psa arch test v1.2 release commits
diff --git a/secure-debug/val/include/pal_interfaces.h b/secure-debug/val/include/pal_interfaces.h
new file mode 100644
index 0000000..9f7390f
--- /dev/null
+++ b/secure-debug/val/include/pal_interfaces.h
@@ -0,0 +1,93 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _PAL_INTERFACES_H_
+#define _PAL_INTERFACES_H_
+
+#include <stdarg.h>
+#include <psa_adac.h>
+
+/**
+ * @brief - This function parses the input string and writes bytes into logger TX FIFO
+ * @param - str : Input String
+ * - data : Value for format specifier
+ * @return - SUCCESS/FAILURE
+**/
+
+int pal_print(const char *str, int32_t data);
+
+/**
+ * @brief - Terminates the simulation at the end of all tests completion.
+ * By default, it put cpus into power down mode.
+ * @param - void
+ * @return - void
+**/
+void pal_terminate_simulation(void);
+
+/**
+ * @brief - Resets the system.
+ * @param - void
+ * @return - SUCCESS/FAILURE
+**/
+int pal_system_reset(void);
+
+request_packet_t *request_packet_lock(size_t *max_data_size);
+
+/**
+ * @brief - Reserve the communication buffer memory for receive packet.
+ * @param - max_data_size Valid size of command frame
+ * @return - Pointer to the command frame to be read
+**/
+response_packet_t *response_packet_lock(size_t *max_data_size);
+
+/**
+ * @brief - Release the lock held by transmit packet.
+ * @param - packet Most recent command frame sent
+ * @return - SUCCESS/FAILURE
+**/
+int request_packet_release(request_packet_t *packet);
+
+/**
+ * @brief - Release the lock held by receive packet.
+ * @param - packet Most recent response packet received
+ * @return - SUCCESS/FAILURE
+**/
+int response_packet_release(response_packet_t *packet);
+
+/**
+ * @brief - Construct the Request packet for the specified ADAC command.
+ * @param - command ADAC command
+ * data Pointer to payload
+ * data_size Size of the command payload
+ * @return - Pointer to the command frame to be written
+**/
+request_packet_t *request_packet_build(uint16_t command, uint8_t *data, size_t data_size);
+
+/**
+ * @brief - Write the Request packet into the communication buffer for transmit.
+ * @param - packet Request packet built for dispatch
+ * @return - SUCCESS/FAILURE
+**/
+int request_packet_send(request_packet_t *packet);
+
+/**
+ * @brief - Read the Response packet from the communication buffer.
+ * @param - None
+ * @return - Response packet received from target.
+**/
+response_packet_t *response_packet_receive();
+
+#endif
diff --git a/secure-debug/val/include/val.h b/secure-debug/val/include/val.h
new file mode 100644
index 0000000..8ac9a98
--- /dev/null
+++ b/secure-debug/val/include/val.h
@@ -0,0 +1,332 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _VAL_COMMON_H_
+#define _VAL_COMMON_H_
+
+#include <string.h>
+#include <stdint.h>
+#include <stdlib.h>
+#include <limits.h>
+#include <stdarg.h>
+
+typedef uint8_t bool_t;
+typedef uintptr_t addr_t;
+typedef uint32_t test_id_t;
+typedef uint32_t block_id_t;
+typedef char char8_t;
+typedef uint32_t cfg_id_t;
+
+/* Print verbosity = TEST */
+#ifndef VERBOSE
+#define VERBOSE 9
+#endif
+
+#ifndef VAL_NSPE_BUILD
+#define STATIC_DECLARE static
+#else
+#define STATIC_DECLARE
+#endif
+
+#ifndef __WEAK
+#define __WEAK __attribute__((weak))
+#endif
+
+#ifndef __UNUSED
+#define __UNUSED __attribute__((unused))
+#endif
+
+#ifndef TRUE
+#define TRUE 0
+#endif
+#ifndef FALSE
+#define FALSE 1
+#endif
+
+#define _CONCAT(A, B) A##B
+#define CONCAT(A, B) _CONCAT(A, B)
+
+/* test status defines */
+#define TEST_START 0x01
+#define TEST_END 0x02
+#define TEST_PASS 0x04
+#define TEST_FAIL 0x08
+#define TEST_SKIP 0x10
+#define TEST_PENDING 0x20
+
+#define TEST_NUM_BIT 32
+#define TEST_STATE_BIT 8
+#define TEST_STATUS_BIT 0
+
+#define TEST_NUM_MASK 0xFFFFFFFF
+#define TEST_STATE_MASK 0xFF
+#define TEST_STATUS_MASK 0xFF
+
+#define RESULT_START(status) (((TEST_START) << TEST_STATE_BIT) | ((status) << TEST_STATUS_BIT))
+#define RESULT_END(status) (((TEST_END) << TEST_STATE_BIT) | ((status) << TEST_STATUS_BIT))
+#define RESULT_PASS(status) (((TEST_PASS) << TEST_STATE_BIT) | ((status) << TEST_STATUS_BIT))
+#define RESULT_FAIL(status) (((TEST_FAIL) << TEST_STATE_BIT) | ((status) << TEST_STATUS_BIT))
+#define RESULT_SKIP(status) (((TEST_SKIP) << TEST_STATE_BIT) | ((status) << TEST_STATUS_BIT))
+#define RESULT_PENDING(status) (((TEST_PENDING) << TEST_STATE_BIT) | ((status) << TEST_STATUS_BIT))
+
+#define IS_TEST_FAIL(status) (((status >> TEST_STATE_BIT) & TEST_STATE_MASK) == TEST_FAIL)
+#define IS_TEST_PASS(status) (((status >> TEST_STATE_BIT) & TEST_STATE_MASK) == TEST_PASS)
+#define IS_TEST_SKIP(status) (((status >> TEST_STATE_BIT) & TEST_STATE_MASK) == TEST_SKIP)
+#define IS_TEST_PENDING(status) (((status >> TEST_STATE_BIT) & TEST_STATE_MASK) == TEST_PENDING)
+#define IS_TEST_START(status) (((status >> TEST_STATE_BIT) & TEST_STATE_MASK) == TEST_START)
+#define IS_TEST_END(status) (((status >> TEST_STATE_BIT) & TEST_STATE_MASK) == TEST_END)
+#define VAL_ERROR(status) ((status & TEST_STATUS_MASK) ? 1 : 0)
+
+
+
+/* Test Defines */
+#define TEST_PUBLISH(test_id, entry) \
+ const val_test_info_t __attribute__((section(".acs_test_info"))) \
