Build: Enable linking with PSA API compliance tests in the NS app
This change modifies the build system to support linking
the PSA API compliance test static libraries. It introduces
a new build configuration ConfigPsaApiTest.cmake for this purpose.
The build instructions are updated to show an example of how
to use this new build configuration.
Change-Id: Iabf4876504e690826fe80b467a91fa53bffb0b47
Signed-off-by: Jamie Fox <jamie.fox@arm.com>
Co-Authored-by: Antonio de Angelis <antonio.deangelis@arm.com>
diff --git a/CommonConfig.cmake b/CommonConfig.cmake
index 964a51c..870e896 100644
--- a/CommonConfig.cmake
+++ b/CommonConfig.cmake
@@ -1,5 +1,5 @@
#-------------------------------------------------------------------------------
-# Copyright (c) 2018, Arm Limited. All rights reserved.
+# Copyright (c) 2018-2019, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -126,7 +126,7 @@
if (CORE_TEST)
set(CORE_TEST_POSITIVE ON)
set(CORE_TEST_INTERACTIVE OFF)
- set (TFM_PARTITION_TEST_SECURE_SERVICES ON)
+ set(TFM_PARTITION_TEST_SECURE_SERVICES ON)
add_definitions(-DTFM_PARTITION_TEST_SECURE_SERVICES)
endif()
@@ -171,6 +171,20 @@
add_definitions(-DTFM_PARTITION_TEST_SST)
endif()
+if (PSA_API_TEST)
+ add_definitions(-DPSA_API_TEST_NS)
+ set(PSA_API_TEST_NS ON)
+ if (NOT DEFINED PSA_API_TEST_CRYPTO)
+ set(PSA_API_TEST_CRYPTO OFF)
+ endif()
+ if (NOT DEFINED PSA_API_TEST_SECURE_STORAGE)
+ set(PSA_API_TEST_SECURE_STORAGE OFF)
+ endif()
+ if (NOT DEFINED PSA_API_TEST_ATTESTATION)
+ set(PSA_API_TEST_ATTESTATION OFF)
+ endif()
+endif()
+
# This flag indicates if the non-secure OS is capable of identify the non-secure clients
# which call the secure services
if (NOT DEFINED TFM_NS_CLIENT_IDENTIFICATION)
diff --git a/ConfigCoreTest.cmake b/ConfigCoreTest.cmake
index 7bdb4eb..72f7b49 100644
--- a/ConfigCoreTest.cmake
+++ b/ConfigCoreTest.cmake
@@ -1,5 +1,5 @@
#-------------------------------------------------------------------------------
-# Copyright (c) 2017-2018, Arm Limited. All rights reserved.
+# Copyright (c) 2017-2019, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -24,6 +24,7 @@
#definitions) based on these.
set (REGRESSION False)
set (CORE_TEST True)
+set (PSA_API_TEST False)
# TF-M isolation level: 1..3
set (TFM_LVL 3)
diff --git a/ConfigDefault.cmake b/ConfigDefault.cmake
index f72faf5..371df19 100755
--- a/ConfigDefault.cmake
+++ b/ConfigDefault.cmake
@@ -1,5 +1,5 @@
#-------------------------------------------------------------------------------
-# Copyright (c) 2017-2018, Arm Limited. All rights reserved.
+# Copyright (c) 2017-2019, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -28,6 +28,7 @@
#definitions) based on these.
set (REGRESSION False)
set (CORE_TEST False)
+set (PSA_API_TEST False)
# TF-M isolation level: 1..3
set (TFM_LVL 1)
diff --git a/ConfigPsaApiTest.cmake b/ConfigPsaApiTest.cmake
new file mode 100644
index 0000000..0c7bf46
--- /dev/null
+++ b/ConfigPsaApiTest.cmake
@@ -0,0 +1,56 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2019, Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#-------------------------------------------------------------------------------
+
+#This file holds information of a specific build configuration of this project.
+
+#Include board specific config (CPU, etc...), select platform specific build
+#system settings file
+if(NOT DEFINED TARGET_PLATFORM)
+ message(FATAL_ERROR "ERROR: TARGET_PLATFORM is not set in command line")
+elseif(${TARGET_PLATFORM} STREQUAL "AN521")
+ set(PLATFORM_CMAKE_FILE "${CMAKE_CURRENT_LIST_DIR}/platform/ext/Mps2AN521.cmake")
+elseif(${TARGET_PLATFORM} STREQUAL "AN519")
+ set (PLATFORM_CMAKE_FILE "${CMAKE_CURRENT_LIST_DIR}/platform/ext/Mps2AN519.cmake")
+elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_A")
+ set(PLATFORM_CMAKE_FILE "${CMAKE_CURRENT_LIST_DIR}/platform/ext/musca_a.cmake")
+elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_B1")
+ set(PLATFORM_CMAKE_FILE "${CMAKE_CURRENT_LIST_DIR}/platform/ext/musca_b1.cmake")
+else()
+ message(FATAL_ERROR "ERROR: Target \"${TARGET_PLATFORM}\" is not supported.")
