SST: Rename SST(Secure STorage) to PS(Protected Storage)
This patches renames SST(Secure STorage) to
PS(Protected Storage) for files, folders and any contents
in files to align with the PSA Storage API spec.
Change-Id: Icf991f59512875780c159f22737b521b3b2d4924
Signed-off-by: Kevin Peng <kevin.peng@arm.com>
diff --git a/CommonConfig.cmake b/CommonConfig.cmake
index dd313cc..d5b589e 100644
--- a/CommonConfig.cmake
+++ b/CommonConfig.cmake
@@ -165,7 +165,7 @@
set (CORE_TEST_INTERACTIVE OFF)
set (REFERENCE_PLATFORM OFF)
set (TFM_PARTITION_TEST_SECURE_SERVICES OFF)
-set (TFM_PARTITION_TEST_SST OFF)
+set (TFM_PARTITION_TEST_PS OFF)
set (SERVICES_TEST_ENABLED OFF)
set (TEST_FRAMEWORK_S OFF)
set (TEST_FRAMEWORK_NS OFF)
@@ -179,9 +179,9 @@
# Enable the TF-M Platform partition
set(TFM_PARTITION_PLATFORM ON)
endif()
-if (NOT DEFINED TFM_PARTITION_SECURE_STORAGE)
- # Enable the TF-M secure storage partition
- set(TFM_PARTITION_SECURE_STORAGE ON)
+if (NOT DEFINED TFM_PARTITION_PROTECTED_STORAGE)
+ # Enable the TF-M Protected storage partition
+ set(TFM_PARTITION_PROTECTED_STORAGE ON)
endif()
if (NOT DEFINED TFM_PARTITION_INTERNAL_TRUSTED_STORAGE)
# Enable the TF-M internal trusted storage partition
@@ -200,12 +200,12 @@
set (CONFIG_TFM_ENABLE_MEMORY_PROTECT ON)
endif()
-if (TFM_PARTITION_INITIAL_ATTESTATION OR TFM_PARTITION_SECURE_STORAGE)
+if (TFM_PARTITION_INITIAL_ATTESTATION OR TFM_PARTITION_PROTECTED_STORAGE)
#PSA Initial Attestation and Protected storage rely on Cryptography API
set(TFM_PARTITION_CRYPTO ON)
endif()
-if (TFM_PARTITION_SECURE_STORAGE)
+if (TFM_PARTITION_PROTECTED_STORAGE)
set(TFM_PARTITION_INTERNAL_TRUSTED_STORAGE ON)
endif()
@@ -327,8 +327,8 @@
add_definitions(-DTFM_PARTITION_PLATFORM)
endif()
-if (TFM_PARTITION_SECURE_STORAGE)
- add_definitions(-DTFM_PARTITION_SECURE_STORAGE)
+if (TFM_PARTITION_PROTECTED_STORAGE)
+ add_definitions(-DTFM_PARTITION_PROTECTED_STORAGE)
endif()
if (TFM_PARTITION_INTERNAL_TRUSTED_STORAGE)
@@ -428,46 +428,46 @@
##Set Mbed Crypto compiler flags and variables for crypto service
set(MBEDCRYPTO_C_FLAGS_SERVICES "${CMSE_FLAGS} -D__thumb2__ ${COMMON_COMPILE_FLAGS_STR} -I${CMAKE_CURRENT_LIST_DIR}/platform/ext/common")
-#Default TF-M secure storage flags.
+#Default TF-M protected storage flags.
#These flags values can be overwritten by setting them in platform/ext/<TARGET_NAME>.cmake
-#Documentation about these flags can be found in docs/user_guides/services/tfm_sst_integration_guide.rst
-if (NOT DEFINED SST_ENCRYPTION)
- set (SST_ENCRYPTION ON)
+#Documentation about these flags can be found in docs/user_guides/services/tfm_ps_integration_guide.rst
+if (NOT DEFINED PS_ENCRYPTION)
+ set (PS_ENCRYPTION ON)
endif()
-if (NOT DEFINED SST_ROLLBACK_PROTECTION)
- set (SST_ROLLBACK_PROTECTION OFF)
+if (NOT DEFINED PS_ROLLBACK_PROTECTION)
+ set (PS_ROLLBACK_PROTECTION OFF)
endif()
-if (NOT DEFINED SST_CREATE_FLASH_LAYOUT)
- set (SST_CREATE_FLASH_LAYOUT OFF)
+if (NOT DEFINED PS_CREATE_FLASH_LAYOUT)
+ set (PS_CREATE_FLASH_LAYOUT OFF)
endif()
-if (NOT DEFINED SST_VALIDATE_METADATA_FROM_FLASH)
- set (SST_VALIDATE_METADATA_FROM_FLASH ON)
+if (NOT DEFINED PS_VALIDATE_METADATA_FROM_FLASH)
+ set (PS_VALIDATE_METADATA_FROM_FLASH ON)
endif()
-if (NOT DEFINED SST_RAM_FS)
+if (NOT DEFINED PS_RAM_FS)
if (REGRESSION)
- set (SST_RAM_FS ON)
+ set (PS_RAM_FS ON)
else()
- set (SST_RAM_FS OFF)
+ set (PS_RAM_FS OFF)
endif()
endif()
-if (NOT DEFINED SST_TEST_NV_COUNTERS)
- if (REGRESSION AND ENABLE_SECURE_STORAGE_SERVICE_TESTS)
- set(SST_TEST_NV_COUNTERS ON)
+if (NOT DEFINED PS_TEST_NV_COUNTERS)
+ if (REGRESSION AND ENABLE_PROTECTED_STORAGE_SERVICE_TESTS)
+ set(PS_TEST_NV_COUNTERS ON)
else()
- set(SST_TEST_NV_COUNTERS OFF)
+ set(PS_TEST_NV_COUNTERS OFF)
endif()
endif()
-# The SST NV counter tests depend on the SST test partition to call
-# sst_system_prepare().
-if (SST_TEST_NV_COUNTERS)
- set(TFM_PARTITION_TEST_SST ON)
- add_definitions(-DTFM_PARTITION_TEST_SST)
+# The PS NV counter tests depend on the PS test partition to call
+# ps_system_prepare().
+if (PS_TEST_NV_COUNTERS)
+ set(TFM_PARTITION_TEST_PS ON)
+ add_definitions(-DTFM_PARTITION_TEST_PS)
endif()
#Default TF-M internal trusted storage flags.
diff --git a/app/CMakeLists.txt b/app/CMakeLists.txt
index eadbb54..980965d 100644
--- a/app/CMakeLists.txt
+++ b/app/CMakeLists.txt
@@ -48,8 +48,8 @@
message(FATAL_ERROR "Incomplete build configuration: TFM_PARTITION_PLATFORM is undefined.")
endif()
-if (NOT DEFINED TFM_PARTITION_SECURE_STORAGE)
- message(FATAL_ERROR "Incomplete build configuration: TFM_PARTITION_SECURE_STORAGE is undefined.")
+if (NOT DEFINED TFM_PARTITION_PROTECTED_STORAGE)
+ message(FATAL_ERROR "Incomplete build configuration: TFM_PARTITION_PROTECTED_STORAGE is undefined.")
endif()
if (NOT DEFINED TFM_PARTITION_INTERNAL_TRUSTED_STORAGE)
@@ -98,11 +98,11 @@
endif()
endif()
-if (TFM_PARTITION_SECURE_STORAGE)
+if (TFM_PARTITION_PROTECTED_STORAGE)
if (TFM_PSA_API)
- list(APPEND NS_APP_SRC "${INTERFACE_DIR}/src/tfm_sst_ipc_api.c")
+ list(APPEND NS_APP_SRC "${INTERFACE_DIR}/src/tfm_ps_ipc_api.c")
else()
- list(APPEND NS_APP_SRC "${INTERFACE_DIR}/src/tfm_sst_func_api.c")
+ list(APPEND NS_APP_SRC "${INTERFACE_DIR}/src/tfm_ps_func_api.c")
endif()
endif()
@@ -409,7 +409,7 @@
if(NOT TARGET tfm_non_secure_tests)
#Add the test source to the build.
#As of today since secure_fw is built as a sub-project this code will never execute.
- option(ENABLE_SECURE_STORAGE_SERVICE_TESTS "" TRUE)
+ option(ENABLE_PROTECTED_STORAGE_SERVICE_TESTS "" TRUE)
include(../test/CMakeLists.inc)
target_sources(${PROJECT_OBJ_LIB} PUBLIC ${ALL_SRC_C} ${ALL_SRC_C_NS})
endif()
diff --git a/configs/ConfigDefaultProfileS.cmake b/configs/ConfigDefaultProfileS.cmake
index b52a11e..aa54ead 100644
--- a/configs/ConfigDefaultProfileS.cmake
+++ b/configs/ConfigDefaultProfileS.cmake
@@ -60,8 +60,8 @@
# Disable Platform service
set(TFM_PARTITION_PLATFORM OFF)
-# Disable Secure Storage service
-set(TFM_PARTITION_SECURE_STORAGE OFF)
+# Disable Protected Storage service
+set(TFM_PARTITION_PROTECTED_STORAGE OFF)
# Disable Initial Attestation service temporarily
set(TFM_PARTITION_INITIAL_ATTESTATION OFF)
diff --git a/configs/ConfigRegressionProfileS.cmake b/configs/ConfigRegressionProfileS.cmake
index 2d1b779..324ebb2 100644
--- a/configs/ConfigRegressionProfileS.cmake
+++ b/configs/ConfigRegressionProfileS.cmake
@@ -63,8 +63,8 @@
# Disable Platform service
set(TFM_PARTITION_PLATFORM OFF)
-# Disable Secure Storage service
-set(TFM_PARTITION_SECURE_STORAGE OFF)
+# Disable Protected Storage service
+set(TFM_PARTITION_PROTECTED_STORAGE OFF)
# Disable Initial Attestation service temporarily
set(TFM_PARTITION_INITIAL_ATTESTATION OFF)
diff --git a/docs/about/maintainers.rst b/docs/about/maintainers.rst
index c75d7ad..e177952 100644
--- a/docs/about/maintainers.rst
+++ b/docs/about/maintainers.rst
@@ -33,8 +33,8 @@
:email: `Tamas.Ban@arm.com <Tamas.Ban@arm.com>`__
:github: `tamban01 <https://github.com/tamban01>`__
-Secure Storage
-~~~~~~~~~~~~~~
+Secure Storage (ITS & PS)
+~~~~~~~~~~~~~~~~~~~~~~~~~
Jamie Fox
:email: `jamie.fox@arm.com <jamie.fox@arm.com>`__
diff --git a/docs/design_documents/sst_key_management.rst b/docs/design_documents/ps_key_management.rst
similarity index 78%
rename from docs/design_documents/sst_key_management.rst
rename to docs/design_documents/ps_key_management.rst
index 0f617e8..80a39be 100644
--- a/docs/design_documents/sst_key_management.rst
+++ b/docs/design_documents/ps_key_management.rst
@@ -1,6 +1,6 @@
-=====================================
-Secure Storage service key management
-=====================================
+========================================
+Protected Storage service key management
+========================================
:Author: Jamie Fox
:Organization: Arm Limited
@@ -21,13 +21,13 @@
128 bits of entropy (and a 128 bit data size), and be accessible only to Trusted
code or Trusted hardware that acts on behalf of Trusted code. [TBSA-M]_
-In the current implementation, the Secure Storage (SST) service reads the HUK
+In the current implementation, the Protected Storage (PS) service reads the HUK
directly and imports it into the Crypto partition for further use. This has
multiple drawbacks:
-- If there were a flaw in SST that allowed an attacker to obtain its key, then
+- If there were a flaw in PS that allowed an attacker to obtain its key, then
the HUK would be exposed, and so the attacker would be able to decrypt not
- just secure storage but also anything else encrypted with the HUK or a key
+ just protected storage but also anything else encrypted with the HUK or a key
derived from the HUK.
- Using the same key for two or more different cryptographic algorithms may
reduce the security provided by one or more of them.
@@ -38,21 +38,21 @@
Proposal
========
-Each time the system boots, SST will request that the Crypto service uses a key
+Each time the system boots, PS will request that the Crypto service uses a key
derivation function (KDF) to derive a storage key from the HUK. The storage key
could be kept in on-chip volatile memory private to the Crypto partition, or it
-could remain inside a secure element. Either way it will not be returned to SST.
+could remain inside a secure element. Either way it will not be returned to PS.
-For each call to the PSA Protected Storage APIs, SST will make requests to the
+For each call to the PSA Protected Storage APIs, PS will make requests to the
Crypto service to perform AEAD encryption and/or decryption operations using the
storage key (providing a fresh nonce for each encryption).
-At no point will SST access the key material itself, only referring to the HUK
+At no point will PS access the key material itself, only referring to the HUK
and storage key by their handles in the Crypto service.
Key derivation
==============
-SST will make key derivation requests to the Crypto service with calls to the
+PS will make key derivation requests to the Crypto service with calls to the
PSA Crypto APIs. In order to derive the storage key, the following calls will be
made::
@@ -62,33 +62,33 @@
&huk_key_handle)
/* Set up a key derivation operation with the HUK as the input key */
- psa_key_derivation(&sst_key_generator,
+ psa_key_derivation(&ps_key_generator,
huk_key_handle,
TFM_CRYPTO_ALG_HUK_DERIVATION,
- SST_KEY_SALT, SST_KEY_SALT_LEN_BYTES,
- SST_KEY_LABEL, SST_KEY_LABEL_LEN_BYTES,
- SST_KEY_LEN_BYTES)
+ PS_KEY_SALT, PS_KEY_SALT_LEN_BYTES,
+ PS_KEY_LABEL, PS_KEY_LABEL_LEN_BYTES,
+ PS_KEY_LEN_BYTES)
/* Create the storage key from the key generator */
- psa_generator_import_key(sst_key_handle,
- SST_KEY_TYPE,
- PSA_BYTES_TO_BITS(SST_KEY_LEN_BYTES),
- &sst_key_generator)
+ psa_generator_import_key(ps_key_handle,
+ PS_KEY_TYPE,
+ PSA_BYTES_TO_BITS(PS_KEY_LEN_BYTES),
+ &ps_key_generator)
.. note:: ``TFM_CRYPTO_KEY_ID_HUK`` is a PSA Crypto key ID that is assumed in
this design to identify the hardware unique key.
- ``sst_key_handle`` is a PSA Crypto key handle to a volatile key, set
+ ``ps_key_handle`` is a PSA Crypto key handle to a volatile key, set
up in the normal way. After the call to ``psa_generator_import_key``,
it contains the storage key.
- ``SST_KEY_SALT`` can be ``NULL``, as it is only used in the 'extract'
+ ``PS_KEY_SALT`` can be ``NULL``, as it is only used in the 'extract'
step of HKDF, which is redundant when the input key material is a
cryptographically strong key. [RFC5869]_ It must be constant so that
the same key can be derived each boot, to decrypt previously-stored
data.
- ``SST_KEY_LABEL`` can be any string that is independent of the input
+ ``PS_KEY_LABEL`` can be any string that is independent of the input
key material and different to the label used in any other derivation
from the same input key. It prevents two different contexts from
deriving the same output key from the same input key.
@@ -109,7 +109,7 @@
case here).
- The trade-off is that HKDF is only suitable when the input key material has at
least as much entropy as required for the output key material. But this is the
- case here, as the HUK has 128 bits of entropy, the same as required by SST.
+ case here, as the HUK has 128 bits of entropy, the same as required by PS.
- HKDF is standardised in RFC 5869 [RFC5869]_ and its security has been formally
analysed. [HKDF]_
- It is supported by the TF-M Crypto service.
@@ -119,8 +119,8 @@
Crypto. This narrows it down to just the SHA-2 family. Of the hash functions in
the family, SHA-256 is the simplest and provides more than enough output length.
-Keeping the storage key private to SST
---------------------------------------
+Keeping the storage key private to PS
+-------------------------------------
The salt and label fields are not generally secret, so an Application RoT
service could request the Crypto service to derive the same storage key from the
HUK, which violates isolation between Application RoT partitions to some extent.
@@ -128,10 +128,10 @@
- Only PSA RoT partitions can request Crypto to derive keys from the HUK.
- - But then either SST has to be in the PSA RoT or request a service in the PSA
+ - But then either PS has to be in the PSA RoT or request a service in the PSA
RoT to do the derivation on its behalf.
-- SST has a secret (pseudo)random salt, accessible only to it, that it uses to
+- PS has a secret (pseudo)random salt, accessible only to it, that it uses to
derive the storage key.
- Where would this salt be stored? It cannot be generated fresh each boot
@@ -150,13 +150,13 @@
Key use
=======
-To encrypt and decrypt data, SST will call the PSA Crypto AEAD APIs in the same
-way as the current implementation, but ``sst_key_handle`` will refer to the
+To encrypt and decrypt data, PS will call the PSA Crypto AEAD APIs in the same
+way as the current implementation, but ``ps_key_handle`` will refer to the
storage key, rather than the imported HUK. For each encryption operation, the
following call is made (and analogously for decryption)::
- psa_aead_encrypt(sst_key_handle, SST_CRYPTO_ALG,
- crypto->ref.iv, SST_IV_LEN_BYTES,
+ psa_aead_encrypt(ps_key_handle, PS_CRYPTO_ALG,
+ crypto->ref.iv, PS_IV_LEN_BYTES,
add, add_len,
in, in_len,
out, out_size, out_len)
diff --git a/docs/glossary.rst b/docs/glossary.rst
index 6f27f33..73e91aa 100644
--- a/docs/glossary.rst
+++ b/docs/glossary.rst
@@ -80,9 +80,13 @@
A component within the TEE that is atomic from a security/trust point of
view, i.e. which is viewed as a single entity from a TF-M point of view.
- SST : TF-M related
- Secure Storage Service
- Secure storage service provided by TF-M.
+ PS : TF-M related
+ Protected Storage
+ Protected storage service provided by TF-M.
+
+ ITS : TF-M related
+ Internal Trusted Storage
+ Internal Trusted Storage service provided by TF-M.
TFM
TF-M
diff --git a/docs/user_guides/services/tfm_its_integration_guide.rst b/docs/user_guides/services/tfm_its_integration_guide.rst
index f668913..f6b2dec 100644
--- a/docs/user_guides/services/tfm_its_integration_guide.rst
+++ b/docs/user_guides/services/tfm_its_integration_guide.rst
@@ -115,7 +115,7 @@
- ``tfm_internal_trusted_storage.c`` - Contains the TF-M internal trusted
storage API implementations which are the entry points to the ITS service.
Allocates a filesystem context for ITS and makes appropriate fs calls. Also
- handles requests from the SST partition with a separate fs context.
+ handles requests from the PS partition with a separate fs context.
- ``its_utils.c`` - Contains common and basic functionalities used across the
ITS service code.
@@ -170,7 +170,7 @@
- ``flash/its_flash_info_external.c`` - Defines an instance of the
``struct its_flash_info_t`` type for the external flash device, used only to
- handle requests from the SST partition.
+ handle requests from the PS partition.
The CMSIS flash interface **must** be implemented for each target based on its
flash controller.
diff --git a/docs/user_guides/services/tfm_sst_integration_guide.rst b/docs/user_guides/services/tfm_ps_integration_guide.rst
similarity index 65%
rename from docs/user_guides/services/tfm_sst_integration_guide.rst
rename to docs/user_guides/services/tfm_ps_integration_guide.rst
index 6c860d2..1f47204 100644
--- a/docs/user_guides/services/tfm_sst_integration_guide.rst
+++ b/docs/user_guides/services/tfm_ps_integration_guide.rst
@@ -1,21 +1,21 @@
-########################################
-Secure Storage Service Integration Guide
-########################################
+###########################################
+Protected Storage Service Integration Guide
+###########################################
************
Introduction
************
-TF-M Secure Storage (SST) service implements PSA Protected Storage APIs.
+TF-M Protected Storage (PS) service implements PSA Protected Storage APIs.
The service is backed by hardware isolation of the flash access domain and, in
the current version, relies on hardware to isolate the flash area from
non-secure access. In absence of hardware level isolation, the secrecy and
integrity of data is still maintained.
-The SST service implements an AES-GCM based AEAD encryption policy, as a
+The PS service implements an AES-GCM based AEAD encryption policy, as a
reference, to protect data integrity and authenticity.
-SST reuses the non-hierarchical filesystem provided by the TF-M Internal Trusted
+PS reuses the non-hierarchical filesystem provided by the TF-M Internal Trusted
Storage service to store encrypted, authenticated objects on the external flash
device.
@@ -29,7 +29,7 @@
- **Integrity** - Resistant to tampering by either the normal users of a product,
package, or system or others with physical access to it. If the content of the
- secure storage is changed maliciously, the service is able to detect it.
+ protected storage is changed maliciously, the service is able to detect it.
- **Reliability** - Resistant to power failure scenarios and incomplete write
cycles.
@@ -42,9 +42,9 @@
very small silicon footprint, the PPA (power, performance, area) should be
optimal.
-*******************************
-Current SST Service Limitations
-*******************************
+******************************
+Current PS Service Limitations
+******************************
- **Fragmentation** - The current design does not support fragmentation, as an
asset is stored in a contiguous space in a block. This means that the maximum
asset size can only be up-to a block size. Detailed information about the
@@ -91,19 +91,19 @@
**************
Code Structure
**************
-Secure storage service code is located in ``secure_fw/partitions/secure_storage/``
-and is divided as follows:
+Protected storage service code is located in
+``secure_fw/partitions/protected_storage/`` and is divided as follows:
- Core files
- Cryptographic interfaces
- Non-volatile (NV) counters interfaces
-The PSA PS interfaces for SST service are located in ``interface/include/psa``
+The PSA PS interfaces for PS service are located in ``interface/include/psa``
PSA Protected Storage Interfaces
================================
-The SST service exposes the following mandatory PSA PS interfaces, version 1.0:
+The PS service exposes the following mandatory PSA PS interfaces, version 1.0:
.. code-block:: c
@@ -115,41 +115,41 @@
For the moment, it does not support the extended version of those APIs.
-These PSA PS interfaces and SST TF-M types are defined and documented in
+These PSA PS interfaces and PS TF-M types are defined and documented in
``interface/include/psa/protected_storage.h``,
``interface/include/psa/storage_common.h`` and
-``interface/include/tfm_sst_defs.h``
+``interface/include/tfm_ps_defs.h``
Core Files
==========
-- ``tfm_sst_req_mngr.c`` - Contains the SST request manager implementation which
+- ``tfm_ps_req_mngr.c`` - Contains the PS request manager implementation which
handles all requests which arrive to the service. This layer extracts the
arguments from the input and output vectors, and it calls the protected
storage layer with the provided parameters.
- ``tfm_protected_storage.c`` - Contains the TF-M protected storage API
- implementations which are the entry points to the SST service.
+ implementations which are the entry points to the PS service.
-- ``sst_object_system.c`` - Contains the object system implementation to manage
- all objects in SST area.
+- ``ps_object_system.c`` - Contains the object system implementation to manage
+ all objects in PS area.
-- ``sst_object_table.c`` - Contains the object system table implementation which
- complements the object system to manage all object in the SST area.
+- ``ps_object_table.c`` - Contains the object system table implementation which
+ complements the object system to manage all object in the PS area.
The object table has an entry for each object stored in the object system
and keeps track of its version and owner.
-- ``sst_encrypted_object.c`` - Contains an implementation to manipulate
- encrypted objects in the SST object system.
+- ``ps_encrypted_object.c`` - Contains an implementation to manipulate
+ encrypted objects in the PS object system.
-- ``sst_utils.c`` - Contains common and basic functionalities used across the
- SST service code.
+- ``ps_utils.c`` - Contains common and basic functionalities used across the
+ PS service code.
Flash Filesystem and Flash Interfaces
=====================================
-The SST service reuses the non-hierarchical filesystem and flash interfaces
+The PS service reuses the non-hierarchical filesystem and flash interfaces
provided by the TF-M Internal Trusted Storage service. It stores encrypted,
authenticated objects on the external flash device by making service calls to
-the ITS service. When the ITS service receives requests from the SST partition,
+the ITS service. When the ITS service receives requests from the PS partition,
it handles the request by using a separate filesystem context initialised to use
the external flash device.
@@ -161,81 +161,81 @@
</docs/user_guides/services/tfm_its_integration_guide>`.
The structure containing info about the external flash device, used by the ITS
-service to handle requests from the SST partition, is defined in
+service to handle requests from the PS partition, is defined in
``secure_fw/partitions/internal_trusted_storage/flash/its_flash_info_external.c``,
which depends on target-specific definitions from
``platform/ext/target/<TARGET_NAME>/partition/flash_layout.h``. Please see the
-`Secure Storage Service Definitions` section for details.
+`Protected Storage Service Definitions` section for details.
Cryptographic Interface
=======================
-- ``crypto/sst_crypto_interface.h`` - Abstracts the cryptographic operations for
- the secure storage service.
+- ``crypto/ps_crypto_interface.h`` - Abstracts the cryptographic operations for
+ the protected storage service.
-- ``crypto/sst_crypto_interface.c`` - Implements the SST service cryptographic
+- ``crypto/ps_crypto_interface.c`` - Implements the PS service cryptographic
operations with calls to the TF-M Crypto service.
Non-volatile (NV) Counters Interface
====================================
-The current SST service provides rollback protection based on NV
+The current PS service provides rollback protection based on NV
counters.
-SST defines and implements the following NV counters functionalities:
+PS defines and implements the following NV counters functionalities:
-- ``nv_counters/sst_nv_counters.h`` - Abstracts SST non-volatile
+- ``nv_counters/ps_nv_counters.h`` - Abstracts PS non-volatile
counters operations. This API detaches the use of NV counters from the TF-M NV
counters implementation, provided by the platform, and provides a mechanism to
- compile in a different API implementation for test purposes. A SST test suite
- **may** provide its own custom implementation to be able to test different SST
+ compile in a different API implementation for test purposes. A PS test suite
+ **may** provide its own custom implementation to be able to test different PS
service use cases.
-- ``nv_counters/sst_nv_counters.c`` - Implements the SST NV counters interfaces
+- ``nv_counters/ps_nv_counters.c`` - Implements the PS NV counters interfaces
based on TF-M NV counters implementation provided by the platform.
-*****************************
-SST Service Integration Guide
-*****************************
+****************************
+PS Service Integration Guide
+****************************
This section describes mandatory (i.e. **must** implement) or optional
(i.e. **may** implement) interfaces which the system integrator have to take
-in to account in order to integrate the secure storage service in a new
+in to account in order to integrate the protected storage service in a new
platform.
Maximum Asset Size
==================
An asset is stored in a contiguous space in a block/sector. The maximum
size of an asset can be up-to the size of the data block/sector minus the object
-header size (``SST_OBJECT_HEADER_SIZE``) which is defined in
-``sst_object_defs.h``. The ``SST_OBJECT_HEADER_SIZE`` changes based on the
-``SST_ENCRYPTION`` flag status.
+header size (``PS_OBJECT_HEADER_SIZE``) which is defined in
+``ps_object_defs.h``. The ``PS_OBJECT_HEADER_SIZE`` changes based on the
+``PS_ENCRYPTION`` flag status.
-Secure Storage Service Definitions
-==================================
-The SST service requires the following platform definitions:
+Protected Storage Service Definitions
+=====================================
+The PS service requires the following platform definitions:
-- ``SST_FLASH_AREA_ADDR`` - Defines the flash address where the secure storage
+- ``PS_FLASH_AREA_ADDR`` - Defines the flash address where the protected storage
area starts.
-- ``SST_FLASH_AREA_SIZE`` - Defines the size of the dedicated flash area
- for secure storage in bytes.
-- ``SST_SECTOR_SIZE`` - Defines the size of the flash sectors (the smallest
+- ``PS_FLASH_AREA_SIZE`` - Defines the size of the dedicated flash area
+ for protected storage in bytes.
+- ``PS_SECTOR_SIZE`` - Defines the size of the flash sectors (the smallest
erasable unit) in bytes.
-- ``SST_SECTORS_PER_BLOCK`` - Defines the number of contiguous SST_SECTOR_SIZE
+- ``PS_SECTORS_PER_BLOCK`` - Defines the number of contiguous PS_SECTOR_SIZE
to form a logical block in the filesystem.
-- ``SST_FLASH_DEV_NAME`` - Specifies the flash device used by SST to store the
+- ``PS_FLASH_DEV_NAME`` - Specifies the flash device used by PS to store the
data.
-- ``SST_FLASH_PROGRAM_UNIT`` - Defines the smallest flash programmable unit in
- bytes. Valid values are powers of two between 1 and ``SST_SECTOR_SIZE``
+- ``PS_FLASH_PROGRAM_UNIT`` - Defines the smallest flash programmable unit in
+ bytes. Valid values are powers of two between 1 and ``PS_SECTOR_SIZE``
inclusive.
-- ``SST_MAX_ASSET_SIZE`` - Defines the maximum asset size to be stored in the
- SST area. This size is used to define the temporary buffers used by SST to
+- ``PS_MAX_ASSET_SIZE`` - Defines the maximum asset size to be stored in the
+ PS area. This size is used to define the temporary buffers used by PS to
read/write the asset content from/to flash. The memory used by the temporary
- buffers is allocated statically as SST does not use dynamic memory allocation.
-- ``SST_NUM_ASSETS`` - Defines the maximum number of assets to be stored in the
- SST area. This number is used to dimension statically the object table size in
+ buffers is allocated statically as PS does not use dynamic memory allocation.
+- ``PS_NUM_ASSETS`` - Defines the maximum number of assets to be stored in the
+ PS area. This number is used to dimension statically the object table size in
RAM (fast access) and flash (persistent storage). The memory used by the
- object table is allocated statically as SST does not use dynamic memory
+ object table is allocated statically as PS does not use dynamic memory
allocation.
-The sectors reserved to be used as secure storage **must** be contiguous sectors
-starting at ``SST_FLASH_AREA_ADDR``.
+The sectors reserved to be used as protected storage **must** be contiguous
+sectors starting at ``PS_FLASH_AREA_ADDR``.
The design requires either 2 blocks, or any number of blocks greater than or
equal to 4. Total number of blocks can not be 0, 1 or 3. This is a design choice
@@ -245,7 +245,7 @@
information explained above. The defines must be named as they are specified
above.
-More information about the ``flash_layout.h`` content, not SST related, is
+More information about the ``flash_layout.h`` content, not PS related, is
available in :doc:`platform readme </platform/ext/readme>` along with other
platform information.
@@ -256,7 +256,7 @@
``platform/include/tfm_plat_nv_counters.h``
The system integrators **may** implement this interface based on the target
-capabilities and set the ``SST_ROLLBACK_PROTECTION`` flag to compile in
+capabilities and set the ``PS_ROLLBACK_PROTECTION`` flag to compile in
the rollback protection code.
Secret Platform Unique Key
@@ -279,7 +279,7 @@
:doc:`NS client identification documentation </docs/user_guides/tfm_ns_client_identification>`
provides further details on how client identification works.
-SST service uses that TF-M core API to retrieve the client ID and associate it
+PS service uses that TF-M core API to retrieve the client ID and associate it
as the owner of an asset. Only the owner can read, write or delete that asset
based on the creation flags.
@@ -291,46 +291,46 @@
The reference encryption policy is built on AES-GCM, and it **may** be replaced
by a vendor specific implementation.
-The SST service abstracts all the cryptographic requirements and specifies the
+The PS service abstracts all the cryptographic requirements and specifies the
required cryptographic interface in
-``secure_fw/partitions/secure_storage/crypto/sst_crypto_interface.h``
+``secure_fw/partitions/protected_storage/crypto/ps_crypto_interface.h``
-The SST service cryptographic operations are implemented in
-``secure_fw/partitions/secure_storage/crypto/sst_crypto_interface.c``, using calls
-to the TF-M Crypto service.
+The PS service cryptographic operations are implemented in
+``secure_fw/partitions/protected_storage/crypto/ps_crypto_interface.c``, using
+calls to the TF-M Crypto service.
-SST Service Features Flags
-==========================
-SST service defines a set of flags that can be used to compile in/out certain
-SST service features. The ``CommonConfig.cmake`` file sets the default values
+PS Service Features Flags
+=========================
+PS service defines a set of flags that can be used to compile in/out certain
+PS service features. The ``CommonConfig.cmake`` file sets the default values
of those flags. However, those flags values can be overwritten by setting them
in ``platform/ext/<TARGET_NAME>.cmake`` based on the target capabilities or
-needs. The list of SST services flags are:
+needs. The list of PS services flags are:
-- ``SST_ENCRYPTION``- this flag allows to enable/disable encryption
- option to encrypt the secure storage data.
-- ``SST_CREATE_FLASH_LAYOUT``- this flag indicates that it is required
- to create a SST flash layout. If this flag is set, SST service will
- generate an empty and valid SST flash layout to store assets. It will
- erase all data located in the assigned SST memory area before generating
- the SST layout. This flag is required to be set if the SST memory area
- is located in a non-persistent memory. This flag can be set if the SST
- memory area is located in a persistent memory without a valid SST flash
+- ``PS_ENCRYPTION``- this flag allows to enable/disable encryption
+ option to encrypt the protected storage data.
+- ``PS_CREATE_FLASH_LAYOUT``- this flag indicates that it is required
+ to create a PS flash layout. If this flag is set, PS service will
+ generate an empty and valid PS flash layout to store assets. It will
+ erase all data located in the assigned PS memory area before generating
+ the PS layout. This flag is required to be set if the PS memory area
+ is located in a non-persistent memory. This flag can be set if the PS
+ memory area is located in a persistent memory without a valid PS flash
layout in it. That is the case when it is the first time in the device
- life that the SST service is executed.
-- ``SST_VALIDATE_METADATA_FROM_FLASH``- this flag allows to
+ life that the PS service is executed.
+- ``PS_VALIDATE_METADATA_FROM_FLASH``- this flag allows to
enable/disable the validation mechanism to check the metadata store in flash
every time the flash data is read from flash. This validation is required
if the flash is not hardware protected against malicious writes. In case
the flash is protected against malicious writes (i.e embedded flash, etc),
this validation can be disabled in order to reduce the validation overhead.
-- ``SST_ROLLBACK_PROTECTION``- this flag allows to enable/disable
- rollback protection in secure storage service. This flag takes effect only
- if the target has non-volatile counters and ``SST_ENCRYPTION`` flag is on.
-- ``SST_RAM_FS``- this flag allows to enable/disable the use of RAM
- instead of the flash to store the FS in secure storage service. This flag
+- ``PS_ROLLBACK_PROTECTION``- this flag allows to enable/disable
+ rollback protection in protected storage service. This flag takes effect only
+ if the target has non-volatile counters and ``PS_ENCRYPTION`` flag is on.
+- ``PS_RAM_FS``- this flag allows to enable/disable the use of RAM
+ instead of the flash to store the FS in protected storage service. This flag
is set by default in the regression tests, if it is not defined by the
- platform. The SST regression tests reduce the life of the flash memory
+ platform. The PS regression tests reduce the life of the flash memory
as they write/erase multiple times in the memory.
.. Note::
@@ -340,16 +340,16 @@
specific (QSPI, eFlash, etc.) and it is described in corresponding
flash_layout.h
-- ``SST_TEST_NV_COUNTERS``- this flag enables the virtual
- implementation of the SST NV counters interface in
- ``test/suites/sst/secure/nv_counters``, which emulates NV counters in
+- ``PS_TEST_NV_COUNTERS``- this flag enables the virtual
+ implementation of the PS NV counters interface in
+ ``test/suites/ps/secure/nv_counters``, which emulates NV counters in
RAM, and disables the hardware implementation of NV counters provided by
the secure service. This flag is enabled by default when building the
regression tests and disabled by default otherwise. This flag can be
overridden to ``OFF`` when building the regression tests. In this case,
- the SST rollback protection test suite will not be built, as it relies
+ the PS rollback protection test suite will not be built, as it relies
on extra functionality provided by the virtual NV counters to simulate
- different rollback scenarios. The remainder of the SST test suites will
+ different rollback scenarios. The remainder of the PS test suites will
run using the hardware NV counters. Please note that running the tests in
this configuration will quickly increase the hardware NV counter values,
which cannot be decreased again.
diff --git a/docs/user_guides/services/tfm_secure_partition_addition.rst b/docs/user_guides/services/tfm_secure_partition_addition.rst
index 174ae4e..774220a 100644
--- a/docs/user_guides/services/tfm_secure_partition_addition.rst
+++ b/docs/user_guides/services/tfm_secure_partition_addition.rst
@@ -152,7 +152,7 @@
**Partition name** **Partition ID**
=============================== =================
Reserved 0-255
- TFM_SP_STORAGE 256
+ TFM_SP_PS 256
TFM_SP_ITS 257
TFM_SP_AUDIT_LOG 258
TFM_SP_CRYPTO 259
@@ -164,7 +164,7 @@
TFM_SP_IPC_SERVICE_TEST 265
TFM_SP_IPC_CLIENT_TEST 266
TFM_IRQ_TEST_1 267
- TFM_SP_SST_TEST 268
+ TFM_SP_PS_TEST 268
=============================== =================
About where to add the definition, please refer to the chapter `Add
@@ -188,7 +188,7 @@
audit_logging 0x00000 0x000-0x01F
initial_attestation 0x00000 0x020-0x03F
platform 0x00000 0x040-0x05F
- secure_storage 0x00000 0x060-0x07F
+ protected_storage 0x00000 0x060-0x07F
crypto 0x00000 0x080-0x09F
internal_trusted_storage 0x00000 0x0A0-0x0BF
test_secure_service 0x0000F 0x000-0x01F
@@ -197,7 +197,7 @@
tfm_ipc_client 0x0000F 0x060-0x07F
tfm_ipc_service 0x0000F 0x080-0x09F
tfm_irq_test_service_1 0x0000F 0x0A0-0x0BF
- tfm_sst_test_service 0x0000F 0x0C0-0x0DF
+ tfm_ps_test_service 0x0000F 0x0C0-0x0DF
=========================== ====================== ========================
mmio_regions
@@ -349,4 +349,4 @@
--------------
-*Copyright (c) 2019-2020, Arm Limited. All rights reserved.*
\ No newline at end of file
+*Copyright (c) 2019-2020, Arm Limited. All rights reserved.*
diff --git a/docs/user_guides/tfm_build_instruction.rst b/docs/user_guides/tfm_build_instruction.rst
index 8ed8c2d..de910ad 100644
--- a/docs/user_guides/tfm_build_instruction.rst
+++ b/docs/user_guides/tfm_build_instruction.rst
@@ -91,7 +91,7 @@
file. The build system assumes that the PSA API compliance test suite is checked
out at the same level of the TF-M root folder and the default name for the build
folder has been used when compiling the PSA API compliance tests. Each set of
-tests for the Internal Trusted Storage, Secure Storage, Crypto and Attestation
+tests for the Internal Trusted Storage, Protected Storage, Crypto and Attestation
services needs to be enabled at the build configuration step by defining::
-DPSA_API_TEST_INTERNAL_TRUSTED_STORAGE=ON
diff --git a/docs/user_guides/tfm_integration_guide.rst b/docs/user_guides/tfm_integration_guide.rst
index d320a0e..09e43a0 100644
--- a/docs/user_guides/tfm_integration_guide.rst
+++ b/docs/user_guides/tfm_integration_guide.rst
@@ -67,7 +67,7 @@
.. Note::
- Currently SST and BL2 bootloader use different flash interface
+ Currently ITS, PS and BL2 bootloader use different flash interface
Target configuration files
==========================
@@ -104,13 +104,13 @@
``<build_dir>/install/export/tfm`` path. The NS side is only allowed to call
TF-M secure functions (veneers) from the NS Thread mode. For this reason, the
API is a collection of functions in the ``<build_dir>/install/export/tfm/inc``
-directory. For example, the interface for the Secure STorage (SST) service
-is described in the file ``psa_sst_api.h`` as a collection of functions that
+directory. For example, the interface for the Protected Storage (PS) service
+is described in the file ``psa_ps_api.h`` as a collection of functions that
call service veneer functions. This API is a wrapper for the secure veneers,
and returns the return value from the service to the caller.
-The secure storage service uses a numerical ID, to identify the clients that use
-the service. For details see
+The protected storage service uses a numerical ID, to identify the clients that
+use the service. For details see
:doc:`ns client identification documentation <tfm_ns_client_identification>`.
Interface with non-secure world regression tests
@@ -123,7 +123,7 @@
tests are precompiled and delivered as a static library which is available in
``<build_dir>/install/export/tfm/test/lib``, so that the non-secure application
needs to link against the library to be able to invoke the
-``tfm_non_secure_client_run_tests()`` function. The SST non-secure side
+``tfm_non_secure_client_run_tests()`` function. The PS non-secure side
regression tests rely on some OS functionality e.g. threads, mutexes etc. These
functions comply with CMSIS RTOS2 standard and have been exported as thin
wrappers defined in ``os_wrapper.h`` contained in
@@ -148,4 +148,4 @@
--------------
-*Copyright (c) 2017-2019, Arm Limited. All rights reserved.*
+*Copyright (c) 2017-2020, Arm Limited. All rights reserved.*
diff --git a/docs/user_guides/tfm_ns_client_identification.rst b/docs/user_guides/tfm_ns_client_identification.rst
index 9faccfb..44fd343 100644
--- a/docs/user_guides/tfm_ns_client_identification.rst
+++ b/docs/user_guides/tfm_ns_client_identification.rst
@@ -1,7 +1,7 @@
###########################
Non-Secure Identity Manager
###########################
-The ID of the current application/thread is known by TF-M, and the SST service
+The ID of the current application/thread is known by TF-M, and the PS service
queries the ID of the currently running client via a dedicated API.
The identity of secure clients can be tracked by TF-M core, because it also
@@ -40,4 +40,4 @@
--------------
-*Copyright (c) 2018-2019, Arm Limited. All rights reserved.*
+*Copyright (c) 2018-2020, Arm Limited. All rights reserved.*
diff --git a/docs/user_guides/tfm_secure_boot.rst b/docs/user_guides/tfm_secure_boot.rst
index a62d836..917d018 100644
--- a/docs/user_guides/tfm_secure_boot.rst
+++ b/docs/user_guides/tfm_secure_boot.rst
@@ -568,7 +568,7 @@
[Sec Thread] Secure image initializing!
#### Execute test suites for the Secure area ####
- Running Test Suite PSA protected storage S interface tests (TFM_SST_TEST_2XXX)...
+ Running Test Suite PSA protected storage S interface tests (TFM_PS_TEST_2XXX)...
...
To update the secure and non-secure images separately (multiple image boot),
@@ -617,7 +617,7 @@
[Sec Thread] Jumping to non-secure code...
#### Execute test suites for the Secure area ####
- Running Test Suite PSA protected storage S interface tests (TFM_SST_TEST_2XXX)...
+ Running Test Suite PSA protected storage S interface tests (TFM_PS_TEST_2XXX)...
...
Swapping firmware upgrade
@@ -646,7 +646,7 @@
[Sec Thread] Secure image initializing!
#### Execute test suites for the Secure area ####
- Running Test Suite PSA protected storage S interface tests (TFM_SST_TEST_2XXX)...
+ Running Test Suite PSA protected storage S interface tests (TFM_PS_TEST_2XXX)...
...
Non-swapping firmware upgrade
@@ -723,7 +723,7 @@
[Sec Thread] Secure image initializing!
#### Execute test suites for the Secure area ####
- Running Test Suite PSA protected storage S interface tests (TFM_SST_TEST_2XXX)...
+ Running Test Suite PSA protected storage S interface tests (TFM_PS_TEST_2XXX)...
...
Executing firmware upgrade on CoreLink SSE-200 Subsystem for MPS3 (AN524)
diff --git a/docs/user_guides/tfm_user_guide.rst b/docs/user_guides/tfm_user_guide.rst
index 11061a2..eaf33f6 100644
--- a/docs/user_guides/tfm_user_guide.rst
+++ b/docs/user_guides/tfm_user_guide.rst
@@ -131,30 +131,30 @@
[INF] Jumping to the first image slot
[Sec Thread] Secure image initializing!
- #### Execute test suites for the secure storage service ####
- Running Test Suite SST secure interface tests (TFM_SST_TEST_2XXX)...
+ #### Execute test suites for the protected storage service ####
+ Running Test Suite PS secure interface tests (TFM_PS_TEST_2XXX)...
- > Executing 'TFM_SST_TEST_2001'
+ > Executing 'TFM_PS_TEST_2001'
Description: 'Create interface'
TEST PASSED!
- > Executing 'TFM_SST_TEST_2002'
+ > Executing 'TFM_PS_TEST_2002'
Description: 'Get handle interface (DEPRECATED)'
This test is DEPRECATED and the test execution was SKIPPED
TEST PASSED!
- > Executing 'TFM_SST_TEST_2003'
+ > Executing 'TFM_PS_TEST_2003'
Description: 'Get handle with null handle pointer (DEPRECATED)'
This test is DEPRECATED and the test execution was SKIPPED
TEST PASSED!
- > Executing 'TFM_SST_TEST_2004'
+ > Executing 'TFM_PS_TEST_2004'
Description: 'Write interface'
TEST PASSED!
- > Executing 'TFM_SST_TEST_2005'
+ > Executing 'TFM_PS_TEST_2005'
Description: 'Read interface'
....
.. Note::
- SST reliability tests take a few minutes to run on the MPS2.
+ PS reliability tests take a few minutes to run on the MPS2.
Example application without BL2 bootloader
------------------------------------------
@@ -187,24 +187,24 @@
[Sec Thread] Secure image initializing!
- #### Execute test suites for the secure storage service ####
- Running Test Suite SST secure interface tests (TFM_SST_TEST_2XXX)...
+ #### Execute test suites for the protected storage service ####
+ Running Test Suite PS secure interface tests (TFM_PS_TEST_2XXX)...
- > Executing 'TFM_SST_TEST_2001'
+ > Executing 'TFM_PS_TEST_2001'
Description: 'Create interface'
TEST PASSED!
- > Executing 'TFM_SST_TEST_2002'
+ > Executing 'TFM_PS_TEST_2002'
Description: 'Get handle interface (DEPRECATED)'
This test is DEPRECATED and the test execution was SKIPPED
TEST PASSED!
- > Executing 'TFM_SST_TEST_2003'
+ > Executing 'TFM_PS_TEST_2003'
Description: 'Get handle with null handle pointer (DEPRECATED)'
This test is DEPRECATED and the test execution was SKIPPED
TEST PASSED!
- > Executing 'TFM_SST_TEST_2004'
+ > Executing 'TFM_PS_TEST_2004'
Description: 'Write interface'
TEST PASSED!
- > Executing 'TFM_SST_TEST_2005'
+ > Executing 'TFM_PS_TEST_2005'
Description: 'Read interface'
....
@@ -286,23 +286,23 @@
[INF] Jumping to the first image slot
[Sec Thread] Secure image initializing!
- #### Execute test suites for the secure storage service ####
- Running Test Suite SST secure interface tests (TFM_SST_TEST_2XXX)...
- > Executing 'TFM_SST_TEST_2001'
+ #### Execute test suites for the protected storage service ####
+ Running Test Suite PS secure interface tests (TFM_PS_TEST_2XXX)...
+ > Executing 'TFM_PS_TEST_2001'
Description: 'Create interface'
TEST PASSED!
- > Executing 'TFM_SST_TEST_2002'
+ > Executing 'TFM_PS_TEST_2002'
Description: 'Get handle interface (DEPRECATED)'
This test is DEPRECATED and the test execution was SKIPPED
TEST PASSED!
- > Executing 'TFM_SST_TEST_2003'
+ > Executing 'TFM_PS_TEST_2003'
Description: 'Get handle with null handle pointer (DEPRECATED)'
This test is DEPRECATED and the test execution was SKIPPED
TEST PASSED!
- > Executing 'TFM_SST_TEST_2004'
+ > Executing 'TFM_PS_TEST_2004'
Description: 'Get attributes interface'
TEST PASSED!
- > Executing 'TFM_SST_TEST_2005'
+ > Executing 'TFM_PS_TEST_2005'
Description: 'Get attributes with null attributes struct pointer'
....
@@ -396,17 +396,17 @@
[Sec Thread] Secure image initializing!
#### Execute test suites for the Secure area ####
- Running Test Suite PSA protected storage S interface tests (TFM_SST_TEST_2XXX)...
- > Executing 'TFM_SST_TEST_2001'
+ Running Test Suite PSA protected storage S interface tests (TFM_PS_TEST_2XXX)...
+ > Executing 'TFM_PS_TEST_2001'
Description: 'Set interface'
TEST PASSED!
- > Executing 'TFM_SST_TEST_2002'
+ > Executing 'TFM_PS_TEST_2002'
Description: 'Set interface with create flags'
TEST PASSED!
- > Executing 'TFM_SST_TEST_2003'
+ > Executing 'TFM_PS_TEST_2003'
Description: 'Set interface with NULL data pointer'
TEST PASSED!
- > Executing 'TFM_SST_TEST_2004'
+ > Executing 'TFM_PS_TEST_2004'
Description: 'Set interface with invalid data length'
TEST PASSED!
....
@@ -449,17 +449,17 @@
[Sec Thread] Secure image initializing!
#### Execute test suites for the Secure area ####
- Running Test Suite PSA protected storage S interface tests (TFM_SST_TEST_2XXX)...
- > Executing 'TFM_SST_TEST_2001'
+ Running Test Suite PSA protected storage S interface tests (TFM_PS_TEST_2XXX)...
+ > Executing 'TFM_PS_TEST_2001'
Description: 'Set interface'
TEST PASSED!
- > Executing 'TFM_SST_TEST_2002'
+ > Executing 'TFM_PS_TEST_2002'
Description: 'Set interface with create flags'
TEST PASSED!
- > Executing 'TFM_SST_TEST_2003'
+ > Executing 'TFM_PS_TEST_2003'
Description: 'Set interface with NULL data pointer'
TEST PASSED!
- > Executing 'TFM_SST_TEST_2004'
+ > Executing 'TFM_PS_TEST_2004'
Description: 'Set interface with invalid data length'
TEST PASSED!
....
diff --git a/interface/include/psa_manifest/pid.h b/interface/include/psa_manifest/pid.h
index c1a8d4b..9cfa3f6 100644
--- a/interface/include/psa_manifest/pid.h
+++ b/interface/include/psa_manifest/pid.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -14,7 +14,7 @@
extern "C" {
#endif
-#define TFM_SP_STORAGE (256)
+#define TFM_SP_PS (256)
#define TFM_SP_ITS (257)
#define TFM_SP_AUDIT_LOG (258)
#define TFM_SP_CRYPTO (259)
@@ -26,7 +26,7 @@
#define TFM_SP_IPC_SERVICE_TEST (265)
#define TFM_SP_IPC_CLIENT_TEST (266)
#define TFM_IRQ_TEST_1 (267)
-#define TFM_SP_SST_TEST (268)
+#define TFM_SP_PS_TEST (268)
#define TFM_SP_SECURE_CLIENT_2 (269)
#define TFM_SP_MULTI_CORE_TEST (270)
diff --git a/interface/include/psa_manifest/pid.h.template b/interface/include/psa_manifest/pid.h.template
index f5381f6..6670401 100644
--- a/interface/include/psa_manifest/pid.h.template
+++ b/interface/include/psa_manifest/pid.h.template
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
diff --git a/interface/include/psa_manifest/sid.h b/interface/include/psa_manifest/sid.h
index 4b9b8c9..f9bdf7c 100644
--- a/interface/include/psa_manifest/sid.h
+++ b/interface/include/psa_manifest/sid.h
@@ -14,17 +14,17 @@
extern "C" {
#endif
-/******** TFM_SP_STORAGE ********/
-#define TFM_SST_SET_SID (0x00000060U)
-#define TFM_SST_SET_VERSION (1U)
-#define TFM_SST_GET_SID (0x00000061U)
-#define TFM_SST_GET_VERSION (1U)
-#define TFM_SST_GET_INFO_SID (0x00000062U)
-#define TFM_SST_GET_INFO_VERSION (1U)
-#define TFM_SST_REMOVE_SID (0x00000063U)
-#define TFM_SST_REMOVE_VERSION (1U)
-#define TFM_SST_GET_SUPPORT_SID (0x00000064U)
-#define TFM_SST_GET_SUPPORT_VERSION (1U)
+/******** TFM_SP_PS ********/
+#define TFM_PS_SET_SID (0x00000060U)
+#define TFM_PS_SET_VERSION (1U)
+#define TFM_PS_GET_SID (0x00000061U)
+#define TFM_PS_GET_VERSION (1U)
+#define TFM_PS_GET_INFO_SID (0x00000062U)
+#define TFM_PS_GET_INFO_VERSION (1U)
+#define TFM_PS_REMOVE_SID (0x00000063U)
+#define TFM_PS_REMOVE_VERSION (1U)
+#define TFM_PS_GET_SUPPORT_SID (0x00000064U)
+#define TFM_PS_GET_SUPPORT_VERSION (1U)
/******** TFM_SP_ITS ********/
#define TFM_ITS_SET_SID (0x00000070U)
@@ -126,9 +126,9 @@
#define SPM_CORE_IRQ_TEST_1_EXECUTE_TEST_SCENARIO_SID (0x0000F0A1U)
#define SPM_CORE_IRQ_TEST_1_EXECUTE_TEST_SCENARIO_VERSION (1U)
-/******** TFM_SP_SST_TEST ********/
-#define TFM_SST_TEST_PREPARE_SID (0x0000F0C0U)
-#define TFM_SST_TEST_PREPARE_VERSION (1U)
+/******** TFM_SP_PS_TEST ********/
+#define TFM_PS_TEST_PREPARE_SID (0x0000F0C0U)
+#define TFM_PS_TEST_PREPARE_VERSION (1U)
/******** TFM_SP_SECURE_CLIENT_2 ********/
#define TFM_SECURE_CLIENT_2_SID (0x0000F0E0U)
diff --git a/interface/include/tfm_ps_defs.h b/interface/include/tfm_ps_defs.h
new file mode 100644
index 0000000..5dcf2f1
--- /dev/null
+++ b/interface/include/tfm_ps_defs.h
@@ -0,0 +1,22 @@
+/*
+ * Copyright (c) 2017-2020, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef __TFM_PS_DEFS_H__
+#define __TFM_PS_DEFS_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Invalid UID */
+#define TFM_PS_INVALID_UID 0
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __TFM_PS_DEFS_H__ */
diff --git a/interface/include/tfm_sst_defs.h b/interface/include/tfm_sst_defs.h
deleted file mode 100644
index 9132cce..0000000
--- a/interface/include/tfm_sst_defs.h
+++ /dev/null
@@ -1,22 +0,0 @@
-/*
- * Copyright (c) 2017-2019, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#ifndef __TFM_SST_DEFS_H__
-#define __TFM_SST_DEFS_H__
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Invalid UID */
-#define TFM_SST_INVALID_UID 0
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __TFM_SST_DEFS_H__ */
diff --git a/interface/include/tfm_veneers.h b/interface/include/tfm_veneers.h
index d2d9207..c66006a 100644
--- a/interface/include/tfm_veneers.h
+++ b/interface/include/tfm_veneers.h
@@ -16,14 +16,14 @@
extern "C" {
#endif
-#ifdef TFM_PARTITION_SECURE_STORAGE
-/******** TFM_SP_STORAGE ********/
-psa_status_t tfm_tfm_sst_set_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len);
-psa_status_t tfm_tfm_sst_get_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len);
-psa_status_t tfm_tfm_sst_get_info_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len);
-psa_status_t tfm_tfm_sst_remove_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len);
-psa_status_t tfm_tfm_sst_get_support_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len);
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
+/******** TFM_SP_PS ********/
+psa_status_t tfm_tfm_ps_set_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_tfm_ps_get_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_tfm_ps_get_info_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_tfm_ps_remove_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_tfm_ps_get_support_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len);
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_INTERNAL_TRUSTED_STORAGE
/******** TFM_SP_ITS ********/
@@ -159,10 +159,10 @@
psa_status_t tfm_spm_irq_test_1_execute_test_scenario_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len);
#endif /* TFM_ENABLE_IRQ_TEST */
-#ifdef TFM_PARTITION_TEST_SST
-/******** TFM_SP_SST_TEST ********/
-psa_status_t tfm_tfm_sst_test_prepare_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len);
-#endif /* TFM_PARTITION_TEST_SST */
+#ifdef TFM_PARTITION_TEST_PS
+/******** TFM_SP_PS_TEST ********/
+psa_status_t tfm_tfm_ps_test_prepare_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len);
+#endif /* TFM_PARTITION_TEST_PS */
#ifdef TFM_PARTITION_TEST_SECURE_SERVICES
/******** TFM_SP_SECURE_CLIENT_2 ********/
diff --git a/interface/src/tfm_sst_func_api.c b/interface/src/tfm_ps_func_api.c
similarity index 91%
rename from interface/src/tfm_sst_func_api.c
rename to interface/src/tfm_ps_func_api.c
index 77a466e..d3c53a4 100644
--- a/interface/src/tfm_sst_func_api.c
+++ b/interface/src/tfm_ps_func_api.c
@@ -25,7 +25,7 @@
};
status = tfm_ns_interface_dispatch(
- (veneer_fn)tfm_tfm_sst_set_req_veneer,
+ (veneer_fn)tfm_tfm_ps_set_req_veneer,
(uint32_t)in_vec, IOVEC_LEN(in_vec),
(uint32_t)NULL, 0);
@@ -60,7 +60,7 @@
}
status = tfm_ns_interface_dispatch(
- (veneer_fn)tfm_tfm_sst_get_req_veneer,
+ (veneer_fn)tfm_tfm_ps_get_req_veneer,
(uint32_t)in_vec, IOVEC_LEN(in_vec),
(uint32_t)out_vec, IOVEC_LEN(out_vec));
@@ -82,7 +82,7 @@
};
status = tfm_ns_interface_dispatch(
- (veneer_fn)tfm_tfm_sst_get_info_req_veneer,
+ (veneer_fn)tfm_tfm_ps_get_info_req_veneer,
(uint32_t)in_vec, IOVEC_LEN(in_vec),
(uint32_t)out_vec, IOVEC_LEN(out_vec));
@@ -97,7 +97,7 @@
};
status = tfm_ns_interface_dispatch(
- (veneer_fn)tfm_tfm_sst_remove_req_veneer,
+ (veneer_fn)tfm_tfm_ps_remove_req_veneer,
(uint32_t)in_vec, IOVEC_LEN(in_vec),
(uint32_t)NULL, 0);
@@ -138,7 +138,7 @@
};
(void)tfm_ns_interface_dispatch(
- (veneer_fn)tfm_tfm_sst_get_support_req_veneer,
+ (veneer_fn)tfm_tfm_ps_get_support_req_veneer,
(uint32_t)NULL, 0,
(uint32_t)out_vec, IOVEC_LEN(out_vec));
diff --git a/interface/src/tfm_sst_ipc_api.c b/interface/src/tfm_ps_ipc_api.c
similarity index 92%
rename from interface/src/tfm_sst_ipc_api.c
rename to interface/src/tfm_ps_ipc_api.c
index 4130428..7cc3a63 100644
--- a/interface/src/tfm_sst_ipc_api.c
+++ b/interface/src/tfm_ps_ipc_api.c
@@ -26,7 +26,7 @@
{ .base = &create_flags, .len = sizeof(create_flags) }
};
- handle = psa_connect(TFM_SST_SET_SID, TFM_SST_SET_VERSION);
+ handle = psa_connect(TFM_PS_SET_SID, TFM_PS_SET_VERSION);
if (!PSA_HANDLE_IS_VALID(handle)) {
return PSA_ERROR_GENERIC_ERROR;
}
@@ -69,7 +69,7 @@
return PSA_ERROR_INVALID_ARGUMENT;
}
- handle = psa_connect(TFM_SST_GET_SID, TFM_SST_GET_VERSION);
+ handle = psa_connect(TFM_PS_GET_SID, TFM_PS_GET_VERSION);
if (!PSA_HANDLE_IS_VALID(handle)) {
return PSA_ERROR_GENERIC_ERROR;
}
@@ -98,7 +98,7 @@
{ .base = p_info, .len = sizeof(*p_info) }
};
- handle = psa_connect(TFM_SST_GET_INFO_SID, TFM_SST_GET_INFO_VERSION);
+ handle = psa_connect(TFM_PS_GET_INFO_SID, TFM_PS_GET_INFO_VERSION);
if (!PSA_HANDLE_IS_VALID(handle)) {
return PSA_ERROR_GENERIC_ERROR;
}
@@ -121,7 +121,7 @@
};
- handle = psa_connect(TFM_SST_REMOVE_SID, TFM_SST_REMOVE_VERSION);
+ handle = psa_connect(TFM_PS_REMOVE_SID, TFM_PS_REMOVE_VERSION);
if (!PSA_HANDLE_IS_VALID(handle)) {
return PSA_ERROR_GENERIC_ERROR;
}
@@ -170,7 +170,7 @@
/* The PSA API does not return an error, so any error from TF-M is
* ignored.
*/
- handle = psa_connect(TFM_SST_GET_SUPPORT_SID, TFM_SST_GET_SUPPORT_VERSION);
+ handle = psa_connect(TFM_PS_GET_SUPPORT_SID, TFM_PS_GET_SUPPORT_VERSION);
if (!PSA_HANDLE_IS_VALID(handle)) {
return support_flags;
}
diff --git a/platform/ext/Mps2AN519.cmake b/platform/ext/Mps2AN519.cmake
index cffb137..ef2e5ca 100644
--- a/platform/ext/Mps2AN519.cmake
+++ b/platform/ext/Mps2AN519.cmake
@@ -179,9 +179,9 @@
# API ONLY if the target has non-volatile counters.
list(APPEND ALL_SRC_C "${PLATFORM_DIR}/common/template/nv_counters.c")
set(TARGET_NV_COUNTERS_ENABLE ON)
- # Sets SST_ROLLBACK_PROTECTION flag to compile in the SST services
+ # Sets PS_ROLLBACK_PROTECTION flag to compile in the PS services
# rollback protection code as the target supports nv counters.
- set (SST_ROLLBACK_PROTECTION ON)
+ set (PS_ROLLBACK_PROTECTION ON)
endif()
if (NOT DEFINED BUILD_CMSIS_DRIVERS)
@@ -201,11 +201,11 @@
# There is no real flash memory for code on MPS2 board. Instead a code SRAM is
# used for code storage: ZBT SSRAM1. The Driver_Flash driver just emulates a flash
# interface and behaviour on top of the SRAM memory.
- # As the SST area is going to be in RAM, it is required to set SST_CREATE_FLASH_LAYOUT
- # to be sure the SST service knows that when it starts the SST area does not contain any
- # valid SST flash layout and it needs to create one. The same for ITS.
- set(SST_CREATE_FLASH_LAYOUT ON)
- set(SST_RAM_FS OFF)
+ # As the PS area is going to be in RAM, it is required to set PS_CREATE_FLASH_LAYOUT
+ # to be sure the PS service knows that when it starts the PS area does not contain any
+ # valid PS flash layout and it needs to create one. The same for ITS.
+ set(PS_CREATE_FLASH_LAYOUT ON)
+ set(PS_RAM_FS OFF)
set(ITS_CREATE_FLASH_LAYOUT ON)
set(ITS_RAM_FS OFF)
embedded_include_directories(PATH "${PLATFORM_DIR}/target/mps2/an519/cmsis_drivers" ABSOLUTE)
diff --git a/platform/ext/Mps2AN521.cmake b/platform/ext/Mps2AN521.cmake
index b37f1f3..9afdf0e 100644
--- a/platform/ext/Mps2AN521.cmake
+++ b/platform/ext/Mps2AN521.cmake
@@ -180,9 +180,9 @@
# API ONLY if the target has non-volatile counters.
list(APPEND ALL_SRC_C "${PLATFORM_DIR}/common/template/nv_counters.c")
set(TARGET_NV_COUNTERS_ENABLE ON)
- # Sets SST_ROLLBACK_PROTECTION flag to compile in the SST services
+ # Sets PS_ROLLBACK_PROTECTION flag to compile in the PS services
# rollback protection code as the target supports nv counters.
- set (SST_ROLLBACK_PROTECTION ON)
+ set (PS_ROLLBACK_PROTECTION ON)
endif()
if (NOT DEFINED BUILD_CMSIS_DRIVERS)
@@ -202,11 +202,11 @@
# There is no real flash memory for code on MPS2 board. Instead a code SRAM is
# used for code storage: ZBT SSRAM1. The Driver_Flash driver just emulates a flash
# interface and behaviour on top of the SRAM memory.
- # As the SST area is going to be in RAM, it is required to set SST_CREATE_FLASH_LAYOUT
- # to be sure the SST service knows that when it starts the SST area does not contain any
- # valid SST flash layout and it needs to create one. The same for ITS.
- set(SST_CREATE_FLASH_LAYOUT ON)
- set(SST_RAM_FS OFF)
+ # As the PS area is going to be in RAM, it is required to set PS_CREATE_FLASH_LAYOUT
+ # to be sure the PS service knows that when it starts the PS area does not contain any
+ # valid PS flash layout and it needs to create one. The same for ITS.
+ set(PS_CREATE_FLASH_LAYOUT ON)
+ set(PS_RAM_FS OFF)
set(ITS_CREATE_FLASH_LAYOUT ON)
set(ITS_RAM_FS OFF)
embedded_include_directories(PATH "${PLATFORM_DIR}/target/mps2/an521/cmsis_drivers" ABSOLUTE)
diff --git a/platform/ext/Mps2AN539.cmake b/platform/ext/Mps2AN539.cmake
index 084f441..b0b64dc 100644
--- a/platform/ext/Mps2AN539.cmake
+++ b/platform/ext/Mps2AN539.cmake
@@ -163,9 +163,9 @@
# API ONLY if the target has non-volatile counters.
list(APPEND ALL_SRC_C "${PLATFORM_DIR}/common/template/nv_counters.c")
set(TARGET_NV_COUNTERS_ENABLE ON)
- # Sets SST_ROLLBACK_PROTECTION flag to compile in the SST services
+ # Sets PS_ROLLBACK_PROTECTION flag to compile in the PS services
# rollback protection code as the target supports nv counters.
- set(SST_ROLLBACK_PROTECTION ON)
+ set(PS_ROLLBACK_PROTECTION ON)
endif()
if (NOT DEFINED BUILD_CMSIS_DRIVERS)
@@ -205,11 +205,11 @@
# There is no real flash memory for code on MPS2 board. Instead a code SRAM is used for code
# storage: SSRAM1. The Driver_Flash driver just emulates a flash interface and behaviour on
# top of the SRAM memory.
- # As the SST area is going to be in RAM, it is required to set SST_CREATE_FLASH_LAYOUT
- # to be sure the SST service knows that when it starts the SST area does not contain any
- # valid SST flash layout and it needs to create one. The same for ITS.
- set(SST_CREATE_FLASH_LAYOUT ON)
- set(SST_RAM_FS OFF)
+ # As the PS area is going to be in RAM, it is required to set PS_CREATE_FLASH_LAYOUT
+ # to be sure the PS service knows that when it starts the PS area does not contain any
+ # valid PS flash layout and it needs to create one. The same for ITS.
+ set(PS_CREATE_FLASH_LAYOUT ON)
+ set(PS_RAM_FS OFF)
set(ITS_CREATE_FLASH_LAYOUT ON)
set(ITS_RAM_FS OFF)
embedded_include_directories(PATH "${AN539_DIR}/cmsis_drivers" ABSOLUTE)
diff --git a/platform/ext/Mps3AN524.cmake b/platform/ext/Mps3AN524.cmake
index 6e7cac0..1a4cf17 100644
--- a/platform/ext/Mps3AN524.cmake
+++ b/platform/ext/Mps3AN524.cmake
@@ -186,9 +186,9 @@
# API ONLY if the target has non-volatile counters.
list(APPEND ALL_SRC_C "${PLATFORM_DIR}/common/template/nv_counters.c")
set(TARGET_NV_COUNTERS_ENABLE ON)
- # Sets SST_ROLLBACK_PROTECTION flag to compile in the SST services
+ # Sets PS_ROLLBACK_PROTECTION flag to compile in the PS services
# rollback protection code as the target supports nv counters.
- set(SST_ROLLBACK_PROTECTION ON)
+ set(PS_ROLLBACK_PROTECTION ON)
endif()
if (NOT DEFINED BUILD_CMSIS_DRIVERS)
@@ -205,13 +205,13 @@
message(FATAL_ERROR "Configuration variable BUILD_FLASH (true|false) is undefined!")
elseif(BUILD_FLASH)
list(APPEND ALL_SRC_C "${AN524_DIR}/cmsis_drivers/Driver_Flash.c")
- # For AN524 currently BRAM is used for SST The Driver_Flash driver just emulates a flash
+ # For AN524 currently BRAM is used for PS The Driver_Flash driver just emulates a flash
# interface and behaviour on top of the BRAM memory.
- # As the SST area is going to be in RAM, it is required to set SST_CREATE_FLASH_LAYOUT
- # to be sure the SST service knows that when it starts the SST area does not contain any
- # valid SST flash layout and it needs to create one. The same for ITS.
- set(SST_CREATE_FLASH_LAYOUT ON)
- set(SST_RAM_FS OFF)
+ # As the PS area is going to be in RAM, it is required to set PS_CREATE_FLASH_LAYOUT
+ # to be sure the PS service knows that when it starts the PS area does not contain any
+ # valid PS flash layout and it needs to create one. The same for ITS.
+ set(PS_CREATE_FLASH_LAYOUT ON)
+ set(PS_RAM_FS OFF)
set(ITS_CREATE_FLASH_LAYOUT ON)
set(ITS_RAM_FS OFF)
embedded_include_directories(PATH "${AN524_DIR}/cmsis_drivers" ABSOLUTE)
diff --git a/platform/ext/SSE-200_AWS.cmake b/platform/ext/SSE-200_AWS.cmake
index a7e6b53..db51353 100644
--- a/platform/ext/SSE-200_AWS.cmake
+++ b/platform/ext/SSE-200_AWS.cmake
@@ -182,9 +182,9 @@
# API ONLY if the target has non-volatile counters.
list(APPEND ALL_SRC_C "${PLATFORM_DIR}/common/template/nv_counters.c")
set(TARGET_NV_COUNTERS_ENABLE ON)
- # Sets SST_ROLLBACK_PROTECTION flag to compile in the SST services
+ # Sets PS_ROLLBACK_PROTECTION flag to compile in the PS services
# rollback protection code as the target supports nv counters.
- set (SST_ROLLBACK_PROTECTION ON)
+ set (PS_ROLLBACK_PROTECTION ON)
endif()
if (NOT DEFINED BUILD_CMSIS_DRIVERS)
@@ -204,11 +204,11 @@
# There is no real flash memory for code on MPS2 board. Instead a code SRAM is
# used for code storage: ZBT SSRAM1. The Driver_Flash driver just emulates a flash
# interface and behaviour on top of the SRAM memory.
- # As the SST area is going to be in RAM, it is required to set SST_CREATE_FLASH_LAYOUT
- # to be sure the SST service knows that when it starts the SST area does not contain any
- # valid SST flash layout and it needs to create one. The same for ITS.
- set(SST_CREATE_FLASH_LAYOUT ON)
- set(SST_RAM_FS OFF)
+ # As the PS area is going to be in RAM, it is required to set PS_CREATE_FLASH_LAYOUT
+ # to be sure the PS service knows that when it starts the PS area does not contain any
+ # valid PS flash layout and it needs to create one. The same for ITS.
