Test: NS client identification in SST tests
This patch adds the capability of enable or disable the SST non-secure
tests which require multiple NS client identification. A flag is added
to indicate if the NS client identication is supported by the
non-secure OS.
Change-Id: I3c95dee072039c04c0e90c99c0f68f4e6d07e869
Signed-off-by: Marc Moreno <marc.morenoberengue@arm.com>
diff --git a/CommonConfig.cmake b/CommonConfig.cmake
index 3ed12bd..175c628 100644
--- a/CommonConfig.cmake
+++ b/CommonConfig.cmake
@@ -166,6 +166,12 @@
add_definitions(-DTFM_PARTITION_TEST_SST)
endif()
+# This flag indicates if the non-secure OS is capable of identify the non-secure clients
+# which call the secure services
+if (NOT DEFINED TFM_NS_CLIENT_IDENTIFICATION)
+ set (TFM_NS_CLIENT_IDENTIFICATION ON)
+endif()
+
if (BL2)
add_definitions(-DBL2)
if (MCUBOOT_NO_SWAP)
diff --git a/test/framework/non_secure_suites.c b/test/framework/non_secure_suites.c
index ae87e94..68e2d20 100644
--- a/test/framework/non_secure_suites.c
+++ b/test/framework/non_secure_suites.c
@@ -33,12 +33,16 @@
/* List test cases which compliant with level 1 isolation */
/* Non-secure SST test cases */
{®ister_testsuite_ns_sst_interface, 0, 0, 0},
+
+#ifdef TFM_NS_CLIENT_IDENTIFICATION
{®ister_testsuite_ns_sst_policy, 0, 0, 0},
#ifdef TFM_PARTITION_TEST_SST
/* Non-secure SST referenced access testsuite */
{®ister_testsuite_ns_sst_ref_access, 0, 0, 0},
-#endif
+#endif /* TFM_PARTITION_TEST_SST */
+
+#endif /* TFM_NS_CLIENT_IDENTIFICATION */
/* Non-secure Audit Logging test cases */
{®ister_testsuite_ns_audit_interface, 0, 0, 0},
diff --git a/test/suites/sst/CMakeLists.inc b/test/suites/sst/CMakeLists.inc
index bc535e1..c293132 100644
--- a/test/suites/sst/CMakeLists.inc
+++ b/test/suites/sst/CMakeLists.inc
@@ -36,14 +36,21 @@
"${SECURE_STORAGE_TEST_DIR}/secure/nv_counters/test_sst_nv_counters.c")
endif()
- list(APPEND ALL_SRC_C_NS "${SECURE_STORAGE_TEST_DIR}/non_secure/ns_test_helpers.c"
+ list(APPEND ALL_SRC_C_NS
+ "${SECURE_STORAGE_TEST_DIR}/non_secure/ns_test_helpers.c"
"${SECURE_STORAGE_TEST_DIR}/non_secure/sst_ns_interface_testsuite.c"
- "${SECURE_STORAGE_TEST_DIR}/non_secure/sst_policy_testsuite.c"
- )
+ )
+
+ if (NOT DEFINED TFM_NS_CLIENT_IDENTIFICATION)
+ message(FATAL_ERROR "Incomplete build configuration: TFM_NS_CLIENT_IDENTIFICATION is undefined.")
+ elseif (TFM_NS_CLIENT_IDENTIFICATION)
+ list(APPEND ALL_SRC_C_NS "${SECURE_STORAGE_TEST_DIR}/non_secure/sst_policy_testsuite.c")
+ set_property(SOURCE ${ALL_SRC_C_NS} APPEND PROPERTY COMPILE_DEFINITIONS TFM_NS_CLIENT_IDENTIFICATION)
+ endif()
if (NOT DEFINED TFM_PARTITION_TEST_SST)
message(FATAL_ERROR "Incomplete build configuration: TFM_PARTITION_TEST_SST is undefined.")