+endif()
+
+#These variables select how the projects are built. Each project will set
+#various project specific settings (e.g. what files to build, macro
+#definitions) based on these.
+set (REGRESSION False)
+set (CORE_TEST False)
+set (PSA_API_TEST True)
+
+#TF-M isolation level: 1..3
+set (TFM_LVL 1)
+
+#BL2 bootloader(MCUBoot) related settings
+if(NOT DEFINED BL2)
+ set(BL2 True)
+endif()
+
+if(NOT DEFINED MCUBOOT_NO_SWAP)
+ set(MCUBOOT_NO_SWAP False)
+endif()
+
+if(NOT DEFINED MCUBOOT_RAM_LOADING)
+ set(MCUBOOT_RAM_LOADING False)
+endif()
+
+#Service specific configuration for the PSA API Compliance test requirements
+if(PSA_API_TEST_CRYPTO)
+ set(CRYPTO_ENGINE_BUF_SIZE 3072)
+ set(CRYPTO_KEY_STORAGE_NUM 32)
+ set(CRYPTO_KEY_MAX_KEY_LENGTH 64)
+endif()
+
+include ("${CMAKE_CURRENT_LIST_DIR}/CommonConfig.cmake")
diff --git a/ConfigRegression.cmake b/ConfigRegression.cmake
index 14b428d..ad1d583 100755
--- a/ConfigRegression.cmake
+++ b/ConfigRegression.cmake
@@ -1,5 +1,5 @@
#-------------------------------------------------------------------------------
-# Copyright (c) 2017-2018, Arm Limited. All rights reserved.
+# Copyright (c) 2017-2019, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -28,6 +28,7 @@
#definitions) based on these.
set (REGRESSION True)
set (CORE_TEST False)
+set (PSA_API_TEST False)
# TF-M isolation level: 1..3
set (TFM_LVL 1)
diff --git a/ConfigRegressionTfmLevel3.cmake b/ConfigRegressionTfmLevel3.cmake
index 544567e..334a4d5 100644
--- a/ConfigRegressionTfmLevel3.cmake
+++ b/ConfigRegressionTfmLevel3.cmake
@@ -1,5 +1,5 @@
#-------------------------------------------------------------------------------
-# Copyright (c) 2017-2018, Arm Limited. All rights reserved.
+# Copyright (c) 2017-2019, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -28,6 +28,7 @@
#definitions) based on these.
set (REGRESSION True)
set (CORE_TEST False)
+set (PSA_API_TEST False)
# TF-M isolation level: 1..3
set (TFM_LVL 3)
diff --git a/app/CMakeLists.txt b/app/CMakeLists.txt
index 59d1713..ed968a5 100755
--- a/app/CMakeLists.txt
+++ b/app/CMakeLists.txt
@@ -1,5 +1,5 @@
#-------------------------------------------------------------------------------
-# Copyright (c) 2017-2018, Arm Limited. All rights reserved.
+# Copyright (c) 2017-2019, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -60,6 +60,10 @@
)
endif()
+if (PSA_API_TEST_NS)
+ list(APPEND NS_APP_SRC "${APP_DIR}/psa_api_test.c")
+endif()
+
set(BUILD_CMSIS_CORE On)
set(BUILD_RETARGET On)
set(BUILD_NATIVE_DRIVERS On)
@@ -174,6 +178,25 @@
endif()
target_link_libraries(${EXE_NAME} "${RTX_LIB_PATH}")
+ #Add the PSA API compliance test libraries
+ if(NOT DEFINED PSA_API_TEST_BUILD_PATH)
+ #If not specified, assume it's the default build folder checked out at the same level of TFM root dir
+ set(PSA_API_TEST_BUILD_PATH "${TFM_ROOT_DIR}/../psa-arch-tests/api-tests/BUILD")
+ endif()
+ if(PSA_API_TEST_NS)
+ target_link_libraries(${EXE_NAME} "${PSA_API_TEST_BUILD_PATH}/val/val_nspe.a")
+ target_link_libraries(${EXE_NAME} "${PSA_API_TEST_BUILD_PATH}/platform/pal_nspe.a")
+ endif()
+ if(PSA_API_TEST_NS AND PSA_API_TEST_SECURE_STORAGE)
+ target_link_libraries(${EXE_NAME} "${PSA_API_TEST_BUILD_PATH}/dev_apis/protected_storage/test_combine.a")
+ endif()
+ if(PSA_API_TEST_NS AND PSA_API_TEST_CRYPTO)
+ target_link_libraries(${EXE_NAME} "${PSA_API_TEST_BUILD_PATH}/dev_apis/crypto/test_combine.a")
+ endif()
+ if(PSA_API_TEST_NS AND PSA_API_TEST_ATTESTATION)
+ target_link_libraries(${EXE_NAME} "${PSA_API_TEST_BUILD_PATH}/dev_apis/initial_attestation/test_combine.a")
+ endif()
+
if(NOT DEFINED PLATFORM_LINK_INCLUDES)
message(FATAL_ERROR "ERROR: Incomplete Configuration: PLATFORM_LINK_INCLUDES is not defined.")