+ set(PS_CREATE_FLASH_LAYOUT ON)
+ set(PS_RAM_FS OFF)
set(ITS_CREATE_FLASH_LAYOUT ON)
set(ITS_RAM_FS OFF)
embedded_include_directories(PATH "${PLATFORM_DIR}/target/sse-200_aws/cmsis_drivers" ABSOLUTE)
diff --git a/platform/ext/common/armclang/tfm_common_s.sct b/platform/ext/common/armclang/tfm_common_s.sct
index c3777a6..c1f4084 100644
--- a/platform/ext/common/armclang/tfm_common_s.sct
+++ b/platform/ext/common/armclang/tfm_common_s.sct
@@ -110,12 +110,12 @@
}
#endif /* TFM_PARTITION_TEST_CORE_IPC */
-#ifdef TFM_PARTITION_TEST_SST
- TFM_SP_SST_TEST_LINKER +0 ALIGN 32 {
- *tfm_sst_test_service.* (+RO)
- *(TFM_SP_SST_TEST_ATTR_FN)
+#ifdef TFM_PARTITION_TEST_PS
+ TFM_SP_PS_TEST_LINKER +0 ALIGN 32 {
+ *tfm_ps_test_service.* (+RO)
+ *(TFM_SP_PS_TEST_ATTR_FN)
}
-#endif /* TFM_PARTITION_TEST_SST */
+#endif /* TFM_PARTITION_TEST_PS */
/*
* This empty, zero long execution region is here to mark the end address
@@ -132,13 +132,13 @@
TFM_APP_CODE_START +0 ALIGN 32 EMPTY 0x0 {
}
-#ifdef TFM_PARTITION_SECURE_STORAGE
- TFM_SP_STORAGE_LINKER +0 ALIGN 32 {
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
+ TFM_SP_PS_LINKER +0 ALIGN 32 {
*tfm_storage* (+RO)
- *test_sst_nv_counters.* (+RO)
- *(TFM_SP_STORAGE_ATTR_FN)
+ *test_ps_nv_counters.* (+RO)
+ *(TFM_SP_PS_ATTR_FN)
}
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_TEST_CORE
TFM_SP_CORE_TEST_2_LINKER +0 ALIGN 32 {
@@ -237,19 +237,19 @@
TFM_APP_RW_STACK_START +0 ALIGN 32 EMPTY 0x0 {
}
-#ifdef TFM_PARTITION_SECURE_STORAGE
- TFM_SP_STORAGE_LINKER_DATA +0 ALIGN 32 {
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
+ TFM_SP_PS_LINKER_DATA +0 ALIGN 32 {
*tfm_storage* (+RW +ZI)
- *test_sst_nv_counters.* (+RW +ZI)
- *(TFM_SP_STORAGE_ATTR_RW)
- *(TFM_SP_STORAGE_ATTR_ZI)
+ *test_ps_nv_counters.* (+RW +ZI)
+ *(TFM_SP_PS_ATTR_RW)
+ *(TFM_SP_PS_ATTR_ZI)
}
#if defined (TFM_PSA_API)
- TFM_SP_STORAGE_LINKER_STACK +0 ALIGN 128 EMPTY 0x800 {
+ TFM_SP_PS_LINKER_STACK +0 ALIGN 128 EMPTY 0x800 {
}
#endif
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_TEST_CORE
TFM_SP_CORE_TEST_2_LINKER_DATA +0 ALIGN 32 {
@@ -475,18 +475,18 @@
#endif
#endif /* TFM_PARTITION_TEST_CORE_IPC */
-#ifdef TFM_PARTITION_TEST_SST
- TFM_SP_SST_TEST_LINKER_DATA +0 ALIGN 32 {
- *tfm_sst_test_service.* (+RW +ZI)
- *(TFM_SP_SST_TEST_ATTR_RW)
- *(TFM_SP_SST_TEST_ATTR_ZI)
+#ifdef TFM_PARTITION_TEST_PS
+ TFM_SP_PS_TEST_LINKER_DATA +0 ALIGN 32 {
+ *tfm_ps_test_service.* (+RW +ZI)
+ *(TFM_SP_PS_TEST_ATTR_RW)
+ *(TFM_SP_PS_TEST_ATTR_ZI)
}
#if defined (TFM_PSA_API)
- TFM_SP_SST_TEST_LINKER_STACK +0 ALIGN 128 EMPTY 0x500 {
+ TFM_SP_PS_TEST_LINKER_STACK +0 ALIGN 128 EMPTY 0x500 {
}
#endif
-#endif /* TFM_PARTITION_TEST_SST */
+#endif /* TFM_PARTITION_TEST_PS */
/*
* This empty, zero long execution region is here to mark the end address
diff --git a/platform/ext/common/gcc/tfm_common_s.ld b/platform/ext/common/gcc/tfm_common_s.ld
index ef16828..c9ef4e2 100644
--- a/platform/ext/common/gcc/tfm_common_s.ld
+++ b/platform/ext/common/gcc/tfm_common_s.ld
@@ -67,11 +67,11 @@
LONG (ADDR(.TFM_UNPRIV_DATA))
LONG (SIZEOF(.TFM_UNPRIV_DATA))
#endif /* defined(TFM_PSA_API) */
-#ifdef TFM_PARTITION_SECURE_STORAGE
- LONG (LOADADDR(.TFM_SP_STORAGE_LINKER_DATA))
- LONG (ADDR(.TFM_SP_STORAGE_LINKER_DATA))
- LONG (SIZEOF(.TFM_SP_STORAGE_LINKER_DATA))
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
+ LONG (LOADADDR(.TFM_SP_PS_LINKER_DATA))
+ LONG (ADDR(.TFM_SP_PS_LINKER_DATA))
+ LONG (SIZEOF(.TFM_SP_PS_LINKER_DATA))
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_INTERNAL_TRUSTED_STORAGE
LONG (LOADADDR(.TFM_SP_ITS_LINKER_DATA))
LONG (ADDR(.TFM_SP_ITS_LINKER_DATA))
@@ -127,11 +127,11 @@
LONG (ADDR(.TFM_IRQ_TEST_1_LINKER_DATA))
LONG (SIZEOF(.TFM_IRQ_TEST_1_LINKER_DATA))
#endif /* TFM_ENABLE_IRQ_TEST */
-#ifdef TFM_PARTITION_TEST_SST
- LONG (LOADADDR(.TFM_SP_SST_TEST_LINKER_DATA))
- LONG (ADDR(.TFM_SP_SST_TEST_LINKER_DATA))
- LONG (SIZEOF(.TFM_SP_SST_TEST_LINKER_DATA))
-#endif /* TFM_PARTITION_TEST_SST */
+#ifdef TFM_PARTITION_TEST_PS
+ LONG (LOADADDR(.TFM_SP_PS_TEST_LINKER_DATA))
+ LONG (ADDR(.TFM_SP_PS_TEST_LINKER_DATA))
+ LONG (SIZEOF(.TFM_SP_PS_TEST_LINKER_DATA))
+#endif /* TFM_PARTITION_TEST_PS */
#ifdef TFM_PARTITION_TEST_SECURE_SERVICES
LONG (LOADADDR(.TFM_SP_SECURE_CLIENT_2_LINKER_DATA))
LONG (ADDR(.TFM_SP_SECURE_CLIENT_2_LINKER_DATA))
@@ -164,14 +164,14 @@
LONG (ADDR(.TFM_SECURE_STACK))
LONG (SIZEOF(.TFM_SECURE_STACK))
#endif /* !defined(TFM_PSA_API) */
-#ifdef TFM_PARTITION_SECURE_STORAGE
- LONG (ADDR(.TFM_SP_STORAGE_LINKER_BSS))
- LONG (SIZEOF(.TFM_SP_STORAGE_LINKER_BSS))
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
+ LONG (ADDR(.TFM_SP_PS_LINKER_BSS))
+ LONG (SIZEOF(.TFM_SP_PS_LINKER_BSS))
#if defined(TFM_PSA_API)
- LONG (ADDR(.TFM_SP_STORAGE_LINKER_STACK))
- LONG (SIZEOF(.TFM_SP_STORAGE_LINKER_STACK))
+ LONG (ADDR(.TFM_SP_PS_LINKER_STACK))
+ LONG (SIZEOF(.TFM_SP_PS_LINKER_STACK))
#endif
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_INTERNAL_TRUSTED_STORAGE
LONG (ADDR(.TFM_SP_ITS_LINKER_BSS))
LONG (SIZEOF(.TFM_SP_ITS_LINKER_BSS))
@@ -260,14 +260,14 @@
LONG (SIZEOF(.TFM_IRQ_TEST_1_LINKER_STACK))
#endif
#endif /* TFM_ENABLE_IRQ_TEST */
-#ifdef TFM_PARTITION_TEST_SST
- LONG (ADDR(.TFM_SP_SST_TEST_LINKER_BSS))
- LONG (SIZEOF(.TFM_SP_SST_TEST_LINKER_BSS))
+#ifdef TFM_PARTITION_TEST_PS
+ LONG (ADDR(.TFM_SP_PS_TEST_LINKER_BSS))
+ LONG (SIZEOF(.TFM_SP_PS_TEST_LINKER_BSS))
#if defined(TFM_PSA_API)
- LONG (ADDR(.TFM_SP_SST_TEST_LINKER_STACK))
- LONG (SIZEOF(.TFM_SP_SST_TEST_LINKER_STACK))
+ LONG (ADDR(.TFM_SP_PS_TEST_LINKER_STACK))
+ LONG (SIZEOF(.TFM_SP_PS_TEST_LINKER_STACK))
#endif
-#endif /* TFM_PARTITION_TEST_SST */
+#endif /* TFM_PARTITION_TEST_PS */
#ifdef TFM_PARTITION_TEST_SECURE_SERVICES
LONG (ADDR(.TFM_SP_SECURE_CLIENT_2_LINKER_BSS))
LONG (SIZEOF(.TFM_SP_SECURE_CLIENT_2_LINKER_BSS))
@@ -446,19 +446,19 @@
Image$$TFM_SP_IPC_SERVICE_TEST_LINKER$$Limit = ADDR(.TFM_SP_IPC_SERVICE_TEST_LINKER) + SIZEOF(.TFM_SP_IPC_SERVICE_TEST_LINKER);
#endif /* TFM_PARTITION_TEST_CORE_IPC */
-#ifdef TFM_PARTITION_TEST_SST
- .TFM_SP_SST_TEST_LINKER : ALIGN(32)
+#ifdef TFM_PARTITION_TEST_PS
+ .TFM_SP_PS_TEST_LINKER : ALIGN(32)
{
- *tfm_sst_test_service.*(.text*)
- *tfm_sst_test_service.*(.rodata*)
- *(TFM_SP_SST_TEST_ATTR_FN)
+ *tfm_ps_test_service.*(.text*)
+ *tfm_ps_test_service.*(.rodata*)
+ *(TFM_SP_PS_TEST_ATTR_FN)
. = ALIGN(32);
} > FLASH
- Image$$TFM_SP_SST_TEST_LINKER$$RO$$Base = ADDR(.TFM_SP_SST_TEST_LINKER);
- Image$$TFM_SP_SST_TEST_LINKER$$RO$$Limit = ADDR(.TFM_SP_SST_TEST_LINKER) + SIZEOF(.TFM_SP_SST_TEST_LINKER);
- Image$$TFM_SP_SST_TEST_LINKER$$Base = ADDR(.TFM_SP_SST_TEST_LINKER);
- Image$$TFM_SP_SST_TEST_LINKER$$Limit = ADDR(.TFM_SP_SST_TEST_LINKER) + SIZEOF(.TFM_SP_SST_TEST_LINKER);
-#endif /* TFM_PARTITION_TEST_SST */
+ Image$$TFM_SP_PS_TEST_LINKER$$RO$$Base = ADDR(.TFM_SP_PS_TEST_LINKER);
+ Image$$TFM_SP_PS_TEST_LINKER$$RO$$Limit = ADDR(.TFM_SP_PS_TEST_LINKER) + SIZEOF(.TFM_SP_PS_TEST_LINKER);
+ Image$$TFM_SP_PS_TEST_LINKER$$Base = ADDR(.TFM_SP_PS_TEST_LINKER);
+ Image$$TFM_SP_PS_TEST_LINKER$$Limit = ADDR(.TFM_SP_PS_TEST_LINKER) + SIZEOF(.TFM_SP_PS_TEST_LINKER);
+#endif /* TFM_PARTITION_TEST_PS */
/**** PSA RoT RO part (CODE + RODATA) end here */
Image$$TFM_PSA_CODE_END$$Base = .;
@@ -466,21 +466,21 @@
/**** APPLICATION RoT RO part (CODE + RODATA) start here */
Image$$TFM_APP_CODE_START$$Base = .;
-#ifdef TFM_PARTITION_SECURE_STORAGE
- .TFM_SP_STORAGE_LINKER : ALIGN(32)
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
+ .TFM_SP_PS_LINKER : ALIGN(32)
{
*tfm_storage*:*(.text*)
*tfm_storage*:*(.rodata*)
- *test_sst_nv_counters.*(.text*)
- *test_sst_nv_counters.*(.rodata*)
- *(TFM_SP_STORAGE_ATTR_FN)
+ *test_ps_nv_counters.*(.text*)
+ *test_ps_nv_counters.*(.rodata*)
+ *(TFM_SP_PS_ATTR_FN)
. = ALIGN(32);
} > FLASH
- Image$$TFM_SP_STORAGE_LINKER$$RO$$Base = ADDR(.TFM_SP_STORAGE_LINKER);
- Image$$TFM_SP_STORAGE_LINKER$$RO$$Limit = ADDR(.TFM_SP_STORAGE_LINKER) + SIZEOF(.TFM_SP_STORAGE_LINKER);
- Image$$TFM_SP_STORAGE_LINKER$$Base = ADDR(.TFM_SP_STORAGE_LINKER);
- Image$$TFM_SP_STORAGE_LINKER$$Limit = ADDR(.TFM_SP_STORAGE_LINKER) + SIZEOF(.TFM_SP_STORAGE_LINKER);
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+ Image$$TFM_SP_PS_LINKER$$RO$$Base = ADDR(.TFM_SP_PS_LINKER);
+ Image$$TFM_SP_PS_LINKER$$RO$$Limit = ADDR(.TFM_SP_PS_LINKER) + SIZEOF(.TFM_SP_PS_LINKER);
+ Image$$TFM_SP_PS_LINKER$$Base = ADDR(.TFM_SP_PS_LINKER);
+ Image$$TFM_SP_PS_LINKER$$Limit = ADDR(.TFM_SP_PS_LINKER) + SIZEOF(.TFM_SP_PS_LINKER);
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_TEST_CORE
.TFM_SP_CORE_TEST_2_LINKER : ALIGN(32)
@@ -697,41 +697,41 @@
/**** APPLICATION RoT DATA start here */
Image$$TFM_APP_RW_STACK_START$$Base = .;
-#ifdef TFM_PARTITION_SECURE_STORAGE
- .TFM_SP_STORAGE_LINKER_DATA : ALIGN(32)
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
+ .TFM_SP_PS_LINKER_DATA : ALIGN(32)
{
*tfm_storage*:*(.data*)
- *test_sst_nv_counters.*(.data*)
- *(TFM_SP_STORAGE_ATTR_RW)
+ *test_ps_nv_counters.*(.data*)
+ *(TFM_SP_PS_ATTR_RW)
. = ALIGN(32);
} > RAM AT> FLASH
- Image$$TFM_SP_STORAGE_LINKER_DATA$$RW$$Base = ADDR(.TFM_SP_STORAGE_LINKER_DATA);
- Image$$TFM_SP_STORAGE_LINKER_DATA$$RW$$Limit = ADDR(.TFM_SP_STORAGE_LINKER_DATA) + SIZEOF(.TFM_SP_STORAGE_LINKER_DATA);
+ Image$$TFM_SP_PS_LINKER_DATA$$RW$$Base = ADDR(.TFM_SP_PS_LINKER_DATA);
+ Image$$TFM_SP_PS_LINKER_DATA$$RW$$Limit = ADDR(.TFM_SP_PS_LINKER_DATA) + SIZEOF(.TFM_SP_PS_LINKER_DATA);
- .TFM_SP_STORAGE_LINKER_BSS : ALIGN(32)
+ .TFM_SP_PS_LINKER_BSS : ALIGN(32)
{
- start_of_TFM_SP_STORAGE_LINKER = .;
+ start_of_TFM_SP_PS_LINKER = .;
*tfm_storage*:*(.bss*)
*tfm_storage*:*(COMMON)
- *test_sst_nv_counters.*(.bss*)
- *test_sst_nv_counters.*(COMMON)
- *(TFM_SP_STORAGE_ATTR_ZI)
- . += (. - start_of_TFM_SP_STORAGE_LINKER) ? 0 : 4;
+ *test_ps_nv_counters.*(.bss*)
+ *test_ps_nv_counters.*(COMMON)
+ *(TFM_SP_PS_ATTR_ZI)
+ . += (. - start_of_TFM_SP_PS_LINKER) ? 0 : 4;
. = ALIGN(32);
} > RAM AT> RAM
- Image$$TFM_SP_STORAGE_LINKER_DATA$$ZI$$Base = ADDR(.TFM_SP_STORAGE_LINKER_BSS);
- Image$$TFM_SP_STORAGE_LINKER_DATA$$ZI$$Limit = ADDR(.TFM_SP_STORAGE_LINKER_BSS) + SIZEOF(.TFM_SP_STORAGE_LINKER_BSS);
+ Image$$TFM_SP_PS_LINKER_DATA$$ZI$$Base = ADDR(.TFM_SP_PS_LINKER_BSS);
+ Image$$TFM_SP_PS_LINKER_DATA$$ZI$$Limit = ADDR(.TFM_SP_PS_LINKER_BSS) + SIZEOF(.TFM_SP_PS_LINKER_BSS);
#if defined (TFM_PSA_API)
- .TFM_SP_STORAGE_LINKER_STACK : ALIGN(128)
+ .TFM_SP_PS_LINKER_STACK : ALIGN(128)
{
. += 0x800;
} > RAM
- Image$$TFM_SP_STORAGE_LINKER_STACK$$ZI$$Base = ADDR(.TFM_SP_STORAGE_LINKER_STACK);
- Image$$TFM_SP_STORAGE_LINKER_STACK$$ZI$$Limit = ADDR(.TFM_SP_STORAGE_LINKER_STACK) + SIZEOF(.TFM_SP_STORAGE_LINKER_STACK);
+ Image$$TFM_SP_PS_LINKER_STACK$$ZI$$Base = ADDR(.TFM_SP_PS_LINKER_STACK);
+ Image$$TFM_SP_PS_LINKER_STACK$$ZI$$Limit = ADDR(.TFM_SP_PS_LINKER_STACK) + SIZEOF(.TFM_SP_PS_LINKER_STACK);
#endif
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_TEST_CORE
.TFM_SP_CORE_TEST_2_LINKER_DATA : ALIGN(32)
@@ -1269,38 +1269,38 @@
#endif /* TFM_PARTITION_TEST_CORE_IPC */
-#ifdef TFM_PARTITION_TEST_SST
- .TFM_SP_SST_TEST_LINKER_DATA : ALIGN(32)
+#ifdef TFM_PARTITION_TEST_PS
+ .TFM_SP_PS_TEST_LINKER_DATA : ALIGN(32)
{
- *tfm_sst_test_service.*(.data*)
- *(TFM_SP_SST_TEST_ATTR_RW)
+ *tfm_ps_test_service.*(.data*)
+ *(TFM_SP_PS_TEST_ATTR_RW)
. = ALIGN(32);
} > RAM AT> FLASH
- Image$$TFM_SP_SST_TEST_LINKER_DATA$$RW$$Base = ADDR(.TFM_SP_SST_TEST_LINKER_DATA);
- Image$$TFM_SP_SST_TEST_LINKER_DATA$$RW$$Limit = ADDR(.TFM_SP_SST_TEST_LINKER_DATA) + SIZEOF(.TFM_SP_SST_TEST_LINKER_DATA);
+ Image$$TFM_SP_PS_TEST_LINKER_DATA$$RW$$Base = ADDR(.TFM_SP_PS_TEST_LINKER_DATA);
+ Image$$TFM_SP_PS_TEST_LINKER_DATA$$RW$$Limit = ADDR(.TFM_SP_PS_TEST_LINKER_DATA) + SIZEOF(.TFM_SP_PS_TEST_LINKER_DATA);
- .TFM_SP_SST_TEST_LINKER_BSS : ALIGN(32)
+ .TFM_SP_PS_TEST_LINKER_BSS : ALIGN(32)
{
- start_of_TFM_SP_SST_TEST_LINKER = .;
- *tfm_sst_test_service.*(.bss*)
- *tfm_sst_test_service.*(COMMON)
- *(TFM_SP_SST_TEST_ATTR_ZI)
- . += (. - start_of_TFM_SP_SST_TEST_LINKER) ? 0 : 4;
+ start_of_TFM_SP_PS_TEST_LINKER = .;
+ *tfm_ps_test_service.*(.bss*)
+ *tfm_ps_test_service.*(COMMON)
+ *(TFM_SP_PS_TEST_ATTR_ZI)
+ . += (. - start_of_TFM_SP_PS_TEST_LINKER) ? 0 : 4;
. = ALIGN(32);
} > RAM AT> RAM
- Image$$TFM_SP_SST_TEST_LINKER_DATA$$ZI$$Base = ADDR(.TFM_SP_SST_TEST_LINKER_BSS);
- Image$$TFM_SP_SST_TEST_LINKER_DATA$$ZI$$Limit = ADDR(.TFM_SP_SST_TEST_LINKER_BSS) + SIZEOF(.TFM_SP_SST_TEST_LINKER_BSS);
+ Image$$TFM_SP_PS_TEST_LINKER_DATA$$ZI$$Base = ADDR(.TFM_SP_PS_TEST_LINKER_BSS);
+ Image$$TFM_SP_PS_TEST_LINKER_DATA$$ZI$$Limit = ADDR(.TFM_SP_PS_TEST_LINKER_BSS) + SIZEOF(.TFM_SP_PS_TEST_LINKER_BSS);
#if defined (TFM_PSA_API)
- .TFM_SP_SST_TEST_LINKER_STACK : ALIGN(128)
+ .TFM_SP_PS_TEST_LINKER_STACK : ALIGN(128)
{
. += 0x500;
} > RAM
- Image$$TFM_SP_SST_TEST_LINKER_STACK$$ZI$$Base = ADDR(.TFM_SP_SST_TEST_LINKER_STACK);
- Image$$TFM_SP_SST_TEST_LINKER_STACK$$ZI$$Limit = ADDR(.TFM_SP_SST_TEST_LINKER_STACK) + SIZEOF(.TFM_SP_SST_TEST_LINKER_STACK);
+ Image$$TFM_SP_PS_TEST_LINKER_STACK$$ZI$$Base = ADDR(.TFM_SP_PS_TEST_LINKER_STACK);
+ Image$$TFM_SP_PS_TEST_LINKER_STACK$$ZI$$Limit = ADDR(.TFM_SP_PS_TEST_LINKER_STACK) + SIZEOF(.TFM_SP_PS_TEST_LINKER_STACK);
#endif
-#endif /* TFM_PARTITION_TEST_SST */
+#endif /* TFM_PARTITION_TEST_PS */
/**** PSA RoT DATA end here */
Image$$TFM_PSA_RW_STACK_END$$Base = .;
diff --git a/platform/ext/common/iar/tfm_common_s.icf b/platform/ext/common/iar/tfm_common_s.icf
index 04d5ebb..9996da8 100644
--- a/platform/ext/common/iar/tfm_common_s.icf
+++ b/platform/ext/common/iar/tfm_common_s.icf
@@ -110,12 +110,12 @@
};
#endif /* TFM_PARTITION_TEST_CORE_IPC */
-#ifdef TFM_PARTITION_TEST_SST
-define block TFM_SP_SST_TEST_LINKER with alignment = 32 {
- ro object *tfm_sst_test_service.*,
- section TFM_SP_SST_TEST_ATTR_FN
+#ifdef TFM_PARTITION_TEST_PS
+define block TFM_SP_PS_TEST_LINKER with alignment = 32 {
+ ro object *tfm_ps_test_service.*,
+ section TFM_SP_PS_TEST_ATTR_FN
};
-#endif /* TFM_PARTITION_TEST_SST */
+#endif /* TFM_PARTITION_TEST_PS */
/*
* This empty, zero long execution region is here to mark the end address
@@ -130,12 +130,12 @@
*/
define block TFM_APP_CODE_START with alignment = 32, size = 0 { };
-#ifdef TFM_PARTITION_SECURE_STORAGE
-define block TFM_SP_STORAGE_LINKER with alignment = 32 {
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
+define block TFM_SP_PS_LINKER with alignment = 32 {
ro object *tfm_storage*,
- ro object *test_sst_nv_counters.*,
+ ro object *test_ps_nv_counters.*,
};
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_TEST_CORE
define block TFM_SP_CORE_TEST_2_LINKER with alignment = 32 {
@@ -199,16 +199,16 @@
define block TFM_APP_RW_STACK_START with alignment = 32, size = 0 { };
-#ifdef TFM_PARTITION_SECURE_STORAGE
-define block TFM_SP_STORAGE_LINKER_DATA with alignment = 32 {
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
+define block TFM_SP_PS_LINKER_DATA with alignment = 32 {
rw object *tfm_storage*,
- rw object *test_sst_nv_counters.*,
+ rw object *test_ps_nv_counters.*,
};
#if defined (TFM_PSA_API)
-define block TFM_SP_STORAGE_LINKER_STACK with alignment = 128, size = 0x800 { };
+define block TFM_SP_PS_LINKER_STACK with alignment = 128, size = 0x800 { };
#endif
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_TEST_CORE
define block TFM_SP_CORE_TEST_2_LINKER_DATA with alignment = 32 {
@@ -393,15 +393,15 @@
#endif
#endif /* TFM_PARTITION_TEST_CORE_IPC */
-#ifdef TFM_PARTITION_TEST_SST
-define block TFM_SP_SST_TEST_LINKER_DATA with alignment = 32 {
- rw object *tfm_sst_test_service.*,
+#ifdef TFM_PARTITION_TEST_PS
+define block TFM_SP_PS_TEST_LINKER_DATA with alignment = 32 {
+ rw object *tfm_ps_test_service.*,
};
#if defined (TFM_PSA_API)
-define block TFM_SP_SST_TEST_LINKER_STACK with alignment = 128, size = 0x500 { };
+define block TFM_SP_PS_TEST_LINKER_STACK with alignment = 128, size = 0x500 { };
#endif
-#endif /* TFM_PARTITION_TEST_SST */
+#endif /* TFM_PARTITION_TEST_PS */
/*
@@ -444,9 +444,9 @@
#ifdef TFM_PARTITION_TEST_CORE_IPC
block TFM_SP_IPC_SERVICE_TEST_LINKER,
#endif /* TFM_PARTITION_TEST_CORE_IPC */
-#ifdef TFM_PARTITION_TEST_SST
- block TFM_SP_SST_TEST_LINKER,
-#endif /* TFM_PARTITION_TEST_SST */
+#ifdef TFM_PARTITION_TEST_PS
+ block TFM_SP_PS_TEST_LINKER,
+#endif /* TFM_PARTITION_TEST_PS */
block TFM_PSA_CODE_END,
@@ -456,9 +456,9 @@
* of APP RoT code.
*/
block TFM_APP_CODE_START,
-#ifdef TFM_PARTITION_SECURE_STORAGE
- block TFM_SP_STORAGE_LINKER,
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
+ block TFM_SP_PS_LINKER,
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_TEST_CORE
block TFM_SP_CORE_TEST_2_LINKER,
@@ -532,13 +532,13 @@
*/
block TFM_APP_RW_STACK_START,
-#ifdef TFM_PARTITION_SECURE_STORAGE
- block TFM_SP_STORAGE_LINKER_DATA,
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
+ block TFM_SP_PS_LINKER_DATA,
#if defined (TFM_PSA_API)
- block TFM_SP_STORAGE_LINKER_STACK,
+ block TFM_SP_PS_LINKER_STACK,
#endif
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_TEST_CORE
block TFM_SP_CORE_TEST_2_LINKER_DATA,
@@ -677,13 +677,13 @@
#endif
#endif /* TFM_PARTITION_TEST_CORE_IPC */
-#ifdef TFM_PARTITION_TEST_SST
- block TFM_SP_SST_TEST_LINKER_DATA,
+#ifdef TFM_PARTITION_TEST_PS
+ block TFM_SP_PS_TEST_LINKER_DATA,
#if defined (TFM_PSA_API)
- block TFM_SP_SST_TEST_LINKER_STACK,
+ block TFM_SP_PS_TEST_LINKER_STACK,
#endif
-#endif /* TFM_PARTITION_TEST_SST */
+#endif /* TFM_PARTITION_TEST_PS */
/*
* This empty, zero long execution region is here to mark the end address
diff --git a/platform/ext/common/template/nv_counters.c b/platform/ext/common/template/nv_counters.c
index f1fb28c..5149d0e 100644
--- a/platform/ext/common/template/nv_counters.c
+++ b/platform/ext/common/template/nv_counters.c
@@ -6,8 +6,8 @@
*/
/* NOTE: This API should be implemented by platform vendor. For the security of
- * the secure storage system's and the bootloader's rollback protection etc. it
- * is CRITICAL to use a internal (in-die) persistent memory for multiple time
+ * the protected storage system's and the bootloader's rollback protection etc.
+ * it is CRITICAL to use a internal (in-die) persistent memory for multiple time
* programmable (MTP) non-volatile counters or use a One-time Programmable (OTP)
* non-volatile counters solution.
*
diff --git a/platform/ext/lpc55s69.cmake b/platform/ext/lpc55s69.cmake
index 52282c1..1025d6f 100644
--- a/platform/ext/lpc55s69.cmake
+++ b/platform/ext/lpc55s69.cmake
@@ -15,10 +15,10 @@
add_definitions(-DCPU_LPC55S69JBD100_cm33_core0)
add_definitions(-DSERIAL_PORT_TYPE_UART=1)
-# set(SST_ENCRYPTION ON)
-set(SST_RAM_FS ON) # Disabled with BUILD_FLASH
-set(SST_CREATE_FLASH_LAYOUT ON)
-set(SST_ROLLBACK_PROTECTION ON)
+# set(PS_ENCRYPTION ON)
+set(PS_RAM_FS ON) # Disabled with BUILD_FLASH
+set(PS_CREATE_FLASH_LAYOUT ON)
+set(PS_ROLLBACK_PROTECTION ON)
set(ITS_RAM_FS ON) # Disabled with BUILD_FLASH
set(ITS_CREATE_FLASH_LAYOUT ON)
set(DAUTH_CHIP_DEFAULT ON)
@@ -207,9 +207,9 @@
# API ONLY if the target has non-volatile counters.
list(APPEND ALL_SRC_C "${PLATFORM_DIR}/common/template/nv_counters.c")
set(TARGET_NV_COUNTERS_ENABLE ON)
- # Sets SST_ROLLBACK_PROTECTION flag to compile in the SST services
+ # Sets PS_ROLLBACK_PROTECTION flag to compile in the PS services
# rollback protection code as the target supports nv counters.
- set (SST_ROLLBACK_PROTECTION ON)
+ set (PS_ROLLBACK_PROTECTION ON)
endif()
if (NOT DEFINED BUILD_CMSIS_DRIVERS)
@@ -227,12 +227,12 @@
elseif(BUILD_FLASH)
list(APPEND ALL_SRC_C "${PLATFORM_DIR}/target/nxp/common/CMSIS_Driver/Driver_Flash.c")
- # As the SST area is going to be in RAM, it is required to set
- # SST_CREATE_FLASH_LAYOUT to be sure the SST service knows that when it
- # starts the SST area does not contain any valid SST flash layout and it
+ # As the PS area is going to be in RAM, it is required to set
+ # PS_CREATE_FLASH_LAYOUT to be sure the PS service knows that when it
+ # starts the PS area does not contain any valid PS flash layout and it
# needs to create one.
- set(SST_CREATE_FLASH_LAYOUT ON)
- set(SST_RAM_FS OFF)
+ set(PS_CREATE_FLASH_LAYOUT ON)
+ set(PS_RAM_FS OFF)
set(ITS_CREATE_FLASH_LAYOUT ON)
set(ITS_RAM_FS OFF)
embedded_include_directories(PATH "${PLATFORM_DIR}/target/nxp/common/CMSIS_Driver" ABSOLUTE)
diff --git a/platform/ext/musca_a.cmake b/platform/ext/musca_a.cmake
index 50c756a..323b940 100644
--- a/platform/ext/musca_a.cmake
+++ b/platform/ext/musca_a.cmake
@@ -175,9 +175,9 @@
# API ONLY if the target has non-volatile counters.
list(APPEND ALL_SRC_C "${PLATFORM_DIR}/common/template/nv_counters.c")
set(TARGET_NV_COUNTERS_ENABLE ON)
- # Sets SST_ROLLBACK_PROTECTION flag to compile in the SST services
+ # Sets PS_ROLLBACK_PROTECTION flag to compile in the PS services
# rollback protection code as the target supports nv counters.
- set (SST_ROLLBACK_PROTECTION ON)
+ set (PS_ROLLBACK_PROTECTION ON)
endif()
if (NOT DEFINED BUILD_CMSIS_DRIVERS)
@@ -194,10 +194,10 @@
message(FATAL_ERROR "Configuration variable BUILD_FLASH (true|false) is undefined!")
elseif(BUILD_FLASH)
list(APPEND ALL_SRC_C "${PLATFORM_DIR}/target/musca_a/CMSIS_Driver/Driver_QSPI_Flash.c")
- # As the SST area is going to be in RAM, it is required to set SST_CREATE_FLASH_LAYOUT
- # to be sure the SST service knows that when it starts the SST area does not contain any
- # valid SST flash layout and it needs to create one. The same for ITS.
- set(SST_CREATE_FLASH_LAYOUT ON)
+ # As the PS area is going to be in RAM, it is required to set PS_CREATE_FLASH_LAYOUT
+ # to be sure the PS service knows that when it starts the PS area does not contain any
+ # valid PS flash layout and it needs to create one. The same for ITS.
+ set(PS_CREATE_FLASH_LAYOUT ON)
set(ITS_CREATE_FLASH_LAYOUT ON)
embedded_include_directories(PATH "${PLATFORM_DIR}/target/musca_a/CMSIS_Driver" ABSOLUTE)
embedded_include_directories(PATH "${PLATFORM_DIR}/driver" ABSOLUTE)
diff --git a/platform/ext/musca_b1.cmake b/platform/ext/musca_b1.cmake
index 3059240..6b3659c 100644
--- a/platform/ext/musca_b1.cmake
+++ b/platform/ext/musca_b1.cmake
@@ -186,9 +186,9 @@
# API ONLY if the target has non-volatile counters.
list(APPEND ALL_SRC_C "${PLATFORM_DIR}/common/template/nv_counters.c")
set(TARGET_NV_COUNTERS_ENABLE ON)
- # Sets SST_ROLLBACK_PROTECTION flag to compile in the SST services
+ # Sets PS_ROLLBACK_PROTECTION flag to compile in the PS services
# rollback protection code as the target supports nv counters.
- set(SST_ROLLBACK_PROTECTION ON)
+ set(PS_ROLLBACK_PROTECTION ON)
endif()
if (NOT DEFINED BUILD_CMSIS_DRIVERS)
@@ -206,11 +206,11 @@
elseif (BUILD_FLASH)
list(APPEND ALL_SRC_C "${PLATFORM_DIR}/target/musca_b1/CMSIS_Driver/Driver_QSPI_Flash.c")
list(APPEND ALL_SRC_C "${PLATFORM_DIR}/target/musca_b1/CMSIS_Driver/Driver_GFC100_EFlash.c")
- # As the SST area is going to be in RAM, it is required to set
- # SST_CREATE_FLASH_LAYOUT to be sure the SST service knows that when it
- # starts the SST area does not contain any valid SST flash layout and it
+ # As the PS area is going to be in RAM, it is required to set
+ # PS_CREATE_FLASH_LAYOUT to be sure the PS service knows that when it
+ # starts the PS area does not contain any valid PS flash layout and it
# needs to create one. The same for ITS.
- set(SST_CREATE_FLASH_LAYOUT ON)
+ set(PS_CREATE_FLASH_LAYOUT ON)
set(ITS_CREATE_FLASH_LAYOUT ON)
embedded_include_directories(PATH "${PLATFORM_DIR}/target/musca_b1/CMSIS_Driver" ABSOLUTE)
embedded_include_directories(PATH "${PLATFORM_DIR}/driver" ABSOLUTE)
diff --git a/platform/ext/musca_s1.cmake b/platform/ext/musca_s1.cmake
index b795ffc..6c43a91 100644
--- a/platform/ext/musca_s1.cmake
+++ b/platform/ext/musca_s1.cmake
@@ -179,9 +179,9 @@
# API ONLY if the target has non-volatile counters.
list(APPEND ALL_SRC_C "${PLATFORM_DIR}/common/template/nv_counters.c")
set(TARGET_NV_COUNTERS_ENABLE ON)
- # Sets SST_ROLLBACK_PROTECTION flag to compile in the SST services
+ # Sets PS_ROLLBACK_PROTECTION flag to compile in the PS services
# rollback protection code as the target supports nv counters.
- set(SST_ROLLBACK_PROTECTION ON)
+ set(PS_ROLLBACK_PROTECTION ON)
endif()
if (NOT DEFINED BUILD_CMSIS_DRIVERS)
@@ -198,11 +198,11 @@
message(FATAL_ERROR "Configuration variable BUILD_FLASH (true|false) is undefined!")
elseif (BUILD_FLASH)
list(APPEND ALL_SRC_C "${PLATFORM_DIR}/target/musca_s1/CMSIS_Driver/Driver_Flash_MRAM.c")
- # As the SST area is going to be in RAM, it is required to set
- # SST_CREATE_FLASH_LAYOUT to be sure the SST service knows that when it
- # starts the SST area does not contain any valid SST flash layout and it
+ # As the PS area is going to be in RAM, it is required to set
+ # PS_CREATE_FLASH_LAYOUT to be sure the PS service knows that when it
+ # starts the PS area does not contain any valid PS flash layout and it
# needs to create one. The same for ITS.
- set(SST_CREATE_FLASH_LAYOUT ON)
+ set(PS_CREATE_FLASH_LAYOUT ON)
set(ITS_CREATE_FLASH_LAYOUT ON)
embedded_include_directories(PATH "${PLATFORM_DIR}/target/musca_s1/CMSIS_Driver" ABSOLUTE)
embedded_include_directories(PATH "${PLATFORM_DIR}/driver" ABSOLUTE)
diff --git a/platform/ext/psoc64.cmake b/platform/ext/psoc64.cmake
index b985001..bcf7824 100644
--- a/platform/ext/psoc64.cmake
+++ b/platform/ext/psoc64.cmake
@@ -225,9 +225,9 @@
elseif(BUILD_TARGET_NV_COUNTERS)
list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/cypress/psoc64/nv_counters.c")
set(TARGET_NV_COUNTERS_ENABLE ON)
- # Sets SST_ROLLBACK_PROTECTION flag to compile in the SST services
+ # Sets PS_ROLLBACK_PROTECTION flag to compile in the PS services
# rollback protection code as the target supports nv counters.
- set (SST_ROLLBACK_PROTECTION ON)
+ set (PS_ROLLBACK_PROTECTION ON)
endif()
if (NOT DEFINED BUILD_CMSIS_DRIVERS)
@@ -245,10 +245,10 @@
message(FATAL_ERROR "Configuration variable BUILD_FLASH (true|false) is undefined!")
elseif(BUILD_FLASH)
list(APPEND ALL_SRC_C "${PLATFORM_DIR}/target/cypress/psoc64/CMSIS_Driver/Driver_Flash.c")
- # As the SST area is going to be in RAM, it is required to set SST_CREATE_FLASH_LAYOUT
- # to be sure the SST service knows that when it starts the SST area does not contain any
- # valid SST flash layout and it needs to create one.
- set(SST_CREATE_FLASH_LAYOUT ON)
+ # As the PS area is going to be in RAM, it is required to set PS_CREATE_FLASH_LAYOUT
+ # to be sure the PS service knows that when it starts the PS area does not contain any
+ # valid PS flash layout and it needs to create one.
+ set(PS_CREATE_FLASH_LAYOUT ON)
set(ITS_CREATE_FLASH_LAYOUT ON)
embedded_include_directories(PATH "${PLATFORM_DIR}/target/cypress/psoc64/CMSIS_Driver" ABSOLUTE)
embedded_include_directories(PATH "${PLATFORM_DIR}/driver" ABSOLUTE)
diff --git a/platform/ext/readme.rst b/platform/ext/readme.rst
index ff17f84..1d877d4 100644
--- a/platform/ext/readme.rst
+++ b/platform/ext/readme.rst
@@ -202,26 +202,26 @@
is executed from. Only used if ``MCUBOOT_UPGRADE_STRATEGY`` is configured to
be ``RAM_LOADING``.
-Secure Storage (SST) Service definitions
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-The SST service requires the following definitions:
+Protected Storage (PS) Service definitions
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+The PS service requires the following definitions:
-- ``SST_FLASH_AREA_ADDR`` - Defines the flash address where the secure storage
+- ``PS_FLASH_AREA_ADDR`` - Defines the flash address where the protected storage
area starts.
-- ``SST_FLASH_AREA_SIZE`` - Defines the size of the dedicated flash area
- for secure storage in bytes.
-- ``SST_SECTOR_SIZE`` - Defines the size of the external flash sectors (the
+- ``PS_FLASH_AREA_SIZE`` - Defines the size of the dedicated flash area
+ for protected storage in bytes.
+- ``PS_SECTOR_SIZE`` - Defines the size of the external flash sectors (the
smallest erasable unit) in bytes.
-- ``SST_SECTORS_PER_BLOCK`` - Defines the number of contiguous SST_SECTOR_SIZE
+- ``PS_SECTORS_PER_BLOCK`` - Defines the number of contiguous PS_SECTOR_SIZE
to form a logical block in the filesystem.
-- ``SST_FLASH_DEV_NAME`` - Specifies the flash device used by SST to store the
+- ``PS_FLASH_DEV_NAME`` - Specifies the flash device used by PS to store the
data.
-- ``SST_FLASH_PROGRAM_UNIT`` - Defines the smallest flash programmable unit in
+- ``PS_FLASH_PROGRAM_UNIT`` - Defines the smallest flash programmable unit in
bytes.
-- ``SST_MAX_ASSET_SIZE`` - Defines the maximum asset size to be stored in the
- SST area.
-- ``SST_NUM_ASSETS`` - Defines the maximum number of assets to be stored in the
- SST area.
+- ``PS_MAX_ASSET_SIZE`` - Defines the maximum asset size to be stored in the
+ PS area.
+- ``PS_NUM_ASSETS`` - Defines the maximum number of assets to be stored in the
+ PS area.
.. Note::
@@ -256,7 +256,7 @@
Expose target support for HW components
***************************************
Services may require HW components to be supported by the target to enable some
-features (e.g. SST service with rollback protection, etc). The following
+features (e.g. PS service with rollback protection, etc). The following
definitions need to be set in the .cmake file if the target has the following
HW components:
diff --git a/platform/ext/target/cypress/psoc64/CMSIS_Driver/Driver_Flash.c b/platform/ext/target/cypress/psoc64/CMSIS_Driver/Driver_Flash.c
index 2487598..c366ff2 100644
--- a/platform/ext/target/cypress/psoc64/CMSIS_Driver/Driver_Flash.c
+++ b/platform/ext/target/cypress/psoc64/CMSIS_Driver/Driver_Flash.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2019 ARM Limited. All rights reserved.
+ * Copyright (c) 2013-2020 ARM Limited. All rights reserved.
* Copyright (c) 2019, Cypress Semiconductor Corporation. All rights reserved.
*
* SPDX-License-Identifier: Apache-2.0
@@ -75,7 +75,7 @@
.sector_count = FLASH0_SIZE / FLASH0_SECTOR_SIZE,
.sector_size = FLASH0_SECTOR_SIZE,
.page_size = FLASH0_PAGE_SIZE,
- .program_unit = SST_FLASH_PROGRAM_UNIT,
+ .program_unit = PS_FLASH_PROGRAM_UNIT,
.erased_value = ARM_FLASH_DRV_ERASE_VALUE
};
diff --git a/platform/ext/target/cypress/psoc64/cypress_psoc64_spec.rst b/platform/ext/target/cypress/psoc64/cypress_psoc64_spec.rst
index 038d15e..e6b5d84 100644
--- a/platform/ext/target/cypress/psoc64/cypress_psoc64_spec.rst
+++ b/platform/ext/target/cypress/psoc64/cypress_psoc64_spec.rst
@@ -440,7 +440,7 @@
-c "init; reset init; flash write_image erase ${BUILD_DIR}/tfm_ns_signed.hex" \
-c "resume; reset; exit"
-Optionally, erase SST partition:
+Optionally, erase PS partition:
.. code-block:: bash
@@ -452,7 +452,7 @@
-c "flash erase_address 0x101c0000 0x10000" \
-c "shutdown"
-Note that the ``0x101C0000`` in the command above must match the SST start
+Note that the ``0x101C0000`` in the command above must match the PS start
address of the secure primary image specified in the file:
platform/ext/target/cypress/psoc64/partition/flash_layout.h
@@ -492,7 +492,7 @@
-c "flash write_image erase ${BUILD_DIR}/tfm_ns.hex" \
-c "reset run"
-Optionally, erase SST partition:
+Optionally, erase PS partition:
.. code-block:: bash
@@ -504,7 +504,7 @@
-c "flash erase_address 0x101c0000 0x10000" \
-c "shutdown"
-Note that the ``0x101C0000`` in the command above must match the SST start
+Note that the ``0x101C0000`` in the command above must match the PS start
address of the secure primary image specified in the file:
platform/ext/target/cypress/psoc64/partition/flash_layout.h
@@ -532,7 +532,7 @@
pyocd flash -t cy8c64xa_cm4_full_flash ${BUILD_DIR}/tfm_ns.hex
-Optionally, erase SST partition:
+Optionally, erase PS partition:
.. code-block:: bash
diff --git a/platform/ext/target/cypress/psoc64/partition/flash_layout.h b/platform/ext/target/cypress/psoc64/partition/flash_layout.h
index 353d75f..181aff5 100644
--- a/platform/ext/target/cypress/psoc64/partition/flash_layout.h
+++ b/platform/ext/target/cypress/psoc64/partition/flash_layout.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2019 Arm Limited. All rights reserved.
+ * Copyright (c) 2017-2020 Arm Limited. All rights reserved.
* Copyright (c) 2019-2020, Cypress Semiconductor Corporation. All rights reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -31,7 +31,7 @@
* 0x101c_0000 Internal Trusted Storage Area (16 KB)
* 0x101c_4000 NV counters area (1 KB)
* 0x101c_4400 Scratch area (27 KB)
- * 0x101c_b000 Secure Storage Area (20 KB)
+ * 0x101c_b000 Protected Storage Area (20 KB)
* 0x101d_0000 Reserved (192 KB)
* 0x101f_ffff End of Flash
*
@@ -84,10 +84,10 @@
FLASH_NV_COUNTERS_AREA_SIZE)
#define FLASH_AREA_SCRATCH_SIZE (0x6c00) /* 27 KB */
-/* Secure Storage Area */
-#define FLASH_SST_AREA_OFFSET (FLASH_AREA_SCRATCH_OFFSET + \
+/* Protected Storage Area */
+#define FLASH_PS_AREA_OFFSET (FLASH_AREA_SCRATCH_OFFSET + \
FLASH_AREA_SCRATCH_SIZE)
-#define FLASH_SST_AREA_SIZE (0x5000) /* 20 KB */
+#define FLASH_PS_AREA_SIZE (0x5000) /* 20 KB */
#define FLASH_AREA_SYSTEM_RESERVED_SIZE (0x30000) /* 192 KB */
@@ -108,39 +108,39 @@
#define FLASH_RESERVED_AREA_SIZE (FLASH_ITS_AREA_SIZE + \
FLASH_NV_COUNTERS_AREA_SIZE + \
FLASH_AREA_SCRATCH_SIZE + \
- FLASH_SST_AREA_SIZE + \
+ FLASH_PS_AREA_SIZE + \
FLASH_AREA_SYSTEM_RESERVED_SIZE)
#if (FLASH_RESERVED_AREA_OFFSET + FLASH_RESERVED_AREA_SIZE) > (FLASH_TOTAL_SIZE)
#error "Out of Flash memory"
#endif
-/* Flash device name used by BL2 and SST
+/* Flash device name used by BL2 and PS
* Name is defined in flash driver file: Driver_Flash.c
*/
#define FLASH_DEV_NAME Driver_FLASH0
-/* Secure Storage (SST) Service definitions
+/* Protected Storage (PS) Service definitions
* Note: Further documentation of these definitions can be found in the
- * TF-M SST Integration Guide.
+ * TF-M PS Integration Guide.
*/
-#define SST_FLASH_DEV_NAME Driver_FLASH0
+#define PS_FLASH_DEV_NAME Driver_FLASH0
/* In this target the CMSIS driver requires only the offset from the base
* address instead of the full memory address.
*/
-#define SST_FLASH_AREA_ADDR FLASH_SST_AREA_OFFSET
-/* Dedicated flash area for SST */
-#define SST_FLASH_AREA_SIZE FLASH_SST_AREA_SIZE
-#define SST_SECTOR_SIZE FLASH_AREA_IMAGE_SECTOR_SIZE
-/* Number of SST_SECTOR_SIZE per block */
-#define SST_SECTORS_PER_BLOCK 0x8
+#define PS_FLASH_AREA_ADDR FLASH_PS_AREA_OFFSET
+/* Dedicated flash area for PS */
+#define PS_FLASH_AREA_SIZE FLASH_PS_AREA_SIZE
+#define PS_SECTOR_SIZE FLASH_AREA_IMAGE_SECTOR_SIZE
+/* Number of PS_SECTOR_SIZE per block */
+#define PS_SECTORS_PER_BLOCK 0x8
/* Specifies the smallest flash programmable unit in bytes */
-#define SST_FLASH_PROGRAM_UNIT 0x1
-/* The maximum asset size to be stored in the SST area */
-#define SST_MAX_ASSET_SIZE 2048
-/* The maximum number of assets to be stored in the SST area */
-#define SST_NUM_ASSETS 10
+#define PS_FLASH_PROGRAM_UNIT 0x1
+/* The maximum asset size to be stored in the PS area */
+#define PS_MAX_ASSET_SIZE 2048
+/* The maximum number of assets to be stored in the PS area */
+#define PS_NUM_ASSETS 10
/* Internal Trusted Storage (ITS) Service definitions
* Note: Further documentation of these definitions can be found in the
diff --git a/platform/ext/target/cypress/psoc64/smpu_config.h b/platform/ext/target/cypress/psoc64/smpu_config.h
index 119afb7..76a8b7e 100644
--- a/platform/ext/target/cypress/psoc64/smpu_config.h
+++ b/platform/ext/target/cypress/psoc64/smpu_config.h
@@ -1,6 +1,6 @@
/*
* Copyright (c) 2019-2020, Cypress Semiconductor Corporation. All rights reserved.
- * Copyright (c) 2019 Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: Apache-2.0
*
@@ -119,7 +119,7 @@
#error "Flash layout has changed - SMPU2_REGIONSIZE isn't FLASH_NV_COUNTERS_AREA_SIZE"
#endif
-/* SMPU3 - SST in Flash */
+/* SMPU3 - PS in Flash */
#define SMPU3_BASE S_ROM_ALIAS(0x1c8000)
#define SMPU3_REGIONSIZE PROT_SIZE_32KB_BIT_SHIFT
#define SMPU3_SUBREGION_DIS (CY_PROT_SUBREGION_DIS0 | \
@@ -143,17 +143,17 @@
#endif
/*
- * SST_FLASH_AREA_ADDR must equal the base address of subregion 3 of
+ * PS_FLASH_AREA_ADDR must equal the base address of subregion 3 of
* SMPU3
*/
-#if S_ROM_ALIAS(SST_FLASH_AREA_ADDR) != (SMPU3_BASE + \
+#if S_ROM_ALIAS(PS_FLASH_AREA_ADDR) != (SMPU3_BASE + \
(3 * REGIONSIZE_TO_BYTES(SMPU3_REGIONSIZE) / 8))
#error "Flash layout has changed - S_DATA_PRIV_START isn't subregion 3 of SMPU3"
#endif
-/* Should exactly cover the SST region */
-#if FLASH_SST_AREA_SIZE != (5 * REGIONSIZE_TO_BYTES(SMPU3_REGIONSIZE) / 8)
-#error "Flash layout has changed - SMPU3_REGIONSIZE isn't FLASH_SST_AREA_SIZE"
+/* Should exactly cover the PS region */
+#if FLASH_PS_AREA_SIZE != (5 * REGIONSIZE_TO_BYTES(SMPU3_REGIONSIZE) / 8)
+#error "Flash layout has changed - SMPU3_REGIONSIZE isn't FLASH_PS_AREA_SIZE"
#endif
/* SMPU6 - 32KB of unprivileged secure data in SRAM */
diff --git a/platform/ext/target/mps2/an519/partition/flash_layout.h b/platform/ext/target/mps2/an519/partition/flash_layout.h
index 8b6991c..e6eb047 100644
--- a/platform/ext/target/mps2/an519/partition/flash_layout.h
+++ b/platform/ext/target/mps2/an519/partition/flash_layout.h
@@ -25,7 +25,7 @@
* 0x0018_0000 Secure image secondary slot (0.5 MB)
* 0x0020_0000 Non-secure image secondary slot (0.5 MB)
* 0x0028_0000 Scratch area (0.5 MB)
- * 0x0030_0000 Secure Storage Area (20 KB)
+ * 0x0030_0000 Protected Storage Area (20 KB)
* 0x0030_5000 Internal Trusted Storage Area (16 KB)
* 0x0030_9000 NV counters area (4 KB)
* 0x0030_A000 Unused (984 KB)
@@ -40,7 +40,7 @@
* 0x0018_0000 Secure image secondary
* 0x0020_0000 Non-secure image secondary
* 0x0028_0000 Scratch area (1 MB)
- * 0x0038_0000 Secure Storage Area (20 KB)
+ * 0x0038_0000 Protected Storage Area (20 KB)
* 0x0038_5000 Internal Trusted Storage Area (16 KB)
* 0x0038_9000 NV counters area (4 KB)
* 0x0038_A000 Unused (472 KB)
@@ -138,14 +138,14 @@
#error "Only MCUBOOT_IMAGE_NUMBER 1 and 2 are supported!"
#endif /* MCUBOOT_IMAGE_NUMBER */
-/* Secure Storage (SST) Service definitions */
-#define FLASH_SST_AREA_OFFSET (FLASH_AREA_SCRATCH_OFFSET + \
+/* Protected Storage (PS) Service definitions */
+#define FLASH_PS_AREA_OFFSET (FLASH_AREA_SCRATCH_OFFSET + \
FLASH_AREA_SCRATCH_SIZE)
-#define FLASH_SST_AREA_SIZE (0x5000) /* 20 KB */
+#define FLASH_PS_AREA_SIZE (0x5000) /* 20 KB */
/* Internal Trusted Storage (ITS) Service definitions */
-#define FLASH_ITS_AREA_OFFSET (FLASH_SST_AREA_OFFSET + \
- FLASH_SST_AREA_SIZE)
+#define FLASH_ITS_AREA_OFFSET (FLASH_PS_AREA_OFFSET + \
+ FLASH_PS_AREA_SIZE)
#define FLASH_ITS_AREA_SIZE (0x4000) /* 16 KB */
/* NV Counters definitions */
@@ -166,27 +166,27 @@
*/
#define FLASH_DEV_NAME Driver_FLASH0
-/* Secure Storage (SST) Service definitions
+/* Protected Storage (PS) Service definitions
* Note: Further documentation of these definitions can be found in the
- * TF-M SST Integration Guide.
+ * TF-M PS Integration Guide.
*/
-#define SST_FLASH_DEV_NAME Driver_FLASH0
+#define PS_FLASH_DEV_NAME Driver_FLASH0
/* In this target the CMSIS driver requires only the offset from the base
* address instead of the full memory address.
*/
-#define SST_FLASH_AREA_ADDR FLASH_SST_AREA_OFFSET
-/* Dedicated flash area for SST */
-#define SST_FLASH_AREA_SIZE FLASH_SST_AREA_SIZE
-#define SST_SECTOR_SIZE FLASH_AREA_IMAGE_SECTOR_SIZE
-/* Number of SST_SECTOR_SIZE per block */
-#define SST_SECTORS_PER_BLOCK (0x1)
+#define PS_FLASH_AREA_ADDR FLASH_PS_AREA_OFFSET
+/* Dedicated flash area for PS */
+#define PS_FLASH_AREA_SIZE FLASH_PS_AREA_SIZE
+#define PS_SECTOR_SIZE FLASH_AREA_IMAGE_SECTOR_SIZE
+/* Number of PS_SECTOR_SIZE per block */
+#define PS_SECTORS_PER_BLOCK (0x1)
/* Specifies the smallest flash programmable unit in bytes */
-#define SST_FLASH_PROGRAM_UNIT (0x1)
-/* The maximum asset size to be stored in the SST area */
-#define SST_MAX_ASSET_SIZE (2048)
-/* The maximum number of assets to be stored in the SST area */
-#define SST_NUM_ASSETS (10)
+#define PS_FLASH_PROGRAM_UNIT (0x1)
+/* The maximum asset size to be stored in the PS area */
+#define PS_MAX_ASSET_SIZE (2048)
+/* The maximum number of assets to be stored in the PS area */
+#define PS_NUM_ASSETS (10)
/* Internal Trusted Storage (ITS) Service definitions
* Note: Further documentation of these definitions can be found in the
diff --git a/platform/ext/target/mps2/an521/partition/flash_layout.h b/platform/ext/target/mps2/an521/partition/flash_layout.h
index f4a0bf5..cb661ea 100644
--- a/platform/ext/target/mps2/an521/partition/flash_layout.h
+++ b/platform/ext/target/mps2/an521/partition/flash_layout.h
@@ -25,7 +25,7 @@
* 0x0018_0000 Secure image secondary slot (0.5 MB)
* 0x0020_0000 Non-secure image secondary slot (0.5 MB)
* 0x0028_0000 Scratch area (0.5 MB)
- * 0x0030_0000 Secure Storage Area (20 KB)
+ * 0x0030_0000 Protected Storage Area (20 KB)
* 0x0030_5000 Internal Trusted Storage Area (16 KB)
* 0x0030_9000 NV counters area (4 KB)
* 0x0030_A000 Unused (984 KB)
@@ -40,7 +40,7 @@
* 0x0018_0000 Secure image secondary
* 0x0020_0000 Non-secure image secondary
* 0x0028_0000 Scratch area (1 MB)
- * 0x0038_0000 Secure Storage Area (20 KB)
+ * 0x0038_0000 Protected Storage Area (20 KB)
* 0x0038_5000 Internal Trusted Storage Area (16 KB)
* 0x0038_9000 NV counters area (4 KB)
* 0x0038_A000 Unused (472 KB)
@@ -138,14 +138,14 @@
#error "Only MCUBOOT_IMAGE_NUMBER 1 and 2 are supported!"
#endif /* MCUBOOT_IMAGE_NUMBER */
-/* Secure Storage (SST) Service definitions */
-#define FLASH_SST_AREA_OFFSET (FLASH_AREA_SCRATCH_OFFSET + \
+/* Protected Storage (PS) Service definitions */
+#define FLASH_PS_AREA_OFFSET (FLASH_AREA_SCRATCH_OFFSET + \
FLASH_AREA_SCRATCH_SIZE)
-#define FLASH_SST_AREA_SIZE (0x5000) /* 20 KB */
+#define FLASH_PS_AREA_SIZE (0x5000) /* 20 KB */
/* Internal Trusted Storage (ITS) Service definitions */
-#define FLASH_ITS_AREA_OFFSET (FLASH_SST_AREA_OFFSET + \
- FLASH_SST_AREA_SIZE)
+#define FLASH_ITS_AREA_OFFSET (FLASH_PS_AREA_OFFSET + \
+ FLASH_PS_AREA_SIZE)
#define FLASH_ITS_AREA_SIZE (0x4000) /* 16 KB */
/* NV Counters definitions */
@@ -166,27 +166,27 @@
*/
#define FLASH_DEV_NAME Driver_FLASH0
-/* Secure Storage (SST) Service definitions
+/* Protected Storage (PS) Service definitions
* Note: Further documentation of these definitions can be found in the
- * TF-M SST Integration Guide.
+ * TF-M PS Integration Guide.
*/
-#define SST_FLASH_DEV_NAME Driver_FLASH0
+#define PS_FLASH_DEV_NAME Driver_FLASH0
/* In this target the CMSIS driver requires only the offset from the base
* address instead of the full memory address.
*/
-#define SST_FLASH_AREA_ADDR FLASH_SST_AREA_OFFSET
-/* Dedicated flash area for SST */
-#define SST_FLASH_AREA_SIZE FLASH_SST_AREA_SIZE
-#define SST_SECTOR_SIZE FLASH_AREA_IMAGE_SECTOR_SIZE
-/* Number of SST_SECTOR_SIZE per block */
-#define SST_SECTORS_PER_BLOCK (0x1)
+#define PS_FLASH_AREA_ADDR FLASH_PS_AREA_OFFSET
+/* Dedicated flash area for PS */
+#define PS_FLASH_AREA_SIZE FLASH_PS_AREA_SIZE
+#define PS_SECTOR_SIZE FLASH_AREA_IMAGE_SECTOR_SIZE
+/* Number of PS_SECTOR_SIZE per block */
+#define PS_SECTORS_PER_BLOCK (0x1)
/* Specifies the smallest flash programmable unit in bytes */
-#define SST_FLASH_PROGRAM_UNIT (0x1)
-/* The maximum asset size to be stored in the SST area */
-#define SST_MAX_ASSET_SIZE (2048)
-/* The maximum number of assets to be stored in the SST area */
-#define SST_NUM_ASSETS (10)
+#define PS_FLASH_PROGRAM_UNIT (0x1)
+/* The maximum asset size to be stored in the PS area */
+#define PS_MAX_ASSET_SIZE (2048)
+/* The maximum number of assets to be stored in the PS area */
+#define PS_NUM_ASSETS (10)
/* Internal Trusted Storage (ITS) Service definitions
* Note: Further documentation of these definitions can be found in the
diff --git a/platform/ext/target/mps2/an539/partition/flash_layout.h b/platform/ext/target/mps2/an539/partition/flash_layout.h
index 2573002..092e83b 100644
--- a/platform/ext/target/mps2/an539/partition/flash_layout.h
+++ b/platform/ext/target/mps2/an539/partition/flash_layout.h
@@ -25,7 +25,7 @@
* 0x0018_0000 Secure image secondary slot (0.5 MB)
* 0x0020_0000 Non-secure image secondary slot (0.5 MB)
* 0x0028_0000 Scratch area (0.5 MB)
- * 0x0030_0000 Secure Storage Area (20 KB)
+ * 0x0030_0000 Protected Storage Area (20 KB)
* 0x0030_5000 Internal Trusted Storage Area (16 KB)
* 0x0030_9000 NV counters area (4 KB)
* 0x0030_A000 Unused (984 KB)
@@ -40,7 +40,7 @@
* 0x0018_0000 Secure image secondary
* 0x0020_0000 Non-secure image secondary
* 0x0028_0000 Scratch area (1 MB)
- * 0x0038_0000 Secure Storage Area (20 KB)
+ * 0x0038_0000 Protected Storage Area (20 KB)
* 0x0038_5000 Internal Trusted Storage Area (16 KB)
* 0x0038_9000 NV counters area (4 KB)
* 0x0038_A000 Unused (472 KB)
@@ -136,14 +136,14 @@
#error "Only MCUBOOT_IMAGE_NUMBER 1 and 2 are supported!"
#endif /* MCUBOOT_IMAGE_NUMBER */
-/* Secure Storage (SST) Service definitions */
-#define FLASH_SST_AREA_OFFSET (FLASH_AREA_SCRATCH_OFFSET + \
+/* Protected Storage (PS) Service definitions */
+#define FLASH_PS_AREA_OFFSET (FLASH_AREA_SCRATCH_OFFSET + \
FLASH_AREA_SCRATCH_SIZE)
-#define FLASH_SST_AREA_SIZE (0x5000) /* 20 KB */
+#define FLASH_PS_AREA_SIZE (0x5000) /* 20 KB */
/* Internal Trusted Storage (ITS) Service definitions */
-#define FLASH_ITS_AREA_OFFSET (FLASH_SST_AREA_OFFSET + \
- FLASH_SST_AREA_SIZE)
+#define FLASH_ITS_AREA_OFFSET (FLASH_PS_AREA_OFFSET + \
+ FLASH_PS_AREA_SIZE)
#define FLASH_ITS_AREA_SIZE (0x4000) /* 16 KB */
/* NV Counters definitions */
@@ -164,28 +164,28 @@
*/
#define FLASH_DEV_NAME Driver_FLASH0
-/* Secure Storage (SST) Service definitions
+/* Protected Storage (PS) Service definitions
* Note: Further documentation of these definitions can be found in the
- * TF-M SST Integration Guide.
+ * TF-M PS Integration Guide.
*/
-#define SST_FLASH_DEV_NAME Driver_FLASH0
+#define PS_FLASH_DEV_NAME Driver_FLASH0
/*
* In this target the CMSIS driver requires only the offset from the
* flash base address instead of the full flash address.
*/
-#define SST_FLASH_AREA_ADDR FLASH_SST_AREA_OFFSET
-/* Dedicated flash area for SST */
-#define SST_FLASH_AREA_SIZE FLASH_SST_AREA_SIZE
-#define SST_SECTOR_SIZE FLASH_AREA_IMAGE_SECTOR_SIZE
-/* Number of SST_SECTOR_SIZE per block */
-#define SST_SECTORS_PER_BLOCK (0x1)
+#define PS_FLASH_AREA_ADDR FLASH_PS_AREA_OFFSET
+/* Dedicated flash area for PS */
+#define PS_FLASH_AREA_SIZE FLASH_PS_AREA_SIZE
+#define PS_SECTOR_SIZE FLASH_AREA_IMAGE_SECTOR_SIZE
+/* Number of PS_SECTOR_SIZE per block */
+#define PS_SECTORS_PER_BLOCK (0x1)
/* Specifies the smallest flash programmable unit in bytes */
-#define SST_FLASH_PROGRAM_UNIT (0x1)
-/* The maximum asset size to be stored in the SST area */
-#define SST_MAX_ASSET_SIZE (2048)
-/* The maximum number of assets to be stored in the SST area */
-#define SST_NUM_ASSETS (10)
+#define PS_FLASH_PROGRAM_UNIT (0x1)
+/* The maximum asset size to be stored in the PS area */
+#define PS_MAX_ASSET_SIZE (2048)
+/* The maximum number of assets to be stored in the PS area */
+#define PS_NUM_ASSETS (10)
/* Internal Trusted Storage (ITS) Service definitions
* Note: Further documentation of these definitions can be found in the
diff --git a/platform/ext/target/mps3/an524/cmsis_drivers/Driver_Flash.c b/platform/ext/target/mps3/an524/cmsis_drivers/Driver_Flash.c
index 4e3b6a2..37a7e90 100644
--- a/platform/ext/target/mps3/an524/cmsis_drivers/Driver_Flash.c
+++ b/platform/ext/target/mps3/an524/cmsis_drivers/Driver_Flash.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2019 Arm Limited. All rights reserved.
+ * Copyright (c) 2013-2020 Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: Apache-2.0
*
@@ -21,7 +21,7 @@
* Git SHA: 9f3da0b83e45e6d26ad0be45c090d2e4382fb04f
*/
-/* FIXME: This interim flash driver uses BRAM to emulate flash for SST.
+/* FIXME: This interim flash driver uses BRAM to emulate flash for PS.
* Code is still running on QSPI, and only direct read is supported,
* write is not supported yet.
* It should be replaced with a real flash driver.
@@ -40,9 +40,9 @@
/* Driver version */
#define ARM_FLASH_DRV_VERSION ARM_DRIVER_VERSION_MAJOR_MINOR(1, 0)
-#define FLASH_REDIRECT_BASE SST_FLASH_AREA_ADDR
+#define FLASH_REDIRECT_BASE PS_FLASH_AREA_ADDR
#define FLASH_REDIRECT_LIMIT (FLASH_REDIRECT_BASE \
- + FLASH_SST_AREA_SIZE \
+ + FLASH_PS_AREA_SIZE \
+ FLASH_ITS_AREA_SIZE \
+ FLASH_NV_COUNTERS_AREA_SIZE)
#define FLASH_REDIRECT_DEST 0x38000000
@@ -188,7 +188,7 @@
return ARM_DRIVER_ERROR_PARAMETER;
}
- /* Redirecting SST storage to BRAM */
+ /* Redirecting PS storage to BRAM */
if (addr >= FLASH_REDIRECT_BASE && addr <= FLASH_REDIRECT_LIMIT) {
start_addr = FLASH_REDIRECT_DEST + (addr - FLASH_REDIRECT_BASE);
}
@@ -212,10 +212,10 @@
return ARM_DRIVER_ERROR_PARAMETER;
}
- /* Redirecting SST storage to BRAM */
+ /* Redirecting PS storage to BRAM */
if (addr >= FLASH_REDIRECT_BASE && addr <= FLASH_REDIRECT_LIMIT) {
start_addr = FLASH_REDIRECT_DEST + (addr - FLASH_REDIRECT_BASE);
- /* SST Flash is emulated over BRAM. use memcpy function. */
+ /* PS Flash is emulated over BRAM. use memcpy function. */
memcpy((void *)start_addr, data, cnt);
} else {
/* Flash driver for QSPI is not ready */
@@ -234,9 +234,9 @@
return ARM_DRIVER_ERROR_PARAMETER;
}
- /* Redirecting SST storage to BRAM */
+ /* Redirecting PS storage to BRAM */
if (addr >= FLASH_REDIRECT_BASE && addr <= FLASH_REDIRECT_LIMIT) {
- /* SST Flash IS emulated over BRAM. use memcpy function. */
+ /* PS Flash IS emulated over BRAM. use memcpy function. */
memset((void *)(FLASH_REDIRECT_DEST
+ (addr - FLASH_REDIRECT_BASE)),
FLASH0_DEV->data->erased_value,
@@ -257,7 +257,7 @@
/* Check driver capability erase_chip bit */
if (DriverCapabilities.erase_chip == 1) {
for (i = 0; i < FLASH0_DEV->data->sector_count; i++) {
- /* Redirecting SST storage to BRAM */
+ /* Redirecting PS storage to BRAM */
if (addr >= FLASH_REDIRECT_BASE && addr <= FLASH_REDIRECT_LIMIT) {
memset((void *)(FLASH_REDIRECT_DEST +
(addr - FLASH0_DEV->memory_base - FLASH_REDIRECT_BASE)),
diff --git a/platform/ext/target/mps3/an524/partition/flash_layout.h b/platform/ext/target/mps3/an524/partition/flash_layout.h
index 6d571f6..191445a 100644
--- a/platform/ext/target/mps3/an524/partition/flash_layout.h
+++ b/platform/ext/target/mps3/an524/partition/flash_layout.h
@@ -33,7 +33,7 @@
* Secondary image area:
* 0x0010_0000 Secure image (512 KB)
* 0x0018_0000 Non-secure image (256 KB)
- * 0x001C_0000 SST area (20 KB)
+ * 0x001C_0000 PS area (20 KB)
* 0x001C_5000 ITS area (16 KB)
* 0x001C_9000 NV counters (4 KB)
* 0x001C_A000 Unused
@@ -42,7 +42,7 @@
*
* 0x0000_0000 Secure image (512 KB)
* 0x000C_0000 Non-secure image (256 KB)
- * 0x001C_0000 SST area (20 KB)
+ * 0x001C_0000 PS area (20 KB)
* 0x001C_5000 ITS area (16 KB)
* 0x001C_9000 NV counters (4 KB)
* 0x001C_A000 Unused
@@ -125,14 +125,14 @@
*/
#define MCUBOOT_STATUS_MAX_ENTRIES (0)
-/* Secure Storage (SST) Service definitions */
-#define FLASH_SST_AREA_OFFSET (FLASH_AREA_SCRATCH_OFFSET + \
+/* Protected Storage (PS) Service definitions */
+#define FLASH_PS_AREA_OFFSET (FLASH_AREA_SCRATCH_OFFSET + \
FLASH_AREA_SCRATCH_SIZE)
-#define FLASH_SST_AREA_SIZE (0x5000) /* 20 KB */
+#define FLASH_PS_AREA_SIZE (0x5000) /* 20 KB */
/* Internal Trusted Storage (ITS) Service definitions */
-#define FLASH_ITS_AREA_OFFSET (FLASH_SST_AREA_OFFSET + \
- FLASH_SST_AREA_SIZE)
+#define FLASH_ITS_AREA_OFFSET (FLASH_PS_AREA_OFFSET + \
+ FLASH_PS_AREA_SIZE)
#define FLASH_ITS_AREA_SIZE (0x4000) /* 16 KB */
/* NV Counters definitions */
@@ -153,28 +153,28 @@
*/
#define FLASH_DEV_NAME Driver_FLASH0
-/* Secure Storage (SST) Service definitions
+/* Protected Storage (PS) Service definitions
* Note: Further documentation of these definitions can be found in the
- * TF-M SST Integration Guide.
+ * TF-M PS Integration Guide.
*/
-#define SST_FLASH_DEV_NAME Driver_FLASH0
+#define PS_FLASH_DEV_NAME Driver_FLASH0
/* In this target the CMSIS driver requires only the offset from the base
* address instead of the full memory address.
*/
-#define SST_FLASH_AREA_ADDR FLASH_SST_AREA_OFFSET
-/* Dedicated flash area for SST */
-#define SST_FLASH_AREA_SIZE FLASH_SST_AREA_SIZE
+#define PS_FLASH_AREA_ADDR FLASH_PS_AREA_OFFSET
+/* Dedicated flash area for PS */
+#define PS_FLASH_AREA_SIZE FLASH_PS_AREA_SIZE
/* Sector size of the flash hardware; same as FLASH0_SECTOR_SIZE */
-#define SST_SECTOR_SIZE FLASH_AREA_IMAGE_SECTOR_SIZE
-/* Number of SST_SECTOR_SIZE per block */
-#define SST_SECTORS_PER_BLOCK (0x1)
+#define PS_SECTOR_SIZE FLASH_AREA_IMAGE_SECTOR_SIZE
+/* Number of PS_SECTOR_SIZE per block */
+#define PS_SECTORS_PER_BLOCK (0x1)
/* Specifies the smallest flash programmable unit in bytes */
-#define SST_FLASH_PROGRAM_UNIT (0x1)
-/* The maximum asset size to be stored in the SST area */
-#define SST_MAX_ASSET_SIZE (2048)
-/* The maximum number of assets to be stored in the SST area */
-#define SST_NUM_ASSETS (10)
+#define PS_FLASH_PROGRAM_UNIT (0x1)
+/* The maximum asset size to be stored in the PS area */
+#define PS_MAX_ASSET_SIZE (2048)
+/* The maximum number of assets to be stored in the PS area */
+#define PS_NUM_ASSETS (10)
/* Internal Trusted Storage (ITS) Service definitions
* Note: Further documentation of these definitions can be found in the
diff --git a/platform/ext/target/musca_a/Device/Source/device_definition.c b/platform/ext/target/musca_a/Device/Source/device_definition.c
index 1773e08..d2ebfaf 100644
--- a/platform/ext/target/musca_a/Device/Source/device_definition.c
+++ b/platform/ext/target/musca_a/Device/Source/device_definition.c
@@ -621,7 +621,7 @@
#if (defined(MT25QL_NS) && defined(QSPI_IP6514E_NS))
struct mt25ql_dev_t MT25QL_DEV_NS
- TFM_LINK_SET_RW_IN_PARTITION_SECTION("TFM_SP_STORAGE")
+ TFM_LINK_SET_RW_IN_PARTITION_SECTION("TFM_SP_PS")
= {
.controller = &QSPI_DEV_NS,
.direct_access_start_addr = MUSCA_QSPI_FLASH_NS_BASE,
diff --git a/platform/ext/target/musca_a/partition/flash_layout.h b/platform/ext/target/musca_a/partition/flash_layout.h
index 1ee2bab..126f173 100644
--- a/platform/ext/target/musca_a/partition/flash_layout.h
+++ b/platform/ext/target/musca_a/partition/flash_layout.h
@@ -26,7 +26,7 @@
* 0x0032_0000 Secondary image area (1 MB):
* 0x0032_0000 Secure image secondary
* 0x003A_0000 Non-secure image secondary
- * 0x0042_0000 Secure Storage Area (8 KB)
+ * 0x0042_0000 Protected Storage Area (8 KB)
* 0x0042_2000 Internal Trusted Storage Area (8 KB)
* 0x0042_4000 NV counters area (4 KB)
* 0x0042_5000 Unused
@@ -129,14 +129,14 @@
*/
#define MCUBOOT_STATUS_MAX_ENTRIES (0)
-/* Secure Storage (SST) Service definitions */
-#define FLASH_SST_AREA_OFFSET (FLASH_AREA_SCRATCH_OFFSET + \
+/* Protected Storage (PS) Service definitions */
+#define FLASH_PS_AREA_OFFSET (FLASH_AREA_SCRATCH_OFFSET + \
FLASH_AREA_SCRATCH_SIZE)
-#define FLASH_SST_AREA_SIZE (0x2000) /* 8 KB */
+#define FLASH_PS_AREA_SIZE (0x2000) /* 8 KB */
/* Internal Trusted Storage (ITS) Service definitions */
-#define FLASH_ITS_AREA_OFFSET (FLASH_SST_AREA_OFFSET + \
- FLASH_SST_AREA_SIZE)
+#define FLASH_ITS_AREA_OFFSET (FLASH_PS_AREA_OFFSET + \
+ FLASH_PS_AREA_SIZE)
#define FLASH_ITS_AREA_SIZE (0x2000) /* 8 KB */
/* NV Counters definitions */
@@ -173,27 +173,27 @@
*/
#define FLASH_DEV_NAME Driver_FLASH0
-/* Secure Storage (SST) Service definitions
+/* Protected Storage (PS) Service definitions
* Note: Further documentation of these definitions can be found in the
- * TF-M SST Integration Guide.
+ * TF-M PS Integration Guide.
*/
-#define SST_FLASH_DEV_NAME Driver_FLASH0
+#define PS_FLASH_DEV_NAME Driver_FLASH0
/* In this target the CMSIS driver requires only the offset from the base
* address instead of the full memory address.
*/
-#define SST_FLASH_AREA_ADDR FLASH_SST_AREA_OFFSET
-/* Dedicated flash area for SST */
-#define SST_FLASH_AREA_SIZE FLASH_SST_AREA_SIZE
-#define SST_SECTOR_SIZE FLASH_AREA_IMAGE_SECTOR_SIZE
-/* Number of SST_SECTOR_SIZE per block */
-#define SST_SECTORS_PER_BLOCK (0x1)
+#define PS_FLASH_AREA_ADDR FLASH_PS_AREA_OFFSET
+/* Dedicated flash area for PS */
+#define PS_FLASH_AREA_SIZE FLASH_PS_AREA_SIZE
+#define PS_SECTOR_SIZE FLASH_AREA_IMAGE_SECTOR_SIZE
+/* Number of PS_SECTOR_SIZE per block */
+#define PS_SECTORS_PER_BLOCK (0x1)
/* Specifies the smallest flash programmable unit in bytes */
-#define SST_FLASH_PROGRAM_UNIT (0x1)
-/* The maximum asset size to be stored in the SST area */
-#define SST_MAX_ASSET_SIZE (512)
-/* The maximum number of assets to be stored in the SST area */
-#define SST_NUM_ASSETS (10)
+#define PS_FLASH_PROGRAM_UNIT (0x1)
+/* The maximum asset size to be stored in the PS area */
+#define PS_MAX_ASSET_SIZE (512)
+/* The maximum number of assets to be stored in the PS area */
+#define PS_NUM_ASSETS (10)
/* Internal Trusted Storage (ITS) Service definitions
* Note: Further documentation of these definitions can be found in the
diff --git a/platform/ext/target/musca_b1/partition/flash_layout.h b/platform/ext/target/musca_b1/partition/flash_layout.h
index cca4a7f..0a6b3cc 100644
--- a/platform/ext/target/musca_b1/partition/flash_layout.h
+++ b/platform/ext/target/musca_b1/partition/flash_layout.h
@@ -51,7 +51,7 @@
* 0x0A07_0000 Non-secure image
*
* QSPI Flash layout
- * 0x0000_0000 Secure Storage Area (20 KB)
+ * 0x0000_0000 Protected Storage Area (20 KB)
*/
/* This header file is included from linker scatter file as well, where only a
@@ -161,38 +161,38 @@
SECURE_IMAGE_MAX_SIZE)
#define NON_SECURE_IMAGE_MAX_SIZE FLASH_NS_PARTITION_SIZE
-/* Secure Storage (SST) Service definitions size is 20 KB. */
+/* Protected Storage (PS) Service definitions size is 20 KB. */
/* Same as MUSCA_B1_QSPI_FLASH_S_BASE */
#define QSPI_FLASH_BASE_ADDRESS (0x10000000)
-#define FLASH_SST_AREA_OFFSET (0x0)
-#define FLASH_SST_AREA_SIZE (5 * QSPI_FLASH_AREA_IMAGE_SECTOR_SIZE)
+#define FLASH_PS_AREA_OFFSET (0x0)
+#define FLASH_PS_AREA_SIZE (5 * QSPI_FLASH_AREA_IMAGE_SECTOR_SIZE)
/* Flash device name used by BL2
* Name is defined in flash driver file: Driver_Flash.c
*/
#define FLASH_DEV_NAME Driver_EFLASH0
-/* Secure Storage (SST) Service definitions
+/* Protected Storage (PS) Service definitions
* Note: Further documentation of these definitions can be found in the
- * TF-M SST Integration Guide.
+ * TF-M PS Integration Guide.
*/
-#define SST_FLASH_DEV_NAME Driver_QSPI_FLASH0
+#define PS_FLASH_DEV_NAME Driver_QSPI_FLASH0
/* In this target the CMSIS driver requires only the offset from the base
* address instead of the full memory address.