+ CONCAT(acs_test_info, entry) = {test_id, entry}
+
+#define VAL_MAX_TEST_PER_COMP 200
+#define VAL_SECURE_DEBUG_BASE 4
+
+
+#define VAL_GET_COMP_NUM(test_id) \
+ ((test_id - (test_id % VAL_MAX_TEST_PER_COMP)) / VAL_MAX_TEST_PER_COMP)
+#define VAL_GET_TEST_NUM(test_id) (test_id % VAL_MAX_TEST_PER_COMP)
+#define VAL_CREATE_TEST_ID(comp, num) ((comp*VAL_MAX_TEST_PER_COMP) + num)
+
+#define TEST_FIELD(num1, num2) (num2 << 8 | num1)
+#define GET_TEST_ISOLATION_LEVEL(num) (num & 0x3)
+#define GET_WD_TIMOUT_TYPE(num) ((num >> 8) & 0x7)
+
+#define TEST_CHECKPOINT_NUM(n) n
+#define TEST(n) n
+#define BLOCK(n) n
+
+#define BLOCK_NUM_POS 8
+#define ACTION_POS 16
+#define GET_TEST_NUM(n) (0xff & n)
+#define GET_BLOCK_NUM(n) ((n >> BLOCK_NUM_POS) & 0xff)
+
+#define GET_ACTION_NUM(n) ((n >> ACTION_POS) & 0xff)
+#define TEST_EXECUTE_FUNC 1
+#define TEST_RETURN_RESULT 2
+#define INVALID_HANDLE 0x1234DEAD
+
+#define VAL_NVMEM_BLOCK_SIZE 4
+#define VAL_NVMEM_OFFSET(nvmem_idx) (nvmem_idx * VAL_NVMEM_BLOCK_SIZE)
+
+#define UART_INIT_SIGN 0xff
+#define UART_PRINT_SIGN 0xfe
+
+#define TEST_PANIC() \
+ do { \
+ } while (1)
+
+#define TEST_ASSERT_EQUAL(arg1, arg2, checkpoint) \
+ do { \
+ if ((arg1) != arg2) \
+ { \
+ val->print(PRINT_ERROR, "\tFailed at Checkpoint: %d\n", checkpoint); \
+ val->print(PRINT_ERROR, "\tActual: %d\n", arg1); \
+ val->print(PRINT_ERROR, "\tExpected: %d\n", arg2); \
+ return 1; \
+ } \
+ } while (0)
+
+#define TEST_ASSERT_DUAL(arg1, status1, status2, checkpoint) \
+ do { \
+ if ((arg1) != status1 && (arg1) != status2) \
+ { \
+ val->print(PRINT_ERROR, "\tFailed at Checkpoint: %d\n", checkpoint); \
+ val->print(PRINT_ERROR, "\tActual: %d\n", arg1); \
+ val->print(PRINT_ERROR, "\tExpected: %d", status1); \
+ val->print(PRINT_ERROR, "or %d\n", status2); \
+ return 1; \
+ } \
+ } while (0)
+
+#define TEST_ASSERT_NOT_EQUAL(arg1, arg2, checkpoint) \
+ do { \
+ if ((arg1) == arg2) \
+ { \
+ val->print(PRINT_ERROR, "\tFailed at Checkpoint: %d\n", checkpoint); \
+ val->print(PRINT_ERROR, "\tValue: %d\n", arg1); \
+ return 1; \
+ } \
+ } while (0)
+
+#define TEST_ASSERT_MEMCMP(buf1, buf2, size, checkpoint) \
+ do { \
+ if (memcmp(buf1, buf2, size)) \
+ { \
+ val->print(PRINT_ERROR, "\tFailed at Checkpoint: %d : ", checkpoint); \
+ val->print(PRINT_ERROR, "Unequal data in compared buffers\n", 0); \
+ return 1; \
+ } \
+ } while (0)
+
+#define TEST_ASSERT_RANGE(arg1, range1, range2, checkpoint) \
+ do { \
+ if ((arg1) < range1 || (arg1) > range2) \
+ { \
+ val->print(PRINT_ERROR, "\tFailed at Checkpoint: %d\n", checkpoint); \
+ val->print(PRINT_ERROR, "\tActual: %d\n", arg1); \
+ val->print(PRINT_ERROR, "\tExpected range: %d to ", range1); \
+ val->print(PRINT_ERROR, "%d", range2); \
+ return 1; \
+ } \
+ } while (0)
+
+/* enums */
+typedef enum {
+ CALLER_NONSECURE = 0x0,
+ CALLER_SECURE = 0x1,
+} caller_security_t;
+
+typedef enum {
+ TEST_ISOLATION_L1 = 0x1,
+ TEST_ISOLATION_L2 = 0x2,
+ TEST_ISOLATION_L3 = 0x3,
+} test_isolation_level_t;
+
+typedef enum {
+ LEVEL1 = 0x1,
+ LEVEL2,
+ LEVEL3,
+} isolation_level_t;
+
+typedef enum {
+ /* VAL uses this boot flag to mark first time boot of the system */
+ BOOT_UNKNOWN = 0x1,
+ /* VAL/Test uses this boot flag to catch any unwanted system reboot - SIM ERROR Cases*/
+ BOOT_NOT_EXPECTED = 0x2,
+ /* Test performs panic check for non-secure test run and expect reboot */
+ BOOT_EXPECTED_NS = 0x3,
+ /* Test performs panic check for secure test run and expect reboot */
+ BOOT_EXPECTED_S = 0x4,
+ /* Test expects reboot but it didn't happen */
+ BOOT_EXPECTED_BUT_FAILED = 0x5,
+ /* Test expects reboot for secure/non-secure test run. If reboot happens,
+ * re-enter the same test and execute the next check function
+ */
+ BOOT_EXPECTED_REENTER_TEST = 0x6,
+ /* Test expect reboot for the test run. If reboot happens,
+ * re-enter the same test and continue executing the same check function
+ */
+ BOOT_EXPECTED_CONT_TEST_EXEC = 0x7,
+} boot_state_t;
+
+typedef enum {
+ NV_BOOT = 0x0,
+ NV_TEST_ID_PREVIOUS = 0x1,
+ NV_TEST_ID_CURRENT = 0x2,
+ NV_TEST_CNT = 0x3,
+ NV_TEST_DATA1 = 0x4,
+ NV_TEST_DATA2 = 0x5,
+ NV_TEST_DATA3 = 0x6,
+} nvmem_index_t;
+
+/* enums to report test sub-state */
+typedef enum {
+ VAL_STATUS_SUCCESS = 0x0,
+ VAL_STATUS_INVALID = 0x10,
+ VAL_STATUS_ERROR = 0x11,
+ VAL_STATUS_NOT_FOUND = 0x12,
+ VAL_STATUS_LOAD_ERROR = 0x13,
+ VAL_STATUS_INSUFFICIENT_SIZE = 0x14,
+ VAL_STATUS_CONNECTION_FAILED = 0x15,
+ VAL_STATUS_CALL_FAILED = 0x16,
+ VAL_STATUS_READ_FAILED = 0x17,
+ VAL_STATUS_WRITE_FAILED = 0x18,
+ VAL_STATUS_ISOLATION_LEVEL_NOT_SUPP = 0x19,
+ VAL_STATUS_INIT_FAILED = 0x1A,
+ VAL_STATUS_SPM_FAILED = 0x1B,
+ VAL_STATUS_SPM_UNEXPECTED_BEH = 0x1C,
+ VAL_STATUS_FRAMEWORK_VERSION_FAILED = 0x1D,
+ VAL_STATUS_VERSION_API_FAILED = 0x1E,
+ VAL_STATUS_INVALID_HANDLE = 0x1F,
+ VAL_STATUS_INVALID_MSG_TYPE = 0x20,
+ VAL_STATUS_WRONG_IDENTITY = 0x21,
+ VAL_STATUS_MSG_INSIZE_FAILED = 0x22,
+ VAL_STATUS_MSG_OUTSIZE_FAILED = 0x23,
+ VAL_STATUS_SKIP_FAILED = 0x24,
+ VAL_STATUS_CRYPTO_FAILURE = 0x25,
+ VAL_STATUS_INVALID_SIZE = 0x26,
+ VAL_STATUS_DATA_MISMATCH = 0x27,
+ VAL_STATUS_BOOT_EXPECTED_BUT_FAILED = 0x28,
+ VAL_STATUS_INIT_ALREADY_DONE = 0x29,
+ VAL_STATUS_HEAP_NOT_AVAILABLE = 0x2A,