- elseif (TFM_PARTITION_TEST_SST)
+ elseif (TFM_PARTITION_TEST_SST AND TFM_NS_CLIENT_IDENTIFICATION)
list(APPEND ALL_SRC_C_NS "${SECURE_STORAGE_TEST_DIR}/non_secure/sst_ns_ref_access_testsuite.c")
endif()
diff --git a/test/suites/sst/non_secure/sst_ns_interface_testsuite.c b/test/suites/sst/non_secure/sst_ns_interface_testsuite.c
index 6240fcc..efa7a74 100644
--- a/test/suites/sst/non_secure/sst_ns_interface_testsuite.c
+++ b/test/suites/sst/non_secure/sst_ns_interface_testsuite.c
@@ -49,45 +49,67 @@
/* List of tests */
static void tfm_sst_test_1001(struct test_result_t *ret);
static void tfm_sst_test_1002(struct test_result_t *ret);
+
+#ifdef TFM_NS_CLIENT_IDENTIFICATION
static void tfm_sst_test_1003(struct test_result_t *ret);
static void tfm_sst_test_1004(struct test_result_t *ret);
+#endif /* TFM_NS_CLIENT_IDENTIFICATION */
+
static void tfm_sst_test_1005(struct test_result_t *ret);
static void tfm_sst_test_1006(struct test_result_t *ret);
static void tfm_sst_test_1007(struct test_result_t *ret);
static void tfm_sst_test_1008(struct test_result_t *ret);
static void tfm_sst_test_1009(struct test_result_t *ret);
static void tfm_sst_test_1010(struct test_result_t *ret);
+
+#ifdef TFM_NS_CLIENT_IDENTIFICATION
static void tfm_sst_test_1011(struct test_result_t *ret);
+#endif /* TFM_NS_CLIENT_IDENTIFICATION */
+
static void tfm_sst_test_1012(struct test_result_t *ret);
static void tfm_sst_test_1013(struct test_result_t *ret);
static void tfm_sst_test_1014(struct test_result_t *ret);
+
+#ifdef TFM_NS_CLIENT_IDENTIFICATION
static void tfm_sst_test_1015(struct test_result_t *ret);
static void tfm_sst_test_1016(struct test_result_t *ret);
+#endif /* TFM_NS_CLIENT_IDENTIFICATION */
+
static void tfm_sst_test_1017(struct test_result_t *ret);
static void tfm_sst_test_1018(struct test_result_t *ret);
+
#ifdef SST_ENABLE_PARTIAL_ASSET_RW
static void tfm_sst_test_1019(struct test_result_t *ret);
static void tfm_sst_test_1020(struct test_result_t *ret);
+
+#ifdef TFM_NS_CLIENT_IDENTIFICATION
static void tfm_sst_test_1021(struct test_result_t *ret);
-#endif
+#endif /* TFM_NS_CLIENT_IDENTIFICATION */
+
+#endif /* SST_ENABLE_PARTIAL_ASSET_RW */
+
static void tfm_sst_test_1022(struct test_result_t *ret);
static void tfm_sst_test_1023(struct test_result_t *ret);
static void tfm_sst_test_1024(struct test_result_t *ret);
static void tfm_sst_test_1025(struct test_result_t *ret);
+
#ifdef SST_ENABLE_PARTIAL_ASSET_RW
static void tfm_sst_test_1026(struct test_result_t *ret);
-#endif
+#endif /* SST_ENABLE_PARTIAL_ASSET_RW */
+
static void tfm_sst_test_1027(struct test_result_t *ret);
static struct test_t asset_veeners_tests[] = {
{&tfm_sst_test_1001, "TFM_SST_TEST_1001",
"Create interface", {0} },
{&tfm_sst_test_1002, "TFM_SST_TEST_1002",
- "Create with invalid thread name", {0} },
- {&tfm_sst_test_1003, "TFM_SST_TEST_1003",
"Get attributes interface", {0} },
+#ifdef TFM_NS_CLIENT_IDENTIFICATION
+ {&tfm_sst_test_1003, "TFM_SST_TEST_1003",
+ "Create with invalid thread name", {0} },
{&tfm_sst_test_1004, "TFM_SST_TEST_1004",
"Get attributes with invalid thread name", {0} },
+#endif /* TFM_NS_CLIENT_IDENTIFICATION */
{&tfm_sst_test_1005, "TFM_SST_TEST_1005",
"Get attributes with null attributes struct pointer", {0} },
{&tfm_sst_test_1006, "TFM_SST_TEST_1006",
@@ -100,30 +122,42 @@
"Write beyond end of asset", {0} },
{&tfm_sst_test_1010, "TFM_SST_TEST_1010",
"Read interface", {0} },
+#ifdef TFM_NS_CLIENT_IDENTIFICATION
{&tfm_sst_test_1011, "TFM_SST_TEST_1011",
"Read with invalid thread name", {0} },
+#endif /* TFM_NS_CLIENT_IDENTIFICATION */
{&tfm_sst_test_1012, "TFM_SST_TEST_1012",
"Read with null buffer pointers", {0} },
{&tfm_sst_test_1013, "TFM_SST_TEST_1013",
"Read beyond current size of asset", {0} },
{&tfm_sst_test_1014, "TFM_SST_TEST_1014",
"Delete interface", {0} },
+
+#ifdef TFM_NS_CLIENT_IDENTIFICATION
{&tfm_sst_test_1015, "TFM_SST_TEST_1015",
"Delete with invalid thread name", {0} },
{&tfm_sst_test_1016, "TFM_SST_TEST_1016",
"Delete with block compaction", {0} },
+#endif /* TFM_NS_CLIENT_IDENTIFICATION */
+
{&tfm_sst_test_1017, "TFM_SST_TEST_1017",
"Write and partial reads", {0} },
{&tfm_sst_test_1018, "TFM_SST_TEST_1018",
"Write more data than asset max size", {0} },
+
#ifdef SST_ENABLE_PARTIAL_ASSET_RW
{&tfm_sst_test_1019, "TFM_SST_TEST_1019",
"Append data to an asset", {0} },
{&tfm_sst_test_1020, "TFM_SST_TEST_1020",
"Append data to an asset until EOF", {0} },
+
+#ifdef TFM_NS_CLIENT_IDENTIFICATION
{&tfm_sst_test_1021, "TFM_SST_TEST_1021",
"Write data to two assets alternately", {0} },
-#endif
+#endif /* TFM_NS_CLIENT_IDENTIFICATION */
+
+#endif /* SST_ENABLE_PARTIAL_ASSET_RW */
+
{&tfm_sst_test_1022, "TFM_SST_TEST_1022",
"Access an illegal location: ROM", {0} },
{&tfm_sst_test_1023, "TFM_SST_TEST_1023",
@@ -132,10 +166,12 @@
"Access an illegal location: non-existant memory", {0} },
{&tfm_sst_test_1025, "TFM_SST_TEST_1025",
"Access an illegal location: secure memory", {0} },
+
#ifdef SST_ENABLE_PARTIAL_ASSET_RW
{&tfm_sst_test_1026, "TFM_SST_TEST_1026",
"Write data to the middle of an existing asset", {0} },
-#endif
+#endif /* SST_ENABLE_PARTIAL_ASSET_RW */
+
{&tfm_sst_test_1027, "TFM_SST_TEST_1027",
"Basic test to verify set and get attributes functionality", {0} },
};
@@ -227,29 +263,11 @@
}
/**
- * \brief Tests create function with an invalid thread name.