*/
-#define SST_FLASH_AREA_ADDR FLASH_SST_AREA_OFFSET
-/* Dedicated flash area for SST */
-#define SST_FLASH_AREA_SIZE FLASH_SST_AREA_SIZE
-#define SST_SECTOR_SIZE QSPI_FLASH_AREA_IMAGE_SECTOR_SIZE
-/* Number of SST_SECTOR_SIZE per block */
-#define SST_SECTORS_PER_BLOCK (0x1)
+#define PS_FLASH_AREA_ADDR FLASH_PS_AREA_OFFSET
+/* Dedicated flash area for PS */
+#define PS_FLASH_AREA_SIZE FLASH_PS_AREA_SIZE
+#define PS_SECTOR_SIZE QSPI_FLASH_AREA_IMAGE_SECTOR_SIZE
+/* Number of PS_SECTOR_SIZE per block */
+#define PS_SECTORS_PER_BLOCK (0x1)
/* Specifies the smallest flash programmable unit in bytes */
-#define SST_FLASH_PROGRAM_UNIT (0x1)
-/* The maximum asset size to be stored in the SST area */
-#define SST_MAX_ASSET_SIZE (2048)
-/* The maximum number of assets to be stored in the SST area */
-#define SST_NUM_ASSETS (10)
+#define PS_FLASH_PROGRAM_UNIT (0x1)
+/* The maximum asset size to be stored in the PS area */
+#define PS_MAX_ASSET_SIZE (2048)
+/* The maximum number of assets to be stored in the PS area */
+#define PS_NUM_ASSETS (10)
/* Internal Trusted Storage (ITS) Service definitions
* Note: Further documentation of these definitions can be found in the
diff --git a/platform/ext/target/musca_s1/partition/flash_layout.h b/platform/ext/target/musca_s1/partition/flash_layout.h
index 983fce5..cfc5f17 100644
--- a/platform/ext/target/musca_s1/partition/flash_layout.h
+++ b/platform/ext/target/musca_s1/partition/flash_layout.h
@@ -24,7 +24,7 @@
* 0x0A0F_0000 Secure image secondary (320 KB)
* 0x0A14_0000 Non-secure image secondary (512 KB)
* 0x0A1C_0000 Scratch Area (16 KB)
- * 0x0A1C_4000 Secure Storage Area (20 KB)
+ * 0x0A1C_4000 Protected Storage Area (20 KB)
* 0x0A1C_9000 Internal Trusted Storage Area (16 KB)
* 0x0A1C_D000 NV counters area (4 KB)
* 0x0A1C_E000 Unused
@@ -37,7 +37,7 @@
* 0x0A10_0000 Secondary image area (896 KB):
* 0x0A10_0000 Secure image secondary (384 KB)
* 0x0A16_0000 Non-secure image secondary (512 KB)
- * 0x0A1E_0000 Secure Storage Area (20 KB)
+ * 0x0A1E_0000 Protected Storage Area (20 KB)
* 0x0A1E_5000 Internal Trusted Storage Area (16 KB)
* 0x0A1E_9000 NV counters area (4 KB)
* 0x0A1E_A000 TF-M key area (256 bytes) This area is referred to in
@@ -135,17 +135,17 @@
#error "Only MCUBOOT_IMAGE_NUMBER 1 and 2 are supported!"
#endif /* MCUBOOT_IMAGE_NUMBER */
-/* Note: FLASH_SST_AREA_OFFSET, FLASH_ITS_AREA_OFFSET and
+/* Note: FLASH_PS_AREA_OFFSET, FLASH_ITS_AREA_OFFSET and
* FLASH_NV_COUNTERS_AREA_OFFSET point to offsets in flash, but reads and writes
* to these addresses are redirected to Code SRAM by Driver_Flash.c.
*/
-#define FLASH_SST_AREA_OFFSET (FLASH_AREA_SCRATCH_OFFSET + \
+#define FLASH_PS_AREA_OFFSET (FLASH_AREA_SCRATCH_OFFSET + \
FLASH_AREA_SCRATCH_SIZE)
-#define FLASH_SST_AREA_SIZE (0x5000) /* 20 KB */
+#define FLASH_PS_AREA_SIZE (0x5000) /* 20 KB */
/* Internal Trusted Storage (ITS) Service definitions */
-#define FLASH_ITS_AREA_OFFSET (FLASH_SST_AREA_OFFSET + \
- FLASH_SST_AREA_SIZE)
+#define FLASH_ITS_AREA_OFFSET (FLASH_PS_AREA_OFFSET + \
+ FLASH_PS_AREA_SIZE)
#define FLASH_ITS_AREA_SIZE (0x4000) /* 16 KB */
/* NV Counters definitions */
@@ -171,27 +171,27 @@
*/
#define FLASH_DEV_NAME Driver_FLASH0
-/* Secure Storage (SST) Service definitions
+/* Protected Storage (PS) Service definitions
* Note: Further documentation of these definitions can be found in the
- * TF-M SST Integration Guide.
+ * TF-M PS Integration Guide.
*/
-#define SST_FLASH_DEV_NAME Driver_FLASH0
+#define PS_FLASH_DEV_NAME Driver_FLASH0
/* In this target the CMSIS driver requires only the offset from the base
* address instead of the full memory address.
*/
-#define SST_FLASH_AREA_ADDR FLASH_SST_AREA_OFFSET
-/* Dedicated flash area for SST */
-#define SST_FLASH_AREA_SIZE FLASH_SST_AREA_SIZE
-#define SST_SECTOR_SIZE FLASH_AREA_IMAGE_SECTOR_SIZE
-/* Number of SST_SECTOR_SIZE per block */
-#define SST_SECTORS_PER_BLOCK (0x1)
+#define PS_FLASH_AREA_ADDR FLASH_PS_AREA_OFFSET
+/* Dedicated flash area for PS */
+#define PS_FLASH_AREA_SIZE FLASH_PS_AREA_SIZE
+#define PS_SECTOR_SIZE FLASH_AREA_IMAGE_SECTOR_SIZE
+/* Number of PS_SECTOR_SIZE per block */
+#define PS_SECTORS_PER_BLOCK (0x1)
/* Specifies the smallest flash programmable unit in bytes */
-#define SST_FLASH_PROGRAM_UNIT (0x1)
-/* The maximum asset size to be stored in the SST area */
-#define SST_MAX_ASSET_SIZE (2048)
-/* The maximum number of assets to be stored in the SST area */
-#define SST_NUM_ASSETS (10)
+#define PS_FLASH_PROGRAM_UNIT (0x1)
+/* The maximum asset size to be stored in the PS area */
+#define PS_MAX_ASSET_SIZE (2048)
+/* The maximum number of assets to be stored in the PS area */
+#define PS_NUM_ASSETS (10)
/* Internal Trusted Storage (ITS) Service definitions
* Note: Further documentation of these definitions can be found in the
diff --git a/platform/ext/target/nxp/lpcxpresso55s69/partition/flash_layout.h b/platform/ext/target/nxp/lpcxpresso55s69/partition/flash_layout.h
index 06da27b..acee769 100755
--- a/platform/ext/target/nxp/lpcxpresso55s69/partition/flash_layout.h
+++ b/platform/ext/target/nxp/lpcxpresso55s69/partition/flash_layout.h
@@ -23,7 +23,7 @@
* 0x0000_0000 Secure image primary
* 0x0005_0000 Non-secure image primary
* 0x0009_0000 Secondary image area (0 KB):
- * 0x0009_0000 Secure Storage Area (16 KB)
+ * 0x0009_0000 Protected Storage Area (16 KB)
* 0x0009_4000 Internal Trusted Storage Area (8 KB)
* 0x0009_6000 NV counters area (512 B)
* 0x0006_6200 Unused
@@ -133,17 +133,17 @@
#define FLASH_AREA_SCRATCH_SIZE (0)
#endif /* BL2 */
-/* Note: FLASH_SST_AREA_OFFSET, FLASH_ITS_AREA_OFFSET and
+/* Note: FLASH_PS_AREA_OFFSET, FLASH_ITS_AREA_OFFSET and
* FLASH_NV_COUNTERS_AREA_OFFSET point to offsets in flash, but reads and writes
* to these addresses are redirected to Code SRAM by Driver_Flash.c.
*/
-#define FLASH_SST_AREA_OFFSET (FLASH_AREA_SCRATCH_OFFSET + \
+#define FLASH_PS_AREA_OFFSET (FLASH_AREA_SCRATCH_OFFSET + \
FLASH_AREA_SCRATCH_SIZE)
-#define FLASH_SST_AREA_SIZE (0x2000) /* 8 KB */
+#define FLASH_PS_AREA_SIZE (0x2000) /* 8 KB */
/* Internal Trusted Storage (ITS) Service definitions */
-#define FLASH_ITS_AREA_OFFSET (FLASH_SST_AREA_OFFSET + \
- FLASH_SST_AREA_SIZE)
+#define FLASH_ITS_AREA_OFFSET (FLASH_PS_AREA_OFFSET + \
+ FLASH_PS_AREA_SIZE)
#define FLASH_ITS_AREA_SIZE (0x800) /* 2 KB */
/* NV Counters definitions */
@@ -164,28 +164,28 @@
*/
#define FLASH_DEV_NAME Driver_FLASH0
-/* Secure Storage (SST) Service definitions
+/* Protected Storage (PS) Service definitions
* Note: Further documentation of these definitions can be found in the
- * TF-M SST Integration Guide.
+ * TF-M PS Integration Guide.
*/
-#define SST_FLASH_DEV_NAME Driver_FLASH0
+#define PS_FLASH_DEV_NAME Driver_FLASH0
/* In this target the CMSIS driver requires only the offset from the base
* address instead of the full memory address.
*/
-#define SST_FLASH_AREA_ADDR FLASH_SST_AREA_OFFSET
-/* Dedicated flash area for SST */
-#define SST_FLASH_AREA_SIZE FLASH_SST_AREA_SIZE
-#define SST_SECTOR_SIZE FLASH_AREA_IMAGE_SECTOR_SIZE
-/* Number of SST_SECTOR_SIZE per block */
-#define SST_SECTORS_PER_BLOCK (0x8)
+#define PS_FLASH_AREA_ADDR FLASH_PS_AREA_OFFSET
+/* Dedicated flash area for PS */
+#define PS_FLASH_AREA_SIZE FLASH_PS_AREA_SIZE
+#define PS_SECTOR_SIZE FLASH_AREA_IMAGE_SECTOR_SIZE
+/* Number of PS_SECTOR_SIZE per block */
+#define PS_SECTORS_PER_BLOCK (0x8)
/* Specifies the smallest flash programmable unit in bytes */
-#define SST_FLASH_PROGRAM_UNIT FLASH_AREA_IMAGE_SECTOR_SIZE
+#define PS_FLASH_PROGRAM_UNIT FLASH_AREA_IMAGE_SECTOR_SIZE
-/* The maximum asset size to be stored in the SST area */
-#define SST_MAX_ASSET_SIZE (2048)
-/* The maximum number of assets to be stored in the SST area */
-#define SST_NUM_ASSETS (5)
+/* The maximum asset size to be stored in the PS area */
+#define PS_MAX_ASSET_SIZE (2048)
+/* The maximum number of assets to be stored in the PS area */
+#define PS_NUM_ASSETS (5)
/* Internal Trusted Storage (ITS) Service definitions
* Note: Further documentation of these definitions can be found in the
diff --git a/platform/ext/target/sse-200_aws/partition/flash_layout.h b/platform/ext/target/sse-200_aws/partition/flash_layout.h
index d963dd2..d2fb3a4 100644
--- a/platform/ext/target/sse-200_aws/partition/flash_layout.h
+++ b/platform/ext/target/sse-200_aws/partition/flash_layout.h
@@ -25,7 +25,7 @@
* 0x0018_0000 Secure image secondary slot (0.5 MB)
* 0x0020_0000 Non-secure image secondary slot (0.5 MB)
* 0x0028_0000 Scratch area (0.5 MB)
- * 0x0030_0000 Secure Storage Area (20 KB)
+ * 0x0030_0000 Protected Storage Area (20 KB)
* 0x0030_5000 Internal Trusted Storage Area (16 KB)
* 0x0030_9000 NV counters area (4 KB)
* 0x0030_A000 Unused (984 KB)
@@ -40,7 +40,7 @@
* 0x0018_0000 Secure image secondary
* 0x0020_0000 Non-secure image secondary
* 0x0028_0000 Scratch area (1 MB)
- * 0x0038_0000 Secure Storage Area (20 KB)
+ * 0x0038_0000 Protected Storage Area (20 KB)
* 0x0038_5000 Internal Trusted Storage Area (16 KB)
* 0x0038_9000 NV counters area (4 KB)
* 0x0038_A000 Unused (472 KB)
@@ -138,14 +138,14 @@
#error "Only MCUBOOT_IMAGE_NUMBER 1 and 2 are supported!"
#endif /* MCUBOOT_IMAGE_NUMBER */
-/* Secure Storage (SST) Service definitions */
-#define FLASH_SST_AREA_OFFSET (FLASH_AREA_SCRATCH_OFFSET + \
+/* Protected Storage (PS) Service definitions */
+#define FLASH_PS_AREA_OFFSET (FLASH_AREA_SCRATCH_OFFSET + \
FLASH_AREA_SCRATCH_SIZE)
-#define FLASH_SST_AREA_SIZE (0x5000) /* 20 KB */
+#define FLASH_PS_AREA_SIZE (0x5000) /* 20 KB */
/* Internal Trusted Storage (ITS) Service definitions */
-#define FLASH_ITS_AREA_OFFSET (FLASH_SST_AREA_OFFSET + \
- FLASH_SST_AREA_SIZE)
+#define FLASH_ITS_AREA_OFFSET (FLASH_PS_AREA_OFFSET + \
+ FLASH_PS_AREA_SIZE)
#define FLASH_ITS_AREA_SIZE (0x4000) /* 16 KB */
/* NV Counters definitions */
@@ -166,27 +166,27 @@
*/
#define FLASH_DEV_NAME Driver_FLASH0
-/* Secure Storage (SST) Service definitions
+/* Protected Storage (PS) Service definitions
* Note: Further documentation of these definitions can be found in the
- * TF-M SST Integration Guide.
+ * TF-M PS Integration Guide.
*/
-#define SST_FLASH_DEV_NAME Driver_FLASH0
+#define PS_FLASH_DEV_NAME Driver_FLASH0
/* In this target the CMSIS driver requires only the offset from the base
* address instead of the full memory address.
*/
-#define SST_FLASH_AREA_ADDR FLASH_SST_AREA_OFFSET
-/* Dedicated flash area for SST */
-#define SST_FLASH_AREA_SIZE FLASH_SST_AREA_SIZE
-#define SST_SECTOR_SIZE FLASH_AREA_IMAGE_SECTOR_SIZE
-/* Number of SST_SECTOR_SIZE per block */
-#define SST_SECTORS_PER_BLOCK (0x1)
+#define PS_FLASH_AREA_ADDR FLASH_PS_AREA_OFFSET
+/* Dedicated flash area for PS */
+#define PS_FLASH_AREA_SIZE FLASH_PS_AREA_SIZE
+#define PS_SECTOR_SIZE FLASH_AREA_IMAGE_SECTOR_SIZE
+/* Number of PS_SECTOR_SIZE per block */
+#define PS_SECTORS_PER_BLOCK (0x1)
/* Specifies the smallest flash programmable unit in bytes */
-#define SST_FLASH_PROGRAM_UNIT (0x1)
-/* The maximum asset size to be stored in the SST area */
-#define SST_MAX_ASSET_SIZE (2048)
-/* The maximum number of assets to be stored in the SST area */
-#define SST_NUM_ASSETS (10)
+#define PS_FLASH_PROGRAM_UNIT (0x1)
+/* The maximum asset size to be stored in the PS area */
+#define PS_MAX_ASSET_SIZE (2048)
+/* The maximum number of assets to be stored in the PS area */
+#define PS_NUM_ASSETS (10)
/* Internal Trusted Storage (ITS) Service definitions
* Note: Further documentation of these definitions can be found in the
diff --git a/platform/include/tfm_plat_nv_counters.h b/platform/include/tfm_plat_nv_counters.h
index 3588929..cff9972 100644
--- a/platform/include/tfm_plat_nv_counters.h
+++ b/platform/include/tfm_plat_nv_counters.h
@@ -27,9 +27,9 @@
#include "tfm_plat_defs.h"
enum tfm_nv_counter_t {
- PLAT_NV_COUNTER_0 = 0, /* Used by SST service */
- PLAT_NV_COUNTER_1, /* Used by SST service */
- PLAT_NV_COUNTER_2, /* Used by SST service */
+ PLAT_NV_COUNTER_0 = 0, /* Used by PS service */
+ PLAT_NV_COUNTER_1, /* Used by PS service */
+ PLAT_NV_COUNTER_2, /* Used by PS service */
#ifdef BL2
PLAT_NV_COUNTER_3, /* Used by bootloader */
PLAT_NV_COUNTER_4, /* Used by bootloader */
diff --git a/secure_fw/CMakeLists.txt b/secure_fw/CMakeLists.txt
index 8bd5d18..5dc4cfc 100644
--- a/secure_fw/CMakeLists.txt
+++ b/secure_fw/CMakeLists.txt
@@ -41,8 +41,8 @@
message(FATAL_ERROR "Incomplete build configuration: TFM_PARTITION_PLATFORM is undefined.")
endif()
-if (NOT DEFINED TFM_PARTITION_SECURE_STORAGE)
- message(FATAL_ERROR "Incomplete build configuration: TFM_PARTITION_SECURE_STORAGE is undefined.")
+if (NOT DEFINED TFM_PARTITION_PROTECTED_STORAGE)
+ message(FATAL_ERROR "Incomplete build configuration: TFM_PARTITION_PROTECTED_STORAGE is undefined.")
endif()
if (NOT DEFINED TFM_PARTITION_INTERNAL_TRUSTED_STORAGE)
@@ -69,8 +69,8 @@
message(FATAL_ERROR "Incomplete build configuration: TFM_PARTITION_TEST_SECURE_SERVICES is undefined. ")
endif()
-if (NOT DEFINED TFM_PARTITION_TEST_SST)
- message(FATAL_ERROR "Incomplete build configuration: TFM_PARTITION_TEST_SST is undefined.")
+if (NOT DEFINED TFM_PARTITION_TEST_PS)
+ message(FATAL_ERROR "Incomplete build configuration: TFM_PARTITION_TEST_PS is undefined.")
endif()
if (NOT DEFINED TEST_FRAMEWORK_S)
@@ -241,9 +241,9 @@
embedded_set_target_link_defines(TARGET ${EXE_NAME} DEFINES "TFM_PARTITION_INITIAL_ATTESTATION")
endif()
- if (TFM_PARTITION_SECURE_STORAGE)
+ if (TFM_PARTITION_PROTECTED_STORAGE)
target_link_libraries(${EXE_NAME} tfm_storage)
- embedded_set_target_link_defines(TARGET ${EXE_NAME} DEFINES "TFM_PARTITION_SECURE_STORAGE")
+ embedded_set_target_link_defines(TARGET ${EXE_NAME} DEFINES "TFM_PARTITION_PROTECTED_STORAGE")
endif()
if (TFM_PARTITION_CRYPTO)
@@ -287,8 +287,8 @@
embedded_set_target_link_defines(TARGET ${EXE_NAME} DEFINES "TFM_PARTITION_TEST_CORE_IPC")
endif()
- if (TFM_PARTITION_TEST_SST)
- embedded_set_target_link_defines(TARGET ${EXE_NAME} DEFINES "TFM_PARTITION_TEST_SST")
+ if (TFM_PARTITION_TEST_PS)
+ embedded_set_target_link_defines(TARGET ${EXE_NAME} DEFINES "TFM_PARTITION_TEST_PS")
endif()
if (TEST_FRAMEWORK_S)
@@ -400,14 +400,14 @@
DESTINATION ${EXPORT_SRC_DIR})
endif()
- if (TFM_PARTITION_SECURE_STORAGE)
+ if (TFM_PARTITION_PROTECTED_STORAGE)
install(FILES ${INTERFACE_INC_DIR}/psa/protected_storage.h
DESTINATION ${EXPORT_INC_DIR}/psa)
if (TFM_PSA_API)
- install(FILES ${INTERFACE_SRC_DIR}/tfm_sst_ipc_api.c
+ install(FILES ${INTERFACE_SRC_DIR}/tfm_ps_ipc_api.c
DESTINATION ${EXPORT_SRC_DIR})
else()
- install(FILES ${INTERFACE_SRC_DIR}/tfm_sst_func_api.c
+ install(FILES ${INTERFACE_SRC_DIR}/tfm_ps_func_api.c
DESTINATION ${EXPORT_SRC_DIR})
endif()
endif()
@@ -506,9 +506,9 @@
add_subdirectory(${SECURE_FW_DIR}/partitions/crypto)
endif()
-#Add the secure storage library target
-if (TFM_PARTITION_SECURE_STORAGE)
- add_subdirectory(${SECURE_FW_DIR}/partitions/secure_storage)
+#Add the protected storage library target
+if (TFM_PARTITION_PROTECTED_STORAGE)
+ add_subdirectory(${SECURE_FW_DIR}/partitions/protected_storage)
endif()
#Add the internal trusted storage library target
diff --git a/secure_fw/partitions/audit_logging/psa_manifest/tfm_audit_logging.h b/secure_fw/partitions/audit_logging/psa_manifest/tfm_audit_logging.h
index 0cbfca6..3ca63bd 100644
--- a/secure_fw/partitions/audit_logging/psa_manifest/tfm_audit_logging.h
+++ b/secure_fw/partitions/audit_logging/psa_manifest/tfm_audit_logging.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
diff --git a/secure_fw/partitions/crypto/crypto_key_derivation.c b/secure_fw/partitions/crypto/crypto_key_derivation.c
index a789ec4..a4cd862 100644
--- a/secure_fw/partitions/crypto/crypto_key_derivation.c
+++ b/secure_fw/partitions/crypto/crypto_key_derivation.c
@@ -24,9 +24,9 @@
#include "tfm_plat_crypto_keys.h"
-#ifdef TFM_PARTITION_TEST_SST
+#ifdef TFM_PARTITION_TEST_PS
#include "psa_manifest/pid.h"
-#endif /* TFM_PARTITION_TEST_SST */
+#endif /* TFM_PARTITION_TEST_PS */
#ifndef TFM_CRYPTO_KEY_DERIVATION_MODULE_DISABLED
static psa_status_t tfm_crypto_huk_derivation_setup(
@@ -58,14 +58,14 @@
return status;
}
-#ifdef TFM_PARTITION_TEST_SST
- /* The SST tests run some operations under the wrong partition ID - this
+#ifdef TFM_PARTITION_TEST_PS
+ /* The PS tests run some operations under the wrong partition ID - this
* causes the key derivation to change.
*/
- if (partition_id == TFM_SP_SST_TEST) {
- partition_id = TFM_SP_STORAGE;
+ if (partition_id == TFM_SP_PS_TEST) {
+ partition_id = TFM_SP_PS;
}
-#endif /* TFM_PARTITION_TEST_SST */
+#endif /* TFM_PARTITION_TEST_PS */
/* Put the label in the tls12_prf ctx to make it available in the output key
* step.
diff --git a/secure_fw/partitions/crypto/psa_manifest/tfm_crypto.h b/secure_fw/partitions/crypto/psa_manifest/tfm_crypto.h
index 87b44a1..bf80429 100644
--- a/secure_fw/partitions/crypto/psa_manifest/tfm_crypto.h
+++ b/secure_fw/partitions/crypto/psa_manifest/tfm_crypto.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
diff --git a/secure_fw/partitions/initial_attestation/psa_manifest/tfm_initial_attestation.h b/secure_fw/partitions/initial_attestation/psa_manifest/tfm_initial_attestation.h
index 203765d..dfe6f58 100644
--- a/secure_fw/partitions/initial_attestation/psa_manifest/tfm_initial_attestation.h
+++ b/secure_fw/partitions/initial_attestation/psa_manifest/tfm_initial_attestation.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
diff --git a/secure_fw/partitions/internal_trusted_storage/CMakeLists.inc b/secure_fw/partitions/internal_trusted_storage/CMakeLists.inc
index 2d0345b..a044be0 100644
--- a/secure_fw/partitions/internal_trusted_storage/CMakeLists.inc
+++ b/secure_fw/partitions/internal_trusted_storage/CMakeLists.inc
@@ -53,9 +53,9 @@
"${INTERNAL_TRUSTED_STORAGE_DIR}/flash_fs/its_flash_fs_mblock.c"
)
-# If either ITS or SST requires metadata to be validated, then compile the
+# If either ITS or PS requires metadata to be validated, then compile the
# validation code.
-if (ITS_VALIDATE_METADATA_FROM_FLASH OR SST_VALIDATE_METADATA_FROM_FLASH)
+if (ITS_VALIDATE_METADATA_FROM_FLASH OR PS_VALIDATE_METADATA_FROM_FLASH)
set_property(SOURCE ${INTERNAL_TRUSTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS ITS_VALIDATE_METADATA_FROM_FLASH)
endif()
@@ -71,20 +71,20 @@
set_property(SOURCE ${INTERNAL_TRUSTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS ITS_BUF_SIZE=${ITS_BUF_SIZE})
endif()
-# Also set SST definitions
-if (SST_ENCRYPTION)
- set_property(SOURCE ${INTERNAL_TRUSTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS SST_ENCRYPTION)
- if (SST_ROLLBACK_PROTECTION)
- set_property(SOURCE ${INTERNAL_TRUSTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS SST_ROLLBACK_PROTECTION)
+# Also set PS definitions
+if (PS_ENCRYPTION)
+ set_property(SOURCE ${INTERNAL_TRUSTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS PS_ENCRYPTION)
+ if (PS_ROLLBACK_PROTECTION)
+ set_property(SOURCE ${INTERNAL_TRUSTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS PS_ROLLBACK_PROTECTION)
endif()
endif()
-if (SST_CREATE_FLASH_LAYOUT)
- set_property(SOURCE ${INTERNAL_TRUSTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS SST_CREATE_FLASH_LAYOUT)
+if (PS_CREATE_FLASH_LAYOUT)
+ set_property(SOURCE ${INTERNAL_TRUSTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS PS_CREATE_FLASH_LAYOUT)
endif()
-if (SST_RAM_FS)
- set_property(SOURCE ${INTERNAL_TRUSTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS SST_RAM_FS)
+if (PS_RAM_FS)
+ set_property(SOURCE ${INTERNAL_TRUSTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS PS_RAM_FS)
endif()
#Append all our source files to global lists.
@@ -107,7 +107,7 @@
embedded_include_directories(PATH ${TFM_ROOT_DIR} ABSOLUTE)
embedded_include_directories(PATH ${TFM_ROOT_DIR}/interface/include ABSOLUTE)
embedded_include_directories(PATH ${TFM_ROOT_DIR}/platform/ext/driver ABSOLUTE)
-embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/partitions/secure_storage ABSOLUTE)
+embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/partitions/protected_storage ABSOLUTE)
set(BUILD_CMSIS_CORE Off)
set(BUILD_RETARGET Off)
diff --git a/secure_fw/partitions/internal_trusted_storage/flash/its_flash.h b/secure_fw/partitions/internal_trusted_storage/flash/its_flash.h
index de6a4bf..6ee1740 100644
--- a/secure_fw/partitions/internal_trusted_storage/flash/its_flash.h
+++ b/secure_fw/partitions/internal_trusted_storage/flash/its_flash.h
@@ -29,10 +29,10 @@
#define ITS_FLASH_ALIGNMENT 1
#endif
-#if (SST_FLASH_PROGRAM_UNIT <= 16)
-#define SST_FLASH_ALIGNMENT SST_FLASH_PROGRAM_UNIT
+#if (PS_FLASH_PROGRAM_UNIT <= 16)
+#define PS_FLASH_ALIGNMENT PS_FLASH_PROGRAM_UNIT
#else
-#define SST_FLASH_ALIGNMENT 1
+#define PS_FLASH_ALIGNMENT 1
#endif
/**
@@ -40,7 +40,7 @@
* by any flash device that can be accessed through this interface.
*/
#define ITS_FLASH_MAX_ALIGNMENT ITS_UTILS_MAX(ITS_FLASH_ALIGNMENT, \
- SST_FLASH_ALIGNMENT)
+ PS_FLASH_ALIGNMENT)
/**
* \brief Enumerates the available flash devices.
diff --git a/secure_fw/partitions/internal_trusted_storage/flash/its_flash_info_external.c b/secure_fw/partitions/internal_trusted_storage/flash/its_flash_info_external.c
index 03d2d2d..6b083c3 100644
--- a/secure_fw/partitions/internal_trusted_storage/flash/its_flash_info_external.c
+++ b/secure_fw/partitions/internal_trusted_storage/flash/its_flash_info_external.c
@@ -10,42 +10,42 @@
#include "Driver_Flash.h"
#include "flash_layout.h"
#include "its_utils.h"
-#include "sst_object_defs.h"
+#include "ps_object_defs.h"
-#ifndef SST_FLASH_DEV_NAME
-#error "SST_FLASH_DEV_NAME must be defined by the target in flash_layout.h"
+#ifndef PS_FLASH_DEV_NAME
+#error "PS_FLASH_DEV_NAME must be defined by the target in flash_layout.h"
#endif
-#ifndef SST_FLASH_AREA_ADDR
-#error "SST_FLASH_AREA_ADDR must be defined by the target in flash_layout.h"
+#ifndef PS_FLASH_AREA_ADDR
+#error "PS_FLASH_AREA_ADDR must be defined by the target in flash_layout.h"
#endif
/* Adjust to a size that will allow all assets to fit */
-#ifndef SST_FLASH_AREA_SIZE
-#error "SST_FLASH_AREA_SIZE must be defined by the target in flash_layout.h"
+#ifndef PS_FLASH_AREA_SIZE
+#error "PS_FLASH_AREA_SIZE must be defined by the target in flash_layout.h"
#endif
/* Adjust to match the size of the flash device's physical erase unit */
-#ifndef SST_SECTOR_SIZE
-#error "SST_SECTOR_SIZE must be defined by the target in flash_layout.h"
+#ifndef PS_SECTOR_SIZE
+#error "PS_SECTOR_SIZE must be defined by the target in flash_layout.h"
#endif
/* Adjust so that the maximum required asset size will fit in one block */
-#ifndef SST_SECTORS_PER_BLOCK
-#error "SST_SECTORS_PER_BLOCK must be defined by the target in flash_layout.h"
+#ifndef PS_SECTORS_PER_BLOCK
+#error "PS_SECTORS_PER_BLOCK must be defined by the target in flash_layout.h"
#endif
/* Adjust to match the size of the flash device's physical program unit */
-#ifndef SST_FLASH_PROGRAM_UNIT
-#error "SST_FLASH_PROGRAM_UNIT must be defined by the target in flash_layout.h"
-#elif (SST_FLASH_PROGRAM_UNIT < 1 || SST_FLASH_PROGRAM_UNIT > SST_SECTOR_SIZE)
-#error "SST_FLASH_PROGRAM_UNIT must be between 1 and SST_SECTOR_SIZE inclusive"
-#elif (SST_FLASH_PROGRAM_UNIT & (SST_FLASH_PROGRAM_UNIT - 1) != 0)
-#error "SST_FLASH_PROGRAM_UNIT must be a power of two"
+#ifndef PS_FLASH_PROGRAM_UNIT
+#error "PS_FLASH_PROGRAM_UNIT must be defined by the target in flash_layout.h"
+#elif (PS_FLASH_PROGRAM_UNIT < 1 || PS_FLASH_PROGRAM_UNIT > PS_SECTOR_SIZE)
+#error "PS_FLASH_PROGRAM_UNIT must be between 1 and PS_SECTOR_SIZE inclusive"
+#elif (PS_FLASH_PROGRAM_UNIT & (PS_FLASH_PROGRAM_UNIT - 1) != 0)
+#error "PS_FLASH_PROGRAM_UNIT must be a power of two"
#endif
/* Include the correct flash interface implementation */
-#ifdef SST_RAM_FS
+#ifdef PS_RAM_FS
#include "its_flash_ram.h"
#define FLASH_INFO_INIT its_flash_ram_init
#define FLASH_INFO_READ its_flash_ram_read
@@ -53,7 +53,7 @@
#define FLASH_INFO_FLUSH its_flash_ram_flush
#define FLASH_INFO_ERASE its_flash_ram_erase
-#elif (SST_FLASH_PROGRAM_UNIT <= 16)
+#elif (PS_FLASH_PROGRAM_UNIT <= 16)
#include "its_flash_nor.h"
#define FLASH_INFO_INIT its_flash_nor_init
#define FLASH_INFO_READ its_flash_nor_read
@@ -62,7 +62,7 @@
#define FLASH_INFO_ERASE its_flash_nor_erase
/* Require each file in the filesystem to be aligned to the program unit */
-#define SST_FLASH_ALIGNMENT SST_FLASH_PROGRAM_UNIT
+#define PS_FLASH_ALIGNMENT PS_FLASH_PROGRAM_UNIT
#else
#include "its_flash_nand.h"
@@ -75,31 +75,31 @@
/* The flash block is programmed in one shot, so no filesystem alignment is
* required.
*/
-#define SST_FLASH_ALIGNMENT 1
+#define PS_FLASH_ALIGNMENT 1
#endif
/* Calculate the block layout */
-#define FLASH_INFO_BLOCK_SIZE (SST_SECTOR_SIZE * SST_SECTORS_PER_BLOCK)
-#define FLASH_INFO_NUM_BLOCKS (SST_FLASH_AREA_SIZE / FLASH_INFO_BLOCK_SIZE)
+#define FLASH_INFO_BLOCK_SIZE (PS_SECTOR_SIZE * PS_SECTORS_PER_BLOCK)
+#define FLASH_INFO_NUM_BLOCKS (PS_FLASH_AREA_SIZE / FLASH_INFO_BLOCK_SIZE)
/* Maximum file size */
-#define FLASH_INFO_MAX_FILE_SIZE ITS_UTILS_ALIGN(SST_MAX_OBJECT_SIZE, \
- SST_FLASH_ALIGNMENT)
+#define FLASH_INFO_MAX_FILE_SIZE ITS_UTILS_ALIGN(PS_MAX_OBJECT_SIZE, \
+ PS_FLASH_ALIGNMENT)
/* Maximum number of files */
-#define FLASH_INFO_MAX_NUM_FILES SST_MAX_NUM_OBJECTS
+#define FLASH_INFO_MAX_NUM_FILES PS_MAX_NUM_OBJECTS
/* Default value of each byte in the flash when erased */
#define FLASH_INFO_ERASE_VAL 0xFFU
-#ifdef SST_RAM_FS
+#ifdef PS_RAM_FS
/* Allocate a static buffer to emulate storage in RAM */
-static uint8_t sst_block_data[FLASH_INFO_BLOCK_SIZE * FLASH_INFO_NUM_BLOCKS];
-#define FLASH_INFO_DEV sst_block_data
+static uint8_t ps_block_data[FLASH_INFO_BLOCK_SIZE * FLASH_INFO_NUM_BLOCKS];
+#define FLASH_INFO_DEV ps_block_data
#else
/* Import the CMSIS flash device driver */
-extern ARM_DRIVER_FLASH SST_FLASH_DEV_NAME;
-#define FLASH_INFO_DEV &SST_FLASH_DEV_NAME
+extern ARM_DRIVER_FLASH PS_FLASH_DEV_NAME;
+#define FLASH_INFO_DEV &PS_FLASH_DEV_NAME
#endif
const struct its_flash_info_t its_flash_info_external = {
@@ -109,11 +109,11 @@
.flush = FLASH_INFO_FLUSH,
.erase = FLASH_INFO_ERASE,
.flash_dev = (void *)FLASH_INFO_DEV,
- .flash_area_addr = SST_FLASH_AREA_ADDR,
- .sector_size = SST_SECTOR_SIZE,
+ .flash_area_addr = PS_FLASH_AREA_ADDR,
+ .sector_size = PS_SECTOR_SIZE,
.block_size = FLASH_INFO_BLOCK_SIZE,
.num_blocks = FLASH_INFO_NUM_BLOCKS,
- .program_unit = SST_FLASH_ALIGNMENT,
+ .program_unit = PS_FLASH_ALIGNMENT,
.max_file_size = FLASH_INFO_MAX_FILE_SIZE,
.max_num_files = FLASH_INFO_MAX_NUM_FILES,
.erase_val = FLASH_INFO_ERASE_VAL,
diff --git a/secure_fw/partitions/internal_trusted_storage/psa_manifest/tfm_internal_trusted_storage.h b/secure_fw/partitions/internal_trusted_storage/psa_manifest/tfm_internal_trusted_storage.h
index fc8f5d6..c8f7699 100644
--- a/secure_fw/partitions/internal_trusted_storage/psa_manifest/tfm_internal_trusted_storage.h
+++ b/secure_fw/partitions/internal_trusted_storage/psa_manifest/tfm_internal_trusted_storage.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
diff --git a/secure_fw/partitions/internal_trusted_storage/tfm_internal_trusted_storage.c b/secure_fw/partitions/internal_trusted_storage/tfm_internal_trusted_storage.c
index 6bcdb10..4b079ac 100644
--- a/secure_fw/partitions/internal_trusted_storage/tfm_internal_trusted_storage.c
+++ b/secure_fw/partitions/internal_trusted_storage/tfm_internal_trusted_storage.c
@@ -33,11 +33,11 @@
static struct its_file_info_t g_file_info;
static its_flash_fs_ctx_t fs_ctx_its;
-static its_flash_fs_ctx_t fs_ctx_sst;
+static its_flash_fs_ctx_t fs_ctx_ps;
static its_flash_fs_ctx_t *get_fs_ctx(int32_t client_id)
{
- return (client_id == TFM_SP_STORAGE) ? &fs_ctx_sst : &fs_ctx_its;
+ return (client_id == TFM_SP_PS) ? &fs_ctx_ps : &fs_ctx_its;
}
/**
@@ -89,35 +89,35 @@
}
#endif /* ITS_CREATE_FLASH_LAYOUT */
- /* Initialise the SST context */
- status = its_flash_fs_prepare(&fs_ctx_sst,
+ /* Initialise the PS context */
+ status = its_flash_fs_prepare(&fs_ctx_ps,
its_flash_get_info(ITS_FLASH_ID_EXTERNAL));
-#ifdef SST_CREATE_FLASH_LAYOUT
- /* If SST_CREATE_FLASH_LAYOUT is set, it indicates that it is required to
- * create a SST flash layout. SST service will generate an empty and valid
- * SST flash layout to store assets. It will erase all data located in the
- * assigned SST memory area before generating the SST layout.
- * This flag is required to be set if the SST memory area is located in
+#ifdef PS_CREATE_FLASH_LAYOUT
+ /* If PS_CREATE_FLASH_LAYOUT is set, it indicates that it is required to
+ * create a PS flash layout. PS service will generate an empty and valid
+ * PS flash layout to store assets. It will erase all data located in the
+ * assigned PS memory area before generating the PS layout.
+ * This flag is required to be set if the PS memory area is located in
* non-persistent memory.
- * This flag can be set if the SST memory area is located in persistent
- * memory without a previous valid SST flash layout in it. That is the case
- * when it is the first time in the device life that the SST service is
+ * This flag can be set if the PS memory area is located in persistent
+ * memory without a previous valid PS flash layout in it. That is the case
+ * when it is the first time in the device life that the PS service is
* executed.
*/
if (status != PSA_SUCCESS) {
- /* Remove all data in the SST memory area and create a valid SST flash
+ /* Remove all data in the PS memory area and create a valid PS flash
* layout in that area.
*/
- status = its_flash_fs_wipe_all(&fs_ctx_sst);
+ status = its_flash_fs_wipe_all(&fs_ctx_ps);
if (status != PSA_SUCCESS) {
return status;
}
/* Attempt to initialise again */
- status = its_flash_fs_prepare(&fs_ctx_sst,
+ status = its_flash_fs_prepare(&fs_ctx_ps,
its_flash_get_info(ITS_FLASH_ID_EXTERNAL));
}
-#endif /* SST_CREATE_FLASH_LAYOUT */
+#endif /* PS_CREATE_FLASH_LAYOUT */
return status;
}
@@ -219,12 +219,12 @@
psa_status_t status;
size_t read_size;
-#ifdef TFM_PARTITION_TEST_SST
- /* The SST test partiton can call tfm_its_get() through SST code. Treat it
- * as if it were SST.
+#ifdef TFM_PARTITION_TEST_PS
+ /* The PS test partition can call tfm_its_get() through PS code. Treat it
+ * as if it were PS.
*/
- if (client_id == TFM_SP_SST_TEST) {
- client_id = TFM_SP_STORAGE;
+ if (client_id == TFM_SP_PS_TEST) {
+ client_id = TFM_SP_PS;
}
#endif
@@ -312,12 +312,12 @@
{
psa_status_t status;
-#ifdef TFM_PARTITION_TEST_SST
- /* The SST test partiton can call tfm_its_remove() through SST code. Treat
- * it as if it were SST.
+#ifdef TFM_PARTITION_TEST_PS
+ /* The PS test partition can call tfm_its_remove() through PS code. Treat
+ * it as if it were PS.
*/
- if (client_id == TFM_SP_SST_TEST) {
- client_id = TFM_SP_STORAGE;
+ if (client_id == TFM_SP_PS_TEST) {
+ client_id = TFM_SP_PS;
}
#endif
diff --git a/secure_fw/partitions/internal_trusted_storage/tfm_its_req_mngr.c b/secure_fw/partitions/internal_trusted_storage/tfm_its_req_mngr.c
index 79f2b63..9506545 100644
--- a/secure_fw/partitions/internal_trusted_storage/tfm_its_req_mngr.c
+++ b/secure_fw/partitions/internal_trusted_storage/tfm_its_req_mngr.c
@@ -12,7 +12,7 @@
#include "psa/storage_common.h"
#include "tfm_internal_trusted_storage.h"
#include "its_utils.h"
-#include "sst_object_defs.h"
+#include "ps_object_defs.h"
#ifdef TFM_PSA_API
#include "psa/service.h"
diff --git a/secure_fw/partitions/manifestfilename.template b/secure_fw/partitions/manifestfilename.template
index eebbd6d..8d2f982 100644
--- a/secure_fw/partitions/manifestfilename.template
+++ b/secure_fw/partitions/manifestfilename.template
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
diff --git a/secure_fw/partitions/platform/platform_sp.c b/secure_fw/partitions/platform/platform_sp.c
index 4d53267..331bdb7 100644
--- a/secure_fw/partitions/platform/platform_sp.c
+++ b/secure_fw/partitions/platform/platform_sp.c
@@ -18,9 +18,9 @@
/* Access map using NVCOUNTER_IDX -> tfm_partition-id key-value pairs */
static const int32_t nv_counter_access_map[NV_COUNTER_MAP_SIZE] = {
- [PLAT_NV_COUNTER_0] = TFM_SP_STORAGE,
- [PLAT_NV_COUNTER_1] = TFM_SP_STORAGE,
- [PLAT_NV_COUNTER_2] = TFM_SP_STORAGE
+ [PLAT_NV_COUNTER_0] = TFM_SP_PS,
+ [PLAT_NV_COUNTER_1] = TFM_SP_PS,
+ [PLAT_NV_COUNTER_2] = TFM_SP_PS
};
#ifdef TFM_PSA_API
diff --git a/secure_fw/partitions/protected_storage/CMakeLists.inc b/secure_fw/partitions/protected_storage/CMakeLists.inc
new file mode 100644
index 0000000..de489f3
--- /dev/null
+++ b/secure_fw/partitions/protected_storage/CMakeLists.inc
@@ -0,0 +1,135 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2017-2020, Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#-------------------------------------------------------------------------------
+
+#Definitions to compile the "protected_storage" module.
+#This file assumes it will be included from a project specific cmakefile, and
+#will not create a library or executable.
+#Inputs:
+# TFM_ROOT_DIR - root directory of the TF-M repository.
+#Outputs:
+# Will modify include directories to make the source compile.
+# ALL_SRC_C: C source files to be compiled will be added to this list. This shall be added to your add_executable or add_library command.
+# ALL_SRC_CXX: C++ source files to be compiled will be added to this list. This shall be added to your add_executable or add_library command.
+# ALL_SRC_ASM: assembly source files to be compiled will be added to this list. This shall be added to your add_executable or add_library command.
+# Include directories will be modified by using the include_directories() commands as needed.
+
+#Get the current directory where this file is located.
+set(PROTECTED_STORAGE_DIR ${CMAKE_CURRENT_LIST_DIR})
+
+#Check input variables
+if (NOT DEFINED TFM_ROOT_DIR)
+ message(FATAL_ERROR "Please set TFM_ROOT_DIR before including this file.")
+endif()
+
+if (NOT DEFINED PS_ENCRYPTION)
+ message(FATAL_ERROR "Incomplete build configuration: PS_ENCRYPTION is undefined. ")
+endif()
+
+if (NOT DEFINED PS_ROLLBACK_PROTECTION)
+ message(FATAL_ERROR "Incomplete build configuration: PS_ROLLBACK_PROTECTION is undefined.")
+endif()
+
+if (NOT DEFINED PS_CREATE_FLASH_LAYOUT)
+ message(FATAL_ERROR "Incomplete build configuration: PS_CREATE_FLASH_LAYOUT is undefined. ")
+endif()
+
+if (NOT DEFINED PS_VALIDATE_METADATA_FROM_FLASH)
+ message(FATAL_ERROR "Incomplete build configuration: PS_VALIDATE_METADATA_FROM_FLASH is undefined. ")
+endif()
+
+if (NOT DEFINED PS_RAM_FS)
+ message(FATAL_ERROR "Incomplete build configuration: PS_RAM_FS is undefined. ")
+endif()
+
+if (NOT DEFINED PS_TEST_NV_COUNTERS)
+ message(FATAL_ERROR "Incomplete build configuration: PS_TEST_NV_COUNTERS is undefined.")
+endif()
+
+set (PROTECTED_STORAGE_C_SRC
+ "${PROTECTED_STORAGE_DIR}/tfm_ps_secure_api.c"
+ "${PROTECTED_STORAGE_DIR}/tfm_ps_req_mngr.c"
+ "${PROTECTED_STORAGE_DIR}/tfm_protected_storage.c"
+ "${PROTECTED_STORAGE_DIR}/ps_object_system.c"
+ "${PROTECTED_STORAGE_DIR}/ps_object_table.c"
+ "${PROTECTED_STORAGE_DIR}/ps_utils.c"
+)
+
+if (PS_ENCRYPTION)
+ list(APPEND PROTECTED_STORAGE_C_SRC
+ "${PROTECTED_STORAGE_DIR}/crypto/ps_crypto_interface.c"
+ "${PROTECTED_STORAGE_DIR}/ps_encrypted_object.c"
+ )
+ set_property(SOURCE ${PROTECTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS PS_ENCRYPTION)
+
+ if (PS_ROLLBACK_PROTECTION)
+ # Only build the NV counters implementation if the PS_TEST_NV_COUNTERS
+ # flag is off. When this flag is on, a virtual implementation of the PS
+ # NV counters interface is used instead. Full documentation for this
+ # flag can be found in the PS Integration Guide.
+ if (NOT PS_TEST_NV_COUNTERS)
+ list(APPEND PROTECTED_STORAGE_C_SRC
+ "${PROTECTED_STORAGE_DIR}/nv_counters/ps_nv_counters.c")
+ endif()
+ set_property(SOURCE ${PROTECTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS PS_ROLLBACK_PROTECTION)
+ endif()
+endif()
+
+if (PS_VALIDATE_METADATA_FROM_FLASH)
+ set_property(SOURCE ${PROTECTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS PS_VALIDATE_METADATA_FROM_FLASH)
+endif()
+
+if (PS_CREATE_FLASH_LAYOUT)
+ set_property(SOURCE ${PROTECTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS PS_CREATE_FLASH_LAYOUT)
+endif()
+
+if (PS_RAM_FS)
+ set_property(SOURCE ${PROTECTED_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS PS_RAM_FS)
+endif()
+
+#Append all our source files to global lists.
+list(APPEND ALL_SRC_C ${PROTECTED_STORAGE_C_SRC})
+unset(PROTECTED_STORAGE_C_SRC)
+
+#Inform the user about PS service features selected based on the PS service cmake flags
+message("The PS service compile configuration is as follows:")
+message("- PS_ENCRYPTION: " ${PS_ENCRYPTION})
+if (PS_ENCRYPTION)
+ message("- PS_ROLLBACK_PROTECTION: " ${PS_ROLLBACK_PROTECTION})
+else()
+ message("- PS_ROLLBACK_PROTECTION: N/A")
+endif()
+message("- PS_VALIDATE_METADATA_FROM_FLASH: " ${PS_VALIDATE_METADATA_FROM_FLASH})
+message("- PS_CREATE_FLASH_LAYOUT: " ${PS_CREATE_FLASH_LAYOUT})
+message("- PS_RAM_FS: " ${PS_RAM_FS})
+message("- PS_TEST_NV_COUNTERS: " ${PS_TEST_NV_COUNTERS})
+
+#Setting include directories
+embedded_include_directories(PATH ${TFM_ROOT_DIR} ABSOLUTE)
+embedded_include_directories(PATH ${TFM_ROOT_DIR}/interface/include ABSOLUTE)
+embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/spm ABSOLUTE)
+embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/core/include ABSOLUTE)
+embedded_include_directories(PATH ${TFM_ROOT_DIR}/platform/ext/common ABSOLUTE)
+embedded_include_directories(PATH ${TFM_ROOT_DIR}/platform/ext/driver ABSOLUTE)
+set(BUILD_CMSIS_CORE Off)
+set(BUILD_RETARGET Off)
+set(BUILD_NATIVE_DRIVERS Off)
+set(BUILD_STARTUP Off)
+set(BUILD_TARGET_CFG Off)
+set(BUILD_TARGET_HARDWARE_KEYS Off)
+set(BUILD_TARGET_NV_COUNTERS Off)
+set(BUILD_CMSIS_DRIVERS Off)
+set(BUILD_TIME Off)
+set(BUILD_UART_STDOUT Off)
+set(BUILD_FLASH Off)
+set(BUILD_PLAT_TEST Off)
+if(NOT DEFINED PLATFORM_CMAKE_FILE)
+ message (FATAL_ERROR "Platform specific CMake is not defined. Please set PLATFORM_CMAKE_FILE.")
+elseif(NOT EXISTS ${PLATFORM_CMAKE_FILE})
+ message (FATAL_ERROR "Platform specific CMake \"${PLATFORM_CMAKE_FILE}\" file does not exist. Please fix value of PLATFORM_CMAKE_FILE.")
+else()
+ include(${PLATFORM_CMAKE_FILE})
+endif()
diff --git a/secure_fw/partitions/secure_storage/CMakeLists.txt b/secure_fw/partitions/protected_storage/CMakeLists.txt
similarity index 85%
rename from secure_fw/partitions/secure_storage/CMakeLists.txt
rename to secure_fw/partitions/protected_storage/CMakeLists.txt
index 94053f0..c376ce1 100644
--- a/secure_fw/partitions/secure_storage/CMakeLists.txt
+++ b/secure_fw/partitions/protected_storage/CMakeLists.txt
@@ -11,8 +11,8 @@
list(APPEND CMAKE_MODULE_PATH ${CMAKE_CURRENT_LIST_DIR}/../../../cmake)
###Some project global settings
-set (SECURE_STORAGE_DIR "${CMAKE_CURRENT_LIST_DIR}")
-get_filename_component(TFM_ROOT_DIR "${SECURE_STORAGE_DIR}/../../.." ABSOLUTE)
+set (PROTECTED_STORAGE_DIR "${CMAKE_CURRENT_LIST_DIR}")
+get_filename_component(TFM_ROOT_DIR "${PROTECTED_STORAGE_DIR}/../../.." ABSOLUTE)
#Include common stuff to control cmake.
include("Common/BuildSys")
@@ -29,7 +29,7 @@
message(FATAL_ERROR "Incomplete build configuration: TFM_LVL is undefined. ")
endif()
-# Specify what we build (for the secure storage service, build as a static library)
+# Specify what we build (for the protected storage service, build as a static library)
add_library(tfm_storage STATIC ${ALL_SRC_ASM} ${ALL_SRC_C})
#Set common compiler and linker flags
diff --git a/secure_fw/partitions/protected_storage/crypto/ps_crypto_interface.c b/secure_fw/partitions/protected_storage/crypto/ps_crypto_interface.c
new file mode 100644
index 0000000..28fc9c4
--- /dev/null
+++ b/secure_fw/partitions/protected_storage/crypto/ps_crypto_interface.c
@@ -0,0 +1,235 @@
+/*
+ * Copyright (c) 2017-2020, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#include "ps_crypto_interface.h"
+
+#include <stdbool.h>
+
+#include "tfm_crypto_defs.h"
+#include "psa/crypto.h"
+#include "tfm_memory_utils.h"
+
+/* The PSA key type used by this implementation */
+#define PS_KEY_TYPE PSA_KEY_TYPE_AES
+/* The PSA key usage required by this implementation */
+#define PS_KEY_USAGE (PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT)
+/* The PSA algorithm used by this implementation */
+#define PS_CRYPTO_ALG \
+ PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_GCM, PS_TAG_LEN_BYTES)
+
+static const uint8_t ps_key_label[] = "storage_key";
+static psa_key_handle_t ps_key_handle;
+static uint8_t ps_crypto_iv_buf[PS_IV_LEN_BYTES];
+
+psa_status_t ps_crypto_init(void)
+{
+ /* Currently, no initialisation is required. This may change if key
+ * handling is changed.
+ */
+ return PSA_SUCCESS;
+}
+
+psa_status_t ps_crypto_setkey(void)
+{
+ psa_status_t status;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_derivation_operation_t op = PSA_KEY_DERIVATION_OPERATION_INIT;
+
+ /* Set the key attributes for the storage key */
+ psa_set_key_usage_flags(&attributes, PS_KEY_USAGE);
+ psa_set_key_algorithm(&attributes, PS_CRYPTO_ALG);
+ psa_set_key_type(&attributes, PS_KEY_TYPE);
+ psa_set_key_bits(&attributes, PSA_BYTES_TO_BITS(PS_KEY_LEN_BYTES));
+
+ /* Set up a key derivation operation with HUK derivation as the alg */
+ status = psa_key_derivation_setup(&op, TFM_CRYPTO_ALG_HUK_DERIVATION);
+ if (status != PSA_SUCCESS) {
+ return status;
+ }
+
+ /* Supply the PS key label as an input to the key derivation */
+ status = psa_key_derivation_input_bytes(&op, PSA_KEY_DERIVATION_INPUT_LABEL,
+ ps_key_label,
+ sizeof(ps_key_label));
+ if (status != PSA_SUCCESS) {
+ goto err_release_op;
+ }
+
+ /* Create the storage key from the key derivation operation */
+ status = psa_key_derivation_output_key(&attributes, &op, &ps_key_handle);
+ if (status != PSA_SUCCESS) {
+ goto err_release_op;
+ }
+
+ /* Free resources associated with the key derivation operation */
+ status = psa_key_derivation_abort(&op);
+ if (status != PSA_SUCCESS) {
+ goto err_release_key;
+ }
+
+ return PSA_SUCCESS;
+
+err_release_key:
+ (void)psa_destroy_key(ps_key_handle);
+
+err_release_op:
+ (void)psa_key_derivation_abort(&op);
+
+ return PSA_ERROR_GENERIC_ERROR;
+}
+
+psa_status_t ps_crypto_destroykey(void)
+{
+ psa_status_t status;
+
+ /* Destroy the transient key */
+ status = psa_destroy_key(ps_key_handle);
+ if (status != PSA_SUCCESS) {
+ return PSA_ERROR_GENERIC_ERROR;
+ }
+
+ return PSA_SUCCESS;
+}
+
+void ps_crypto_set_iv(const union ps_crypto_t *crypto)
+{
+ (void)tfm_memcpy(ps_crypto_iv_buf, crypto->ref.iv, PS_IV_LEN_BYTES);
+}
+
+void ps_crypto_get_iv(union ps_crypto_t *crypto)
+{
+ /* IV characteristic is algorithm dependent.
+ * For GCM it is essential that it doesn't get repeated.
+ * A simple increment will suffice.
+ * FIXME:
+ * Since IV is predictable in this case,
+ * If there is no rollback protection, an attacker could
+ * try to rollback the storage and encrypt another plaintext
+ * block with same IV/Key pair; this breaks GCM usage rules.
+ * One potential fix would be to generate IV through RNG
+ */
+
+ /* Logic:
+ * IV is a 12 byte value. Read the old value and increment it by 1.
+ * since there is no standard C support for 12 byte integer mathematics,
+ * the increment need to performed manually. Increment the lower 8byte
+ * as uint64_t value and then if the new value is 0, increment the upper
+ * 4 bytes as uint32_t
+ * Endian order doesn't really matter as objective is not to perform
+ * machine accurate increment operation but to generate a non-repetitive
+ * iv value.
+ */
+
+ uint64_t iv_l;
+ uint32_t iv_h;
+
+ (void)tfm_memcpy(&iv_l, ps_crypto_iv_buf, sizeof(iv_l));
+ (void)tfm_memcpy(&iv_h, (ps_crypto_iv_buf+sizeof(iv_l)), sizeof(iv_h));
+ iv_l++;
+ /* If overflow, increment the MSBs */
+ if (iv_l == 0) {
+ iv_h++;
+ }
+
+ /* Update the local buffer */
+ (void)tfm_memcpy(ps_crypto_iv_buf, &iv_l, sizeof(iv_l));
+ (void)tfm_memcpy((ps_crypto_iv_buf + sizeof(iv_l)), &iv_h, sizeof(iv_h));
+ /* Update the caller buffer */
+ (void)tfm_memcpy(crypto->ref.iv, ps_crypto_iv_buf, PS_IV_LEN_BYTES);
+}
+
+psa_status_t ps_crypto_encrypt_and_tag(union ps_crypto_t *crypto,
+ const uint8_t *add,
+ size_t add_len,
+ const uint8_t *in,
+ size_t in_len,
+ uint8_t *out,
+ size_t out_size,
+ size_t *out_len)
+{
+ psa_status_t status;
+
+ status = psa_aead_encrypt(ps_key_handle, PS_CRYPTO_ALG,
+ crypto->ref.iv, PS_IV_LEN_BYTES,
+ add, add_len,
+ in, in_len,
+ out, out_size, out_len);
+ if (status != PSA_SUCCESS) {
+ return PSA_ERROR_GENERIC_ERROR;
+ }
+
+ /* Copy the tag out of the output buffer */
+ *out_len -= PS_TAG_LEN_BYTES;
+ (void)tfm_memcpy(crypto->ref.tag, (out + *out_len), PS_TAG_LEN_BYTES);
+
+ return PSA_SUCCESS;
+}
+
+psa_status_t ps_crypto_auth_and_decrypt(const union ps_crypto_t *crypto,
+ const uint8_t *add,
+ size_t add_len,
+ uint8_t *in,
+ size_t in_len,
+ uint8_t *out,
+ size_t out_size,
+ size_t *out_len)
+{
+ psa_status_t status;
+
+ /* Copy the tag into the input buffer */
+ (void)tfm_memcpy((in + in_len), crypto->ref.tag, PS_TAG_LEN_BYTES);
+ in_len += PS_TAG_LEN_BYTES;
+
+ status = psa_aead_decrypt(ps_key_handle, PS_CRYPTO_ALG,
+ crypto->ref.iv, PS_IV_LEN_BYTES,
+ add, add_len,
+ in, in_len,
+ out, out_size, out_len);
+ if (status != PSA_SUCCESS) {
+ return PSA_ERROR_INVALID_SIGNATURE;
+ }
+
+ return PSA_SUCCESS;
+}
+
+psa_status_t ps_crypto_generate_auth_tag(union ps_crypto_t *crypto,
+ const uint8_t *add,
+ uint32_t add_len)
+{
+ psa_status_t status;
+ size_t out_len;
+
+ status = psa_aead_encrypt(ps_key_handle, PS_CRYPTO_ALG,
+ crypto->ref.iv, PS_IV_LEN_BYTES,
+ add, add_len,
+ 0, 0,
+ crypto->ref.tag, PS_TAG_LEN_BYTES, &out_len);
+ if (status != PSA_SUCCESS || out_len != PS_TAG_LEN_BYTES) {
+ return PSA_ERROR_GENERIC_ERROR;
+ }
+
+ return PSA_SUCCESS;
+}
+
+psa_status_t ps_crypto_authenticate(const union ps_crypto_t *crypto,
+ const uint8_t *add,
+ uint32_t add_len)
+{
+ psa_status_t status;
+ size_t out_len;
+
+ status = psa_aead_decrypt(ps_key_handle, PS_CRYPTO_ALG,
+ crypto->ref.iv, PS_IV_LEN_BYTES,
+ add, add_len,
+ crypto->ref.tag, PS_TAG_LEN_BYTES,
+ 0, 0, &out_len);
+ if (status != PSA_SUCCESS || out_len != 0) {
+ return PSA_ERROR_INVALID_SIGNATURE;
+ }
+
+ return PSA_SUCCESS;
+}
diff --git a/secure_fw/partitions/secure_storage/crypto/sst_crypto_interface.h b/secure_fw/partitions/protected_storage/crypto/ps_crypto_interface.h
similarity index 68%
rename from secure_fw/partitions/secure_storage/crypto/sst_crypto_interface.h
rename to secure_fw/partitions/protected_storage/crypto/ps_crypto_interface.h
index 7b10b55..2fda956 100644
--- a/secure_fw/partitions/secure_storage/crypto/sst_crypto_interface.h
+++ b/secure_fw/partitions/protected_storage/crypto/ps_crypto_interface.h
@@ -5,8 +5,8 @@
*
*/
-#ifndef __SST_CRYPTO_INTERFACE_H__
-#define __SST_CRYPTO_INTERFACE_H__
+#ifndef __PS_CRYPTO_INTERFACE_H__
+#define __PS_CRYPTO_INTERFACE_H__
#include <stddef.h>
#include <stdint.h>
@@ -17,18 +17,18 @@
extern "C" {
#endif
-#define SST_KEY_LEN_BYTES 16
-#define SST_TAG_LEN_BYTES 16
-#define SST_IV_LEN_BYTES 12
+#define PS_KEY_LEN_BYTES 16
+#define PS_TAG_LEN_BYTES 16
+#define PS_IV_LEN_BYTES 12
/* Union containing crypto policy implementations. The ref member provides the
* reference implementation. Further members can be added to the union to
* provide alternative implementations.
*/
-union sst_crypto_t {
+union ps_crypto_t {
struct {
- uint8_t tag[SST_TAG_LEN_BYTES]; /*!< MAC value of AEAD object */
- uint8_t iv[SST_IV_LEN_BYTES]; /*!< IV value of AEAD object */
+ uint8_t tag[PS_TAG_LEN_BYTES]; /*!< MAC value of AEAD object */
+ uint8_t iv[PS_IV_LEN_BYTES]; /*!< IV value of AEAD object */
} ref;
};
@@ -37,21 +37,21 @@
*
* \return Returns values as described in \ref psa_status_t
*/
-psa_status_t sst_crypto_init(void);
+psa_status_t ps_crypto_init(void);
/**
* \brief Sets the key to use for crypto operations for the current client.
*
* \return Returns values as described in \ref psa_status_t
*/
-psa_status_t sst_crypto_setkey(void);
+psa_status_t ps_crypto_setkey(void);
/**
* \brief Destroys the transient key used for crypto operations.
*
* \return Returns values as described in \ref psa_status_t
*/
-psa_status_t sst_crypto_destroykey(void);
+psa_status_t ps_crypto_destroykey(void);
/**
* \brief Encrypts and tags the given plaintext data.
@@ -67,14 +67,14 @@
*
* \return Returns values as described in \ref psa_status_t
*/
-psa_status_t sst_crypto_encrypt_and_tag(union sst_crypto_t *crypto,
- const uint8_t *add,
- size_t add_len,
- const uint8_t *in,
- size_t in_len,
- uint8_t *out,
- size_t out_size,
- size_t *out_len);
+psa_status_t ps_crypto_encrypt_and_tag(union ps_crypto_t *crypto,
+ const uint8_t *add,
+ size_t add_len,
+ const uint8_t *in,
+ size_t in_len,
+ uint8_t *out,
+ size_t out_size,
+ size_t *out_len);
/**
* \brief Decrypts and authenticates the given encrypted data.
@@ -90,14 +90,14 @@
*
* \return Returns values as described in \ref psa_status_t
*/
-psa_status_t sst_crypto_auth_and_decrypt(const union sst_crypto_t *crypto,
- const uint8_t *add,
- size_t add_len,
- uint8_t *in,
- size_t in_len,
- uint8_t *out,
- size_t out_size,
- size_t *out_len);
+psa_status_t ps_crypto_auth_and_decrypt(const union ps_crypto_t *crypto,
+ const uint8_t *add,
+ size_t add_len,
+ uint8_t *in,
+ size_t in_len,
+ uint8_t *out,
+ size_t out_size,
+ size_t *out_len);
/**
* \brief Generates authentication tag for given data.
@@ -108,9 +108,9 @@
*
* \return Returns values as described in \ref psa_status_t
*/
-psa_status_t sst_crypto_generate_auth_tag(union sst_crypto_t *crypto,
- const uint8_t *add,
- uint32_t add_len);
+psa_status_t ps_crypto_generate_auth_tag(union ps_crypto_t *crypto,
+ const uint8_t *add,
+ uint32_t add_len);
/**
* \brief Authenticate given data against the tag.
@@ -121,26 +121,26 @@
*
* \return Returns values as described in \ref psa_status_t
*/
-psa_status_t sst_crypto_authenticate(const union sst_crypto_t *crypto,
- const uint8_t *add,
- uint32_t add_len);
+psa_status_t ps_crypto_authenticate(const union ps_crypto_t *crypto,
+ const uint8_t *add,
+ uint32_t add_len);
/**
* \brief Provides current IV value to crypto layer.
*
* \param[in] crypto Pointer to the crypto union
*/
-void sst_crypto_set_iv(const union sst_crypto_t *crypto);
+void ps_crypto_set_iv(const union ps_crypto_t *crypto);
/**
* \brief Gets a new IV value into the crypto union.
*
* \param[out] crypto Pointer to the crypto union
*/
-void sst_crypto_get_iv(union sst_crypto_t *crypto);
+void ps_crypto_get_iv(union ps_crypto_t *crypto);
#ifdef __cplusplus
}
#endif
-#endif /* __SST_CRYPTO_INTERFACE_H__ */
+#endif /* __PS_CRYPTO_INTERFACE_H__ */
diff --git a/secure_fw/partitions/protected_storage/dir_protected_storage.dox b/secure_fw/partitions/protected_storage/dir_protected_storage.dox
new file mode 100644
index 0000000..8d4e9d1
--- /dev/null
+++ b/secure_fw/partitions/protected_storage/dir_protected_storage.dox
@@ -0,0 +1,17 @@
+/*
+ * Copyright (c) 2018-2020, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+//This file holds description for the current directory. This documentation
+//will be included in the Doxygen output.
+
+/*!
+\dir
+\brief Source code for the Protected Storage service.
+\details The protected storage service is responsible to hold sensitive
+information in a protected storage.
+
+*/
diff --git a/secure_fw/partitions/secure_storage/nv_counters/sst_nv_counters.c b/secure_fw/partitions/protected_storage/nv_counters/ps_nv_counters.c
similarity index 75%
rename from secure_fw/partitions/secure_storage/nv_counters/sst_nv_counters.c
rename to secure_fw/partitions/protected_storage/nv_counters/ps_nv_counters.c
index 276a40f..1c3a346 100644
--- a/secure_fw/partitions/secure_storage/nv_counters/sst_nv_counters.c
+++ b/secure_fw/partitions/protected_storage/nv_counters/ps_nv_counters.c
@@ -5,15 +5,15 @@
*
*/
-#include "sst_nv_counters.h"
+#include "ps_nv_counters.h"
#include "tfm_platform_api.h"
-psa_status_t sst_read_nv_counter(enum tfm_nv_counter_t counter_id,
- uint32_t *val)
+psa_status_t ps_read_nv_counter(enum tfm_nv_counter_t counter_id,
+ uint32_t *val)
{
enum tfm_platform_err_t err;
- err = tfm_platform_nv_counter_read(counter_id, SST_NV_COUNTER_SIZE,
+ err = tfm_platform_nv_counter_read(counter_id, PS_NV_COUNTER_SIZE,
(uint8_t *)val);
if (err != TFM_PLATFORM_ERR_SUCCESS) {
return PSA_ERROR_GENERIC_ERROR;
@@ -22,12 +22,12 @@
return PSA_SUCCESS;
}
-psa_status_t sst_increment_nv_counter(enum tfm_nv_counter_t counter_id)
+psa_status_t ps_increment_nv_counter(enum tfm_nv_counter_t counter_id)
{
enum tfm_platform_err_t err;
/* NOTE: tfm_plat_increment_nv_counter returns TFM_PLAT_ERR_MAX_VALUE when
- * the counter reaches its maximum value. The current SST
+ * the counter reaches its maximum value. The current PS
* implementation treats this condition as an error as, from that
* moment onwards, the rollback protection can not be achieved based
* on the NV counters.
diff --git a/secure_fw/partitions/secure_storage/nv_counters/sst_nv_counters.h b/secure_fw/partitions/protected_storage/nv_counters/ps_nv_counters.h
similarity index 61%
rename from secure_fw/partitions/secure_storage/nv_counters/sst_nv_counters.h
rename to secure_fw/partitions/protected_storage/nv_counters/ps_nv_counters.h
index 31b9afb..df32034 100644
--- a/secure_fw/partitions/secure_storage/nv_counters/sst_nv_counters.h
+++ b/secure_fw/partitions/protected_storage/nv_counters/ps_nv_counters.h
@@ -5,14 +5,14 @@
*
*/
-#ifndef __SST_NV_COUNTERS_H__
-#define __SST_NV_COUNTERS_H__
+#ifndef __PS_NV_COUNTERS_H__
+#define __PS_NV_COUNTERS_H__
-/* NOTE: This API abstracts SST NV counters operations. This API detaches the
+/* NOTE: This API abstracts PS NV counters operations. This API detaches the
* use of NV counters from the TF-M NV counters implementation, provided
* by the platform, and provides a mechanism to compile in a different
- * API implementation for test purposes. A SST test suite may provide
- * its own custom implementation to be able to test different SST service
+ * API implementation for test purposes. A PS test suite may provide
+ * its own custom implementation to be able to test different PS service
* use cases.
*/
@@ -20,11 +20,11 @@
#include "psa/protected_storage.h"
#include "tfm_plat_nv_counters.h"
-#define TFM_SST_NV_COUNTER_1 PLAT_NV_COUNTER_0
-#define TFM_SST_NV_COUNTER_2 PLAT_NV_COUNTER_1
-#define TFM_SST_NV_COUNTER_3 PLAT_NV_COUNTER_2
+#define TFM_PS_NV_COUNTER_1 PLAT_NV_COUNTER_0
+#define TFM_PS_NV_COUNTER_2 PLAT_NV_COUNTER_1
+#define TFM_PS_NV_COUNTER_3 PLAT_NV_COUNTER_2
-#define SST_NV_COUNTER_SIZE 4 /* In bytes */
+#define PS_NV_COUNTER_SIZE 4 /* In bytes */
#ifdef __cplusplus
extern "C" {
@@ -39,8 +39,8 @@
* \return PSA_SUCCESS if the value is read correctly, otherwise
* PSA_ERROR_GENERIC_ERROR
*/
-psa_status_t sst_read_nv_counter(enum tfm_nv_counter_t counter_id,
- uint32_t *val);
+psa_status_t ps_read_nv_counter(enum tfm_nv_counter_t counter_id,
+ uint32_t *val);
/**
* \brief Increments the given non-volatile (NV) counter.
@@ -50,10 +50,10 @@
* \return If the counter is incremented correctly, it returns
* PSA_SUCCESS. Otherwise, PSA_ERROR_GENERIC_ERROR.
*/
-psa_status_t sst_increment_nv_counter(enum tfm_nv_counter_t counter_id);
+psa_status_t ps_increment_nv_counter(enum tfm_nv_counter_t counter_id);
#ifdef __cplusplus
}
#endif
-#endif /* __SST_NV_COUNTERS_H__ */
+#endif /* __PS_NV_COUNTERS_H__ */
diff --git a/secure_fw/partitions/secure_storage/sst_encrypted_object.c b/secure_fw/partitions/protected_storage/ps_encrypted_object.c
similarity index 62%
rename from secure_fw/partitions/secure_storage/sst_encrypted_object.c
rename to secure_fw/partitions/protected_storage/ps_encrypted_object.c
index 0be7d3b..4e5a2f4 100644
--- a/secure_fw/partitions/secure_storage/sst_encrypted_object.c
+++ b/secure_fw/partitions/protected_storage/ps_encrypted_object.c
@@ -5,32 +5,32 @@
*
*/
-#include "sst_encrypted_object.h"
+#include "ps_encrypted_object.h"
#include <stddef.h>
-#include "crypto/sst_crypto_interface.h"
+#include "crypto/ps_crypto_interface.h"
#include "psa/internal_trusted_storage.h"
#include "tfm_memory_utils.h"
-#include "sst_object_defs.h"
-#include "sst_utils.h"
+#include "ps_object_defs.h"
+#include "ps_utils.h"
/* Gets the size of data to encrypt */
-#define SST_ENCRYPT_SIZE(plaintext_size) \
- ((plaintext_size) + SST_OBJECT_HEADER_SIZE - sizeof(union sst_crypto_t))
+#define PS_ENCRYPT_SIZE(plaintext_size) \
+ ((plaintext_size) + PS_OBJECT_HEADER_SIZE - sizeof(union ps_crypto_t))
-#define SST_OBJECT_START_POSITION 0
+#define PS_OBJECT_START_POSITION 0
/* Buffer to store the maximum encrypted object */
/* FIXME: Do partial encrypt/decrypt to reduce the size of internal buffer */
-#define SST_MAX_ENCRYPTED_OBJ_SIZE SST_ENCRYPT_SIZE(SST_MAX_OBJECT_DATA_SIZE)
+#define PS_MAX_ENCRYPTED_OBJ_SIZE PS_ENCRYPT_SIZE(PS_MAX_OBJECT_DATA_SIZE)
/* FIXME: add the tag length to the crypto buffer size to account for the tag
* being appended to the ciphertext by the crypto layer.
*/
-#define SST_CRYPTO_BUF_LEN (SST_MAX_ENCRYPTED_OBJ_SIZE + SST_TAG_LEN_BYTES)
+#define PS_CRYPTO_BUF_LEN (PS_MAX_ENCRYPTED_OBJ_SIZE + PS_TAG_LEN_BYTES)
-static uint8_t sst_crypto_buf[SST_CRYPTO_BUF_LEN];
+static uint8_t ps_crypto_buf[PS_CRYPTO_BUF_LEN];
/**
* \brief Performs authenticated decryption on object data, with the header as
@@ -45,40 +45,40 @@
*
* \return Returns error code as specified in \ref psa_status_t
*/
-static psa_status_t sst_object_auth_decrypt(uint32_t fid,
- uint32_t cur_size,
- struct sst_object_t *obj)
+static psa_status_t ps_object_auth_decrypt(uint32_t fid,
+ uint32_t cur_size,
+ struct ps_object_t *obj)
{
psa_status_t err;
uint8_t *p_obj_data = (uint8_t *)&obj->header.info;
size_t out_len;
- err = sst_crypto_setkey();
+ err = ps_crypto_setkey();
if (err != PSA_SUCCESS) {
return err;
}
- (void)tfm_memcpy(sst_crypto_buf, p_obj_data, cur_size);
+ (void)tfm_memcpy(ps_crypto_buf, p_obj_data, cur_size);
/* Use File ID as a part of the associated data to authenticate
* the object in the FS. The tag will be stored in the object table and
* not as a part of the object's data stored in the FS.
*/
- err = sst_crypto_auth_and_decrypt(&obj->header.crypto,
- (const uint8_t *)&fid,
- sizeof(fid),
- sst_crypto_buf,
- cur_size,
- p_obj_data,
- sizeof(*obj) - sizeof(obj->header.crypto),
- &out_len);
+ err = ps_crypto_auth_and_decrypt(&obj->header.crypto,
+ (const uint8_t *)&fid,
+ sizeof(fid),
+ ps_crypto_buf,
+ cur_size,
+ p_obj_data,
+ sizeof(*obj) - sizeof(obj->header.crypto),
+ &out_len);
if (err != PSA_SUCCESS || out_len != cur_size) {
- (void)sst_crypto_destroykey();
+ (void)ps_crypto_destroykey();
return PSA_ERROR_GENERIC_ERROR;
}
- return sst_crypto_destroykey();
+ return ps_crypto_destroykey();
}
/**
@@ -92,55 +92,55 @@
*
* \return Returns error code as specified in \ref psa_status_t
*/
-static psa_status_t sst_object_auth_encrypt(uint32_t fid,
- uint32_t cur_size,
- struct sst_object_t *obj)
+static psa_status_t ps_object_auth_encrypt(uint32_t fid,
+ uint32_t cur_size,
+ struct ps_object_t *obj)
{
psa_status_t err;
uint8_t *p_obj_data = (uint8_t *)&obj->header.info;
size_t out_len;
- err = sst_crypto_setkey();
+ err = ps_crypto_setkey();
if (err != PSA_SUCCESS) {
return err;
}
/* FIXME: should have an IV per object with key diversification */
/* Get a new IV for each encryption */
- sst_crypto_get_iv(&obj->header.crypto);
+ ps_crypto_get_iv(&obj->header.crypto);
/* Use File ID as a part of the associated data to authenticate
* the object in the FS. The tag will be stored in the object table and
* not as a part of the object's data stored in the FS.