+ VAL_STATUS_UNSUPPORTED = 0x2B,
+ VAL_STATUS_DRIVER_FN_FAILED = 0x2C,
+ VAL_STATUS_NO_TESTS = 0X2D,
+ VAL_STATUS_TEST_FAILED = 0x2E,
+ VAL_STATUS_ERROR_MAX = INT_MAX,
+} val_status_t;
+
+/* verbosity enums */
+typedef enum {
+ PRINT_INFO = 1,
+ PRINT_DEBUG = 2,
+ PRINT_TEST = 3,
+ PRINT_WARN = 4,
+ PRINT_ERROR = 5,
+ PRINT_ALWAYS = 9
+} print_verbosity_t;
+
+/* Driver test function id enums */
+typedef enum {
+ TEST_PSA_EOI_WITH_NON_INTR_SIGNAL = 1,
+ TEST_PSA_EOI_WITH_MULTIPLE_SIGNALS = 2,
+ TEST_PSA_EOI_WITH_UNASSERTED_SIGNAL = 3,
+ TEST_INTR_SERVICE = 4,
+ TEST_ISOLATION_PSA_ROT_DATA_RD = 5,
+ TEST_ISOLATION_PSA_ROT_DATA_WR = 6,
+ TEST_ISOLATION_PSA_ROT_STACK_RD = 7,
+ TEST_ISOLATION_PSA_ROT_STACK_WR = 8,
+ TEST_ISOLATION_PSA_ROT_HEAP_RD = 9,
+ TEST_ISOLATION_PSA_ROT_HEAP_WR = 10,
+ TEST_ISOLATION_PSA_ROT_MMIO_RD = 11,
+ TEST_ISOLATION_PSA_ROT_MMIO_WR = 12,
+} driver_test_fn_id_t;
+
+/* typedef's */
+typedef struct {
+ boot_state_t state;
+} boot_t;
+
+typedef struct {
+ uint32_t pass_cnt:8;
+ uint32_t skip_cnt:8;
+ uint32_t fail_cnt:8;
+ uint32_t sim_error_cnt:8;
+} test_count_t;
+
+typedef struct {
+ uint16_t test_num;
+ uint8_t block_num;
+} test_info_t;
+
+
+/* struture to capture test state */
+typedef struct {
+ uint16_t reserved;
+ uint8_t state;
+ uint8_t status;
+} test_status_buffer_t;
+
+typedef int32_t (*client_test_t)(caller_security_t caller);
+typedef int32_t (*server_test_t)(void);
+#endif /* VAL_COMMON_H */
diff --git a/secure-debug/val/include/val_adac.h b/secure-debug/val/include/val_adac.h
new file mode 100644
index 0000000..6086df9
--- /dev/null
+++ b/secure-debug/val/include/val_adac.h
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _VAL_ADAC_H_
+#define _VAL_ADAC_H_
+#include <psa_adac.h>
+
+/** \brief Token header
+ *
+ */
+typedef struct {
+ uint16_t type;
+ uint8_t *data;
+ size_t size;
+} adac_command_frame_t;
+
+void val_adac_host_init(void);
+psa_status_t val_load_certificate_chain(const char *chain_file, uint8_t **chain,
+ size_t *chain_size);
+psa_status_t val_infer_cryptosystem(uint32_t *chain, size_t chain_size, psa_tlv_t **extns_list,
+ size_t *extns_count, uint8_t *key_system);
+psa_status_t val_get_private_key(const char *key_file, uint8_t *type, psa_key_handle_t *handle,
+ uint8_t **key_ptr, size_t *size);
+request_packet_t *val_construct_command(uint16_t command, uint8_t *data, size_t data_size);
+psa_status_t val_issue_command(uint32_t command, request_packet_t *packet,
+ uint8_t *data, size_t data_size);
+response_packet_t *val_await_response(void);
+psa_status_t val_parse_response(uint32_t command, response_packet_t *packet);
+
+psa_status_t val_sign_token(uint8_t challenge[], size_t challenge_size, uint8_t signature_type,
+ uint8_t exts[], size_t exts_size, uint8_t *fragment[],
+ size_t *fragment_size, psa_key_handle_t handle,
+ uint8_t *key, size_t key_size);
+psa_status_t val_send_certificate(psa_tlv_t **extns_list, size_t extns_count);
+int val_check_cryptosystem_support(response_packet_t *packet, uint8_t key_system);
+
+#endif /* _VAL_ADAC_H_ */
diff --git a/secure-debug/val/include/val_dispatcher.h b/secure-debug/val/include/val_dispatcher.h
new file mode 100644
index 0000000..1419387
--- /dev/null
+++ b/secure-debug/val/include/val_dispatcher.h
@@ -0,0 +1,70 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _VAL_DISPATCHER_H_
+#define _VAL_DISPATCHER_H_
+
+#include "val.h"
+
+#define ELF_IDENT 16
+#define VAL_INVALID_TEST_ID 0xffffffff
+#define VAL_TEST_START_MARKER 0xfaceface
+#define VAL_TEST_END_MARKER 0xc3c3c3c3
+
+/* typedef's */
+typedef uint32_t elf32_word;
+typedef int32_t elf32_sword;
+typedef uint16_t elf32_half;
+typedef uint32_t elf32_off;
+typedef uint32_t elf32_addr;
+
+typedef struct {
+ unsigned char e_ident[ELF_IDENT]; /* ident bytes */
+ elf32_half e_type; /* file type */
+ elf32_half e_machine; /* target machine */
+ elf32_word e_version; /* file version */
+ elf32_addr e_entry; /* start address */
+ elf32_off e_phoff; /* phdr file offset */
+ elf32_off e_shoff; /* shdr file offset */
+ elf32_word e_flags; /* file flags */
+ elf32_half e_ehsize; /* sizeof ehdr */
+ elf32_half e_phentsize; /* sizeof phdr */
+ elf32_half e_phnum; /* number phdrs */
+ elf32_half e_shentsize; /* sizeof shdr */
+ elf32_half e_shnum; /* number shdrs */
+ elf32_half e_shstrndx; /* shdr string index */
+} elf_header_t;
+
+typedef struct {
+ elf32_word p_type; /* Segment type */
+ elf32_off p_offset; /* Segment file offset */
+ elf32_addr p_vaddr; /* Segment virtual address */
+ elf32_addr p_paddr; /* Segment physical address */
+ elf32_word p_filesz; /* Segment size in file */
+ elf32_word p_memsz; /* Segment size in memory */
+ elf32_word p_flags; /* Segment flags */
+ elf32_word p_align; /* Segment alignment */
+} elf_pheader_t;
+
+typedef struct {
+ uint32_t start_marker;
+ test_id_t test_id;
+ uint32_t elf_size;
+} test_header_t;
+
+int32_t val_dispatcher(test_id_t test_id_prev);
+#endif
diff --git a/secure-debug/val/include/val_entry.h b/secure-debug/val/include/val_entry.h
new file mode 100644
index 0000000..f4d173f
--- /dev/null
+++ b/secure-debug/val/include/val_entry.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _VAL_ENTRY_H_