- */
-TFM_SST_NS_TEST(1002, INVALID_THREAD_NAME)
-{
- const uint32_t asset_uuid = SST_ASSET_ID_AES_KEY_192;
- enum psa_sst_err_t err;
-
- /* Calls create function with an invalid thread name */
- err = psa_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
- if (err != PSA_SST_ERR_ASSET_NOT_FOUND) {
- TEST_FAIL("Create should not succeed with an invalid thread name");
- return;
- }
-
- ret->val = TEST_PASSED;
-}
-
-/**
* \brief Tests get attributes function against:
* - Valid client ID and attributes struct pointer
* - Invalid client ID
*/
-TFM_SST_NS_TEST(1003, "Thread_A")
+TFM_SST_NS_TEST(1002, "Thread_A")
{
const uint32_t asset_uuid = SST_ASSET_ID_AES_KEY_192;
struct psa_sst_asset_info_t asset_info;
@@ -302,6 +320,25 @@
ret->val = TEST_PASSED;
}
+#ifdef TFM_NS_CLIENT_IDENTIFICATION
+/**
+ * \brief Tests create function with an invalid thread name.
+ */
+TFM_SST_NS_TEST(1003, INVALID_THREAD_NAME)
+{
+ const uint32_t asset_uuid = SST_ASSET_ID_AES_KEY_192;
+ enum psa_sst_err_t err;
+
+ /* Calls create function with an invalid thread name */
+ err = psa_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
+ if (err != PSA_SST_ERR_ASSET_NOT_FOUND) {
+ TEST_FAIL("Create should not succeed with an invalid thread name");
+ return;
+ }
+
+ ret->val = TEST_PASSED;
+}
+
/**
* \brief Creates asset with an authorised client ID.
*/
@@ -375,6 +412,7 @@
/* Deletes asset to clean up the SST area for the next test */
tfm_sst_run_test("Thread_A", ret, tfm_sst_test_1004_task_3);
}
+#endif /* TFM_NS_CLIENT_IDENTIFICATION */
/**
* \brief Tests get attributes function with a null attributes struct pointer.
@@ -722,6 +760,7 @@
ret->val = TEST_PASSED;
}
+#ifdef TFM_NS_CLIENT_IDENTIFICATION
/**
* \brief Creates asset with an authorised client ID.
*/
@@ -801,6 +840,7 @@
/* Deletes asset to clean up the SST area for the next test */
tfm_sst_run_test("Thread_A", ret, tfm_sst_test_1011_task_3);
}
+#endif /* TFM_NS_CLIENT_IDENTIFICATION */
/**
* \brief Tests read function with:
@@ -956,6 +996,7 @@
ret->val = TEST_PASSED;
}
+#ifdef TFM_NS_CLIENT_IDENTIFICATION
/**
* \brief Creates asset with an authorised client ID.
*/
@@ -1155,6 +1196,8 @@
tfm_sst_run_test("Thread_B", ret, tfm_sst_test_1016_task_4);
}
+#endif /* TFM_NS_CLIENT_IDENTIFICATION */
+
/**
* \brief Tests write and partial reads.
*/
@@ -1447,6 +1490,7 @@
ret->val = TEST_PASSED;
}
+#ifdef TFM_NS_CLIENT_IDENTIFICATION
/**
* \brief Tests writing data to two assets alternately before read-back.
*/
@@ -1695,6 +1739,7 @@
tfm_sst_run_test("Thread_A", ret, tfm_sst_test_1021_task_9);
}
+#endif /* TFM_NS_CLIENT_IDENTIFICATION */
#endif /* SST_ENABLE_PARTIAL_ASSET_RW */
/**