*/
- err = sst_crypto_encrypt_and_tag(&obj->header.crypto,
- (const uint8_t *)&fid,
- sizeof(fid),
- p_obj_data,
- cur_size,
- sst_crypto_buf,
- sizeof(sst_crypto_buf),
- &out_len);
+ err = ps_crypto_encrypt_and_tag(&obj->header.crypto,
+ (const uint8_t *)&fid,
+ sizeof(fid),
+ p_obj_data,
+ cur_size,
+ ps_crypto_buf,
+ sizeof(ps_crypto_buf),
+ &out_len);
if (err != PSA_SUCCESS || out_len != cur_size) {
- (void)sst_crypto_destroykey();
+ (void)ps_crypto_destroykey();
return PSA_ERROR_GENERIC_ERROR;
}
- (void)tfm_memcpy(p_obj_data, sst_crypto_buf, cur_size);
+ (void)tfm_memcpy(p_obj_data, ps_crypto_buf, cur_size);
- return sst_crypto_destroykey();
+ return ps_crypto_destroykey();
}
-psa_status_t sst_encrypted_object_read(uint32_t fid, struct sst_object_t *obj)
+psa_status_t ps_encrypted_object_read(uint32_t fid, struct ps_object_t *obj)
{
psa_status_t err;
uint32_t decrypt_size;
size_t data_length;
/* Read the encrypted object from the the persistent area */
- err = psa_its_get(fid, SST_OBJECT_START_POSITION,
- SST_MAX_OBJECT_SIZE,
+ err = psa_its_get(fid, PS_OBJECT_START_POSITION,
+ PS_MAX_OBJECT_SIZE,
(void *)obj->header.crypto.ref.iv,
&data_length);
if (err != PSA_SUCCESS) {
@@ -151,7 +151,7 @@
decrypt_size = data_length - sizeof(obj->header.crypto.ref.iv);
/* Decrypt the object data */
- err = sst_object_auth_decrypt(fid, decrypt_size, obj);
+ err = ps_object_auth_decrypt(fid, decrypt_size, obj);
if (err != PSA_SUCCESS) {
return err;
}
@@ -159,15 +159,15 @@
return PSA_SUCCESS;
}
-psa_status_t sst_encrypted_object_write(uint32_t fid, struct sst_object_t *obj)
+psa_status_t ps_encrypted_object_write(uint32_t fid, struct ps_object_t *obj)
{
psa_status_t err;
uint32_t wrt_size;
- wrt_size = SST_ENCRYPT_SIZE(obj->header.info.current_size);
+ wrt_size = PS_ENCRYPT_SIZE(obj->header.info.current_size);
/* Authenticate and encrypt the object */
- err = sst_object_auth_encrypt(fid, wrt_size, obj);
+ err = ps_object_auth_encrypt(fid, wrt_size, obj);
if (err != PSA_SUCCESS) {
return err;
}
diff --git a/secure_fw/partitions/secure_storage/sst_encrypted_object.h b/secure_fw/partitions/protected_storage/ps_encrypted_object.h
similarity index 70%
rename from secure_fw/partitions/secure_storage/sst_encrypted_object.h
rename to secure_fw/partitions/protected_storage/ps_encrypted_object.h
index eed82af..1aa19a0 100644
--- a/secure_fw/partitions/secure_storage/sst_encrypted_object.h
+++ b/secure_fw/partitions/protected_storage/ps_encrypted_object.h
@@ -5,11 +5,11 @@
*
*/
-#ifndef __SST_ENCRYPTED_OBJECT_H__
-#define __SST_ENCRYPTED_OBJECT_H__
+#ifndef __PS_ENCRYPTED_OBJECT_H__
+#define __PS_ENCRYPTED_OBJECT_H__
#include <stdint.h>
-#include "sst_object_defs.h"
+#include "ps_object_defs.h"
#include "psa/protected_storage.h"
#ifdef __cplusplus
@@ -24,12 +24,12 @@
*
* \return Returns error code specified in \ref psa_status_t
*/
-psa_status_t sst_encrypted_object_read(uint32_t fid,
- struct sst_object_t *obj);
+psa_status_t ps_encrypted_object_read(uint32_t fid,
+ struct ps_object_t *obj);
/**
* \brief Creates and writes a new encrypted object based on the given
- * sst_object_t structure data.
+ * ps_object_t structure data.
*
* \param[in] fid File ID
* \param[in,out] obj Pointer to the object structure to write.
@@ -41,11 +41,11 @@
*
* \return Returns error code specified in \ref psa_status_t
*/
-psa_status_t sst_encrypted_object_write(uint32_t fid,
- struct sst_object_t *obj);
+psa_status_t ps_encrypted_object_write(uint32_t fid,
+ struct ps_object_t *obj);
#ifdef __cplusplus
}
#endif
-#endif /* __SST_ENCRYPTED_OBJECT_H__ */
+#endif /* __PS_ENCRYPTED_OBJECT_H__ */
diff --git a/secure_fw/partitions/protected_storage/ps_object_defs.h b/secure_fw/partitions/protected_storage/ps_object_defs.h
new file mode 100644
index 0000000..815c859
--- /dev/null
+++ b/secure_fw/partitions/protected_storage/ps_object_defs.h
@@ -0,0 +1,73 @@
+/*
+ * Copyright (c) 2018-2020, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef __PS_OBJECT_DEFS_H__
+#define __PS_OBJECT_DEFS_H__
+
+#include <stdint.h>
+
+#include "flash_layout.h"
+#include "psa/protected_storage.h"
+
+#ifdef PS_ENCRYPTION
+#include "crypto/ps_crypto_interface.h"
+#endif
+
+/*!
+ * \struct ps_object_info_t
+ *
+ * \brief Object information.
+ */
+struct ps_object_info_t {
+ uint32_t current_size; /*!< Current size of the object content in bytes */
+ uint32_t max_size; /*!< Maximum size of the object content in bytes */
+ psa_storage_create_flags_t create_flags; /*!< Object creation flags */
+};
+
+/*!
+ * \struct ps_obj_header_t
+ *
+ * \brief Metadata attached as a header to object data before storage.
+ */
+struct ps_obj_header_t {
+#ifdef PS_ENCRYPTION
+ union ps_crypto_t crypto; /*!< Crypto metadata */
+#else
+ uint32_t version; /*!< Object version */
+ uint32_t fid; /*!< File ID */
+#endif
+ struct ps_object_info_t info; /*!< Object information */
+};
+
+
+#define PS_MAX_OBJECT_DATA_SIZE PS_MAX_ASSET_SIZE
+
+/*!
+ * \struct ps_object_t
+ *
+ * \brief The object to be written to the file system below. Made up of the
+ * object header and the object data.
+ */
+struct ps_object_t {
+ struct ps_obj_header_t header; /*!< Object header */
+ uint8_t data[PS_MAX_OBJECT_DATA_SIZE]; /*!< Object data */
+};
+
+
+#define PS_OBJECT_HEADER_SIZE sizeof(struct ps_obj_header_t)
+#define PS_MAX_OBJECT_SIZE sizeof(struct ps_object_t)
+
+/*!
+ * \def PS_MAX_NUM_OBJECTS
+ *
+ * \brief Specifies the maximum number of objects in the system, which is the
+ * number of defined assets, the object table and 2 temporary objects to
+ * store the temporary object table and temporary updated object.
+ */
+#define PS_MAX_NUM_OBJECTS (PS_NUM_ASSETS + 3)
+
+#endif /* __PS_OBJECT_DEFS_H__ */
diff --git a/secure_fw/partitions/protected_storage/ps_object_system.c b/secure_fw/partitions/protected_storage/ps_object_system.c
new file mode 100644
index 0000000..17724d3
--- /dev/null
+++ b/secure_fw/partitions/protected_storage/ps_object_system.c
@@ -0,0 +1,532 @@
+/*
+ * Copyright (c) 2017-2020, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#include "ps_object_system.h"
+
+#include <stddef.h>
+
+#include "cmsis_compiler.h"
+#include "psa/internal_trusted_storage.h"
+#include "tfm_memory_utils.h"
+#ifdef PS_ENCRYPTION
+#include "ps_encrypted_object.h"
+#endif
+#include "ps_object_defs.h"
+#include "ps_object_table.h"
+#include "ps_utils.h"
+#include "tfm_ps_req_mngr.h"
+
+#ifndef PS_ENCRYPTION
+/* Gets the size of object written to the object system below */
+#define PS_OBJECT_SIZE(max_size) (PS_OBJECT_HEADER_SIZE + (max_size))
+#define PS_OBJECT_START_POSITION 0
+#endif /* PS_ENCRYPTION */
+
+/* Allocate static variables to process objects */
+static struct ps_object_t g_ps_object;
+static struct ps_obj_table_info_t g_obj_tbl_info;
+
+/**
+ * \brief Initialize g_ps_object based on the input parameters and empty data.
+ *
+ * \param[in] create_flags Object create flags
+ * \param[in] size Object size
+ * \param[out] obj Object to initialize
+ *
+ */
+__attribute__ ((always_inline))
+__STATIC_INLINE void ps_init_empty_object(
+ psa_storage_create_flags_t create_flags,
+ uint32_t size,
+ struct ps_object_t *obj)
+{
+ /* Set all object data to 0 */
+ (void)tfm_memset(obj, PS_DEFAULT_EMPTY_BUFF_VAL, PS_MAX_OBJECT_SIZE);
+
+#ifndef PS_ENCRYPTION
+ /* Initialize object version */
+ obj->header.version = 0;
+#endif
+
+ /* Set object header based on input parameters */
+ obj->header.info.max_size = size;
+ obj->header.info.create_flags = create_flags;
+}
+
+/**
+ * \brief Removes the old object table and object from the file system.
+ *
+ * \param[in] old_fid Old file ID to remove.
+ *
+ * \return Returns error code as specified in \ref psa_status_t
+ */
+static psa_status_t ps_remove_old_data(uint32_t old_fid)
+{
+ psa_status_t err;
+
+ /* Delete old object table from the persistent area */
+ err = ps_object_table_delete_old_table();
+ if (err != PSA_SUCCESS) {
+ return err;
+ }
+
+ /* Delete old file from the persistent area */
+ return psa_its_remove(old_fid);
+}
+
+#ifndef PS_ENCRYPTION
+enum read_type_t {
+ READ_HEADER_ONLY = 0,
+ READ_ALL_OBJECT,
+};
+
+/**
+ * \brief Reads and validates an object header based on its object table info
+ * stored in g_obj_tbl_info.
+ *
+ * \param[in] type Read type as specified in \ref read_type_t
+ *
+ * \return Returns error code as specified in \ref psa_status_t
+ */
+static psa_status_t ps_read_object(enum read_type_t type)
+{
+ psa_status_t err;
+ size_t data_length;
+
+ /* Read object header */
+ err = psa_its_get(g_obj_tbl_info.fid,
+ PS_OBJECT_START_POSITION,
+ PS_OBJECT_HEADER_SIZE,
+ (void *)&g_ps_object.header,
+ &data_length);
+ if (err != PSA_SUCCESS) {
+ return err;
+ }
+
+ /* As PS encryption support is not enabled, check file ID and version to
+ * detect inconsistency after read the object header from flash.
+ */
+ if (g_ps_object.header.fid != g_obj_tbl_info.fid ||
+ g_ps_object.header.version != g_obj_tbl_info.version) {
+ return PSA_PS_ERROR_DATA_CORRUPT;
+ }
+
+ /* Read object data if any */
+ if (type == READ_ALL_OBJECT && g_ps_object.header.info.current_size > 0) {
+ err = psa_its_get(g_obj_tbl_info.fid,
+ PS_OBJECT_HEADER_SIZE,
+ g_ps_object.header.info.current_size,
+ (void *)g_ps_object.data,
+ &data_length);
+ if (err != PSA_SUCCESS) {
+ return err;
+ }
+ }
+
+ return PSA_SUCCESS;
+}
+
+/**
+ * \brief Writes an object based on its object table info stored in
+ * g_obj_tbl_info and the input parameter.
+ *
+ * \param[in] wrt_size Number of bytes to write
+ *
+ * \return Returns error code as specified in \ref psa_status_t
+ */
+static psa_status_t ps_write_object(uint32_t wrt_size)
+{
+ /* Add object identification and increase object version */
+ g_ps_object.header.fid = g_obj_tbl_info.fid;
+ g_ps_object.header.version++;
+
+ /* Save object version to be stored in the object table */
+ g_obj_tbl_info.version = g_ps_object.header.version;
+
+ return psa_its_set(g_obj_tbl_info.fid, wrt_size,
+ (const void *)&g_ps_object,
+ PSA_STORAGE_FLAG_NONE);
+}
+
+#endif /* !PS_ENCRYPTION */
+
+psa_status_t ps_system_prepare(void)
+{
+ psa_status_t err;
+
+ /* Reuse the allocated g_ps_object.data to store a temporary object table
+ * data to be validate inside the function.
+ * The stored date will be cleaned up when the g_ps_object.data will
+ * be used for the first time in the object system.
+ */
+ err = ps_object_table_init(g_ps_object.data);
+
+#ifdef PS_ENCRYPTION
+ g_obj_tbl_info.tag = g_ps_object.header.crypto.ref.tag;
+#endif
+
+ return err;
+}
+
+psa_status_t ps_object_read(psa_storage_uid_t uid, int32_t client_id,
+ uint32_t offset, uint32_t size,
+ size_t *p_data_length)
+{
+ psa_status_t err;
+
+ /* Retrieve the object information from the object table if the object
+ * exists.
+ */
+ err = ps_object_table_get_obj_tbl_info(uid, client_id, &g_obj_tbl_info);
+ if (err != PSA_SUCCESS) {
+ return err;
+ }
+
+ /* Read object */
+#ifdef PS_ENCRYPTION
+ err = ps_encrypted_object_read(g_obj_tbl_info.fid, &g_ps_object);
+#else
+ /* Read object header */
+ err = ps_read_object(READ_ALL_OBJECT);
+#endif
+ if (err != PSA_SUCCESS) {
+ goto clear_data_and_return;
+ }
+
+ /* Boundary check the incoming request */
+ if (offset > g_ps_object.header.info.current_size) {
+ err = PSA_ERROR_INVALID_ARGUMENT;
+ goto clear_data_and_return;
+ }
+
+ size = PS_UTILS_MIN(size,
+ g_ps_object.header.info.current_size - offset);
+
+ /* Copy the decrypted object data to the output buffer */
+ ps_req_mngr_write_asset_data(g_ps_object.data + offset, size);
+
+ *p_data_length = size;
+
+clear_data_and_return:
+ /* Remove data stored in the object before leaving the function */
+ (void)tfm_memset(&g_ps_object, PS_DEFAULT_EMPTY_BUFF_VAL,
+ PS_MAX_OBJECT_SIZE);
+
+ return err;
+}
+
+psa_status_t ps_object_create(psa_storage_uid_t uid, int32_t client_id,
+ psa_storage_create_flags_t create_flags,
+ uint32_t size)
+{
+ psa_status_t err;
+ uint32_t old_fid = PS_INVALID_FID;
+ uint32_t fid_am_reserved = 1;
+
+#ifndef PS_ENCRYPTION
+ uint32_t wrt_size;
+#endif
+
+ /* Boundary check the incoming request */
+ if (size > PS_MAX_ASSET_SIZE) {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
+
+ /* Retrieve the object information from the object table if the object
+ * exists.
+ */
+ err = ps_object_table_get_obj_tbl_info(uid, client_id, &g_obj_tbl_info);
+ if (err == PSA_SUCCESS) {
+#ifdef PS_ENCRYPTION
+ /* Read the object */
+ err = ps_encrypted_object_read(g_obj_tbl_info.fid, &g_ps_object);
+#else
+ /* Read the object header */
+ err = ps_read_object(READ_HEADER_ONLY);
+#endif
+ if (err != PSA_SUCCESS) {
+ goto clear_data_and_return;
+ }
+
+ /* If the object exists and has the write once flag set, then it cannot
+ * be modified.
+ */
+ if (g_ps_object.header.info.create_flags
+ & PSA_STORAGE_FLAG_WRITE_ONCE) {
+ err = PSA_ERROR_NOT_PERMITTED;
+ goto clear_data_and_return;
+ }
+
+ /* Update the create flags and max object size */
+ g_ps_object.header.info.create_flags = create_flags;
+ g_ps_object.header.info.max_size = size;
+
+ /* Save old file ID */
+ old_fid = g_obj_tbl_info.fid;
+ } else if (err == PSA_ERROR_DOES_NOT_EXIST) {
+ /* If the object does not exist, then initialize it based on the input
+ * arguments and empty content. Requests 2 FIDs to prevent exhaustion.
+ */
+ fid_am_reserved = 2;
+ ps_init_empty_object(create_flags, size, &g_ps_object);
+ } else {
+ goto clear_data_and_return;
+ }
+
+ /* Update the object data */
+ err = ps_req_mngr_read_asset_data(g_ps_object.data, size);
+ if (err != PSA_SUCCESS) {
+ goto clear_data_and_return;
+ }
+
+ /* Update the current object size */
+ g_ps_object.header.info.current_size = size;
+
+ /* Get new file ID */
+ err = ps_object_table_get_free_fid(fid_am_reserved,
+ &g_obj_tbl_info.fid);
+ if (err != PSA_SUCCESS) {
+ goto clear_data_and_return;
+ }
+
+#ifdef PS_ENCRYPTION
+ err = ps_encrypted_object_write(g_obj_tbl_info.fid, &g_ps_object);
+#else
+ wrt_size = PS_OBJECT_SIZE(g_ps_object.header.info.current_size);
+
+ /* Write g_ps_object */
+ err = ps_write_object(wrt_size);
+#endif
+ if (err != PSA_SUCCESS) {
+ goto clear_data_and_return;
+ }
+
+ /* Update the table with the new internal ID and version for the object, and
+ * store it in the persistent area.
+ */
+ err = ps_object_table_set_obj_tbl_info(uid, client_id, &g_obj_tbl_info);
+ if (err != PSA_SUCCESS) {
+ /* Remove new object as object table is not persistent and propagate
+ * object table manipulation error.
+ */
+ (void)psa_its_remove(g_obj_tbl_info.fid);
+
+ goto clear_data_and_return;
+ }
+
+ if (old_fid == PS_INVALID_FID) {
+ /* Delete old object table from the persistent area */
+ err = ps_object_table_delete_old_table();
+ } else {
+ /* Remove old object and delete old object table */
+ err = ps_remove_old_data(old_fid);
+ }
+
+clear_data_and_return:
+ /* Remove data stored in the object before leaving the function */
+ (void)tfm_memset(&g_ps_object, PS_DEFAULT_EMPTY_BUFF_VAL,
+ PS_MAX_OBJECT_SIZE);
+
+ return err;
+}
+
+psa_status_t ps_object_write(psa_storage_uid_t uid, int32_t client_id,
+ uint32_t offset, uint32_t size)
+{
+ psa_status_t err;
+ uint32_t old_fid;
+
+#ifndef PS_ENCRYPTION
+ uint32_t wrt_size;
+#endif
+
+ /* Retrieve the object information from the object table if the object
+ * exists.
+ */
+ err = ps_object_table_get_obj_tbl_info(uid, client_id, &g_obj_tbl_info);
+ if (err != PSA_SUCCESS) {
+ return err;
+ }
+
+ /* Read the object */
+#ifdef PS_ENCRYPTION
+ err = ps_encrypted_object_read(g_obj_tbl_info.fid, &g_ps_object);
+#else
+ err = ps_read_object(READ_ALL_OBJECT);
+#endif
+ if (err != PSA_SUCCESS) {
+ goto clear_data_and_return;
+ }
+
+ /* If the object has the write once flag set, then it cannot be modified. */
+ if (g_ps_object.header.info.create_flags & PSA_STORAGE_FLAG_WRITE_ONCE) {
+ err = PSA_ERROR_NOT_PERMITTED;
+ goto clear_data_and_return;
+ }
+
+ /* Offset must not be larger than the object's current size to prevent gaps
+ * being created in the object data.
+ */
+ if (offset > g_ps_object.header.info.current_size) {
+ err = PSA_ERROR_INVALID_ARGUMENT;
+ goto clear_data_and_return;
+ }
+
+ /* Boundary check the incoming request */
+ err = ps_utils_check_contained_in(g_ps_object.header.info.max_size,
+ offset, size);
+ if (err != PSA_SUCCESS) {
+ goto clear_data_and_return;
+ }
+
+ /* Update the object data */
+ err = ps_req_mngr_read_asset_data(g_ps_object.data + offset, size);
+ if (err != PSA_SUCCESS) {
+ goto clear_data_and_return;
+ }
+
+ /* Update the current object size if necessary */
+ if ((offset + size) > g_ps_object.header.info.current_size) {
+ g_ps_object.header.info.current_size = offset + size;
+ }
+
+ /* Save old file ID */
+ old_fid = g_obj_tbl_info.fid;
+
+ /* Get new file ID */
+ err = ps_object_table_get_free_fid(1, &g_obj_tbl_info.fid);
+ if (err != PSA_SUCCESS) {
+ goto clear_data_and_return;
+ }
+
+#ifdef PS_ENCRYPTION
+ err = ps_encrypted_object_write(g_obj_tbl_info.fid, &g_ps_object);
+#else
+ wrt_size = PS_OBJECT_SIZE(g_ps_object.header.info.current_size);
+
+ /* Write g_ps_object */
+ err = ps_write_object(wrt_size);
+#endif
+ if (err != PSA_SUCCESS) {
+ goto clear_data_and_return;
+ }
+
+ /* Update the table with the new internal ID and version for the object, and
+ * store it in the persistent area.
+ */
+ err = ps_object_table_set_obj_tbl_info(uid, client_id, &g_obj_tbl_info);
+ if (err != PSA_SUCCESS) {
+ /* Remove new object as object table is not persistent and propagate
+ * object table manipulation error.
+ */
+ (void)psa_its_remove(g_obj_tbl_info.fid);
+
+ goto clear_data_and_return;
+ }
+
+ /* Remove old object table and object */
+ err = ps_remove_old_data(old_fid);
+
+clear_data_and_return:
+ /* Remove data stored in the object before leaving the function */
+ (void)tfm_memset(&g_ps_object, PS_DEFAULT_EMPTY_BUFF_VAL,
+ PS_MAX_OBJECT_SIZE);
+
+ return err;
+}
+
+psa_status_t ps_object_get_info(psa_storage_uid_t uid, int32_t client_id,
+ struct psa_storage_info_t *info)
+{
+ psa_status_t err;
+
+ /* Retrieve the object information from the object table if the object
+ * exists.
+ */
+ err = ps_object_table_get_obj_tbl_info(uid, client_id, &g_obj_tbl_info);
+ if (err != PSA_SUCCESS) {
+ return err;
+ }
+
+#ifdef PS_ENCRYPTION
+ err = ps_encrypted_object_read(g_obj_tbl_info.fid, &g_ps_object);
+#else
+ err = ps_read_object(READ_HEADER_ONLY);
+#endif
+ if (err != PSA_SUCCESS) {
+ goto clear_data_and_return;
+ }
+
+ /* Copy PS object info to the PSA PS info struct */
+ info->size = g_ps_object.header.info.current_size;
+ info->flags = g_ps_object.header.info.create_flags;
+
+clear_data_and_return:
+ /* Remove data stored in the object before leaving the function */
+ (void)tfm_memset(&g_ps_object, PS_DEFAULT_EMPTY_BUFF_VAL,
+ PS_MAX_OBJECT_SIZE);
+
+ return err;
+}
+
+psa_status_t ps_object_delete(psa_storage_uid_t uid, int32_t client_id)
+{
+ psa_status_t err;
+
+ /* Retrieve the object information from the object table if the object
+ * exists.
+ */
+ err = ps_object_table_get_obj_tbl_info(uid, client_id, &g_obj_tbl_info);
+ if (err != PSA_SUCCESS) {
+ return err;
+ }
+
+#ifdef PS_ENCRYPTION
+ err = ps_encrypted_object_read(g_obj_tbl_info.fid, &g_ps_object);
+#else
+ err = ps_read_object(READ_HEADER_ONLY);
+#endif
+ if (err != PSA_SUCCESS) {
+ goto clear_data_and_return;
+ }
+
+ /* Check that the write once flag is not set */
+ if (g_ps_object.header.info.create_flags & PSA_STORAGE_FLAG_WRITE_ONCE) {
+ err = PSA_ERROR_NOT_PERMITTED;
+ goto clear_data_and_return;
+ }
+
+ /* Delete object from the table and stores the table in the persistent
+ * area.
+ */
+ err = ps_object_table_delete_object(uid, client_id);
+ if (err != PSA_SUCCESS) {
+ goto clear_data_and_return;
+ }
+
+ /* Remove old object table and file */
+ err = ps_remove_old_data(g_obj_tbl_info.fid);
+
+clear_data_and_return:
+ /* Remove data stored in the object before leaving the function */
+ (void)tfm_memset(&g_ps_object, PS_DEFAULT_EMPTY_BUFF_VAL,
+ PS_MAX_OBJECT_SIZE);
+
+ return err;
+}
+
+psa_status_t ps_system_wipe_all(void)
+{
+ /* This function may get called as a corrective action
+ * if a system level security violation is detected.
+ * This could be asynchronous to normal system operation
+ * and state of the ps system lock is unknown. Hence
+ * this function doesn't block on the lock and directly
+ * moves to erasing the flash instead.
+ */
+ return ps_object_table_create();
+}
diff --git a/secure_fw/partitions/secure_storage/sst_object_system.h b/secure_fw/partitions/protected_storage/ps_object_system.h
similarity index 71%
rename from secure_fw/partitions/secure_storage/sst_object_system.h
rename to secure_fw/partitions/protected_storage/ps_object_system.h
index 75702c3..567b6a3 100644
--- a/secure_fw/partitions/secure_storage/sst_object_system.h
+++ b/secure_fw/partitions/protected_storage/ps_object_system.h
@@ -5,8 +5,8 @@
*
*/
-#ifndef __SST_OBJECT_SYSTEM_H__
-#define __SST_OBJECT_SYSTEM_H__
+#ifndef __PS_OBJECT_SYSTEM_H__
+#define __PS_OBJECT_SYSTEM_H__
#include <stdint.h>
@@ -17,13 +17,13 @@
#endif
/**
- * \brief Prepares the secure storage system for usage, populating internal
+ * \brief Prepares the protected storage system for usage, populating internal
* structures.
* It identifies and validates the system metadata.
*
* \return Returns error code specified in \ref psa_status_t
*/
-psa_status_t sst_system_prepare(void);
+psa_status_t ps_system_prepare(void);
/**
* \brief Creates a new object with the provided UID and client ID.
@@ -35,9 +35,9 @@
*
* \return Returns error code specified in \ref psa_status_t
*/
-psa_status_t sst_object_create(psa_storage_uid_t uid, int32_t client_id,
- psa_storage_create_flags_t create_flags,
- uint32_t size);
+psa_status_t ps_object_create(psa_storage_uid_t uid, int32_t client_id,
+ psa_storage_create_flags_t create_flags,
+ uint32_t size);
/**
* \brief Gets the data of the object with the provided UID and client ID.
@@ -51,9 +51,9 @@
*
* \return Returns error code specified in \ref psa_status_t
*/
-psa_status_t sst_object_read(psa_storage_uid_t uid, int32_t client_id,
- uint32_t offset, uint32_t size,
- size_t *p_data_length);
+psa_status_t ps_object_read(psa_storage_uid_t uid, int32_t client_id,
+ uint32_t offset, uint32_t size,
+ size_t *p_data_length);
/**
* \brief Writes data into the object with the provided UID and client ID.
@@ -65,8 +65,8 @@
*
* \return Returns error code specified in \ref psa_status_t
*/
-psa_status_t sst_object_write(psa_storage_uid_t uid, int32_t client_id,
- uint32_t offset, uint32_t size);
+psa_status_t ps_object_write(psa_storage_uid_t uid, int32_t client_id,
+ uint32_t offset, uint32_t size);
/**
* \brief Deletes the object with the provided UID and client ID.
@@ -76,7 +76,7 @@
*
* \return Returns error code specified in \ref psa_status_t
*/
-psa_status_t sst_object_delete(psa_storage_uid_t uid, int32_t client_id);
+psa_status_t ps_object_delete(psa_storage_uid_t uid, int32_t client_id);
/**
* \brief Gets the asset information for the object with the provided UID and
@@ -89,18 +89,18 @@
*
* \return Returns error code specified in \ref psa_status_t
*/
-psa_status_t sst_object_get_info(psa_storage_uid_t uid, int32_t client_id,
- struct psa_storage_info_t *info);
+psa_status_t ps_object_get_info(psa_storage_uid_t uid, int32_t client_id,
+ struct psa_storage_info_t *info);
/**
- * \brief Wipes the secure storage system and all object data.
+ * \brief Wipes the protected storage system and all object data.
*
* \return Returns error code specified in \ref psa_status_t
*/
-psa_status_t sst_system_wipe_all(void);
+psa_status_t ps_system_wipe_all(void);
#ifdef __cplusplus
}
#endif
-#endif /* __SST_OBJECT_SYSTEM_H__ */
+#endif /* __PS_OBJECT_SYSTEM_H__ */
diff --git a/secure_fw/partitions/protected_storage/ps_object_table.c b/secure_fw/partitions/protected_storage/ps_object_table.c
new file mode 100644
index 0000000..7bad2e3
--- /dev/null
+++ b/secure_fw/partitions/protected_storage/ps_object_table.c
@@ -0,0 +1,1061 @@
+/*
+ * Copyright (c) 2018-2020, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#include "ps_object_table.h"
+
+#include <stddef.h>
+
+#include "cmsis_compiler.h"
+#include "crypto/ps_crypto_interface.h"
+#include "flash_layout.h"
+#include "nv_counters/ps_nv_counters.h"
+#include "psa/internal_trusted_storage.h"
+#include "tfm_memory_utils.h"
+#include "ps_utils.h"
+#include "tfm_ps_defs.h"
+
+/* FIXME: Duplicated from flash info */
+#define PS_FLASH_DEFAULT_VAL 0xFFU
+
+/*!
+ * \def PS_OBJECT_SYSTEM_VERSION
+ *
+ * \brief Current object system version.
+ */
+#define PS_OBJECT_SYSTEM_VERSION 0x01
+
+/*!
+ * \struct ps_obj_table_info_t
+ *
+ * \brief Object table information structure.
+ */
+struct ps_obj_table_entry_t {
+#ifdef PS_ENCRYPTION
+ uint8_t tag[PS_TAG_LEN_BYTES]; /*!< MAC value of AEAD object */
+#else
+ uint32_t version; /*!< File version */
+#endif
+ psa_storage_uid_t uid; /*!< Object UID */
+ int32_t client_id; /*!< Client ID */
+};
+
+/* Specifies number of entries in the table. The number of entries is the
+ * number of assets, defined in asset_defs.h, plus one extra entry to store
+ * a new object when the code processes a change in a file.
+ */
+#define PS_OBJ_TABLE_ENTRIES (PS_NUM_ASSETS + 1)
+
+/*!
+ * \struct ps_obj_table_t
+ *
+ * \brief Object table structure.
+ */
+struct ps_obj_table_t {
+#ifdef PS_ENCRYPTION
+ union ps_crypto_t crypto; /*!< Crypto metadata. */
+#endif
+
+ uint8_t version; /*!< PS object system version. */
+
+#ifndef PS_ROLLBACK_PROTECTION
+ uint8_t swap_count; /*!< Swap counter to distinguish 2 different
+ * object tables.
+ */
+#endif /* PS_ROLLBACK_PROTECTION */
+
+ struct ps_obj_table_entry_t obj_db[PS_OBJ_TABLE_ENTRIES]; /*!< Table's
+ * entries
+ */
+};
+
+/* Object table indexes */
+#define PS_OBJ_TABLE_IDX_0 0
+#define PS_OBJ_TABLE_IDX_1 1
+
+/* Number of object tables (active and scratch) */
+#define PS_NUM_OBJ_TABLES 2
+
+/*!
+ * \def PS_TABLE_FS_ID
+ *
+ * \brief File ID to be used in order to store the object table in the
+ * file system.
+ *
+ * \param[in] idx Table index to convert into a file ID.
+ *
+ * \return Returns file ID
+ *
+ */
+#define PS_TABLE_FS_ID(idx) (idx + 1)
+
+/*!
+ * \def PS_OBJECT_FS_ID
+ *
+ * \brief File ID to be used in order to store an object in the
+ * file system.
+ *
+ * \param[in] idx Object table index to convert into a file ID.
+ *
+ * \return Returns file ID
+ */
+#define PS_OBJECT_FS_ID(idx) ((idx + 1) + \
+ PS_TABLE_FS_ID(PS_OBJ_TABLE_IDX_1))
+
+/*!
+ * \def PS_OBJECT_FS_ID_TO_IDX
+ *
+ * \brief Gets object index in the table based on the file ID.
+ *
+ * \param[in] fid File ID of an object in the object table
+ *
+ * \return Returns object table index
+ */
+#define PS_OBJECT_FS_ID_TO_IDX(fid) ((fid - 1) - \
+ PS_TABLE_FS_ID(PS_OBJ_TABLE_IDX_1))
+
+/*!
+ * \struct ps_obj_table_ctx_t
+ *
+ * \brief Object table context structure.
+ */
+struct ps_obj_table_ctx_t {
+ struct ps_obj_table_t obj_table; /*!< Object tables */
+ uint8_t active_table; /*!< Active object table */
+ uint8_t scratch_table; /*!< Scratch object table */
+};
+
+/* Object table context */
+static struct ps_obj_table_ctx_t ps_obj_table_ctx;
+
+/* Object table size */
+#define PS_OBJ_TABLE_SIZE sizeof(struct ps_obj_table_t)
+
+/* Object table entry size */
+#define PS_OBJECTS_TABLE_ENTRY_SIZE sizeof(struct ps_obj_table_entry_t)
+
+/* Size of the data that is not required to authenticate */
+#define PS_NON_AUTH_OBJ_TABLE_SIZE sizeof(union ps_crypto_t)
+
+/* Start position to store the object table data in the FS object */
+#define PS_OBJECT_TABLE_OBJECT_OFFSET 0
+
+/* The associated data is the header minus the crypto data */
+#define PS_CRYPTO_ASSOCIATED_DATA(crypto) ((uint8_t *)crypto + \
+ PS_NON_AUTH_OBJ_TABLE_SIZE)
+
+#ifdef PS_ROLLBACK_PROTECTION
+#define PS_OBJ_TABLE_AUTH_DATA_SIZE (PS_OBJ_TABLE_SIZE - \
+ PS_NON_AUTH_OBJ_TABLE_SIZE)
+
+struct ps_crypto_assoc_data_t {
+ uint8_t obj_table_data[PS_OBJ_TABLE_AUTH_DATA_SIZE];
+ uint32_t nv_counter;
+};
+
+#define PS_CRYPTO_ASSOCIATED_DATA_LEN sizeof(struct ps_crypto_assoc_data_t)
+
+#else
+
+/* The associated data is the header, minus the the tag data */
+#define PS_CRYPTO_ASSOCIATED_DATA_LEN (PS_OBJ_TABLE_SIZE - \
+ PS_NON_AUTH_OBJ_TABLE_SIZE)
+#endif /* PS_ROLLBACK_PROTECTION */
+
+/* The ps_object_table_init function uses the static memory allocated for
+ * the object data manipulation, in ps_object_table.c (g_ps_object), to load a
+ * temporary object table to be validated at that stage.
+ * To make sure the object table data fits in the static memory allocated for
+ * object manipulation, the following macro checks if the memory allocated is
+ * big enough, at compile time
+ */
+
+/* Check at compilation time if metadata fits in g_ps_object.data */
+PS_UTILS_BOUND_CHECK(OBJ_TABLE_NOT_FIT_IN_STATIC_OBJ_DATA_BUF,
+ PS_OBJ_TABLE_SIZE, PS_MAX_ASSET_SIZE);
+
+enum ps_obj_table_state {
+ PS_OBJ_TABLE_VALID = 0, /*!< Table content is valid */
+ PS_OBJ_TABLE_INVALID, /*!< Table content is invalid */
+ PS_OBJ_TABLE_NVC_1_VALID, /*!< Table content valid with NVC 1 value */
+ PS_OBJ_TABLE_NVC_3_VALID, /*!< Table content valid with NVC 3 value */
+};
+
+/* Specifies that PS NV counter value is invalid */
+#define PS_INVALID_NVC_VALUE 0
+
+/*!
+ * \struct ps_obj_table_ctx_t
+ *
+ * \brief Object table init context structure.
+ */
+struct ps_obj_table_init_ctx_t {
+ struct ps_obj_table_t *p_table[PS_NUM_OBJ_TABLES]; /*!< Pointers to
+ * object tables
+ */
+ enum ps_obj_table_state table_state[PS_NUM_OBJ_TABLES]; /*!< Array to
+ * indicate if
+ * the object
+ * table X is
+ * valid
+ */
+#ifdef PS_ROLLBACK_PROTECTION
+ uint32_t nvc_1; /*!< Non-volatile counter value 1 */
+ uint32_t nvc_3; /*!< Non-volatile counter value 3 */
+#endif /* PS_ROLLBACK_PROTECTION */
+};
+
+/**
+ * \brief Reads object table from persistent memory.
+ *
+ * \param[out] init_ctx Pointer to the init object table context
+ *
+ */
+__attribute__ ((always_inline))
+__STATIC_INLINE void ps_object_table_fs_read_table(
+ struct ps_obj_table_init_ctx_t *init_ctx)
+{
+ psa_status_t err;
+ size_t data_length;
+
+ /* Read file with the table 0 data */
+
+ err = psa_its_get(PS_TABLE_FS_ID(PS_OBJ_TABLE_IDX_0),
+ PS_OBJECT_TABLE_OBJECT_OFFSET,
+ PS_OBJ_TABLE_SIZE,
+ (void *)init_ctx->p_table[PS_OBJ_TABLE_IDX_0],
+ &data_length);
+ if (err != PSA_SUCCESS) {
+ init_ctx->table_state[PS_OBJ_TABLE_IDX_0] = PS_OBJ_TABLE_INVALID;
+ }
+
+ /* Read file with the table 1 data */
+ err = psa_its_get(PS_TABLE_FS_ID(PS_OBJ_TABLE_IDX_1),
+ PS_OBJECT_TABLE_OBJECT_OFFSET,
+ PS_OBJ_TABLE_SIZE,
+ (void *)init_ctx->p_table[PS_OBJ_TABLE_IDX_1],
+ &data_length);
+ if (err != PSA_SUCCESS) {
+ init_ctx->table_state[PS_OBJ_TABLE_IDX_1] = PS_OBJ_TABLE_INVALID;
+ }
+}
+
+/**
+ * \brief Writes object table in persistent memory.
+ *
+ * \param[in,out] obj_table Pointer to the object table to generate
+ * authentication
+ *
+ * \return Returns error code as specified in \ref psa_status_t
+ */
+__attribute__ ((always_inline))
+__STATIC_INLINE psa_status_t ps_object_table_fs_write_table(
+ struct ps_obj_table_t *obj_table)
+{
+ psa_status_t err;
+ uint32_t obj_table_id = PS_TABLE_FS_ID(ps_obj_table_ctx.scratch_table);
+ uint8_t swap_table_idxs = ps_obj_table_ctx.scratch_table;
+
+ /* Create file to store object table in the FS */
+ err = psa_its_set(obj_table_id,
+ PS_OBJ_TABLE_SIZE,
+ (const void *)obj_table,
+ PSA_STORAGE_FLAG_NONE);
+
+ if (err != PSA_SUCCESS) {
+ return err;
+ }
+
+ /* Swap active and scratch table values */
+ ps_obj_table_ctx.scratch_table = ps_obj_table_ctx.active_table;
+ ps_obj_table_ctx.active_table = swap_table_idxs;
+
+ return PSA_SUCCESS;
+}
+
+#ifdef PS_ENCRYPTION
+#ifdef PS_ROLLBACK_PROTECTION
+/**
+ * \brief Aligns all PS non-volatile counters.
+ *
+ * \param[in] nvc_1 Value of PS non-volatile counter 1
+ *
+ * \return Returns error code as specified in \ref psa_status_t
+ */
+static psa_status_t ps_object_table_align_nv_counters(uint32_t nvc_1)
+{
+ psa_status_t err;
+ uint32_t nvc_x_val = 0;
+
+ /* Align PS NVC 2 with NVC 1 */
+ err = ps_read_nv_counter(TFM_PS_NV_COUNTER_2, &nvc_x_val);
+ if (err != PSA_SUCCESS) {
+ return PSA_ERROR_GENERIC_ERROR;
+ }
+
+ for (; nvc_x_val < nvc_1; nvc_x_val++) {
+ err = ps_increment_nv_counter(TFM_PS_NV_COUNTER_2);
+ if (err != PSA_SUCCESS) {
+ return err;
+ }
+ }
+
+ /* Align PS NVC 3 with NVC 1 */
+ err = ps_read_nv_counter(TFM_PS_NV_COUNTER_3, &nvc_x_val);
+ if (err != PSA_SUCCESS) {
+ return PSA_ERROR_GENERIC_ERROR;
+ }
+
+ for (; nvc_x_val < nvc_1; nvc_x_val++) {
+ err = ps_increment_nv_counter(TFM_PS_NV_COUNTER_3);
+ if (err != PSA_SUCCESS) {
+ return err;
+ }
+ }
+
+ return PSA_SUCCESS;
+}
+
+/**
+ * \brief Generates table authentication tag.
+ *
+ * \param[in] nvc_1 Value of PS non-volatile counter 1
+ * \param[in,out] obj_table Pointer to the object table to generate
+ * authentication
+ *
+ * \return Returns error code as specified in \ref psa_status_t
+ */
+__attribute__ ((always_inline))
+__STATIC_INLINE psa_status_t ps_object_table_nvc_generate_auth_tag(
+ uint32_t nvc_1,
+ struct ps_obj_table_t *obj_table)
+{
+ struct ps_crypto_assoc_data_t assoc_data;
+ union ps_crypto_t *crypto = &obj_table->crypto;
+
+ /* Get new IV */
+ ps_crypto_get_iv(crypto);
+
+ assoc_data.nv_counter = nvc_1;
+ (void)tfm_memcpy(assoc_data.obj_table_data,
+ PS_CRYPTO_ASSOCIATED_DATA(crypto),
+ PS_OBJ_TABLE_AUTH_DATA_SIZE);
+
+ return ps_crypto_generate_auth_tag(crypto, (const uint8_t *)&assoc_data,
+ PS_CRYPTO_ASSOCIATED_DATA_LEN);
+}
+
+/**
+ * \brief Authenticates table of objects.
+ *
+ * \param[in] table_idx Table index in the init context
+ * \param[in,out] init_ctx Pointer to the object table to authenticate
+ *
+ */
+static void ps_object_table_authenticate(uint8_t table_idx,
+ struct ps_obj_table_init_ctx_t *init_ctx)
+{
+ struct ps_crypto_assoc_data_t assoc_data;
+ union ps_crypto_t *crypto = &init_ctx->p_table[table_idx]->crypto;
+ psa_status_t err;
+
+ /* Init associated data with NVC 1 */
+ assoc_data.nv_counter = init_ctx->nvc_1;
+ (void)tfm_memcpy(assoc_data.obj_table_data,
+ PS_CRYPTO_ASSOCIATED_DATA(crypto),
+ PS_OBJ_TABLE_AUTH_DATA_SIZE);
+
+ err = ps_crypto_authenticate(crypto, (const uint8_t *)&assoc_data,
+ PS_CRYPTO_ASSOCIATED_DATA_LEN);
+ if (err == PSA_SUCCESS) {
+ init_ctx->table_state[table_idx] = PS_OBJ_TABLE_NVC_1_VALID;
+ return;
+ }
+
+ if (init_ctx->nvc_3 == PS_INVALID_NVC_VALUE) {
+ init_ctx->table_state[table_idx] = PS_OBJ_TABLE_INVALID;
+ return;
+ }
+
+ /* Check with NVC 3 */
+ assoc_data.nv_counter = init_ctx->nvc_3;
+
+ err = ps_crypto_authenticate(crypto, (const uint8_t *)&assoc_data,
+ PS_CRYPTO_ASSOCIATED_DATA_LEN);
+ if (err != PSA_SUCCESS) {
+ init_ctx->table_state[table_idx] = PS_OBJ_TABLE_INVALID;
+ } else {
+ init_ctx->table_state[table_idx] = PS_OBJ_TABLE_NVC_3_VALID;
+ }
+}
+
+/**
+ * \brief Authenticates tables of objects.
+ *
+ * \param[in,out] init_ctx Pointer to the object table to authenticate
+ *
+ * \return Returns error code as specified in \ref psa_status_t
+ */
+__attribute__ ((always_inline))
+__STATIC_INLINE psa_status_t ps_object_table_nvc_authenticate(
+ struct ps_obj_table_init_ctx_t *init_ctx)
+{
+ psa_status_t err;
+ uint32_t nvc_2;
+
+ err = ps_read_nv_counter(TFM_PS_NV_COUNTER_1, &init_ctx->nvc_1);
+ if (err != PSA_SUCCESS) {
+ return err;
+ }
+
+ err = ps_read_nv_counter(TFM_PS_NV_COUNTER_2, &nvc_2);
+ if (err != PSA_SUCCESS) {
+ return err;
+ }
+
+ err = ps_read_nv_counter(TFM_PS_NV_COUNTER_3, &init_ctx->nvc_3);
+ if (err != PSA_SUCCESS) {
+ return err;
+ }
+
+ /* Check if NVC 3 value can be used to validate an object table */
+ if (init_ctx->nvc_3 != nvc_2) {
+ /* If NVC 3 is different from NVC 2, it is possible to load an old PS
+ * area image in the system by manipulating the FS to return a system
+ * error from the file system layer and triggering power fault before
+ * increasing the NVC 3. So, in that case, NVC 3 value cannot be used to
+ * validate an old object table at the init process.
+ */
+ init_ctx->nvc_3 = PS_INVALID_NVC_VALUE;
+ }
+
+ /* Authenticate table 0 if data is valid */
+ if (init_ctx->table_state[PS_OBJ_TABLE_IDX_0] != PS_OBJ_TABLE_INVALID) {
+ ps_object_table_authenticate(PS_OBJ_TABLE_IDX_0, init_ctx);
+ }
+
+ /* Authenticate table 1 if data is valid */
+ if (init_ctx->table_state[PS_OBJ_TABLE_IDX_1] != PS_OBJ_TABLE_INVALID) {
+ ps_object_table_authenticate(PS_OBJ_TABLE_IDX_1, init_ctx);
+ }
+
+ return PSA_SUCCESS;
+}
+#else /* PS_ROLLBACK_PROTECTION */
+
+/**
+ * \brief Generates table authentication
+ *
+ * \param[in,out] obj_table Pointer to the object table to generate
+ * authentication
+ *
+ * \return Returns error code as specified in \ref psa_status_t
+ */
+__attribute__ ((always_inline))
+__STATIC_INLINE psa_status_t ps_object_table_generate_auth_tag(
+ struct ps_obj_table_t *obj_table)
+{
+ union ps_crypto_t *crypto = &obj_table->crypto;
+
+ /* Get new IV */
+ ps_crypto_get_iv(crypto);
+
+ return ps_crypto_generate_auth_tag(crypto,
+ PS_CRYPTO_ASSOCIATED_DATA(crypto),
+ PS_CRYPTO_ASSOCIATED_DATA_LEN);
+}
+
+/**
+ * \brief Authenticates tables of objects.
+ *
+ * \param[in,out] init_ctx Pointer to the object table to authenticate
+ *
+ */
+__attribute__ ((always_inline))
+__STATIC_INLINE void ps_object_table_authenticate_ctx_tables(
+ struct ps_obj_table_init_ctx_t *init_ctx)
+{
+ psa_status_t err;
+ union ps_crypto_t *crypto =
+ &init_ctx->p_table[PS_OBJ_TABLE_IDX_0]->crypto;
+
+ /* Authenticate table 0 if data is valid */
+ if (init_ctx->table_state[PS_OBJ_TABLE_IDX_0] != PS_OBJ_TABLE_INVALID) {
+ err = ps_crypto_authenticate(crypto,
+ PS_CRYPTO_ASSOCIATED_DATA(crypto),
+ PS_CRYPTO_ASSOCIATED_DATA_LEN);
+ if (err != PSA_SUCCESS) {
+ init_ctx->table_state[PS_OBJ_TABLE_IDX_0] = PS_OBJ_TABLE_INVALID;
+ }
+ }
+
+ /* Authenticate table 1 if data is valid */
+ if (init_ctx->table_state[PS_OBJ_TABLE_IDX_1] != PS_OBJ_TABLE_INVALID) {
+ crypto = &init_ctx->p_table[PS_OBJ_TABLE_IDX_1]->crypto;
+
+ err = ps_crypto_authenticate(crypto,
+ PS_CRYPTO_ASSOCIATED_DATA(crypto),
+ PS_CRYPTO_ASSOCIATED_DATA_LEN);
+ if (err != PSA_SUCCESS) {
+ init_ctx->table_state[PS_OBJ_TABLE_IDX_1] = PS_OBJ_TABLE_INVALID;
+ }
+ }
+}
+#endif /* PS_ROLLBACK_PROTECTION */
+#endif /* PS_ENCRYPTION */
+
+/**
+ * \brief Saves object table in the persistent memory.
+ *
+ * \param[in,out] obj_table Pointer to the object table to save
+ *
+ * \return Returns error code as specified in \ref psa_status_t
+ */
+static psa_status_t ps_object_table_save_table(
+ struct ps_obj_table_t *obj_table)
+{
+ psa_status_t err;
+
+#ifdef PS_ROLLBACK_PROTECTION
+ uint32_t nvc_1 = 0;
+
+ err = ps_increment_nv_counter(TFM_PS_NV_COUNTER_1);
+ if (err != PSA_SUCCESS) {
+ return err;
+ }
+
+ err = ps_read_nv_counter(TFM_PS_NV_COUNTER_1, &nvc_1);
+ if (err != PSA_SUCCESS) {
+ return err;
+ }
+#else
+ obj_table->swap_count++;
+
+ if (obj_table->swap_count == PS_FLASH_DEFAULT_VAL) {
+ /* When a flash block is erased, the default value is usually 0xFF
+ * (i.e. all 1s). Since the swap count is updated last (when encryption
+ * is disabled), it is possible that due to a power failure, the swap
+ * count value in metadata header is 0xFFFF..., which mean it will
+ * appear to be most recent block.
+ */
+ obj_table->swap_count = 0;
+ }
+#endif /* PS_ROLLBACK_PROTECTION */
+
+#ifdef PS_ENCRYPTION
+ /* Set object table key */
+ err = ps_crypto_setkey();
+ if (err != PSA_SUCCESS) {
+ return err;
+ }
+
+#ifdef PS_ROLLBACK_PROTECTION
+ /* Generate authentication tag from the current table content and PS
+ * NV counter 1.
+ */
+ err = ps_object_table_nvc_generate_auth_tag(nvc_1, obj_table);
+#else
+ /* Generate authentication tag from the current table content */
+ err = ps_object_table_generate_auth_tag(obj_table);
+#endif /* PS_ROLLBACK_PROTECTION */
+
+ if (err != PSA_SUCCESS) {
+ (void)ps_crypto_destroykey();
+ return err;
+ }
+
+ err = ps_crypto_destroykey();
+ if (err != PSA_SUCCESS) {
+ return err;
+ }
+#endif /* PS_ENCRYPTION */
+
+ err = ps_object_table_fs_write_table(obj_table);
+
+#ifdef PS_ROLLBACK_PROTECTION
+ if (err != PSA_SUCCESS) {
+ return err;
+ }
+
+ /* Align PS NV counters to have the same value */
+ err = ps_object_table_align_nv_counters(nvc_1);
+#endif /* PS_ROLLBACK_PROTECTION */
+
+ return err;
+}
+
+/**
+ * \brief Checks the validity of the table version.
+ *
+ * \param[in,out] init_ctx Pointer to the init object table context
+ *
+ */
+__attribute__ ((always_inline))
+__STATIC_INLINE void ps_object_table_validate_version(
+ struct ps_obj_table_init_ctx_t *init_ctx)
+{
+ /* Looks for exact version number.
+ * FIXME: backward compatibility could be considered in future revisions.
+ */
+ if (PS_OBJECT_SYSTEM_VERSION !=
+ init_ctx->p_table[PS_OBJ_TABLE_IDX_0]->version) {
+ init_ctx->table_state[PS_OBJ_TABLE_IDX_0] = PS_OBJ_TABLE_INVALID;
+ }
+
+ if (PS_OBJECT_SYSTEM_VERSION !=
+ init_ctx->p_table[PS_OBJ_TABLE_IDX_1]->version) {
+ init_ctx->table_state[PS_OBJ_TABLE_IDX_1] = PS_OBJ_TABLE_INVALID;
+ }
+}
+
+/**
+ * \brief Sets the active object table based on the swap count and validity of
+ * the object table data.
+ *
+ * \param[in] init_ctx Pointer to the init object table context
+ *
+ * \return Returns error code as specified in \ref psa_status_t
+ */
+static psa_status_t ps_set_active_object_table(
+ const struct ps_obj_table_init_ctx_t *init_ctx)
+{
+#ifndef PS_ROLLBACK_PROTECTION
+ uint8_t table0_swap_count =
+ init_ctx->p_table[PS_OBJ_TABLE_IDX_0]->swap_count;
+ uint8_t table1_swap_count =
+ init_ctx->p_table[PS_OBJ_TABLE_IDX_1]->swap_count;
+#endif
+
+ /* Check if there is an invalid object table */
+ if ((init_ctx->table_state[PS_OBJ_TABLE_IDX_0] == PS_OBJ_TABLE_INVALID)
+ && (init_ctx->table_state[PS_OBJ_TABLE_IDX_1] ==
+ PS_OBJ_TABLE_INVALID)) {
+ /* Both tables are invalid */
+ return PSA_ERROR_GENERIC_ERROR;
+ } else if (init_ctx->table_state[PS_OBJ_TABLE_IDX_0] ==
+ PS_OBJ_TABLE_INVALID) {
+ /* Table 0 is invalid, the active one is table 1 */
+ ps_obj_table_ctx.active_table = PS_OBJ_TABLE_IDX_1;
+ ps_obj_table_ctx.scratch_table = PS_OBJ_TABLE_IDX_0;
+
+ /* As table 1 is the active object, load the content into the
+ * PS object table context.
+ */
+ (void)tfm_memcpy(&ps_obj_table_ctx.obj_table,
+ init_ctx->p_table[PS_OBJ_TABLE_IDX_1],
+ PS_OBJ_TABLE_SIZE);
+
+ return PSA_SUCCESS;
+ } else if (init_ctx->table_state[PS_OBJ_TABLE_IDX_1] ==
+ PS_OBJ_TABLE_INVALID) {
+ /* Table 1 is invalid, the active one is table 0 */
+ ps_obj_table_ctx.active_table = PS_OBJ_TABLE_IDX_0;
+ ps_obj_table_ctx.scratch_table = PS_OBJ_TABLE_IDX_1;
+
+ /* As table 0 is already in the PS object table context, it is not
+ * needed to copy the table in the context.
+ */
+
+ return PSA_SUCCESS;
+ }
+
+#ifdef PS_ROLLBACK_PROTECTION
+ if (init_ctx->table_state[PS_OBJ_TABLE_IDX_1] ==
+ PS_OBJ_TABLE_NVC_1_VALID) {
+ /* Table 0 is invalid, the active one is table 1 */
+ ps_obj_table_ctx.active_table = PS_OBJ_TABLE_IDX_1;
+ ps_obj_table_ctx.scratch_table = PS_OBJ_TABLE_IDX_0;
+ } else {
+ /* In case both tables are valid or table 0 is valid, table 0 is the
+ * valid on as it is already in the PS object table context.
+ */
+ ps_obj_table_ctx.active_table = PS_OBJ_TABLE_IDX_0;
+ ps_obj_table_ctx.scratch_table = PS_OBJ_TABLE_IDX_1;
+ }
+#else
+ /* Logic: if the swap count is 0, then it has rolled over. The object table
+ * with a swap count of 0 is the latest one, unless the other block has a
+ * swap count of 1, in which case the roll over occurred in the previous
+ * update. In all other cases, the table with the highest swap count is the
+ * latest one.
+ */
+ if ((table1_swap_count == 0) && (table0_swap_count != 1)) {
+ /* Table 1 swap count has rolled over and table 0 swap count has not,
+ * so table 1 is the latest.
+ */
+ ps_obj_table_ctx.active_table = PS_OBJ_TABLE_IDX_1;
+ ps_obj_table_ctx.scratch_table = PS_OBJ_TABLE_IDX_0;
+
+ } else if ((table0_swap_count == 0) && (table1_swap_count != 1)) {
+ /* Table 0 swap count has rolled over and table 1 swap count has not,
+ * so table 0 is the latest.
+ */
+ ps_obj_table_ctx.active_table = PS_OBJ_TABLE_IDX_0;
+ ps_obj_table_ctx.scratch_table = PS_OBJ_TABLE_IDX_1;
+
+ } else if (table1_swap_count > table0_swap_count) {
+ /* Neither swap count has just rolled over and table 1 has a
+ * higher swap count, so table 1 is the latest.
+ */
+ ps_obj_table_ctx.active_table = PS_OBJ_TABLE_IDX_1;
+ ps_obj_table_ctx.scratch_table = PS_OBJ_TABLE_IDX_0;
+
+ } else {
+ /* Neither swap count has just rolled over and table 0 has a
+ * higher or equal swap count, so table 0 is the latest.
+ */
+ ps_obj_table_ctx.active_table = PS_OBJ_TABLE_IDX_0;
+ ps_obj_table_ctx.scratch_table = PS_OBJ_TABLE_IDX_1;
+ }
+#endif /* PS_ROLLBACK_PROTECTION */
+
+ /* If active object table is table 1, then copy the content into the
+ * PS object table context.
+ */
+ if (ps_obj_table_ctx.active_table == PS_OBJ_TABLE_IDX_1) {
+ (void)tfm_memcpy(&ps_obj_table_ctx.obj_table,
+ init_ctx->p_table[PS_OBJ_TABLE_IDX_1],
+ PS_OBJ_TABLE_SIZE);
+ }
+
+ return PSA_SUCCESS;
+}
+
+/**
+ * \brief Gets table's entry index based on the given object UID and client ID.
+ *
+ * \param[in] uid Object UID
+ * \param[in] client_id Client UID
+ * \param[out] idx Pointer to store the entry's index
+ *
+ * \return Returns PSA_SUCCESS and index of the table, if object exists
+ * in the table. Otherwise, it returns PSA_ERROR_DOES_NOT_EXIST.
+ */
+static psa_status_t ps_get_object_entry_idx(psa_storage_uid_t uid,
+ int32_t client_id,
+ uint32_t *idx)
+{
+ uint32_t i;
+ struct ps_obj_table_t *p_table = &ps_obj_table_ctx.obj_table;
+
+ for (i = 0; i < PS_OBJ_TABLE_ENTRIES; i++) {
+ if (p_table->obj_db[i].uid == uid
+ && p_table->obj_db[i].client_id == client_id) {
+ *idx = i;
+ return PSA_SUCCESS;
+ }
+ }
+
+ return PSA_ERROR_DOES_NOT_EXIST;
+}
+
+/**
+ * \brief Gets free index in the table
+ *
+ * \param[in] idx_num The number of indices required to be free before one can
+ * be allocated. Primarily used to prevent index
+ * exhaustion.Note that this function will only ever return
+ * 1 index.
+ * \param[out] idx Pointer to store the free index
+ *
+ * \note The table is dimensioned to fit PS_NUM_ASSETS + 1
+ *
+ * \return Returns PSA_SUCCESS and a table index if idx_num free indices are
+ * available. Otherwise, it returns PSA_ERROR_INSUFFICIENT_STORAGE.
+ */
+__attribute__ ((always_inline))
+__STATIC_INLINE psa_status_t ps_table_free_idx(uint32_t idx_num,
+ uint32_t *idx)
+{
+ uint32_t i;
+ uint32_t last_free = 0;
+ struct ps_obj_table_t *p_table = &ps_obj_table_ctx.obj_table;
+
+ if (idx_num == 0) {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
+
+ for (i = 0; i < PS_OBJ_TABLE_ENTRIES && idx_num > 0; i++) {
+ if (p_table->obj_db[i].uid == TFM_PS_INVALID_UID) {
+ last_free = i;
+ idx_num--;
+ }
+ }
+
+ if (idx_num != 0) {
+ return PSA_ERROR_INSUFFICIENT_STORAGE;
+ } else {
+ *idx = last_free;
+ return PSA_SUCCESS;
+ }
+}
+
+/**
+ * \brief Deletes an entry from the table
+ *
+ * \param[in] idx Entry index to delete
+ *
+ */
+static void ps_table_delete_entry(uint32_t idx)
+{
+ /* Initialise object table entry structure */
+ (void)tfm_memset(&ps_obj_table_ctx.obj_table.obj_db[idx],
+ PS_DEFAULT_EMPTY_BUFF_VAL, PS_OBJECTS_TABLE_ENTRY_SIZE);
+}
+
+psa_status_t ps_object_table_create(void)
+{
+ struct ps_obj_table_t *p_table = &ps_obj_table_ctx.obj_table;
+
+ /* Initialize object structure */
+ (void)tfm_memset(&ps_obj_table_ctx, PS_DEFAULT_EMPTY_BUFF_VAL,
+ sizeof(struct ps_obj_table_ctx_t));
+
+ /* Invert the other in the context as ps_object_table_save_table will
+ * use the scratch index to create and store the current table.
+ */
+ ps_obj_table_ctx.active_table = PS_OBJ_TABLE_IDX_1;
+ ps_obj_table_ctx.scratch_table = PS_OBJ_TABLE_IDX_0;
+
+ p_table->version = PS_OBJECT_SYSTEM_VERSION;
+
+ /* Save object table contents */
+ return ps_object_table_save_table(p_table);
+}
+
+psa_status_t ps_object_table_init(uint8_t *obj_data)
+{
+ psa_status_t err;
+ struct ps_obj_table_init_ctx_t init_ctx = {
+ .p_table = {&ps_obj_table_ctx.obj_table, NULL},
+ .table_state = {PS_OBJ_TABLE_VALID, PS_OBJ_TABLE_VALID},
+#ifdef PS_ROLLBACK_PROTECTION
+ .nvc_1 = 0U,
+ .nvc_3 = 0U,
+#endif /* PS_ROLLBACK_PROTECTION */
+ };
+
+ init_ctx.p_table[PS_OBJ_TABLE_IDX_1] = (struct ps_obj_table_t *)obj_data;
+
+ /* Read table from the file system */
+ ps_object_table_fs_read_table(&init_ctx);
+
+#ifdef PS_ENCRYPTION
+ /* Set object table key */
+ err = ps_crypto_setkey();
+ if (err != PSA_SUCCESS) {
+ return err;
+ }
+
+#ifdef PS_ROLLBACK_PROTECTION
+ /* Authenticate table */
+ err = ps_object_table_nvc_authenticate(&init_ctx);
+ if (err != PSA_SUCCESS) {
+ (void)ps_crypto_destroykey();
+ return err;
+ }
+#else
+ ps_object_table_authenticate_ctx_tables(&init_ctx);
+#endif /* PS_ROLLBACK_PROTECTION */
+
+ err = ps_crypto_destroykey();
+ if (err != PSA_SUCCESS) {
+ return err;
+ }
+#endif /* PS_ENCRYPTION */
+
+ /* Check tables version */
+ ps_object_table_validate_version(&init_ctx);
+
+ /* Set active tables */
+ err = ps_set_active_object_table(&init_ctx);
+ if (err != PSA_SUCCESS) {
+ return err;
+ }
+
+ /* Remove the old object table file */
+ err = psa_its_remove(PS_TABLE_FS_ID(ps_obj_table_ctx.scratch_table));
+ if (err != PSA_SUCCESS && err != PSA_ERROR_DOES_NOT_EXIST) {
+ return err;
+ }
+
+#ifdef PS_ROLLBACK_PROTECTION
+ /* Align PS NV counters */
+ err = ps_object_table_align_nv_counters(init_ctx.nvc_1);
+ if (err != PSA_SUCCESS) {
+ return err;
+ }
+#endif /* PS_ROLLBACK_PROTECTION */
+
+#ifdef PS_ENCRYPTION
+ ps_crypto_set_iv(&ps_obj_table_ctx.obj_table.crypto);
+#endif
+
+ return PSA_SUCCESS;
+}
+
+psa_status_t ps_object_table_obj_exist(psa_storage_uid_t uid,
+ int32_t client_id)
+{
+ uint32_t idx = 0;
+
+ return ps_get_object_entry_idx(uid, client_id, &idx);
+}
+
+psa_status_t ps_object_table_get_free_fid(uint32_t fid_num,
+ uint32_t *p_fid)
+{
+ psa_status_t err;
+ uint32_t fid;
+ uint32_t idx;
+
+ err = ps_table_free_idx(fid_num, &idx);
+ if (err != PSA_SUCCESS) {
+ return err;
+ }
+
+ /* There first two file IDs are reserved for the active table
+ * and scratch table files.
+ */
+ fid = PS_OBJECT_FS_ID(idx);
+
+ /* If there is a file in the persistent area with that ID then remove it.
+ * That can happen when the system is rebooted (e.g. power cut, ...) in the
+ * middle of a create, write or delete operation.
+ */
+ err = psa_its_remove(fid);
+ if (err != PSA_SUCCESS && err != PSA_ERROR_DOES_NOT_EXIST) {
+ return err;
+ }
+
+ *p_fid = fid;
+
+ return PSA_SUCCESS;
+}
+
+psa_status_t ps_object_table_set_obj_tbl_info(psa_storage_uid_t uid,
+ int32_t client_id,
+ const struct ps_obj_table_info_t *obj_tbl_info)
+{
+ psa_status_t err;
+ uint32_t idx = 0;
+ uint32_t backup_idx = 0;
+ struct ps_obj_table_entry_t backup_entry = {
+#ifdef PS_ENCRYPTION
+ .tag = {0U},
+#else
+ .version = 0U,
+#endif /* PS_ENCRYPTION */
+ .uid = TFM_PS_INVALID_UID,
+ .client_id = 0,
+ };
+ struct ps_obj_table_t *p_table = &ps_obj_table_ctx.obj_table;
+
+ err = ps_get_object_entry_idx(uid, client_id, &backup_idx);
+ if (err == PSA_SUCCESS) {
+ /* If an entry exists for this UID, it creates a backup copy in case
+ * an error happens while updating the new table in the filesystem.
+ */
+ (void)tfm_memcpy(&backup_entry, &p_table->obj_db[backup_idx],
+ PS_OBJECTS_TABLE_ENTRY_SIZE);
+
+ /* Deletes old object information if it exist in the table */
+ ps_table_delete_entry(backup_idx);
+ }
+
+ idx = PS_OBJECT_FS_ID_TO_IDX(obj_tbl_info->fid);
+ p_table->obj_db[idx].uid = uid;
+ p_table->obj_db[idx].client_id = client_id;
+
+ /* Add new object information */
+#ifdef PS_ENCRYPTION
+ (void)tfm_memcpy(p_table->obj_db[idx].tag, obj_tbl_info->tag,
+ PS_TAG_LEN_BYTES);
+#else
+ p_table->obj_db[idx].version = obj_tbl_info->version;
+#endif
+
+ err = ps_object_table_save_table(p_table);
+ if (err != PSA_SUCCESS) {
+ if (backup_entry.uid != TFM_PS_INVALID_UID) {
+ /* Rollback the change in the table */
+ (void)tfm_memcpy(&p_table->obj_db[backup_idx], &backup_entry,
+ PS_OBJECTS_TABLE_ENTRY_SIZE);
+ }
+
+ ps_table_delete_entry(idx);
+ }
+
+ return err;
+}
+
+psa_status_t ps_object_table_get_obj_tbl_info(psa_storage_uid_t uid,
+ int32_t client_id,
+ struct ps_obj_table_info_t *obj_tbl_info)
+{
+ psa_status_t err;
+ uint32_t idx;
+ struct ps_obj_table_t *p_table = &ps_obj_table_ctx.obj_table;
+
+ err = ps_get_object_entry_idx(uid, client_id, &idx);
+ if (err != PSA_SUCCESS) {
+ return err;
+ }
+
+ obj_tbl_info->fid = PS_OBJECT_FS_ID(idx);
+
+#ifdef PS_ENCRYPTION
+ (void)tfm_memcpy(obj_tbl_info->tag, p_table->obj_db[idx].tag,
+ PS_TAG_LEN_BYTES);
+#else
+ obj_tbl_info->version = p_table->obj_db[idx].version;
+#endif
+
+ return PSA_SUCCESS;
+}
+
+psa_status_t ps_object_table_delete_object(psa_storage_uid_t uid,
+ int32_t client_id)
+{
+ uint32_t backup_idx = 0;
+ struct ps_obj_table_entry_t backup_entry;
+ psa_status_t err;
+ struct ps_obj_table_t *p_table = &ps_obj_table_ctx.obj_table;
+
+ /* Create a backup copy in case an error happens while updating the new
+ * table in the filesystem.
+ */
+ err = ps_get_object_entry_idx(uid, client_id, &backup_idx);
+ if (err != PSA_SUCCESS) {
+ /* If the object is not present in the table, it returns an error
+ * to not generate a new file where the table content is the same.
+ * Otherwise, that could be used by an attacker to get the encryption
+ * key.
+ */
+ return err;
+ }
+
+ (void)tfm_memcpy(&backup_entry, &p_table->obj_db[backup_idx],
+ PS_OBJECTS_TABLE_ENTRY_SIZE);
+
+ ps_table_delete_entry(backup_idx);
+
+ err = ps_object_table_save_table(p_table);
+ if (err != PSA_SUCCESS) {
+ /* Rollback the change in the table */
+ (void)tfm_memcpy(&p_table->obj_db[backup_idx], &backup_entry,
+ PS_OBJECTS_TABLE_ENTRY_SIZE);
+ }
+
+ return err;
+}
+
+psa_status_t ps_object_table_delete_old_table(void)
+{
+ uint32_t table_id = PS_TABLE_FS_ID(ps_obj_table_ctx.scratch_table);
+
+ return psa_its_remove(table_id);
+}
diff --git a/secure_fw/partitions/secure_storage/sst_object_table.h b/secure_fw/partitions/protected_storage/ps_object_table.h
similarity index 74%
rename from secure_fw/partitions/secure_storage/sst_object_table.h
rename to secure_fw/partitions/protected_storage/ps_object_table.h
index 7d5a8cf..00aba51 100644
--- a/secure_fw/partitions/secure_storage/sst_object_table.h
+++ b/secure_fw/partitions/protected_storage/ps_object_table.h
@@ -5,8 +5,8 @@
*
*/
-#ifndef __SST_OBJECT_TABLE_H__
-#define __SST_OBJECT_TABLE_H__
+#ifndef __PS_OBJECT_TABLE_H__
+#define __PS_OBJECT_TABLE_H__
#include <stdint.h>
@@ -17,13 +17,13 @@
#endif
/*!
- * \struct sst_obj_table_info_t
+ * \struct ps_obj_table_info_t
*
* \brief Object table information structure.
*/
-struct sst_obj_table_info_t {
+struct ps_obj_table_info_t {
uint32_t fid; /*!< File ID in the file system */
-#ifdef SST_ENCRYPTION
+#ifdef PS_ENCRYPTION
uint8_t *tag; /*!< Pointer to the MAC value of AEAD object */
#else
uint32_t version; /*!< Object version */
@@ -35,7 +35,7 @@
*
* \return Returns error code as specified in \ref psa_status_t
*/
-psa_status_t sst_object_table_create(void);
+psa_status_t ps_object_table_create(void);
/**
* \brief Initializes object table.
@@ -46,7 +46,7 @@
*
* \return Returns error code as specified in \ref psa_status_t
*/
-psa_status_t sst_object_table_init(uint8_t *obj_data);
+psa_status_t ps_object_table_init(uint8_t *obj_data);
/**
* \brief Checks if there is an entry in the table for the provided UID and
@@ -60,8 +60,8 @@
* \retval PSA_SUCCESS If there is a table entry for the object
* \retval PSA_ERROR_DOES_NOT_EXIST If no table entry exists for the object
*/
-psa_status_t sst_object_table_obj_exist(psa_storage_uid_t uid,
- int32_t client_id);
+psa_status_t ps_object_table_obj_exist(psa_storage_uid_t uid,
+ int32_t client_id);
/**
* \brief Gets a not in use file ID.
@@ -76,8 +76,7 @@
* are still free in the table. Otherwise, it returns an error code as
* specified in \ref psa_status_t
*/
-psa_status_t sst_object_table_get_free_fid(uint32_t fid_num,
- uint32_t *p_fid);
+psa_status_t ps_object_table_get_free_fid(uint32_t fid_num, uint32_t *p_fid);
/**
* \brief Sets object table information in the object table and stores it
@@ -86,16 +85,16 @@
* \param[in] uid Identifier for the data.
* \param[in] client_id Identifier of the asset’s owner (client)
* \param[in] obj_tbl_info Pointer to the location to store object table
- * information \ref sst_obj_table_info_t
+ * information \ref ps_obj_table_info_t
*
* \note A call to this function results in writing the table to the
* file system.
*
* \return Returns error code as specified in \ref psa_status_t
*/
-psa_status_t sst_object_table_set_obj_tbl_info(psa_storage_uid_t uid,
- int32_t client_id,
- const struct sst_obj_table_info_t *obj_tbl_info);
+psa_status_t ps_object_table_set_obj_tbl_info(psa_storage_uid_t uid,
+ int32_t client_id,
+ const struct ps_obj_table_info_t *obj_tbl_info);
/**
* \brief Gets object table information from the object table for the provided
@@ -109,9 +108,9 @@
* \return Returns PSA_SUCCESS if the object exists. Otherwise, it
* returns PSA_ERROR_DOES_NOT_EXIST.
*/
-psa_status_t sst_object_table_get_obj_tbl_info(psa_storage_uid_t uid,
- int32_t client_id,
- struct sst_obj_table_info_t *obj_tbl_info);
+psa_status_t ps_object_table_get_obj_tbl_info(psa_storage_uid_t uid,
+ int32_t client_id,
+ struct ps_obj_table_info_t *obj_tbl_info);
/**
* \brief Deletes the table entry for the provided UID and client ID pair.
@@ -121,18 +120,18 @@
*
* \return Returns error code as specified in \ref psa_status_t
*/
-psa_status_t sst_object_table_delete_object(psa_storage_uid_t uid,
- int32_t client_id);
+psa_status_t ps_object_table_delete_object(psa_storage_uid_t uid,
+ int32_t client_id);
/**
* \brief Deletes old object table from the persistent area.
*
* \return Returns error code as specified in \ref psa_status_t
*/
-psa_status_t sst_object_table_delete_old_table(void);
+psa_status_t ps_object_table_delete_old_table(void);
#ifdef __cplusplus
}
#endif
-#endif /* __SST_OBJECT_TABLE_H__ */
+#endif /* __PS_OBJECT_TABLE_H__ */
diff --git a/secure_fw/partitions/secure_storage/sst_utils.c b/secure_fw/partitions/protected_storage/ps_utils.c
similarity index 73%
rename from secure_fw/partitions/secure_storage/sst_utils.c
rename to secure_fw/partitions/protected_storage/ps_utils.c
index 6bae88d..decf690 100644
--- a/secure_fw/partitions/secure_storage/sst_utils.c
+++ b/secure_fw/partitions/protected_storage/ps_utils.c
@@ -5,11 +5,11 @@
*
*/
-#include "sst_utils.h"
+#include "ps_utils.h"
-psa_status_t sst_utils_check_contained_in(uint32_t superset_size,
- uint32_t subset_offset,
- uint32_t subset_size)
+psa_status_t ps_utils_check_contained_in(uint32_t superset_size,
+ uint32_t subset_offset,
+ uint32_t subset_size)
{
/* Check that subset_offset is valid */
if (subset_offset > superset_size) {
diff --git a/secure_fw/partitions/secure_storage/sst_utils.h b/secure_fw/partitions/protected_storage/ps_utils.h
similarity index 79%
rename from secure_fw/partitions/secure_storage/sst_utils.h
rename to secure_fw/partitions/protected_storage/ps_utils.h
index de17a75..c9a3d80 100644
--- a/secure_fw/partitions/secure_storage/sst_utils.h
+++ b/secure_fw/partitions/protected_storage/ps_utils.h
@@ -5,8 +5,8 @@
*
*/
-#ifndef __SST_UTILS_H__
-#define __SST_UTILS_H__
+#ifndef __PS_UTILS_H__
+#define __PS_UTILS_H__
#include <stdint.h>
@@ -17,8 +17,8 @@
extern "C" {
#endif
-#define SST_INVALID_FID 0
-#define SST_DEFAULT_EMPTY_BUFF_VAL 0
+#define PS_INVALID_FID 0
+#define PS_DEFAULT_EMPTY_BUFF_VAL 0
/**
* \brief Macro to check, at compilation time, if data fits in data buffer
@@ -32,13 +32,13 @@
* data_buf_size. The compilation error should be
* "... error: 'err_msg' declared as an array with a negative size"
*/
-#define SST_UTILS_BOUND_CHECK(err_msg, data_size, data_buf_size) \
+#define PS_UTILS_BOUND_CHECK(err_msg, data_size, data_buf_size) \
typedef char err_msg[(data_size <= data_buf_size)*2 - 1]
/**
* \brief Evaluates to the minimum of the two parameters.