+#define _VAL_ENTRY_H_
+
+#include "val_framework.h"
+
+#define PSA_ACS_MAJOR_VER 1
+#define PSA_ACS_MINOR_VER 2
+
+/**
+ @brief - PSA Test Suite C main function, does VAL init and calls test dispatcher
+ @param - None
+ @return - int32_t
+**/
+extern int32_t val_entry(void);
+#endif
diff --git a/secure-debug/val/include/val_framework.h b/secure-debug/val/include/val_framework.h
new file mode 100644
index 0000000..5d53cbb
--- /dev/null
+++ b/secure-debug/val/include/val_framework.h
@@ -0,0 +1,33 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#ifndef _VAL_INFRA_H_
+#define _VAL_INFRA_H_
+
+#include "val.h"
+#include "val_interfaces.h"
+
+/* prototypes */
+uint32_t val_report_status(void);
+val_status_t val_set_status(uint32_t status);
+uint32_t val_get_status(void);
+val_status_t val_err_check_set(uint32_t checkpoint, val_status_t status);
+void val_test_init(uint32_t test_num, char8_t *desc);
+void val_test_exit(void);
+
+#endif
diff --git a/secure-debug/val/include/val_interfaces.h b/secure-debug/val/include/val_interfaces.h
new file mode 100644
index 0000000..eca9a63
--- /dev/null
+++ b/secure-debug/val/include/val_interfaces.h
@@ -0,0 +1,79 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _VAL_INTERFACES_H_
+#define _VAL_INTERFACES_H_
+
+#include "val.h"
+#include "pal_interfaces.h"
+
+/* typedef's */
+typedef struct {
+ val_status_t (*print) (print_verbosity_t verbosity,
+ const char *string, int32_t data);
+ val_status_t (*set_status) (uint32_t status);
+ uint32_t (*get_status) (void);
+ void (*test_init) (uint32_t test_num, char8_t *desc);
+ void (*test_exit) (void);
+ val_status_t (*err_check_set) (uint32_t checkpoint, val_status_t status);
+} val_api_t;
+
+typedef void (*test_fptr_t)(val_api_t *val);
+
+typedef struct {
+ test_id_t test_id;
+ test_fptr_t entry_addr;
+} val_test_info_t;
+
+typedef enum {
+ VAL_TEST_IDX0 = 0x0,
+ VAL_TEST_IDX1 = 0x1,
+ VAL_TEST_IDX2 = 0x2,
+ VAL_TEST_IDX3 = 0x3,
+ VAL_TEST_IDX4 = 0x4,
+ VAL_TEST_IDX5 = 0x5,
+ VAL_TEST_IDX6 = 0x6,
+ VAL_TEST_IDX7 = 0x7,
+ VAL_TEST_IDX8 = 0x8,
+ VAL_TEST_IDX9 = 0x9,
+ VAL_TEST_IDX10 = 0xA,
+ VAL_TEST_IDX11 = 0xB,
+ VAL_TEST_IDX12 = 0xC,
+ VAL_TEST_IDX13 = 0xD,
+ VAL_TEST_IDX14 = 0xE,
+ VAL_TEST_IDX15 = 0xF,
+ VAL_TEST_IDX16 = 0x10,
+ VAL_TEST_IDX17 = 0x11,
+ VAL_TEST_IDX18 = 0x12,
+ VAL_TEST_IDX19 = 0x13,
+ VAL_TEST_IDX20 = 0x14,
+ VAL_TEST_IDX21 = 0x15,
+ VAL_TEST_IDX22 = 0x16,
+ VAL_TEST_IDX23 = 0x17,
+ VAL_TEST_IDX24 = 0x18,
+ VAL_TEST_IDX25 = 0x19,
+ VAL_TEST_IDX26 = 0x1A,
+ VAL_TEST_IDX27 = 0x1B,
+ VAL_TEST_IDX28 = 0x1C,
+ VAL_TEST_IDX29 = 0x1D,
+ VAL_TEST_IDX30 = 0x1E,
+} val_test_index_t;
+
+#include "test_entry_fn_declare_list.inc"
+
+void test_entry(val_api_t *val);
+#endif
diff --git a/secure-debug/val/include/val_peripherals.h b/secure-debug/val/include/val_peripherals.h
new file mode 100644
index 0000000..d5fa4e9
--- /dev/null
+++ b/secure-debug/val/include/val_peripherals.h
@@ -0,0 +1,26 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _VAL_PERIPHERALS_H_
+#define _VAL_PERIPHERALS_H_
+
+#include "val.h"
+
+val_status_t val_logger_init(void);
+val_status_t val_print(print_verbosity_t verbosity, const char *string, int32_t data);
+
+#endif
diff --git a/secure-debug/val/src/val_adac.c b/secure-debug/val/src/val_adac.c
new file mode 100644
index 0000000..53f02d1
--- /dev/null
+++ b/secure-debug/val/src/val_adac.c
@@ -0,0 +1,332 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include <val_adac.h>
+#include <psa_adac_cryptosystems.h>
+#include <psa_adac_sdm.h>
+#include <psa_adac_debug.h>
+#include <pal_interfaces.h>
+
+void val_adac_host_init(void)
+{
+ psa_adac_platform_init();
+ psa_crypto_init();
+}
+
+psa_status_t val_load_certificate_chain(const char *chain_file, uint8_t **chain, size_t *chain_size)
+{
+ int ret_val;
+ psa_status_t r = PSA_SUCCESS;
+
+ if (chain_file == NULL) {
+ printf("Error:Path not found\n");
+ r = PSA_ERROR_INVALID_ARGUMENT;
+ return r;
+ }
+ ret_val = load_trust_chain(chain_file, chain, chain_size);
+ if (ret_val != 0) {
+ printf("Error loading trust chain (%s)\n", chain_file);
+ r = PSA_ERROR_GENERIC_ERROR;
+ }
+ return r;
+}
+
+psa_status_t val_infer_cryptosystem(uint32_t *chain, size_t chain_size, psa_tlv_t **extns_list,
+ size_t *extns_count, uint8_t *key_system)
+{
+ int ret_val;
+ psa_status_t r = PSA_SUCCESS;
+ uint8_t key_type;
+ size_t count, i;
+ psa_tlv_t *current_extn;
+
+ ret_val = split_tlv_static(chain, chain_size, extns_list, MAX_EXTENSIONS, extns_count);
+ if (ret_val != 0) {
+ PSA_ADAC_LOG_ERR("host", "Error parsing trust chain\n");
+ r = PSA_ERROR_GENERIC_ERROR;
+ return r;
+ }
+ count = *extns_count;
+ if (count > MAX_EXTENSIONS) {
+ printf("Error:Extension count exceeded maximum allowed\n");
+ r = PSA_ERROR_NOT_PERMITTED;
+ return r;
+ }
+
+ PSA_ADAC_LOG_INFO("host", "Found %zu certificates\n", count);
+ for (i = 0; i < count; i++) {
+ current_extn = extns_list[i];
+ if ((current_extn)->type_id == 0x0201)
+ key_type = ((certificate_header_t *) current_extn->value)->key_type;
+ }
+ *key_system = key_type;
+ PSA_ADAC_LOG_INFO("host", "Cryptosystem detected: %d\n", key_type);
+ return r;
+}
+
+psa_status_t val_get_private_key(const char *key_file, uint8_t *type, psa_key_handle_t *handle,
