mbed-SPM updates

TESTS/mbed-crypto/sanity/main.cpp

@@ -438,7 +438,9 @@ utest::v1::status_t case_teardown_handler(const Case *const source, const size_t
 
 utest::v1::status_t test_setup(const size_t number_of_cases)
 {
+#ifndef NO_GREENTEA
     GREENTEA_SETUP(120, "default_auto");
+#endif
     return verbose_test_setup_handler(number_of_cases);
 }
 

TESTS/psa/crypto_access_control/COMPONENT_PSA_SRV_IPC/test_partition_proxy.c

@@ -16,7 +16,7 @@
  */
 
 #include "psa/client.h"
-#include "psa_test_partition_ifs.h"
+#include "psa_manifest/sid.h"
 #include "test_partition_proxy.h"
 
 #define MINOR_VER 1

TESTS/psa/crypto_access_control/COMPONENT_SPE/psa_test_partition_partition.h → TESTS/psa/crypto_access_control/COMPONENT_SPE/psa_crypto_acl_test_partition.h

@@ -23,22 +23,23 @@
  * Generated by tools/spm/generate_partition_code.py Version 1.0
  **********************************************************************************************************************/
 
-#ifndef PSA_TEST_PARTITION_PARTITION_H
-#define PSA_TEST_PARTITION_PARTITION_H
+#ifndef PSA_CRYPTO_ACL_TEST_PARTITION_H
+#define PSA_CRYPTO_ACL_TEST_PARTITION_H
 
-#define TEST_PARTITION_ID 128
+#define CRYPTO_ACL_TEST_ID 128
 
-#define TEST_PARTITION_ROT_SRV_COUNT (9UL)
-#define TEST_PARTITION_EXT_ROT_SRV_COUNT (1UL)
+#define CRYPTO_ACL_TEST_ROT_SRV_COUNT (9UL)
+#define CRYPTO_ACL_TEST_EXT_ROT_SRV_COUNT (1UL)
 
-/* TEST_PARTITION event flags */
-#define TEST_PARTITION_RESERVED1_POS (1UL)
-#define TEST_PARTITION_RESERVED1_MSK (1UL << TEST_PARTITION_RESERVED1_POS)
+/* CRYPTO_ACL_TEST event flags */
+#define CRYPTO_ACL_TEST_RESERVED1_POS (1UL)
+#define CRYPTO_ACL_TEST_RESERVED1_MSK (1UL << CRYPTO_ACL_TEST_RESERVED1_POS)
 
-#define TEST_PARTITION_RESERVED2_POS (2UL)
-#define TEST_PARTITION_RESERVED2_MSK (1UL << TEST_PARTITION_RESERVED2_POS)
+#define CRYPTO_ACL_TEST_RESERVED2_POS (2UL)
+#define CRYPTO_ACL_TEST_RESERVED2_MSK (1UL << CRYPTO_ACL_TEST_RESERVED2_POS)
 
 
+#define CRYPTO_ACL_TEST_WAIT_ANY_IRQ_MSK (0)
 
 #define CRYPTO_CREATE_PERSISTENT_KEY_MSK_POS (4UL)
 #define CRYPTO_CREATE_PERSISTENT_KEY_MSK (1UL << CRYPTO_CREATE_PERSISTENT_KEY_MSK_POS)
@@ -59,7 +60,7 @@
 #define CRYPTO_IMPORT_KEY_MSK_POS (12UL)
 #define CRYPTO_IMPORT_KEY_MSK (1UL << CRYPTO_IMPORT_KEY_MSK_POS)
 
-#define TEST_PARTITION_WAIT_ANY_SID_MSK (\
+#define CRYPTO_ACL_TEST_WAIT_ANY_SID_MSK (\
     CRYPTO_CREATE_PERSISTENT_KEY_MSK | \
     CRYPTO_GENERATE_KEY_MSK | \
     CRYPTO_OPEN_PERSISTENT_KEY_MSK | \
@@ -71,4 +72,4 @@
     CRYPTO_IMPORT_KEY_MSK)
 