*/
-#define SST_UTILS_MIN(x, y) (((x) < (y)) ? (x) : (y))
+#define PS_UTILS_MIN(x, y) (((x) < (y)) ? (x) : (y))
/**
* \brief Checks if a subset region is fully contained within a superset region.
@@ -58,12 +58,12 @@
* subset offset + size is greater than the
* size of the superset
*/
-psa_status_t sst_utils_check_contained_in(uint32_t superset_size,
- uint32_t subset_offset,
- uint32_t subset_size);
+psa_status_t ps_utils_check_contained_in(uint32_t superset_size,
+ uint32_t subset_offset,
+ uint32_t subset_size);
#ifdef __cplusplus
}
#endif
-#endif /* __SST_UTILS_H__ */
+#endif /* __PS_UTILS_H__ */
diff --git a/secure_fw/partitions/protected_storage/psa_manifest/tfm_protected_storage.h b/secure_fw/partitions/protected_storage/psa_manifest/tfm_protected_storage.h
new file mode 100644
index 0000000..4dd4dea
--- /dev/null
+++ b/secure_fw/partitions/protected_storage/psa_manifest/tfm_protected_storage.h
@@ -0,0 +1,27 @@
+/*
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+/*********** WARNING: This is an auto-generated file. Do not edit! ***********/
+
+#ifndef __PSA_MANIFEST_TFM_PROTECTED_STORAGE_H__
+#define __PSA_MANIFEST_TFM_PROTECTED_STORAGE_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define TFM_PS_SET_SIGNAL (1U << (0 + 4))
+#define TFM_PS_GET_SIGNAL (1U << (1 + 4))
+#define TFM_PS_GET_INFO_SIGNAL (1U << (2 + 4))
+#define TFM_PS_REMOVE_SIGNAL (1U << (3 + 4))
+#define TFM_PS_GET_SUPPORT_SIGNAL (1U << (4 + 4))
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __PSA_MANIFEST_TFM_PROTECTED_STORAGE_H__ */
diff --git a/secure_fw/partitions/protected_storage/tfm_protected_storage.c b/secure_fw/partitions/protected_storage/tfm_protected_storage.c
new file mode 100644
index 0000000..0574302
--- /dev/null
+++ b/secure_fw/partitions/protected_storage/tfm_protected_storage.c
@@ -0,0 +1,128 @@
+/*
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#include "tfm_protected_storage.h"
+#include "ps_object_system.h"
+#include "tfm_ps_defs.h"
+
+psa_status_t tfm_ps_init(void)
+{
+ psa_status_t err;
+
+ err = ps_system_prepare();
+#ifdef PS_CREATE_FLASH_LAYOUT
+ /* If PS_CREATE_FLASH_LAYOUT is set, it indicates that it is required to
+ * create a PS flash layout. PS service will generate an empty and valid
+ * PS flash layout to store assets. It will erase all data located in the
+ * assigned PS memory area before generating the PS layout.
+ * This flag is required to be set if the PS memory area is located in
+ * non-persistent memory.
+ * This flag can be set if the PS memory area is located in persistent
+ * memory without a previous valid PS flash layout in it. That is the case
+ * when it is the first time in the device life that the PS service is
+ * executed.
+ */
+ if (err != PSA_SUCCESS) {
+ /* Remove all data in the PS memory area and create a valid PS flash
+ * layout in that area.
+ */
+ err = ps_system_wipe_all();
+ if (err != PSA_SUCCESS) {
+ return err;
+ }
+
+ /* Attempt to initialise again */
+ err = ps_system_prepare();
+ }
+#endif /* PS_CREATE_FLASH_LAYOUT */
+
+ return err;
+}
+
+psa_status_t tfm_ps_set(int32_t client_id,
+ psa_storage_uid_t uid,
+ uint32_t data_length,
+ psa_storage_create_flags_t create_flags)
+{
+ /* Check that the UID is valid */
+ if (uid == TFM_PS_INVALID_UID) {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
+
+ /* Check that the create_flags does not contain any unsupported flags */
+ if (create_flags & ~(PSA_STORAGE_FLAG_WRITE_ONCE |
+ PSA_STORAGE_FLAG_NO_CONFIDENTIALITY |
+ PSA_STORAGE_FLAG_NO_REPLAY_PROTECTION)) {
+ return PSA_ERROR_NOT_SUPPORTED;
+ }
+
+ /* Create the object in the object system */
+ return ps_object_create(uid, client_id, create_flags, data_length);
+}
+
+psa_status_t tfm_ps_get(int32_t client_id,
+ psa_storage_uid_t uid,
+ uint32_t data_offset,
+ uint32_t data_size,
+ size_t *p_data_length)
+{
+ /* Check that the UID is valid */
+ if (uid == TFM_PS_INVALID_UID) {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
+
+ /* Read the object data from the object system */
+ return ps_object_read(uid, client_id, data_offset, data_size,
+ p_data_length);
+}
+
+psa_status_t tfm_ps_get_info(int32_t client_id, psa_storage_uid_t uid,
+ struct psa_storage_info_t *p_info)
+{
+ /* Check that the UID is valid */
+ if (uid == TFM_PS_INVALID_UID) {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
+
+ /* Get the info struct data from the object system */
+ return ps_object_get_info(uid, client_id, p_info);
+}
+
+psa_status_t tfm_ps_remove(int32_t client_id, psa_storage_uid_t uid)
+{
+ psa_status_t err;
+
+ /* Check that the UID is valid */
+ if (uid == TFM_PS_INVALID_UID) {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
+
+ /* Delete the object from the object system */
+ err = ps_object_delete(uid, client_id);
+
+ /* PSA_ERROR_INVALID_SIGNATURE is not supported by psa_ps_remove
+ * specification. So, this function returns TFM_PS_ERR_OPERATION_FAILED
+ * instead.
+ */
+ if (err == PSA_ERROR_INVALID_SIGNATURE) {
+ return PSA_ERROR_GENERIC_ERROR;
+ }
+
+ return err;
+}
+
+uint32_t tfm_ps_get_support(void)
+{
+ /*
+ * This function returns a bitmask with flags set for all of the optional
+ * features supported by the PS service implementation.
+ *
+ * PS service does not support the optional extended PSA PS API yet.
+ */
+
+ return 0;
+}
diff --git a/secure_fw/partitions/secure_storage/tfm_protected_storage.h b/secure_fw/partitions/protected_storage/tfm_protected_storage.h
similarity index 91%
rename from secure_fw/partitions/secure_storage/tfm_protected_storage.h
rename to secure_fw/partitions/protected_storage/tfm_protected_storage.h
index 4cd44a5..28dd5f6 100644
--- a/secure_fw/partitions/secure_storage/tfm_protected_storage.h
+++ b/secure_fw/partitions/protected_storage/tfm_protected_storage.h
@@ -17,7 +17,7 @@
#endif
/**
- * \brief Initializes the secure storage system.
+ * \brief Initializes the protected storage system.
*
* \return A status indicating the success/failure of the operation as specified
* in \ref psa_status_t
@@ -29,7 +29,7 @@
* \retval PSA_ERROR_GENERIC_ERROR The operation failed because of an
* unspecified internal failure
*/
-psa_status_t tfm_sst_init(void);
+psa_status_t tfm_ps_init(void);
/**
* \brief Creates a new or modifies an existing asset.
@@ -63,10 +63,10 @@
* \retval PSA_ERROR_GENERIC_ERROR The operation failed because of an
* unspecified internal failure.
*/
-psa_status_t tfm_sst_set(int32_t client_id,
- psa_storage_uid_t uid,
- uint32_t data_length,
- psa_storage_create_flags_t create_flags);
+psa_status_t tfm_ps_set(int32_t client_id,
+ psa_storage_uid_t uid,
+ uint32_t data_length,
+ psa_storage_create_flags_t create_flags);
/**
* \brief Gets the asset data for the provided uid.
*
@@ -98,11 +98,11 @@
* associated with the UID failed
* authentication
*/
-psa_status_t tfm_sst_get(int32_t client_id,
- psa_storage_uid_t uid,
- uint32_t data_offset,
- uint32_t data_size,
- size_t *p_data_length);
+psa_status_t tfm_ps_get(int32_t client_id,
+ psa_storage_uid_t uid,
+ uint32_t data_offset,
+ uint32_t data_size,
+ size_t *p_data_length);
/**
* \brief Gets the metadata for the provided uid.
*
@@ -132,8 +132,8 @@
* associated with the UID failed
* authentication
*/
-psa_status_t tfm_sst_get_info(int32_t client_id, psa_storage_uid_t uid,
- struct psa_storage_info_t *p_info);
+psa_status_t tfm_ps_get_info(int32_t client_id, psa_storage_uid_t uid,
+ struct psa_storage_info_t *p_info);
/**
* \brief Removes the provided uid and its associated data from storage.
@@ -160,7 +160,7 @@
* \retval PSA_ERROR_GENERIC_ERROR The operation failed because of an
* unspecified internal failure
*/
-psa_status_t tfm_sst_remove(int32_t client_id, psa_storage_uid_t uid);
+psa_status_t tfm_ps_remove(int32_t client_id, psa_storage_uid_t uid);
/**
* \brief Gets a bitmask with flags set for all of the optional features
@@ -169,7 +169,7 @@
* \return Bitmask value which contains all the bits set for all the optional
* features supported by the implementation
*/
-uint32_t tfm_sst_get_support(void);
+uint32_t tfm_ps_get_support(void);
#ifdef __cplusplus
}
diff --git a/secure_fw/partitions/secure_storage/tfm_secure_storage.yaml b/secure_fw/partitions/protected_storage/tfm_protected_storage.yaml
similarity index 74%
rename from secure_fw/partitions/secure_storage/tfm_secure_storage.yaml
rename to secure_fw/partitions/protected_storage/tfm_protected_storage.yaml
index 8852134..5c4e084 100644
--- a/secure_fw/partitions/secure_storage/tfm_secure_storage.yaml
+++ b/secure_fw/partitions/protected_storage/tfm_protected_storage.yaml
@@ -7,78 +7,78 @@
{
"psa_framework_version": 1.0,
- "name": "TFM_SP_STORAGE",
+ "name": "TFM_SP_PS",
"type": "APPLICATION-ROT",
"priority": "NORMAL",
- "entry_point": "tfm_sst_req_mngr_init",
+ "entry_point": "tfm_ps_req_mngr_init",
"stack_size": "0x800",
"secure_functions": [
{
- "name": "TFM_SST_SET",
- "signal": "TFM_SST_SET_REQ",
+ "name": "TFM_PS_SET",
+ "signal": "TFM_PS_SET_REQ",
"non_secure_clients": true,
"version": 1,
"version_policy": "STRICT"
},
{
- "name": "TFM_SST_GET",
- "signal": "TFM_SST_GET_REQ",
+ "name": "TFM_PS_GET",
+ "signal": "TFM_PS_GET_REQ",
"non_secure_clients": true,
"version": 1,
"version_policy": "STRICT"
},
{
- "name": "TFM_SST_GET_INFO",
- "signal": "TFM_SST_GET_INFO_REQ",
+ "name": "TFM_PS_GET_INFO",
+ "signal": "TFM_PS_GET_INFO_REQ",
"non_secure_clients": true,
"version": 1,
"version_policy": "STRICT"
},
{
- "name": "TFM_SST_REMOVE",
- "signal": "TFM_SST_REMOVE_REQ",
+ "name": "TFM_PS_REMOVE",
+ "signal": "TFM_PS_REMOVE_REQ",
"non_secure_clients": true,
"version": 1,
"version_policy": "STRICT"
},
{
- "name": "TFM_SST_GET_SUPPORT",
- "signal": "TFM_SST_GET_SUPPORT_REQ",
+ "name": "TFM_PS_GET_SUPPORT",
+ "signal": "TFM_PS_GET_SUPPORT_REQ",
"non_secure_clients": true,
"version": 1,
"version_policy": "STRICT"
}
],
"services" : [{
- "name": "TFM_SST_SET",
+ "name": "TFM_PS_SET",
"sid": "0x00000060",
"non_secure_clients": true,
"version": 1,
"version_policy": "STRICT"
},
{
- "name": "TFM_SST_GET",
+ "name": "TFM_PS_GET",
"sid": "0x00000061",
"non_secure_clients": true,
"version": 1,
"version_policy": "STRICT"
},
{
- "name": "TFM_SST_GET_INFO",
+ "name": "TFM_PS_GET_INFO",
"sid": "0x00000062",
"non_secure_clients": true,
"version": 1,
"version_policy": "STRICT"
},
{
- "name": "TFM_SST_REMOVE",
+ "name": "TFM_PS_REMOVE",
"sid": "0x00000063",
"non_secure_clients": true,
"version": 1,
"version_policy": "STRICT"
},
{
- "name": "TFM_SST_GET_SUPPORT",
+ "name": "TFM_PS_GET_SUPPORT",
"sid": "0x00000064",
"non_secure_clients": true,
"version": 1,
diff --git a/secure_fw/partitions/secure_storage/tfm_sst_req_mngr.c b/secure_fw/partitions/protected_storage/tfm_ps_req_mngr.c
similarity index 73%
rename from secure_fw/partitions/secure_storage/tfm_sst_req_mngr.c
rename to secure_fw/partitions/protected_storage/tfm_ps_req_mngr.c
index 94a0e78..5891161 100644
--- a/secure_fw/partitions/secure_storage/tfm_sst_req_mngr.c
+++ b/secure_fw/partitions/protected_storage/tfm_ps_req_mngr.c
@@ -5,7 +5,7 @@
*
*/
-#include "tfm_sst_req_mngr.h"
+#include "tfm_ps_req_mngr.h"
#include <stdbool.h>
#include <stdint.h>
@@ -16,7 +16,7 @@
#include "tfm_protected_storage.h"
#ifdef TFM_PSA_API
#include "psa/service.h"
-#include "psa_manifest/tfm_secure_storage.h"
+#include "psa_manifest/tfm_protected_storage.h"
#include "flash_layout.h"
#endif
@@ -26,34 +26,34 @@
static void *p_data;
/*
- * \brief Indicates whether SST has been initialised.
+ * \brief Indicates whether PS has been initialised.
*/
-static bool sst_is_init = false;
+static bool ps_is_init = false;
/*
- * \brief Initialises SST, if not already initialised.
+ * \brief Initialises PS, if not already initialised.
*
* \note In library mode, initialisation is delayed until the first secure
* function call, as calls to the Crypto service are required for
* initialisation.
*
- * \return PSA_SUCCESS if SST is initialised, PSA_ERROR_GENERIC_ERROR
+ * \return PSA_SUCCESS if PS is initialised, PSA_ERROR_GENERIC_ERROR
* otherwise.
*/
-static psa_status_t sst_check_init(void)
+static psa_status_t ps_check_init(void)
{
- if (!sst_is_init) {
- if (tfm_sst_init() != PSA_SUCCESS) {
+ if (!ps_is_init) {
+ if (tfm_ps_init() != PSA_SUCCESS) {
return PSA_ERROR_GENERIC_ERROR;
}
- sst_is_init = true;
+ ps_is_init = true;
}
return PSA_SUCCESS;
}
-psa_status_t tfm_sst_set_req(psa_invec *in_vec, size_t in_len,
- psa_outvec *out_vec, size_t out_len)
+psa_status_t tfm_ps_set_req(psa_invec *in_vec, size_t in_len,
+ psa_outvec *out_vec, size_t out_len)
{
psa_storage_uid_t uid;
uint32_t data_length;
@@ -61,7 +61,7 @@
int32_t status;
psa_storage_create_flags_t create_flags;
- if (sst_check_init() != PSA_SUCCESS) {
+ if (ps_check_init() != PSA_SUCCESS) {
return PSA_ERROR_GENERIC_ERROR;
}
@@ -93,11 +93,11 @@
return PSA_ERROR_PROGRAMMER_ERROR;
}
- return tfm_sst_set(client_id, uid, data_length, create_flags);
+ return tfm_ps_set(client_id, uid, data_length, create_flags);
}
-psa_status_t tfm_sst_get_req(psa_invec *in_vec, size_t in_len,
- psa_outvec *out_vec, size_t out_len)
+psa_status_t tfm_ps_get_req(psa_invec *in_vec, size_t in_len,
+ psa_outvec *out_vec, size_t out_len)
{
uint32_t data_offset;
uint32_t data_size;
@@ -106,7 +106,7 @@
int32_t status;
size_t *p_data_length;
- if (sst_check_init() != PSA_SUCCESS) {
+ if (ps_check_init() != PSA_SUCCESS) {
return PSA_ERROR_GENERIC_ERROR;
}
@@ -139,19 +139,19 @@
return PSA_ERROR_PROGRAMMER_ERROR;
}
- return tfm_sst_get(client_id, uid, data_offset, data_size, p_data_length);
+ return tfm_ps_get(client_id, uid, data_offset, data_size, p_data_length);
}
-psa_status_t tfm_sst_get_info_req(psa_invec *in_vec, size_t in_len,
- psa_outvec *out_vec, size_t out_len)
+psa_status_t tfm_ps_get_info_req(psa_invec *in_vec, size_t in_len,
+ psa_outvec *out_vec, size_t out_len)
{
int32_t client_id;
psa_storage_uid_t uid;
struct psa_storage_info_t *p_info;
int32_t tfm_status;
- if (sst_check_init() != PSA_SUCCESS) {
+ if (ps_check_init() != PSA_SUCCESS) {
return PSA_ERROR_GENERIC_ERROR;
}
@@ -180,17 +180,17 @@
return PSA_ERROR_PROGRAMMER_ERROR;
}
- return tfm_sst_get_info(client_id, uid, p_info);
+ return tfm_ps_get_info(client_id, uid, p_info);
}
-psa_status_t tfm_sst_remove_req(psa_invec *in_vec, size_t in_len,
- psa_outvec *out_vec, size_t out_len)
+psa_status_t tfm_ps_remove_req(psa_invec *in_vec, size_t in_len,
+ psa_outvec *out_vec, size_t out_len)
{
int32_t client_id;
psa_storage_uid_t uid;
int32_t tfm_status;
- if (sst_check_init() != PSA_SUCCESS) {
+ if (ps_check_init() != PSA_SUCCESS) {
return PSA_ERROR_GENERIC_ERROR;
}
@@ -209,17 +209,17 @@
return PSA_ERROR_PROGRAMMER_ERROR;
}
- return tfm_sst_remove(client_id, uid);;
+ return tfm_ps_remove(client_id, uid);
}
-psa_status_t tfm_sst_get_support_req(psa_invec *in_vec, size_t in_len,
- psa_outvec *out_vec, size_t out_len)
+psa_status_t tfm_ps_get_support_req(psa_invec *in_vec, size_t in_len,
+ psa_outvec *out_vec, size_t out_len)
{
uint32_t *support_flags;
(void)in_vec;
- if (sst_check_init() != PSA_SUCCESS) {
+ if (ps_check_init() != PSA_SUCCESS) {
return PSA_ERROR_GENERIC_ERROR;
}
@@ -235,16 +235,16 @@
support_flags = (uint32_t *)out_vec[0].base;
- *support_flags = tfm_sst_get_support();
+ *support_flags = tfm_ps_get_support();
return PSA_SUCCESS;
}
#else /* !defined(TFM_PSA_API) */
-typedef psa_status_t (*sst_func_t)(void);
+typedef psa_status_t (*ps_func_t)(void);
static psa_msg_t msg;
-static psa_status_t tfm_sst_set_ipc(void)
+static psa_status_t tfm_ps_set_ipc(void)
{
psa_storage_uid_t uid;
int32_t client_id;
@@ -269,10 +269,10 @@
return PSA_ERROR_PROGRAMMER_ERROR;
}
- return tfm_sst_set(client_id, uid, msg.in_size[1], create_flags);
+ return tfm_ps_set(client_id, uid, msg.in_size[1], create_flags);
}
-static psa_status_t tfm_sst_get_ipc(void)
+static psa_status_t tfm_ps_get_ipc(void)
{
psa_storage_uid_t uid;
uint32_t data_offset;
@@ -295,11 +295,11 @@
return PSA_ERROR_PROGRAMMER_ERROR;
}
- return tfm_sst_get(msg.client_id, uid, data_offset, msg.out_size[0],
- &p_data_length);
+ return tfm_ps_get(msg.client_id, uid, data_offset, msg.out_size[0],
+ &p_data_length);
}
-static psa_status_t tfm_sst_get_info_ipc(void)
+static psa_status_t tfm_ps_get_info_ipc(void)
{
psa_storage_uid_t uid;
@@ -318,7 +318,7 @@
return PSA_ERROR_PROGRAMMER_ERROR;
}
- status = tfm_sst_get_info(msg.client_id, uid, &info);
+ status = tfm_ps_get_info(msg.client_id, uid, &info);
if (status == PSA_SUCCESS) {
psa_write(msg.handle, 0, &info, msg.out_size[0]);
@@ -326,7 +326,7 @@
return status;
}
-static psa_status_t tfm_sst_remove_ipc(void)
+static psa_status_t tfm_ps_remove_ipc(void)
{
psa_storage_uid_t uid;
size_t num = 0;
@@ -341,10 +341,10 @@
return PSA_ERROR_PROGRAMMER_ERROR;
}
- return tfm_sst_remove(msg.client_id, uid);
+ return tfm_ps_remove(msg.client_id, uid);
}
-static psa_status_t tfm_sst_get_support_ipc(void)
+static psa_status_t tfm_ps_get_support_ipc(void)
{
size_t out_size;
uint32_t support_flags;
@@ -355,7 +355,7 @@
return PSA_ERROR_PROGRAMMER_ERROR;
}
- support_flags = tfm_sst_get_support();
+ support_flags = tfm_ps_get_support();
psa_write(msg.handle, 0, &support_flags, out_size);
return PSA_SUCCESS;
}
@@ -370,7 +370,7 @@
;
}
-static void ps_signal_handle(psa_signal_t signal, sst_func_t pfn)
+static void ps_signal_handle(psa_signal_t signal, ps_func_t pfn)
{
psa_status_t status;
@@ -392,28 +392,28 @@
}
#endif /* !defined(TFM_PSA_API) */
-psa_status_t tfm_sst_req_mngr_init(void)
+psa_status_t tfm_ps_req_mngr_init(void)
{
#ifdef TFM_PSA_API
psa_signal_t signals = 0;
- if (tfm_sst_init() != PSA_SUCCESS) {
+ if (tfm_ps_init() != PSA_SUCCESS) {
tfm_abort();
}
while (1) {
signals = psa_wait(PSA_WAIT_ANY, PSA_BLOCK);
- if (signals & TFM_SST_SET_SIGNAL) {
- ps_signal_handle(TFM_SST_SET_SIGNAL, tfm_sst_set_ipc);
- } else if (signals & TFM_SST_GET_SIGNAL) {
- ps_signal_handle(TFM_SST_GET_SIGNAL, tfm_sst_get_ipc);
- } else if (signals & TFM_SST_GET_INFO_SIGNAL) {
- ps_signal_handle(TFM_SST_GET_INFO_SIGNAL, tfm_sst_get_info_ipc);
- } else if (signals & TFM_SST_REMOVE_SIGNAL) {
- ps_signal_handle(TFM_SST_REMOVE_SIGNAL, tfm_sst_remove_ipc);
- } else if (signals & TFM_SST_GET_SUPPORT_SIGNAL) {
- ps_signal_handle(TFM_SST_GET_SUPPORT_SIGNAL,
- tfm_sst_get_support_ipc);
+ if (signals & TFM_PS_SET_SIGNAL) {
+ ps_signal_handle(TFM_PS_SET_SIGNAL, tfm_ps_set_ipc);
+ } else if (signals & TFM_PS_GET_SIGNAL) {
+ ps_signal_handle(TFM_PS_GET_SIGNAL, tfm_ps_get_ipc);
+ } else if (signals & TFM_PS_GET_INFO_SIGNAL) {
+ ps_signal_handle(TFM_PS_GET_INFO_SIGNAL, tfm_ps_get_info_ipc);
+ } else if (signals & TFM_PS_REMOVE_SIGNAL) {
+ ps_signal_handle(TFM_PS_REMOVE_SIGNAL, tfm_ps_remove_ipc);
+ } else if (signals & TFM_PS_GET_SUPPORT_SIGNAL) {
+ ps_signal_handle(TFM_PS_GET_SUPPORT_SIGNAL,
+ tfm_ps_get_support_ipc);
} else {
tfm_abort();
}
@@ -427,10 +427,11 @@
#endif
}
-psa_status_t sst_req_mngr_read_asset_data(uint8_t *out_data, uint32_t size)
+psa_status_t ps_req_mngr_read_asset_data(uint8_t *out_data, uint32_t size)
{
#ifdef TFM_PSA_API
size_t num = 0;
+
num = psa_read(msg.handle, 1, out_data, size);
if (num != size) {
return PSA_ERROR_PROGRAMMER_ERROR;
@@ -441,7 +442,7 @@
return PSA_SUCCESS;
}
-void sst_req_mngr_write_asset_data(const uint8_t *in_data,
+void ps_req_mngr_write_asset_data(const uint8_t *in_data,
uint32_t size)
{
#ifdef TFM_PSA_API
diff --git a/secure_fw/partitions/secure_storage/tfm_sst_req_mngr.h b/secure_fw/partitions/protected_storage/tfm_ps_req_mngr.h
similarity index 78%
rename from secure_fw/partitions/secure_storage/tfm_sst_req_mngr.h
rename to secure_fw/partitions/protected_storage/tfm_ps_req_mngr.h
index e1ce2e0..1dc3a4f 100644
--- a/secure_fw/partitions/secure_storage/tfm_sst_req_mngr.h
+++ b/secure_fw/partitions/protected_storage/tfm_ps_req_mngr.h
@@ -5,8 +5,8 @@
*
*/
-#ifndef __TFM_SST_REQ_MNGR_H__
-#define __TFM_SST_REQ_MNGR_H__
+#ifndef __TFM_PS_REQ_MNGR_H__
+#define __TFM_PS_REQ_MNGR_H__
#include <stddef.h>
@@ -30,8 +30,8 @@
* \return A status indicating the success/failure of the operation as specified
* in \ref psa_status_t
*/
-psa_status_t tfm_sst_set_req(psa_invec *in_vec, size_t in_len,
- psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_ps_set_req(psa_invec *in_vec, size_t in_len,
+ psa_outvec *out_vec, size_t out_len);
/**
* \brief Handles the get request.
@@ -46,8 +46,8 @@
* \return A status indicating the success/failure of the operation as specified
* in \ref psa_status_t
*/
-psa_status_t tfm_sst_get_req(psa_invec *in_vec, size_t in_len,
- psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_ps_get_req(psa_invec *in_vec, size_t in_len,
+ psa_outvec *out_vec, size_t out_len);
/**
* \brief Handles the get info request.
@@ -62,8 +62,8 @@
* \return A status indicating the success/failure of the operation as specified
* in \ref psa_status_t
*/
-psa_status_t tfm_sst_get_info_req(psa_invec *in_vec, size_t in_len,
- psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_ps_get_info_req(psa_invec *in_vec, size_t in_len,
+ psa_outvec *out_vec, size_t out_len);
/**
* \brief Handles the remove request.
@@ -78,8 +78,8 @@
* \return A status indicating the success/failure of the operation as specified
* in \ref psa_status_t
*/
-psa_status_t tfm_sst_remove_req(psa_invec *in_vec, size_t in_len,
- psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_ps_remove_req(psa_invec *in_vec, size_t in_len,
+ psa_outvec *out_vec, size_t out_len);
/**
* \brief Handles the get support request.
@@ -95,8 +95,8 @@
* in \ref psa_status_t
*
*/
-psa_status_t tfm_sst_get_support_req(psa_invec *in_vec, size_t in_len,
- psa_outvec *out_vec, size_t out_len);
+psa_status_t tfm_ps_get_support_req(psa_invec *in_vec, size_t in_len,
+ psa_outvec *out_vec, size_t out_len);
/**
* \brief Takes an input buffer containing asset data and writes
@@ -107,8 +107,8 @@
*
*
*/
-void sst_req_mngr_write_asset_data(const uint8_t *in_data,
- uint32_t size);
+void ps_req_mngr_write_asset_data(const uint8_t *in_data,
+ uint32_t size);
/**
* \brief Writes the asset data of a client iovec onto an output buffer
@@ -120,10 +120,10 @@
* in \ref psa_status_t
*
*/
-psa_status_t sst_req_mngr_read_asset_data(uint8_t *out_data, uint32_t size);
+psa_status_t ps_req_mngr_read_asset_data(uint8_t *out_data, uint32_t size);
#ifdef __cplusplus
}
#endif
-#endif /* __TFM_SST_REQ_MNGR_H__ */
+#endif /* __TFM_PS_REQ_MNGR_H__ */
diff --git a/secure_fw/partitions/secure_storage/tfm_sst_secure_api.c b/secure_fw/partitions/protected_storage/tfm_ps_secure_api.c
similarity index 85%
rename from secure_fw/partitions/secure_storage/tfm_sst_secure_api.c
rename to secure_fw/partitions/protected_storage/tfm_ps_secure_api.c
index d403b08..6a08e50 100644
--- a/secure_fw/partitions/secure_storage/tfm_sst_secure_api.c
+++ b/secure_fw/partitions/protected_storage/tfm_ps_secure_api.c
@@ -31,7 +31,7 @@
};
#ifdef TFM_PSA_API
- handle = psa_connect(TFM_SST_SET_SID, TFM_SST_SET_VERSION);
+ handle = psa_connect(TFM_PS_SET_SID, TFM_PS_SET_VERSION);
if (!PSA_HANDLE_IS_VALID(handle)) {
return PSA_ERROR_GENERIC_ERROR;
}
@@ -42,8 +42,8 @@
psa_close(handle);
#else
- status = tfm_tfm_sst_set_req_veneer(in_vec, IOVEC_LEN(in_vec),
- NULL, 0);
+ status = tfm_tfm_ps_set_req_veneer(in_vec, IOVEC_LEN(in_vec),
+ NULL, 0);
#endif
/* A parameter with a buffer pointer pointer that has data length longer
@@ -82,7 +82,7 @@
return PSA_ERROR_INVALID_ARGUMENT;
}
#ifdef TFM_PSA_API
- handle = psa_connect(TFM_SST_GET_SID, TFM_SST_GET_VERSION);
+ handle = psa_connect(TFM_PS_GET_SID, TFM_PS_GET_VERSION);
if (!PSA_HANDLE_IS_VALID(handle)) {
return PSA_ERROR_GENERIC_ERROR;
}
@@ -93,7 +93,7 @@
psa_close(handle);
#else
- status = tfm_tfm_sst_get_req_veneer(in_vec, IOVEC_LEN(in_vec),
+ status = tfm_tfm_ps_get_req_veneer(in_vec, IOVEC_LEN(in_vec),
out_vec, IOVEC_LEN(out_vec));
#endif
@@ -129,7 +129,7 @@
};
#ifdef TFM_PSA_API
- handle = psa_connect(TFM_SST_GET_INFO_SID, TFM_SST_GET_INFO_VERSION);
+ handle = psa_connect(TFM_PS_GET_INFO_SID, TFM_PS_GET_INFO_VERSION);
if (!PSA_HANDLE_IS_VALID(handle)) {
return PSA_ERROR_GENERIC_ERROR;
}
@@ -140,8 +140,8 @@
psa_close(handle);
#else
- status = tfm_tfm_sst_get_info_req_veneer(in_vec, IOVEC_LEN(in_vec),
- out_vec, IOVEC_LEN(out_vec));
+ status = tfm_tfm_ps_get_info_req_veneer(in_vec, IOVEC_LEN(in_vec),
+ out_vec, IOVEC_LEN(out_vec));
#endif
if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) {
@@ -163,7 +163,7 @@
};
#ifdef TFM_PSA_API
- handle = psa_connect(TFM_SST_REMOVE_SID, TFM_SST_REMOVE_VERSION);
+ handle = psa_connect(TFM_PS_REMOVE_SID, TFM_PS_REMOVE_VERSION);
if (!PSA_HANDLE_IS_VALID(handle)) {
return PSA_ERROR_GENERIC_ERROR;
}
@@ -174,7 +174,7 @@
psa_close(handle);
#else
- status = tfm_tfm_sst_remove_req_veneer(in_vec, IOVEC_LEN(in_vec),
+ status = tfm_tfm_ps_remove_req_veneer(in_vec, IOVEC_LEN(in_vec),
NULL, 0);
#endif
@@ -227,7 +227,7 @@
* ignored.
*/
#ifdef TFM_PSA_API
- handle = psa_connect(TFM_SST_GET_SUPPORT_SID, TFM_SST_GET_SUPPORT_VERSION);
+ handle = psa_connect(TFM_PS_GET_SUPPORT_SID, TFM_PS_GET_SUPPORT_VERSION);
if (!PSA_HANDLE_IS_VALID(handle)) {
return support_flags;
}
@@ -236,8 +236,8 @@
psa_close(handle);
#else
- (void)tfm_tfm_sst_get_support_req_veneer(NULL, 0,
- out_vec, IOVEC_LEN(out_vec));
+ (void)tfm_tfm_ps_get_support_req_veneer(NULL, 0,
+ out_vec, IOVEC_LEN(out_vec));
#endif
return support_flags;
diff --git a/secure_fw/partitions/secure_storage/CMakeLists.inc b/secure_fw/partitions/secure_storage/CMakeLists.inc
deleted file mode 100644
index e17c787..0000000
--- a/secure_fw/partitions/secure_storage/CMakeLists.inc
+++ /dev/null
@@ -1,135 +0,0 @@
-#-------------------------------------------------------------------------------
-# Copyright (c) 2017-2020, Arm Limited. All rights reserved.
-#
-# SPDX-License-Identifier: BSD-3-Clause
-#
-#-------------------------------------------------------------------------------
-
-#Definitions to compile the "secure_storage" module.
-#This file assumes it will be included from a project specific cmakefile, and
-#will not create a library or executable.
-#Inputs:
-# TFM_ROOT_DIR - root directory of the TF-M repository.
-#Outputs:
-# Will modify include directories to make the source compile.
-# ALL_SRC_C: C source files to be compiled will be added to this list. This shall be added to your add_executable or add_library command.
-# ALL_SRC_CXX: C++ source files to be compiled will be added to this list. This shall be added to your add_executable or add_library command.
-# ALL_SRC_ASM: assembly source files to be compiled will be added to this list. This shall be added to your add_executable or add_library command.
-# Include directories will be modified by using the include_directories() commands as needed.
-
-#Get the current directory where this file is located.
-set(SECURE_STORAGE_DIR ${CMAKE_CURRENT_LIST_DIR})
-
-#Check input variables
-if (NOT DEFINED TFM_ROOT_DIR)
- message(FATAL_ERROR "Please set TFM_ROOT_DIR before including this file.")
-endif()
-
-if (NOT DEFINED SST_ENCRYPTION)
- message(FATAL_ERROR "Incomplete build configuration: SST_ENCRYPTION is undefined. ")
-endif()
-
-if (NOT DEFINED SST_ROLLBACK_PROTECTION)
- message(FATAL_ERROR "Incomplete build configuration: SST_ROLLBACK_PROTECTION is undefined.")
-endif()
-
-if (NOT DEFINED SST_CREATE_FLASH_LAYOUT)
- message(FATAL_ERROR "Incomplete build configuration: SST_CREATE_FLASH_LAYOUT is undefined. ")
-endif()
-
-if (NOT DEFINED SST_VALIDATE_METADATA_FROM_FLASH)
- message(FATAL_ERROR "Incomplete build configuration: SST_VALIDATE_METADATA_FROM_FLASH is undefined. ")
-endif()
-
-if (NOT DEFINED SST_RAM_FS)
- message(FATAL_ERROR "Incomplete build configuration: SST_RAM_FS is undefined. ")
-endif()
-
-if (NOT DEFINED SST_TEST_NV_COUNTERS)
- message(FATAL_ERROR "Incomplete build configuration: SST_TEST_NV_COUNTERS is undefined.")
-endif()
-
-set (SECURE_STORAGE_C_SRC
- "${SECURE_STORAGE_DIR}/tfm_sst_secure_api.c"
- "${SECURE_STORAGE_DIR}/tfm_sst_req_mngr.c"
- "${SECURE_STORAGE_DIR}/tfm_protected_storage.c"
- "${SECURE_STORAGE_DIR}/sst_object_system.c"
- "${SECURE_STORAGE_DIR}/sst_object_table.c"
- "${SECURE_STORAGE_DIR}/sst_utils.c"
-)
-
-if (SST_ENCRYPTION)
- list(APPEND SECURE_STORAGE_C_SRC
- "${SECURE_STORAGE_DIR}/crypto/sst_crypto_interface.c"
- "${SECURE_STORAGE_DIR}/sst_encrypted_object.c"
- )
- set_property(SOURCE ${SECURE_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS SST_ENCRYPTION)
-
- if (SST_ROLLBACK_PROTECTION)
- # Only build the NV counters implementation if the SST_TEST_NV_COUNTERS
- # flag is off. When this flag is on, a virtual implementation of the SST
- # NV counters interface is used instead. Full documentation for this
- # flag can be found in the SST Integration Guide.
- if (NOT SST_TEST_NV_COUNTERS)
- list(APPEND SECURE_STORAGE_C_SRC
- "${SECURE_STORAGE_DIR}/nv_counters/sst_nv_counters.c")
- endif()
- set_property(SOURCE ${SECURE_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS SST_ROLLBACK_PROTECTION)
- endif()
-endif()
-
-if (SST_VALIDATE_METADATA_FROM_FLASH)
- set_property(SOURCE ${SECURE_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS SST_VALIDATE_METADATA_FROM_FLASH)
-endif()
-
-if (SST_CREATE_FLASH_LAYOUT)
- set_property(SOURCE ${SECURE_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS SST_CREATE_FLASH_LAYOUT)
-endif()
-
-if (SST_RAM_FS)
- set_property(SOURCE ${SECURE_STORAGE_C_SRC} APPEND PROPERTY COMPILE_DEFINITIONS SST_RAM_FS)
-endif()
-
-#Append all our source files to global lists.
-list(APPEND ALL_SRC_C ${SECURE_STORAGE_C_SRC})
-unset(SECURE_STORAGE_C_SRC)
-
-#Inform the user about SST service features selected based on the SST service cmake flags
-message("The SST service compile configuration is as follows:")
-message("- SST_ENCRYPTION: " ${SST_ENCRYPTION})
-if (SST_ENCRYPTION)
- message("- SST_ROLLBACK_PROTECTION: " ${SST_ROLLBACK_PROTECTION})
-else()
- message("- SST_ROLLBACK_PROTECTION: N/A")
-endif()
-message("- SST_VALIDATE_METADATA_FROM_FLASH: " ${SST_VALIDATE_METADATA_FROM_FLASH})
-message("- SST_CREATE_FLASH_LAYOUT: " ${SST_CREATE_FLASH_LAYOUT})
-message("- SST_RAM_FS: " ${SST_RAM_FS})
-message("- SST_TEST_NV_COUNTERS: " ${SST_TEST_NV_COUNTERS})
-
-#Setting include directories
-embedded_include_directories(PATH ${TFM_ROOT_DIR} ABSOLUTE)
-embedded_include_directories(PATH ${SECURE_STORAGE_DIR} ABSOLUTE)
-embedded_include_directories(PATH ${TFM_ROOT_DIR}/interface/include ABSOLUTE)
-embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/spm ABSOLUTE)
-embedded_include_directories(PATH ${TFM_ROOT_DIR}/platform/ext/common ABSOLUTE)
-embedded_include_directories(PATH ${TFM_ROOT_DIR}/platform/ext/driver ABSOLUTE)
-set(BUILD_CMSIS_CORE Off)
-set(BUILD_RETARGET Off)
-set(BUILD_NATIVE_DRIVERS Off)
-set(BUILD_STARTUP Off)
-set(BUILD_TARGET_CFG Off)
-set(BUILD_TARGET_HARDWARE_KEYS Off)
-set(BUILD_TARGET_NV_COUNTERS Off)
-set(BUILD_CMSIS_DRIVERS Off)
-set(BUILD_TIME Off)
-set(BUILD_UART_STDOUT Off)
-set(BUILD_FLASH Off)
-set(BUILD_PLAT_TEST Off)
-if(NOT DEFINED PLATFORM_CMAKE_FILE)
- message (FATAL_ERROR "Platform specific CMake is not defined. Please set PLATFORM_CMAKE_FILE.")
-elseif(NOT EXISTS ${PLATFORM_CMAKE_FILE})
- message (FATAL_ERROR "Platform specific CMake \"${PLATFORM_CMAKE_FILE}\" file does not exist. Please fix value of PLATFORM_CMAKE_FILE.")
-else()
- include(${PLATFORM_CMAKE_FILE})
-endif()
diff --git a/secure_fw/partitions/secure_storage/crypto/sst_crypto_interface.c b/secure_fw/partitions/secure_storage/crypto/sst_crypto_interface.c
deleted file mode 100644
index a63f488..0000000
--- a/secure_fw/partitions/secure_storage/crypto/sst_crypto_interface.c
+++ /dev/null
@@ -1,235 +0,0 @@
-/*
- * Copyright (c) 2017-2020, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#include "sst_crypto_interface.h"
-
-#include <stdbool.h>
-
-#include "tfm_crypto_defs.h"
-#include "psa/crypto.h"
-#include "tfm_memory_utils.h"
-
-/* The PSA key type used by this implementation */
-#define SST_KEY_TYPE PSA_KEY_TYPE_AES
-/* The PSA key usage required by this implementation */
-#define SST_KEY_USAGE (PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT)
-/* The PSA algorithm used by this implementation */
-#define SST_CRYPTO_ALG \
- PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_GCM, SST_TAG_LEN_BYTES)
-
-static const uint8_t sst_key_label[] = "storage_key";
-static psa_key_handle_t sst_key_handle;
-static uint8_t sst_crypto_iv_buf[SST_IV_LEN_BYTES];
-
-psa_status_t sst_crypto_init(void)
-{
- /* Currently, no initialisation is required. This may change if key
- * handling is changed.
- */
- return PSA_SUCCESS;
-}
-
-psa_status_t sst_crypto_setkey(void)
-{
- psa_status_t status;
- psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_derivation_operation_t op = PSA_KEY_DERIVATION_OPERATION_INIT;
-
- /* Set the key attributes for the storage key */
- psa_set_key_usage_flags(&attributes, SST_KEY_USAGE);
- psa_set_key_algorithm(&attributes, SST_CRYPTO_ALG);
- psa_set_key_type(&attributes, SST_KEY_TYPE);
- psa_set_key_bits(&attributes, PSA_BYTES_TO_BITS(SST_KEY_LEN_BYTES));
-
- /* Set up a key derivation operation with HUK derivation as the alg */
- status = psa_key_derivation_setup(&op, TFM_CRYPTO_ALG_HUK_DERIVATION);
- if (status != PSA_SUCCESS) {
- return status;
- }
-
- /* Supply the SST key label as an input to the key derivation */
- status = psa_key_derivation_input_bytes(&op, PSA_KEY_DERIVATION_INPUT_LABEL,
- sst_key_label,
- sizeof(sst_key_label));
- if (status != PSA_SUCCESS) {
- goto err_release_op;
- }
-
- /* Create the storage key from the key derivation operation */
- status = psa_key_derivation_output_key(&attributes, &op, &sst_key_handle);
- if (status != PSA_SUCCESS) {
- goto err_release_op;
- }
-
- /* Free resources associated with the key derivation operation */
- status = psa_key_derivation_abort(&op);
- if (status != PSA_SUCCESS) {
- goto err_release_key;
- }
-
- return PSA_SUCCESS;
-
-err_release_key:
- (void)psa_destroy_key(sst_key_handle);
-
-err_release_op:
- (void)psa_key_derivation_abort(&op);
-
- return PSA_ERROR_GENERIC_ERROR;
-}
-
-psa_status_t sst_crypto_destroykey(void)
-{
- psa_status_t status;
-
- /* Destroy the transient key */
- status = psa_destroy_key(sst_key_handle);
- if (status != PSA_SUCCESS) {
- return PSA_ERROR_GENERIC_ERROR;
- }
-
- return PSA_SUCCESS;
-}
-
-void sst_crypto_set_iv(const union sst_crypto_t *crypto)
-{
- (void)tfm_memcpy(sst_crypto_iv_buf, crypto->ref.iv, SST_IV_LEN_BYTES);
-}
-
-void sst_crypto_get_iv(union sst_crypto_t *crypto)
-{
- /* IV characteristic is algorithm dependent.
- * For GCM it is essential that it doesn't get repeated.
- * A simple increment will suffice.
- * FIXME:
- * Since IV is predictable in this case,
- * If there is no rollback protection, an attacker could
- * try to rollback the storage and encrypt another plaintext
- * block with same IV/Key pair; this breaks GCM usage rules.
- * One potential fix would be to generate IV through RNG
- */
-
- /* Logic:
- * IV is a 12 byte value. Read the old value and increment it by 1.
- * since there is no standard C support for 12 byte integer mathematics,
- * the increment need to performed manually. Increment the lower 8byte
- * as uint64_t value and then if the new value is 0, increment the upper
- * 4 bytes as uint32_t
- * Endian order doesn't really matter as objective is not to perform
- * machine accurate increment operation but to generate a non-repetitive
- * iv value.
- */
-
- uint64_t iv_l;
- uint32_t iv_h;
-
- (void)tfm_memcpy(&iv_l, sst_crypto_iv_buf, sizeof(iv_l));
- (void)tfm_memcpy(&iv_h, (sst_crypto_iv_buf+sizeof(iv_l)), sizeof(iv_h));
- iv_l++;
- /* If overflow, increment the MSBs */
- if (iv_l == 0) {
- iv_h++;
- }
-
- /* Update the local buffer */
- (void)tfm_memcpy(sst_crypto_iv_buf, &iv_l, sizeof(iv_l));
- (void)tfm_memcpy((sst_crypto_iv_buf + sizeof(iv_l)), &iv_h, sizeof(iv_h));
- /* Update the caller buffer */
- (void)tfm_memcpy(crypto->ref.iv, sst_crypto_iv_buf, SST_IV_LEN_BYTES);
-}
-
-psa_status_t sst_crypto_encrypt_and_tag(union sst_crypto_t *crypto,
- const uint8_t *add,
- size_t add_len,
- const uint8_t *in,
- size_t in_len,
- uint8_t *out,
- size_t out_size,
- size_t *out_len)
-{
- psa_status_t status;
-
- status = psa_aead_encrypt(sst_key_handle, SST_CRYPTO_ALG,
- crypto->ref.iv, SST_IV_LEN_BYTES,
- add, add_len,
- in, in_len,
- out, out_size, out_len);
- if (status != PSA_SUCCESS) {
- return PSA_ERROR_GENERIC_ERROR;
- }
-
- /* Copy the tag out of the output buffer */
- *out_len -= SST_TAG_LEN_BYTES;
- (void)tfm_memcpy(crypto->ref.tag, (out + *out_len), SST_TAG_LEN_BYTES);
-
- return PSA_SUCCESS;
-}
-
-psa_status_t sst_crypto_auth_and_decrypt(const union sst_crypto_t *crypto,
- const uint8_t *add,
- size_t add_len,
- uint8_t *in,
- size_t in_len,
- uint8_t *out,
- size_t out_size,
- size_t *out_len)
-{
- psa_status_t status;
-
- /* Copy the tag into the input buffer */
- (void)tfm_memcpy((in + in_len), crypto->ref.tag, SST_TAG_LEN_BYTES);
- in_len += SST_TAG_LEN_BYTES;
-
- status = psa_aead_decrypt(sst_key_handle, SST_CRYPTO_ALG,
- crypto->ref.iv, SST_IV_LEN_BYTES,
- add, add_len,
- in, in_len,
- out, out_size, out_len);
- if (status != PSA_SUCCESS) {
- return PSA_ERROR_INVALID_SIGNATURE;
- }
-
- return PSA_SUCCESS;
-}
-
-psa_status_t sst_crypto_generate_auth_tag(union sst_crypto_t *crypto,
- const uint8_t *add,
- uint32_t add_len)
-{
- psa_status_t status;
- size_t out_len;
-
- status = psa_aead_encrypt(sst_key_handle, SST_CRYPTO_ALG,
- crypto->ref.iv, SST_IV_LEN_BYTES,
- add, add_len,
- 0, 0,
- crypto->ref.tag, SST_TAG_LEN_BYTES, &out_len);
- if (status != PSA_SUCCESS || out_len != SST_TAG_LEN_BYTES) {
- return PSA_ERROR_GENERIC_ERROR;
- }
-
- return PSA_SUCCESS;
-}
-
-psa_status_t sst_crypto_authenticate(const union sst_crypto_t *crypto,
- const uint8_t *add,
- uint32_t add_len)
-{
- psa_status_t status;
- size_t out_len;
-
- status = psa_aead_decrypt(sst_key_handle, SST_CRYPTO_ALG,
- crypto->ref.iv, SST_IV_LEN_BYTES,
- add, add_len,
- crypto->ref.tag, SST_TAG_LEN_BYTES,
- 0, 0, &out_len);
- if (status != PSA_SUCCESS || out_len != 0) {
- return PSA_ERROR_INVALID_SIGNATURE;
- }
-
- return PSA_SUCCESS;
-}
diff --git a/secure_fw/partitions/secure_storage/dir_secure_storage.dox b/secure_fw/partitions/secure_storage/dir_secure_storage.dox
deleted file mode 100644
index 036fbce..0000000
--- a/secure_fw/partitions/secure_storage/dir_secure_storage.dox
+++ /dev/null
@@ -1,17 +0,0 @@
-/*
- * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-//This file holds description for the current directory. This documentation
-//will be included in the Doxygen output.
-
-/*!
-\dir
-\brief Source code for the Secure Storage service.
-\details The secure storage service is responsible to hold sensitive information
-in a protected storage.
-
-*/
\ No newline at end of file
diff --git a/secure_fw/partitions/secure_storage/psa_manifest/tfm_secure_storage.h b/secure_fw/partitions/secure_storage/psa_manifest/tfm_secure_storage.h
deleted file mode 100644
index 5329ce2..0000000
--- a/secure_fw/partitions/secure_storage/psa_manifest/tfm_secure_storage.h
+++ /dev/null
@@ -1,27 +0,0 @@
-/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-/*********** WARNING: This is an auto-generated file. Do not edit! ***********/
-
-#ifndef __PSA_MANIFEST_TFM_SECURE_STORAGE_H__
-#define __PSA_MANIFEST_TFM_SECURE_STORAGE_H__
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define TFM_SST_SET_SIGNAL (1U << (0 + 4))
-#define TFM_SST_GET_SIGNAL (1U << (1 + 4))
-#define TFM_SST_GET_INFO_SIGNAL (1U << (2 + 4))
-#define TFM_SST_REMOVE_SIGNAL (1U << (3 + 4))
-#define TFM_SST_GET_SUPPORT_SIGNAL (1U << (4 + 4))
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __PSA_MANIFEST_TFM_SECURE_STORAGE_H__ */
diff --git a/secure_fw/partitions/secure_storage/sst_object_defs.h b/secure_fw/partitions/secure_storage/sst_object_defs.h
deleted file mode 100644
index 2ac7fd4..0000000
--- a/secure_fw/partitions/secure_storage/sst_object_defs.h
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * Copyright (c) 2018-2020, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#ifndef __SST_OBJECT_DEFS_H__
-#define __SST_OBJECT_DEFS_H__
-
-#include <stdint.h>
-
-#include "flash_layout.h"
-#include "psa/protected_storage.h"
-
-#ifdef SST_ENCRYPTION
-#include "crypto/sst_crypto_interface.h"
-#endif
-
-/*!
- * \struct sst_object_info_t
- *
- * \brief Object information.
- */
-struct sst_object_info_t {
- uint32_t current_size; /*!< Current size of the object content in bytes */
- uint32_t max_size; /*!< Maximum size of the object content in bytes */
- psa_storage_create_flags_t create_flags; /*!< Object creation flags */
-};
-
-/*!
- * \struct sst_obj_header_t
- *
- * \brief Metadata attached as a header to object data before storage.
- */
-struct sst_obj_header_t {
-#ifdef SST_ENCRYPTION
- union sst_crypto_t crypto; /*!< Crypto metadata */
-#else
- uint32_t version; /*!< Object version */
- uint32_t fid; /*!< File ID */
-#endif
- struct sst_object_info_t info; /*!< Object information */
-};
-
-
-#define SST_MAX_OBJECT_DATA_SIZE SST_MAX_ASSET_SIZE
-
-/*!
- * \struct sst_object_t
- *
- * \brief The object to be written to the file system below. Made up of the
- * object header and the object data.
- */
-struct sst_object_t {
- struct sst_obj_header_t header; /*!< Object header */
- uint8_t data[SST_MAX_OBJECT_DATA_SIZE]; /*!< Object data */
-};
-
-
-#define SST_OBJECT_HEADER_SIZE sizeof(struct sst_obj_header_t)
-#define SST_MAX_OBJECT_SIZE sizeof(struct sst_object_t)
-
-/*!
- * \def SST_MAX_NUM_OBJECTS
- *
- * \brief Specifies the maximum number of objects in the system, which is the
- * number of defined assets, the object table and 2 temporary objects to
- * store the temporary object table and temporary updated object.
- */
-#define SST_MAX_NUM_OBJECTS (SST_NUM_ASSETS + 3)
-
-#endif /* __SST_OBJECT_DEFS_H__ */
diff --git a/secure_fw/partitions/secure_storage/sst_object_system.c b/secure_fw/partitions/secure_storage/sst_object_system.c
deleted file mode 100644
index d3d8460..0000000
--- a/secure_fw/partitions/secure_storage/sst_object_system.c
+++ /dev/null
@@ -1,532 +0,0 @@
-/*
- * Copyright (c) 2017-2020, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#include "sst_object_system.h"
-
-#include <stddef.h>
-
-#include "cmsis_compiler.h"
-#include "psa/internal_trusted_storage.h"
-#include "tfm_memory_utils.h"
-#ifdef SST_ENCRYPTION
-#include "sst_encrypted_object.h"
-#endif
-#include "sst_object_defs.h"
-#include "sst_object_table.h"
-#include "sst_utils.h"
-#include "tfm_sst_req_mngr.h"
-
-#ifndef SST_ENCRYPTION
-/* Gets the size of object written to the object system below */
-#define SST_OBJECT_SIZE(max_size) (SST_OBJECT_HEADER_SIZE + (max_size))
-#define SST_OBJECT_START_POSITION 0
-#endif /* SST_ENCRYPTION */
-
-/* Allocate static variables to process objects */
-static struct sst_object_t g_sst_object;
-static struct sst_obj_table_info_t g_obj_tbl_info;
-
-/**
- * \brief Initialize g_sst_object based on the input parameters and empty data.
- *
- * \param[in] create_flags Object create flags
- * \param[in] size Object size
- * \param[out] obj Object to initialize
- *
- */
-__attribute__ ((always_inline))
-__STATIC_INLINE void sst_init_empty_object(
- psa_storage_create_flags_t create_flags,
- uint32_t size,
- struct sst_object_t *obj)
-{
- /* Set all object data to 0 */
- (void)tfm_memset(obj, SST_DEFAULT_EMPTY_BUFF_VAL, SST_MAX_OBJECT_SIZE);
-
-#ifndef SST_ENCRYPTION
- /* Initialize object version */
- obj->header.version = 0;
-#endif
-
- /* Set object header based on input parameters */
- obj->header.info.max_size = size;
- obj->header.info.create_flags = create_flags;
-}
-
-/**
- * \brief Removes the old object table and object from the file system.
- *
- * \param[in] old_fid Old file ID to remove.
- *
- * \return Returns error code as specified in \ref psa_status_t
- */
-static psa_status_t sst_remove_old_data(uint32_t old_fid)
-{
- psa_status_t err;
-
- /* Delete old object table from the persistent area */
- err = sst_object_table_delete_old_table();
- if (err != PSA_SUCCESS) {
- return err;
- }
-
- /* Delete old file from the persistent area */
- return psa_its_remove(old_fid);
-}
-
-#ifndef SST_ENCRYPTION
-enum read_type_t {
- READ_HEADER_ONLY = 0,
- READ_ALL_OBJECT,
-};
-
-/**
- * \brief Reads and validates an object header based on its object table info
- * stored in g_obj_tbl_info.
- *
- * \param[in] type Read type as specified in \ref read_type_t
- *
- * \return Returns error code as specified in \ref psa_status_t
- */
-static psa_status_t sst_read_object(enum read_type_t type)
-{
- psa_status_t err;
- size_t data_length;
-
- /* Read object header */
- err = psa_its_get(g_obj_tbl_info.fid,
- SST_OBJECT_START_POSITION,
- SST_OBJECT_HEADER_SIZE,
- (void *)&g_sst_object.header,
- &data_length);
- if (err != PSA_SUCCESS) {
- return err;
- }
-
- /* As SST encryption support is not enabled, check file ID and version to
- * detect inconsistency after read the object header from flash.
- */
- if (g_sst_object.header.fid != g_obj_tbl_info.fid ||
- g_sst_object.header.version != g_obj_tbl_info.version) {
- return PSA_ERROR_DATA_CORRUPT;
- }
-
- /* Read object data if any */
- if (type == READ_ALL_OBJECT && g_sst_object.header.info.current_size > 0) {
- err = psa_its_get(g_obj_tbl_info.fid,
- SST_OBJECT_HEADER_SIZE,
- g_sst_object.header.info.current_size,
- (void *)g_sst_object.data,
- &data_length);
- if (err != PSA_SUCCESS) {
- return err;
- }
- }
-
- return PSA_SUCCESS;
-}
-
-/**
- * \brief Writes an object based on its object table info stored in
- * g_obj_tbl_info and the input parameter.
- *
- * \param[in] wrt_size Number of bytes to write
- *
- * \return Returns error code as specified in \ref psa_status_t
- */
-static psa_status_t sst_write_object(uint32_t wrt_size)
-{
- /* Add object identification and increase object version */
- g_sst_object.header.fid = g_obj_tbl_info.fid;
- g_sst_object.header.version++;
-
- /* Save object version to be stored in the object table */
- g_obj_tbl_info.version = g_sst_object.header.version;
-
- return psa_its_set(g_obj_tbl_info.fid, wrt_size,
- (const void *)&g_sst_object,
- PSA_STORAGE_FLAG_NONE);
-}
-
-#endif /* !SST_ENCRYPTION */
-
-psa_status_t sst_system_prepare(void)
-{
- psa_status_t err;
-
- /* Reuse the allocated g_sst_object.data to store a temporary object table
- * data to be validate inside the function.
- * The stored date will be cleaned up when the g_sst_object.data will
- * be used for the first time in the object system.
- */
- err = sst_object_table_init(g_sst_object.data);
-
-#ifdef SST_ENCRYPTION
- g_obj_tbl_info.tag = g_sst_object.header.crypto.ref.tag;
-#endif
-
- return err;
-}
-
-psa_status_t sst_object_read(psa_storage_uid_t uid, int32_t client_id,
- uint32_t offset, uint32_t size,
- size_t *p_data_length)
-{
- psa_status_t err;
-
- /* Retrieve the object information from the object table if the object
- * exists.
- */
- err = sst_object_table_get_obj_tbl_info(uid, client_id, &g_obj_tbl_info);
- if (err != PSA_SUCCESS) {
- return err;
- }
-
- /* Read object */
-#ifdef SST_ENCRYPTION
- err = sst_encrypted_object_read(g_obj_tbl_info.fid, &g_sst_object);
-#else
- /* Read object header */
- err = sst_read_object(READ_ALL_OBJECT);
-#endif
- if (err != PSA_SUCCESS) {
- goto clear_data_and_return;
- }
-
- /* Boundary check the incoming request */
- if (offset > g_sst_object.header.info.current_size) {
- err = PSA_ERROR_INVALID_ARGUMENT;
- goto clear_data_and_return;
- }
-
- size = SST_UTILS_MIN(size,
- g_sst_object.header.info.current_size - offset);
-
- /* Copy the decrypted object data to the output buffer */
- sst_req_mngr_write_asset_data(g_sst_object.data + offset, size);
-
- *p_data_length = size;
-
-clear_data_and_return:
- /* Remove data stored in the object before leaving the function */
- (void)tfm_memset(&g_sst_object, SST_DEFAULT_EMPTY_BUFF_VAL,
- SST_MAX_OBJECT_SIZE);
-
- return err;
-}
-
-psa_status_t sst_object_create(psa_storage_uid_t uid, int32_t client_id,
- psa_storage_create_flags_t create_flags,
- uint32_t size)
-{
- psa_status_t err;
- uint32_t old_fid = SST_INVALID_FID;
- uint32_t fid_am_reserved = 1;
-
-#ifndef SST_ENCRYPTION
- uint32_t wrt_size;
-#endif
-
- /* Boundary check the incoming request */
- if (size > SST_MAX_ASSET_SIZE) {
- return PSA_ERROR_INVALID_ARGUMENT;
- }
-
- /* Retrieve the object information from the object table if the object
- * exists.
- */
- err = sst_object_table_get_obj_tbl_info(uid, client_id, &g_obj_tbl_info);
- if (err == PSA_SUCCESS) {
-#ifdef SST_ENCRYPTION
- /* Read the object */
- err = sst_encrypted_object_read(g_obj_tbl_info.fid, &g_sst_object);
-#else
- /* Read the object header */
- err = sst_read_object(READ_HEADER_ONLY);
-#endif
- if (err != PSA_SUCCESS) {
- goto clear_data_and_return;
- }
-
- /* If the object exists and has the write once flag set, then it cannot
- * be modified.
- */
- if (g_sst_object.header.info.create_flags
- & PSA_STORAGE_FLAG_WRITE_ONCE) {
- err = PSA_ERROR_NOT_PERMITTED;
- goto clear_data_and_return;
- }
-
- /* Update the create flags and max object size */
- g_sst_object.header.info.create_flags = create_flags;
- g_sst_object.header.info.max_size = size;
-
- /* Save old file ID */
- old_fid = g_obj_tbl_info.fid;
- } else if (err == PSA_ERROR_DOES_NOT_EXIST) {
- /* If the object does not exist, then initialize it based on the input
- * arguments and empty content. Requests 2 FIDs to prevent exhaustion.
- */
- fid_am_reserved = 2;
- sst_init_empty_object(create_flags, size, &g_sst_object);
- } else {
- goto clear_data_and_return;
- }
-
- /* Update the object data */
- err = sst_req_mngr_read_asset_data(g_sst_object.data, size);
- if (err != PSA_SUCCESS) {
- goto clear_data_and_return;
- }
-
- /* Update the current object size */
- g_sst_object.header.info.current_size = size;
-
- /* Get new file ID */
- err = sst_object_table_get_free_fid(fid_am_reserved,
- &g_obj_tbl_info.fid);
- if (err != PSA_SUCCESS) {
- goto clear_data_and_return;
- }
-
-#ifdef SST_ENCRYPTION
- err = sst_encrypted_object_write(g_obj_tbl_info.fid, &g_sst_object);
-#else
- wrt_size = SST_OBJECT_SIZE(g_sst_object.header.info.current_size);
-
- /* Write g_sst_object */
- err = sst_write_object(wrt_size);
-#endif
- if (err != PSA_SUCCESS) {
- goto clear_data_and_return;
- }
-
- /* Update the table with the new internal ID and version for the object, and
- * store it in the persistent area.
- */
- err = sst_object_table_set_obj_tbl_info(uid, client_id, &g_obj_tbl_info);
- if (err != PSA_SUCCESS) {
- /* Remove new object as object table is not persistent and propagate
- * object table manipulation error.
- */
- (void)psa_its_remove(g_obj_tbl_info.fid);
-
- goto clear_data_and_return;
- }
-
- if (old_fid == SST_INVALID_FID) {
- /* Delete old object table from the persistent area */
- err = sst_object_table_delete_old_table();
- } else {
- /* Remove old object and delete old object table */
- err = sst_remove_old_data(old_fid);
- }
-
-clear_data_and_return:
- /* Remove data stored in the object before leaving the function */
- (void)tfm_memset(&g_sst_object, SST_DEFAULT_EMPTY_BUFF_VAL,
- SST_MAX_OBJECT_SIZE);
-
- return err;
-}
-
-psa_status_t sst_object_write(psa_storage_uid_t uid, int32_t client_id,
- uint32_t offset, uint32_t size)
-{
- psa_status_t err;
- uint32_t old_fid;
-
-#ifndef SST_ENCRYPTION
- uint32_t wrt_size;
-#endif
-
- /* Retrieve the object information from the object table if the object
- * exists.
- */
- err = sst_object_table_get_obj_tbl_info(uid, client_id, &g_obj_tbl_info);
- if (err != PSA_SUCCESS) {
- return err;
- }
-
- /* Read the object */
-#ifdef SST_ENCRYPTION
- err = sst_encrypted_object_read(g_obj_tbl_info.fid, &g_sst_object);
-#else
- err = sst_read_object(READ_ALL_OBJECT);
-#endif
- if (err != PSA_SUCCESS) {
- goto clear_data_and_return;
- }
-
- /* If the object has the write once flag set, then it cannot be modified. */
- if (g_sst_object.header.info.create_flags & PSA_STORAGE_FLAG_WRITE_ONCE) {
- err = PSA_ERROR_NOT_PERMITTED;
- goto clear_data_and_return;
- }
-
- /* Offset must not be larger than the object's current size to prevent gaps
- * being created in the object data.
- */
- if (offset > g_sst_object.header.info.current_size) {
- err = PSA_ERROR_INVALID_ARGUMENT;
- goto clear_data_and_return;
- }
-
- /* Boundary check the incoming request */
- err = sst_utils_check_contained_in(g_sst_object.header.info.max_size,
- offset, size);
- if (err != PSA_SUCCESS) {
- goto clear_data_and_return;
- }
-
- /* Update the object data */
- err = sst_req_mngr_read_asset_data(g_sst_object.data + offset, size);
- if (err != PSA_SUCCESS) {
- goto clear_data_and_return;
- }
-
- /* Update the current object size if necessary */
- if ((offset + size) > g_sst_object.header.info.current_size) {
- g_sst_object.header.info.current_size = offset + size;
- }
-
- /* Save old file ID */
- old_fid = g_obj_tbl_info.fid;
-
- /* Get new file ID */
- err = sst_object_table_get_free_fid(1, &g_obj_tbl_info.fid);
- if (err != PSA_SUCCESS) {
- goto clear_data_and_return;
- }
-
-#ifdef SST_ENCRYPTION
- err = sst_encrypted_object_write(g_obj_tbl_info.fid, &g_sst_object);
-#else
- wrt_size = SST_OBJECT_SIZE(g_sst_object.header.info.current_size);
-
- /* Write g_sst_object */
- err = sst_write_object(wrt_size);
-#endif
- if (err != PSA_SUCCESS) {
- goto clear_data_and_return;
- }
-
- /* Update the table with the new internal ID and version for the object, and
- * store it in the persistent area.
- */
- err = sst_object_table_set_obj_tbl_info(uid, client_id, &g_obj_tbl_info);
- if (err != PSA_SUCCESS) {
- /* Remove new object as object table is not persistent and propagate
- * object table manipulation error.
- */
- (void)psa_its_remove(g_obj_tbl_info.fid);
-
- goto clear_data_and_return;
- }
-
- /* Remove old object table and object */
- err = sst_remove_old_data(old_fid);
-
-clear_data_and_return:
- /* Remove data stored in the object before leaving the function */
- (void)tfm_memset(&g_sst_object, SST_DEFAULT_EMPTY_BUFF_VAL,
- SST_MAX_OBJECT_SIZE);
-
- return err;
-}
-
-psa_status_t sst_object_get_info(psa_storage_uid_t uid, int32_t client_id,
- struct psa_storage_info_t *info)
-{
- psa_status_t err;
-
- /* Retrieve the object information from the object table if the object
- * exists.
- */
- err = sst_object_table_get_obj_tbl_info(uid, client_id, &g_obj_tbl_info);
- if (err != PSA_SUCCESS) {
- return err;
- }
-
-#ifdef SST_ENCRYPTION
- err = sst_encrypted_object_read(g_obj_tbl_info.fid, &g_sst_object);
-#else
- err = sst_read_object(READ_HEADER_ONLY);
-#endif
- if (err != PSA_SUCCESS) {
- goto clear_data_and_return;
- }
-
- /* Copy SST object info to the PSA PS info struct */
- info->size = g_sst_object.header.info.current_size;
- info->flags = g_sst_object.header.info.create_flags;
-
-clear_data_and_return:
- /* Remove data stored in the object before leaving the function */
- (void)tfm_memset(&g_sst_object, SST_DEFAULT_EMPTY_BUFF_VAL,
- SST_MAX_OBJECT_SIZE);
-
- return err;
-}
-
-psa_status_t sst_object_delete(psa_storage_uid_t uid, int32_t client_id)
-{
- psa_status_t err;
-
- /* Retrieve the object information from the object table if the object
- * exists.
- */
- err = sst_object_table_get_obj_tbl_info(uid, client_id, &g_obj_tbl_info);
- if (err != PSA_SUCCESS) {
- return err;
- }
-
-#ifdef SST_ENCRYPTION
- err = sst_encrypted_object_read(g_obj_tbl_info.fid, &g_sst_object);
-#else
- err = sst_read_object(READ_HEADER_ONLY);
-#endif
- if (err != PSA_SUCCESS) {
- goto clear_data_and_return;
- }
-
- /* Check that the write once flag is not set */
- if (g_sst_object.header.info.create_flags & PSA_STORAGE_FLAG_WRITE_ONCE) {
- err = PSA_ERROR_NOT_PERMITTED;
- goto clear_data_and_return;
- }
-
- /* Delete object from the table and stores the table in the persistent
- * area.
- */
- err = sst_object_table_delete_object(uid, client_id);
- if (err != PSA_SUCCESS) {
- goto clear_data_and_return;
- }
-
- /* Remove old object table and file */
- err = sst_remove_old_data(g_obj_tbl_info.fid);
-
-clear_data_and_return:
- /* Remove data stored in the object before leaving the function */
- (void)tfm_memset(&g_sst_object, SST_DEFAULT_EMPTY_BUFF_VAL,
- SST_MAX_OBJECT_SIZE);
-
- return err;
-}
-
-psa_status_t sst_system_wipe_all(void)
-{
- /* This function may get called as a corrective action
- * if a system level security violation is detected.
- * This could be asynchronous to normal system operation
- * and state of the sst system lock is unknown. Hence
- * this function doesn't block on the lock and directly
- * moves to erasing the flash instead.
- */
- return sst_object_table_create();
-}
diff --git a/secure_fw/partitions/secure_storage/sst_object_table.c b/secure_fw/partitions/secure_storage/sst_object_table.c
deleted file mode 100644
index 2e37a08..0000000
--- a/secure_fw/partitions/secure_storage/sst_object_table.c
+++ /dev/null
@@ -1,1061 +0,0 @@
-/*
- * Copyright (c) 2018-2020, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#include "sst_object_table.h"
-
-#include <stddef.h>
-
-#include "cmsis_compiler.h"
-#include "crypto/sst_crypto_interface.h"
-#include "flash_layout.h"
-#include "nv_counters/sst_nv_counters.h"
-#include "psa/internal_trusted_storage.h"
-#include "tfm_memory_utils.h"
-#include "sst_utils.h"
-#include "tfm_sst_defs.h"
-
-/* FIXME: Duplicated from flash info */
-#define SST_FLASH_DEFAULT_VAL 0xFFU
-
-/*!
- * \def SST_OBJECT_SYSTEM_VERSION
- *
- * \brief Current object system version.
- */
-#define SST_OBJECT_SYSTEM_VERSION 0x01
-
-/*!
- * \struct sst_obj_table_info_t
- *
- * \brief Object table information structure.
- */
-struct sst_obj_table_entry_t {
-#ifdef SST_ENCRYPTION
- uint8_t tag[SST_TAG_LEN_BYTES]; /*!< MAC value of AEAD object */
-#else
- uint32_t version; /*!< File version */
-#endif
- psa_storage_uid_t uid; /*!< Object UID */
- int32_t client_id; /*!< Client ID */
-};
-
-/* Specifies number of entries in the table. The number of entries is the
- * number of assets, defined in asset_defs.h, plus one extra entry to store
- * a new object when the code processes a change in a file.
- */
-#define SST_OBJ_TABLE_ENTRIES (SST_NUM_ASSETS + 1)
-
-/*!
- * \struct sst_obj_table_t
- *
- * \brief Object table structure.
- */
-struct sst_obj_table_t {
-#ifdef SST_ENCRYPTION
- union sst_crypto_t crypto; /*!< Crypto metadata. */
-#endif
-
- uint8_t version; /*!< SST object system version. */
-
-#ifndef SST_ROLLBACK_PROTECTION
- uint8_t swap_count; /*!< Swap counter to distinguish 2 different
- * object tables.
- */
-#endif /* SST_ROLLBACK_PROTECTION */
-
- struct sst_obj_table_entry_t obj_db[SST_OBJ_TABLE_ENTRIES]; /*!< Table's
- * entries
- */
-};
-
-/* Object table indexes */
-#define SST_OBJ_TABLE_IDX_0 0
-#define SST_OBJ_TABLE_IDX_1 1
-
-/* Number of object tables (active and scratch) */
-#define SST_NUM_OBJ_TABLES 2
-
-/*!
- * \def SST_TABLE_FS_ID
- *
- * \brief File ID to be used in order to store the object table in the
- * file system.
- *
- * \param[in] idx Table index to convert into a file ID.
- *
- * \return Returns file ID
- *
- */
-#define SST_TABLE_FS_ID(idx) (idx + 1)
-
-/*!
- * \def SST_OBJECT_FS_ID
- *
- * \brief File ID to be used in order to store an object in the
- * file system.
- *
- * \param[in] idx Object table index to convert into a file ID.
- *
- * \return Returns file ID
- */
-#define SST_OBJECT_FS_ID(idx) ((idx + 1) + \
- SST_TABLE_FS_ID(SST_OBJ_TABLE_IDX_1))
-
-/*!
- * \def SST_OBJECT_FS_ID_TO_IDX
- *
- * \brief Gets object index in the table based on the file ID.
- *
- * \param[in] fid File ID of an object in the object table
- *
- * \return Returns object table index
- */
-#define SST_OBJECT_FS_ID_TO_IDX(fid) ((fid - 1) - \
- SST_TABLE_FS_ID(SST_OBJ_TABLE_IDX_1))
-
-/*!
- * \struct sst_obj_table_ctx_t
- *
- * \brief Object table context structure.
- */
-struct sst_obj_table_ctx_t {
- struct sst_obj_table_t obj_table; /*!< Object tables */
- uint8_t active_table; /*!< Active object table */
- uint8_t scratch_table; /*!< Scratch object table */
-};
-
-/* Object table context */
-static struct sst_obj_table_ctx_t sst_obj_table_ctx;
-
-/* Object table size */
-#define SST_OBJ_TABLE_SIZE sizeof(struct sst_obj_table_t)
-
-/* Object table entry size */
-#define SST_OBJECTS_TABLE_ENTRY_SIZE sizeof(struct sst_obj_table_entry_t)
-
-/* Size of the data that is not required to authenticate */
-#define SST_NON_AUTH_OBJ_TABLE_SIZE sizeof(union sst_crypto_t)
-
-/* Start position to store the object table data in the FS object */
-#define SST_OBJECT_TABLE_OBJECT_OFFSET 0
-
-/* The associated data is the header minus the crypto data */
-#define SST_CRYPTO_ASSOCIATED_DATA(crypto) ((uint8_t *)crypto + \
- SST_NON_AUTH_OBJ_TABLE_SIZE)
-
-#ifdef SST_ROLLBACK_PROTECTION
-#define SST_OBJ_TABLE_AUTH_DATA_SIZE (SST_OBJ_TABLE_SIZE - \
- SST_NON_AUTH_OBJ_TABLE_SIZE)
-
-struct sst_crypto_assoc_data_t {
- uint8_t obj_table_data[SST_OBJ_TABLE_AUTH_DATA_SIZE];
- uint32_t nv_counter;
-};
-
-#define SST_CRYPTO_ASSOCIATED_DATA_LEN sizeof(struct sst_crypto_assoc_data_t)
-
-#else
-
-/* The associated data is the header, minus the the tag data */
-#define SST_CRYPTO_ASSOCIATED_DATA_LEN (SST_OBJ_TABLE_SIZE - \
- SST_NON_AUTH_OBJ_TABLE_SIZE)
-#endif /* SST_ROLLBACK_PROTECTION */
-
-/* The sst_object_table_init function uses the static memory allocated for
- * the object data manipulation, in sst_object_table.c (g_sst_object), to load a
- * temporary object table to be validated at that stage.