+ uint8_t **key_ptr, size_t *size)
+{
+ int ret_val;
+ psa_status_t r = PSA_SUCCESS;
+ uint8_t key_type = *type;
+
+ if (key_file == NULL) {
+ printf("Error:Path not found\n");
+ r = PSA_ERROR_INVALID_ARGUMENT;
+ return r;
+ }
+
+ switch (key_type) {
+ case ECDSA_P256_SHA256:
+ case ECDSA_P521_SHA512:
+ case RSA_3072_SHA256:
+ case RSA_4096_SHA256:
+ case ED_25519_SHA512:
+ case ED_448_SHAKE256:
+ case SM_SM2_SM3:
+ ret_val = import_private_key(key_file, type, handle);
+ if (ret_val != 0) {
+ printf("Error importing private key (%s)\n", key_file);
+ r = PSA_ERROR_GENERIC_ERROR;
+ } else {
+ key_ptr = NULL;
+ size = 0;
+ }
+ break;
+
+ case CMAC_AES:
+ case HMAC_SHA256:
+ ret_val = load_secret_key(key_file, key_type, key_ptr, size);
+ if (ret_val != 0) {
+ printf("Error importing secret key (%s)\n", key_file);
+ r = PSA_ERROR_GENERIC_ERROR;
+ } else {
+ handle = NULL;
+ }
+ break;
+
+ default:
+ printf("Error: unsupported key type (0x%x)\n", key_type);
+ r = PSA_ERROR_NOT_SUPPORTED;
+ }
+ return r;
+}
+
+request_packet_t *val_construct_command(uint16_t cmd_type, uint8_t *data, size_t data_size)
+{
+ request_packet_t *packet = NULL;
+
+ switch (cmd_type) {
+ case SDP_RESUME_BOOT_CMD:
+ case SDP_LOCK_DEBUG_CMD:
+ case SDP_DISCOVERY_CMD:
+ case SDP_AUTH_START_CMD:
+ packet = request_packet_build(cmd_type, NULL, 0);
+ break;
+ case SDP_AUTH_RESPONSE_CMD:
+ if (data == NULL || data_size == 0) {
+ printf("Error: No payload specified\n");
+ break;
+ }
+ packet = request_packet_build((uint16_t)cmd_type, data, data_size);
+ break;
+ default:
+ //TO DO: Callback for vendor specific command construction
+ printf("Error: Unrecognized command. ID=(0x%x)\n", cmd_type);
+ }
+ return packet;
+}
+
+psa_status_t val_issue_command(uint32_t command, request_packet_t *packet,
+ uint8_t *data, size_t data_size)
+{
+ int ret_val;
+ psa_status_t r = PSA_SUCCESS;
+
+ packet = val_construct_command((uint16_t)command, data, data_size);
+
+ if (packet == NULL) {
+ printf("Command construction failed\n");
+ r = PSA_ERROR_GENERIC_ERROR;
+ return r;
+ }
+
+ switch (command) {
+ case SDP_DISCOVERY_CMD:
+ printf("Sending discovery request\n");
+ break;
+ case SDP_AUTH_START_CMD:
+ printf("Sending challenge request\n");
+ break;
+ case SDP_AUTH_RESPONSE_CMD:
+ printf("Sending authentication response\n");
+ break;
+ case SDP_RESUME_BOOT_CMD:
+ printf("Sending close session command\n");
+ break;
+ case SDP_LOCK_DEBUG_CMD:
+ printf("Sending lock debug request\n");
+ default:
+ //TO DO: Vendor specific message
+ printf("Error: Unrecognized command. ID=(0x%x)\n", command);
+ r = PSA_ERROR_NOT_SUPPORTED;
+ }
+ ret_val = request_packet_send(packet);
+ if (ret_val < 0)
+ r = PSA_ERROR_GENERIC_ERROR;
+
+ request_packet_release(packet);
+ return r;
+}
+
+response_packet_t *val_await_response(void)
+{
+ return response_packet_receive();
+}
+
+psa_status_t val_parse_response(uint32_t command, response_packet_t *packet)
+{
+ int ret_val;
+ psa_status_t r = PSA_SUCCESS;
+ size_t i;
+ psa_tlv_t *tlv;
+ psa_auth_challenge_t *challenge;
+
+ if (packet == NULL) {
+ printf("Error: Target response not obtained\n");
+ r = PSA_ERROR_COMMUNICATION_FAILURE;
+ return r;
+ }
+
+ switch (command) {
+ case SDP_DISCOVERY_CMD:
+ printf("Receiving discovery response...\n");
+ for (i = 0; (i + 4) < (packet->data_count * 4);) {
+ tlv = (psa_tlv_t *) (((uint8_t *)packet->data) + i);
+ i += sizeof(psa_tlv_t) + tlv->length_in_bytes;
+ }
+ break;
+ case SDP_AUTH_START_CMD:
+ printf("Receiving challenge\n");
+ printf("status = 0x%04x, data_count = %d\n", packet->status, packet->data_count);
+ if (packet->data_count * 4 != sizeof(psa_auth_challenge_t)) {
+ r = PSA_ERROR_GENERIC_ERROR;
+ return r;
+ }
+ challenge = (psa_auth_challenge_t *) packet->data;
+ PSA_ADAC_LOG_DUMP("host", "challenge", challenge->challenge_vector,
+ sizeof(challenge->challenge_vector));
+ break;
+ case SDP_AUTH_RESPONSE_CMD:
+ case SDP_RESUME_BOOT_CMD:
+ case SDP_LOCK_DEBUG_CMD:
+ printf("status = 0x%04x, data_count = %d\n", packet->status, packet->data_count);
+ break;
+ default:
+ r = PSA_ERROR_NOT_SUPPORTED;
+ }
+ return r;
+}
+
+psa_status_t val_sign_token(uint8_t challenge[], size_t challenge_size, uint8_t signature_type,
+ uint8_t exts[], size_t exts_size, uint8_t *fragment[],
+ size_t *fragment_size, psa_key_handle_t handle,
+ uint8_t *key, size_t key_size)
+{
+ psa_status_t r;
+
+ r = psa_adac_sign_token(challenge, challenge_size, signature_type, exts, exts_size,
+ fragment, fragment_size, handle, key, key_size);
+ if (r == PSA_SUCCESS) {
+ PSA_ADAC_LOG_DUMP("host", "token", *fragment, *fragment_size);
+ } else {
+ PSA_ADAC_LOG_ERR("host", "Error signing token\n");
+ r = PSA_ERROR_GENERIC_ERROR;
+ }
+ return r;
+}
+
+psa_status_t val_send_certificate(psa_tlv_t **extns_list, size_t extns_count)
+{
+ request_packet_t *request;
+ response_packet_t *response;
+ psa_status_t r;
+ uint8_t *payload;
+ size_t i, payload_size;
+ psa_tlv_t *current_extn;
+
+ for (size_t i = 0; i < extns_count; i++) {
+ current_extn = extns_list[i];
+ if (current_extn->type_id == 0x0201) {
+ payload = (uint8_t *)current_extn;
+ payload_size = current_extn->length_in_bytes + sizeof(psa_tlv_t);
