT
* Service that received the message.
*/
- if (!SERVICE_ENABLED_MM_IOVEC(msg->service->p_ldinf->flags)) {
+ if (!SERVICE_ENABLED_MM_IOVEC(hdl->service->p_ldinf->flags)) {
tfm_core_panic();
}
@@ -1178,7 +1157,7 @@
* It is a fatal error if message handle does not refer to a request
* message.
*/
- if (msg->msg.type < PSA_IPC_CALL) {
+ if (hdl->msg.type < PSA_IPC_CALL) {
tfm_core_panic();
}
@@ -1191,7 +1170,7 @@
}
/* It is a fatal error if the output vector has length zero. */
- if (msg->msg.out_size[outvec_idx] == 0) {
+ if (hdl->msg.out_size[outvec_idx] == 0) {
tfm_core_panic();
}
@@ -1199,7 +1178,7 @@
* It is a fatal error if the output vector has already been mapped using
* psa_map_outvec().
*/
- if (IOVEC_IS_MAPPED(msg, (outvec_idx + OUTVEC_IDX_BASE))) {
+ if (IOVEC_IS_MAPPED(hdl, (outvec_idx + OUTVEC_IDX_BASE))) {
tfm_core_panic();
}
@@ -1207,31 +1186,31 @@
* It is a fatal error if the output vector has already been accessed
* using psa_write().
*/
- if (IOVEC_IS_ACCESSED(msg, (outvec_idx + OUTVEC_IDX_BASE))) {
+ if (IOVEC_IS_ACCESSED(hdl, (outvec_idx + OUTVEC_IDX_BASE))) {
tfm_core_panic();
}
/*
* It is a fatal error if the output vector is invalid or not read-write.
*/
- if (tfm_memory_check(msg->outvec[outvec_idx].base,
- msg->outvec[outvec_idx].len, false,
+ if (tfm_memory_check(hdl->outvec[outvec_idx].base,
+ hdl->outvec[outvec_idx].len, false,
TFM_MEMORY_ACCESS_RW, privileged) != SPM_SUCCESS) {
tfm_core_panic();
}
- SET_IOVEC_MAPPED(msg, (outvec_idx + OUTVEC_IDX_BASE));
+ SET_IOVEC_MAPPED(hdl, (outvec_idx + OUTVEC_IDX_BASE));
- return msg->outvec[outvec_idx].base;
+ return hdl->outvec[outvec_idx].base;
}
void tfm_spm_partition_psa_unmap_outvec(psa_handle_t msg_handle,
uint32_t outvec_idx, size_t len)
{
- struct tfm_msg_body_t *msg = NULL;
+ struct conn_handle_t *hdl;
/* It is a fatal error if message handle is invalid */
- msg = tfm_spm_get_msg_from_handle(msg_handle);
- if (!msg) {
+ hdl = spm_get_handle_by_user_handle(msg_handle);
+ if (!hdl) {
tfm_core_panic();
}
@@ -1239,7 +1218,7 @@
* It is a fatal error if MM-IOVEC has not been enabled for the RoT
* Service that received the message.
*/
- if (!SERVICE_ENABLED_MM_IOVEC(msg->service->p_ldinf->flags)) {
+ if (!SERVICE_ENABLED_MM_IOVEC(hdl->service->p_ldinf->flags)) {
tfm_core_panic();
}
@@ -1247,7 +1226,7 @@
* It is a fatal error if message handle does not refer to a request
* message.
*/
- if (msg->msg.type < PSA_IPC_CALL) {
+ if (hdl->msg.type < PSA_IPC_CALL) {
tfm_core_panic();
}
@@ -1262,7 +1241,7 @@
/*
* It is a fatal error if len is greater than the output vector size.
*/
- if (len > msg->msg.out_size[outvec_idx]) {
+ if (len > hdl->msg.out_size[outvec_idx]) {
tfm_core_panic();
}
@@ -1270,7 +1249,7 @@
* It is a fatal error if The output vector has not been mapped by a call to
* psa_map_outvec().
*/
- if (!IOVEC_IS_MAPPED(msg, (outvec_idx + OUTVEC_IDX_BASE))) {
+ if (!IOVEC_IS_MAPPED(hdl, (outvec_idx + OUTVEC_IDX_BASE))) {
tfm_core_panic();
}
@@ -1278,14 +1257,14 @@
* It is a fatal error if the output vector has already been unmapped by a
* call to psa_unmap_outvec().
*/
- if (IOVEC_IS_UNMAPPED(msg, (outvec_idx + OUTVEC_IDX_BASE))) {
+ if (IOVEC_IS_UNMAPPED(hdl, (outvec_idx + OUTVEC_IDX_BASE))) {
tfm_core_panic();
}
- SET_IOVEC_UNMAPPED(msg, (outvec_idx + OUTVEC_IDX_BASE));
+ SET_IOVEC_UNMAPPED(hdl, (outvec_idx + OUTVEC_IDX_BASE));
/* Update the write number */
- msg->outvec[outvec_idx].len = len;
+ hdl->outvec[outvec_idx].len = len;
}
#endif /* PSA_FRAMEWORK_HAS_MM_IOVEC */
diff --git a/secure_fw/spm/include/ffm/backend.h b/secure_fw/spm/include/ffm/backend.h
index 5efeac0..ecd52cb 100644
--- a/secure_fw/spm/include/ffm/backend.h
+++ b/secure_fw/spm/include/ffm/backend.h
@@ -33,13 +33,13 @@
/* Runtime model-specific message handling mechanism. */
psa_status_t (*messaging)(struct service_t *p_serv,
- struct tfm_msg_body_t *p_msg);
+ struct conn_handle_t *hdl);
/*
* Runtime model-specific message replying.
* Return the connection handle or the acked status code.
*/
- int32_t (*replying)(struct tfm_msg_body_t *p_msg, int32_t status);
+ int32_t (*replying)(struct conn_handle_t *hdl, int32_t status);
};
/* RUNTIME MODEL BACKENDS DECLARATION */