- * To make sure the object table data fits in the static memory allocated for
- * object manipulation, the following macro checks if the memory allocated is
- * big enough, at compile time
- */
-
-/* Check at compilation time if metadata fits in g_sst_object.data */
-SST_UTILS_BOUND_CHECK(OBJ_TABLE_NOT_FIT_IN_STATIC_OBJ_DATA_BUF,
- SST_OBJ_TABLE_SIZE, SST_MAX_ASSET_SIZE);
-
-enum sst_obj_table_state {
- SST_OBJ_TABLE_VALID = 0, /*!< Table content is valid */
- SST_OBJ_TABLE_INVALID, /*!< Table content is invalid */
- SST_OBJ_TABLE_NVC_1_VALID, /*!< Table content valid with NVC 1 value */
- SST_OBJ_TABLE_NVC_3_VALID, /*!< Table content valid with NVC 3 value */
-};
-
-/* Specifies that SST NV counter value is invalid */
-#define SST_INVALID_NVC_VALUE 0
-
-/*!
- * \struct sst_obj_table_ctx_t
- *
- * \brief Object table init context structure.
- */
-struct sst_obj_table_init_ctx_t {
- struct sst_obj_table_t *p_table[SST_NUM_OBJ_TABLES]; /*!< Pointers to
- * object tables
- */
- enum sst_obj_table_state table_state[SST_NUM_OBJ_TABLES]; /*!< Array to
- * indicate if
- * the object
- * table X is
- * valid
- */
-#ifdef SST_ROLLBACK_PROTECTION
- uint32_t nvc_1; /*!< Non-volatile counter value 1 */
- uint32_t nvc_3; /*!< Non-volatile counter value 3 */
-#endif /* SST_ROLLBACK_PROTECTION */
-};
-
-/**
- * \brief Reads object table from persistent memory.
- *
- * \param[out] init_ctx Pointer to the init object table context
- *
- */
-__attribute__ ((always_inline))
-__STATIC_INLINE void sst_object_table_fs_read_table(
- struct sst_obj_table_init_ctx_t *init_ctx)
-{
- psa_status_t err;
- size_t data_length;
-
- /* Read file with the table 0 data */
-
- err = psa_its_get(SST_TABLE_FS_ID(SST_OBJ_TABLE_IDX_0),
- SST_OBJECT_TABLE_OBJECT_OFFSET,
- SST_OBJ_TABLE_SIZE,
- (void *)init_ctx->p_table[SST_OBJ_TABLE_IDX_0],
- &data_length);
- if (err != PSA_SUCCESS) {
- init_ctx->table_state[SST_OBJ_TABLE_IDX_0] = SST_OBJ_TABLE_INVALID;
- }
-
- /* Read file with the table 1 data */
- err = psa_its_get(SST_TABLE_FS_ID(SST_OBJ_TABLE_IDX_1),
- SST_OBJECT_TABLE_OBJECT_OFFSET,
- SST_OBJ_TABLE_SIZE,
- (void *)init_ctx->p_table[SST_OBJ_TABLE_IDX_1],
- &data_length);
- if (err != PSA_SUCCESS) {
- init_ctx->table_state[SST_OBJ_TABLE_IDX_1] = SST_OBJ_TABLE_INVALID;
- }
-}
-
-/**
- * \brief Writes object table in persistent memory.
- *
- * \param[in,out] obj_table Pointer to the object table to generate
- * authentication
- *
- * \return Returns error code as specified in \ref psa_status_t
- */
-__attribute__ ((always_inline))
-__STATIC_INLINE psa_status_t sst_object_table_fs_write_table(
- struct sst_obj_table_t *obj_table)
-{
- psa_status_t err;
- uint32_t obj_table_id = SST_TABLE_FS_ID(sst_obj_table_ctx.scratch_table);
- uint8_t swap_table_idxs = sst_obj_table_ctx.scratch_table;
-
- /* Create file to store object table in the FS */
- err = psa_its_set(obj_table_id,
- SST_OBJ_TABLE_SIZE,
- (const void *)obj_table,
- PSA_STORAGE_FLAG_NONE);
-
- if (err != PSA_SUCCESS) {
- return err;
- }
-
- /* Swap active and scratch table values */
- sst_obj_table_ctx.scratch_table = sst_obj_table_ctx.active_table;
- sst_obj_table_ctx.active_table = swap_table_idxs;
-
- return PSA_SUCCESS;
-}
-
-#ifdef SST_ENCRYPTION
-#ifdef SST_ROLLBACK_PROTECTION
-/**
- * \brief Aligns all SST non-volatile counters.
- *
- * \param[in] nvc_1 Value of SST non-volatile counter 1
- *
- * \return Returns error code as specified in \ref psa_status_t
- */
-static psa_status_t sst_object_table_align_nv_counters(uint32_t nvc_1)
-{
- psa_status_t err;
- uint32_t nvc_x_val = 0;
-
- /* Align SST NVC 2 with NVC 1 */
- err = sst_read_nv_counter(TFM_SST_NV_COUNTER_2, &nvc_x_val);
- if (err != PSA_SUCCESS) {
- return PSA_ERROR_GENERIC_ERROR;
- }
-
- for (; nvc_x_val < nvc_1; nvc_x_val++) {
- err = sst_increment_nv_counter(TFM_SST_NV_COUNTER_2);
- if (err != PSA_SUCCESS) {
- return err;
- }
- }
-
- /* Align SST NVC 3 with NVC 1 */
- err = sst_read_nv_counter(TFM_SST_NV_COUNTER_3, &nvc_x_val);
- if (err != PSA_SUCCESS) {
- return PSA_ERROR_GENERIC_ERROR;
- }
-
- for (; nvc_x_val < nvc_1; nvc_x_val++) {
- err = sst_increment_nv_counter(TFM_SST_NV_COUNTER_3);
- if (err != PSA_SUCCESS) {
- return err;
- }
- }
-
- return PSA_SUCCESS;
-}
-
-/**
- * \brief Generates table authentication tag.
- *
- * \param[in] nvc_1 Value of SST non-volatile counter 1
- * \param[in,out] obj_table Pointer to the object table to generate
- * authentication
- *
- * \return Returns error code as specified in \ref psa_status_t
- */
-__attribute__ ((always_inline))
-__STATIC_INLINE psa_status_t sst_object_table_nvc_generate_auth_tag(
- uint32_t nvc_1,
- struct sst_obj_table_t *obj_table)
-{
- struct sst_crypto_assoc_data_t assoc_data;
- union sst_crypto_t *crypto = &obj_table->crypto;
-
- /* Get new IV */
- sst_crypto_get_iv(crypto);
-
- assoc_data.nv_counter = nvc_1;
- (void)tfm_memcpy(assoc_data.obj_table_data,
- SST_CRYPTO_ASSOCIATED_DATA(crypto),
- SST_OBJ_TABLE_AUTH_DATA_SIZE);
-
- return sst_crypto_generate_auth_tag(crypto, (const uint8_t *)&assoc_data,
- SST_CRYPTO_ASSOCIATED_DATA_LEN);
-}
-
-/**
- * \brief Authenticates table of objects.
- *
- * \param[in] table_idx Table index in the init context
- * \param[in,out] init_ctx Pointer to the object table to authenticate
- *
- */
-static void sst_object_table_authenticate(uint8_t table_idx,
- struct sst_obj_table_init_ctx_t *init_ctx)
-{
- struct sst_crypto_assoc_data_t assoc_data;
- union sst_crypto_t *crypto = &init_ctx->p_table[table_idx]->crypto;
- psa_status_t err;
-
- /* Init associated data with NVC 1 */
- assoc_data.nv_counter = init_ctx->nvc_1;
- (void)tfm_memcpy(assoc_data.obj_table_data,
- SST_CRYPTO_ASSOCIATED_DATA(crypto),
- SST_OBJ_TABLE_AUTH_DATA_SIZE);
-
- err = sst_crypto_authenticate(crypto, (const uint8_t *)&assoc_data,
- SST_CRYPTO_ASSOCIATED_DATA_LEN);
- if (err == PSA_SUCCESS) {
- init_ctx->table_state[table_idx] = SST_OBJ_TABLE_NVC_1_VALID;
- return;
- }
-
- if (init_ctx->nvc_3 == SST_INVALID_NVC_VALUE) {
- init_ctx->table_state[table_idx] = SST_OBJ_TABLE_INVALID;
- return;
- }
-
- /* Check with NVC 3 */
- assoc_data.nv_counter = init_ctx->nvc_3;
-
- err = sst_crypto_authenticate(crypto, (const uint8_t *)&assoc_data,
- SST_CRYPTO_ASSOCIATED_DATA_LEN);
- if (err != PSA_SUCCESS) {
- init_ctx->table_state[table_idx] = SST_OBJ_TABLE_INVALID;
- } else {
- init_ctx->table_state[table_idx] = SST_OBJ_TABLE_NVC_3_VALID;
- }
-}
-
-/**
- * \brief Authenticates tables of objects.
- *
- * \param[in,out] init_ctx Pointer to the object table to authenticate
- *
- * \return Returns error code as specified in \ref psa_status_t
- */
-__attribute__ ((always_inline))
-__STATIC_INLINE psa_status_t sst_object_table_nvc_authenticate(
- struct sst_obj_table_init_ctx_t *init_ctx)
-{
- psa_status_t err;
- uint32_t nvc_2;
-
- err = sst_read_nv_counter(TFM_SST_NV_COUNTER_1, &init_ctx->nvc_1);
- if (err != PSA_SUCCESS) {
- return err;
- }
-
- err = sst_read_nv_counter(TFM_SST_NV_COUNTER_2, &nvc_2);
- if (err != PSA_SUCCESS) {
- return err;
- }
-
- err = sst_read_nv_counter(TFM_SST_NV_COUNTER_3, &init_ctx->nvc_3);
- if (err != PSA_SUCCESS) {
- return err;
- }
-
- /* Check if NVC 3 value can be used to validate an object table */
- if (init_ctx->nvc_3 != nvc_2) {
- /* If NVC 3 is different from NVC 2, it is possible to load an old SST
- * area image in the system by manipulating the FS to return a system
- * error from the file system layer and triggering power fault before
- * increasing the NVC 3. So, in that case, NVC 3 value cannot be used to
- * validate an old object table at the init process.
- */
- init_ctx->nvc_3 = SST_INVALID_NVC_VALUE;
- }
-
- /* Authenticate table 0 if data is valid */
- if (init_ctx->table_state[SST_OBJ_TABLE_IDX_0] != SST_OBJ_TABLE_INVALID) {
- sst_object_table_authenticate(SST_OBJ_TABLE_IDX_0, init_ctx);
- }
-
- /* Authenticate table 1 if data is valid */
- if (init_ctx->table_state[SST_OBJ_TABLE_IDX_1] != SST_OBJ_TABLE_INVALID) {
- sst_object_table_authenticate(SST_OBJ_TABLE_IDX_1, init_ctx);
- }
-
- return PSA_SUCCESS;
-}
-#else /* SST_ROLLBACK_PROTECTION */
-
-/**
- * \brief Generates table authentication
- *
- * \param[in,out] obj_table Pointer to the object table to generate
- * authentication
- *
- * \return Returns error code as specified in \ref psa_status_t
- */
-__attribute__ ((always_inline))
-__STATIC_INLINE psa_status_t sst_object_table_generate_auth_tag(
- struct sst_obj_table_t *obj_table)
-{
- union sst_crypto_t *crypto = &obj_table->crypto;
-
- /* Get new IV */
- sst_crypto_get_iv(crypto);
-
- return sst_crypto_generate_auth_tag(crypto,
- SST_CRYPTO_ASSOCIATED_DATA(crypto),
- SST_CRYPTO_ASSOCIATED_DATA_LEN);
-}
-
-/**
- * \brief Authenticates tables of objects.
- *
- * \param[in,out] init_ctx Pointer to the object table to authenticate
- *
- */
-__attribute__ ((always_inline))
-__STATIC_INLINE void sst_object_table_authenticate_ctx_tables(
- struct sst_obj_table_init_ctx_t *init_ctx)
-{
- psa_status_t err;
- union sst_crypto_t *crypto =
- &init_ctx->p_table[SST_OBJ_TABLE_IDX_0]->crypto;
-
- /* Authenticate table 0 if data is valid */
- if (init_ctx->table_state[SST_OBJ_TABLE_IDX_0] != SST_OBJ_TABLE_INVALID) {
- err = sst_crypto_authenticate(crypto,
- SST_CRYPTO_ASSOCIATED_DATA(crypto),
- SST_CRYPTO_ASSOCIATED_DATA_LEN);
- if (err != PSA_SUCCESS) {
- init_ctx->table_state[SST_OBJ_TABLE_IDX_0] = SST_OBJ_TABLE_INVALID;
- }
- }
-
- /* Authenticate table 1 if data is valid */
- if (init_ctx->table_state[SST_OBJ_TABLE_IDX_1] != SST_OBJ_TABLE_INVALID) {
- crypto = &init_ctx->p_table[SST_OBJ_TABLE_IDX_1]->crypto;
-
- err = sst_crypto_authenticate(crypto,
- SST_CRYPTO_ASSOCIATED_DATA(crypto),
- SST_CRYPTO_ASSOCIATED_DATA_LEN);
- if (err != PSA_SUCCESS) {
- init_ctx->table_state[SST_OBJ_TABLE_IDX_1] = SST_OBJ_TABLE_INVALID;
- }
- }
-}
-#endif /* SST_ROLLBACK_PROTECTION */
-#endif /* SST_ENCRYPTION */
-
-/**
- * \brief Saves object table in the persistent memory.
- *
- * \param[in,out] obj_table Pointer to the object table to save
- *
- * \return Returns error code as specified in \ref psa_status_t
- */
-static psa_status_t sst_object_table_save_table(
- struct sst_obj_table_t *obj_table)
-{
- psa_status_t err;
-
-#ifdef SST_ROLLBACK_PROTECTION
- uint32_t nvc_1 = 0;
-
- err = sst_increment_nv_counter(TFM_SST_NV_COUNTER_1);
- if (err != PSA_SUCCESS) {
- return err;
- }
-
- err = sst_read_nv_counter(TFM_SST_NV_COUNTER_1, &nvc_1);
- if (err != PSA_SUCCESS) {
- return err;
- }
-#else
- obj_table->swap_count++;
-
- if (obj_table->swap_count == SST_FLASH_DEFAULT_VAL) {
- /* When a flash block is erased, the default value is usually 0xFF
- * (i.e. all 1s). Since the swap count is updated last (when encryption
- * is disabled), it is possible that due to a power failure, the swap
- * count value in metadata header is 0xFFFF..., which mean it will
- * appear to be most recent block.
- */
- obj_table->swap_count = 0;
- }
-#endif /* SST_ROLLBACK_PROTECTION */
-
-#ifdef SST_ENCRYPTION
- /* Set object table key */
- err = sst_crypto_setkey();
- if (err != PSA_SUCCESS) {
- return err;
- }
-
-#ifdef SST_ROLLBACK_PROTECTION
- /* Generate authentication tag from the current table content and SST
- * NV counter 1.
- */
- err = sst_object_table_nvc_generate_auth_tag(nvc_1, obj_table);
-#else
- /* Generate authentication tag from the current table content */
- err = sst_object_table_generate_auth_tag(obj_table);
-#endif /* SST_ROLLBACK_PROTECTION */
-
- if (err != PSA_SUCCESS) {
- (void)sst_crypto_destroykey();
- return err;
- }
-
- err = sst_crypto_destroykey();
- if (err != PSA_SUCCESS) {
- return err;
- }
-#endif /* SST_ENCRYPTION */
-
- err = sst_object_table_fs_write_table(obj_table);
-
-#ifdef SST_ROLLBACK_PROTECTION
- if (err != PSA_SUCCESS) {
- return err;
- }
-
- /* Align SST NV counters to have the same value */
- err = sst_object_table_align_nv_counters(nvc_1);
-#endif /* SST_ROLLBACK_PROTECTION */
-
- return err;
-}
-
-/**
- * \brief Checks the validity of the table version.
- *
- * \param[in,out] init_ctx Pointer to the init object table context
- *
- */
-__attribute__ ((always_inline))
-__STATIC_INLINE void sst_object_table_validate_version(
- struct sst_obj_table_init_ctx_t *init_ctx)
-{
- /* Looks for exact version number.
- * FIXME: backward compatibility could be considered in future revisions.
- */
- if (SST_OBJECT_SYSTEM_VERSION !=
- init_ctx->p_table[SST_OBJ_TABLE_IDX_0]->version) {
- init_ctx->table_state[SST_OBJ_TABLE_IDX_0] = SST_OBJ_TABLE_INVALID;
- }
-
- if (SST_OBJECT_SYSTEM_VERSION !=
- init_ctx->p_table[SST_OBJ_TABLE_IDX_1]->version) {
- init_ctx->table_state[SST_OBJ_TABLE_IDX_1] = SST_OBJ_TABLE_INVALID;
- }
-}
-
-/**
- * \brief Sets the active object table based on the swap count and validity of
- * the object table data.
- *
- * \param[in] init_ctx Pointer to the init object table context
- *
- * \return Returns error code as specified in \ref psa_status_t
- */
-static psa_status_t sst_set_active_object_table(
- const struct sst_obj_table_init_ctx_t *init_ctx)
-{
-#ifndef SST_ROLLBACK_PROTECTION
- uint8_t table0_swap_count =
- init_ctx->p_table[SST_OBJ_TABLE_IDX_0]->swap_count;
- uint8_t table1_swap_count =
- init_ctx->p_table[SST_OBJ_TABLE_IDX_1]->swap_count;
-#endif
-
- /* Check if there is an invalid object table */
- if ((init_ctx->table_state[SST_OBJ_TABLE_IDX_0] == SST_OBJ_TABLE_INVALID)
- && (init_ctx->table_state[SST_OBJ_TABLE_IDX_1] ==
- SST_OBJ_TABLE_INVALID)) {
- /* Both tables are invalid */
- return PSA_ERROR_GENERIC_ERROR;
- } else if (init_ctx->table_state[SST_OBJ_TABLE_IDX_0] ==
- SST_OBJ_TABLE_INVALID) {
- /* Table 0 is invalid, the active one is table 1 */
- sst_obj_table_ctx.active_table = SST_OBJ_TABLE_IDX_1;
- sst_obj_table_ctx.scratch_table = SST_OBJ_TABLE_IDX_0;
-
- /* As table 1 is the active object, load the content into the
- * SST object table context.
- */
- (void)tfm_memcpy(&sst_obj_table_ctx.obj_table,
- init_ctx->p_table[SST_OBJ_TABLE_IDX_1],
- SST_OBJ_TABLE_SIZE);
-
- return PSA_SUCCESS;
- } else if (init_ctx->table_state[SST_OBJ_TABLE_IDX_1] ==
- SST_OBJ_TABLE_INVALID) {
- /* Table 1 is invalid, the active one is table 0 */
- sst_obj_table_ctx.active_table = SST_OBJ_TABLE_IDX_0;
- sst_obj_table_ctx.scratch_table = SST_OBJ_TABLE_IDX_1;
-
- /* As table 0 is already in the SST object table context, it is not
- * needed to copy the table in the context.
- */
-
- return PSA_SUCCESS;
- }
-
-#ifdef SST_ROLLBACK_PROTECTION
- if (init_ctx->table_state[SST_OBJ_TABLE_IDX_1] ==
- SST_OBJ_TABLE_NVC_1_VALID) {
- /* Table 0 is invalid, the active one is table 1 */
- sst_obj_table_ctx.active_table = SST_OBJ_TABLE_IDX_1;
- sst_obj_table_ctx.scratch_table = SST_OBJ_TABLE_IDX_0;
- } else {
- /* In case both tables are valid or table 0 is valid, table 0 is the
- * valid on as it is already in the SST object table context.
- */
- sst_obj_table_ctx.active_table = SST_OBJ_TABLE_IDX_0;
- sst_obj_table_ctx.scratch_table = SST_OBJ_TABLE_IDX_1;
- }
-#else
- /* Logic: if the swap count is 0, then it has rolled over. The object table
- * with a swap count of 0 is the latest one, unless the other block has a
- * swap count of 1, in which case the roll over occurred in the previous
- * update. In all other cases, the table with the highest swap count is the
- * latest one.
- */
- if ((table1_swap_count == 0) && (table0_swap_count != 1)) {
- /* Table 1 swap count has rolled over and table 0 swap count has not,
- * so table 1 is the latest.
- */
- sst_obj_table_ctx.active_table = SST_OBJ_TABLE_IDX_1;
- sst_obj_table_ctx.scratch_table = SST_OBJ_TABLE_IDX_0;
-
- } else if ((table0_swap_count == 0) && (table1_swap_count != 1)) {
- /* Table 0 swap count has rolled over and table 1 swap count has not,
- * so table 0 is the latest.
- */
- sst_obj_table_ctx.active_table = SST_OBJ_TABLE_IDX_0;
- sst_obj_table_ctx.scratch_table = SST_OBJ_TABLE_IDX_1;
-
- } else if (table1_swap_count > table0_swap_count) {
- /* Neither swap count has just rolled over and table 1 has a
- * higher swap count, so table 1 is the latest.
- */
- sst_obj_table_ctx.active_table = SST_OBJ_TABLE_IDX_1;
- sst_obj_table_ctx.scratch_table = SST_OBJ_TABLE_IDX_0;
-
- } else {
- /* Neither swap count has just rolled over and table 0 has a
- * higher or equal swap count, so table 0 is the latest.
- */
- sst_obj_table_ctx.active_table = SST_OBJ_TABLE_IDX_0;
- sst_obj_table_ctx.scratch_table = SST_OBJ_TABLE_IDX_1;
- }
-#endif /* SST_ROLLBACK_PROTECTION */
-
- /* If active object table is table 1, then copy the content into the
- * SST object table context.
- */
- if (sst_obj_table_ctx.active_table == SST_OBJ_TABLE_IDX_1) {
- (void)tfm_memcpy(&sst_obj_table_ctx.obj_table,
- init_ctx->p_table[SST_OBJ_TABLE_IDX_1],
- SST_OBJ_TABLE_SIZE);
- }
-
- return PSA_SUCCESS;
-}
-
-/**
- * \brief Gets table's entry index based on the given object UID and client ID.
- *
- * \param[in] uid Object UID
- * \param[in] client_id Client UID
- * \param[out] idx Pointer to store the entry's index
- *
- * \return Returns PSA_SUCCESS and index of the table, if object exists
- * in the table. Otherwise, it returns PSA_ERROR_DOES_NOT_EXIST.
- */
-static psa_status_t sst_get_object_entry_idx(psa_storage_uid_t uid,
- int32_t client_id,
- uint32_t *idx)
-{
- uint32_t i;
- struct sst_obj_table_t *p_table = &sst_obj_table_ctx.obj_table;
-
- for (i = 0; i < SST_OBJ_TABLE_ENTRIES; i++) {
- if (p_table->obj_db[i].uid == uid
- && p_table->obj_db[i].client_id == client_id) {
- *idx = i;
- return PSA_SUCCESS;
- }
- }
-
- return PSA_ERROR_DOES_NOT_EXIST;
-}
-
-/**
- * \brief Gets free index in the table
- *
- * \param[in] idx_num The number of indices required to be free before one can
- * be allocated. Primarily used to prevent index
- * exhaustion.Note that this function will only ever return
- * 1 index.
- * \param[out] idx Pointer to store the free index
- *
- * \note The table is dimensioned to fit SST_NUM_ASSETS + 1
- *
- * \return Returns PSA_SUCCESS and a table index if idx_num free indices are
- * available. Otherwise, it returns PSA_ERROR_INSUFFICIENT_STORAGE.
- */
-__attribute__ ((always_inline))
-__STATIC_INLINE psa_status_t sst_table_free_idx(uint32_t idx_num,
- uint32_t *idx)
-{
- uint32_t i;
- uint32_t last_free = 0;
- struct sst_obj_table_t *p_table = &sst_obj_table_ctx.obj_table;
-
- if (idx_num == 0) {
- return PSA_ERROR_INVALID_ARGUMENT;
- }
-
- for (i = 0; i < SST_OBJ_TABLE_ENTRIES && idx_num > 0; i++) {
- if (p_table->obj_db[i].uid == TFM_SST_INVALID_UID) {
- last_free = i;
- idx_num--;
- }
- }
-
- if (idx_num != 0) {
- return PSA_ERROR_INSUFFICIENT_STORAGE;
- } else {
- *idx = last_free;
- return PSA_SUCCESS;
- }
-}
-
-/**
- * \brief Deletes an entry from the table
- *
- * \param[in] idx Entry index to delete
- *
- */
-static void sst_table_delete_entry(uint32_t idx)
-{
- /* Initialise object table entry structure */
- (void)tfm_memset(&sst_obj_table_ctx.obj_table.obj_db[idx],
- SST_DEFAULT_EMPTY_BUFF_VAL, SST_OBJECTS_TABLE_ENTRY_SIZE);
-}
-
-psa_status_t sst_object_table_create(void)
-{
- struct sst_obj_table_t *p_table = &sst_obj_table_ctx.obj_table;
-
- /* Initialize object structure */
- (void)tfm_memset(&sst_obj_table_ctx, SST_DEFAULT_EMPTY_BUFF_VAL,
- sizeof(struct sst_obj_table_ctx_t));
-
- /* Invert the other in the context as sst_object_table_save_table will
- * use the scratch index to create and store the current table.
- */
- sst_obj_table_ctx.active_table = SST_OBJ_TABLE_IDX_1;
- sst_obj_table_ctx.scratch_table = SST_OBJ_TABLE_IDX_0;
-
- p_table->version = SST_OBJECT_SYSTEM_VERSION;
-
- /* Save object table contents */
- return sst_object_table_save_table(p_table);
-}
-
-psa_status_t sst_object_table_init(uint8_t *obj_data)
-{
- psa_status_t err;
- struct sst_obj_table_init_ctx_t init_ctx = {
- .p_table = {&sst_obj_table_ctx.obj_table, NULL},
- .table_state = {SST_OBJ_TABLE_VALID, SST_OBJ_TABLE_VALID},
-#ifdef SST_ROLLBACK_PROTECTION
- .nvc_1 = 0U,
- .nvc_3 = 0U,
-#endif /* SST_ROLLBACK_PROTECTION */
- };
-
- init_ctx.p_table[SST_OBJ_TABLE_IDX_1] = (struct sst_obj_table_t *)obj_data;
-
- /* Read table from the file system */
- sst_object_table_fs_read_table(&init_ctx);
-
-#ifdef SST_ENCRYPTION
- /* Set object table key */
- err = sst_crypto_setkey();
- if (err != PSA_SUCCESS) {
- return err;
- }
-
-#ifdef SST_ROLLBACK_PROTECTION
- /* Authenticate table */
- err = sst_object_table_nvc_authenticate(&init_ctx);
- if (err != PSA_SUCCESS) {
- (void)sst_crypto_destroykey();
- return err;
- }
-#else
- sst_object_table_authenticate_ctx_tables(&init_ctx);
-#endif /* SST_ROLLBACK_PROTECTION */
-
- err = sst_crypto_destroykey();
- if (err != PSA_SUCCESS) {
- return err;
- }
-#endif /* SST_ENCRYPTION */
-
- /* Check tables version */
- sst_object_table_validate_version(&init_ctx);
-
- /* Set active tables */
- err = sst_set_active_object_table(&init_ctx);
- if (err != PSA_SUCCESS) {
- return err;
- }
-
- /* Remove the old object table file */
- err = psa_its_remove(SST_TABLE_FS_ID(sst_obj_table_ctx.scratch_table));
- if (err != PSA_SUCCESS && err != PSA_ERROR_DOES_NOT_EXIST) {
- return err;
- }
-
-#ifdef SST_ROLLBACK_PROTECTION
- /* Align SST NV counters */
- err = sst_object_table_align_nv_counters(init_ctx.nvc_1);
- if (err != PSA_SUCCESS) {
- return err;
- }
-#endif /* SST_ROLLBACK_PROTECTION */
-
-#ifdef SST_ENCRYPTION
- sst_crypto_set_iv(&sst_obj_table_ctx.obj_table.crypto);
-#endif
-
- return PSA_SUCCESS;
-}
-
-psa_status_t sst_object_table_obj_exist(psa_storage_uid_t uid,
- int32_t client_id)
-{
- uint32_t idx = 0;
-
- return sst_get_object_entry_idx(uid, client_id, &idx);
-}
-
-psa_status_t sst_object_table_get_free_fid(uint32_t fid_num,
- uint32_t *p_fid)
-{
- psa_status_t err;
- uint32_t fid;
- uint32_t idx;
-
- err = sst_table_free_idx(fid_num, &idx);
- if (err != PSA_SUCCESS) {
- return err;
- }
-
- /* There first two file IDs are reserved for the active table
- * and scratch table files.
- */
- fid = SST_OBJECT_FS_ID(idx);
-
- /* If there is a file in the persistent area with that ID then remove it.
- * That can happen when the system is rebooted (e.g. power cut, ...) in the
- * middle of a create, write or delete operation.
- */
- err = psa_its_remove(fid);
- if (err != PSA_SUCCESS && err != PSA_ERROR_DOES_NOT_EXIST) {
- return err;
- }
-
- *p_fid = fid;
-
- return PSA_SUCCESS;
-}
-
-psa_status_t sst_object_table_set_obj_tbl_info(psa_storage_uid_t uid,
- int32_t client_id,
- const struct sst_obj_table_info_t *obj_tbl_info)
-{
- psa_status_t err;
- uint32_t idx = 0;
- uint32_t backup_idx = 0;
- struct sst_obj_table_entry_t backup_entry = {
-#ifdef SST_ENCRYPTION
- .tag = {0U},
-#else
- .version = 0U,
-#endif /* SST_ENCRYPTION */
- .uid = TFM_SST_INVALID_UID,
- .client_id = 0,
- };
- struct sst_obj_table_t *p_table = &sst_obj_table_ctx.obj_table;
-
- err = sst_get_object_entry_idx(uid, client_id, &backup_idx);
- if (err == PSA_SUCCESS) {
- /* If an entry exists for this UID, it creates a backup copy in case
- * an error happens while updating the new table in the filesystem.
- */
- (void)tfm_memcpy(&backup_entry, &p_table->obj_db[backup_idx],
- SST_OBJECTS_TABLE_ENTRY_SIZE);
-
- /* Deletes old object information if it exist in the table */
- sst_table_delete_entry(backup_idx);
- }
-
- idx = SST_OBJECT_FS_ID_TO_IDX(obj_tbl_info->fid);
- p_table->obj_db[idx].uid = uid;
- p_table->obj_db[idx].client_id = client_id;
-
- /* Add new object information */
-#ifdef SST_ENCRYPTION
- (void)tfm_memcpy(p_table->obj_db[idx].tag, obj_tbl_info->tag,
- SST_TAG_LEN_BYTES);
-#else
- p_table->obj_db[idx].version = obj_tbl_info->version;
-#endif
-
- err = sst_object_table_save_table(p_table);
- if (err != PSA_SUCCESS) {
- if (backup_entry.uid != TFM_SST_INVALID_UID) {
- /* Rollback the change in the table */
- (void)tfm_memcpy(&p_table->obj_db[backup_idx], &backup_entry,
- SST_OBJECTS_TABLE_ENTRY_SIZE);
- }
-
- sst_table_delete_entry(idx);
- }
-
- return err;
-}
-
-psa_status_t sst_object_table_get_obj_tbl_info(psa_storage_uid_t uid,
- int32_t client_id,
- struct sst_obj_table_info_t *obj_tbl_info)
-{
- psa_status_t err;
- uint32_t idx;
- struct sst_obj_table_t *p_table = &sst_obj_table_ctx.obj_table;
-
- err = sst_get_object_entry_idx(uid, client_id, &idx);
- if (err != PSA_SUCCESS) {
- return err;
- }
-
- obj_tbl_info->fid = SST_OBJECT_FS_ID(idx);
-
-#ifdef SST_ENCRYPTION
- (void)tfm_memcpy(obj_tbl_info->tag, p_table->obj_db[idx].tag,
- SST_TAG_LEN_BYTES);
-#else
- obj_tbl_info->version = p_table->obj_db[idx].version;
-#endif
-
- return PSA_SUCCESS;
-}
-
-psa_status_t sst_object_table_delete_object(psa_storage_uid_t uid,
- int32_t client_id)
-{
- uint32_t backup_idx = 0;
- struct sst_obj_table_entry_t backup_entry;
- psa_status_t err;
- struct sst_obj_table_t *p_table = &sst_obj_table_ctx.obj_table;
-
- /* Create a backup copy in case an error happens while updating the new
- * table in the filesystem.
- */
- err = sst_get_object_entry_idx(uid, client_id, &backup_idx);
- if (err != PSA_SUCCESS) {
- /* If the object is not present in the table, it returns an error
- * to not generate a new file where the table content is the same.
- * Otherwise, that could be used by an attacker to get the encryption
- * key.
- */
- return err;
- }
-
- (void)tfm_memcpy(&backup_entry, &p_table->obj_db[backup_idx],
- SST_OBJECTS_TABLE_ENTRY_SIZE);
-
- sst_table_delete_entry(backup_idx);
-
- err = sst_object_table_save_table(p_table);
- if (err != PSA_SUCCESS) {
- /* Rollback the change in the table */
- (void)tfm_memcpy(&p_table->obj_db[backup_idx], &backup_entry,
- SST_OBJECTS_TABLE_ENTRY_SIZE);
- }
-
- return err;
-}
-
-psa_status_t sst_object_table_delete_old_table(void)
-{
- uint32_t table_id = SST_TABLE_FS_ID(sst_obj_table_ctx.scratch_table);
-
- return psa_its_remove(table_id);
-}
diff --git a/secure_fw/partitions/secure_storage/tfm_protected_storage.c b/secure_fw/partitions/secure_storage/tfm_protected_storage.c
deleted file mode 100644
index 674d81a..0000000
--- a/secure_fw/partitions/secure_storage/tfm_protected_storage.c
+++ /dev/null
@@ -1,128 +0,0 @@
-/*
- * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#include "tfm_protected_storage.h"
-#include "sst_object_system.h"
-#include "tfm_sst_defs.h"
-
-psa_status_t tfm_sst_init(void)
-{
- psa_status_t err;
-
- err = sst_system_prepare();
-#ifdef SST_CREATE_FLASH_LAYOUT
- /* If SST_CREATE_FLASH_LAYOUT is set, it indicates that it is required to
- * create a SST flash layout. SST service will generate an empty and valid
- * SST flash layout to store assets. It will erase all data located in the
- * assigned SST memory area before generating the SST layout.
- * This flag is required to be set if the SST memory area is located in
- * non-persistent memory.
- * This flag can be set if the SST memory area is located in persistent
- * memory without a previous valid SST flash layout in it. That is the case
- * when it is the first time in the device life that the SST service is
- * executed.
- */
- if (err != PSA_SUCCESS) {
- /* Remove all data in the SST memory area and create a valid SST flash
- * layout in that area.
- */
- err = sst_system_wipe_all();
- if (err != PSA_SUCCESS) {
- return err;
- }
-
- /* Attempt to initialise again */
- err = sst_system_prepare();
- }
-#endif /* SST_CREATE_FLASH_LAYOUT */
-
- return err;
-}
-
-psa_status_t tfm_sst_set(int32_t client_id,
- psa_storage_uid_t uid,
- uint32_t data_length,
- psa_storage_create_flags_t create_flags)
-{
- /* Check that the UID is valid */
- if (uid == TFM_SST_INVALID_UID) {
- return PSA_ERROR_INVALID_ARGUMENT;
- }
-
- /* Check that the create_flags does not contain any unsupported flags */
- if (create_flags & ~(PSA_STORAGE_FLAG_WRITE_ONCE |
- PSA_STORAGE_FLAG_NO_CONFIDENTIALITY |
- PSA_STORAGE_FLAG_NO_REPLAY_PROTECTION)) {
- return PSA_ERROR_NOT_SUPPORTED;
- }
-
- /* Create the object in the object system */
- return sst_object_create(uid, client_id, create_flags, data_length);
-}
-
-psa_status_t tfm_sst_get(int32_t client_id,
- psa_storage_uid_t uid,
- uint32_t data_offset,
- uint32_t data_size,
- size_t *p_data_length)
-{
- /* Check that the UID is valid */
- if (uid == TFM_SST_INVALID_UID) {
- return PSA_ERROR_INVALID_ARGUMENT;
- }
-
- /* Read the object data from the object system */
- return sst_object_read(uid, client_id, data_offset, data_size,
- p_data_length);
-}
-
-psa_status_t tfm_sst_get_info(int32_t client_id, psa_storage_uid_t uid,
- struct psa_storage_info_t *p_info)
-{
- /* Check that the UID is valid */
- if (uid == TFM_SST_INVALID_UID) {
- return PSA_ERROR_INVALID_ARGUMENT;
- }
-
- /* Get the info struct data from the object system */
- return sst_object_get_info(uid, client_id, p_info);
-}
-
-psa_status_t tfm_sst_remove(int32_t client_id, psa_storage_uid_t uid)
-{
- psa_status_t err;
-
- /* Check that the UID is valid */
- if (uid == TFM_SST_INVALID_UID) {
- return PSA_ERROR_INVALID_ARGUMENT;
- }
-
- /* Delete the object from the object system */
- err = sst_object_delete(uid, client_id);
-
- /* PSA_ERROR_INVALID_SIGNATURE is not supported by psa_ps_remove
- * specification. So, this function returns TFM_SST_ERR_OPERATION_FAILED
- * instead.
- */
- if (err == PSA_ERROR_INVALID_SIGNATURE) {
- return PSA_ERROR_GENERIC_ERROR;
- }
-
- return err;
-}
-
-uint32_t tfm_sst_get_support(void)
-{
- /*
- * This function returns a bitmask with flags set for all of the optional
- * features supported by the SST service implementation.
- *
- * SST service does not support the optional extended PSA PS API yet.
- */
-
- return 0;
-}
diff --git a/secure_fw/partitions/tfm_service_list.inc b/secure_fw/partitions/tfm_service_list.inc
index ddedbc8..a0d4e72 100644
--- a/secure_fw/partitions/tfm_service_list.inc
+++ b/secure_fw/partitions/tfm_service_list.inc
@@ -10,7 +10,7 @@
#ifndef __TFM_SERVICE_LIST_INC__
#define __TFM_SERVICE_LIST_INC__
-#include "secure_fw/partitions/secure_storage/psa_manifest/tfm_secure_storage.h"
+#include "secure_fw/partitions/protected_storage/psa_manifest/tfm_protected_storage.h"
#include "secure_fw/partitions/internal_trusted_storage/psa_manifest/tfm_internal_trusted_storage.h"
#include "secure_fw/partitions/audit_logging/psa_manifest/tfm_audit_logging.h"
#include "secure_fw/partitions/crypto/psa_manifest/tfm_crypto.h"
@@ -22,60 +22,60 @@
#include "test/test_services/tfm_ipc_service/psa_manifest/tfm_ipc_service_partition.h"
#include "test/test_services/tfm_ipc_client/psa_manifest/tfm_ipc_client_partition.h"
#include "test/test_services/tfm_irq_test_service_1/psa_manifest/tfm_irq_test_service_1.h"
-#include "test/test_services/tfm_sst_test_service/psa_manifest/tfm_sst_test_service.h"
+#include "test/test_services/tfm_ps_test_service/psa_manifest/tfm_ps_test_service.h"
#include "test/test_services/tfm_secure_client_2/psa_manifest/tfm_secure_client_2.h"
#include "test/test_services/tfm_multi_core_test/psa_manifest/tfm_multi_core_test.h"
const struct tfm_spm_service_db_t service_db[] =
{
-#ifdef TFM_PARTITION_SECURE_STORAGE
- /******** TFM_SP_STORAGE ********/
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
+ /******** TFM_SP_PS ********/
{
- .name = "TFM_SST_SET",
- .partition_id = TFM_SP_STORAGE,
- .signal = TFM_SST_SET_SIGNAL,
+ .name = "TFM_PS_SET",
+ .partition_id = TFM_SP_PS,
+ .signal = TFM_PS_SET_SIGNAL,
.sid = 0x00000060,
.non_secure_client = true,
.version = 1,
.version_policy = TFM_VERSION_POLICY_STRICT
},
{
- .name = "TFM_SST_GET",
- .partition_id = TFM_SP_STORAGE,
- .signal = TFM_SST_GET_SIGNAL,
+ .name = "TFM_PS_GET",
+ .partition_id = TFM_SP_PS,
+ .signal = TFM_PS_GET_SIGNAL,
.sid = 0x00000061,
.non_secure_client = true,
.version = 1,
.version_policy = TFM_VERSION_POLICY_STRICT
},
{
- .name = "TFM_SST_GET_INFO",
- .partition_id = TFM_SP_STORAGE,
- .signal = TFM_SST_GET_INFO_SIGNAL,
+ .name = "TFM_PS_GET_INFO",
+ .partition_id = TFM_SP_PS,
+ .signal = TFM_PS_GET_INFO_SIGNAL,
.sid = 0x00000062,
.non_secure_client = true,
.version = 1,
.version_policy = TFM_VERSION_POLICY_STRICT
},
{
- .name = "TFM_SST_REMOVE",
- .partition_id = TFM_SP_STORAGE,
- .signal = TFM_SST_REMOVE_SIGNAL,
+ .name = "TFM_PS_REMOVE",
+ .partition_id = TFM_SP_PS,
+ .signal = TFM_PS_REMOVE_SIGNAL,
.sid = 0x00000063,
.non_secure_client = true,
.version = 1,
.version_policy = TFM_VERSION_POLICY_STRICT
},
{
- .name = "TFM_SST_GET_SUPPORT",
- .partition_id = TFM_SP_STORAGE,
- .signal = TFM_SST_GET_SUPPORT_SIGNAL,
+ .name = "TFM_PS_GET_SUPPORT",
+ .partition_id = TFM_SP_PS,
+ .signal = TFM_PS_GET_SUPPORT_SIGNAL,
.sid = 0x00000064,
.non_secure_client = true,
.version = 1,
.version_policy = TFM_VERSION_POLICY_STRICT
},
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_INTERNAL_TRUSTED_STORAGE
/******** TFM_SP_ITS ********/
@@ -477,18 +477,18 @@
},
#endif /* TFM_ENABLE_IRQ_TEST */
-#ifdef TFM_PARTITION_TEST_SST
- /******** TFM_SP_SST_TEST ********/
+#ifdef TFM_PARTITION_TEST_PS
+ /******** TFM_SP_PS_TEST ********/
{
- .name = "TFM_SST_TEST_PREPARE",
- .partition_id = TFM_SP_SST_TEST,
- .signal = TFM_SST_TEST_PREPARE_SIGNAL,
+ .name = "TFM_PS_TEST_PREPARE",
+ .partition_id = TFM_SP_PS_TEST,
+ .signal = TFM_PS_TEST_PREPARE_SIGNAL,
.sid = 0x0000F0C0,
.non_secure_client = false,
.version = 1,
.version_policy = TFM_VERSION_POLICY_STRICT
},
-#endif /* TFM_PARTITION_TEST_SST */
+#endif /* TFM_PARTITION_TEST_PS */
#ifdef TFM_PARTITION_TEST_SECURE_SERVICES
/******** TFM_SP_SECURE_CLIENT_2 ********/
@@ -532,8 +532,8 @@
/**************************************************************************/
struct tfm_spm_service_t service[] =
{
-#ifdef TFM_PARTITION_SECURE_STORAGE
- /******** TFM_SP_STORAGE ********/
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
+ /******** TFM_SP_PS ********/
{
.service_db = NULL,
.partition = NULL,
@@ -569,7 +569,7 @@
.msg_queue = {0},
.list = {0},
},
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_INTERNAL_TRUSTED_STORAGE
/******** TFM_SP_ITS ********/
@@ -891,8 +891,8 @@
},
#endif /* TFM_ENABLE_IRQ_TEST */
-#ifdef TFM_PARTITION_TEST_SST
- /******** TFM_SP_SST_TEST ********/
+#ifdef TFM_PARTITION_TEST_PS
+ /******** TFM_SP_PS_TEST ********/
{
.service_db = NULL,
.partition = NULL,
@@ -900,7 +900,7 @@
.msg_queue = {0},
.list = {0},
},
-#endif /* TFM_PARTITION_TEST_SST */
+#endif /* TFM_PARTITION_TEST_PS */
#ifdef TFM_PARTITION_TEST_SECURE_SERVICES
/******** TFM_SP_SECURE_CLIENT_2 ********/
diff --git a/secure_fw/spm/model_func/tfm_secure_irq_handlers.inc b/secure_fw/spm/model_func/tfm_secure_irq_handlers.inc
index 45418a2..8c35661 100644
--- a/secure_fw/spm/model_func/tfm_secure_irq_handlers.inc
+++ b/secure_fw/spm/model_func/tfm_secure_irq_handlers.inc
@@ -7,7 +7,7 @@
/*********** WARNING: This is an auto-generated file. Do not edit! ***********/
-#include "secure_fw/partitions/secure_storage/psa_manifest/tfm_secure_storage.h"
+#include "secure_fw/partitions/protected_storage/psa_manifest/tfm_protected_storage.h"
#include "secure_fw/partitions/internal_trusted_storage/psa_manifest/tfm_internal_trusted_storage.h"
#include "secure_fw/partitions/audit_logging/psa_manifest/tfm_audit_logging.h"
#include "secure_fw/partitions/crypto/psa_manifest/tfm_crypto.h"
@@ -19,7 +19,7 @@
#include "test/test_services/tfm_ipc_service/psa_manifest/tfm_ipc_service_partition.h"
#include "test/test_services/tfm_ipc_client/psa_manifest/tfm_ipc_client_partition.h"
#include "test/test_services/tfm_irq_test_service_1/psa_manifest/tfm_irq_test_service_1.h"
-#include "test/test_services/tfm_sst_test_service/psa_manifest/tfm_sst_test_service.h"
+#include "test/test_services/tfm_ps_test_service/psa_manifest/tfm_ps_test_service.h"
#include "test/test_services/tfm_secure_client_2/psa_manifest/tfm_secure_client_2.h"
#include "test/test_services/tfm_multi_core_test/psa_manifest/tfm_multi_core_test.h"
#include "psa_manifest/pid.h"
diff --git a/secure_fw/spm/model_func/tfm_spm_db_func.inc b/secure_fw/spm/model_func/tfm_spm_db_func.inc
index 21a76ca..6b5c42e 100644
--- a/secure_fw/spm/model_func/tfm_spm_db_func.inc
+++ b/secure_fw/spm/model_func/tfm_spm_db_func.inc
@@ -16,9 +16,9 @@
/**************************************************************************/
/** IRQ count per partition */
/**************************************************************************/
-#ifdef TFM_PARTITION_SECURE_STORAGE
-#define TFM_PARTITION_TFM_SP_STORAGE_IRQ_COUNT 0
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
+#define TFM_PARTITION_TFM_SP_PS_IRQ_COUNT 0
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_INTERNAL_TRUSTED_STORAGE
#define TFM_PARTITION_TFM_SP_ITS_IRQ_COUNT 0
@@ -64,9 +64,9 @@
#define TFM_PARTITION_TFM_IRQ_TEST_1_IRQ_COUNT 1
#endif /* TFM_ENABLE_IRQ_TEST */
-#ifdef TFM_PARTITION_TEST_SST
-#define TFM_PARTITION_TFM_SP_SST_TEST_IRQ_COUNT 0
-#endif /* TFM_PARTITION_TEST_SST */
+#ifdef TFM_PARTITION_TEST_PS
+#define TFM_PARTITION_TFM_SP_PS_TEST_IRQ_COUNT 0
+#endif /* TFM_PARTITION_TEST_PS */
#ifdef TFM_PARTITION_TEST_SECURE_SERVICES
#define TFM_PARTITION_TFM_SP_SECURE_CLIENT_2_IRQ_COUNT 0
@@ -79,9 +79,9 @@
/**************************************************************************/
/** Declarations of partition init functions */
/**************************************************************************/
-#ifdef TFM_PARTITION_SECURE_STORAGE
-extern void tfm_sst_req_mngr_init(void);
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
+extern void tfm_ps_req_mngr_init(void);
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_INTERNAL_TRUSTED_STORAGE
extern void tfm_its_req_mngr_init(void);
@@ -127,9 +127,9 @@
extern void tfm_irq_test_1_init(void);
#endif /* TFM_ENABLE_IRQ_TEST */
-#ifdef TFM_PARTITION_TEST_SST
-extern void tfm_sst_test_init(void);
-#endif /* TFM_PARTITION_TEST_SST */
+#ifdef TFM_PARTITION_TEST_PS
+extern void tfm_ps_test_init(void);
+#endif /* TFM_PARTITION_TEST_PS */
#ifdef TFM_PARTITION_TEST_SECURE_SERVICES
extern void tfm_secure_client_2_init(void);
@@ -157,14 +157,14 @@
static uint32_t tfm_core_interrupt_ctx_stack[
sizeof(struct interrupted_ctx_stack_frame_t) / sizeof(uint32_t)];
-#ifdef TFM_PARTITION_SECURE_STORAGE
-static uint32_t ctx_stack_TFM_SP_STORAGE[
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
+static uint32_t ctx_stack_TFM_SP_PS[
(sizeof(struct interrupted_ctx_stack_frame_t) +
- (TFM_PARTITION_TFM_SP_STORAGE_IRQ_COUNT) * (
+ (TFM_PARTITION_TFM_SP_PS_IRQ_COUNT) * (
sizeof(struct interrupted_ctx_stack_frame_t) +
sizeof(struct handler_ctx_stack_frame_t)
)) / sizeof(uint32_t)];
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_INTERNAL_TRUSTED_STORAGE
static uint32_t ctx_stack_TFM_SP_ITS[
@@ -265,14 +265,14 @@
)) / sizeof(uint32_t)];
#endif /* TFM_ENABLE_IRQ_TEST */
-#ifdef TFM_PARTITION_TEST_SST
-static uint32_t ctx_stack_TFM_SP_SST_TEST[
+#ifdef TFM_PARTITION_TEST_PS
+static uint32_t ctx_stack_TFM_SP_PS_TEST[
(sizeof(struct interrupted_ctx_stack_frame_t) +
- (TFM_PARTITION_TFM_SP_SST_TEST_IRQ_COUNT) * (
+ (TFM_PARTITION_TFM_SP_PS_TEST_IRQ_COUNT) * (
sizeof(struct interrupted_ctx_stack_frame_t) +
sizeof(struct handler_ctx_stack_frame_t)
)) / sizeof(uint32_t)];
-#endif /* TFM_PARTITION_TEST_SST */
+#endif /* TFM_PARTITION_TEST_PS */
#ifdef TFM_PARTITION_TEST_SECURE_SERVICES
static uint32_t ctx_stack_TFM_SP_SECURE_CLIENT_2[
@@ -296,9 +296,9 @@
{
ns_interrupt_ctx_stack,
tfm_core_interrupt_ctx_stack,
-#ifdef TFM_PARTITION_SECURE_STORAGE
- ctx_stack_TFM_SP_STORAGE,
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
+ ctx_stack_TFM_SP_PS,
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_INTERNAL_TRUSTED_STORAGE
ctx_stack_TFM_SP_ITS,
#endif /* TFM_PARTITION_INTERNAL_TRUSTED_STORAGE */
@@ -332,9 +332,9 @@
#ifdef TFM_ENABLE_IRQ_TEST
ctx_stack_TFM_IRQ_TEST_1,
#endif /* TFM_ENABLE_IRQ_TEST */
-#ifdef TFM_PARTITION_TEST_SST
- ctx_stack_TFM_SP_SST_TEST,
-#endif /* TFM_PARTITION_TEST_SST */
+#ifdef TFM_PARTITION_TEST_PS
+ ctx_stack_TFM_SP_PS_TEST,
+#endif /* TFM_PARTITION_TEST_PS */
#ifdef TFM_PARTITION_TEST_SECURE_SERVICES
ctx_stack_TFM_SP_SECURE_CLIENT_2,
#endif /* TFM_PARTITION_TEST_SECURE_SERVICES */
@@ -346,8 +346,8 @@
/**************************************************************************/
/** Dependencies array for Secure Partition */
/**************************************************************************/
-#ifdef TFM_PARTITION_SECURE_STORAGE
-static int32_t dependencies_TFM_SP_STORAGE[] =
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
+static int32_t dependencies_TFM_SP_PS[] =
{
TFM_CRYPTO_SID,
TFM_ITS_SET_SID,
@@ -356,7 +356,7 @@
TFM_ITS_REMOVE_SID,
TFM_SP_PLATFORM_NV_COUNTER_SID,
};
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_CRYPTO
static int32_t dependencies_TFM_SP_CRYPTO[] =
@@ -389,11 +389,11 @@
{
TFM_SECURE_CLIENT_2_SID,
TFM_CRYPTO_SID,
- TFM_SST_SET_SID,
- TFM_SST_GET_SID,
- TFM_SST_GET_INFO_SID,
- TFM_SST_REMOVE_SID,
- TFM_SST_GET_SUPPORT_SID,
+ TFM_PS_SET_SID,
+ TFM_PS_GET_SID,
+ TFM_PS_GET_INFO_SID,
+ TFM_PS_REMOVE_SID,
+ TFM_PS_GET_SUPPORT_SID,
TFM_ITS_SET_SID,
TFM_ITS_GET_SID,
TFM_ITS_GET_INFO_SID,
@@ -401,7 +401,7 @@
TFM_ATTEST_GET_TOKEN_SID,
TFM_ATTEST_GET_TOKEN_SIZE_SID,
TFM_ATTEST_GET_PUBLIC_KEY_SID,
- TFM_SST_TEST_PREPARE_SID,
+ TFM_PS_TEST_PREPARE_SID,
TFM_SP_PLATFORM_SYSTEM_RESET_SID,
TFM_SP_PLATFORM_IOCTL_SID,
};
@@ -417,14 +417,14 @@
};
#endif /* TFM_PARTITION_TEST_CORE_IPC */
-#ifdef TFM_PARTITION_TEST_SST
-static int32_t dependencies_TFM_SP_SST_TEST[] =
+#ifdef TFM_PARTITION_TEST_PS
+static int32_t dependencies_TFM_SP_PS_TEST[] =
{
TFM_CRYPTO_SID,
TFM_ITS_GET_SID,
TFM_ITS_REMOVE_SID,
};
-#endif /* TFM_PARTITION_TEST_SST */
+#endif /* TFM_PARTITION_TEST_PS */
#ifdef TFM_PARTITION_TEST_SECURE_SERVICES
static int32_t dependencies_TFM_SP_SECURE_CLIENT_2[] =
@@ -449,18 +449,18 @@
.partition_flags = SPM_PART_FLAG_APP_ROT | SPM_PART_FLAG_PSA_ROT,
},
-#ifdef TFM_PARTITION_SECURE_STORAGE
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
{
- .partition_id = TFM_SP_STORAGE,
+ .partition_id = TFM_SP_PS,
.partition_flags = SPM_PART_FLAG_IPC
| SPM_PART_FLAG_APP_ROT
,
.partition_priority = TFM_PRIORITY(NORMAL),
- .partition_init = tfm_sst_req_mngr_init,
+ .partition_init = tfm_ps_req_mngr_init,
.dependencies_num = 6,
- .p_dependencies = dependencies_TFM_SP_STORAGE,
+ .p_dependencies = dependencies_TFM_SP_PS,
},
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_INTERNAL_TRUSTED_STORAGE
{
@@ -605,18 +605,18 @@
},
#endif /* TFM_ENABLE_IRQ_TEST */
-#ifdef TFM_PARTITION_TEST_SST
+#ifdef TFM_PARTITION_TEST_PS
{
- .partition_id = TFM_SP_SST_TEST,
+ .partition_id = TFM_SP_PS_TEST,
.partition_flags = SPM_PART_FLAG_IPC
| SPM_PART_FLAG_PSA_ROT | SPM_PART_FLAG_APP_ROT
,
.partition_priority = TFM_PRIORITY(NORMAL),
- .partition_init = tfm_sst_test_init,
+ .partition_init = tfm_ps_test_init,
.dependencies_num = 3,
- .p_dependencies = dependencies_TFM_SP_SST_TEST,
+ .p_dependencies = dependencies_TFM_SP_PS_TEST,
},
-#endif /* TFM_PARTITION_TEST_SST */
+#endif /* TFM_PARTITION_TEST_PS */
#ifdef TFM_PARTITION_TEST_SECURE_SERVICES
{
@@ -692,9 +692,9 @@
NULL,
NULL,
-#ifdef TFM_PARTITION_SECURE_STORAGE
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
NULL,
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_INTERNAL_TRUSTED_STORAGE
NULL,
@@ -740,9 +740,9 @@
platform_data_list_TFM_IRQ_TEST_1,
#endif /* TFM_ENABLE_IRQ_TEST */
-#ifdef TFM_PARTITION_TEST_SST
+#ifdef TFM_PARTITION_TEST_PS
NULL,
-#endif /* TFM_PARTITION_TEST_SST */
+#endif /* TFM_PARTITION_TEST_PS */
#ifdef TFM_PARTITION_TEST_SECURE_SERVICES
NULL,
@@ -763,16 +763,16 @@
{{0}}, /* placeholder for TF-M Core internal partition */
/* -----------------------------------------------------------------------*/
- /* - Partition DB record for TFM_SP_STORAGE */
+ /* - Partition DB record for TFM_SP_PS */
/* -----------------------------------------------------------------------*/
-#ifdef TFM_PARTITION_SECURE_STORAGE
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
{
/* Runtime data */
.runtime_data = {0},
.static_data = NULL,
.platform_data_list = NULL,
},
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
/* -----------------------------------------------------------------------*/
/* - Partition DB record for TFM_SP_ITS */
@@ -907,16 +907,16 @@
#endif /* TFM_ENABLE_IRQ_TEST */
/* -----------------------------------------------------------------------*/
- /* - Partition DB record for TFM_SP_SST_TEST */
+ /* - Partition DB record for TFM_SP_PS_TEST */
/* -----------------------------------------------------------------------*/
-#ifdef TFM_PARTITION_TEST_SST
+#ifdef TFM_PARTITION_TEST_PS
{
/* Runtime data */
.runtime_data = {0},
.static_data = NULL,
.platform_data_list = NULL,
},
-#endif /* TFM_PARTITION_TEST_SST */
+#endif /* TFM_PARTITION_TEST_PS */
/* -----------------------------------------------------------------------*/
/* - Partition DB record for TFM_SP_SECURE_CLIENT_2 */
diff --git a/secure_fw/spm/model_func/tfm_veneers.c b/secure_fw/spm/model_func/tfm_veneers.c
index 0da2ca9..a7a11c5 100644
--- a/secure_fw/spm/model_func/tfm_veneers.c
+++ b/secure_fw/spm/model_func/tfm_veneers.c
@@ -10,14 +10,14 @@
#include "tfm_secure_api.h"
#include "tfm/spm_partition_defs.h"
-#ifdef TFM_PARTITION_SECURE_STORAGE
-/******** TFM_SP_STORAGE ********/
-psa_status_t tfm_sst_set_req(psa_invec *, size_t, psa_outvec *, size_t);
-psa_status_t tfm_sst_get_req(psa_invec *, size_t, psa_outvec *, size_t);
-psa_status_t tfm_sst_get_info_req(psa_invec *, size_t, psa_outvec *, size_t);
-psa_status_t tfm_sst_remove_req(psa_invec *, size_t, psa_outvec *, size_t);
-psa_status_t tfm_sst_get_support_req(psa_invec *, size_t, psa_outvec *, size_t);
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
+/******** TFM_SP_PS ********/
+psa_status_t tfm_ps_set_req(psa_invec *, size_t, psa_outvec *, size_t);
+psa_status_t tfm_ps_get_req(psa_invec *, size_t, psa_outvec *, size_t);
+psa_status_t tfm_ps_get_info_req(psa_invec *, size_t, psa_outvec *, size_t);
+psa_status_t tfm_ps_remove_req(psa_invec *, size_t, psa_outvec *, size_t);
+psa_status_t tfm_ps_get_support_req(psa_invec *, size_t, psa_outvec *, size_t);
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_INTERNAL_TRUSTED_STORAGE
/******** TFM_SP_ITS ********/
@@ -153,10 +153,10 @@
psa_status_t spm_irq_test_1_execute_test_scenario(psa_invec *, size_t, psa_outvec *, size_t);
#endif /* TFM_ENABLE_IRQ_TEST */
-#ifdef TFM_PARTITION_TEST_SST
-/******** TFM_SP_SST_TEST ********/
-psa_status_t tfm_sst_test_prepare(psa_invec *, size_t, psa_outvec *, size_t);
-#endif /* TFM_PARTITION_TEST_SST */
+#ifdef TFM_PARTITION_TEST_PS
+/******** TFM_SP_PS_TEST ********/
+psa_status_t tfm_ps_test_prepare(psa_invec *, size_t, psa_outvec *, size_t);
+#endif /* TFM_PARTITION_TEST_PS */
#ifdef TFM_PARTITION_TEST_SECURE_SERVICES
/******** TFM_SP_SECURE_CLIENT_2 ********/
@@ -183,14 +183,14 @@
in_vec, in_len, out_vec, out_len); \
}
-#ifdef TFM_PARTITION_SECURE_STORAGE
-/******** TFM_SP_STORAGE ********/
-TFM_VENEER_FUNCTION(TFM_SP_STORAGE, tfm_sst_set_req)
-TFM_VENEER_FUNCTION(TFM_SP_STORAGE, tfm_sst_get_req)
-TFM_VENEER_FUNCTION(TFM_SP_STORAGE, tfm_sst_get_info_req)
-TFM_VENEER_FUNCTION(TFM_SP_STORAGE, tfm_sst_remove_req)
-TFM_VENEER_FUNCTION(TFM_SP_STORAGE, tfm_sst_get_support_req)
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
+/******** TFM_SP_PS ********/
+TFM_VENEER_FUNCTION(TFM_SP_PS, tfm_ps_set_req)
+TFM_VENEER_FUNCTION(TFM_SP_PS, tfm_ps_get_req)
+TFM_VENEER_FUNCTION(TFM_SP_PS, tfm_ps_get_info_req)
+TFM_VENEER_FUNCTION(TFM_SP_PS, tfm_ps_remove_req)
+TFM_VENEER_FUNCTION(TFM_SP_PS, tfm_ps_get_support_req)
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_INTERNAL_TRUSTED_STORAGE
/******** TFM_SP_ITS ********/
@@ -326,10 +326,10 @@
TFM_VENEER_FUNCTION(TFM_IRQ_TEST_1, spm_irq_test_1_execute_test_scenario)
#endif /* TFM_ENABLE_IRQ_TEST */
-#ifdef TFM_PARTITION_TEST_SST
-/******** TFM_SP_SST_TEST ********/
-TFM_VENEER_FUNCTION(TFM_SP_SST_TEST, tfm_sst_test_prepare)
-#endif /* TFM_PARTITION_TEST_SST */
+#ifdef TFM_PARTITION_TEST_PS
+/******** TFM_SP_PS_TEST ********/
+TFM_VENEER_FUNCTION(TFM_SP_PS_TEST, tfm_ps_test_prepare)
+#endif /* TFM_PARTITION_TEST_PS */
#ifdef TFM_PARTITION_TEST_SECURE_SERVICES
/******** TFM_SP_SECURE_CLIENT_2 ********/
diff --git a/secure_fw/spm/model_ipc/tfm_secure_irq_handlers_ipc.inc b/secure_fw/spm/model_ipc/tfm_secure_irq_handlers_ipc.inc
index 22f92cd..65fba46 100644
--- a/secure_fw/spm/model_ipc/tfm_secure_irq_handlers_ipc.inc
+++ b/secure_fw/spm/model_ipc/tfm_secure_irq_handlers_ipc.inc
@@ -7,7 +7,7 @@
/*********** WARNING: This is an auto-generated file. Do not edit! ***********/
-#include "secure_fw/partitions/secure_storage/psa_manifest/tfm_secure_storage.h"
+#include "secure_fw/partitions/protected_storage/psa_manifest/tfm_protected_storage.h"
#include "secure_fw/partitions/internal_trusted_storage/psa_manifest/tfm_internal_trusted_storage.h"
#include "secure_fw/partitions/audit_logging/psa_manifest/tfm_audit_logging.h"
#include "secure_fw/partitions/crypto/psa_manifest/tfm_crypto.h"
@@ -19,7 +19,7 @@
#include "test/test_services/tfm_ipc_service/psa_manifest/tfm_ipc_service_partition.h"
#include "test/test_services/tfm_ipc_client/psa_manifest/tfm_ipc_client_partition.h"
#include "test/test_services/tfm_irq_test_service_1/psa_manifest/tfm_irq_test_service_1.h"
-#include "test/test_services/tfm_sst_test_service/psa_manifest/tfm_sst_test_service.h"
+#include "test/test_services/tfm_ps_test_service/psa_manifest/tfm_ps_test_service.h"
#include "test/test_services/tfm_secure_client_2/psa_manifest/tfm_secure_client_2.h"
#include "test/test_services/tfm_multi_core_test/psa_manifest/tfm_multi_core_test.h"
#include "cmsis_compiler.h"
diff --git a/secure_fw/spm/model_ipc/tfm_spm_db_ipc.inc b/secure_fw/spm/model_ipc/tfm_spm_db_ipc.inc
index 3a99b2e..8618458 100644
--- a/secure_fw/spm/model_ipc/tfm_spm_db_ipc.inc
+++ b/secure_fw/spm/model_ipc/tfm_spm_db_ipc.inc
@@ -16,9 +16,9 @@
/**************************************************************************/
/** IRQ count per partition */
/**************************************************************************/
-#ifdef TFM_PARTITION_SECURE_STORAGE
-#define TFM_PARTITION_TFM_SP_STORAGE_IRQ_COUNT 0
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
+#define TFM_PARTITION_TFM_SP_PS_IRQ_COUNT 0
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_INTERNAL_TRUSTED_STORAGE
#define TFM_PARTITION_TFM_SP_ITS_IRQ_COUNT 0
@@ -64,9 +64,9 @@
#define TFM_PARTITION_TFM_IRQ_TEST_1_IRQ_COUNT 1
#endif /* TFM_ENABLE_IRQ_TEST */
-#ifdef TFM_PARTITION_TEST_SST
-#define TFM_PARTITION_TFM_SP_SST_TEST_IRQ_COUNT 0
-#endif /* TFM_PARTITION_TEST_SST */
+#ifdef TFM_PARTITION_TEST_PS
+#define TFM_PARTITION_TFM_SP_PS_TEST_IRQ_COUNT 0
+#endif /* TFM_PARTITION_TEST_PS */
#ifdef TFM_PARTITION_TEST_SECURE_SERVICES
#define TFM_PARTITION_TFM_SP_SECURE_CLIENT_2_IRQ_COUNT 0
@@ -81,9 +81,9 @@
/**************************************************************************/
extern void tfm_nspm_thread_entry(void);
-#ifdef TFM_PARTITION_SECURE_STORAGE
-extern void tfm_sst_req_mngr_init(void);
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
+extern void tfm_ps_req_mngr_init(void);
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_INTERNAL_TRUSTED_STORAGE
extern void tfm_its_req_mngr_init(void);
@@ -129,9 +129,9 @@
extern void tfm_irq_test_1_init(void);
#endif /* TFM_ENABLE_IRQ_TEST */
-#ifdef TFM_PARTITION_TEST_SST
-extern void tfm_sst_test_init(void);
-#endif /* TFM_PARTITION_TEST_SST */
+#ifdef TFM_PARTITION_TEST_PS
+extern void tfm_ps_test_init(void);
+#endif /* TFM_PARTITION_TEST_PS */
#ifdef TFM_PARTITION_TEST_SECURE_SERVICES
extern void tfm_secure_client_2_init(void);
@@ -147,18 +147,18 @@
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Base);
REGION_DECLARE(Image$$, ARM_LIB_STACK, $$ZI$$Limit);
-#ifdef TFM_PARTITION_SECURE_STORAGE
-REGION_DECLARE(Image$$, TFM_SP_STORAGE_LINKER, $$Base);
-REGION_DECLARE(Image$$, TFM_SP_STORAGE_LINKER, $$Limit);
-REGION_DECLARE(Image$$, TFM_SP_STORAGE_LINKER, $$RO$$Base);
-REGION_DECLARE(Image$$, TFM_SP_STORAGE_LINKER, $$RO$$Limit);
-REGION_DECLARE(Image$$, TFM_SP_STORAGE_LINKER, _DATA$$RW$$Base);
-REGION_DECLARE(Image$$, TFM_SP_STORAGE_LINKER, _DATA$$RW$$Limit);
-REGION_DECLARE(Image$$, TFM_SP_STORAGE_LINKER, _DATA$$ZI$$Base);
-REGION_DECLARE(Image$$, TFM_SP_STORAGE_LINKER, _DATA$$ZI$$Limit);
-REGION_DECLARE(Image$$, TFM_SP_STORAGE_LINKER, _STACK$$ZI$$Base);
-REGION_DECLARE(Image$$, TFM_SP_STORAGE_LINKER, _STACK$$ZI$$Limit);
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
+REGION_DECLARE(Image$$, TFM_SP_PS_LINKER, $$Base);
+REGION_DECLARE(Image$$, TFM_SP_PS_LINKER, $$Limit);
+REGION_DECLARE(Image$$, TFM_SP_PS_LINKER, $$RO$$Base);
+REGION_DECLARE(Image$$, TFM_SP_PS_LINKER, $$RO$$Limit);
+REGION_DECLARE(Image$$, TFM_SP_PS_LINKER, _DATA$$RW$$Base);
+REGION_DECLARE(Image$$, TFM_SP_PS_LINKER, _DATA$$RW$$Limit);
+REGION_DECLARE(Image$$, TFM_SP_PS_LINKER, _DATA$$ZI$$Base);
+REGION_DECLARE(Image$$, TFM_SP_PS_LINKER, _DATA$$ZI$$Limit);
+REGION_DECLARE(Image$$, TFM_SP_PS_LINKER, _STACK$$ZI$$Base);
+REGION_DECLARE(Image$$, TFM_SP_PS_LINKER, _STACK$$ZI$$Limit);
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_INTERNAL_TRUSTED_STORAGE
REGION_DECLARE(Image$$, TFM_SP_ITS_LINKER, $$Base);
@@ -303,18 +303,18 @@
REGION_DECLARE(Image$$, TFM_IRQ_TEST_1_LINKER, _STACK$$ZI$$Limit);
#endif /* TFM_ENABLE_IRQ_TEST */
-#ifdef TFM_PARTITION_TEST_SST
-REGION_DECLARE(Image$$, TFM_SP_SST_TEST_LINKER, $$Base);
-REGION_DECLARE(Image$$, TFM_SP_SST_TEST_LINKER, $$Limit);
-REGION_DECLARE(Image$$, TFM_SP_SST_TEST_LINKER, $$RO$$Base);
-REGION_DECLARE(Image$$, TFM_SP_SST_TEST_LINKER, $$RO$$Limit);
-REGION_DECLARE(Image$$, TFM_SP_SST_TEST_LINKER, _DATA$$RW$$Base);
-REGION_DECLARE(Image$$, TFM_SP_SST_TEST_LINKER, _DATA$$RW$$Limit);
-REGION_DECLARE(Image$$, TFM_SP_SST_TEST_LINKER, _DATA$$ZI$$Base);
-REGION_DECLARE(Image$$, TFM_SP_SST_TEST_LINKER, _DATA$$ZI$$Limit);
-REGION_DECLARE(Image$$, TFM_SP_SST_TEST_LINKER, _STACK$$ZI$$Base);
-REGION_DECLARE(Image$$, TFM_SP_SST_TEST_LINKER, _STACK$$ZI$$Limit);
-#endif /* TFM_PARTITION_TEST_SST */
+#ifdef TFM_PARTITION_TEST_PS
+REGION_DECLARE(Image$$, TFM_SP_PS_TEST_LINKER, $$Base);
+REGION_DECLARE(Image$$, TFM_SP_PS_TEST_LINKER, $$Limit);
+REGION_DECLARE(Image$$, TFM_SP_PS_TEST_LINKER, $$RO$$Base);
+REGION_DECLARE(Image$$, TFM_SP_PS_TEST_LINKER, $$RO$$Limit);
+REGION_DECLARE(Image$$, TFM_SP_PS_TEST_LINKER, _DATA$$RW$$Base);
+REGION_DECLARE(Image$$, TFM_SP_PS_TEST_LINKER, _DATA$$RW$$Limit);
+REGION_DECLARE(Image$$, TFM_SP_PS_TEST_LINKER, _DATA$$ZI$$Base);
+REGION_DECLARE(Image$$, TFM_SP_PS_TEST_LINKER, _DATA$$ZI$$Limit);
+REGION_DECLARE(Image$$, TFM_SP_PS_TEST_LINKER, _STACK$$ZI$$Base);
+REGION_DECLARE(Image$$, TFM_SP_PS_TEST_LINKER, _STACK$$ZI$$Limit);
+#endif /* TFM_PARTITION_TEST_PS */
#ifdef TFM_PARTITION_TEST_SECURE_SERVICES
REGION_DECLARE(Image$$, TFM_SP_SECURE_CLIENT_2_LINKER, $$Base);
@@ -345,8 +345,8 @@
/**************************************************************************/
/** Dependencies array for Secure Partition */
/**************************************************************************/
-#ifdef TFM_PARTITION_SECURE_STORAGE
-static int32_t dependencies_TFM_SP_STORAGE[] =
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
+static int32_t dependencies_TFM_SP_PS[] =
{
TFM_CRYPTO_SID,
TFM_ITS_SET_SID,
@@ -355,7 +355,7 @@
TFM_ITS_REMOVE_SID,
TFM_SP_PLATFORM_NV_COUNTER_SID,
};
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_CRYPTO
static int32_t dependencies_TFM_SP_CRYPTO[] =
@@ -388,11 +388,11 @@
{
TFM_SECURE_CLIENT_2_SID,
TFM_CRYPTO_SID,
- TFM_SST_SET_SID,
- TFM_SST_GET_SID,
- TFM_SST_GET_INFO_SID,
- TFM_SST_REMOVE_SID,
- TFM_SST_GET_SUPPORT_SID,
+ TFM_PS_SET_SID,
+ TFM_PS_GET_SID,
+ TFM_PS_GET_INFO_SID,
+ TFM_PS_REMOVE_SID,
+ TFM_PS_GET_SUPPORT_SID,
TFM_ITS_SET_SID,
TFM_ITS_GET_SID,
TFM_ITS_GET_INFO_SID,
@@ -400,7 +400,7 @@
TFM_ATTEST_GET_TOKEN_SID,
TFM_ATTEST_GET_TOKEN_SIZE_SID,
TFM_ATTEST_GET_PUBLIC_KEY_SID,
- TFM_SST_TEST_PREPARE_SID,
+ TFM_PS_TEST_PREPARE_SID,
TFM_SP_PLATFORM_SYSTEM_RESET_SID,
TFM_SP_PLATFORM_IOCTL_SID,
};
@@ -416,14 +416,14 @@
};
#endif /* TFM_PARTITION_TEST_CORE_IPC */
-#ifdef TFM_PARTITION_TEST_SST
-static int32_t dependencies_TFM_SP_SST_TEST[] =
+#ifdef TFM_PARTITION_TEST_PS
+static int32_t dependencies_TFM_SP_PS_TEST[] =
{
TFM_CRYPTO_SID,
TFM_ITS_GET_SID,
TFM_ITS_REMOVE_SID,
};
-#endif /* TFM_PARTITION_TEST_SST */
+#endif /* TFM_PARTITION_TEST_PS */
#ifdef TFM_PARTITION_TEST_SECURE_SERVICES
static int32_t dependencies_TFM_SP_SECURE_CLIENT_2[] =
@@ -450,19 +450,19 @@
.partition_init = tfm_nspm_thread_entry,
},
-#ifdef TFM_PARTITION_SECURE_STORAGE
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
{
.psa_framework_version = 0x0100,
- .partition_id = TFM_SP_STORAGE,
+ .partition_id = TFM_SP_PS,
.partition_flags = SPM_PART_FLAG_IPC
| SPM_PART_FLAG_APP_ROT
,
.partition_priority = TFM_PRIORITY(NORMAL),
- .partition_init = tfm_sst_req_mngr_init,
+ .partition_init = tfm_ps_req_mngr_init,
.dependencies_num = 6,
- .p_dependencies = dependencies_TFM_SP_STORAGE,
+ .p_dependencies = dependencies_TFM_SP_PS,
},
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_INTERNAL_TRUSTED_STORAGE
{
@@ -618,19 +618,19 @@
},
#endif /* TFM_ENABLE_IRQ_TEST */
-#ifdef TFM_PARTITION_TEST_SST
+#ifdef TFM_PARTITION_TEST_PS
{
.psa_framework_version = 0x0100,
- .partition_id = TFM_SP_SST_TEST,
+ .partition_id = TFM_SP_PS_TEST,
.partition_flags = SPM_PART_FLAG_IPC
| SPM_PART_FLAG_PSA_ROT | SPM_PART_FLAG_APP_ROT
,
.partition_priority = TFM_PRIORITY(NORMAL),
- .partition_init = tfm_sst_test_init,
+ .partition_init = tfm_ps_test_init,
.dependencies_num = 3,
- .p_dependencies = dependencies_TFM_SP_SST_TEST,
+ .p_dependencies = dependencies_TFM_SP_PS_TEST,
},
-#endif /* TFM_PARTITION_TEST_SST */
+#endif /* TFM_PARTITION_TEST_PS */
#ifdef TFM_PARTITION_TEST_SECURE_SERVICES
{
@@ -707,9 +707,9 @@
{
NULL,
-#ifdef TFM_PARTITION_SECURE_STORAGE
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
NULL,
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_INTERNAL_TRUSTED_STORAGE
NULL,
@@ -755,9 +755,9 @@
platform_data_list_TFM_IRQ_TEST_1,
#endif /* TFM_ENABLE_IRQ_TEST */
-#ifdef TFM_PARTITION_TEST_SST
+#ifdef TFM_PARTITION_TEST_PS
NULL,
-#endif /* TFM_PARTITION_TEST_SST */
+#endif /* TFM_PARTITION_TEST_PS */
#ifdef TFM_PARTITION_TEST_SECURE_SERVICES
NULL,
@@ -779,20 +779,20 @@
.stack_top = PART_REGION_ADDR(ARM_LIB_STACK, $$ZI$$Limit),
.rw_start = PART_REGION_ADDR(ARM_LIB_STACK, $$ZI$$Base),
},
-#ifdef TFM_PARTITION_SECURE_STORAGE
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
{
- .code_start = PART_REGION_ADDR(TFM_SP_STORAGE_LINKER, $$Base),
- .code_limit = PART_REGION_ADDR(TFM_SP_STORAGE_LINKER, $$Limit),
- .ro_start = PART_REGION_ADDR(TFM_SP_STORAGE_LINKER, $$RO$$Base),
- .ro_limit = PART_REGION_ADDR(TFM_SP_STORAGE_LINKER, $$RO$$Limit),
- .rw_start = PART_REGION_ADDR(TFM_SP_STORAGE_LINKER, _DATA$$RW$$Base),
- .rw_limit = PART_REGION_ADDR(TFM_SP_STORAGE_LINKER, _DATA$$RW$$Limit),
- .zi_start = PART_REGION_ADDR(TFM_SP_STORAGE_LINKER, _DATA$$ZI$$Base),
- .zi_limit = PART_REGION_ADDR(TFM_SP_STORAGE_LINKER, _DATA$$ZI$$Limit),
- .stack_bottom = PART_REGION_ADDR(TFM_SP_STORAGE_LINKER, _STACK$$ZI$$Base),
- .stack_top = PART_REGION_ADDR(TFM_SP_STORAGE_LINKER, _STACK$$ZI$$Limit),
+ .code_start = PART_REGION_ADDR(TFM_SP_PS_LINKER, $$Base),
+ .code_limit = PART_REGION_ADDR(TFM_SP_PS_LINKER, $$Limit),
+ .ro_start = PART_REGION_ADDR(TFM_SP_PS_LINKER, $$RO$$Base),
+ .ro_limit = PART_REGION_ADDR(TFM_SP_PS_LINKER, $$RO$$Limit),
+ .rw_start = PART_REGION_ADDR(TFM_SP_PS_LINKER, _DATA$$RW$$Base),
+ .rw_limit = PART_REGION_ADDR(TFM_SP_PS_LINKER, _DATA$$RW$$Limit),
+ .zi_start = PART_REGION_ADDR(TFM_SP_PS_LINKER, _DATA$$ZI$$Base),
+ .zi_limit = PART_REGION_ADDR(TFM_SP_PS_LINKER, _DATA$$ZI$$Limit),
+ .stack_bottom = PART_REGION_ADDR(TFM_SP_PS_LINKER, _STACK$$ZI$$Base),
+ .stack_top = PART_REGION_ADDR(TFM_SP_PS_LINKER, _STACK$$ZI$$Limit),
},
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
#ifdef TFM_PARTITION_INTERNAL_TRUSTED_STORAGE
{
@@ -959,20 +959,20 @@
},
#endif /* TFM_ENABLE_IRQ_TEST */
-#ifdef TFM_PARTITION_TEST_SST
+#ifdef TFM_PARTITION_TEST_PS
{
- .code_start = PART_REGION_ADDR(TFM_SP_SST_TEST_LINKER, $$Base),
- .code_limit = PART_REGION_ADDR(TFM_SP_SST_TEST_LINKER, $$Limit),
- .ro_start = PART_REGION_ADDR(TFM_SP_SST_TEST_LINKER, $$RO$$Base),
- .ro_limit = PART_REGION_ADDR(TFM_SP_SST_TEST_LINKER, $$RO$$Limit),
- .rw_start = PART_REGION_ADDR(TFM_SP_SST_TEST_LINKER, _DATA$$RW$$Base),
- .rw_limit = PART_REGION_ADDR(TFM_SP_SST_TEST_LINKER, _DATA$$RW$$Limit),
- .zi_start = PART_REGION_ADDR(TFM_SP_SST_TEST_LINKER, _DATA$$ZI$$Base),
- .zi_limit = PART_REGION_ADDR(TFM_SP_SST_TEST_LINKER, _DATA$$ZI$$Limit),
- .stack_bottom = PART_REGION_ADDR(TFM_SP_SST_TEST_LINKER, _STACK$$ZI$$Base),
- .stack_top = PART_REGION_ADDR(TFM_SP_SST_TEST_LINKER, _STACK$$ZI$$Limit),
+ .code_start = PART_REGION_ADDR(TFM_SP_PS_TEST_LINKER, $$Base),
+ .code_limit = PART_REGION_ADDR(TFM_SP_PS_TEST_LINKER, $$Limit),
+ .ro_start = PART_REGION_ADDR(TFM_SP_PS_TEST_LINKER, $$RO$$Base),
+ .ro_limit = PART_REGION_ADDR(TFM_SP_PS_TEST_LINKER, $$RO$$Limit),
+ .rw_start = PART_REGION_ADDR(TFM_SP_PS_TEST_LINKER, _DATA$$RW$$Base),
+ .rw_limit = PART_REGION_ADDR(TFM_SP_PS_TEST_LINKER, _DATA$$RW$$Limit),
+ .zi_start = PART_REGION_ADDR(TFM_SP_PS_TEST_LINKER, _DATA$$ZI$$Base),
+ .zi_limit = PART_REGION_ADDR(TFM_SP_PS_TEST_LINKER, _DATA$$ZI$$Limit),
+ .stack_bottom = PART_REGION_ADDR(TFM_SP_PS_TEST_LINKER, _STACK$$ZI$$Base),
+ .stack_top = PART_REGION_ADDR(TFM_SP_PS_TEST_LINKER, _STACK$$ZI$$Limit),
},
-#endif /* TFM_PARTITION_TEST_SST */
+#endif /* TFM_PARTITION_TEST_PS */
#ifdef TFM_PARTITION_TEST_SECURE_SERVICES
{
@@ -1014,16 +1014,16 @@
{{0}}, /* placeholder for Non-secure internal partition */
/* -----------------------------------------------------------------------*/
- /* - Partition DB record for TFM_SP_STORAGE */
+ /* - Partition DB record for TFM_SP_PS */
/* -----------------------------------------------------------------------*/
-#ifdef TFM_PARTITION_SECURE_STORAGE
+#ifdef TFM_PARTITION_PROTECTED_STORAGE
{
/* Runtime data */
.runtime_data = {0},
.static_data = NULL,
.platform_data_list = NULL,
},
-#endif /* TFM_PARTITION_SECURE_STORAGE */
+#endif /* TFM_PARTITION_PROTECTED_STORAGE */
/* -----------------------------------------------------------------------*/
/* - Partition DB record for TFM_SP_ITS */
@@ -1158,16 +1158,16 @@
#endif /* TFM_ENABLE_IRQ_TEST */
/* -----------------------------------------------------------------------*/
- /* - Partition DB record for TFM_SP_SST_TEST */
+ /* - Partition DB record for TFM_SP_PS_TEST */
/* -----------------------------------------------------------------------*/
-#ifdef TFM_PARTITION_TEST_SST
+#ifdef TFM_PARTITION_TEST_PS
{
/* Runtime data */
.runtime_data = {0},
.static_data = NULL,
.platform_data_list = NULL,
},
-#endif /* TFM_PARTITION_TEST_SST */
+#endif /* TFM_PARTITION_TEST_PS */
/* -----------------------------------------------------------------------*/
/* - Partition DB record for TFM_SP_SECURE_CLIENT_2 */
diff --git a/test/CMakeLists.inc b/test/CMakeLists.inc
index 0b7b327..ac308f2 100644
--- a/test/CMakeLists.inc
+++ b/test/CMakeLists.inc
@@ -39,7 +39,7 @@
# Include the test suites
include(${CMAKE_CURRENT_LIST_DIR}/suites/core/CMakeLists.inc)
-include(${CMAKE_CURRENT_LIST_DIR}/suites/sst/CMakeLists.inc)
+include(${CMAKE_CURRENT_LIST_DIR}/suites/ps/CMakeLists.inc)
include(${CMAKE_CURRENT_LIST_DIR}/suites/its/CMakeLists.inc)
include(${CMAKE_CURRENT_LIST_DIR}/suites/crypto/CMakeLists.inc)
include(${CMAKE_CURRENT_LIST_DIR}/suites/attestation/CMakeLists.inc)
diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt
index 0ab1b6f..1a84d3e 100644
--- a/test/CMakeLists.txt
+++ b/test/CMakeLists.txt
@@ -42,8 +42,8 @@
message(FATAL_ERROR "Incomplete build configuration: TFM_PARTITION_AUDIT_LOG is undefined.")
endif()
-if (NOT DEFINED TFM_PARTITION_SECURE_STORAGE)
- message(FATAL_ERROR "Incomplete build configuration: TFM_PARTITION_SECURE_STORAGE is undefined.")