+
+ printf("Sending Certificate\n");
+ r = val_issue_command(SDP_AUTH_RESPONSE_CMD, request, payload, payload_size);
+ if (r != PSA_SUCCESS)
+ return r;
+
+ printf("Receiving token_authentication response\n");
+ response = val_await_response();
+ r = val_parse_response(SDP_AUTH_RESPONSE_CMD, response);
+ if (r != PSA_SUCCESS)
+ return r;
+
+ if (response->status == SDP_NEED_MORE_DATA)
+ response_packet_release(response);
+ }
+ }
+ if (response->status != SDP_NEED_MORE_DATA) {
+ PSA_ADAC_LOG_ERR("host", "Unexpected response status %x\n", response->status);
+ r = PSA_ERROR_GENERIC_ERROR;
+ return r;
+ }
+ response_packet_release(response);
+ return r;
+}
+
+int val_check_cryptosystem_support(response_packet_t *packet, uint8_t key_system)
+{
+ int found = 0, j;
+ size_t i = 0;
+ psa_tlv_t *tlv;
+ uint8_t *key_support_types = NULL;
+
+ while ((i + 4) < (packet->data_count * 4)) {
+ tlv = (psa_tlv_t *) (((uint8_t *)packet->data) + i);
+ if (tlv->type_id == 0x0102) {
+ key_support_types = tlv->value;
+ for (j = 0; j < (tlv->length_in_bytes); j++) {
+ if (*(key_support_types+j) == key_system) {
+ found = 1;
+ break;
+ }
+ }
+ }
+ i += sizeof(psa_tlv_t) + tlv->length_in_bytes;
+ }
+
+ if (key_support_types == NULL)
+ printf("Cryptosystem Type ID not found in target's response\n");
+ else if (!found)
+ printf("Cryptosystem not supported by target\n");
+ else
+ printf("Cryptosystem supported by target\n");
+
+ return found;
+}
diff --git a/secure-debug/val/src/val_dispatcher.c b/secure-debug/val/src/val_dispatcher.c
new file mode 100644
index 0000000..86426cc
--- /dev/null
+++ b/secure-debug/val/src/val_dispatcher.c
@@ -0,0 +1,222 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_framework.h"
+#include "val_dispatcher.h"
+#include "val_interfaces.h"
+#include "val_peripherals.h"
+
+
+extern val_api_t val_api;
+
+/* gloabls */
+addr_t g_test_info_addr;
+
+/**
+ @brief - This function prints PSA_{SUITE}_API_VERSION_MAJOR
+ PSA_{SUITE}_API_VERSION_MINOR details.
+ @param - None
+ @return - None
+**/
+static void val_print_api_version(void)
+{
+#ifdef CRYPTO
+ val_print(PRINT_ALWAYS, " %d.", PSA_CRYPTO_API_VERSION_MAJOR);
+ val_print(PRINT_ALWAYS, "%d", PSA_CRYPTO_API_VERSION_MINOR);
+#endif
+#ifdef INTERNAL_TRUSTED_STORAGE
+ val_print(PRINT_ALWAYS, " %d.", PSA_ITS_API_VERSION_MAJOR);
+ val_print(PRINT_ALWAYS, "%d", PSA_ITS_API_VERSION_MINOR);
+#endif
+#ifdef PROTECTED_STORAGE
+ val_print(PRINT_ALWAYS, " %d.", PSA_PS_API_VERSION_MAJOR);
+ val_print(PRINT_ALWAYS, "%d", PSA_PS_API_VERSION_MINOR);
+#endif
+#ifdef STORAGE
+ val_print(PRINT_ALWAYS, " ITS %d.", PSA_ITS_API_VERSION_MAJOR);
+ val_print(PRINT_ALWAYS, "%d", PSA_ITS_API_VERSION_MINOR);
+ val_print(PRINT_ALWAYS, " and PS %d.", PSA_PS_API_VERSION_MAJOR);
+ val_print(PRINT_ALWAYS, "%d", PSA_PS_API_VERSION_MINOR);
+#endif
+#ifdef INITIAL_ATTESTATION
+ val_print(PRINT_ALWAYS, " %d.", PSA_INITIAL_ATTEST_API_VERSION_MAJOR);
+ val_print(PRINT_ALWAYS, "%d", PSA_INITIAL_ATTEST_API_VERSION_MINOR);
+#endif
+}
+
+/**
+ @brief - This function reads the test ELFs from RAM or secondary storage and loads into
+ system memory
+ @param - test_id : Returns the current test ID
+ - test_id_prev : Previous test ID.
+ @return - Error code
+**/
+val_status_t val_test_load(test_id_t *test_id, test_id_t test_id_prev)
+{
+ int i;
+ val_test_info_t test_list[] = {
+#include "test_entry_list.inc"
+ {VAL_INVALID_TEST_ID, NULL}
+ };
+
+ for (i = 0; i < (int)(sizeof(test_list)/sizeof(test_list[0])); i++)
+ {
+ if (test_id_prev == VAL_INVALID_TEST_ID)
+ {
+ *test_id = test_list[i].test_id;
+ g_test_info_addr = (addr_t) test_list[i].entry_addr;
+ return VAL_STATUS_SUCCESS;
+ }
+ else if (test_id_prev == test_list[i].test_id)
+ {
+ *test_id = test_list[i+1].test_id;
+ g_test_info_addr = (addr_t) test_list[i+1].entry_addr;
+ return VAL_STATUS_SUCCESS;
+ }
+ else if (test_list[i].test_id == VAL_INVALID_TEST_ID)
+ {
+ val_print(PRINT_DEBUG, "\n\nNo more valid tests found. Exiting.", 0);
+ *test_id = VAL_INVALID_TEST_ID;
+ return VAL_STATUS_SUCCESS;
+ }
+ }
+
+ *test_id = VAL_INVALID_TEST_ID;
+ val_print(PRINT_ERROR, "\n\nError: No more valid tests found. Exiting.", 0);
+ return VAL_STATUS_LOAD_ERROR;
+}
+
+/**
+ @brief - This function reads the function pointer addresses for
+ test_entry
+ @param - paddr : Returns the Test function address
+ @return - Returns val_status_t
+**/
+val_status_t val_get_test_entry_addr(addr_t *paddr)
+{
+ *paddr = g_test_info_addr;
+ return VAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - Execute the function pointer which was given to us by the test
+ @param - void
+**/
+void val_execute_test_fn(void)
+{
+ test_fptr_t fn_ptr;
+ addr_t addr;
+
+ val_get_test_entry_addr(&addr);
+ fn_ptr = (test_fptr_t)addr;
+ fn_ptr(&val_api);
+ return;
+}
+
+/*
+ @brief - Reads the pre-defined component name against given test_id
+ @param - test_id : Current Test ID
+ @return - Component name
+*/
+char *val_get_comp_name(test_id_t test_id)
+{
+ switch (VAL_GET_COMP_NUM(test_id))
+ {
+ case VAL_SECURE_DEBUG_BASE:
+ return "Secure Debug Suite";
+ default:
+ return "Unknown Suite";
+ }
+}
+
+/**
+ @brief - This function is responsible for setting up VAL infrastructure.