 
-#endif // PSA_TEST_PARTITION_PARTITION_H
+#endif // PSA_CRYPTO_ACL_TEST_PARTITION_H

TESTS/psa/crypto_access_control/COMPONENT_SPE/test_partition.c

@@ -16,20 +16,13 @@
  */
 
 #include <stdlib.h>
-#include "psa_test_partition_partition.h"
-#include "psa/service.h"
+#include "psa_crypto_acl_test_partition.h"
 #include "psa/client.h"
+#include "psa/service.h"
 #include "psa/crypto.h"
 
 typedef psa_status_t (*SignalHandler)(psa_msg_t *);
 
-#if defined(TARGET_TFM)
-#define SPM_PANIC(format, ...) \
-{ \
-    while(1){}; \
-}
-#endif
-
 static void read_input_param_from_message(psa_msg_t *msg, uint8_t param_index, void *param_ptr)
 {
     size_t bytes_read = psa_read(msg->handle, param_index, param_ptr, msg->in_size[param_index]);
@@ -207,41 +200,59 @@ void test_partition_main(void)
     psa_signal_t signal;
     psa_msg_t msg = {0};
     while (1) {
-        signal = psa_wait_any(PSA_BLOCK);
+        signal = psa_wait(CRYPTO_ACL_TEST_WAIT_ANY_SID_MSK, PSA_BLOCK);
         if (signal & CRYPTO_CREATE_PERSISTENT_KEY_MSK) {
-            psa_get(CRYPTO_CREATE_PERSISTENT_KEY_MSK, &msg);
+            if (PSA_SUCCESS != psa_get(CRYPTO_CREATE_PERSISTENT_KEY_MSK, &msg)) {
+                continue;
+            }
             message_handler(&msg, crypto_create_persistent_key);
         }
         if (signal & CRYPTO_GENERATE_KEY_MSK) {
-            psa_get(CRYPTO_GENERATE_KEY_MSK, &msg);
+            if (PSA_SUCCESS != psa_get(CRYPTO_GENERATE_KEY_MSK, &msg)) {
+                continue;
+            }
             message_handler(&msg, crypto_generate_key);
         }
         if (signal & CRYPTO_OPEN_PERSISTENT_KEY_MSK) {
-            psa_get(CRYPTO_OPEN_PERSISTENT_KEY_MSK, &msg);
+            if (PSA_SUCCESS != psa_get(CRYPTO_OPEN_PERSISTENT_KEY_MSK, &msg)) {
+                continue;
+            }
             message_handler(&msg, crypto_open_persistent_key);
         }
         if (signal & CRYPTO_CLOSE_KEY_MSK) {
-            psa_get(CRYPTO_CLOSE_KEY_MSK, &msg);
+            if (PSA_SUCCESS != psa_get(CRYPTO_CLOSE_KEY_MSK, &msg)) {
+                continue;
+            }
             message_handler(&msg, crypto_close_key);
         }
         if (signal & CRYPTO_SET_KEY_POLICY_MSK) {
-            psa_get(CRYPTO_SET_KEY_POLICY_MSK, &msg);
+            if (PSA_SUCCESS != psa_get(CRYPTO_SET_KEY_POLICY_MSK, &msg)) {
+                continue;
+            }
             message_handler(&msg, crypto_set_key_policy);
         }
         if (signal & CRYPTO_DESTROY_KEY_MSK) {
-            psa_get(CRYPTO_DESTROY_KEY_MSK, &msg);
+            if (PSA_SUCCESS != psa_get(CRYPTO_DESTROY_KEY_MSK, &msg)) {
+                continue;
+            }
             message_handler(&msg, crypto_destroy_key);
         }
         if (signal & CRYPTO_GET_KEY_INFO_MSK) {
-            psa_get(CRYPTO_GET_KEY_INFO_MSK, &msg);
+            if (PSA_SUCCESS != psa_get(CRYPTO_GET_KEY_INFO_MSK, &msg)) {
+                continue;
+            }
             message_handler(&msg, crypto_get_key_info);
         }
         if (signal & CRYPTO_GET_KEY_POLICY_MSK) {
-            psa_get(CRYPTO_GET_KEY_POLICY_MSK, &msg);
+            if (PSA_SUCCESS != psa_get(CRYPTO_GET_KEY_POLICY_MSK, &msg)) {
+                continue;
+            }
             message_handler(&msg, crypto_get_key_policy);
         }
         if (signal & CRYPTO_IMPORT_KEY_MSK) {
-            psa_get(CRYPTO_IMPORT_KEY_MSK, &msg);
+            if (PSA_SUCCESS != psa_get(CRYPTO_IMPORT_KEY_MSK, &msg)) {
+                continue;
+            }
             message_handler(&msg, crypto_import_key);
         }
     }