+if (NOT DEFINED TFM_PARTITION_PROTECTED_STORAGE)
+ message(FATAL_ERROR "Incomplete build configuration: TFM_PARTITION_PROTECTED_STORAGE is undefined.")
endif()
if (NOT DEFINED TFM_PARTITION_INTERNAL_TRUSTED_STORAGE)
@@ -94,9 +94,9 @@
include(${CMAKE_CURRENT_LIST_DIR}/TestConfig.cmake)
include(${CMAKE_CURRENT_LIST_DIR}/CMakeLists.inc)
-if (ENABLE_SECURE_STORAGE_SERVICE_TESTS)
- embedded_set_target_compile_defines(TARGET tfm_secure_tests LANGUAGE C DEFINES ENABLE_SECURE_STORAGE_SERVICE_TESTS APPEND)
- embedded_set_target_compile_defines(TARGET tfm_non_secure_tests LANGUAGE C DEFINES ENABLE_SECURE_STORAGE_SERVICE_TESTS APPEND)
+if (ENABLE_PROTECTED_STORAGE_SERVICE_TESTS)
+ embedded_set_target_compile_defines(TARGET tfm_secure_tests LANGUAGE C DEFINES ENABLE_PROTECTED_STORAGE_SERVICE_TESTS APPEND)
+ embedded_set_target_compile_defines(TARGET tfm_non_secure_tests LANGUAGE C DEFINES ENABLE_PROTECTED_STORAGE_SERVICE_TESTS APPEND)
endif()
if (ENABLE_INTERNAL_TRUSTED_STORAGE_SERVICE_TESTS)
@@ -207,8 +207,8 @@
DESTINATION export/tfm/test/lib
PUBLIC_HEADER DESTINATION export/tfm/test/inc)
- if(ENABLE_SECURE_STORAGE_SERVICE_TESTS)
- #only SST tests are using semaphore and thread APIs
+ if(ENABLE_PROTECTED_STORAGE_SERVICE_TESTS)
+ #only PS tests are using semaphore and thread APIs
install(FILES ${TFM_ROOT_DIR}/interface/include/os_wrapper/semaphore.h
${TFM_ROOT_DIR}/interface/include/os_wrapper/thread.h
DESTINATION export/tfm/include/os_wrapper)
diff --git a/test/TestConfig.cmake b/test/TestConfig.cmake
index 5dfbda8..99e3325 100644
--- a/test/TestConfig.cmake
+++ b/test/TestConfig.cmake
@@ -5,7 +5,7 @@
#
#-------------------------------------------------------------------------------
-option(ENABLE_SECURE_STORAGE_SERVICE_TESTS "Option for secure storage service tests" TRUE)
+option(ENABLE_PROTECTED_STORAGE_SERVICE_TESTS "Option for protected storage service tests" TRUE)
option(ENABLE_INTERNAL_TRUSTED_STORAGE_SERVICE_TESTS "Option for internal trusted storage services tests" TRUE)
option(ENABLE_AUDIT_LOGGING_SERVICE_TESTS "Option for audit logging service tests" TRUE)
option(ENABLE_CRYPTO_SERVICE_TESTS "Option for crypto service tests" TRUE)
@@ -15,8 +15,8 @@
option(ENABLE_T_COSE_TESTS "Option for T_COSE tests" TRUE)
# If a partition is not enabled, then neither should its tests.
-if (NOT TFM_PARTITION_SECURE_STORAGE)
- set(ENABLE_SECURE_STORAGE_SERVICE_TESTS FALSE)
+if (NOT TFM_PARTITION_PROTECTED_STORAGE)
+ set(ENABLE_PROTECTED_STORAGE_SERVICE_TESTS FALSE)
endif()
if (NOT TFM_PARTITION_INTERNAL_TRUSTED_STORAGE)
diff --git a/test/framework/non_secure_suites.c b/test/framework/non_secure_suites.c
index c1af79c..ef3a94c 100644
--- a/test/framework/non_secure_suites.c
+++ b/test/framework/non_secure_suites.c
@@ -10,7 +10,7 @@
#include "test_framework.h"
/* Service specific includes */
-#include "test/suites/sst/non_secure/sst_ns_tests.h"
+#include "test/suites/ps/non_secure/ps_ns_tests.h"
#include "test/suites/its/non_secure/its_ns_tests.h"
#include "test/suites/audit/non_secure/audit_ns_tests.h"
#include "test/suites/crypto/non_secure/crypto_ns_tests.h"
@@ -26,7 +26,7 @@
#ifdef SERVICES_TEST_NS
/* List test cases which are compliant with level 1 isolation */
-#ifdef ENABLE_SECURE_STORAGE_SERVICE_TESTS
+#ifdef ENABLE_PROTECTED_STORAGE_SERVICE_TESTS
{®ister_testsuite_ns_psa_ps_interface, 0, 0, 0},
#endif
diff --git a/test/framework/secure_suites.c b/test/framework/secure_suites.c
index 1e7caa9..d89d27b 100644
--- a/test/framework/secure_suites.c
+++ b/test/framework/secure_suites.c
@@ -10,7 +10,7 @@
#include "test_framework.h"
/* Service specific includes */
-#include "test/suites/sst/secure/sst_tests.h"
+#include "test/suites/ps/secure/ps_tests.h"
#include "test/suites/its/secure/its_s_tests.h"
#include "test/suites/audit/secure/audit_s_tests.h"
#include "test/suites/attestation/secure/attestation_s_tests.h"
@@ -22,11 +22,11 @@
#ifdef SERVICES_TEST_S
/* List test cases which are compliant with level 1 isolation */
-#ifdef ENABLE_SECURE_STORAGE_SERVICE_TESTS
+#ifdef ENABLE_PROTECTED_STORAGE_SERVICE_TESTS
{®ister_testsuite_s_psa_ps_interface, 0, 0, 0},
{®ister_testsuite_s_psa_ps_reliability, 0, 0, 0},
-#ifdef SST_TEST_NV_COUNTERS
+#ifdef PS_TEST_NV_COUNTERS
{®ister_testsuite_s_rollback_protection, 0, 0, 0},
#endif
#endif
diff --git a/test/suites/sst/CMakeLists.inc b/test/suites/ps/CMakeLists.inc
similarity index 69%
rename from test/suites/sst/CMakeLists.inc
rename to test/suites/ps/CMakeLists.inc
index 852720c..7c8b562 100644
--- a/test/suites/sst/CMakeLists.inc
+++ b/test/suites/ps/CMakeLists.inc
@@ -5,7 +5,7 @@
#
#-------------------------------------------------------------------------------
-#Definitions to compile the "secure storage test" module.
+#Definitions to compile the "protected storage test" module.
#This file assumes it will be included from a project specific cmakefile, and
#will not create a library or executable.
#Inputs:
@@ -19,24 +19,24 @@
# Include directories will be modified by using the include_directories() commands as needed.
#Get the current directory where this file is located.
-set(SECURE_STORAGE_TEST_DIR ${CMAKE_CURRENT_LIST_DIR})
+set(PROTECTED_STORAGE_TEST_DIR ${CMAKE_CURRENT_LIST_DIR})
if(NOT DEFINED TFM_ROOT_DIR)
message(FATAL_ERROR "Please set TFM_ROOT_DIR before including this file.")
endif()
-if (NOT DEFINED ENABLE_SECURE_STORAGE_SERVICE_TESTS)
- message(FATAL_ERROR "Incomplete build configuration: ENABLE_SECURE_STORAGE_SERVICE_TESTS is undefined. ")
-elseif (ENABLE_SECURE_STORAGE_SERVICE_TESTS)
- list(APPEND ALL_SRC_C_NS "${SECURE_STORAGE_TEST_DIR}/non_secure/ns_test_helpers.c"
- "${SECURE_STORAGE_TEST_DIR}/non_secure/psa_ps_ns_interface_testsuite.c")
+if (NOT DEFINED ENABLE_PROTECTED_STORAGE_SERVICE_TESTS)
+ message(FATAL_ERROR "Incomplete build configuration: ENABLE_PROTECTED_STORAGE_SERVICE_TESTS is undefined. ")
+elseif (ENABLE_PROTECTED_STORAGE_SERVICE_TESTS)
+ list(APPEND ALL_SRC_C_NS "${PROTECTED_STORAGE_TEST_DIR}/non_secure/ns_test_helpers.c"
+ "${PROTECTED_STORAGE_TEST_DIR}/non_secure/psa_ps_ns_interface_testsuite.c")
- list(APPEND ALL_SRC_C_S "${SECURE_STORAGE_TEST_DIR}/secure/psa_ps_s_interface_testsuite.c"
- "${SECURE_STORAGE_TEST_DIR}/secure/psa_ps_s_reliability_testsuite.c")
+ list(APPEND ALL_SRC_C_S "${PROTECTED_STORAGE_TEST_DIR}/secure/psa_ps_s_interface_testsuite.c"
+ "${PROTECTED_STORAGE_TEST_DIR}/secure/psa_ps_s_reliability_testsuite.c")
- if (SST_ENCRYPTION AND SST_ROLLBACK_PROTECTION AND SST_TEST_NV_COUNTERS)
- list(APPEND ALL_SRC_C_S "${SECURE_STORAGE_TEST_DIR}/secure/sst_rollback_protection_testsuite.c"
- "${SECURE_STORAGE_TEST_DIR}/secure/nv_counters/test_sst_nv_counters.c")
- set_property(SOURCE ${ALL_SRC_C_S} APPEND PROPERTY COMPILE_DEFINITIONS SST_TEST_NV_COUNTERS)
+ if (PS_ENCRYPTION AND PS_ROLLBACK_PROTECTION AND PS_TEST_NV_COUNTERS)
+ list(APPEND ALL_SRC_C_S "${PROTECTED_STORAGE_TEST_DIR}/secure/ps_rollback_protection_testsuite.c"
+ "${PROTECTED_STORAGE_TEST_DIR}/secure/nv_counters/test_ps_nv_counters.c")
+ set_property(SOURCE ${ALL_SRC_C_S} APPEND PROPERTY COMPILE_DEFINITIONS PS_TEST_NV_COUNTERS)
endif()
if (NOT DEFINED TFM_NS_CLIENT_IDENTIFICATION)
@@ -45,15 +45,15 @@
set_property(SOURCE ${ALL_SRC_C_NS} APPEND PROPERTY COMPILE_DEFINITIONS TFM_NS_CLIENT_IDENTIFICATION)
endif()
- if (NOT SST_RAM_FS
+ if (NOT PS_RAM_FS
AND
NOT (REFERENCE_PLATFORM
OR ${TARGET_PLATFORM} STREQUAL "AN524"
OR ${TARGET_PLATFORM} STREQUAL "FVP_SSE300_MPS2"))
# Show flash warning message only when the RAM FS is not in use and the target platform contains a flash device.
# The reference platforms, AN524 and FVP_SSE300_MPS2 use RAM memory to emulate the flash.
- set_property(SOURCE ${ALL_SRC_C_S} APPEND PROPERTY COMPILE_DEFINITIONS SST_SHOW_FLASH_WARNING)
- set_property(SOURCE ${ALL_SRC_C_NS} APPEND PROPERTY COMPILE_DEFINITIONS SST_SHOW_FLASH_WARNING)
+ set_property(SOURCE ${ALL_SRC_C_S} APPEND PROPERTY COMPILE_DEFINITIONS PS_SHOW_FLASH_WARNING)
+ set_property(SOURCE ${ALL_SRC_C_NS} APPEND PROPERTY COMPILE_DEFINITIONS PS_SHOW_FLASH_WARNING)
endif()
#Setting include directories
diff --git a/test/suites/sst/non_secure/ns_test_helpers.c b/test/suites/ps/non_secure/ns_test_helpers.c
similarity index 87%
rename from test/suites/sst/non_secure/ns_test_helpers.c
rename to test/suites/ps/non_secure/ns_test_helpers.c
index a513e13..149b767 100644
--- a/test/suites/sst/non_secure/ns_test_helpers.c
+++ b/test/suites/ps/non_secure/ns_test_helpers.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -12,7 +12,7 @@
#include "tfm_nspm_api.h"
-#define SST_TEST_TASK_STACK_SIZE (768)
+#define PS_TEST_TASK_STACK_SIZE (768)
struct test_task_t {
test_func_t *func;
@@ -45,8 +45,8 @@
os_wrapper_thread_exit();
}
-void tfm_sst_run_test(const char *thread_name, struct test_result_t *ret,
- test_func_t *test_func)
+void tfm_ps_run_test(const char *thread_name, struct test_result_t *ret,
+ test_func_t *test_func)
{
void *current_thread_handle;
uint32_t current_thread_priority;
@@ -55,7 +55,7 @@
struct test_task_t test_task = { .func = test_func, .ret = ret };
/* Create a binary semaphore with initial count of 0 tokens available */
- test_semaphore = os_wrapper_semaphore_create(1, 0, "sst_tests_sema");
+ test_semaphore = os_wrapper_semaphore_create(1, 0, "ps_tests_sema");
if (!test_semaphore) {
TEST_FAIL("Semaphore creation failed");
return;
@@ -77,7 +77,7 @@
}
/* Start test thread */
- thread = os_wrapper_thread_new(thread_name, SST_TEST_TASK_STACK_SIZE,
+ thread = os_wrapper_thread_new(thread_name, PS_TEST_TASK_STACK_SIZE,
test_task_runner, &test_task,
current_thread_priority);
if (!thread) {
diff --git a/test/suites/sst/non_secure/ns_test_helpers.h b/test/suites/ps/non_secure/ns_test_helpers.h
similarity index 72%
rename from test/suites/sst/non_secure/ns_test_helpers.h
rename to test/suites/ps/non_secure/ns_test_helpers.h
index e18d812..22226f4 100644
--- a/test/suites/sst/non_secure/ns_test_helpers.h
+++ b/test/suites/ps/non_secure/ns_test_helpers.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -41,7 +41,7 @@
*
* \param[in] test_name Name of the test function
*/
-#define TFM_SST_TEST_PROTO(test_name) \
+#define TFM_PS_TEST_PROTO(test_name) \
static void test_name(struct test_result_t *ret)
/**
@@ -49,43 +49,43 @@
*
* \param[in] test_num Identification number of the test
*/
-#define TFM_SST_TEST_NAME(test_num) CONCAT(tfm_sst_test_, test_num)
+#define TFM_PS_TEST_NAME(test_num) CONCAT(tfm_ps_test_, test_num)
/**
* \brief Expands to the standard name of a task function.
*
* \param[in] test_num Identification number of the task
*/
-#define TFM_SST_TASK_NAME(test_num) CONCAT(TFM_SST_TEST_NAME(test_num), _task)
+#define TFM_PS_TASK_NAME(test_num) CONCAT(TFM_PS_TEST_NAME(test_num), _task)
/**
* \brief Expands to a test function declaration.
*
* \param[in] test_num Identification number of the test
*/
-#define TFM_SST_TEST(test_num) TFM_SST_TEST_PROTO(TFM_SST_TEST_NAME(test_num))
+#define TFM_PS_TEST(test_num) TFM_PS_TEST_PROTO(TFM_PS_TEST_NAME(test_num))
/**
* \brief Expands to a task function declaration.
*
* \param[in] test_num Identification number of the task
*/
-#define TFM_SST_TASK(test_num) TFM_SST_TEST_PROTO(TFM_SST_TASK_NAME(test_num))
+#define TFM_PS_TASK(test_num) TFM_PS_TEST_PROTO(TFM_PS_TASK_NAME(test_num))
/**
- * \brief Defines a single-threaded SST NS test function and declares the
+ * \brief Defines a single-threaded PS NS test function and declares the
* corresponding task function.
*
* \param[in] test_num Identification number of the test
* \param[in] thread_name Name of the thread in which to run the test
*/
-#define TFM_SST_NS_TEST(test_num, thread_name) \
- TFM_SST_TASK(test_num); \
- TFM_SST_TEST(test_num) \
+#define TFM_PS_NS_TEST(test_num, thread_name) \
+ TFM_PS_TASK(test_num); \
+ TFM_PS_TEST(test_num) \
{ \
- tfm_sst_run_test(thread_name, ret, TFM_SST_TASK_NAME(test_num)); \
+ tfm_ps_run_test(thread_name, ret, TFM_PS_TASK_NAME(test_num)); \
} \
- TFM_SST_TASK(test_num)
+ TFM_PS_TASK(test_num)
/* The type of a test function */
typedef void test_func_t(struct test_result_t *ret);
@@ -97,8 +97,8 @@
* \param[out] ret Result of the test
* \param[in] test_func Test function to be run in the new thread
*/
-void tfm_sst_run_test(const char *thread_name, struct test_result_t *ret,
- test_func_t *test_func);
+void tfm_ps_run_test(const char *thread_name, struct test_result_t *ret,
+ test_func_t *test_func);
#ifdef __cplusplus
}
diff --git a/test/suites/sst/non_secure/sst_ns_tests.h b/test/suites/ps/non_secure/ps_ns_tests.h
similarity index 72%
rename from test/suites/sst/non_secure/sst_ns_tests.h
rename to test/suites/ps/non_secure/ps_ns_tests.h
index 7cfddc8..7153827 100644
--- a/test/suites/sst/non_secure/sst_ns_tests.h
+++ b/test/suites/ps/non_secure/ps_ns_tests.h
@@ -1,12 +1,12 @@
/*
- * Copyright (c) 2017-2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2017-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
*/
-#ifndef __SST_NS_TESTS_H__
-#define __SST_NS_TESTS_H__
+#ifndef __PS_NS_TESTS_H__
+#define __PS_NS_TESTS_H__
#include "test/framework/test_framework.h"
@@ -25,4 +25,4 @@
}
#endif
-#endif /* __SST_NS_TESTS_H__ */
+#endif /* __PS_NS_TESTS_H__ */
diff --git a/test/suites/sst/non_secure/psa_ps_ns_interface_testsuite.c b/test/suites/ps/non_secure/psa_ps_ns_interface_testsuite.c
similarity index 87%
rename from test/suites/sst/non_secure/psa_ps_ns_interface_testsuite.c
rename to test/suites/ps/non_secure/psa_ps_ns_interface_testsuite.c
index b0cb5fc..e7b767c 100644
--- a/test/suites/sst/non_secure/psa_ps_ns_interface_testsuite.c
+++ b/test/suites/ps/non_secure/psa_ps_ns_interface_testsuite.c
@@ -5,7 +5,7 @@
*
*/
-#include "sst_ns_tests.h"
+#include "ps_ns_tests.h"
#include <stdio.h>
#include <string.h>
@@ -43,91 +43,91 @@
#define TEST_1025_CYCLES 3U
-static const uint8_t write_asset_data[SST_MAX_ASSET_SIZE] = {0xAF};
-static uint8_t read_asset_data[SST_MAX_ASSET_SIZE] = {0};
+static const uint8_t write_asset_data[PS_MAX_ASSET_SIZE] = {0xAF};
+static uint8_t read_asset_data[PS_MAX_ASSET_SIZE] = {0};
static size_t read_asset_data_len = 0;
/* List of tests */
-static void tfm_sst_test_1001(struct test_result_t *ret);
-static void tfm_sst_test_1002(struct test_result_t *ret);
-static void tfm_sst_test_1003(struct test_result_t *ret);
-static void tfm_sst_test_1004(struct test_result_t *ret);
-static void tfm_sst_test_1005(struct test_result_t *ret);
-static void tfm_sst_test_1006(struct test_result_t *ret);
-static void tfm_sst_test_1007(struct test_result_t *ret);
-static void tfm_sst_test_1008(struct test_result_t *ret);
-static void tfm_sst_test_1009(struct test_result_t *ret);
-static void tfm_sst_test_1010(struct test_result_t *ret);
-static void tfm_sst_test_1011(struct test_result_t *ret);
-static void tfm_sst_test_1012(struct test_result_t *ret);
-static void tfm_sst_test_1013(struct test_result_t *ret);
-static void tfm_sst_test_1014(struct test_result_t *ret);
-static void tfm_sst_test_1015(struct test_result_t *ret);
+static void tfm_ps_test_1001(struct test_result_t *ret);
+static void tfm_ps_test_1002(struct test_result_t *ret);
+static void tfm_ps_test_1003(struct test_result_t *ret);
+static void tfm_ps_test_1004(struct test_result_t *ret);
+static void tfm_ps_test_1005(struct test_result_t *ret);
+static void tfm_ps_test_1006(struct test_result_t *ret);
+static void tfm_ps_test_1007(struct test_result_t *ret);
+static void tfm_ps_test_1008(struct test_result_t *ret);
+static void tfm_ps_test_1009(struct test_result_t *ret);
+static void tfm_ps_test_1010(struct test_result_t *ret);
+static void tfm_ps_test_1011(struct test_result_t *ret);
+static void tfm_ps_test_1012(struct test_result_t *ret);
+static void tfm_ps_test_1013(struct test_result_t *ret);
+static void tfm_ps_test_1014(struct test_result_t *ret);
+static void tfm_ps_test_1015(struct test_result_t *ret);
#ifdef TFM_NS_CLIENT_IDENTIFICATION
-static void tfm_sst_test_1016(struct test_result_t *ret);
-static void tfm_sst_test_1017(struct test_result_t *ret);
-static void tfm_sst_test_1018(struct test_result_t *ret);
-static void tfm_sst_test_1019(struct test_result_t *ret);
-static void tfm_sst_test_1020(struct test_result_t *ret);
+static void tfm_ps_test_1016(struct test_result_t *ret);
+static void tfm_ps_test_1017(struct test_result_t *ret);
+static void tfm_ps_test_1018(struct test_result_t *ret);
+static void tfm_ps_test_1019(struct test_result_t *ret);
+static void tfm_ps_test_1020(struct test_result_t *ret);
#endif /* TFM_NS_CLIENT_IDENTIFICATION */
-static void tfm_sst_test_1021(struct test_result_t *ret);
-static void tfm_sst_test_1022(struct test_result_t *ret);
-static void tfm_sst_test_1023(struct test_result_t *ret);
-static void tfm_sst_test_1024(struct test_result_t *ret);
-static void tfm_sst_test_1025(struct test_result_t *ret);
+static void tfm_ps_test_1021(struct test_result_t *ret);
+static void tfm_ps_test_1022(struct test_result_t *ret);
+static void tfm_ps_test_1023(struct test_result_t *ret);
+static void tfm_ps_test_1024(struct test_result_t *ret);
+static void tfm_ps_test_1025(struct test_result_t *ret);
static struct test_t psa_ps_ns_tests[] = {
- {&tfm_sst_test_1001, "TFM_SST_TEST_1001",
+ {&tfm_ps_test_1001, "TFM_PS_TEST_1001",
"Set interface"},
- {&tfm_sst_test_1002, "TFM_SST_TEST_1002",
+ {&tfm_ps_test_1002, "TFM_PS_TEST_1002",
"Set interface with create flags"},
- {&tfm_sst_test_1003, "TFM_SST_TEST_1003",
+ {&tfm_ps_test_1003, "TFM_PS_TEST_1003",
"Set interface with NULL data pointer"},
- {&tfm_sst_test_1004, "TFM_SST_TEST_1004",
+ {&tfm_ps_test_1004, "TFM_PS_TEST_1004",
"Set interface with write once UID"},
- {&tfm_sst_test_1005, "TFM_SST_TEST_1005",
+ {&tfm_ps_test_1005, "TFM_PS_TEST_1005",
"Get interface with valid data"},
- {&tfm_sst_test_1006, "TFM_SST_TEST_1006",
+ {&tfm_ps_test_1006, "TFM_PS_TEST_1006",
"Get interface with zero data length"},
- {&tfm_sst_test_1007, "TFM_SST_TEST_1007",
+ {&tfm_ps_test_1007, "TFM_PS_TEST_1007",
"Get interface with invalid UIDs"},
- {&tfm_sst_test_1008, "TFM_SST_TEST_1008",
+ {&tfm_ps_test_1008, "TFM_PS_TEST_1008",
"Get interface with invalid data lengths and offsets"},
- {&tfm_sst_test_1009, "TFM_SST_TEST_1009",
+ {&tfm_ps_test_1009, "TFM_PS_TEST_1009",
"Get interface with NULL data pointer"},
- {&tfm_sst_test_1010, "TFM_SST_TEST_1010",
+ {&tfm_ps_test_1010, "TFM_PS_TEST_1010",
"Get info interface with write once UID"},
- {&tfm_sst_test_1011, "TFM_SST_TEST_1011",
+ {&tfm_ps_test_1011, "TFM_PS_TEST_1011",
"Get info interface with valid UID"},
- {&tfm_sst_test_1012, "TFM_SST_TEST_1012",
+ {&tfm_ps_test_1012, "TFM_PS_TEST_1012",
"Get info interface with invalid UIDs"},
- {&tfm_sst_test_1013, "TFM_SST_TEST_1013",
+ {&tfm_ps_test_1013, "TFM_PS_TEST_1013",
"Remove interface with valid UID"},
- {&tfm_sst_test_1014, "TFM_SST_TEST_1014",
+ {&tfm_ps_test_1014, "TFM_PS_TEST_1014",
"Remove interface with write once UID"},
- {&tfm_sst_test_1015, "TFM_SST_TEST_1015",
+ {&tfm_ps_test_1015, "TFM_PS_TEST_1015",
"Remove interface with invalid UID"},
#ifdef TFM_NS_CLIENT_IDENTIFICATION
- {&tfm_sst_test_1016, "TFM_SST_TEST_1016",
+ {&tfm_ps_test_1016, "TFM_PS_TEST_1016",
"Get interface with invalid thread name"},
- {&tfm_sst_test_1017, "TFM_SST_TEST_1017",
+ {&tfm_ps_test_1017, "TFM_PS_TEST_1017",
"Get info interface with invalid thread name"},
- {&tfm_sst_test_1018, "TFM_SST_TEST_1018",
+ {&tfm_ps_test_1018, "TFM_PS_TEST_1018",
"Remove interface with invalid thread name"},
- {&tfm_sst_test_1019, "TFM_SST_TEST_1019",
+ {&tfm_ps_test_1019, "TFM_PS_TEST_1019",
"Attempt to access UID belonging to another thread"},
- {&tfm_sst_test_1020, "TFM_SST_TEST_1020",
+ {&tfm_ps_test_1020, "TFM_PS_TEST_1020",
"Set UID alternately from two threads"},
#endif /* TFM_NS_CLIENT_IDENTIFICATION */
- {&tfm_sst_test_1021, "TFM_SST_TEST_1021",
+ {&tfm_ps_test_1021, "TFM_PS_TEST_1021",
"Block compaction after remove"},
- {&tfm_sst_test_1022, "TFM_SST_TEST_1022",
+ {&tfm_ps_test_1022, "TFM_PS_TEST_1022",
"Multiple partial gets"},
- {&tfm_sst_test_1023, "TFM_SST_TEST_1023",
+ {&tfm_ps_test_1023, "TFM_PS_TEST_1023",
"Multiple sets to same UID from same thread"},
- {&tfm_sst_test_1024, "TFM_SST_TEST_1024",
+ {&tfm_ps_test_1024, "TFM_PS_TEST_1024",
"Get support interface"},
- {&tfm_sst_test_1025, "TFM_SST_TEST_1025",
+ {&tfm_ps_test_1025, "TFM_PS_TEST_1025",
"Set, get and remove interface with different asset sizes"},
};
@@ -138,13 +138,13 @@
list_size = (sizeof(psa_ps_ns_tests) / sizeof(psa_ps_ns_tests[0]));
set_testsuite(
- "PSA protected storage NS interface tests (TFM_SST_TEST_1XXX)",
+ "PSA protected storage NS interface tests (TFM_PS_TEST_1XXX)",
psa_ps_ns_tests, list_size, p_test_suite);
-#ifdef SST_SHOW_FLASH_WARNING
- TEST_LOG("\r\n**WARNING** The SST regression tests reduce the life of the "
+#ifdef PS_SHOW_FLASH_WARNING
+ TEST_LOG("\r\n**WARNING** The PS regression tests reduce the life of the "
"flash memory as they write/erase multiple times the memory. \r\n"
- "Please, set the SST_RAM_FS flag to use RAM instead of flash."
+ "Please, set the PS_RAM_FS flag to use RAM instead of flash."
"\r\n\r\n");
#endif
}
@@ -154,7 +154,7 @@
* - Valid UID, no data, no flags
* - Invalid UID, no data, no flags
*/
-TFM_SST_NS_TEST(1001, "Thread_A")
+TFM_PS_NS_TEST(1001, "Thread_A")
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_1;
@@ -199,7 +199,7 @@
* - Valid create flags (with previously created UID)
* - Invalid create flags
*/
-TFM_SST_NS_TEST(1002, "Thread_A")
+TFM_PS_NS_TEST(1002, "Thread_A")
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_2;
@@ -245,7 +245,7 @@
* and not return to the NSPE so this case is not tested here.
*
*/
-TFM_SST_NS_TEST(1003, "Thread_A")
+TFM_PS_NS_TEST(1003, "Thread_A")
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_3;
@@ -266,7 +266,7 @@
* \brief Tests set function with:
* - Write once UID that has already been created
*/
-TFM_SST_NS_TEST(1004, "Thread_A")
+TFM_PS_NS_TEST(1004, "Thread_A")
{
psa_status_t status;
const psa_storage_uid_t uid = WRITE_ONCE_UID;
@@ -307,7 +307,7 @@
* - Valid data, zero offset
* - Valid data, non-zero offset
*/
-TFM_SST_NS_TEST(1005, "Thread_A")
+TFM_PS_NS_TEST(1005, "Thread_A")
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_2;
@@ -389,7 +389,7 @@
* - Zero data length, zero offset
* - Zero data length, non-zero offset
*/
-TFM_SST_NS_TEST(1006, "Thread_A")
+TFM_PS_NS_TEST(1006, "Thread_A")
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_3;
@@ -452,7 +452,7 @@
* - Unset UID
* - Invalid UID
*/
-TFM_SST_NS_TEST(1007, "Thread_A")
+TFM_PS_NS_TEST(1007, "Thread_A")
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_1;
@@ -498,7 +498,7 @@
* - Data length greater than UID length
* - Data length + offset greater than UID length
*/
-TFM_SST_NS_TEST(1008, "Thread_A")
+TFM_PS_NS_TEST(1008, "Thread_A")
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_2;
@@ -604,7 +604,7 @@
* and not return to the NSPE so this case is not tested here.
*
*/
-TFM_SST_NS_TEST(1009, "Thread_A")
+TFM_PS_NS_TEST(1009, "Thread_A")
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_3;
@@ -641,7 +641,7 @@
* \brief Tests get info function with:
* - Write once UID
*/
-TFM_SST_NS_TEST(1010, "Thread_A")
+TFM_PS_NS_TEST(1010, "Thread_A")
{
psa_status_t status;
const psa_storage_uid_t uid = WRITE_ONCE_UID;
@@ -672,7 +672,7 @@
* \brief Tests get info function with:
* - Valid UID
*/
-TFM_SST_NS_TEST(1011, "Thread_A")
+TFM_PS_NS_TEST(1011, "Thread_A")
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_1;
@@ -720,7 +720,7 @@
* - Unset UID
* - Invalid UID
*/
-TFM_SST_NS_TEST(1012, "Thread_A")
+TFM_PS_NS_TEST(1012, "Thread_A")
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_2;
@@ -769,7 +769,7 @@
* \brief Tests remove function with:
* - Valid UID
*/
-TFM_SST_NS_TEST(1013, "Thread_A")
+TFM_PS_NS_TEST(1013, "Thread_A")
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_1;
@@ -822,7 +822,7 @@
* \brief Tests remove function with:
* - Write once UID
*/
-TFM_SST_NS_TEST(1014, "Thread_A")
+TFM_PS_NS_TEST(1014, "Thread_A")
{
psa_status_t status;
const psa_storage_uid_t uid = WRITE_ONCE_UID;
@@ -841,7 +841,7 @@
* \brief Tests remove function with:
* - Invalid UID
*/
-TFM_SST_NS_TEST(1015, "Thread_A")
+TFM_PS_NS_TEST(1015, "Thread_A")
{
psa_status_t status;
const psa_storage_uid_t uid = INVALID_UID;
@@ -860,7 +860,7 @@
/**
* \brief Sets UID with a valid thread name.
*/
-static void tfm_sst_test_1016_task_1(struct test_result_t *ret)
+static void tfm_ps_test_1016_task_1(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_3;
@@ -880,7 +880,7 @@
/**
* \brief Calls get with an invalid thread name.
*/
-static void tfm_sst_test_1016_task_2(struct test_result_t *ret)
+static void tfm_ps_test_1016_task_2(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_3;
@@ -907,7 +907,7 @@
/**
* \brief Removes UID with a valid thread name to clean up storage.
*/
-static void tfm_sst_test_1016_task_3(struct test_result_t *ret)
+static void tfm_ps_test_1016_task_3(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_3;
@@ -924,25 +924,25 @@
/**
* \brief Tests get function with an invalid thread name.
*/
-static void tfm_sst_test_1016(struct test_result_t *ret)
+static void tfm_ps_test_1016(struct test_result_t *ret)
{
- tfm_sst_run_test("Thread_A", ret, tfm_sst_test_1016_task_1);
+ tfm_ps_run_test("Thread_A", ret, tfm_ps_test_1016_task_1);
if (ret->val != TEST_PASSED) {
return;
}
- tfm_sst_run_test(INVALID_THREAD_NAME, ret, tfm_sst_test_1016_task_2);
+ tfm_ps_run_test(INVALID_THREAD_NAME, ret, tfm_ps_test_1016_task_2);
if (ret->val != TEST_PASSED) {
return;
}
- tfm_sst_run_test("Thread_A", ret, tfm_sst_test_1016_task_3);
+ tfm_ps_run_test("Thread_A", ret, tfm_ps_test_1016_task_3);
}
/**
* \brief Sets UID with a valid thread name.
*/
-static void tfm_sst_test_1017_task_1(struct test_result_t *ret)
+static void tfm_ps_test_1017_task_1(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_1;
@@ -962,7 +962,7 @@
/**
* \brief Calls get info with an invalid thread name.
*/
-static void tfm_sst_test_1017_task_2(struct test_result_t *ret)
+static void tfm_ps_test_1017_task_2(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_1;
@@ -986,7 +986,7 @@
/**
* \brief Removes UID with a valid thread name to clean up storage.
*/
-static void tfm_sst_test_1017_task_3(struct test_result_t *ret)
+static void tfm_ps_test_1017_task_3(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_1;
@@ -1003,25 +1003,25 @@
/**
* \brief Tests get info function with an invalid thread name.
*/
-static void tfm_sst_test_1017(struct test_result_t *ret)
+static void tfm_ps_test_1017(struct test_result_t *ret)
{
- tfm_sst_run_test("Thread_A", ret, tfm_sst_test_1017_task_1);
+ tfm_ps_run_test("Thread_A", ret, tfm_ps_test_1017_task_1);
if (ret->val != TEST_PASSED) {
return;
}
- tfm_sst_run_test(INVALID_THREAD_NAME, ret, tfm_sst_test_1017_task_2);
+ tfm_ps_run_test(INVALID_THREAD_NAME, ret, tfm_ps_test_1017_task_2);
if (ret->val != TEST_PASSED) {
return;
}
- tfm_sst_run_test("Thread_A", ret, tfm_sst_test_1017_task_3);
+ tfm_ps_run_test("Thread_A", ret, tfm_ps_test_1017_task_3);
}
/**
* \brief Sets UID with a valid thread name.
*/
-static void tfm_sst_test_1018_task_1(struct test_result_t *ret)
+static void tfm_ps_test_1018_task_1(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_2;
@@ -1041,7 +1041,7 @@
/**
* \brief Calls remove with an invalid thread name.
*/
-static void tfm_sst_test_1018_task_2(struct test_result_t *ret)
+static void tfm_ps_test_1018_task_2(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_2;
@@ -1058,7 +1058,7 @@
/**
* \brief Removes UID with a valid thread name to clean up storage.
*/
-static void tfm_sst_test_1018_task_3(struct test_result_t *ret)
+static void tfm_ps_test_1018_task_3(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_2;
@@ -1075,25 +1075,25 @@
/**
* \brief Tests remove function with an invalid thread name.
*/
-static void tfm_sst_test_1018(struct test_result_t *ret)
+static void tfm_ps_test_1018(struct test_result_t *ret)
{
- tfm_sst_run_test("Thread_A", ret, tfm_sst_test_1018_task_1);
+ tfm_ps_run_test("Thread_A", ret, tfm_ps_test_1018_task_1);
if (ret->val != TEST_PASSED) {
return;
}
- tfm_sst_run_test(INVALID_THREAD_NAME, ret, tfm_sst_test_1018_task_2);
+ tfm_ps_run_test(INVALID_THREAD_NAME, ret, tfm_ps_test_1018_task_2);
if (ret->val != TEST_PASSED) {
return;
}
- tfm_sst_run_test("Thread_A", ret, tfm_sst_test_1018_task_3);
+ tfm_ps_run_test("Thread_A", ret, tfm_ps_test_1018_task_3);
}
/**
* \brief Sets UID with first thread.
*/
-static void tfm_sst_test_1019_task_1(struct test_result_t *ret)
+static void tfm_ps_test_1019_task_1(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_3;
@@ -1112,7 +1112,7 @@
/**
* \brief Attempts to access same UID from second thread.
*/
-static void tfm_sst_test_1019_task_2(struct test_result_t *ret)
+static void tfm_ps_test_1019_task_2(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_3;
@@ -1188,7 +1188,7 @@
/**
* \brief Checks that first thread's UID has not been modified.
*/
-static void tfm_sst_test_1019_task_3(struct test_result_t *ret)
+static void tfm_ps_test_1019_task_3(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_3;
@@ -1240,25 +1240,25 @@
/**
* \brief Tests attempting to access UID belonging to another thread.
*/
-static void tfm_sst_test_1019(struct test_result_t *ret)
+static void tfm_ps_test_1019(struct test_result_t *ret)
{
- tfm_sst_run_test("Thread_A", ret, tfm_sst_test_1019_task_1);
+ tfm_ps_run_test("Thread_A", ret, tfm_ps_test_1019_task_1);
if (ret->val != TEST_PASSED) {
return;
}
- tfm_sst_run_test("Thread_B", ret, tfm_sst_test_1019_task_2);
+ tfm_ps_run_test("Thread_B", ret, tfm_ps_test_1019_task_2);
if (ret->val != TEST_PASSED) {
return;
}
- tfm_sst_run_test("Thread_A", ret, tfm_sst_test_1019_task_3);
+ tfm_ps_run_test("Thread_A", ret, tfm_ps_test_1019_task_3);
}
/**
* \brief Sets TEST_UID_1 from Thread_A.
*/
-static void tfm_sst_test_1020_task_1(struct test_result_t *ret)
+static void tfm_ps_test_1020_task_1(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_1;
@@ -1277,7 +1277,7 @@
/**
* \brief Sets TEST_UID_1 from Thread_B.
*/
-static void tfm_sst_test_1020_task_2(struct test_result_t *ret)
+static void tfm_ps_test_1020_task_2(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_1;
@@ -1296,7 +1296,7 @@
/**
* \brief Sets TEST_UID_1 again from Thread_A.
*/
-static void tfm_sst_test_1020_task_3(struct test_result_t *ret)
+static void tfm_ps_test_1020_task_3(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_1;
@@ -1315,7 +1315,7 @@
/**
* \brief Sets TEST_UID_1 again from Thread_B.
*/
-static void tfm_sst_test_1020_task_4(struct test_result_t *ret)
+static void tfm_ps_test_1020_task_4(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_1;
@@ -1334,7 +1334,7 @@
/**
* \brief Gets TEST_UID_1 from Thread_A.
*/
-static void tfm_sst_test_1020_task_5(struct test_result_t *ret)
+static void tfm_ps_test_1020_task_5(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_1;
@@ -1362,7 +1362,7 @@
/**
* \brief Gets TEST_UID_1 from Thread_B.
*/
-static void tfm_sst_test_1020_task_6(struct test_result_t *ret)
+static void tfm_ps_test_1020_task_6(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_1;
@@ -1397,7 +1397,7 @@
/**
* \brief Calls removes from Thread_B to clean up storage for the next test.
*/
-static void tfm_sst_test_1020_task_7(struct test_result_t *ret)
+static void tfm_ps_test_1020_task_7(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_1;
@@ -1416,39 +1416,39 @@
* \brief Tests writing data to a UID alternately from two threads before
* read-back.
*/
-static void tfm_sst_test_1020(struct test_result_t *ret)
+static void tfm_ps_test_1020(struct test_result_t *ret)
{
- tfm_sst_run_test("Thread_A", ret, tfm_sst_test_1020_task_1);
+ tfm_ps_run_test("Thread_A", ret, tfm_ps_test_1020_task_1);
if (ret->val != TEST_PASSED) {
return;
}
- tfm_sst_run_test("Thread_B", ret, tfm_sst_test_1020_task_2);
+ tfm_ps_run_test("Thread_B", ret, tfm_ps_test_1020_task_2);
if (ret->val != TEST_PASSED) {
return;
}
- tfm_sst_run_test("Thread_A", ret, tfm_sst_test_1020_task_3);
+ tfm_ps_run_test("Thread_A", ret, tfm_ps_test_1020_task_3);
if (ret->val != TEST_PASSED) {
return;
}
- tfm_sst_run_test("Thread_B", ret, tfm_sst_test_1020_task_4);
+ tfm_ps_run_test("Thread_B", ret, tfm_ps_test_1020_task_4);
if (ret->val != TEST_PASSED) {
return;
}
- tfm_sst_run_test("Thread_A", ret, tfm_sst_test_1020_task_5);
+ tfm_ps_run_test("Thread_A", ret, tfm_ps_test_1020_task_5);
if (ret->val != TEST_PASSED) {
return;
}
- tfm_sst_run_test("Thread_B", ret, tfm_sst_test_1020_task_6);
+ tfm_ps_run_test("Thread_B", ret, tfm_ps_test_1020_task_6);
if (ret->val != TEST_PASSED) {
return;
}
- tfm_sst_run_test("Thread_A", ret, tfm_sst_test_1020_task_7);
+ tfm_ps_run_test("Thread_A", ret, tfm_ps_test_1020_task_7);
}
#endif /* TFM_NS_CLIENT_IDENTIFICATION */
@@ -1459,7 +1459,7 @@
* the beginning of the block. This test verifies that the compaction
* works correctly by reading back UID 2.
*/
-TFM_SST_NS_TEST(1021, "Thread_A")
+TFM_PS_NS_TEST(1021, "Thread_A")
{
psa_status_t status;
const psa_storage_uid_t uid_1 = TEST_UID_2;
@@ -1523,7 +1523,7 @@
/**
* \brief Tests set and multiple partial gets.
*/
-TFM_SST_NS_TEST(1022, "Thread_A")
+TFM_PS_NS_TEST(1022, "Thread_A")
{
psa_status_t status;
uint32_t i;
@@ -1573,7 +1573,7 @@
/**
* \brief Tests multiple sets to the same UID.
*/
-TFM_SST_NS_TEST(1023, "Thread_A")
+TFM_PS_NS_TEST(1023, "Thread_A")
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_2;
@@ -1632,7 +1632,7 @@
/**
* \brief Tests get support function.
*/
-TFM_SST_NS_TEST(1024, "Thread_A")
+TFM_PS_NS_TEST(1024, "Thread_A")
{
uint32_t support_flags;
@@ -1651,7 +1651,7 @@
* - Data length of different asset sizes
* - No flags
*/
-TFM_SST_NS_TEST(1025, "Thread_A")
+TFM_PS_NS_TEST(1025, "Thread_A")
{
uint8_t cycle;
psa_status_t status;
@@ -1660,9 +1660,9 @@
TEST_UID_2,
TEST_UID_3};
const uint32_t test_asset_sizes[TEST_1025_CYCLES] = {
- SST_MAX_ASSET_SIZE >> 2,
- SST_MAX_ASSET_SIZE >> 1,
- SST_MAX_ASSET_SIZE};
+ PS_MAX_ASSET_SIZE >> 2,
+ PS_MAX_ASSET_SIZE >> 1,
+ PS_MAX_ASSET_SIZE};
/* Loop to test different asset sizes and UID's*/
for (cycle = 0; cycle < TEST_1025_CYCLES; cycle++) {
diff --git a/test/suites/sst/secure/nv_counters/test_sst_nv_counters.c b/test/suites/ps/secure/nv_counters/test_ps_nv_counters.c
similarity index 61%
rename from test/suites/sst/secure/nv_counters/test_sst_nv_counters.c
rename to test/suites/ps/secure/nv_counters/test_ps_nv_counters.c
index ec18eaa..a2a86b3 100644
--- a/test/suites/sst/secure/nv_counters/test_sst_nv_counters.c
+++ b/test/suites/ps/secure/nv_counters/test_ps_nv_counters.c
@@ -5,20 +5,20 @@
*
*/
-#include "test_sst_nv_counters.h"
+#include "test_ps_nv_counters.h"
#include <limits.h>
-#include "secure_fw/partitions/secure_storage/nv_counters/sst_nv_counters.h"
-#include "secure_fw/partitions/secure_storage/sst_utils.h"
+#include "secure_fw/partitions/protected_storage/nv_counters/ps_nv_counters.h"
+#include "secure_fw/partitions/protected_storage/ps_utils.h"
#define DISABLE_INCREMENT 0
#define ENABLE_INCREMENT 1
-#define TOTAL_SST_NV_COUNTERS 3
+#define TOTAL_PS_NV_COUNTERS 3
#define INIT_NV_COUNTERS_VALUE 42
static uint8_t nv_increment_status = ENABLE_INCREMENT;
-static uint32_t test_nv_counters[TOTAL_SST_NV_COUNTERS] = {
+static uint32_t test_nv_counters[TOTAL_PS_NV_COUNTERS] = {
[0] = INIT_NV_COUNTERS_VALUE,
[1] = INIT_NV_COUNTERS_VALUE,
[2] = INIT_NV_COUNTERS_VALUE
@@ -27,24 +27,24 @@
static uint32_t get_nv_counter_position(enum tfm_nv_counter_t counter_id)
{
switch (counter_id) {
- case TFM_SST_NV_COUNTER_1:
+ case TFM_PS_NV_COUNTER_1:
return 0;
- case TFM_SST_NV_COUNTER_2:
+ case TFM_PS_NV_COUNTER_2:
return 1;
- case TFM_SST_NV_COUNTER_3:
+ case TFM_PS_NV_COUNTER_3:
return 2;
default:
- return TOTAL_SST_NV_COUNTERS;
+ return TOTAL_PS_NV_COUNTERS;
}
}
-psa_status_t sst_read_nv_counter(enum tfm_nv_counter_t counter_id,
+psa_status_t ps_read_nv_counter(enum tfm_nv_counter_t counter_id,
uint32_t *val)
{
uint32_t nv_pos;
nv_pos = get_nv_counter_position(counter_id);
- if (nv_pos >= TOTAL_SST_NV_COUNTERS) {
+ if (nv_pos >= TOTAL_PS_NV_COUNTERS) {
return PSA_ERROR_GENERIC_ERROR;
}
@@ -54,7 +54,7 @@
return PSA_SUCCESS;
}
-psa_status_t sst_increment_nv_counter(enum tfm_nv_counter_t counter_id)
+psa_status_t ps_increment_nv_counter(enum tfm_nv_counter_t counter_id)
{
uint32_t nv_pos;
@@ -63,7 +63,7 @@
}
nv_pos = get_nv_counter_position(counter_id);
- if (nv_pos >= TOTAL_SST_NV_COUNTERS) {
+ if (nv_pos >= TOTAL_PS_NV_COUNTERS) {
return PSA_ERROR_GENERIC_ERROR;
}
@@ -77,36 +77,36 @@
return PSA_SUCCESS;
}
-/* Implementation of SST NV counter interfaces defined by
- * test_sst_nv_counters.h
+/* Implementation of PS NV counter interfaces defined by
+ * test_ps_nv_counters.h
*/
-void test_sst_disable_increment_nv_counter(void)
+void test_ps_disable_increment_nv_counter(void)
{
nv_increment_status = DISABLE_INCREMENT;
}
-void test_sst_enable_increment_nv_counter(void)
+void test_ps_enable_increment_nv_counter(void)
{
nv_increment_status = ENABLE_INCREMENT;
}
-psa_status_t test_sst_read_nv_counter(enum tfm_nv_counter_t counter_id,
+psa_status_t test_ps_read_nv_counter(enum tfm_nv_counter_t counter_id,
uint32_t *val)
{
- return sst_read_nv_counter(counter_id, val);
+ return ps_read_nv_counter(counter_id, val);
}
-psa_status_t test_sst_increment_nv_counter(enum tfm_nv_counter_t counter_id)
+psa_status_t test_ps_increment_nv_counter(enum tfm_nv_counter_t counter_id)
{
- return sst_increment_nv_counter(counter_id);
+ return ps_increment_nv_counter(counter_id);
}
-psa_status_t test_sst_decrement_nv_counter(enum tfm_nv_counter_t counter_id)
+psa_status_t test_ps_decrement_nv_counter(enum tfm_nv_counter_t counter_id)
{
uint32_t nv_pos;
nv_pos = get_nv_counter_position(counter_id);
- if (nv_pos >= TOTAL_SST_NV_COUNTERS) {
+ if (nv_pos >= TOTAL_PS_NV_COUNTERS) {
return PSA_ERROR_GENERIC_ERROR;
}
@@ -120,13 +120,13 @@
return PSA_SUCCESS;
}
-psa_status_t test_sst_set_nv_counter(enum tfm_nv_counter_t counter_id,
- uint32_t value)
+psa_status_t test_ps_set_nv_counter(enum tfm_nv_counter_t counter_id,
+ uint32_t value)
{
uint32_t nv_pos;
nv_pos = get_nv_counter_position(counter_id);
- if (nv_pos >= TOTAL_SST_NV_COUNTERS) {
+ if (nv_pos >= TOTAL_PS_NV_COUNTERS) {
return PSA_ERROR_GENERIC_ERROR;
}
diff --git a/test/suites/sst/secure/nv_counters/test_sst_nv_counters.h b/test/suites/ps/secure/nv_counters/test_ps_nv_counters.h
similarity index 73%
rename from test/suites/sst/secure/nv_counters/test_sst_nv_counters.h
rename to test/suites/ps/secure/nv_counters/test_ps_nv_counters.h
index 8e08653..2f3b332 100644
--- a/test/suites/sst/secure/nv_counters/test_sst_nv_counters.h
+++ b/test/suites/ps/secure/nv_counters/test_ps_nv_counters.h
@@ -5,8 +5,8 @@
*
*/
-#ifndef __TEST_SST_NV_COUNTERS_H__
-#define __TEST_SST_NV_COUNTERS_H__
+#ifndef __TEST_PS_NV_COUNTERS_H__
+#define __TEST_PS_NV_COUNTERS_H__
#include <stdint.h>
#include "psa/protected_storage.h"
@@ -25,7 +25,7 @@
* \return PSA_SUCCESS if the value is read correctly, otherwise
* PSA_ERROR_GENERIC_ERROR
*/
-psa_status_t test_sst_read_nv_counter(enum tfm_nv_counter_t counter_id,
+psa_status_t test_ps_read_nv_counter(enum tfm_nv_counter_t counter_id,
uint32_t *val);
/**
@@ -37,7 +37,7 @@
* PSA_ERROR_GENERIC_ERROR error is returned to indicate the
* value cannot be incremented. Otherwise, PSA_SUCCESS.
*/
-psa_status_t test_sst_increment_nv_counter(enum tfm_nv_counter_t counter_id);
+psa_status_t test_ps_increment_nv_counter(enum tfm_nv_counter_t counter_id);
/**
* \brief Decrements the given non-volatile (NV) counter.
@@ -48,19 +48,19 @@
* PSA_ERROR_GENERIC_ERROR error is returned to indicate the
* value cannot be decremented. Otherwise, PSA_SUCCESS.
*/
-psa_status_t test_sst_decrement_nv_counter(enum tfm_nv_counter_t counter_id);
+psa_status_t test_ps_decrement_nv_counter(enum tfm_nv_counter_t counter_id);
/**
- * \brief Disables SST increment nv counter function to force
+ * \brief Disables PS increment nv counter function to force
* PSA_ERROR_GENERIC_ERROR return value as an indication that NV
* counter reaches its maximum value.
*/
-void test_sst_disable_increment_nv_counter(void);
+void test_ps_disable_increment_nv_counter(void);
/**
- * \brief Enables SST increment nv counter function to work normally.
+ * \brief Enables PS increment nv counter function to work normally.
*/
-void test_sst_enable_increment_nv_counter(void);
+void test_ps_enable_increment_nv_counter(void);
/**
* \brief Sets a new value into the given non-volatile (NV) counter.
@@ -72,11 +72,11 @@
* PSA_ERROR_GENERIC_ERROR error is returned to indicate the
* value cannot be set. Otherwise, PSA_SUCCESS.
*/
-psa_status_t test_sst_set_nv_counter(enum tfm_nv_counter_t counter_id,
+psa_status_t test_ps_set_nv_counter(enum tfm_nv_counter_t counter_id,
uint32_t value);
#ifdef __cplusplus
}
#endif
-#endif /* __TEST_SST_NV_COUNTERS_H__ */
+#endif /* __TEST_PS_NV_COUNTERS_H__ */
diff --git a/test/suites/ps/secure/ps_rollback_protection_testsuite.c b/test/suites/ps/secure/ps_rollback_protection_testsuite.c
new file mode 100644
index 0000000..d8c1bd9
--- /dev/null
+++ b/test/suites/ps/secure/ps_rollback_protection_testsuite.c
@@ -0,0 +1,819 @@
+/*
+ * Copyright (c) 2018-2020, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#include "ps_tests.h"
+
+#include <stdio.h>
+
+#include "secure_fw/partitions/protected_storage/nv_counters/ps_nv_counters.h"
+#include "nv_counters/test_ps_nv_counters.h"
+#include "psa/protected_storage.h"
+#include "tfm_memory_utils.h"
+#include "s_test_helpers.h"
+
+/* This include is required to expose the ps_system_prepare function, via the
+ * tfm_ps_test_system_prepare API, to simulate a reboot in the system.
+ * ps_system_prepare is called when the PS service is initialized.
+ */
+#include "test/test_services/tfm_ps_test_service/tfm_ps_test_service_api.h"
+
+#include "test/framework/test_framework_helpers.h"
+
+/* Test UIDs */
+#define TEST_UID 2UL /* UID 1 cannot be used as it references a write once
+ * asset, created in psa_ps_s_interface_testsuite.c
+ */
+
+/* Write data */
+#define WRITE_DATA "THE_FIVE_BOXING_WIZARDS_JUMP_QUICKLY"
+#define WRITE_DATA_SIZE (sizeof(WRITE_DATA) - 1)
+#define READ_DATA "############################################"
+#define RESULT_DATA ("####" WRITE_DATA "####")
+
+/*
+ * Summary of tests covered by the test suite.
+ *
+ * PS version | NVC1 | NVC2 | NVC3 | Result | Test Num
+ * ------------|------|------|------|----------|------------
+ * X | X | X | X | Valid | 1
+ * N | X | X | X | Invalid | 2
+ * X | X | X | N | Valid | 3
+ * N | X | N | N | Valid | 4
+ * X | X | N | N | Valid | 5
+ * X | X | M | N | Valid | 6
+ * M | X | M | N | Invalid | 7
+ * N | X | M | N | Invalid | 8
+ *
+ * Test 9 checks the PS result when the non-volatile (NV) counter 1 cannot be
+ * incremented (e.g it has reached its maximum value).
+ */
+
+/* List of tests */
+static void tfm_ps_test_4001(struct test_result_t *ret);
+static void tfm_ps_test_4002(struct test_result_t *ret);
+static void tfm_ps_test_4003(struct test_result_t *ret);
+static void tfm_ps_test_4004(struct test_result_t *ret);
+static void tfm_ps_test_4005(struct test_result_t *ret);
+static void tfm_ps_test_4006(struct test_result_t *ret);
+static void tfm_ps_test_4007(struct test_result_t *ret);
+static void tfm_ps_test_4008(struct test_result_t *ret);
+static void tfm_ps_test_4009(struct test_result_t *ret);
+
+static struct test_t interface_tests[] = {
+ {&tfm_ps_test_4001, "TFM_PS_TEST_4001",
+ "Check PS area version when NV counters 1/2/3 have the same value", {TEST_PASSED}},
+ {&tfm_ps_test_4002, "TFM_PS_TEST_4002",
+ "Check PS area version when it is different from NV counters 1/2/3", {TEST_PASSED}},
+ {&tfm_ps_test_4003, "TFM_PS_TEST_4003",
+ "Check PS area version when NV counters 1 and 2 are equals, 3 is "
+ "different, and PS area version match NV counters 1 and 2", {TEST_PASSED}},
+ {&tfm_ps_test_4004, "TFM_PS_TEST_4004",
+ "Check PS area version when NV counters 2 and 3 are equals, 1 is "
+ "different and PS area version match NV counter 2 and 3", {TEST_PASSED}},
+ {&tfm_ps_test_4005, "TFM_PS_TEST_4005",
+ "Check PS area version when NV counters 2 and 3 are equals, 1 is "
+ "different and PS area version match NV counter 1", {TEST_PASSED}},
+ {&tfm_ps_test_4006, "TFM_PS_TEST_4006",
+ "Check PS area version when NV counters 1, 2 and 3 have different values "
+ "and PS area version match NV counter 1 value", {TEST_PASSED}},
+ {&tfm_ps_test_4007, "TFM_PS_TEST_4007",
+ "Check PS area version when NV counters 1, 2 and 3 have different values "
+ "and PS area version match NV counter 2 value", {TEST_PASSED}},
+ {&tfm_ps_test_4008, "TFM_PS_TEST_4008",
+ "Check PS area version when NV counters 1, 2 and 3 have different values "
+ "and PS area version match NV counter 3 value", {TEST_PASSED}},
+ {&tfm_ps_test_4009, "TFM_PS_TEST_4009",
+ "Check PS area version when NV counter 1 cannot be incremented", {TEST_PASSED}},
+};
+
+void register_testsuite_s_rollback_protection(struct test_suite_t *p_test_suite)
+{
+ uint32_t list_size = (sizeof(interface_tests) / sizeof(interface_tests[0]));
+
+ set_testsuite("PS rollback protection tests (TFM_PS_TEST_4XXX)",
+ interface_tests, list_size, p_test_suite);
+}
+
+/**
+ * \brief Check PS area version when NV counters 1/2/3 have the same value.
+ * It also checks that the 3 NV counters are aligned and they have been
+ * increased by 1 unit.
+ */
+static void tfm_ps_test_4001(struct test_result_t *ret)
+{
+ psa_status_t status;
+ const psa_storage_uid_t uid = TEST_UID;
+ const psa_storage_create_flags_t flags = PSA_STORAGE_FLAG_NONE;
+ const uint32_t data_len = WRITE_DATA_SIZE;
+ const uint32_t offset = 0;
+ uint32_t old_nvc_1, nvc_1, nvc_2, nvc_3;
+ const uint8_t write_data[] = WRITE_DATA;
+ uint8_t read_data[] = READ_DATA;
+ size_t read_data_len = 0;
+
+ /* Creates an asset in the PS area to generate a new PS area version */
+ status = psa_ps_set(uid, data_len, write_data, flags);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Set should not fail with valid UID");
+ return;
+ }
+
+ /* Reads NV counter 1 to get the saved value to compare it later */
+ status = test_ps_read_nv_counter(TFM_PS_NV_COUNTER_1, &old_nvc_1);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Read should not fail");
+ return;
+ }
+
+ /* Sets new data in the asset to generate a new PS area version */
+ status = psa_ps_set(uid, data_len, write_data, flags);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Set should not fail with valid UID");
+ return;
+ }
+
+ /* Validates the 3 NV counters have the same value and it has been increased
+ * by 1 unit.
+ */
+
+ /* Reads NV counter 1 to get the current value */
+ status = test_ps_read_nv_counter(TFM_PS_NV_COUNTER_1, &nvc_1);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Read should not fail");
+ return;
+ }
+
+ /* Checks if NV counter 1 value has been increased by 1 unit as result of
+ * process the write request.
+ */
+ if (nvc_1 != (old_nvc_1 + 1)) {
+ TEST_FAIL("NV counter 1 has been increased more than 1 unit");
+ return;
+ }
+
+ /* Reads NV counter 2 to get the current value */
+ status = test_ps_read_nv_counter(TFM_PS_NV_COUNTER_2, &nvc_2);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Read should not fail");
+ return;
+ }
+
+ if (nvc_1 != nvc_2) {
+ TEST_FAIL("NV counter 1 and 2 should have the same value");
+ return;
+ }
+
+ /* Reads NV counter 3 to get the current value */
+ status = test_ps_read_nv_counter(TFM_PS_NV_COUNTER_3, &nvc_3);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Read should not fail");
+ return;
+ }
+
+ if (nvc_2 != nvc_3) {
+ TEST_FAIL("NV counter 2 and 3 should have the same value");
+ return;
+ }
+
+ /* Simulates a reboot in the system by calling ps_system_prepare(). This
+ * function is called when the PS service is initialized.
+ *
+ * Prepare should not fail as the NV counters has the same values and
+ * the PS area authentication is aligned with those values.
+ */
+ status = tfm_ps_test_system_prepare();
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("AM prepare should not fail");
+ return;
+ }
+
+ /* Gets data from the asset */
+ status = psa_ps_get(uid, offset, data_len, (read_data + HALF_PADDING_SIZE),
+ &read_data_len);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Get should not fail");
+ return;
+ }
+
+ /* Checks that the data has not changed */
+ if (tfm_memcmp(read_data, RESULT_DATA, sizeof(read_data)) != 0) {
+ TEST_FAIL("The data should not have changed");
+ return;
+ }
+
+ /* Removes the asset to clean up storage for the next test */
+ status = psa_ps_remove(uid);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Remove should not fail with valid UID");
+ return;
+ }
+
+ ret->val = TEST_PASSED;
+}
+
+/**
+ * \brief Check PS area version when it is different from NV counters
+ * 1/2/3.
+ */
+static void tfm_ps_test_4002(struct test_result_t *ret)
+{
+ psa_status_t status;
+ const psa_storage_uid_t uid = TEST_UID;
+ const psa_storage_create_flags_t flags = PSA_STORAGE_FLAG_NONE;
+ const uint32_t data_len = WRITE_DATA_SIZE;
+ const uint8_t write_data[] = WRITE_DATA;
+
+ /* Creates an asset in the PS area to generate a new PS area version */
+ status = psa_ps_set(uid, data_len, write_data, flags);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Set should not fail with valid UID");
+ return;
+ }
+
+ /* Increments all counters to make that PS area version old/invalid */
+ status = test_ps_increment_nv_counter(TFM_PS_NV_COUNTER_1);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Increment should not fail");
+ return;
+ }
+
+ status = test_ps_increment_nv_counter(TFM_PS_NV_COUNTER_2);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Increment should not fail");
+ return;
+ }
+
+ status = test_ps_increment_nv_counter(TFM_PS_NV_COUNTER_3);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Increment should not fail");
+ return;
+ }
+
+ /* Simulates a reboot in the system by calling ps_system_prepare(). This
+ * function is called when the PS service is initialized.
+ *
+ * Prepare should fail as the PS area version does not match the
+ * NV counters values.
+ */
+ status = tfm_ps_test_system_prepare();
+ if (status != PSA_ERROR_GENERIC_ERROR) {
+ TEST_FAIL("PS system prepare should fail as version is old");
+ return;
+ }
+
+ /* Removes the asset to clean up storage for the next test.
+ *
+ * To be able to remove the asset, the PS area version should match
+ * with the counter values. So, it is required to:
+ *
+ * 1. align the counters with the PS area version
+ * 2. re-call ps_system_prepare to mark the PS area as a valid image
+ * 3. remove the asset.
+ */
+
+ /* Aligns NV counters with the PS area version */
+ status = test_ps_decrement_nv_counter(TFM_PS_NV_COUNTER_1);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Decrement should not fail");
+ return;
+ }
+
+ status = test_ps_decrement_nv_counter(TFM_PS_NV_COUNTER_2);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Decrement should not fail");
+ return;
+ }
+
+ status = test_ps_decrement_nv_counter(TFM_PS_NV_COUNTER_3);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Decrement should not fail");
+ return;
+ }
+
+ /* Calls ps_system_prepare to mark the PS area as a valid image */
+ status = tfm_ps_test_system_prepare();
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("PS system prepare should not fail");
+ return;
+ }
+
+ /* Removes the asset to clean up storage for the next test */
+ status = psa_ps_remove(uid);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Remove should not fail with valid UID");
+ return;
+ }
+
+ ret->val = TEST_PASSED;
+}
+
+/**
+ * \brief Check PS area version when NV counters 1 and 2 are equals, 3 is
+ * different and PS area version match NV counter 1 and 2 values.
+ * It simulates a power cut during write action while the counter 3 is
+ * being increased.
+ */
+static void tfm_ps_test_4003(struct test_result_t *ret)
+{
+ psa_status_t status;
+ const psa_storage_uid_t uid = TEST_UID;
+ const psa_storage_create_flags_t flags = PSA_STORAGE_FLAG_NONE;
+ const uint32_t data_len = WRITE_DATA_SIZE;
+ const uint32_t offset = 0;
+ const uint8_t write_data[] = WRITE_DATA;
+ uint8_t read_data[] = READ_DATA;
+ size_t read_data_len = 0;
+
+ /* Creates an asset in the PS area to generate a new PS area version */
+ status = psa_ps_set(uid, data_len, write_data, flags);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Set should not fail with valid UID");
+ return;
+ }
+
+ /* Decrements NV counters 3 to make it different from the other two counters
+ * and make the current PS area version match NV counter 1 and 2 values.
+ */
+ status = test_ps_decrement_nv_counter(TFM_PS_NV_COUNTER_3);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Decrement should not fail");
+ return;
+ }
+
+ /* Simulates a reboot in the system by calling ps_system_prepare(). This
+ * function is called when the PS service is initialized.
+ *
+ * Prepare should not fail as the PS area version match NV counters 1 and
+ * 2 values.
+ */
+ status = tfm_ps_test_system_prepare();
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("PS system prepare should not fail");
+ return;
+ }
+
+ /* Gets the data from the asset */
+ status = psa_ps_get(uid, offset, data_len, (read_data + HALF_PADDING_SIZE),
+ &read_data_len);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Get should not fail");
+ return;
+ }
+
+ /* Checks that the data has not changed */
+ if (tfm_memcmp(read_data, RESULT_DATA, sizeof(read_data)) != 0) {
+ TEST_FAIL("The data should not have changed");
+ return;
+ }
+
+ /* Removes the asset to clean up storage for the next test */
+ status = psa_ps_remove(uid);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Remove should not fail with valid UID");
+ return;
+ }
+
+ ret->val = TEST_PASSED;
+}
+
+/**
+ * \brief Check PS area version when NV counters 2 and 3 are equals, 1 is
+ * different and PS area version match NV counter 2 and 3 values.
+ * It simulates a power cut during write action before increment counter
+ * 2 and 3, and the new PS area version is corrupted and only the old
+ * version match the NV counters.
+ */
+static void tfm_ps_test_4004(struct test_result_t *ret)
+{
+ psa_status_t status;
+ const psa_storage_uid_t uid = TEST_UID;
+ const psa_storage_create_flags_t flags = PSA_STORAGE_FLAG_NONE;
+ const uint32_t data_len = WRITE_DATA_SIZE;
+ const uint32_t offset = 0;
+ const uint8_t write_data[] = WRITE_DATA;
+ uint8_t read_data[] = READ_DATA;
+ size_t read_data_len = 0;
+
+ /* Creates an asset in the PS area to generate a new PS area version */
+ status = psa_ps_set(uid, data_len, write_data, flags);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Set should not fail with valid UID");
+ return;
+ }
+
+ /* Increments NV counters 1 to make it different from the other two counters
+ * and make the current PS area version match NV counter 2 and 3 values.