+ Loads test one by one from combine binary and calls test_entry
+ function of each test image.
+ @return - 0 if success Or error code for the failure.
+**/
+int32_t val_dispatcher(test_id_t test_id_prev)
+{
+
+ test_id_t test_id;
+ val_status_t status;
+ boot_t boot;
+ test_count_t test_count = {0,};
+ uint32_t test_result;
+
+ do
+ {
+ status = val_test_load(&test_id, test_id_prev);
+
+ if (VAL_ERROR(status))
+ {
+ return status;
+ }
+ else if (test_id == VAL_INVALID_TEST_ID)
+ {
+ break;
+ }
+ if (VAL_GET_COMP_NUM(test_id_prev) != VAL_GET_COMP_NUM(test_id))
+ {
+ val_print(PRINT_ALWAYS, "\nRunning.. ", 0);
+ val_print(PRINT_ALWAYS, val_get_comp_name(test_id), 0);
+ val_print(PRINT_ALWAYS, "\n******************************\n", 0);
+ }
+
+ val_execute_test_fn();
+
+ test_result = val_report_status();
+
+ switch (test_result)
+ {
+ case TEST_PASS:
+ test_count.pass_cnt += 1;
+ break;
+ case TEST_FAIL:
+ test_count.fail_cnt += 1;
+ break;
+ case TEST_SKIP:
+ test_count.skip_cnt += 1;
+ break;
+ case TEST_PENDING:
+ test_count.sim_error_cnt += 1;
+ break;
+ }
+
+ test_id_prev = test_id;
+ } while (1);
+
+ val_print(PRINT_ALWAYS, "\n************ ", 0);
+ val_print(PRINT_ALWAYS, val_get_comp_name(test_id_prev), 0);
+ val_print(PRINT_ALWAYS, " Report **********\n", 0);
+ val_print(PRINT_ALWAYS, "TOTAL TESTS : %d\n", test_count.pass_cnt + test_count.fail_cnt
+ + test_count.skip_cnt + test_count.sim_error_cnt);
+ val_print(PRINT_ALWAYS, "TOTAL PASSED : %d\n", test_count.pass_cnt);
+ val_print(PRINT_ALWAYS, "TOTAL SIM ERROR : %d\n", test_count.sim_error_cnt);
+ val_print(PRINT_ALWAYS, "TOTAL FAILED : %d\n", test_count.fail_cnt);
+ val_print(PRINT_ALWAYS, "TOTAL SKIPPED : %d\n", test_count.skip_cnt);
+ val_print(PRINT_ALWAYS, "******************************************\n", 0);
+
+ return (test_count.fail_cnt > 0) ? VAL_STATUS_TEST_FAILED : VAL_STATUS_SUCCESS;
+}
+
+
+
+
+
+
+
diff --git a/secure-debug/val/src/val_entry.c b/secure-debug/val/src/val_entry.c
new file mode 100644
index 0000000..1d13bcb
--- /dev/null
+++ b/secure-debug/val/src/val_entry.c
@@ -0,0 +1,64 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_entry.h"
+#include "val_framework.h"
+#include "val_peripherals.h"
+#include "val_dispatcher.h"
+
+int32_t val_entry(void);
+
+/**
+ @brief - PSA C main function, does VAL init and calls test dispatcher
+ @param - None
+ @return - status - error code
+**/
+int32_t val_entry(void)
+{
+ test_id_t test_id = VAL_INVALID_TEST_ID;
+ int32_t status;
+
+ status = val_logger_init();
+ if (VAL_ERROR(status))
+ {
+ goto exit;
+ }
+
+ /* Compliance header print */
+ if (test_id == VAL_INVALID_TEST_ID)
+ {
+ val_print(PRINT_ALWAYS, "\n***** PSA Architecture Test Suite - Version %d.",
+ PSA_ACS_MAJOR_VER);
+ val_print(PRINT_ALWAYS, "%d *****\n", PSA_ACS_MINOR_VER);
+ }
+
+ /* Call dispatcher routine*/
+ status = val_dispatcher(test_id);
+
+exit:
+ val_print(PRINT_ALWAYS, "\nEntering standby.. \n", 0);
+
+ pal_terminate_simulation();
+
+ return status;
+}
+
+//int main()
+//{
+// val_entry();
+// return 0;
+//}
diff --git a/secure-debug/val/src/val_framework.c b/secure-debug/val/src/val_framework.c
new file mode 100644
index 0000000..2a700b4
--- /dev/null
+++ b/secure-debug/val/src/val_framework.c
@@ -0,0 +1,172 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_framework.h"
+#include "val_interfaces.h"
+#include "val_dispatcher.h"
+#include "val_peripherals.h"
+#include "pal_interfaces.h"
+
+
+extern val_api_t val_api;
+
+
+/* globals */
+test_status_buffer_t g_status_buffer;
+
+/**
+ @brief - Parses input status for a given test and
+ outputs appropriate information on the console
+ @return - Test state
+**/
+uint32_t val_report_status(void)
+{
+ uint32_t status, state;
+
+ status = val_get_status();
+
+ state = (status >> TEST_STATE_BIT) & TEST_STATE_MASK;
+ status = status & TEST_STATUS_MASK;
+
+ switch (state)
+ {
+ case TEST_START:
+ state = TEST_FAIL;
+ val_print(PRINT_ALWAYS, "\nTEST RESULT: FAILED (Error Code=0x%x)\n",
+ VAL_STATUS_INIT_FAILED);
+ break;
+
+ case TEST_END:
+ state = TEST_PASS;
+ val_print(PRINT_ALWAYS, "\nTEST RESULT: PASSED\n", 0);
+ break;
+
+ case TEST_FAIL:
+ val_print(PRINT_ALWAYS, "\nTEST RESULT: FAILED (Error Code=0x%x)\n", status);
+ break;
+
+ case TEST_SKIP:
+ state = TEST_SKIP;
+ val_print(PRINT_ALWAYS, "\nTEST RESULT: SKIPPED (Skip Code=0x%x)\n", status);
+ break;
+
+ case TEST_PENDING:
+ val_print(PRINT_ALWAYS, "\nTEST RESULT: SIM ERROR (Error Code=0x%x)\n", status);
+ break;
+
+ default:
+ state = TEST_FAIL;
+ val_print(PRINT_ALWAYS, "\nTEST RESULT: FAILED(Error Code=0x%x)\n", VAL_STATUS_INVALID);
+ break;
+
+ }
+
+ val_print(PRINT_ALWAYS, "\n******************************************\n", 0);
+ return state;
+}
+
+/**
+ @brief - Records the state and status of test
+ @return - val_status_t
+**/
+val_status_t val_set_status(uint32_t status)
+{
+ g_status_buffer.state = ((status >> TEST_STATE_BIT) & TEST_STATE_MASK);
+ g_status_buffer.status = (status & TEST_STATUS_MASK);
+
+ return VAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - Updates the state and status for a given test
+ @return - test status
+**/
+uint32_t val_get_status(void)
+{
+ return ((g_status_buffer.state) << TEST_STATE_BIT) | (g_status_buffer.status);
+}
+
+/*
+ @brief - This function checks if the input status argument is an error.