TESTS/psa/crypto_access_control/COMPONENT_SPE/TARGET_MBED_SPM/psa_test_partition_partition.c → TESTS/psa/crypto_access_control/TARGET_MBED_SPM/COMPONENT_SPE/psa_crypto_acl_test_partition.c

@@ -28,31 +28,30 @@
 #include "rtx_os.h"
 #include "spm_panic.h"
 #include "spm_internal.h"
-#include "psa_test_partition_partition.h"
-#include "psa_test_partition_ifs.h"
-#include "psa_crypto_srv_ifs.h"
+#include "psa_crypto_acl_test_partition.h"
+#include "psa_manifest/sid.h"
 
 
 /* Threads stacks */
-MBED_ALIGN(8) uint8_t test_partition_thread_stack[512] = {0};
+MBED_ALIGN(8) uint8_t crypto_acl_test_thread_stack[512] = {0};
 
 /* Threads control blocks */
-osRtxThread_t test_partition_thread_cb = {0};
+osRtxThread_t crypto_acl_test_thread_cb = {0};
 
 /* Thread attributes - for thread initialization */
-osThreadAttr_t test_partition_thread_attr = {
-    .name = "test_partition",
+osThreadAttr_t crypto_acl_test_thread_attr = {
+    .name = "crypto_acl_test",
     .attr_bits = 0,
-    .cb_mem = &test_partition_thread_cb,
-    .cb_size = sizeof(test_partition_thread_cb),
-    .stack_mem = test_partition_thread_stack,
+    .cb_mem = &crypto_acl_test_thread_cb,
+    .cb_size = sizeof(crypto_acl_test_thread_cb),
+    .stack_mem = crypto_acl_test_thread_stack,
     .stack_size = 512,
     .priority = osPriorityNormal,
     .tz_module = 0,
     .reserved = 0
 };
 
-spm_rot_service_t test_partition_rot_services[TEST_PARTITION_ROT_SRV_COUNT] = {
+spm_rot_service_t crypto_acl_test_rot_services[CRYPTO_ACL_TEST_ROT_SRV_COUNT] = {
     {
         .sid = CRYPTO_CREATE_PERSISTENT_KEY,
         .mask = CRYPTO_CREATE_PERSISTENT_KEY_MSK,
@@ -163,41 +162,41 @@ spm_rot_service_t test_partition_rot_services[TEST_PARTITION_ROT_SRV_COUNT] = {
     },
 };
 
-/* External SIDs used by TEST_PARTITION */
-const uint32_t test_partition_external_sids[1] = {
+/* External SIDs used by CRYPTO_ACL_TEST */
+const uint32_t crypto_acl_test_external_sids[1] = {
     PSA_KEY_MNG_ID,
 };
 
-static osRtxMutex_t test_partition_mutex = {0};
-static const osMutexAttr_t test_partition_mutex_attr = {
-    .name = "test_partition_mutex",
+static osRtxMutex_t crypto_acl_test_mutex = {0};
+static const osMutexAttr_t crypto_acl_test_mutex_attr = {
+    .name = "crypto_acl_test_mutex",
     .attr_bits = osMutexRecursive | osMutexPrioInherit | osMutexRobust,
-    .cb_mem = &test_partition_mutex,
-    .cb_size = sizeof(test_partition_mutex),
+    .cb_mem = &crypto_acl_test_mutex,
+    .cb_size = sizeof(crypto_acl_test_mutex),
 };
 
 
 extern void test_partition_main(void *ptr);
 
-void test_partition_init(spm_partition_t *partition)
+void crypto_acl_test_init(spm_partition_t *partition)
 {
     if (NULL == partition) {
         SPM_PANIC("partition is NULL!\n");
     }
 
-    partition->mutex = osMutexNew(&test_partition_mutex_attr);
+    partition->mutex = osMutexNew(&crypto_acl_test_mutex_attr);
     if (NULL == partition->mutex) {
-        SPM_PANIC("Failed to create mutex for secure partition test_partition!\n");
+        SPM_PANIC("Failed to create mutex for secure partition crypto_acl_test!\n");
     }
 