+ */
+ status = test_ps_increment_nv_counter(TFM_PS_NV_COUNTER_1);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Increment should not fail");
+ return;
+ }
+
+ /* Simulates a reboot in the system by calling ps_system_prepare(). This
+ * function is called when the PS service is initialized.
+ *
+ * Prepare should not fail as the PS area version match the NV counter 2
+ * and 3 values.
+ */
+ status = tfm_ps_test_system_prepare();
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("PS system prepare should not fail");
+ return;
+ }
+
+ /* Gets the data from the asset */
+ status = psa_ps_get(uid, offset, data_len, (read_data + HALF_PADDING_SIZE),
+ &read_data_len);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Get should not fail");
+ return;
+ }
+
+ /* Checks that the data has not changed */
+ if (tfm_memcmp(read_data, RESULT_DATA, sizeof(read_data)) != 0) {
+ TEST_FAIL("The data should not have changed");
+ return;
+ }
+
+ /* Removes the asset to clean up storage for the next test */
+ status = psa_ps_remove(uid);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Remove should not fail with valid UID");
+ return;
+ }
+
+ ret->val = TEST_PASSED;
+}
+
+/**
+ * \brief Check PS area version when NV counters 2 and 3 are equals, 1 is
+ * different and PS area version match NV counter 1 value.
+ * It simulates a power cut during write action before increment counter
+ * 2 and 3, and the new PS area version is corrupted and only the old
+ * version match the NV counters.
+ */
+static void tfm_ps_test_4005(struct test_result_t *ret)
+{
+ psa_status_t status;
+ const psa_storage_uid_t uid = TEST_UID;
+ const psa_storage_create_flags_t flags = PSA_STORAGE_FLAG_NONE;
+ const uint32_t data_len = WRITE_DATA_SIZE;
+ const uint32_t offset = 0;
+ const uint8_t write_data[] = WRITE_DATA;
+ uint8_t read_data[] = READ_DATA;
+ size_t read_data_len = 0;
+
+ /* Creates an asset in the PS area to generate a new PS area version */
+ status = psa_ps_set(uid, data_len, write_data, flags);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Set should not fail with valid UID");
+ return;
+ }
+
+ /* Decrements NV counter 2 and 3 to make the PS area version match NV
+ * counter 1 only.
+ */
+ status = test_ps_decrement_nv_counter(TFM_PS_NV_COUNTER_2);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Decrement should not fail");
+ return;
+ }
+
+ status = test_ps_decrement_nv_counter(TFM_PS_NV_COUNTER_3);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Decrement should not fail");
+ return;
+ }
+
+ /* Simulates a reboot in the system by calling ps_system_prepare(). This
+ * function is called when the PS service is initialized.
+ *
+ * Prepare should not fail as the PS area version match the NV counter 1.
+ */
+ status = tfm_ps_test_system_prepare();
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("PS system prepare should not fail");
+ return;
+ }
+
+ /* Gets the data from the asset */
+ status = psa_ps_get(uid, offset, data_len, (read_data + HALF_PADDING_SIZE),
+ &read_data_len);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Get should not fail");
+ return;
+ }
+
+ /* Checks that the data has not changed */
+ if (tfm_memcmp(read_data, RESULT_DATA, sizeof(read_data)) != 0) {
+ TEST_FAIL("The data should not have changed");
+ return;
+ }
+
+ /* Removes the asset to clean up storage for the next test */
+ status = psa_ps_remove(uid);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Remove should not fail with valid UID");
+ return;
+ }
+
+ ret->val = TEST_PASSED;
+}
+
+/**
+ * \brief Check PS area version when NV counters 1, 2 and 3 have different
+ * values and PS area version match NV counter 1 value.
+ */
+static void tfm_ps_test_4006(struct test_result_t *ret)
+{
+ psa_status_t status;
+ const psa_storage_uid_t uid = TEST_UID;
+ const psa_storage_create_flags_t flags = PSA_STORAGE_FLAG_NONE;
+ const uint32_t data_len = WRITE_DATA_SIZE;
+ const uint32_t offset = 0;
+ const uint8_t write_data[] = WRITE_DATA;
+ uint8_t read_data[] = READ_DATA;
+ size_t read_data_len = 0;
+
+ /* Creates an asset in the PS area to generate a new PS area version */
+ status = psa_ps_set(uid, data_len, write_data, flags);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Set should not fail with valid UID");
+ return;
+ }
+
+ /* Decrements NV counter 2 (1 time) and 3 (2 times) to make the PS area
+ * version match NV counter 1 only.
+ */
+ status = test_ps_decrement_nv_counter(TFM_PS_NV_COUNTER_2);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Decrement should not fail");
+ return;
+ }
+
+ status = test_ps_decrement_nv_counter(TFM_PS_NV_COUNTER_3);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Decrement should not fail");
+ return;
+ }
+
+ status = test_ps_decrement_nv_counter(TFM_PS_NV_COUNTER_3);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Decrement should not fail");
+ return;
+ }
+
+ /* Simulates a reboot in the system by calling ps_system_prepare(). This
+ * function is called when the PS service is initialized.
+ *
+ * Prepare should not fail as the PS area version match the NV counter 1.
+ */
+ status = tfm_ps_test_system_prepare();
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("PS system prepare should not fail");
+ return;
+ }
+
+ /* Gets data from the asset */
+ status = psa_ps_get(uid, offset, data_len, (read_data + HALF_PADDING_SIZE),
+ &read_data_len);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Get should not fail");
+ return;
+ }
+
+ /* Checks that the data has not changed */
+ if (tfm_memcmp(read_data, RESULT_DATA, sizeof(read_data)) != 0) {
+ TEST_FAIL("The data should not have changed");
+ return;
+ }
+
+ /* Removes the asset to clean up storage for the next test */
+ status = psa_ps_remove(uid);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Remove should not fail with valid UID");
+ return;
+ }
+
+ ret->val = TEST_PASSED;
+}
+
+/**
+ * \brief Check PS area version when NV counters 1, 2 and 3 have different
+ * values and PS area version match NV counter 2 value.
+ */
+static void tfm_ps_test_4007(struct test_result_t *ret)
+{
+ psa_status_t status;
+ const psa_storage_uid_t uid = TEST_UID;
+ const psa_storage_create_flags_t flags = PSA_STORAGE_FLAG_NONE;
+ const uint32_t data_len = WRITE_DATA_SIZE;
+ const uint8_t write_data[] = WRITE_DATA;
+
+ /* Creates an asset in the PS area to generate a new PS area version */
+ status = psa_ps_set(uid, data_len, write_data, flags);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Set should not fail with valid UID");
+ return;
+ }
+
+ /* Increments NV counter 1 and decrements 3 to make the PS area
+ * version match NV counter 2 only.
+ */
+ status = test_ps_increment_nv_counter(TFM_PS_NV_COUNTER_1);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Increment should not fail");
+ return;
+ }
+
+ status = test_ps_decrement_nv_counter(TFM_PS_NV_COUNTER_3);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Decrement should not fail");
+ return;
+ }
+
+ /* Simulates a reboot in the system by calling ps_system_prepare(). This
+ * function is called when the PS service is initialized.
+ *
+ * Prepare should fail as the PS area version match the NV counter 2 and
+ * the other counters are different.
+ */
+ status = tfm_ps_test_system_prepare();
+ if (status != PSA_ERROR_GENERIC_ERROR) {
+ TEST_FAIL("PS system prepare should fail");
+ return;
+ }
+
+ /* Removes the asset to clean up storage for the next test.
+ *
+ * To be able to remove the asset, the PS area version should match
+ * with the counter values. So, it is required to:
+ *
+ * 1. align the counters with the PS area version
+ * 2. re-call ps_system_prepare to mark the PS area as a valid image
+ * 3. remove the asset.
+ */
+
+ /* Aligns NV counters with the PS area version */
+ status = test_ps_decrement_nv_counter(TFM_PS_NV_COUNTER_1);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Decrement should not fail");
+ return;
+ }
+
+ status = test_ps_increment_nv_counter(TFM_PS_NV_COUNTER_3);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Increment should not fail");
+ return;
+ }
+
+ /* Calls ps_system_prepare to mark the PS area as a valid image */
+ status = tfm_ps_test_system_prepare();
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("PS system prepare should not fail");
+ return;
+ }
+
+ /* Removes the asset to clean up storage for the next test */
+ status = psa_ps_remove(uid);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Remove should not fail with valid UID");
+ return;
+ }
+
+ ret->val = TEST_PASSED;
+}
+
+/**
+ * \brief Check PS area version when NV counters 1, 2 and 3 have different
+ * values and PS area version match NV counter 3 value.
+ */
+static void tfm_ps_test_4008(struct test_result_t *ret)
+{
+ psa_status_t status;
+ const psa_storage_uid_t uid = TEST_UID;
+ const psa_storage_create_flags_t flags = PSA_STORAGE_FLAG_NONE;
+ const uint32_t data_len = WRITE_DATA_SIZE;
+ const uint8_t write_data[] = WRITE_DATA;
+
+ /* Creates an asset in the PS area to generate a new PS area version */
+ status = psa_ps_set(uid, data_len, write_data, flags);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Set should not fail with valid UID");
+ return;
+ }
+
+ /* Increments NV counter 1 (2 times) and 2 (1 time) to make the PS area
+ * version match NV counter 3 only.
+ */
+ status = test_ps_increment_nv_counter(TFM_PS_NV_COUNTER_1);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Increment should not fail");
+ return;
+ }
+
+ status = test_ps_increment_nv_counter(TFM_PS_NV_COUNTER_1);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Increment should not fail");
+ return;
+ }
+
+ status = test_ps_increment_nv_counter(TFM_PS_NV_COUNTER_2);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Increment should not fail");
+ return;
+ }
+
+ /* Simulates a reboot in the system by calling ps_system_prepare(). This
+ * function is called when the PS service is initialized.
+ *
+ * Prepare should fail as the PS area version match the NV counter 2 and
+ * the other counters are different.
+ */
+ status = tfm_ps_test_system_prepare();
+ if (status != PSA_ERROR_GENERIC_ERROR) {
+ TEST_FAIL("AM prepare should fail");
+ return;
+ }
+
+ /* Removes the asset to clean up storage for the next test.
+ *
+ * To be able to remove the asset, the PS area version should match
+ * with the counter values. So, it is required to:
+ *
+ * 1. align the counters with the PS area version
+ * 2. re-call ps_system_prepare to mark the PS area as a valid image
+ * 3. remove the asset.
+ */
+
+ /* Align NV counters with the PS area version */
+ status = test_ps_decrement_nv_counter(TFM_PS_NV_COUNTER_1);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Decrement should not fail");
+ return;
+ }
+
+ status = test_ps_decrement_nv_counter(TFM_PS_NV_COUNTER_1);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Decrement should not fail");
+ return;
+ }
+
+ status = test_ps_decrement_nv_counter(TFM_PS_NV_COUNTER_2);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Decrement should not fail");
+ return;
+ }
+
+ /* Calls ps_system_prepare to mark the PS area as a valid image */
+ status = tfm_ps_test_system_prepare();
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("PS system prepare should not fail");
+ return;
+ }
+
+ /* Removes the asset to clean up storage for the next test */
+ status = psa_ps_remove(uid);
+ if (status != PSA_SUCCESS) {
+ TEST_FAIL("Remove should not fail with valid UID");
+ return;
+ }
+
+ ret->val = TEST_PASSED;
+}
+
+/**
+ * \brief Check PS area version when NV counter 1 cannot be incremented
+ * (e.g it has reached its maximum value)
+ */
+static void tfm_ps_test_4009(struct test_result_t *ret)
+{
+ psa_status_t status;
+ const psa_storage_uid_t uid = TEST_UID;
+ const psa_storage_create_flags_t flags = PSA_STORAGE_FLAG_NONE;
+ const uint32_t data_len = WRITE_DATA_SIZE;
+ const uint8_t write_data[] = WRITE_DATA;
+
+ /* Disables increment function to simulate that NV counter 1 has
+ * reached its maximum value.
+ */
+ test_ps_disable_increment_nv_counter();
+
+ /* Creates an asset in the PS area to generate a new PS area version */
+ status = psa_ps_set(uid, data_len, write_data, flags);
+ if (status != PSA_ERROR_GENERIC_ERROR) {
+ TEST_FAIL("Set should fail as the non-volatile counters can not be"
+ " increased");
+ return;
+ }
+
+ /* Enables counter again to not affect the next tests, if any */
+ test_ps_enable_increment_nv_counter();
+
+ ret->val = TEST_PASSED;
+}
diff --git a/test/suites/sst/secure/sst_tests.h b/test/suites/ps/secure/ps_tests.h
similarity index 71%
rename from test/suites/sst/secure/sst_tests.h
rename to test/suites/ps/secure/ps_tests.h
index 60cda80..f2b9959 100644
--- a/test/suites/sst/secure/sst_tests.h
+++ b/test/suites/ps/secure/ps_tests.h
@@ -1,12 +1,12 @@
/*
- * Copyright (c) 2017-2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2017-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
*/
-#ifndef __SST_TESTS_H__
-#define __SST_TESTS_H__
+#ifndef __PS_TESTS_H__
+#define __PS_TESTS_H__
#include "test/framework/test_framework.h"
@@ -22,15 +22,15 @@
void register_testsuite_s_psa_ps_interface(struct test_suite_t *p_test_suite);
/**
- * \brief Register testsuite for the sst reliability tests.
+ * \brief Register testsuite for the ps reliability tests.
*
* \param[in] p_test_suite The test suite to be executed.
*/
void register_testsuite_s_psa_ps_reliability(struct test_suite_t *p_test_suite);
-#ifdef SST_TEST_NV_COUNTERS
+#ifdef PS_TEST_NV_COUNTERS
/**
- * \brief Register testsuite for the sst rollback protection tests.
+ * \brief Register testsuite for the ps rollback protection tests.
*
* \param[in] p_test_suite The test suite to be executed.
*/
@@ -42,4 +42,4 @@
}
#endif
-#endif /* __SST_TESTS_H__ */
+#endif /* __PS_TESTS_H__ */
diff --git a/test/suites/sst/secure/psa_ps_s_interface_testsuite.c b/test/suites/ps/secure/psa_ps_s_interface_testsuite.c
similarity index 88%
rename from test/suites/sst/secure/psa_ps_s_interface_testsuite.c
rename to test/suites/ps/secure/psa_ps_s_interface_testsuite.c
index beaa1fd..7db5b34 100644
--- a/test/suites/sst/secure/psa_ps_s_interface_testsuite.c
+++ b/test/suites/ps/secure/psa_ps_s_interface_testsuite.c
@@ -5,7 +5,7 @@
*
*/
-#include "sst_tests.h"
+#include "ps_tests.h"
#include <stdio.h>
@@ -43,78 +43,78 @@
#define TEST_1022_CYCLES 3U
-static const uint8_t write_asset_data[SST_MAX_ASSET_SIZE] = {0xBF};
-static uint8_t read_asset_data[SST_MAX_ASSET_SIZE] = {0};
+static const uint8_t write_asset_data[PS_MAX_ASSET_SIZE] = {0xBF};
+static uint8_t read_asset_data[PS_MAX_ASSET_SIZE] = {0};
static size_t read_asset_datal_len = 0;
/* List of tests */
-static void tfm_sst_test_2001(struct test_result_t *ret);
-static void tfm_sst_test_2002(struct test_result_t *ret);
-static void tfm_sst_test_2003(struct test_result_t *ret);
-static void tfm_sst_test_2004(struct test_result_t *ret);
-static void tfm_sst_test_2005(struct test_result_t *ret);
-static void tfm_sst_test_2006(struct test_result_t *ret);
-static void tfm_sst_test_2007(struct test_result_t *ret);
-static void tfm_sst_test_2008(struct test_result_t *ret);
-static void tfm_sst_test_2009(struct test_result_t *ret);
-static void tfm_sst_test_2010(struct test_result_t *ret);
-static void tfm_sst_test_2011(struct test_result_t *ret);
-static void tfm_sst_test_2012(struct test_result_t *ret);
-static void tfm_sst_test_2013(struct test_result_t *ret);
-static void tfm_sst_test_2014(struct test_result_t *ret);
-static void tfm_sst_test_2015(struct test_result_t *ret);
-static void tfm_sst_test_2016(struct test_result_t *ret);
-static void tfm_sst_test_2017(struct test_result_t *ret);
-static void tfm_sst_test_2018(struct test_result_t *ret);
-static void tfm_sst_test_2019(struct test_result_t *ret);
-static void tfm_sst_test_2020(struct test_result_t *ret);
-static void tfm_sst_test_2021(struct test_result_t *ret);
-static void tfm_sst_test_2022(struct test_result_t *ret);
+static void tfm_ps_test_2001(struct test_result_t *ret);
+static void tfm_ps_test_2002(struct test_result_t *ret);
+static void tfm_ps_test_2003(struct test_result_t *ret);
+static void tfm_ps_test_2004(struct test_result_t *ret);
+static void tfm_ps_test_2005(struct test_result_t *ret);
+static void tfm_ps_test_2006(struct test_result_t *ret);
+static void tfm_ps_test_2007(struct test_result_t *ret);
+static void tfm_ps_test_2008(struct test_result_t *ret);
+static void tfm_ps_test_2009(struct test_result_t *ret);
+static void tfm_ps_test_2010(struct test_result_t *ret);
+static void tfm_ps_test_2011(struct test_result_t *ret);
+static void tfm_ps_test_2012(struct test_result_t *ret);
+static void tfm_ps_test_2013(struct test_result_t *ret);
+static void tfm_ps_test_2014(struct test_result_t *ret);
+static void tfm_ps_test_2015(struct test_result_t *ret);
+static void tfm_ps_test_2016(struct test_result_t *ret);
+static void tfm_ps_test_2017(struct test_result_t *ret);
+static void tfm_ps_test_2018(struct test_result_t *ret);
+static void tfm_ps_test_2019(struct test_result_t *ret);
+static void tfm_ps_test_2020(struct test_result_t *ret);
+static void tfm_ps_test_2021(struct test_result_t *ret);
+static void tfm_ps_test_2022(struct test_result_t *ret);
static struct test_t psa_ps_s_tests[] = {
- {&tfm_sst_test_2001, "TFM_SST_TEST_2001",
+ {&tfm_ps_test_2001, "TFM_PS_TEST_2001",
"Set interface"},
- {&tfm_sst_test_2002, "TFM_SST_TEST_2002",
+ {&tfm_ps_test_2002, "TFM_PS_TEST_2002",
"Set interface with create flags"},
- {&tfm_sst_test_2003, "TFM_SST_TEST_2003",
+ {&tfm_ps_test_2003, "TFM_PS_TEST_2003",
"Set interface with NULL data pointer"},
- {&tfm_sst_test_2004, "TFM_SST_TEST_2004",
+ {&tfm_ps_test_2004, "TFM_PS_TEST_2004",
"Set interface with invalid data length"},
- {&tfm_sst_test_2005, "TFM_SST_TEST_2005",
+ {&tfm_ps_test_2005, "TFM_PS_TEST_2005",
"Set interface with write once UID"},
- {&tfm_sst_test_2006, "TFM_SST_TEST_2006",
+ {&tfm_ps_test_2006, "TFM_PS_TEST_2006",
"Get interface with valid data"},
- {&tfm_sst_test_2007, "TFM_SST_TEST_2007",
+ {&tfm_ps_test_2007, "TFM_PS_TEST_2007",
"Get interface with zero data length"},
- {&tfm_sst_test_2008, "TFM_SST_TEST_2008",
+ {&tfm_ps_test_2008, "TFM_PS_TEST_2008",
"Get interface with invalid UIDs"},
- {&tfm_sst_test_2009, "TFM_SST_TEST_2009",
+ {&tfm_ps_test_2009, "TFM_PS_TEST_2009",
"Get interface with invalid data lengths and offsets"},
- {&tfm_sst_test_2010, "TFM_SST_TEST_2010",
+ {&tfm_ps_test_2010, "TFM_PS_TEST_2010",
"Get interface with NULL data pointer"},
- {&tfm_sst_test_2011, "TFM_SST_TEST_2011",
+ {&tfm_ps_test_2011, "TFM_PS_TEST_2011",
"Get info interface with write once UID"},
- {&tfm_sst_test_2012, "TFM_SST_TEST_2012",
+ {&tfm_ps_test_2012, "TFM_PS_TEST_2012",
"Get info interface with valid UID"},
- {&tfm_sst_test_2013, "TFM_SST_TEST_2013",
+ {&tfm_ps_test_2013, "TFM_PS_TEST_2013",
"Get info interface with invalid UIDs"},
- {&tfm_sst_test_2014, "TFM_SST_TEST_2014",
+ {&tfm_ps_test_2014, "TFM_PS_TEST_2014",
"Get info interface with NULL info pointer"},
- {&tfm_sst_test_2015, "TFM_SST_TEST_2015",
+ {&tfm_ps_test_2015, "TFM_PS_TEST_2015",
"Remove interface with valid UID"},
- {&tfm_sst_test_2016, "TFM_SST_TEST_2016",
+ {&tfm_ps_test_2016, "TFM_PS_TEST_2016",
"Remove interface with write once UID"},
- {&tfm_sst_test_2017, "TFM_SST_TEST_2017",
+ {&tfm_ps_test_2017, "TFM_PS_TEST_2017",
"Remove interface with invalid UID"},
- {&tfm_sst_test_2018, "TFM_SST_TEST_2018",
+ {&tfm_ps_test_2018, "TFM_PS_TEST_2018",
"Block compaction after remove"},
- {&tfm_sst_test_2019, "TFM_SST_TEST_2019",
+ {&tfm_ps_test_2019, "TFM_PS_TEST_2019",
"Multiple partial gets"},
- {&tfm_sst_test_2020, "TFM_SST_TEST_2020",
+ {&tfm_ps_test_2020, "TFM_PS_TEST_2020",
"Multiple sets to same UID from same thread"},
- {&tfm_sst_test_2021, "TFM_SST_TEST_2021",
+ {&tfm_ps_test_2021, "TFM_PS_TEST_2021",
"Get support interface"},
- {&tfm_sst_test_2022, "TFM_SST_TEST_2022",
+ {&tfm_ps_test_2022, "TFM_PS_TEST_2022",
"Set, get and remove interface with different asset sizes"},
};
@@ -124,13 +124,13 @@
list_size = (sizeof(psa_ps_s_tests) / sizeof(psa_ps_s_tests[0]));
- set_testsuite("PSA protected storage S interface tests (TFM_SST_TEST_2XXX)",
+ set_testsuite("PSA protected storage S interface tests (TFM_PS_TEST_2XXX)",
psa_ps_s_tests, list_size, p_test_suite);
-#ifdef SST_SHOW_FLASH_WARNING
- TEST_LOG("\r\n**WARNING** The SST regression tests reduce the life of the "
+#ifdef PS_SHOW_FLASH_WARNING
+ TEST_LOG("\r\n**WARNING** The PS regression tests reduce the life of the "
"flash memory as they write/erase multiple times the memory. \r\n"
- "Please, set the SST_RAM_FS flag to use RAM instead of flash."
+ "Please, set the PS_RAM_FS flag to use RAM instead of flash."
"\r\n\r\n");
#endif
}
@@ -140,7 +140,7 @@
* - Valid UID, no data, no flags
* - Invalid UID, no data, no flags
*/
-static void tfm_sst_test_2001(struct test_result_t *ret)
+static void tfm_ps_test_2001(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_1;
@@ -185,7 +185,7 @@
* - Valid create flags (with previously created UID)
* - Invalid create flags
*/
-static void tfm_sst_test_2002(struct test_result_t *ret)
+static void tfm_ps_test_2002(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_2;
@@ -231,7 +231,7 @@
* so this case is not tested here.
*
*/
-static void tfm_sst_test_2003(struct test_result_t *ret)
+static void tfm_ps_test_2003(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_3;
@@ -252,7 +252,7 @@
* \brief Tests set function with:
* - Data length longer than maximum permitted
*/
-static void tfm_sst_test_2004(struct test_result_t *ret)
+static void tfm_ps_test_2004(struct test_result_t *ret)
{
#ifndef TFM_PSA_API
psa_status_t status;
@@ -264,7 +264,7 @@
/* A parameter with a buffer pointer where its data length is longer than
* maximum permitted, it is treated as a secure violation.
* TF-M framework rejects the request with a proper error code.
- * The SST secure PSA PS implementation returns
+ * The PS secure PSA PS implementation returns
* PSA_ERROR_INVALID_ARGUMENT in that case.
*/
@@ -283,7 +283,7 @@
* \brief Tests set function with:
* - Write once UID that has already been created
*/
-static void tfm_sst_test_2005(struct test_result_t *ret)
+static void tfm_ps_test_2005(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = WRITE_ONCE_UID;
@@ -324,7 +324,7 @@
* - Valid data, zero offset
* - Valid data, non-zero offset
*/
-static void tfm_sst_test_2006(struct test_result_t *ret)
+static void tfm_ps_test_2006(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_2;
@@ -405,7 +405,7 @@
* - Zero data length, zero offset
* - Zero data length, non-zero offset
*/
-static void tfm_sst_test_2007(struct test_result_t *ret)
+static void tfm_ps_test_2007(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_3;
@@ -468,7 +468,7 @@
* - Unset UID
* - Invalid UID
*/
-static void tfm_sst_test_2008(struct test_result_t *ret)
+static void tfm_ps_test_2008(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_1;
@@ -515,7 +515,7 @@
* - Data length + offset greater than UID length
* - Invalid data len and offset
*/
-static void tfm_sst_test_2009(struct test_result_t *ret)
+static void tfm_ps_test_2009(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_2;
@@ -613,7 +613,7 @@
/* A parameter with a buffer pointer where its data length is longer than
* maximum permitted, it is treated as a secure violation.
* TF-M framework rejects the request with a proper error code.
- * The SST secure PSA PS implementation returns
+ * The PS secure PSA PS implementation returns
* PSA_ERROR_INVALID_ARGUMENT in that case.
*/
@@ -650,7 +650,7 @@
* so this case is not tested here.
*
*/
-static void tfm_sst_test_2010(struct test_result_t *ret)
+static void tfm_ps_test_2010(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_3;
@@ -687,7 +687,7 @@
* \brief Tests get info function with:
* - Write once UID
*/
-static void tfm_sst_test_2011(struct test_result_t *ret)
+static void tfm_ps_test_2011(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = WRITE_ONCE_UID;
@@ -718,7 +718,7 @@
* \brief Tests get info function with:
* - Valid UID
*/
-static void tfm_sst_test_2012(struct test_result_t *ret)
+static void tfm_ps_test_2012(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_1;
@@ -766,7 +766,7 @@
* - Unset UID
* - Invalid UID
*/
-static void tfm_sst_test_2013(struct test_result_t *ret)
+static void tfm_ps_test_2013(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_2;
@@ -815,7 +815,7 @@
* \brief Tests get info function with:
* - NULL info pointer
*/
-static void tfm_sst_test_2014(struct test_result_t *ret)
+static void tfm_ps_test_2014(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_3;
@@ -831,7 +831,7 @@
/* A parameter with a null pointer is treated as a secure violation.
* TF-M framework rejects the request with a proper error code.
- * The SST secure PSA PS implementation returns
+ * The PS secure PSA PS implementation returns
* PSA_ERROR_GENERIC_ERROR in that case.
*/
@@ -858,7 +858,7 @@
* \brief Tests remove function with:
* - Valid UID
*/
-static void tfm_sst_test_2015(struct test_result_t *ret)
+static void tfm_ps_test_2015(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_1;
@@ -911,7 +911,7 @@
* \brief Tests remove function with:
* - Write once UID
*/
-static void tfm_sst_test_2016(struct test_result_t *ret)
+static void tfm_ps_test_2016(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = WRITE_ONCE_UID;
@@ -930,7 +930,7 @@
* \brief Tests remove function with:
* - Invalid UID
*/
-static void tfm_sst_test_2017(struct test_result_t *ret)
+static void tfm_ps_test_2017(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = INVALID_UID;
@@ -952,7 +952,7 @@
* the beginning of the block. This test verifies that the compaction
* works correctly by reading back UID 2.
*/
-static void tfm_sst_test_2018(struct test_result_t *ret)
+static void tfm_ps_test_2018(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid_1 = TEST_UID_2;
@@ -1016,7 +1016,7 @@
/**
* \brief Tests set and multiple partial gets.
*/
-static void tfm_sst_test_2019(struct test_result_t *ret)
+static void tfm_ps_test_2019(struct test_result_t *ret)
{
psa_status_t status;
uint32_t i;
@@ -1066,7 +1066,7 @@
/**
* \brief Tests multiple sets to the same UID.
*/
-static void tfm_sst_test_2020(struct test_result_t *ret)
+static void tfm_ps_test_2020(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID_2;
@@ -1125,7 +1125,7 @@
/**
* \brief Tests get support function.
*/
-static void tfm_sst_test_2021(struct test_result_t *ret)
+static void tfm_ps_test_2021(struct test_result_t *ret)
{
uint32_t support_flags;
@@ -1144,7 +1144,7 @@
* - Data length of different asset sizes
* - No flags
*/
-static void tfm_sst_test_2022(struct test_result_t *ret)
+static void tfm_ps_test_2022(struct test_result_t *ret)
{
uint8_t cycle;
psa_status_t status;
@@ -1153,9 +1153,9 @@
TEST_UID_2,
TEST_UID_3};
const uint32_t test_asset_sizes[TEST_1022_CYCLES] = {
- SST_MAX_ASSET_SIZE >> 2,
- SST_MAX_ASSET_SIZE >> 1,
- SST_MAX_ASSET_SIZE};
+ PS_MAX_ASSET_SIZE >> 2,
+ PS_MAX_ASSET_SIZE >> 1,
+ PS_MAX_ASSET_SIZE};
/* Loop to test different asset sizes and UID's*/
for (cycle = 0; cycle < TEST_1022_CYCLES; cycle++) {
diff --git a/test/suites/sst/secure/psa_ps_s_reliability_testsuite.c b/test/suites/ps/secure/psa_ps_s_reliability_testsuite.c
similarity index 89%
rename from test/suites/sst/secure/psa_ps_s_reliability_testsuite.c
rename to test/suites/ps/secure/psa_ps_s_reliability_testsuite.c
index 426edba..658f4f5 100644
--- a/test/suites/sst/secure/psa_ps_s_reliability_testsuite.c
+++ b/test/suites/ps/secure/psa_ps_s_reliability_testsuite.c
@@ -5,7 +5,7 @@
*
*/
-#include "sst_tests.h"
+#include "ps_tests.h"
#include <stdio.h>
@@ -29,15 +29,15 @@
#define READ_DATA "############################################"
#define RESULT_DATA ("####" WRITE_DATA "####")
-/* Define test suite for SST reliability tests */
+/* Define test suite for PS reliability tests */
/* List of tests */
-static void tfm_sst_test_3001(struct test_result_t *ret);
-static void tfm_sst_test_3002(struct test_result_t *ret);
+static void tfm_ps_test_3001(struct test_result_t *ret);
+static void tfm_ps_test_3002(struct test_result_t *ret);
static struct test_t reliability_tests[] = {
- {&tfm_sst_test_3001, "TFM_SST_TEST_3001",
+ {&tfm_ps_test_3001, "TFM_PS_TEST_3001",
"repetitive sets and gets in/from an asset", {TEST_PASSED} },
- {&tfm_sst_test_3002, "TFM_SST_TEST_3002",
+ {&tfm_ps_test_3002, "TFM_PS_TEST_3002",
"repetitive sets, gets and removes", {TEST_PASSED} },
};
@@ -46,14 +46,14 @@
uint32_t list_size = (sizeof(reliability_tests) /
sizeof(reliability_tests[0]));
- set_testsuite("SST reliability tests (TFM_SST_TEST_3XXX)",
+ set_testsuite("PS reliability tests (TFM_PS_TEST_3XXX)",
reliability_tests, list_size, p_test_suite);
}
/**
* \brief Tests repetitive sets and gets in/from an asset.
*/
-static void tfm_sst_test_3001(struct test_result_t *ret)
+static void tfm_ps_test_3001(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID;
@@ -109,7 +109,7 @@
/**
* \brief Tests repetitive sets, gets and removes.
*/
-static void tfm_sst_test_3002(struct test_result_t *ret)
+static void tfm_ps_test_3002(struct test_result_t *ret)
{
psa_status_t status;
const psa_storage_uid_t uid = TEST_UID;
@@ -146,7 +146,7 @@
return;
}
- /* Remove the asset from the secure storage */
+ /* Remove the asset from the protected storage */
status = psa_ps_remove(uid);
if (status != PSA_SUCCESS) {
TEST_FAIL("Remove should not fail with valid UID");
diff --git a/test/suites/sst/secure/s_test_helpers.h b/test/suites/ps/secure/s_test_helpers.h
similarity index 93%
rename from test/suites/sst/secure/s_test_helpers.h
rename to test/suites/ps/secure/s_test_helpers.h
index 1d8d664..1da7390 100644
--- a/test/suites/sst/secure/s_test_helpers.h
+++ b/test/suites/ps/secure/s_test_helpers.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2017-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
diff --git a/test/suites/sst/secure/sst_rollback_protection_testsuite.c b/test/suites/sst/secure/sst_rollback_protection_testsuite.c
deleted file mode 100644
index bc9d19f..0000000
--- a/test/suites/sst/secure/sst_rollback_protection_testsuite.c
+++ /dev/null
@@ -1,819 +0,0 @@
-/*
- * Copyright (c) 2018-2020, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#include "sst_tests.h"
-
-#include <stdio.h>
-
-#include "secure_fw/partitions/secure_storage/nv_counters/sst_nv_counters.h"
-#include "nv_counters/test_sst_nv_counters.h"
-#include "psa/protected_storage.h"
-#include "tfm_memory_utils.h"
-#include "s_test_helpers.h"
-
-/* This include is required to expose the sst_system_prepare function, via the
- * tfm_sst_test_system_prepare API, to simulate a reboot in the system.
- * sst_system_prepare is called when the SST service is initialized.
- */
-#include "test/test_services/tfm_sst_test_service/tfm_sst_test_service_api.h"
-
-#include "test/framework/test_framework_helpers.h"
-
-/* Test UIDs */
-#define TEST_UID 2UL /* UID 1 cannot be used as it references a write once
- * asset, created in psa_ps_s_interface_testsuite.c
- */
-
-/* Write data */
-#define WRITE_DATA "THE_FIVE_BOXING_WIZARDS_JUMP_QUICKLY"
-#define WRITE_DATA_SIZE (sizeof(WRITE_DATA) - 1)
-#define READ_DATA "############################################"
-#define RESULT_DATA ("####" WRITE_DATA "####")
-
-/*
- * Summary of tests covered by the test suite.
- *
- * SST version | NVC1 | NVC2 | NVC3 | Result | Test Num
- * ------------|------|------|------|----------|------------
- * X | X | X | X | Valid | 1
- * N | X | X | X | Invalid | 2
- * X | X | X | N | Valid | 3
- * N | X | N | N | Valid | 4
- * X | X | N | N | Valid | 5
- * X | X | M | N | Valid | 6
- * M | X | M | N | Invalid | 7
- * N | X | M | N | Invalid | 8
- *
- * Test 9 checks the SST result when the non-volatile (NV) counter 1 cannot be
- * incremented (e.g it has reached its maximum value).
- */
-
-/* List of tests */
-static void tfm_sst_test_4001(struct test_result_t *ret);
-static void tfm_sst_test_4002(struct test_result_t *ret);
-static void tfm_sst_test_4003(struct test_result_t *ret);
-static void tfm_sst_test_4004(struct test_result_t *ret);
-static void tfm_sst_test_4005(struct test_result_t *ret);
-static void tfm_sst_test_4006(struct test_result_t *ret);
-static void tfm_sst_test_4007(struct test_result_t *ret);
-static void tfm_sst_test_4008(struct test_result_t *ret);
-static void tfm_sst_test_4009(struct test_result_t *ret);
-
-static struct test_t interface_tests[] = {
- {&tfm_sst_test_4001, "TFM_SST_TEST_4001",
- "Check SST area version when NV counters 1/2/3 have the same value", {TEST_PASSED}},
- {&tfm_sst_test_4002, "TFM_SST_TEST_4002",
- "Check SST area version when it is different from NV counters 1/2/3", {TEST_PASSED}},
- {&tfm_sst_test_4003, "TFM_SST_TEST_4003",
- "Check SST area version when NV counters 1 and 2 are equals, 3 is "
- "different, and SST area version match NV counters 1 and 2", {TEST_PASSED}},
- {&tfm_sst_test_4004, "TFM_SST_TEST_4004",
- "Check SST area version when NV counters 2 and 3 are equals, 1 is "
- "different and SST area version match NV counter 2 and 3", {TEST_PASSED}},
- {&tfm_sst_test_4005, "TFM_SST_TEST_4005",
- "Check SST area version when NV counters 2 and 3 are equals, 1 is "
- "different and SST area version match NV counter 1", {TEST_PASSED}},
- {&tfm_sst_test_4006, "TFM_SST_TEST_4006",
- "Check SST area version when NV counters 1, 2 and 3 have different values "
- "and SST area version match NV counter 1 value", {TEST_PASSED}},
- {&tfm_sst_test_4007, "TFM_SST_TEST_4007",
- "Check SST area version when NV counters 1, 2 and 3 have different values "
- "and SST area version match NV counter 2 value", {TEST_PASSED}},
- {&tfm_sst_test_4008, "TFM_SST_TEST_4008",
- "Check SST area version when NV counters 1, 2 and 3 have different values "
- "and SST area version match NV counter 3 value", {TEST_PASSED}},
- {&tfm_sst_test_4009, "TFM_SST_TEST_4009",
- "Check SST area version when NV counter 1 cannot be incremented", {TEST_PASSED}},
-};
-
-void register_testsuite_s_rollback_protection(struct test_suite_t *p_test_suite)
-{
- uint32_t list_size = (sizeof(interface_tests) / sizeof(interface_tests[0]));
-
- set_testsuite("SST rollback protection tests (TFM_SST_TEST_4XXX)",
- interface_tests, list_size, p_test_suite);
-}
-
-/**
- * \brief Check SST area version when NV counters 1/2/3 have the same value.
- * It also checks that the 3 NV counters are aligned and they have been
- * increased by 1 unit.
- */
-static void tfm_sst_test_4001(struct test_result_t *ret)
-{
- psa_status_t status;
- const psa_storage_uid_t uid = TEST_UID;
- const psa_storage_create_flags_t flags = PSA_STORAGE_FLAG_NONE;
- const uint32_t data_len = WRITE_DATA_SIZE;
- const uint32_t offset = 0;
- uint32_t old_nvc_1, nvc_1, nvc_2, nvc_3;
- const uint8_t write_data[] = WRITE_DATA;
- uint8_t read_data[] = READ_DATA;
- size_t read_data_len = 0;
-
- /* Creates an asset in the SST area to generate a new SST area version */
- status = psa_ps_set(uid, data_len, write_data, flags);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Set should not fail with valid UID");
- return;
- }
-
- /* Reads NV counter 1 to get the saved value to compare it later */
- status = test_sst_read_nv_counter(TFM_SST_NV_COUNTER_1, &old_nvc_1);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Read should not fail");
- return;
- }
-
- /* Sets new data in the asset to generate a new SST area version */
- status = psa_ps_set(uid, data_len, write_data, flags);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Set should not fail with valid UID");
- return;
- }
-
- /* Validates the 3 NV counters have the same value and it has been increased
- * by 1 unit.
- */
-
- /* Reads NV counter 1 to get the current value */
- status = test_sst_read_nv_counter(TFM_SST_NV_COUNTER_1, &nvc_1);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Read should not fail");
- return;
- }
-
- /* Checks if NV counter 1 value has been increased by 1 unit as result of
- * process the write request.
- */
- if (nvc_1 != (old_nvc_1 + 1)) {
- TEST_FAIL("NV counter 1 has been increased more than 1 unit");
- return;
- }
-
- /* Reads NV counter 2 to get the current value */
- status = test_sst_read_nv_counter(TFM_SST_NV_COUNTER_2, &nvc_2);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Read should not fail");
- return;
- }
-
- if (nvc_1 != nvc_2) {
- TEST_FAIL("NV counter 1 and 2 should have the same value");
- return;
- }
-
- /* Reads NV counter 3 to get the current value */
- status = test_sst_read_nv_counter(TFM_SST_NV_COUNTER_3, &nvc_3);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Read should not fail");
- return;
- }
-
- if (nvc_2 != nvc_3) {
- TEST_FAIL("NV counter 2 and 3 should have the same value");
- return;
- }
-
- /* Simulates a reboot in the system by calling sst_system_prepare(). This
- * function is called when the SST service is initialized.
- *
- * Prepare should not fail as the NV counters has the same values and
- * the SST area authentication is aligned with those values.
- */
- status = tfm_sst_test_system_prepare();
- if (status != PSA_SUCCESS) {
- TEST_FAIL("AM prepare should not fail");
- return;
- }
-
- /* Gets data from the asset */
- status = psa_ps_get(uid, offset, data_len, (read_data + HALF_PADDING_SIZE),
- &read_data_len);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Get should not fail");
- return;
- }
-
- /* Checks that the data has not changed */
- if (tfm_memcmp(read_data, RESULT_DATA, sizeof(read_data)) != 0) {
- TEST_FAIL("The data should not have changed");
- return;
- }
-
- /* Removes the asset to clean up storage for the next test */
- status = psa_ps_remove(uid);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Remove should not fail with valid UID");
- return;
- }
-
- ret->val = TEST_PASSED;
-}
-
-/**
- * \brief Check SST area version when it is different from NV counters
- * 1/2/3.
- */
-static void tfm_sst_test_4002(struct test_result_t *ret)
-{
- psa_status_t status;
- const psa_storage_uid_t uid = TEST_UID;
- const psa_storage_create_flags_t flags = PSA_STORAGE_FLAG_NONE;
- const uint32_t data_len = WRITE_DATA_SIZE;
- const uint8_t write_data[] = WRITE_DATA;
-
- /* Creates an asset in the SST area to generate a new SST area version */
- status = psa_ps_set(uid, data_len, write_data, flags);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Set should not fail with valid UID");
- return;
- }
-
- /* Increments all counters to make that SST area version old/invalid */
- status = test_sst_increment_nv_counter(TFM_SST_NV_COUNTER_1);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Increment should not fail");
- return;
- }
-
- status = test_sst_increment_nv_counter(TFM_SST_NV_COUNTER_2);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Increment should not fail");
- return;
- }
-
- status = test_sst_increment_nv_counter(TFM_SST_NV_COUNTER_3);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Increment should not fail");
- return;
- }
-
- /* Simulates a reboot in the system by calling sst_system_prepare(). This
- * function is called when the SST service is initialized.
- *
- * Prepare should fail as the SST area version does not match the
- * NV counters values.
- */
- status = tfm_sst_test_system_prepare();
- if (status != PSA_ERROR_GENERIC_ERROR) {
- TEST_FAIL("SST system prepare should fail as version is old");
- return;
- }
-
- /* Removes the asset to clean up storage for the next test.
- *
- * To be able to remove the asset, the SST area version should match
- * with the counter values. So, it is required to:
- *
- * 1. align the counters with the SST area version
- * 2. re-call sst_system_prepare to mark the SST area as a valid image
- * 3. remove the asset.
- */
-
- /* Aligns NV counters with the SST area version */
- status = test_sst_decrement_nv_counter(TFM_SST_NV_COUNTER_1);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Decrement should not fail");
- return;
- }
-
- status = test_sst_decrement_nv_counter(TFM_SST_NV_COUNTER_2);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Decrement should not fail");
- return;
- }
-
- status = test_sst_decrement_nv_counter(TFM_SST_NV_COUNTER_3);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Decrement should not fail");
- return;
- }
-
- /* Calls sst_system_prepare to mark the SST area as a valid image */
- status = tfm_sst_test_system_prepare();
- if (status != PSA_SUCCESS) {
- TEST_FAIL("SST system prepare should not fail");
- return;
- }
-
- /* Removes the asset to clean up storage for the next test */
- status = psa_ps_remove(uid);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Remove should not fail with valid UID");
- return;
- }
-
- ret->val = TEST_PASSED;
-}
-
-/**
- * \brief Check SST area version when NV counters 1 and 2 are equals, 3 is
- * different and SST area version match NV counter 1 and 2 values.
- * It simulates a power cut during write action while the counter 3 is
- * being increased.
- */
-static void tfm_sst_test_4003(struct test_result_t *ret)
-{
- psa_status_t status;
- const psa_storage_uid_t uid = TEST_UID;
- const psa_storage_create_flags_t flags = PSA_STORAGE_FLAG_NONE;
- const uint32_t data_len = WRITE_DATA_SIZE;
- const uint32_t offset = 0;
- const uint8_t write_data[] = WRITE_DATA;
- uint8_t read_data[] = READ_DATA;
- size_t read_data_len = 0;
-
- /* Creates an asset in the SST area to generate a new SST area version */
- status = psa_ps_set(uid, data_len, write_data, flags);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Set should not fail with valid UID");
- return;
- }
-
- /* Decrements NV counters 3 to make it different from the other two counters
- * and make the current SST area version match NV counter 1 and 2 values.
- */
- status = test_sst_decrement_nv_counter(TFM_SST_NV_COUNTER_3);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Decrement should not fail");
- return;
- }
-
- /* Simulates a reboot in the system by calling sst_system_prepare(). This
- * function is called when the SST service is initialized.
- *
- * Prepare should not fail as the SST area version match NV counters 1 and
- * 2 values.
- */
- status = tfm_sst_test_system_prepare();
- if (status != PSA_SUCCESS) {
- TEST_FAIL("SST system prepare should not fail");
- return;
- }
-
- /* Gets the data from the asset */
- status = psa_ps_get(uid, offset, data_len, (read_data + HALF_PADDING_SIZE),
- &read_data_len);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Get should not fail");
- return;
- }
-
- /* Checks that the data has not changed */
- if (tfm_memcmp(read_data, RESULT_DATA, sizeof(read_data)) != 0) {
- TEST_FAIL("The data should not have changed");
- return;
- }
-
- /* Removes the asset to clean up storage for the next test */
- status = psa_ps_remove(uid);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Remove should not fail with valid UID");
- return;
- }
-
- ret->val = TEST_PASSED;
-}
-
-/**
- * \brief Check SST area version when NV counters 2 and 3 are equals, 1 is
- * different and SST area version match NV counter 2 and 3 values.
- * It simulates a power cut during write action before increment counter
- * 2 and 3, and the new SST area version is corrupted and only the old
- * version match the NV counters.
- */
-static void tfm_sst_test_4004(struct test_result_t *ret)
-{
- psa_status_t status;
- const psa_storage_uid_t uid = TEST_UID;
- const psa_storage_create_flags_t flags = PSA_STORAGE_FLAG_NONE;
- const uint32_t data_len = WRITE_DATA_SIZE;
- const uint32_t offset = 0;
- const uint8_t write_data[] = WRITE_DATA;
- uint8_t read_data[] = READ_DATA;
- size_t read_data_len = 0;
-
- /* Creates an asset in the SST area to generate a new SST area version */
- status = psa_ps_set(uid, data_len, write_data, flags);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Set should not fail with valid UID");
- return;
- }
-
- /* Increments NV counters 1 to make it different from the other two counters
- * and make the current SST area version match NV counter 2 and 3 values.
- */
- status = test_sst_increment_nv_counter(TFM_SST_NV_COUNTER_1);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Increment should not fail");
- return;
- }
-
- /* Simulates a reboot in the system by calling sst_system_prepare(). This
- * function is called when the SST service is initialized.
- *
- * Prepare should not fail as the SST area version match the NV counter 2
- * and 3 values.
- */
- status = tfm_sst_test_system_prepare();
- if (status != PSA_SUCCESS) {
- TEST_FAIL("SST system prepare should not fail");
- return;
- }
-
- /* Gets the data from the asset */
- status = psa_ps_get(uid, offset, data_len, (read_data + HALF_PADDING_SIZE),
- &read_data_len);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Get should not fail");
- return;
- }
-
- /* Checks that the data has not changed */
- if (tfm_memcmp(read_data, RESULT_DATA, sizeof(read_data)) != 0) {
- TEST_FAIL("The data should not have changed");
- return;
- }
-
- /* Removes the asset to clean up storage for the next test */
- status = psa_ps_remove(uid);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Remove should not fail with valid UID");
- return;
- }
-
- ret->val = TEST_PASSED;
-}
-
-/**
- * \brief Check SST area version when NV counters 2 and 3 are equals, 1 is
- * different and SST area version match NV counter 1 value.
- * It simulates a power cut during write action before increment counter
- * 2 and 3, and the new SST area version is corrupted and only the old
- * version match the NV counters.
- */
-static void tfm_sst_test_4005(struct test_result_t *ret)
-{
- psa_status_t status;
- const psa_storage_uid_t uid = TEST_UID;
- const psa_storage_create_flags_t flags = PSA_STORAGE_FLAG_NONE;
- const uint32_t data_len = WRITE_DATA_SIZE;
- const uint32_t offset = 0;
- const uint8_t write_data[] = WRITE_DATA;
- uint8_t read_data[] = READ_DATA;
- size_t read_data_len = 0;
-
- /* Creates an asset in the SST area to generate a new SST area version */
- status = psa_ps_set(uid, data_len, write_data, flags);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Set should not fail with valid UID");
- return;
- }
-
- /* Decrements NV counter 2 and 3 to make the SST area version match NV
- * counter 1 only.
- */
- status = test_sst_decrement_nv_counter(TFM_SST_NV_COUNTER_2);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Decrement should not fail");
- return;
- }
-
- status = test_sst_decrement_nv_counter(TFM_SST_NV_COUNTER_3);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Decrement should not fail");
- return;
- }
-
- /* Simulates a reboot in the system by calling sst_system_prepare(). This
- * function is called when the SST service is initialized.
- *
- * Prepare should not fail as the SST area version match the NV counter 1.
- */
- status = tfm_sst_test_system_prepare();
- if (status != PSA_SUCCESS) {
- TEST_FAIL("SST system prepare should not fail");
- return;
- }
-
- /* Gets the data from the asset */
- status = psa_ps_get(uid, offset, data_len, (read_data + HALF_PADDING_SIZE),
- &read_data_len);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Get should not fail");
- return;
- }
-
- /* Checks that the data has not changed */
- if (tfm_memcmp(read_data, RESULT_DATA, sizeof(read_data)) != 0) {
- TEST_FAIL("The data should not have changed");
- return;
- }
-
- /* Removes the asset to clean up storage for the next test */
- status = psa_ps_remove(uid);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Remove should not fail with valid UID");
- return;
- }
-
- ret->val = TEST_PASSED;
-}
-
-/**
- * \brief Check SST area version when NV counters 1, 2 and 3 have different
- * values and SST area version match NV counter 1 value.
- */
-static void tfm_sst_test_4006(struct test_result_t *ret)
-{
- psa_status_t status;
- const psa_storage_uid_t uid = TEST_UID;
- const psa_storage_create_flags_t flags = PSA_STORAGE_FLAG_NONE;
- const uint32_t data_len = WRITE_DATA_SIZE;
- const uint32_t offset = 0;
- const uint8_t write_data[] = WRITE_DATA;
- uint8_t read_data[] = READ_DATA;
- size_t read_data_len = 0;
-
- /* Creates an asset in the SST area to generate a new SST area version */
- status = psa_ps_set(uid, data_len, write_data, flags);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Set should not fail with valid UID");
- return;
- }
-
- /* Decrements NV counter 2 (1 time) and 3 (2 times) to make the SST area
- * version match NV counter 1 only.
- */
- status = test_sst_decrement_nv_counter(TFM_SST_NV_COUNTER_2);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Decrement should not fail");
- return;
- }
-
- status = test_sst_decrement_nv_counter(TFM_SST_NV_COUNTER_3);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Decrement should not fail");
- return;
- }
-
- status = test_sst_decrement_nv_counter(TFM_SST_NV_COUNTER_3);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Decrement should not fail");
- return;
- }
-
- /* Simulates a reboot in the system by calling sst_system_prepare(). This
- * function is called when the SST service is initialized.
- *
- * Prepare should not fail as the SST area version match the NV counter 1.
- */
- status = tfm_sst_test_system_prepare();
- if (status != PSA_SUCCESS) {
- TEST_FAIL("SST system prepare should not fail");
- return;
- }
-
- /* Gets data from the asset */
- status = psa_ps_get(uid, offset, data_len, (read_data + HALF_PADDING_SIZE),
- &read_data_len);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Get should not fail");
- return;
- }
-
- /* Checks that the data has not changed */
- if (tfm_memcmp(read_data, RESULT_DATA, sizeof(read_data)) != 0) {
- TEST_FAIL("The data should not have changed");
- return;
- }
-
- /* Removes the asset to clean up storage for the next test */
- status = psa_ps_remove(uid);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Remove should not fail with valid UID");
- return;
- }
-
- ret->val = TEST_PASSED;
-}
-
-/**
- * \brief Check SST area version when NV counters 1, 2 and 3 have different
- * values and SST area version match NV counter 2 value.
- */
-static void tfm_sst_test_4007(struct test_result_t *ret)
-{
- psa_status_t status;
- const psa_storage_uid_t uid = TEST_UID;
- const psa_storage_create_flags_t flags = PSA_STORAGE_FLAG_NONE;
- const uint32_t data_len = WRITE_DATA_SIZE;
- const uint8_t write_data[] = WRITE_DATA;
-
- /* Creates an asset in the SST area to generate a new SST area version */
- status = psa_ps_set(uid, data_len, write_data, flags);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Set should not fail with valid UID");
- return;
- }
-
- /* Increments NV counter 1 and decrements 3 to make the SST area
- * version match NV counter 2 only.
- */
- status = test_sst_increment_nv_counter(TFM_SST_NV_COUNTER_1);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Increment should not fail");
- return;
- }
-
- status = test_sst_decrement_nv_counter(TFM_SST_NV_COUNTER_3);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Decrement should not fail");
- return;
- }
-
- /* Simulates a reboot in the system by calling sst_system_prepare(). This
- * function is called when the SST service is initialized.
- *
- * Prepare should fail as the SST area version match the NV counter 2 and
- * the other counters are different.
- */
- status = tfm_sst_test_system_prepare();
- if (status != PSA_ERROR_GENERIC_ERROR) {
- TEST_FAIL("SST system prepare should fail");
- return;
- }
-
- /* Removes the asset to clean up storage for the next test.
- *
- * To be able to remove the asset, the SST area version should match
- * with the counter values. So, it is required to:
- *
- * 1. align the counters with the SST area version
- * 2. re-call sst_system_prepare to mark the SST area as a valid image
- * 3. remove the asset.
- */
-
- /* Aligns NV counters with the SST area version */
- status = test_sst_decrement_nv_counter(TFM_SST_NV_COUNTER_1);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Decrement should not fail");
- return;
- }
-
- status = test_sst_increment_nv_counter(TFM_SST_NV_COUNTER_3);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Increment should not fail");
- return;
- }
-
- /* Calls sst_system_prepare to mark the SST area as a valid image */
- status = tfm_sst_test_system_prepare();
- if (status != PSA_SUCCESS) {
- TEST_FAIL("SST system prepare should not fail");
- return;
- }
-
- /* Removes the asset to clean up storage for the next test */
- status = psa_ps_remove(uid);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Remove should not fail with valid UID");
- return;
- }
-
- ret->val = TEST_PASSED;
-}
-
-/**
- * \brief Check SST area version when NV counters 1, 2 and 3 have different
- * values and SST area version match NV counter 3 value.
- */
-static void tfm_sst_test_4008(struct test_result_t *ret)
-{
- psa_status_t status;
- const psa_storage_uid_t uid = TEST_UID;
- const psa_storage_create_flags_t flags = PSA_STORAGE_FLAG_NONE;
- const uint32_t data_len = WRITE_DATA_SIZE;
- const uint8_t write_data[] = WRITE_DATA;
-
- /* Creates an asset in the SST area to generate a new SST area version */
- status = psa_ps_set(uid, data_len, write_data, flags);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Set should not fail with valid UID");
- return;
- }
-
- /* Increments NV counter 1 (2 times) and 2 (1 time) to make the SST area
- * version match NV counter 3 only.
- */
- status = test_sst_increment_nv_counter(TFM_SST_NV_COUNTER_1);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Increment should not fail");
- return;
- }
-
- status = test_sst_increment_nv_counter(TFM_SST_NV_COUNTER_1);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Increment should not fail");
- return;
- }
-
- status = test_sst_increment_nv_counter(TFM_SST_NV_COUNTER_2);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Increment should not fail");
- return;
- }
-
- /* Simulates a reboot in the system by calling sst_system_prepare(). This
- * function is called when the SST service is initialized.
- *
- * Prepare should fail as the SST area version match the NV counter 2 and
- * the other counters are different.
- */
- status = tfm_sst_test_system_prepare();
- if (status != PSA_ERROR_GENERIC_ERROR) {
- TEST_FAIL("AM prepare should fail");
- return;
- }
-
- /* Removes the asset to clean up storage for the next test.
- *
- * To be able to remove the asset, the SST area version should match
- * with the counter values. So, it is required to:
- *
- * 1. align the counters with the SST area version
- * 2. re-call sst_system_prepare to mark the SST area as a valid image
- * 3. remove the asset.
- */
-
- /* Align NV counters with the SST area version */
- status = test_sst_decrement_nv_counter(TFM_SST_NV_COUNTER_1);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Decrement should not fail");
- return;
- }
-
- status = test_sst_decrement_nv_counter(TFM_SST_NV_COUNTER_1);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Decrement should not fail");
- return;
- }
-
- status = test_sst_decrement_nv_counter(TFM_SST_NV_COUNTER_2);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Decrement should not fail");
- return;
- }
-
- /* Calls sst_system_prepare to mark the SST area as a valid image */
- status = tfm_sst_test_system_prepare();
- if (status != PSA_SUCCESS) {
- TEST_FAIL("SST system prepare should not fail");
- return;
- }
-
- /* Removes the asset to clean up storage for the next test */
- status = psa_ps_remove(uid);
- if (status != PSA_SUCCESS) {
- TEST_FAIL("Remove should not fail with valid UID");
- return;
- }
-
- ret->val = TEST_PASSED;
-}
-
-/**
- * \brief Check SST area version when NV counter 1 cannot be incremented
- * (e.g it has reached its maximum value)
- */
-static void tfm_sst_test_4009(struct test_result_t *ret)
-{
- psa_status_t status;
- const psa_storage_uid_t uid = TEST_UID;
- const psa_storage_create_flags_t flags = PSA_STORAGE_FLAG_NONE;
- const uint32_t data_len = WRITE_DATA_SIZE;
- const uint8_t write_data[] = WRITE_DATA;
-
- /* Disables increment function to simulate that NV counter 1 has
- * reached its maximum value.
- */
- test_sst_disable_increment_nv_counter();
-
- /* Creates an asset in the SST area to generate a new SST area version */
- status = psa_ps_set(uid, data_len, write_data, flags);
- if (status != PSA_ERROR_GENERIC_ERROR) {
- TEST_FAIL("Set should fail as the non-volatile counters can not be"
- " increased");
- return;
- }
-
- /* Enables counter again to not affect the next tests, if any */
- test_sst_enable_increment_nv_counter();
-
- ret->val = TEST_PASSED;
-}
diff --git a/test/test_services/CMakeLists.inc b/test/test_services/CMakeLists.inc
index f5e52d9..9c3e688 100644
--- a/test/test_services/CMakeLists.inc
+++ b/test/test_services/CMakeLists.inc
@@ -63,11 +63,11 @@
)
endif()
-if (NOT DEFINED TFM_PARTITION_TEST_SST)
- message(FATAL_ERROR "Incomplete build configuration: TFM_PARTITION_TEST_SST is undefined.")
-elseif (TFM_PARTITION_TEST_SST)
- list(APPEND ALL_SRC_C_S "${CORE_TEST_DIR}/tfm_sst_test_service/tfm_sst_test_service.c"
- "${CORE_TEST_DIR}/tfm_sst_test_service/tfm_sst_test_service_api.c")
+if (NOT DEFINED TFM_PARTITION_TEST_PS)
+ message(FATAL_ERROR "Incomplete build configuration: TFM_PARTITION_TEST_PS is undefined.")
+elseif (TFM_PARTITION_TEST_PS)
+ list(APPEND ALL_SRC_C_S "${CORE_TEST_DIR}/tfm_ps_test_service/tfm_ps_test_service.c"
+ "${CORE_TEST_DIR}/tfm_ps_test_service/tfm_ps_test_service_api.c")
endif()
if (NOT DEFINED TFM_MULTI_CORE_TEST)
diff --git a/test/test_services/tfm_core_test/psa_manifest/tfm_test_core.h b/test/test_services/tfm_core_test/psa_manifest/tfm_test_core.h
index e4a41a4..e133c46 100644
--- a/test/test_services/tfm_core_test/psa_manifest/tfm_test_core.h
+++ b/test/test_services/tfm_core_test/psa_manifest/tfm_test_core.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
diff --git a/test/test_services/tfm_core_test_2/psa_manifest/tfm_test_core_2.h b/test/test_services/tfm_core_test_2/psa_manifest/tfm_test_core_2.h
index 506120a..c636835 100644
--- a/test/test_services/tfm_core_test_2/psa_manifest/tfm_test_core_2.h
+++ b/test/test_services/tfm_core_test_2/psa_manifest/tfm_test_core_2.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
diff --git a/test/test_services/tfm_ipc_client/psa_manifest/tfm_ipc_client_partition.h b/test/test_services/tfm_ipc_client/psa_manifest/tfm_ipc_client_partition.h
index 7814ef4..d6d7513 100644
--- a/test/test_services/tfm_ipc_client/psa_manifest/tfm_ipc_client_partition.h
+++ b/test/test_services/tfm_ipc_client/psa_manifest/tfm_ipc_client_partition.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
diff --git a/test/test_services/tfm_ipc_service/psa_manifest/tfm_ipc_service_partition.h b/test/test_services/tfm_ipc_service/psa_manifest/tfm_ipc_service_partition.h
index a6898bb..47427a0 100644
--- a/test/test_services/tfm_ipc_service/psa_manifest/tfm_ipc_service_partition.h
+++ b/test/test_services/tfm_ipc_service/psa_manifest/tfm_ipc_service_partition.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
diff --git a/test/test_services/tfm_irq_test_service_1/psa_manifest/tfm_irq_test_service_1.h b/test/test_services/tfm_irq_test_service_1/psa_manifest/tfm_irq_test_service_1.h
index 658cf95..18ef22a 100644
--- a/test/test_services/tfm_irq_test_service_1/psa_manifest/tfm_irq_test_service_1.h
+++ b/test/test_services/tfm_irq_test_service_1/psa_manifest/tfm_irq_test_service_1.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
diff --git a/test/test_services/tfm_multi_core_test/psa_manifest/tfm_multi_core_test.h b/test/test_services/tfm_multi_core_test/psa_manifest/tfm_multi_core_test.h
index 1692715..ad7ccb5 100644
--- a/test/test_services/tfm_multi_core_test/psa_manifest/tfm_multi_core_test.h
+++ b/test/test_services/tfm_multi_core_test/psa_manifest/tfm_multi_core_test.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
diff --git a/test/test_services/tfm_ps_test_service/psa_manifest/tfm_ps_test_service.h b/test/test_services/tfm_ps_test_service/psa_manifest/tfm_ps_test_service.h
new file mode 100644
index 0000000..e748ddf
--- /dev/null
+++ b/test/test_services/tfm_ps_test_service/psa_manifest/tfm_ps_test_service.h
@@ -0,0 +1,23 @@
+/*
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+/*********** WARNING: This is an auto-generated file. Do not edit! ***********/
+
+#ifndef __PSA_MANIFEST_TFM_PS_TEST_SERVICE_H__
+#define __PSA_MANIFEST_TFM_PS_TEST_SERVICE_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define TFM_PS_TEST_PREPARE_SIGNAL (1U << (0 + 4))
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __PSA_MANIFEST_TFM_PS_TEST_SERVICE_H__ */
diff --git a/test/test_services/tfm_ps_test_service/tfm_ps_test_service.c b/test/test_services/tfm_ps_test_service/tfm_ps_test_service.c
new file mode 100644
index 0000000..2e30796
--- /dev/null
+++ b/test/test_services/tfm_ps_test_service/tfm_ps_test_service.c
@@ -0,0 +1,49 @@
+/*
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifdef TFM_PSA_API
+#include "psa/service.h"
+#include "psa_manifest/tfm_ps_test_service.h"
+#else
+#include "psa/client.h"
+#endif
+
+#include "secure_fw/partitions/protected_storage/ps_object_system.h"
+
+psa_status_t tfm_ps_test_prepare(psa_invec *in_vec, size_t in_len,
+ psa_outvec *out_vec, size_t out_len)
+{
+ (void)in_vec;
+ (void)in_len;
+ (void)out_vec;
+ (void)out_len;
+
+ return ps_system_prepare();
+}
+
+psa_status_t tfm_ps_test_init(void)
+{
+#ifdef TFM_PSA_API
+ psa_msg_t msg;
+
+ while (1) {
+ (void)psa_wait(TFM_PS_TEST_PREPARE_SIGNAL, PSA_BLOCK);
+ (void)psa_get(TFM_PS_TEST_PREPARE_SIGNAL, &msg);
+ switch (msg.type) {
+ case PSA_IPC_CONNECT:
+ case PSA_IPC_DISCONNECT:
+ psa_reply(msg.handle, PSA_SUCCESS);
+ break;
+ case PSA_IPC_CALL:
+ psa_reply(msg.handle, ps_system_prepare());
+ break;
+ }
+ }
+#else
+ return PSA_SUCCESS;
+#endif
+}
diff --git a/test/test_services/tfm_sst_test_service/tfm_sst_test_service.yaml b/test/test_services/tfm_ps_test_service/tfm_ps_test_service.yaml
similarity index 79%
rename from test/test_services/tfm_sst_test_service/tfm_sst_test_service.yaml
rename to test/test_services/tfm_ps_test_service/tfm_ps_test_service.yaml
index 8294b17..eddc3ed 100644
--- a/test/test_services/tfm_sst_test_service/tfm_sst_test_service.yaml
+++ b/test/test_services/tfm_ps_test_service/tfm_ps_test_service.yaml
@@ -7,15 +7,15 @@
{
"psa_framework_version": 1.0,
- "name": "TFM_SP_SST_TEST",
+ "name": "TFM_SP_PS_TEST",
"type": "PSA-ROT",
"priority": "NORMAL",
- "entry_point": "tfm_sst_test_init",
+ "entry_point": "tfm_ps_test_init",
"stack_size": "0x500",
"secure_functions": [
{
- "name": "TFM_SST_TEST_PREPARE",
- "signal": "TFM_SST_TEST_PREPARE",
+ "name": "TFM_PS_TEST_PREPARE",
+ "signal": "TFM_PS_TEST_PREPARE",
"non_secure_clients": false,
"version": 1,
"version_policy": "STRICT"
@@ -23,7 +23,7 @@
],
"services": [
{
- "name": "TFM_SST_TEST_PREPARE",
+ "name": "TFM_PS_TEST_PREPARE",
"sid": "0x0000F0C0",
"non_secure_clients": false,
"version": 1,
diff --git a/test/test_services/tfm_sst_test_service/tfm_sst_test_service_api.c b/test/test_services/tfm_ps_test_service/tfm_ps_test_service_api.c
similarity index 60%
rename from test/test_services/tfm_sst_test_service/tfm_sst_test_service_api.c
rename to test/test_services/tfm_ps_test_service/tfm_ps_test_service_api.c
index a50b490..1377e93 100644
--- a/test/test_services/tfm_sst_test_service/tfm_sst_test_service_api.c
+++ b/test/test_services/tfm_ps_test_service/tfm_ps_test_service_api.c
@@ -1,11 +1,11 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
*/
-#include "tfm_sst_test_service_api.h"
+#include "tfm_ps_test_service_api.h"
#ifdef TFM_PSA_API
#include "psa/client.h"
@@ -15,14 +15,14 @@
#endif
__attribute__((section("SFN")))
-psa_status_t tfm_sst_test_system_prepare(void)
+psa_status_t tfm_ps_test_system_prepare(void)
{
#ifdef TFM_PSA_API
psa_handle_t handle;
psa_status_t status;
- handle = psa_connect(TFM_SST_TEST_PREPARE_SID,
- TFM_SST_TEST_PREPARE_VERSION);
+ handle = psa_connect(TFM_PS_TEST_PREPARE_SID,
+ TFM_PS_TEST_PREPARE_VERSION);
if (!PSA_HANDLE_IS_VALID(handle)) {
return PSA_ERROR_GENERIC_ERROR;
}
@@ -32,6 +32,6 @@
return status;
#else
- return tfm_tfm_sst_test_prepare_veneer(NULL, 0, NULL, 0);
+ return tfm_tfm_ps_test_prepare_veneer(NULL, 0, NULL, 0);
#endif
}
diff --git a/test/test_services/tfm_ps_test_service/tfm_ps_test_service_api.h b/test/test_services/tfm_ps_test_service/tfm_ps_test_service_api.h
new file mode 100644
index 0000000..50aaa69
--- /dev/null
+++ b/test/test_services/tfm_ps_test_service/tfm_ps_test_service_api.h
@@ -0,0 +1,28 @@
+/*
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef __TFM_PS_TEST_SERVICE_API_H__
+#define __TFM_PS_TEST_SERVICE_API_H__
+
+#include "psa/error.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief Requests the PS Test Service to call ps_system_prepare().
+ *
+ * \return Returns error code as specified in \ref psa_status_t
+ */
+psa_status_t tfm_ps_test_system_prepare(void);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __TFM_PS_TEST_SERVICE_API_H__ */
diff --git a/test/test_services/tfm_secure_client_2/psa_manifest/tfm_secure_client_2.h b/test/test_services/tfm_secure_client_2/psa_manifest/tfm_secure_client_2.h
index a8b1f2f..a8fdf47 100644
--- a/test/test_services/tfm_secure_client_2/psa_manifest/tfm_secure_client_2.h
+++ b/test/test_services/tfm_secure_client_2/psa_manifest/tfm_secure_client_2.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
diff --git a/test/test_services/tfm_secure_client_service/psa_manifest/tfm_test_client_service.h b/test/test_services/tfm_secure_client_service/psa_manifest/tfm_test_client_service.h
index fd25397..2e03069 100644
--- a/test/test_services/tfm_secure_client_service/psa_manifest/tfm_test_client_service.h
+++ b/test/test_services/tfm_secure_client_service/psa_manifest/tfm_test_client_service.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
diff --git a/test/test_services/tfm_secure_client_service/tfm_test_client_service.yaml b/test/test_services/tfm_secure_client_service/tfm_test_client_service.yaml
index 4cd27c8..7931f16 100644
--- a/test/test_services/tfm_secure_client_service/tfm_test_client_service.yaml
+++ b/test/test_services/tfm_secure_client_service/tfm_test_client_service.yaml
@@ -39,11 +39,11 @@
"dependencies": [
"TFM_SECURE_CLIENT_2",
"TFM_CRYPTO",
- "TFM_SST_SET",
- "TFM_SST_GET",
- "TFM_SST_GET_INFO",
- "TFM_SST_REMOVE",
- "TFM_SST_GET_SUPPORT",
+ "TFM_PS_SET",
+ "TFM_PS_GET",
+ "TFM_PS_GET_INFO",
+ "TFM_PS_REMOVE",
+ "TFM_PS_GET_SUPPORT",
"TFM_ITS_SET",
"TFM_ITS_GET",
"TFM_ITS_GET_INFO",
@@ -51,7 +51,7 @@
"TFM_ATTEST_GET_TOKEN",
"TFM_ATTEST_GET_TOKEN_SIZE",
"TFM_ATTEST_GET_PUBLIC_KEY",
- "TFM_SST_TEST_PREPARE",
+ "TFM_PS_TEST_PREPARE",
"TFM_SP_PLATFORM_SYSTEM_RESET",
"TFM_SP_PLATFORM_IOCTL"
]
diff --git a/test/test_services/tfm_sst_test_service/psa_manifest/tfm_sst_test_service.h b/test/test_services/tfm_sst_test_service/psa_manifest/tfm_sst_test_service.h
deleted file mode 100644
index d7f1a70..0000000
--- a/test/test_services/tfm_sst_test_service/psa_manifest/tfm_sst_test_service.h
+++ /dev/null
@@ -1,23 +0,0 @@
-/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-/*********** WARNING: This is an auto-generated file. Do not edit! ***********/
-
-#ifndef __PSA_MANIFEST_TFM_SST_TEST_SERVICE_H__
-#define __PSA_MANIFEST_TFM_SST_TEST_SERVICE_H__
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define TFM_SST_TEST_PREPARE_SIGNAL (1U << (0 + 4))
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __PSA_MANIFEST_TFM_SST_TEST_SERVICE_H__ */
diff --git a/test/test_services/tfm_sst_test_service/tfm_sst_test_service.c b/test/test_services/tfm_sst_test_service/tfm_sst_test_service.c
deleted file mode 100644
index 0e43666..0000000
--- a/test/test_services/tfm_sst_test_service/tfm_sst_test_service.c
+++ /dev/null
@@ -1,49 +0,0 @@
-/*
- * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#ifdef TFM_PSA_API
-#include "psa/service.h"
-#include "psa_manifest/tfm_sst_test_service.h"
-#else
-#include "psa/client.h"
-#endif
-
-#include "secure_fw/partitions/secure_storage/sst_object_system.h"
-
-psa_status_t tfm_sst_test_prepare(psa_invec *in_vec, size_t in_len,
- psa_outvec *out_vec, size_t out_len)
-{
- (void)in_vec;
- (void)in_len;
- (void)out_vec;
- (void)out_len;
-
- return sst_system_prepare();
-}
-
-psa_status_t tfm_sst_test_init(void)
-{
-#ifdef TFM_PSA_API
- psa_msg_t msg;
-
- while (1) {
- (void)psa_wait(TFM_SST_TEST_PREPARE_SIGNAL, PSA_BLOCK);
- (void)psa_get(TFM_SST_TEST_PREPARE_SIGNAL, &msg);
- switch (msg.type) {
- case PSA_IPC_CONNECT:
- case PSA_IPC_DISCONNECT:
- psa_reply(msg.handle, PSA_SUCCESS);
- break;
- case PSA_IPC_CALL:
- psa_reply(msg.handle, sst_system_prepare());
- break;
- }
- }
-#else
- return PSA_SUCCESS;
-#endif
-}
diff --git a/test/test_services/tfm_sst_test_service/tfm_sst_test_service_api.h b/test/test_services/tfm_sst_test_service/tfm_sst_test_service_api.h
deleted file mode 100644
index 5fb558a..0000000
--- a/test/test_services/tfm_sst_test_service/tfm_sst_test_service_api.h
+++ /dev/null
@@ -1,28 +0,0 @@
-/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#ifndef __TFM_SST_TEST_SERVICE_API_H__
-#define __TFM_SST_TEST_SERVICE_API_H__
-
-#include "psa/error.h"
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \brief Requests the SST Test Service to call sst_system_prepare().
- *
- * \return Returns error code as specified in \ref psa_status_t
- */
-psa_status_t tfm_sst_test_system_prepare(void);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __TFM_SST_TEST_SERVICE_API_H__ */
diff --git a/tools/tfm_manifest_list.yaml b/tools/tfm_manifest_list.yaml
index c7cef7a..b0361f9 100644
--- a/tools/tfm_manifest_list.yaml
+++ b/tools/tfm_manifest_list.yaml
@@ -12,12 +12,12 @@
"version_minor": 1,
"manifest_list": [
{
- "name": "Secure Storage Service",
- "short_name": "TFM_SP_STORAGE",
- "manifest": "secure_fw/partitions/secure_storage/tfm_secure_storage.yaml",
+ "name": "Protected Storage Service",
+ "short_name": "TFM_SP_PS",
+ "manifest": "secure_fw/partitions/protected_storage/tfm_protected_storage.yaml",
"tfm_extensions": true,
"tfm_partition_ipc": true,
- "conditional": "TFM_PARTITION_SECURE_STORAGE",
+ "conditional": "TFM_PARTITION_PROTECTED_STORAGE",
"version_major": 0,
"version_minor": 1,
"pid": 256,
@@ -26,7 +26,7 @@
"*tfm_storage*"
],
"object_list": [
- "*test_sst_nv_counters.*",
+ "*test_ps_nv_counters.*",
]
}
},
@@ -216,18 +216,18 @@
}
},
{
- "name": "TF-M SST Test Service",
- "short_name": "TFM_SP_SST_TEST",
- "manifest": "test/test_services/tfm_sst_test_service/tfm_sst_test_service.yaml",
+ "name": "TF-M PS Test Service",
+ "short_name": "TFM_SP_PS_TEST",
+ "manifest": "test/test_services/tfm_ps_test_service/tfm_ps_test_service.yaml",
"tfm_extensions": true,
"tfm_partition_ipc": true,
- "conditional": "TFM_PARTITION_TEST_SST",
+ "conditional": "TFM_PARTITION_TEST_PS",
"version_major": 0,
"version_minor": 1,
"pid": 268,
"linker_pattern": {
"object_list": [
- "*tfm_sst_test_service.*"
+ "*tfm_ps_test_service.*"
]
}
},