+ On error, we print the checkpoint value and set the status.
+ @param - checkpoint : Test debug checkpoint
+ - val_status_t : Test status
+ @return - returns the input status back to the program.
+*/
+
+val_status_t val_err_check_set(uint32_t checkpoint, val_status_t status)
+{
+ if (VAL_ERROR(status)) {
+ val_print(PRINT_ERROR, "\tCheckpoint %d : ", checkpoint);
+ val_print(PRINT_ERROR, "Error Code=0x%x \n", status);
+ val_set_status(RESULT_FAIL(status));
+ } else {
+ status = (val_get_status() & TEST_STATUS_MASK);
+ if (VAL_ERROR(status)) {
+ val_print(PRINT_ERROR, "\tCheckpoint %d : ", checkpoint);
+ val_print(PRINT_ERROR, "Error Code=0x%x \n", status);
+ } else {
+ val_print(PRINT_DEBUG, "\tCheckpoint %d \n", checkpoint);
+ }
+ }
+ return status;
+}
+
+/**
+ @brief This API prints the test number, description and
+ sets the test state to TEST_START on successful execution.
+ @param test_num :unique number identifying this test
+ @param desc :brief description of the test
+ @param test_bitfield :Addition test info such as
+ - test isolation level requirement
+ - Watchdog timeout type
+ @return void
+**/
+
+void val_test_init(uint32_t test_num, char8_t *desc)
+{
+ val_status_t status = VAL_STATUS_SUCCESS;
+
+ /*global init*/
+ g_status_buffer.state = TEST_FAIL;
+ g_status_buffer.status = VAL_STATUS_INVALID;
+
+ val_print(PRINT_ALWAYS, "\nTEST: %d | DESCRIPTION: ", test_num);
+ val_print(PRINT_ALWAYS, desc, 0);
+
+ val_set_status(RESULT_START(status));
+ return;
+}
+
+/**
+ @brief This API sets the test state to TEST_END if test is successfully passed.
+ @param none
+ @return none
+**/
+
+void val_test_exit(void)
+{
+ val_status_t status = VAL_STATUS_SUCCESS;
+
+ status = val_get_status();
+
+ /* return if test skipped or failed */
+ if (IS_TEST_FAIL(status) || IS_TEST_SKIP(status))
+ return;
+ else
+ val_set_status(RESULT_END(VAL_STATUS_SUCCESS));
+}
diff --git a/secure-debug/val/src/val_interfaces.c b/secure-debug/val/src/val_interfaces.c
new file mode 100644
index 0000000..63c041d
--- /dev/null
+++ b/secure-debug/val/src/val_interfaces.c
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "val_framework.h"
+#include "val_interfaces.h"
+#include "val_peripherals.h"
+
+/*VAL APIs to be used by test */
+const val_api_t val_api = {
+ .print = val_print,
+ .set_status = val_set_status,
+ .get_status = val_get_status,
+ .test_init = val_test_init,
+ .test_exit = val_test_exit,
+ .err_check_set = val_err_check_set,
+};
+
diff --git a/secure-debug/val/src/val_peripherals.c b/secure-debug/val/src/val_peripherals.c
new file mode 100644
index 0000000..e804485
--- /dev/null
+++ b/secure-debug/val/src/val_peripherals.c
@@ -0,0 +1,55 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_peripherals.h"
+#include "pal_interfaces.h"
+#include "val_framework.h"
+
+/* Global */
+uint32_t is_logger_init_done = 0;
+
+/*
+ @brief - Initialize UART.
+ This is client interface API of secure partition UART INIT API.
+ @param - None
+ @return - val_status_t
+*/
+val_status_t val_logger_init(void)
+{
+ is_logger_init_done = 1;
+ return VAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - Print module. This is client interface API of secure partition
+ val_print_sf API for nspe world
+ @param - verbosity: Print verbosity level
+ - string : Input string
+ - data : Value for format specifier
+ @return - val_status_t
+**/
+val_status_t val_print(print_verbosity_t verbosity, const char *string, int32_t data)
+{
+ if ((is_logger_init_done == 0) && (verbosity < VERBOSE))
+ {
+ return VAL_STATUS_SUCCESS;
+ }
+ return pal_print(string, data);
+}
+
+
+
diff --git a/secure-debug/val/val.cmake b/secure-debug/val/val.cmake
new file mode 100644
index 0000000..665db48
--- /dev/null
+++ b/secure-debug/val/val.cmake
@@ -0,0 +1,42 @@
+#/** @file
+# * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+if(NOT DEFINED PSA_ADAC_ROOT)
+ get_filename_component(PSA_ADAC_ROOT ${CMAKE_SOURCE_DIR}/psa-adac ABSOLUTE)
+endif()
+
+# Listing all the sources from val
+list(APPEND VAL_SRC_C
+ ${CMAKE_SOURCE_DIR}/val/src/val_entry.c
+ ${CMAKE_SOURCE_DIR}/val/src/val_adac.c
+ ${CMAKE_SOURCE_DIR}/val/src/val_dispatcher.c
+ ${CMAKE_SOURCE_DIR}/val/src/val_framework.c
+ ${CMAKE_SOURCE_DIR}/val/src/val_interfaces.c
+ ${CMAKE_SOURCE_DIR}/val/src/val_peripherals.c
+)
+
+# Create VAL library
+add_library(${ADAC_HOST_VAL_LIB} STATIC ${VAL_SRC_C})
+
+target_include_directories(${ADAC_HOST_VAL_LIB} PRIVATE
+ ${CMAKE_SOURCE_DIR}/val/include
+ ${CMAKE_BINARY_DIR}
+ ${PSA_ADAC_ROOT}/psa-adac/core/include
+ ${PSA_ADAC_ROOT}/psa-adac/sdm/include
+ )
+
+target_link_libraries(${ADAC_HOST_VAL_LIB} mbedcrypto)