endif()
diff --git a/app/main_ns.c b/app/main_ns.c
index 1e23f16..b6f1786 100644
--- a/app/main_ns.c
+++ b/app/main_ns.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2017-2019, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -18,7 +18,9 @@
#ifdef TEST_FRAMEWORK_NS
#include "test/framework/test_framework_integ_test.h"
#endif
-
+#ifdef PSA_API_TEST_NS
+#include "psa_api_test.h"
+#endif
#include "target_cfg.h"
#include "Driver_USART.h"
@@ -83,6 +85,11 @@
.name = "test_app",
.stack_size = 1024U
};
+#elif PSA_API_TEST_NS
+static const osThreadAttr_t psa_api_test_attr = {
+ .name = "psa_api_test",
+ .stack_size = 3072U
+};
#endif
/**
@@ -110,6 +117,8 @@
#ifdef TEST_FRAMEWORK_NS
thread_id = osThreadNew(test_app, NULL, &tserv_test);
+#elif PSA_API_TEST_NS
+ thread_id = osThreadNew(psa_api_test, NULL, &psa_api_test_attr);
#else
UNUSED_VARIABLE(thread_id);
#endif
diff --git a/app/psa_api_test.c b/app/psa_api_test.c
new file mode 100644
index 0000000..3a6cc53
--- /dev/null
+++ b/app/psa_api_test.c
@@ -0,0 +1,31 @@
+/*
+ * Copyright (c) 2019, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#include "psa_api_test.h"
+#include "tfm_nspm_api.h"
+#include "tfm_integ_test.h"
+
+/**
+ * \brief This symbol is the entry point provided by the PSA API compliance
+ * test libraries
+ */
+extern void val_entry(void);
+
+__attribute__((noreturn))
+void psa_api_test(void *arg)
+{
+ UNUSED_VARIABLE(arg);
+
+#ifdef TFM_NS_CLIENT_IDENTIFICATION
+ tfm_nspm_register_client_id();
+#endif /* TFM_NS_CLIENT_IDENTIFICATION */
+
+ val_entry();
+
+ for (;;) {
+ }
+}
diff --git a/app/psa_api_test.h b/app/psa_api_test.h
new file mode 100644
index 0000000..5423b15
--- /dev/null
+++ b/app/psa_api_test.h
@@ -0,0 +1,25 @@
+/*
+ * Copyright (c) 2019, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef __PSA_API_TEST_H__
+#define __PSA_API_TEST_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief Main test application for the PSA API compliance tests
+ *
+ */
+void psa_api_test(void *arg);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __PSA_API_TEST_H__ */
diff --git a/docs/user_guides/tfm_build_instruction.md b/docs/user_guides/tfm_build_instruction.md
index 2ed3ad8..c84633a 100755
--- a/docs/user_guides/tfm_build_instruction.md
+++ b/docs/user_guides/tfm_build_instruction.md
@@ -119,7 +119,25 @@
integrate a new NS app with TF-M are available in the
[integration guide](tfm_integration_guide.md).
+## Build for PSA API compliance tests
+
+The build system provides the support for linking with prebuilt PSA API
+compliance NS test libraries when using the `ConfigPsaApiTest.cmake` config
+file. The build system assumes that the PSA API compliance test suite is
+checked out at the same level of the TF-M root folder and the default name for
+the build folder has been used when compiling the PSA API compliance tests. Each
+set of tests for the Secure Storage, Crypto and Attestation services needs to be
+enabled at the build configuration step by defining
+`-DPSA_API_TEST_SECURE_STORAGE`, `-DPSA_API_TEST_CRYPTO`,
+`-DPSA_API_TEST_ATTESTATION`, respectively for the corresponding service. For
+example, to enable the PSA API tests for the Crypto service only:
+
+```
+...
+cmake -G"Unix Makefiles" -DPROJ_CONFIG=`readlink -f ../ConfigPsaApiTest.cmake` -DPSA_API_TEST_CRYPTO -DTARGET_PLATFORM=AN521 -DCOMPILER=ARMCLANG ../
+cmake --build ./ -- install
+```
--------------
-*Copyright (c) 2017 - 2018, Arm Limited. All rights reserved.*
+*Copyright (c) 2017-2019, Arm Limited. All rights reserved.*
diff --git a/interface/src/tfm_nspm_api.c b/interface/src/tfm_nspm_api.c
index dc5e645..a835f2d 100644
--- a/interface/src/tfm_nspm_api.c
+++ b/interface/src/tfm_nspm_api.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -28,6 +28,9 @@
{"seq_task", -5},
{"mid_task", -6},
{"pri_task", -7},
+#ifdef PSA_API_TEST_NS
+ {"psa_api_test", -8}
+#endif
};
/**