-    for (uint32_t i = 0; i < TEST_PARTITION_ROT_SRV_COUNT; ++i) {
-        test_partition_rot_services[i].partition = partition;
+    for (uint32_t i = 0; i < CRYPTO_ACL_TEST_ROT_SRV_COUNT; ++i) {
+        crypto_acl_test_rot_services[i].partition = partition;
     }
-    partition->rot_services = test_partition_rot_services;
+    partition->rot_services = crypto_acl_test_rot_services;
 
-    partition->thread_id = osThreadNew(test_partition_main, NULL, &test_partition_thread_attr);
+    partition->thread_id = osThreadNew(test_partition_main, NULL, &crypto_acl_test_thread_attr);
     if (NULL == partition->thread_id) {
-        SPM_PANIC("Failed to create start main thread of partition test_partition!\n");
+        SPM_PANIC("Failed to create start main thread of partition crypto_acl_test!\n");
     }
 }
 

TESTS/psa/crypto_access_control/COMPONENT_SPE/psa_setup.c → TESTS/psa/crypto_access_control/TARGET_MBED_SPM/COMPONENT_SPE/psa_setup.c

@@ -27,34 +27,22 @@
 #include "spm_internal.h"
 #include "handles_manager.h"
 #include "cmsis.h"
-#include "psa_test_partition_partition.h"
 #include "psa_attest_srv_partition.h"
 #include "psa_crypto_srv_partition.h"
 #include "psa_platform_partition.h"
 #include "psa_its_partition.h"
+#include "psa_crypto_acl_test_partition.h"
 
-extern const uint32_t test_partition_external_sids[1];
 extern const uint32_t attest_srv_external_sids[7];
 extern const uint32_t crypto_srv_external_sids[4];
 extern const uint32_t platform_external_sids[1];
+extern const uint32_t crypto_acl_test_external_sids[1];
 
 spm_partition_t g_partitions[5] = {
-    {
-        .partition_id = TEST_PARTITION_ID,
-        .thread_id = 0,
-        .flags_rot_srv = TEST_PARTITION_WAIT_ANY_SID_MSK,
-        .flags_interrupts = 0,
-        .rot_services = NULL,
-        .rot_services_count = TEST_PARTITION_ROT_SRV_COUNT,
-        .extern_sids = test_partition_external_sids,
-        .extern_sids_count = TEST_PARTITION_EXT_ROT_SRV_COUNT,
-        .irq_mapper = NULL,
-    },
     {
         .partition_id = ATTEST_SRV_ID,
         .thread_id = 0,
-        .flags_rot_srv = ATTEST_SRV_WAIT_ANY_SID_MSK,
-        .flags_interrupts = 0,
+        .flags = ATTEST_SRV_WAIT_ANY_SID_MSK | ATTEST_SRV_WAIT_ANY_IRQ_MSK,
         .rot_services = NULL,
         .rot_services_count = ATTEST_SRV_ROT_SRV_COUNT,
         .extern_sids = attest_srv_external_sids,
@@ -64,8 +52,7 @@ spm_partition_t g_partitions[5] = {
     {
         .partition_id = CRYPTO_SRV_ID,
         .thread_id = 0,
-        .flags_rot_srv = CRYPTO_SRV_WAIT_ANY_SID_MSK,
-        .flags_interrupts = 0,
+        .flags = CRYPTO_SRV_WAIT_ANY_SID_MSK | CRYPTO_SRV_WAIT_ANY_IRQ_MSK,
         .rot_services = NULL,
         .rot_services_count = CRYPTO_SRV_ROT_SRV_COUNT,
         .extern_sids = crypto_srv_external_sids,
@@ -75,8 +62,7 @@ spm_partition_t g_partitions[5] = {
     {
         .partition_id = PLATFORM_ID,
         .thread_id = 0,
-        .flags_rot_srv = PLATFORM_WAIT_ANY_SID_MSK,
-        .flags_interrupts = 0,
+        .flags = PLATFORM_WAIT_ANY_SID_MSK | PLATFORM_WAIT_ANY_IRQ_MSK,
         .rot_services = NULL,
         .rot_services_count = PLATFORM_ROT_SRV_COUNT,
         .extern_sids = platform_external_sids,
@@ -86,14 +72,23 @@ spm_partition_t g_partitions[5] = {
     {
         .partition_id = ITS_ID,
         .thread_id = 0,
-        .flags_rot_srv = ITS_WAIT_ANY_SID_MSK,
-        .flags_interrupts = 0,
+        .flags = ITS_WAIT_ANY_SID_MSK | ITS_WAIT_ANY_IRQ_MSK,
         .rot_services = NULL,
         .rot_services_count = ITS_ROT_SRV_COUNT,
         .extern_sids = NULL,
         .extern_sids_count = ITS_EXT_ROT_SRV_COUNT,
         .irq_mapper = NULL,
     },
+    {
+        .partition_id = CRYPTO_ACL_TEST_ID,
+        .thread_id = 0,
+        .flags = CRYPTO_ACL_TEST_WAIT_ANY_SID_MSK | CRYPTO_ACL_TEST_WAIT_ANY_IRQ_MSK,
+        .rot_services = NULL,
+        .rot_services_count = CRYPTO_ACL_TEST_ROT_SRV_COUNT,
+        .extern_sids = crypto_acl_test_external_sids,
+        .extern_sids_count = CRYPTO_ACL_TEST_EXT_ROT_SRV_COUNT,
+        .irq_mapper = NULL,
+    },
 };
 
 /* Check all the defined memory regions for overlapping. */
@@ -104,23 +99,23 @@ const mem_region_t *mem_regions = NULL;
 const uint32_t mem_region_count = 0;
 
 // forward declaration of partition initializers
-void test_partition_init(spm_partition_t *partition);
 void attest_srv_init(spm_partition_t *partition);
 void crypto_srv_init(spm_partition_t *partition);
 void platform_init(spm_partition_t *partition);
 void its_init(spm_partition_t *partition);
+void crypto_acl_test_init(spm_partition_t *partition);
 
 uint32_t init_partitions(spm_partition_t **partitions)
 {
     if (NULL == partitions) {
         SPM_PANIC("partitions is NULL!\n");
     }
 
-    test_partition_init(&(g_partitions[0]));
-    attest_srv_init(&(g_partitions[1]));
-    crypto_srv_init(&(g_partitions[2]));
-    platform_init(&(g_partitions[3]));
-    its_init(&(g_partitions[4]));
+    attest_srv_init(&(g_partitions[0]));
+    crypto_srv_init(&(g_partitions[1]));
+    platform_init(&(g_partitions[2]));
+    its_init(&(g_partitions[3]));
+    crypto_acl_test_init(&(g_partitions[4]));
 
     *partitions = g_partitions;
     return 5;

TESTS/psa/crypto_access_control/crypto_acl_test_partition_psa.json → TESTS/psa/crypto_access_control/crypto_acl_tests_partition_psa.json

@@ -1,5 +1,5 @@
 {
-  "name": "TEST_PARTITION",
+  "name": "CRYPTO_ACL_TEST",
   "type": "APPLICATION-ROT",
   "priority": "NORMAL",
   "id": "0x00000080",

TESTS/psa/crypto_access_control/psa_test_partition_ifs.h → TESTS/psa/crypto_access_control/psa_crypto_acl_test_ifs.h

@@ -23,8 +23,8 @@
  * Generated by tools/spm/generate_partition_code.py Version 1.0
  **********************************************************************************************************************/
 
-#ifndef PSA_TEST_PARTITION_PARTITION_ROT_SERVICES_H
-#define PSA_TEST_PARTITION_PARTITION_ROT_SERVICES_H
+#ifndef PSA_CRYPTO_ACL_TEST_PARTITION_ROT_SERVICES_H
+#define PSA_CRYPTO_ACL_TEST_PARTITION_ROT_SERVICES_H
 
 #define CRYPTO_CREATE_PERSISTENT_KEY 0x00000200
 #define CRYPTO_GENERATE_KEY 0x00000201
@@ -36,4 +36,4 @@
 #define CRYPTO_GET_KEY_POLICY 0x00000207
 #define CRYPTO_IMPORT_KEY 0x00000208
 
-#endif // PSA_TEST_PARTITION_PARTITION_ROT_SERVICES_H
+#endif // PSA_CRYPTO_ACL_TEST_PARTITION_ROT_SERVICES_H